[go: up one dir, main page]

CN103916372A - Third-party login information hosting method and system - Google Patents

Third-party login information hosting method and system Download PDF

Info

Publication number
CN103916372A
CN103916372A CN201310004402.4A CN201310004402A CN103916372A CN 103916372 A CN103916372 A CN 103916372A CN 201310004402 A CN201310004402 A CN 201310004402A CN 103916372 A CN103916372 A CN 103916372A
Authority
CN
China
Prior art keywords
party
hosting
login information
client
url
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201310004402.4A
Other languages
Chinese (zh)
Other versions
CN103916372B (en
Inventor
张飞
鲁志军
尹亚伟
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Unionpay Co Ltd
Original Assignee
China Unionpay Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Unionpay Co Ltd filed Critical China Unionpay Co Ltd
Priority to CN201310004402.4A priority Critical patent/CN103916372B/en
Publication of CN103916372A publication Critical patent/CN103916372A/en
Application granted granted Critical
Publication of CN103916372B publication Critical patent/CN103916372B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Landscapes

  • Storage Device Security (AREA)
  • Computer And Data Communications (AREA)

Abstract

本发明公开一种第三方登录信息托管方法和系统。该方法包括以下步骤:A.在托管服务器进行注册,其中,通过托管客户端产生用于托管服务器的用户名和密码,B.在托管客户端使用用户名和密码登录托管服务器,其中,登录成功后,由托管服务器向托管客户端返回第三方URL密文,C.利用第三方登录信息登录第三方URL,其中,通过第三方URL密文从托管服务器获得第三方登录信息密文和第三方登录信息的解密算法,以及利用第三方登录信息的解密算法解密第三方登录信息密文得到第三方登录信息,从而登录第三方URL。

The invention discloses a third-party login information trusteeship method and system. The method comprises the following steps: A. registering at the hosting server, wherein, the hosting client generates a user name and password for the hosting server, B. using the user name and password to log in the hosting server at the hosting client, wherein, after the login is successful, The hosting server returns the third-party URL ciphertext to the hosting client. C. Use the third-party login information to log in to the third-party URL, where the third-party login information ciphertext and the third-party login information are obtained from the hosting server through the third-party URL ciphertext The decryption algorithm, and the decryption algorithm using the third-party login information to decrypt the ciphertext of the third-party login information to obtain the third-party login information, so as to log in to the third-party URL.

Description

一种第三方登录信息托管方法和系统A third-party login information hosting method and system

技术领域 technical field

本发明涉及互联网用户登录技术,并且尤其涉及一种第三方登录信息托管方法和系统。 The invention relates to Internet user login technology, and in particular to a third-party login information trusteeship method and system.

背景技术 Background technique

随着互联网的发展,独立网站的数量越来越多,用户在使用不同的网站(例如,电商)提供个性化服务时都需要进行登录验证。众多登录信息的保存和使用对用户带来了极大的不便,验证影响到用户的使用体验。为此,不同的网站采取了不同的解决方案,比如使用第三方认证登录或者使用OpenID登录。但是这两种方案都存在着一定的风险和不足。 With the development of the Internet, the number of independent websites is increasing, and users need to perform login verification when using different websites (for example, e-commerce) to provide personalized services. The storage and use of many login information brings great inconvenience to the user, and the verification affects the user experience. To this end, different websites have adopted different solutions, such as using third-party authentication to log in or using OpenID to log in. But there are certain risks and deficiencies in these two schemes.

对于第三方认证登录,例如以京东商城为代表的联合登录,让用户使用自己最熟悉的登录平台来做用户登录信息验证和用户个性化信息保存,从而给用户提供个性化服务。 For third-party authentication login, such as the joint login represented by JD.com, users can use the login platform they are most familiar with to verify user login information and save user personalized information, so as to provide users with personalized services.

但是这种方式存在以下缺点: But this method has the following disadvantages:

1. 容易受制于所使用的联合登录提供商的第三方登录系统,没有独立帐号密码,不利于二次扩展。 1. It is easy to be subject to the third-party login system of the joint login provider used. There is no independent account password, which is not conducive to secondary expansion.

2. 恶意网站可以通过伪造联合登录提供商的第三方登录入口来进行非法活动。 2. Malicious websites can carry out illegal activities by forging third-party login entries of joint login providers.

3. 容易受第三方系统的健壮性影响,例如当联合登录提供商的第三方登录系统出现问题时,将影响用户的正常登录。 3. It is easily affected by the robustness of the third-party system. For example, when there is a problem with the third-party login system of the joint login provider, it will affect the normal login of the user.

对于使用OpenID登录,在这种方案中用户都会被强制的分配给一个唯一的ID用此来做网上的唯一标识符来进行网络活动,使用统一的OpenID认证。 For OpenID login, in this scheme, users will be forced to be assigned a unique ID, which is used as a unique identifier on the Internet to carry out network activities, and unified OpenID authentication is used.

但是这种方式存在以下缺点: But this method has the following disadvantages:

1. 不适用于实名制的垂直行业应用,会引起信息泄露。 1. It is not suitable for vertical industry applications with real-name registration, which will cause information leakage.

2. 任何人都可以建立一个网站提供OpenID验证服务,而网站性能参差不齐,导致OpenID的验证过程不稳定。 2. Anyone can set up a website to provide OpenID verification service, but the performance of the website is uneven, which makes the verification process of OpenID unstable.

3. 如果提供OpenID验证服务的网站突然关闭的话,可能会导致大量用户无法使用多个网站的服务。 3. If the website that provides the OpenID verification service is suddenly closed, a large number of users may not be able to use the services of multiple websites.

因此需要一种全新的安全的第三方登录信息托管方法和系统来解决上述两种方案的风险和不足。 Therefore, a brand-new safe third-party login information hosting method and system is needed to solve the risks and deficiencies of the above two solutions.

发明内容 Contents of the invention

根据本发明的一个目的,公开一种第三方登录信息托管方法,包括以下步骤: According to an object of the present invention, a third-party login information hosting method is disclosed, comprising the following steps:

A. 在托管服务器进行注册, A. Register with the hosting server,

其中,通过托管客户端产生用于托管服务器的用户名和密码, where the username and password for the hosting server are generated by the hosting client,

B. 在托管客户端使用用户名和密码登录托管服务器, B. Use the username and password to log in to the hosting server on the hosting client,

其中,登录成功后,由托管服务器向托管客户端返回第三方URL密文, Among them, after the login is successful, the hosting server returns the third-party URL ciphertext to the hosting client,

C. 利用第三方登录信息登录第三方URL, C. Use the third-party login information to log in to the third-party URL,

其中,通过第三方URL密文从托管服务器获得第三方登录信息密文和第三方登录信息的解密算法,以及 Wherein, the third-party login information ciphertext and the decryption algorithm of the third-party login information are obtained from the hosting server through the third-party URL ciphertext, and

利用第三方登录信息的解密算法解密第三方登录信息密文得到第三方登录信息,从而登录第三方URL。 Use the decryption algorithm of the third-party login information to decrypt the ciphertext of the third-party login information to obtain the third-party login information, so as to log in to the third-party URL.

根据本发明的另一个技术方案: According to another technical scheme of the present invention:

在步骤A中: In step A:

利用托管客户端对用于托管服务器的用户名和密码进行转换,使得托管服务器仅保存经转换的登录托管服务器的用户名和密码, Use the hosting client to convert the username and password for the hosting server, so that the hosting server only saves the converted username and password for logging in to the hosting server,

在步骤B中: In step B:

利用托管客户端使用用户名和密码产生经转换的用户名和密码来登录托管服务器。 The user name and password are generated using the managed client to log into the managed server by generating a converted user name and password.

根据本发明的另一个技术方案: According to another technical scheme of the present invention:

在步骤A中,对用于托管服务器的用户名和密码进行MD5摘要。 In step A, do an MD5 digest of the username and password used for hosting the server.

根据本发明的另一个技术方案: According to another technical scheme of the present invention:

在步骤B中: In step B:

进一步由托管服务器向托管客户端返回第三方URL解密算法, Further, the hosting server returns the third-party URL decryption algorithm to the hosting client,

托管客户端利用第三方URL解密算法解密第三方URL密文产生第三方URL。 The hosting client uses the third-party URL decryption algorithm to decrypt the ciphertext of the third-party URL to generate a third-party URL.

根据本发明的另一个技术方案: According to another technical scheme of the present invention:

产生的第三方URL以列表的形式被显示在托管客户端。 The generated third-party URLs are displayed on the hosting client in the form of a list.

根据本发明的另一个技术方案: According to another technical scheme of the present invention:

该方法进一步包括步骤D,用来产生保存在托管服务器中的第三方URL密文和第三方登录信息密文,其中,第三方登录信息是用于登录第三方URL的用户名和密码,其中, The method further includes step D, which is used to generate third-party URL ciphertext and third-party login information ciphertext stored in the hosting server, wherein the third-party login information is a user name and password for logging into the third-party URL, wherein,

步骤D包括: Step D includes:

由托管服务器向托管客户端返回第三方URL加密算法, The hosting server returns the third-party URL encryption algorithm to the hosting client,

在托管客户端输入需要托管的第三方URL和第三方登录信息, Enter the third-party URL and third-party login information to be hosted on the hosting client,

利用第三方URL加密算法加密第三方URL,将第三方URL密文发送到托管服务器, Use the third-party URL encryption algorithm to encrypt the third-party URL, and send the third-party URL ciphertext to the hosting server,

托管服务器根据该第三方URL密文,向托管客户端返回用于第三方登录信息的第一加密算法, The hosting server returns the first encryption algorithm used for third-party login information to the hosting client according to the third-party URL ciphertext,

在托管客户端利用用于第三方登录信息的第一加密算法加密第三方登录信息,并且将第三方登录信息密文发送到托管服务器。 The third-party login information is encrypted with the first encryption algorithm used for the third-party login information on the hosting client, and the ciphertext of the third-party login information is sent to the hosting server.

根据本发明的另一个技术方案: According to another technical scheme of the present invention:

用于托管服务器的用户名和/或密码作为加解密算法的对称密钥。 Username and/or password for hosting server as symmetric key for encryption and decryption algorithms.

根据本发明的另一个技术方案: According to another technical scheme of the present invention:

在步骤C中, In step C,

进一步从托管服务器获得第三方登录信息的第二加密算法,以及 further obtain a second encryption algorithm for third-party login information from the hosting server, and

在托管客户端利用用于第三方登录信息的第二加密算法加密第三方登录信息,并且将第三方登录信息密文发送到托管服务器。 Encrypt the third-party login information with the second encryption algorithm used for the third-party login information on the hosting client, and send the ciphertext of the third-party login information to the hosting server.

根据本发明的另一个目的,公开一种第三方登录信息托管系统,包括托管客户端和托管服务器,其中, According to another object of the present invention, a third-party login information escrow system is disclosed, including a escrow client and a escrow server, wherein,

托管服务器用于进行注册, hosting server for registration,

其中,托管客户端产生用于托管服务器的用户名和密码, where the hosting client generates a username and password for the hosting server,

托管客户端使用用户名和密码登录托管服务器, The managed client logs into the managed server with a username and password,

其中,登录成功后,托管服务器向托管客户端返回第三方URL密文, Among them, after the login is successful, the hosting server returns the third-party URL ciphertext to the hosting client,

托管客户端利用第三方登录信息登录第三方URL, The hosted client logs into the third-party URL with the third-party login information,

其中,托管客户端通过第三方URL密文从托管服务器获得第三方登录信息密文和第三方登录信息的解密算法,以及利用第三方登录信息的解密算法解密第三方登录信息密文得到第三方登录信息,从而登录第三方URL。 Among them, the hosting client obtains the ciphertext of the third-party login information and the decryption algorithm of the third-party login information from the hosting server through the ciphertext of the third-party URL, and uses the decryption algorithm of the third-party login information to decrypt the ciphertext of the third-party login information to obtain the third-party login information. information, thereby logging into the third-party URL.

根据本发明的另一个技术方案: According to another technical scheme of the present invention:

托管客户端进一步配置成对用于托管服务器的用户名和密码进行转换,使得托管服务器仅保存经转换的登录托管服务器的用户名和密码, The hosting client is further configured to transform the username and password for the hosting server such that the hosting server only saves the transformed username and password for logging into the hosting server,

托管客户端进一步配置成使用用户名和密码产生经转换的用户名和密码来登录托管服务器。 The hosting client is further configured to use the username and password to generate a transformed username and password to log into the hosting server.

根据本发明的另一个技术方案: According to another technical scheme of the present invention:

托管客户端进一步配置成对用于托管服务器的用户名和密码进行MD5摘要。 The hosting client is further configured to MD5 digest the username and password for the hosting server.

根据本发明的另一个技术方案: According to another technical scheme of the present invention:

托管服务器被配置成还向托管客户端返回第三方URL解密算法, The hosting server is configured to also return a third-party URL decryption algorithm to the hosting client,

托管客户端被配置成利用第三方URL解密算法解密第三方URL密文产生第三方URL。 The hosted client is configured to decrypt the third-party URL ciphertext using a third-party URL decryption algorithm to generate a third-party URL.

根据本发明的另一个技术方案: According to another technical scheme of the present invention:

产生的第三方URL以列表的形式被显示在托管客户端。 The generated third-party URLs are displayed on the hosting client in the form of a list.

根据本发明的另一个技术方案: According to another technical scheme of the present invention:

托管服务器和托管客户端进一步被配置成通过以下方式产生保存在托管服务器中的第三方URL密文和第三方登录信息密文,其中,第三方登录信息是用于登录第三方URL的用户名和密码,其中, The managed server and the managed client are further configured to generate a third-party URL ciphertext and a third-party login information ciphertext stored in the managed server in the following manner, wherein the third-party login information is a username and password for logging into the third-party URL ,in,

该方式包括: This method includes:

由托管服务器向托管客户端返回第三方URL加密算法, The hosting server returns the third-party URL encryption algorithm to the hosting client,

在托管客户端输入需要托管的第三方URL和第三方登录信息, Enter the third-party URL and third-party login information to be hosted on the hosting client,

利用第三方URL加密算法加密第三方URL,将第三方URL密文发送到托管服务器, Use the third-party URL encryption algorithm to encrypt the third-party URL, and send the third-party URL ciphertext to the hosting server,

托管服务器根据该第三方URL密文,向托管客户端返回用于第三方登录信息的第一加密算法, The hosting server returns the first encryption algorithm used for third-party login information to the hosting client according to the third-party URL ciphertext,

在托管客户端利用用于第三方登录信息的第一加密算法加密第三方登录信息,并且将第三方登录信息密文发送到托管服务器。 The third-party login information is encrypted with the first encryption algorithm used for the third-party login information on the hosting client, and the ciphertext of the third-party login information is sent to the hosting server.

根据本发明的另一个技术方案: According to another technical scheme of the present invention:

用于托管服务器的用户名和/或密码作为加解密算法的对称密钥。 Username and/or password for hosting server as symmetric key for encryption and decryption algorithms.

根据本发明的另一个技术方案: According to another technical scheme of the present invention:

托管客户端被配置成进一步从托管服务器获得第三方登录信息的第二加密算法,以及 the hosted client is configured to further obtain a second encryption algorithm for third-party login information from the hosted server, and

托管客户端被配置成利用用于第三方登录信息的第二加密算法加密第三方登录信息,并且将第三方登录信息密文发送到托管服务器。 The escrow client is configured to encrypt the third-party login information using a second encryption algorithm for the third-party login information, and send the ciphertext of the third-party login information to the escrow server.

本发明的一个优势在于,没有引入任何联合登录提供商的第三方登录系统,所以可以避免联合登录的各种不足。 One advantage of the present invention is that no third-party login system of any federated login provider is introduced, so various disadvantages of federated logins can be avoided.

本发明的一个优势在于,引入了一个OpenID的概念,但是并没有把其作为一个公开的ID进行使用,从而避免了使用现有openID方案中的各种不足。 An advantage of the present invention is that the concept of an OpenID is introduced, but it is not used as a public ID, thereby avoiding various shortcomings in the existing openID scheme.

本发明的一个优势在于,用户在不同的网站使用不同的用户名密码,但是只需要记住托管服务器的用户名和密码即可,起到了给用户提供一个绝密的密码保险柜的作用。 An advantage of the present invention is that users use different usernames and passwords on different websites, but they only need to remember the username and password of the hosting server, thus providing users with a top-secret password safe.

本发明的一个优势在于,托管信息安全,托管方只知道用户注册信息的md5值,无法得知用户的注册名和密码,用户保存的目标网的用户名和密码采用对称加密方式进行加密,托管系统只提供加解密算法而不保存密码。即使托管网站被攻击,也可以做到无用户信息的明文泄漏。 An advantage of the present invention is that the trusteeship information is safe. The trusteeship party only knows the md5 value of the user registration information, but cannot know the user's registration name and password. The user name and password of the target network saved by the user are encrypted by symmetric encryption. Provide encryption and decryption algorithms without saving passwords. Even if the hosting website is attacked, no plaintext leakage of user information can be achieved.

本发明的一个优势在于,加密方式安全,用户的加密信息设置了动态加密策略,加大了密文的猜测难度。 An advantage of the present invention is that the encryption method is safe, and a dynamic encryption strategy is set for the user's encrypted information, which increases the difficulty of guessing the ciphertext.

本发明的一个优势在于,传输安全,本方案中无论是是采用http还是https传输在网上传输的都是密文,不会出现任何明文信息。所以规避在传输过程中用户登录信息被破解的风险。 An advantage of the present invention is that the transmission is safe. In this solution, no matter whether http or https transmission is adopted, the transmission on the Internet is all ciphertext, and no plaintext information will appear. Therefore, avoid the risk of user login information being cracked during transmission.

附图说明 Description of drawings

在参照附图阅读了本发明的具体实施方式以后,本领域技术人员将会更清楚地了解本发明的各个方面。本领域技术人员应当理解的是,这些附图仅仅用于配合具体实施方式说明本发明的技术方案,而并非意在对本发明的保护范围构成限制。其中, Those skilled in the art will understand various aspects of the present invention more clearly after reading the detailed description of the present invention with reference to the accompanying drawings. It should be understood by those skilled in the art that these drawings are only used to describe the technical solution of the present invention in conjunction with the specific implementation, and are not intended to limit the protection scope of the present invention. in,

图1是根据本发明实施例的一种第三方登录信息托管方法的步骤示意图。 Fig. 1 is a schematic diagram of steps of a third-party login information hosting method according to an embodiment of the present invention.

图2是根据本发明实施例的一个用户注册过程的示例的示意图。 Fig. 2 is a schematic diagram of an example of a user registration process according to an embodiment of the present invention.

图3是根据本发明实施例的一个用户登录过程的示例的示意图。 FIG. 3 is a schematic diagram of an example of a user login process according to an embodiment of the present invention.

图4是根据本发明实施例的一个用户使用登录信息的示例的示意图。 Fig. 4 is a schematic diagram of an example of a user using login information according to an embodiment of the present invention.

具体实施方式 Detailed ways

下面参照附图,对本发明的具体实施方式作进一步的详细描述。在下面的描述中,为了解释的目的,陈述许多具体细节以便提供对实施例的一个或多个方面的透彻理解。然而,对于本领域技术人员可以显而易见的是,可以这些具体细节的较少程度来实践各实施例的一个或多个方面。尽管可以仅关于若干实施方式中的一个公开了实施例的特定特征或方面,但可针对任何给定的或特定的应用所期望和有利的那样,这种特征或方面可与其他实施方式的一种或多个其他特征或方面相组合。 The specific implementation manners of the present invention will be described in further detail below with reference to the accompanying drawings. In the following description, for purposes of explanation, numerous specific details are set forth in order to provide a thorough understanding of one or more aspects of the embodiments. It may be apparent, however, to one skilled in the art that one or more aspects of the various embodiments may be practiced with a lesser degree of these specific details. Although a particular feature or aspect of an embodiment may be disclosed with respect to only one of several implementations, such feature or aspect may be disclosed in conjunction with other implementations as may be desired and advantageous for any given or particular application. One or more other features or aspects in combination.

图1是根据本发明实施例的一种第三方登录信息托管方法的步骤示意图。如图所示,一种第三方登录信息托管方法包括以下三个步骤: Fig. 1 is a schematic diagram of steps of a third-party login information hosting method according to an embodiment of the present invention. As shown in the figure, a third-party login information hosting method includes the following three steps:

A. 在托管服务器进行注册。 A. Register with the hosting server.

其中,通过托管客户端产生用于托管服务器的用户名和密码, where the username and password for the hosting server are generated by the hosting client,

B. 在托管客户端使用用户名和密码登录托管服务器。 B. Log in to the hosting server with the username and password on the hosting client.

其中,登录成功后,由托管服务器向托管客户端返回第三方URL密文, Among them, after the login is successful, the hosting server returns the third-party URL ciphertext to the hosting client,

C. 利用第三方登录信息登录第三方URL。 C. Use the third-party login information to log in to the third-party URL.

其中,通过第三方URL密文从托管服务器获得第三方登录信息密文和第三方登录信息的解密算法,以及 Wherein, the third-party login information ciphertext and the decryption algorithm of the third-party login information are obtained from the hosting server through the third-party URL ciphertext, and

利用第三方登录信息的解密算法解密第三方登录信息密文得到第三方登录信息,从而登录第三方URL。 Use the decryption algorithm of the third-party login information to decrypt the ciphertext of the third-party login information to obtain the third-party login information, so as to log in to the third-party URL.

在一个优选实施例中: In a preferred embodiment:

在步骤A中: In step A:

利用托管客户端对用于托管服务器的用户名和密码进行转换,使得托管服务器仅保存经转换的登录托管服务器的用户名和密码。 The user name and password used for the hosting server are converted by using the hosting client, so that the hosting server only saves the converted user name and password for logging in to the hosting server.

在步骤B中: In step B:

利用托管客户端使用用户名和密码产生经转换的用户名和密码来登录托管服务器。 The user name and password are generated using the managed client to log into the managed server by generating a converted user name and password.

在一个优选实施例中,在步骤A中,对用于托管服务器的用户名和密码进行MD5摘要。 In a preferred embodiment, in step A, the username and password for the hosting server are MD5 digested.

现参考图2,图2是根据本发明实施例的一个用户注册过程的示例的示意图。用户在托管客户端填入用户名和密码之后,对用户输入的用户名和用户密码分别进行MD5摘要(也可以选择其他算法,例如sha1等),然后提交生成的用户名MD5值和密码MD5值到作为登录中心的托管务器。接着,再由托管服务器对用户名和密码的MD5值进行查找,如果托管服务器存在重复的用户名MD5值,则在返回注册信息中提示用户注册失败,否则提示用户注册成功。 Referring now to FIG. 2 , FIG. 2 is a schematic diagram of an example of a user registration process according to an embodiment of the present invention. After the user fills in the user name and password on the managed client, the MD5 digest of the user name and user password entered by the user (you can also choose other algorithms, such as sha1, etc.), and then submit the generated user name MD5 value and password MD5 value to as Login to the hosting server of the center. Then, the hosting server searches for the MD5 value of the username and password. If there is a duplicate username MD5 value in the hosting server, it will prompt the user to register failed in the returned registration information, otherwise prompt the user to register successfully.

在一个优选实施例中: In a preferred embodiment:

在步骤B中: In step B:

进一步由托管服务器向托管客户端返回第三方URL解密算法, Further, the hosting server returns the third-party URL decryption algorithm to the hosting client,

托管客户端利用第三方URL解密算法解密第三方URL密文产生第三方URL。 The hosting client uses the third-party URL decryption algorithm to decrypt the ciphertext of the third-party URL to generate a third-party URL.

产生的第三方URL可以以列表的形式被显示在托管客户端。 The generated third-party URLs can be displayed in the hosting client in the form of a list.

现参考图3,图3是根据本发明实施例的一个用户登录过程的示例的示意图。 Referring now to FIG. 3 , FIG. 3 is a schematic diagram of an example of a user login process according to an embodiment of the present invention.

如图所示,用户发送用户名MD5值和密码MD5值到登录中心。如果托管服务器存在匹配的用户名MD5值和密码MD5值则登录成功。例如,登录中心可以检测是否存在用户名MD5值,如果不存在,返回登录失败提示;如果存在用户名MD5值,则登录中心可以检测是否存在密码MD5值,如果该密码MD5值和用户名MD5不匹配则返回登录失败提示。 As shown in the figure, the user sends the MD5 value of the user name and the MD5 value of the password to the login center. If there is a matching MD5 value of the username and MD5 value of the password on the managed server, the login is successful. For example, the login center can detect whether there is an MD5 value of the user name, and if not, return a login failure prompt; if there is an MD5 value of the user name, the login center can detect whether there is an MD5 value of the password, if the MD5 value of the password and the MD5 value of the user name do not match If it matches, a login failure prompt will be returned.

用户登录成功后,由登录中心返回第三方URL密文。登录中心返回给用户url解密算法,用户使用对称密钥对第三方url进行解密。可选地,可以对用户的第三方url列表进行显示。这里用于托管服务器的用户名和/或密码作为加解密算法的对称密钥。 After the user logs in successfully, the login center returns the ciphertext of the third-party URL. The login center returns the url decryption algorithm to the user, and the user uses a symmetric key to decrypt the third-party url. Optionally, the user's third-party URL list can be displayed. The username and/or password used for hosting the server here serves as the symmetric key for the encryption and decryption algorithm.

在一个优选实施例中: In a preferred embodiment:

该方法进一步包括步骤D,用来产生保存在托管服务器中的第三方URL密文和第三方登录信息密文,其中,第三方登录信息是用于登录第三方URL的用户名和密码。换句话说,在该步骤中在托管服务器中添加或修改要托管的第三方登录信息。 The method further includes a step D of generating a third-party URL ciphertext and a third-party login information ciphertext stored in the hosting server, wherein the third-party login information is a user name and password for logging into the third-party URL. In other words, add or modify third-party login information to be hosted in the hosting server during this step.

步骤D包括: Step D includes:

由托管服务器向托管客户端返回第三方URL加密算法, The hosting server returns the third-party URL encryption algorithm to the hosting client,

在托管客户端输入需要托管的第三方URL和第三方登录信息, Enter the third-party URL and third-party login information to be hosted on the hosting client,

利用第三方URL加密算法加密第三方URL,将第三方URL密文发送到托管服务器, Use the third-party URL encryption algorithm to encrypt the third-party URL, and send the third-party URL ciphertext to the hosting server,

托管服务器根据该第三方URL密文,向托管客户端返回用于第三方登录信息的第一加密算法, The hosting server returns the first encryption algorithm used for third-party login information to the hosting client according to the third-party URL ciphertext,

在托管客户端利用用于第三方登录信息的第一加密算法加密第三方登录信息,并且将第三方登录信息密文发送到托管服务器。 The third-party login information is encrypted with the first encryption algorithm used for the third-party login information on the hosting client, and the ciphertext of the third-party login information is sent to the hosting server.

上述步骤D可以发生在用户首次登录时,也可以发生在首次登录之后的任何登录。 The above step D can occur when the user logs in for the first time, or any login after the first login.

在一个优选实施例中: In a preferred embodiment:

在步骤C中, In step C,

进一步从托管服务器获得第三方登录信息的第二加密算法,以及 further obtain a second encryption algorithm for third-party login information from the hosting server, and

在托管客户端利用用于第三方登录信息的第二加密算法加密第三方登录信息,并且将第三方登录信息密文发送到托管服务器。 Encrypt the third-party login information with the second encryption algorithm used for the third-party login information on the hosting client, and send the ciphertext of the third-party login information to the hosting server.

图4是根据本发明实施例的一个用户使用登录信息的示例的示意图。 Fig. 4 is a schematic diagram of an example of a user using login information according to an embodiment of the present invention.

如图4所示,用户在托管客户端选定要登录的第三方url。使用选定的第三方url密文向登录中心请求第三方url的登录信息。登录中心对该用户所保存的第三方url密文进行检索,如果没有找到则返回错误信息,否则返回第三方的登录信息密文。然后返回该第三方登录信息上次的解密算法;返回该第三方登录信息本次的加密算法。用户在托管客户端使用上次的解密算法对第三方登录信息进行解密。然后,用户在托管客户端使用本次的加密算法对第三方登录信息进行加密。用户上送新的第三方登录信息密文和加密算法到托管服务器进行更新操作。登录中心返回更新状态,用户端根据获取到的第三方登录信息登录第三方网站。 As shown in Figure 4, the user selects a third-party url to log in on the hosting client. Use the selected third-party URL ciphertext to request the login information of the third-party URL from the login center. The login center searches the ciphertext of the third-party url saved by the user, and returns an error message if it is not found, or returns the ciphertext of the third-party login information. Then return the last decryption algorithm of the third-party login information; return the current encryption algorithm of the third-party login information. The user uses the last decryption algorithm to decrypt the third-party login information on the managed client. Then, the user encrypts the third-party login information using this encryption algorithm on the managed client. The user uploads the new third-party login information ciphertext and encryption algorithm to the hosting server for update operation. The login center returns the update status, and the client logs in to the third-party website according to the obtained third-party login information.

在该示例中,由于每次返回的加密算法可以不相同,实现动态加密,从而进一步保证了用户的第三方登录信息的安全。 In this example, since the encryption algorithm returned each time may be different, dynamic encryption is implemented, thereby further ensuring the security of the user's third-party login information.

进一步,本发明限制描述一种第三方登录信息托管系统,包括托管客户端和托管服务器。本发明的第三方登录信息托管方法,可以通过配置托管客户端和托管服务器来实现。托管客户端和托管服务器的配置如下: Further, the present invention restricts to describe a third-party login information escrow system, including a escrow client and a escrow server. The third-party login information trusteeship method of the present invention can be realized by configuring a trusteeship client and a trusteeship server. The managed client and managed server are configured as follows:

托管服务器用于进行注册, hosting server for registration,

其中,托管客户端产生用于托管服务器的用户名和密码, where the hosting client generates a username and password for the hosting server,

托管客户端使用用户名和密码登录托管服务器, The managed client logs into the managed server with a username and password,

其中,登录成功后,托管服务器向托管客户端返回第三方URL密文, Among them, after the login is successful, the hosting server returns the third-party URL ciphertext to the hosting client,

托管客户端利用第三方登录信息登录第三方URL, The hosted client logs into the third-party URL with the third-party login information,

其中,托管客户端通过第三方URL密文从托管服务器获得第三方登录信息密文和第三方登录信息的解密算法,以及利用第三方登录信息的解密算法解密第三方登录信息密文得到第三方登录信息,从而登录第三方URL。 Among them, the hosting client obtains the ciphertext of the third-party login information and the decryption algorithm of the third-party login information from the hosting server through the ciphertext of the third-party URL, and uses the decryption algorithm of the third-party login information to decrypt the ciphertext of the third-party login information to obtain the third-party login information. information, thereby logging into the third-party URL.

优选地,托管客户端进一步配置成对用于托管服务器的用户名和密码进行转换,使得托管服务器仅保存经转换的登录托管服务器的用户名和密码, Preferably, the hosting client is further configured to convert the username and password for the hosting server so that the hosting server only saves the converted username and password for logging into the hosting server,

托管客户端进一步配置成使用用户名和密码产生经转换的用户名和密码来登录托管服务器。 The hosting client is further configured to use the username and password to generate a transformed username and password to log into the hosting server.

优选地,托管客户端进一步配置成对用于托管服务器的用户名和密码进行MD5摘要。 Preferably, the hosting client is further configured to MD5 digest the username and password for the hosting server.

优选地,托管服务器被配置成还向托管客户端返回第三方URL解密算法, Preferably, the hosting server is configured to also return a third-party URL decryption algorithm to the hosting client,

托管客户端被配置成利用第三方URL解密算法解密第三方URL密文产生第三方URL。 The hosted client is configured to decrypt the third-party URL ciphertext using a third-party URL decryption algorithm to generate a third-party URL.

优选地,产生的第三方URL以列表的形式被显示在托管客户端。 Preferably, the generated third-party URLs are displayed on the hosting client in the form of a list.

优选地,托管服务器和托管客户端进一步被配置成通过以下方式产生保存在托管服务器中的第三方URL密文和第三方登录信息密文,其中,第三方登录信息是用于登录第三方URL的用户名和密码,其中, Preferably, the hosting server and the hosting client are further configured to generate third-party URL ciphertext and third-party login information ciphertext stored in the hosting server in the following manner, wherein the third-party login information is used to log in to the third-party URL username and password, where,

该方式包括: This method includes:

由托管服务器向托管客户端返回第三方URL加密算法, The hosting server returns the third-party URL encryption algorithm to the hosting client,

在托管客户端输入需要托管的第三方URL和第三方登录信息, Enter the third-party URL and third-party login information to be hosted on the hosting client,

利用第三方URL加密算法加密第三方URL,将第三方URL密文发送到托管服务器, Use the third-party URL encryption algorithm to encrypt the third-party URL, and send the third-party URL ciphertext to the hosting server,

托管服务器根据该第三方URL密文,向托管客户端返回用于第三方登录信息的第一加密算法, The hosting server returns the first encryption algorithm used for third-party login information to the hosting client according to the third-party URL ciphertext,

在托管客户端利用用于第三方登录信息的第一加密算法加密第三方登录信息,并且将第三方登录信息密文发送到托管服务器。 The third-party login information is encrypted with the first encryption algorithm used for the third-party login information on the hosting client, and the ciphertext of the third-party login information is sent to the hosting server.

优选地,用于托管服务器的用户名和/或密码作为加解密算法的对称密钥。 Preferably, the username and/or password for the hosting server are used as a symmetric key for the encryption and decryption algorithm.

优选地,托管客户端被配置成进一步从托管服务器获得第三方登录信息的第二加密算法,以及 Preferably, the hosting client is configured to further obtain a second encryption algorithm for third-party login information from the hosting server, and

托管客户端被配置成利用用于第三方登录信息的第二加密算法加密第三方登录信息,并且将第三方登录信息密文发送到托管服务器。 The escrow client is configured to encrypt the third-party login information using a second encryption algorithm for the third-party login information, and send the ciphertext of the third-party login information to the escrow server.

通过以上实施方式的描述,本领域中的普通技术人员能够理解,在不偏离本发明的精神和范围的情况下,还可以对本发明的具体实施方式作各种变更和替换。这些变更和替换都落在本发明权利要求书所限定的范围内。 Through the description of the above embodiments, those skilled in the art can understand that various modifications and substitutions can be made to the specific embodiments of the present invention without departing from the spirit and scope of the present invention. These changes and substitutions all fall within the scope defined by the claims of the present invention.

Claims (16)

1. 一种第三方登录信息托管方法,其特征在于,包括以下步骤: 1. A third-party login information hosting method, characterized in that, comprising the following steps: A. 在托管服务器进行注册, A. Register with the hosting server, 其中,通过托管客户端产生用于托管服务器的用户名和密码, where the username and password for the hosting server are generated by the hosting client, B. 在托管客户端使用用户名和密码登录托管服务器, B. Use the username and password to log in to the hosting server on the hosting client, 其中,登录成功后,由托管服务器向托管客户端返回第三方URL密文, Among them, after the login is successful, the hosting server returns the third-party URL ciphertext to the hosting client, C. 利用第三方登录信息登录第三方URL, C. Use the third-party login information to log in to the third-party URL, 其中,通过第三方URL密文从托管服务器获得第三方登录信息密文和第三方登录信息的解密算法,以及 Wherein, the third-party login information ciphertext and the decryption algorithm of the third-party login information are obtained from the hosting server through the third-party URL ciphertext, and 利用第三方登录信息的解密算法解密第三方登录信息密文得到第三方登录信息,从而登录第三方URL。 Use the decryption algorithm of the third-party login information to decrypt the ciphertext of the third-party login information to obtain the third-party login information, so as to log in to the third-party URL. 2. 如权利要求1所述的方法,其特征在于, 2. the method for claim 1, is characterized in that, 在步骤A中: In step A: 利用托管客户端对用于托管服务器的用户名和密码进行转换,使得托管服务器仅保存经转换的登录托管服务器的用户名和密码, Use the hosting client to convert the username and password for the hosting server, so that the hosting server only saves the converted username and password for logging in to the hosting server, 在步骤B中: In step B: 利用托管客户端使用用户名和密码产生经转换的用户名和密码来登录托管服务器。 The user name and password are generated using the managed client to log into the managed server by generating a converted user name and password. 3. 如权利要求2所述的方法,其特征在于, 3. the method for claim 2, is characterized in that, 在步骤A中,对用于托管服务器的用户名和密码进行MD5摘要。 In step A, do an MD5 digest of the username and password used for hosting the server. 4. 如权利要求1所述的方法,其特征在于, 4. the method for claim 1, is characterized in that, 在步骤B中: In step B: 进一步由托管服务器向托管客户端返回第三方URL解密算法, Further, the hosting server returns the third-party URL decryption algorithm to the hosting client, 托管客户端利用第三方URL解密算法解密第三方URL密文产生第三方URL。 The hosting client uses the third-party URL decryption algorithm to decrypt the ciphertext of the third-party URL to generate a third-party URL. 5. 如权利要求4所述的方法,其特征在于, 5. method as claimed in claim 4, is characterized in that, 产生的第三方URL以列表的形式被显示在托管客户端。 The generated third-party URLs are displayed on the hosting client in the form of a list. 6. 如权利要求1所述的方法,其特征在于, 6. the method for claim 1, is characterized in that, 该方法进一步包括步骤D,用来产生保存在托管服务器中的第三方URL密文和第三方登录信息密文,其中,第三方登录信息是用于登录第三方URL的用户名和密码,其中, The method further includes step D, which is used to generate third-party URL ciphertext and third-party login information ciphertext stored in the hosting server, wherein the third-party login information is a user name and password for logging into the third-party URL, wherein, 步骤D包括: Step D includes: 由托管服务器向托管客户端返回第三方URL加密算法, The hosting server returns the third-party URL encryption algorithm to the hosting client, 在托管客户端输入需要托管的第三方URL和第三方登录信息, Enter the third-party URL and third-party login information to be hosted on the hosting client, 利用第三方URL加密算法加密第三方URL,将第三方URL密文发送到托管服务器, Use the third-party URL encryption algorithm to encrypt the third-party URL, and send the third-party URL ciphertext to the hosting server, 托管服务器根据该第三方URL密文,向托管客户端返回用于第三方登录信息的第一加密算法, The hosting server returns the first encryption algorithm used for third-party login information to the hosting client according to the third-party URL ciphertext, 在托管客户端利用用于第三方登录信息的第一加密算法加密第三方登录信息,并且将第三方登录信息密文发送到托管服务器。 The third-party login information is encrypted with the first encryption algorithm used for the third-party login information on the hosting client, and the ciphertext of the third-party login information is sent to the hosting server. 7. 如权利要求1所述的方法,其特征在于, 7. The method of claim 1, wherein 用于托管服务器的用户名和/或密码作为加解密算法的对称密钥。 Username and/or password for hosting server as symmetric key for encryption and decryption algorithms. 8. 如权利要求1所述的方法,其特征在于, 8. The method of claim 1, wherein, 在步骤C中, In step C, 进一步从托管服务器获得第三方登录信息的第二加密算法,以及 further obtain a second encryption algorithm for third-party login information from the hosting server, and 在托管客户端利用用于第三方登录信息的第二加密算法加密第三方登录信息,并且将第三方登录信息密文发送到托管服务器。 Encrypt the third-party login information with the second encryption algorithm used for the third-party login information on the hosting client, and send the ciphertext of the third-party login information to the hosting server. 9. 一种第三方登录信息托管系统,其特征在于,包括托管客户端和托管服务器,其中, 9. A third-party login information hosting system, characterized in that it includes a hosting client and a hosting server, wherein, 托管服务器用于进行注册, hosting server for registration, 其中,托管客户端产生用于托管服务器的用户名和密码, where the hosting client generates a username and password for the hosting server, 托管客户端使用用户名和密码登录托管服务器, The managed client logs into the managed server with a username and password, 其中,登录成功后,托管服务器向托管客户端返回第三方URL密文, Among them, after the login is successful, the hosting server returns the third-party URL ciphertext to the hosting client, 托管客户端利用第三方登录信息登录第三方URL, The hosted client logs into the third-party URL with the third-party login information, 其中,托管客户端通过第三方URL密文从托管服务器获得第三方登录信息密文和第三方登录信息的解密算法,以及利用第三方登录信息的解密算法解密第三方登录信息密文得到第三方登录信息,从而登录第三方URL。 Among them, the hosting client obtains the ciphertext of the third-party login information and the decryption algorithm of the third-party login information from the hosting server through the ciphertext of the third-party URL, and uses the decryption algorithm of the third-party login information to decrypt the ciphertext of the third-party login information to obtain the third-party login information. information, thereby logging into the third-party URL. 10. 如权利要求9所述的系统,其特征在于, 10. The system of claim 9, wherein: 托管客户端进一步配置成对用于托管服务器的用户名和密码进行转换,使得托管服务器仅保存经转换的登录托管服务器的用户名和密码, The hosting client is further configured to transform the username and password for the hosting server such that the hosting server only saves the transformed username and password for logging into the hosting server, 托管客户端进一步配置成使用用户名和密码产生经转换的用户名和密码来登录托管服务器。 The hosting client is further configured to use the username and password to generate a transformed username and password to log into the hosting server. 11. 如权利要求10所述的系统,其特征在于, 11. The system of claim 10, wherein, 托管客户端进一步配置成对用于托管服务器的用户名和密码进行MD5摘要。 The hosting client is further configured to MD5 digest the username and password for the hosting server. 12. 如权利要求9所述的系统,其特征在于, 12. The system of claim 9, wherein: 托管服务器被配置成还向托管客户端返回第三方URL解密算法, The hosting server is configured to also return a third-party URL decryption algorithm to the hosting client, 托管客户端被配置成利用第三方URL解密算法解密第三方URL密文产生第三方URL。 The hosted client is configured to decrypt the third-party URL ciphertext using a third-party URL decryption algorithm to generate a third-party URL. 13. 如权利要求12所述的系统,其特征在于, 13. The system of claim 12, wherein: 产生的第三方URL以列表的形式被显示在托管客户端。 The generated third-party URLs are displayed on the hosting client in the form of a list. 14. 如权利要求9所述的系统,其特征在于, 14. The system of claim 9, wherein, 托管服务器和托管客户端进一步被配置成通过以下方式产生保存在托管服务器中的第三方URL密文和第三方登录信息密文,其中,第三方登录信息是用于登录第三方URL的用户名和密码,其中, The managed server and the managed client are further configured to generate a third-party URL ciphertext and a third-party login information ciphertext stored in the managed server in the following manner, wherein the third-party login information is a username and password for logging into the third-party URL ,in, 该方式包括: This method includes: 由托管服务器向托管客户端返回第三方URL加密算法, The hosting server returns the third-party URL encryption algorithm to the hosting client, 在托管客户端输入需要托管的第三方URL和第三方登录信息, Enter the third-party URL and third-party login information to be hosted on the hosting client, 利用第三方URL加密算法加密第三方URL,将第三方URL密文发送到托管服务器, Use the third-party URL encryption algorithm to encrypt the third-party URL, and send the third-party URL ciphertext to the hosting server, 托管服务器根据该第三方URL密文,向托管客户端返回用于第三方登录信息的第一加密算法, The hosting server returns the first encryption algorithm used for third-party login information to the hosting client according to the third-party URL ciphertext, 在托管客户端利用用于第三方登录信息的第一加密算法加密第三方登录信息,并且将第三方登录信息密文发送到托管服务器。 The third-party login information is encrypted with the first encryption algorithm used for the third-party login information on the hosting client, and the ciphertext of the third-party login information is sent to the hosting server. 15. 如权利要求9所述的系统,其特征在于, 15. The system of claim 9, wherein, 用于托管服务器的用户名和/或密码作为加解密算法的对称密钥。 Username and/or password for hosting server as symmetric key for encryption and decryption algorithms. 16. 如权利要求9所述的系统,其特征在于, 16. The system of claim 9, wherein, 托管客户端被配置成进一步从托管服务器获得第三方登录信息的第二加密算法,以及 the hosted client is configured to further obtain a second encryption algorithm for third-party login information from the hosted server, and 托管客户端被配置成利用用于第三方登录信息的第二加密算法加密第三方登录信息,并且将第三方登录信息密文发送到托管服务器。 The escrow client is configured to encrypt the third-party login information using a second encryption algorithm for the third-party login information, and send the ciphertext of the third-party login information to the escrow server.
CN201310004402.4A 2013-01-07 2013-01-07 A kind of third party's log-on message trustship method and system Active CN103916372B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201310004402.4A CN103916372B (en) 2013-01-07 2013-01-07 A kind of third party's log-on message trustship method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201310004402.4A CN103916372B (en) 2013-01-07 2013-01-07 A kind of third party's log-on message trustship method and system

Publications (2)

Publication Number Publication Date
CN103916372A true CN103916372A (en) 2014-07-09
CN103916372B CN103916372B (en) 2017-07-21

Family

ID=51041779

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201310004402.4A Active CN103916372B (en) 2013-01-07 2013-01-07 A kind of third party's log-on message trustship method and system

Country Status (1)

Country Link
CN (1) CN103916372B (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107528688A (en) * 2017-09-30 2017-12-29 矩阵元技术(深圳)有限公司 A kind of keeping of block chain key and restoration methods, device based on encryption commission technology
CN107920081A (en) * 2017-12-01 2018-04-17 华为软件技术有限公司 Login authentication method and device
CN111783075A (en) * 2020-06-28 2020-10-16 平安普惠企业管理有限公司 Authority management method, device and medium based on secret key and electronic equipment
CN113761498A (en) * 2021-09-08 2021-12-07 广州市资拓科技有限公司 Third party login information hosting method, system, equipment and storage medium

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101997685A (en) * 2009-08-27 2011-03-30 阿里巴巴集团控股有限公司 Single sign-on method, single sign-on system and associated equipment

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101997685A (en) * 2009-08-27 2011-03-30 阿里巴巴集团控股有限公司 Single sign-on method, single sign-on system and associated equipment

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107528688A (en) * 2017-09-30 2017-12-29 矩阵元技术(深圳)有限公司 A kind of keeping of block chain key and restoration methods, device based on encryption commission technology
CN107920081A (en) * 2017-12-01 2018-04-17 华为软件技术有限公司 Login authentication method and device
CN107920081B (en) * 2017-12-01 2020-08-14 华为技术有限公司 Login authentication method and device
CN111783075A (en) * 2020-06-28 2020-10-16 平安普惠企业管理有限公司 Authority management method, device and medium based on secret key and electronic equipment
CN113761498A (en) * 2021-09-08 2021-12-07 广州市资拓科技有限公司 Third party login information hosting method, system, equipment and storage medium

Also Published As

Publication number Publication date
CN103916372B (en) 2017-07-21

Similar Documents

Publication Publication Date Title
CN109922077B (en) Identity authentication method and system based on block chain
CN104579694B (en) A kind of identity identifying method and system
CN103051628B (en) Obtain the method and system of authentication token based on server
US10411884B2 (en) Secure bootstrapping architecture method based on password-based digest authentication
CN108173662B (en) A device authentication method and device
US8510556B2 (en) Authentication method, system, server, and user node
US8156332B2 (en) Peer-to-peer security authentication protocol
CN107809317A (en) A kind of identity identifying method and system based on token digital signature
US20100185860A1 (en) Method for authenticating a communication channel between a client and a server
WO2017185911A1 (en) Network user authentication method
Albalawi et al. A survey on authentication techniques for the internet of things
US12041173B2 (en) Whitelisting clients accessing resources via a secure web gateway with time-based one time passwords for authentication
JP2015510335A (en) System and method for secure two-factor authentication ID-based key exchange and remote login using an insecure token and a simple second factor such as a PIN number
Huang et al. A token-based user authentication mechanism for data exchange in RESTful API
ShanmugaPriya et al. The personal authentication service and security enhancement for optimal strong password
Wen et al. A robust smart card‒based anonymous user authentication protocol for wireless communications
Lee et al. Secure and anonymous authentication scheme for mobile edge computing environments
Khan et al. A brief review on cloud computing authentication frameworks
CN111639357B (en) Encryption network disk system and authentication method and device thereof
CN103916372B (en) A kind of third party's log-on message trustship method and system
CN105577606B (en) A kind of method and apparatus for realizing authenticator registration
CN102215235B (en) SIP (session initiation protocol) safety certification method capable of modifying authentication password
CN114491435A (en) A secure access method and device based on an industrial Internet platform
CN118573483A (en) Network security management method and related equipment
CN115865520B (en) Authentication and access control method with privacy protection in mobile cloud service environment

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant