CN104426846A - Service security verifying method and apparatus - Google Patents
Service security verifying method and apparatus Download PDFInfo
- Publication number
- CN104426846A CN104426846A CN201310369971.9A CN201310369971A CN104426846A CN 104426846 A CN104426846 A CN 104426846A CN 201310369971 A CN201310369971 A CN 201310369971A CN 104426846 A CN104426846 A CN 104426846A
- Authority
- CN
- China
- Prior art keywords
- receiving device
- information
- service
- business
- information receiving
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 107
- 239000003999 initiator Substances 0.000 claims abstract description 89
- 238000012795 verification Methods 0.000 claims description 96
- 238000013475 authorization Methods 0.000 claims description 23
- 230000000977 initiatory effect Effects 0.000 claims description 22
- 230000003993 interaction Effects 0.000 abstract description 14
- 230000008569 process Effects 0.000 description 47
- 241000196324 Embryophyta Species 0.000 description 18
- 230000000694 effects Effects 0.000 description 11
- 238000012545 processing Methods 0.000 description 10
- 238000005516 engineering process Methods 0.000 description 4
- 230000003287 optical effect Effects 0.000 description 3
- 238000004891 communication Methods 0.000 description 2
- 238000004590 computer program Methods 0.000 description 2
- 230000006872 improvement Effects 0.000 description 2
- 238000007619 statistical method Methods 0.000 description 2
- 235000003140 Panax quinquefolius Nutrition 0.000 description 1
- 240000005373 Panax quinquefolius Species 0.000 description 1
- 230000008901 benefit Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 230000002452 interceptive effect Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
- 230000007704 transition Effects 0.000 description 1
- 238000010200 validation analysis Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/107—Network architectures or network communication protocols for network security for controlling access to devices or network resources wherein the security policies are location-dependent, e.g. entities privileges depend on current location or allowing specific operations only from locally connected terminals
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
- H04L63/126—Applying verification of the received information the source of the received data
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Telephonic Communication Services (AREA)
Abstract
The invention relates to a service security verifying method and apparatus. The method comprises: receiving a service request initiated by a service initiator with a particular user identification; determining a position of the service initiator; determining a position of an information receiving device bound to the particular user identification; and verifying security of the service in accordance with a distance between the position of the service initiator and the position of the information receiving device. According to the technical scheme of the invention, the method can verify security of the service in accordance with a distance between the position of the service initiator and the position of the information receiving device, and thus greatly improves the security of service data interaction.
Description
Technical field
The application relates to computer communication field, particularly relate to internet data mutual in service security verification method and device.
Background technology
Along with the fast development of the Internet, online data interaction is more and more general, the current key data interactive mode become in people's life.
In the process of online data interaction, for the security consideration to data interaction, most of service needed carries out short-message verification could finishing service.But, the stolen situation of unique identification information due to current user still exists, once the unique identification information of user is stolen, namely swindler will initiate business with the specific user of user mark to service server with the name of user, service server can ask note operator to send identifying code note to the information receiving device identifying binding with this specific user for the business of this initiation, and user is not knowing or just may gained identifying code by cheating in being deceived, thus the fail safe of service data interaction cannot be ensured, even can bring about great losses to user.
Therefore, the service security verification technique of a kind of improvement of demand, makes it possible to the fail safe ensureing service data interaction further.
For the purpose of clear description, it should be noted that here, in this article, user refers to that specific user identifies corresponding real user.Legitimate user refers to the user using specific user to identify through subscriber authorisation.Illegal user (i.e. swindler) refers to the user using specific user to identify without subscriber authorisation.
Summary of the invention
The main purpose of the application is to provide a kind of service security verification technique, and it can solve the aforementioned problems in the prior.
According to the embodiment of an aspect of the application, a kind of service security verification method is provided, it is characterized in that, comprising: receive Business Initiator identifies initiation service request with specific user; Determine the position of Business Initiator; Determine the position of the information receiving device identifying binding with specific user; And according to the distance between the position of Business Initiator and the position of information receiving device, the fail safe of checking business.
According to another embodiment of an aspect of the application, a kind of service security demo plant being provided, it is characterized in that, comprising: service request receiver module, to identify the service request of initiation for receiving Business Initiator with specific user; Initiator's position determination module, for determining the position of Business Initiator; Device location determination module, for determining the position of the information receiving device identifying binding with specific user; And service security authentication module, for according to the distance between the position of Business Initiator and the position of information receiving device, the fail safe of checking business.
According to the embodiment of another aspect of the application, a kind of service security verification method is provided, it is characterized in that, comprising: receive Business Initiator identifies initiation service request with specific user; Determine the position of Business Initiator; Security authentication request is sent to information server, security authentication request at least comprises the position of Business Initiator and identifies the unique identification information of information receiving device of binding with specific user, with by the position of information server according to the unique identification information comformed information receiving equipment of information receiving device, and according to the distance between the position of Business Initiator and the position of information receiving device, the fail safe of checking business; And receive the whether safe safety verification result of indicating services from information server.
According to another embodiment of the another aspect of the application, a kind of service security demo plant being provided, it is characterized in that, comprising: service request receiver module, to identify the service request of initiation for receiving Business Initiator with specific user; Initiator's position determination module, for determining the position of Business Initiator; Security authentication request sending module, for sending security authentication request to information server, security authentication request at least comprises the position of Business Initiator and the unique identification information of information receiving device, to be determined the position of described information receiving device according to the unique identification information of information receiving device by information server, and according to the distance between the position of Business Initiator and the position of information receiving device, the fail safe of checking business; And safety verification result receiver module, for receiving the whether safe safety verification result of indicating services from information server.
According to the embodiment of the another aspect of the application, a kind of service security verification method is provided, it is characterized in that, comprise: receive security authentication request from service server, security authentication request at least comprises and identifies the position of the Business Initiator of initiating business request with specific user and identify the unique identification information of information receiving device of binding with specific user; According to the position of the unique identification information comformed information receiving equipment of information receiving device; According to the distance between the position of Business Initiator and the position of information receiving device, the fail safe of checking business; And send the whether safe safety verification result of indicating services to service server.
According to another embodiment of the another aspect of the application, a kind of service security demo plant is provided, it is characterized in that, comprise: security authentication request receiver module, for receiving security authentication request from service server, security authentication request at least comprises and identifies the position of the Business Initiator of initiating business request with specific user and identify the unique identification information of information receiving device of binding with specific user; Device location determination module, for the position of the unique identification information comformed information receiving equipment according to information receiving device; Service security authentication module, for according to the distance between the position of Business Initiator and the position of information receiving device, the fail safe of checking business; And safety verification result sending module, for sending the whether safe safety verification result of indicating services to service server.
Compared with prior art, according to the technical scheme of the application, the fail safe of business can be verified based on the distance between the position of Business Initiator and the position of information receiving device, and then greatly improve the fail safe of service data interaction.
Accompanying drawing explanation
Accompanying drawing described herein is used to provide further understanding of the present application, and form a application's part, the schematic description and description of the application, for explaining the application, does not form the improper restriction to the application.In the accompanying drawings:
Fig. 1 shows the schematic diagram of the exemplary system architecture of the service security verification method can implementing the application;
Fig. 2 shows the flow chart of the service security verification method according to the application's embodiment;
Fig. 3 shows the flow chart of steps of the position from information server obtaining information receiving equipment according to the application's embodiment;
Fig. 4 shows the flow chart of the service security verification method according to the application's specific embodiment;
Fig. 5 shows the flow chart of the service security verification method according to another embodiment of the application;
Fig. 6 shows the flow chart of the service security verification method according to the application's specific embodiment;
Fig. 7 shows the flow chart of the service security verification method according to another embodiment of the application;
Fig. 8 shows the structured flowchart of the service security demo plant according to the application's embodiment;
Fig. 9 shows the structured flowchart of the service security demo plant according to another embodiment of the application; And
Figure 10 shows the structured flowchart of the service security demo plant according to another embodiment of the application.
Embodiment
The main thought of the application is just, based on the distance between the position of Business Initiator and the position of information receiving device, verifies the fail safe of current business.Specifically, if above-mentioned distance is in predetermined distance range, then can judges that current business is safe, and can Business Processing be proceeded; If above-mentioned distance exceeds predetermined distance range, then can judge that current business exists risk, and then stop current business.Greatly can improve the fail safe of service data interaction thus.
For making the object of the application, technical scheme and advantage clearly, below in conjunction with the application's specific embodiment and corresponding accompanying drawing, technical scheme is clearly and completely described.Obviously, described embodiment is only some embodiments of the present application, instead of whole embodiments.Based on the embodiment in the application, those of ordinary skill in the art are not making the every other embodiment obtained under creative work prerequisite, all belong to the scope of the application's protection.
< exemplary system architecture >
For ease of the understanding of conceiving the application, describe the exemplary system architecture can implementing the service security verification method of the application below in conjunction with Fig. 1, which describe the specific embodiment of service security verification method in an embody rule scene (i.e. the information verification process of business) of the application.
As shown in Figure 1, the service security verification method of the application can be implemented by service server 110.Particularly, carrying out in the application scenarios of Information Authentication for business, except service server 110, the service security verification method of the application can also relate to information server 120, Business Initiator 130 and information receiving device 140.
In a typical application scenarios and online payment scene, service server 110 can be the server of payment services business, it can be the server that such as Alipay, wealth pay the Third-party payment platform of logical, Sheng Futong and so on, also can be the server of Web bank.What information server 120 was made up of one or more computer can send information to the information receiving device of user or provide the server of information service.Specifically, information server 120 can by the communication mode of such as short message and so on, and the information receiving device to user sends the authorization information of the forms such as such as text, video, voice.More specifically, information server 120 can be the server of the common carrier of such as telecommunications, UNICOM, movement and so on, also can be the server of the customizing messages service provider of such as note operator and so on.Meanwhile, described information server 120 also includes module for carrying out locating terminal place physical location according to terminal iidentification or server.Business Initiator 130 refers to the side identifying initiating business request with specific user, and specific user's mark refers to the unique identification information of the user registered on service server.Business Initiator 130 can be that specific user identifies corresponding user, also can be in addition to the user identify other legitimate user of initiating business request or illegal user with specific user.Information receiving device 140 is the subscriber equipmenies identifying binding with specific user, and for receiving the authorization information from information server 120.
According in the Information Authentication scene of the embodiment of the present application, the service request that service server 110 can receive Business Initiator 130 such as pays request, carry out business verification process for service request, and determine whether the service request of granting traffic initiator 130 according to the result of business verification process.The authorization information that information server 120 can receive service server 110 issues request and issues request according to authorization information and sends authorization information to information receiving device 140.
More specifically, the business verification process of the embodiment of the present application can be divided into safety verification process and Information Authentication process.Safety verification process refers to be verified based on the fail safe of distance to business between the position of Business Initiator and the position of information receiving device, and it embodies the inventive point of the application just.Information Authentication process refer to based on the authorization information issued to information receiving device with the comparing of checking return information of Business Initiator the fail safe of business is verified further.
In concrete enforcement, Information Authentication process can be implemented in service server 110 side, and safety verification process both can have been implemented in service server 110 side, also can implement in information server 120 side.
Describe the processing procedure of the service security verification method according to the application's embodiment in more detail below in conjunction with Fig. 2-Fig. 4, wherein safety verification process is implemented in service server side.
< implements the service security verification method > of safety verification process in service server side
Fig. 2 shows the flow chart of the service security verification method according to the application's embodiment, which describes the processing procedure of the method in service server side.
As shown in Figure 2, in step S210 place, receive Business Initiator identifies initiation service request with specific user.
Specifically, service server can receive the service request of any terminal equipment from Business Initiator.Terminal equipment can be the portable terminal etc. of personal computer, the mobile terminal device of laptop computer, such as mobile phone and so on, such as iPad and so on.
In a typical apply scene and online payment scene, service request can be on-line payment request, and such as Business Initiator can initiate payment request for certain transaction.
After service server receives the service request of Business Initiator, just for the safety verification process that this service request is carried out below.
Particularly, in step S220 place, determine the position of this Business Initiator.
More specifically, service server according to the source IP address of service request, can determine the physical location residing for Business Initiator of initiating business request.
In step S230 place, determine the position of the information receiving device identifying binding with specific user.
More specifically, when user registers to service server, service server can be given and store the unique identification information of this user, comprises the user ID of such as user name, account and so on, password, unique identification information etc. for the information receiving device of Information Authentication.Obviously, specific user's mark is bound with specific information receiving device.Namely information receiving device refers to the equipment for Receipt Validation information, such as, can be the similar devices such as mobile phone.
In a specific embodiment, service server can obtain the position of this information receiving device from information server.Fig. 3 shows the flow chart of steps of the position from information server obtaining information receiving equipment according to the application's embodiment.
As shown in Figure 3, in step S310 place, service server can send position acquisition request to information server, and described position acquisition request at least can comprise the unique identification information of this information receiving device.
It will be appreciated that, service server side can store the log-on message of user, and this log-on message at least can comprise following information: the unique identification information etc. of user ID, password, information receiving device.Therefore, service server can according to the unique identification information of this information receiving device such as phone number, the position of ask for information services device comformed information receiving equipment.
In step S320 place, service server receives the position of the information receiving device determined according to the unique identification information of information receiving device by information server from information server.
Particularly, information server can according to the unique identification information of information receiving device, adopt the location technology of such as architecture and so on to position this information receiving device, thus get the physical location of this information receiving device, and return to service server.
Composition graphs 3 describes the mode of the position from information server obtaining information receiving equipment above, but the application is not limited to this, it will be appreciated that, service server can determine the position of this information receiving device by any desired manner of existing or future exploitation.
Next, return Fig. 2, in step S240 place, according to the distance between the position of Business Initiator and the position of information receiving device, the fail safe of checking business.
Specifically, after the position of the position and information receiving device that determine Business Initiator, service server can calculate the distance between these two positions, such as, carry out this distance by means of electronic chart instrument etc. and calculate.
Then, the distance calculated and predetermined distance range are contrasted.When the distance calculated is within predetermined distance range, service security can be judged.When the distance calculated is outside predetermined distance range, can judge that business is dangerous.
Predetermined distance range refers to the security activity scope of information receiving device.In a specific embodiment, predetermined distance range can be preassigned by user.Such as predetermined distance range can be user's such as security activity scope of preassigned information receiving device when registering to service server.For example, user can set its information receiving device security activity scope such as within circumference 10-13 kilometer etc.
In other embodiments, predetermined distance range also can be preassigned by service server.Such as, can be that the scope of activities of this information receiving device can be obtain by carrying out statistical analysis to the position getting information receiving device from information server by service server according to identify the scope of activities of the information receiving device of binding preassigned with specific user.
So far safety verification process is completed for service request.According to the result of safety verification process, can determine whether to need to proceed Business Processing.According to the service security verification method of the embodiment of the present application, the fail safe of service data interaction greatly can be improved.
Describing the flow chart according to the service security verification method of the application's specific embodiment below in conjunction with Fig. 4, wherein except safety verification process, also carrying out Information Authentication process for business except carrying out for business.
As shown in Figure 4, the process of the step S210-S240 that the safety verification process that step S410-S440 describes and above composition graphs 2 describe is similar, repeats no more here.Only be described in the information verification process after safety verification process below.
Particularly, when judging service security in step S440 place, step S450 is entered.
In step S450 place, ask for information services device sends authorization information to information receiving device.
In one embodiment, when judging service security, service server can send authorization information to information server and issue request, authorization information issues unique identification information and the checking content information that request at least can comprise information receiving device, issues the authorization information comprising checking content information with ask for information services device to information receiving device.Checking content information such as can comprise identifying code etc.
Then, in step S460 place, judge that whether the return information received is consistent with authorization information.
Whether specifically, service server can receive from Business Initiator or the return information from information server, and this return information and authorization information is contrasted, consistent with the content of the content with authorization information that judge return information.
More specifically, service server directly can receive the return information from Business Initiator, and such as, Business Initiator can input corresponding return information in the user interface of service server.In addition, service server also can receive return information from information server.More specifically, information server can receive the return information from information receiving device and this return information is transmitted to service server and be used for Information Authentication process.
Based on the result of Information Authentication process, granting traffic request can be determined whether.Specifically, if it is determined that return information is consistent with authorization information, then step S470 is entered.In the granting traffic request of step S470 place.If it is determined that return information and authorization information inconsistent, then enter step S480.In step S480 place refusal service request.
Similarly, when judgement business in step S440 place is dangerous, also enter step S480, refusal service request.
So far the service security verification method implementing safety verification process in service server side has been described in conjunction with specific embodiments in detail, the fail safe of business is wherein verified based on the distance between the position of Business Initiator and the position of information receiving device, and carry out Information Authentication process when service security, the fail safe of Information Authentication can be guaranteed thus, reduce leakage and the loss of authorization information, and then greatly improve the fail safe of service data interaction.
Describe the processing procedure of the service security verification method according to another embodiment of the application in detail below in conjunction with Fig. 5-Fig. 7, wherein safety verification process is implemented in information server side.
< implements the service security verification method > of safety verification process in information server side
(processing procedure of service server side)
Fig. 5 shows the flow chart of the service security verification method according to another embodiment of the application, which describes the processing procedure of the method in service server side.
As shown in Figure 5, in step S510 place, receive Business Initiator identifies initiation service request with specific user.This step is similar to the step S210 in Fig. 2, and therefore its detail see description above, can repeat no more here.
In step S520 place, determine the position of this Business Initiator.This step is similar to the step S220 in Fig. 2, and therefore its detail see description above, also can repeat no more here.
Next, in step S530 place, service server can send security authentication request to information server.
This security authentication request at least can comprise the position of Business Initiator and identify the unique identification information of information receiving device of binding with specific user, with by the position of information server according to the unique identification information comformed information receiving equipment of information receiving device, and according to the distance between the position of Business Initiator and the position of information receiving device, the fail safe of checking business.Operation about information server will be described in detail after a while.
In step S540 place, service server can receive the whether safe safety verification result of indicating services from information server.
So far safety verification process is completed for service request.According to safety verification result, can determine whether to need to proceed Business Processing.According to the service security verification method of the embodiment of the present application, the fail safe of service data interaction greatly can be improved equally.
Describing the flow chart according to the service security verification method of the application's specific embodiment below in conjunction with Fig. 6, wherein except safety verification process, also carrying out Information Authentication process for business except carrying out for business.
As shown in Figure 6, the process of the step S510-S540 that the safety verification process that step S610-S640 describes and above composition graphs 5 describe is similar, repeats no more here.Only be described in the information verification process after safety verification process below.
Particularly, if safety verification result indicating services safety, then step S650 is entered.In step S650 place, service server can send authorization information to information receiving device by ask for information services device.Then in step S660 place, can judge that whether the return information received is consistent with authorization information.If consistent, then enter step S670.In step S670 place, service server can granting traffic request.If inconsistent, then enter step S680.In step S680 place, service server can refuse service request.
The Information Authentication process that the step S450-S480 that the Information Authentication process of step S650-680 is in the present embodiment similar to composition graphs 4 above describes.Its detail repeats no more here, to keep succinct herein.
Similarly, if the safety verification result indicating services received in step S640 is dangerous, then also enter step S680, service server can refuse service request.
(processing procedure of information server side)
Fig. 7 shows the flow chart of the service security verification method according to another embodiment of the application, which describes the processing procedure of the method in information server side.
As shown in Figure 7, in step S710 place, information server can receive security authentication request from service server.This security authentication request at least can comprise and identifies the position of the Business Initiator of initiating business request with specific user and identify the unique identification information of information receiving device of binding with described specific user.
In step S720 place, information server can according to the position of the unique identification information comformed information receiving equipment of information receiving device.
Particularly, information server according to the unique identification information of information receiving device such as phone number, can adopt the location technology of such as architecture and so on to position this information receiving device, thus gets the physical location of this information receiving device.
Then, in step S730 place, information server can according to the distance between the position of Business Initiator and the position of information receiving device, the fail safe of checking business.
Specifically, information server can according to the position of the position of the Business Initiator received from service server and the information receiving device oriented in step S720, calculate the distance between these two positions, such as, carry out this distance by means of electronic chart instrument etc. and calculate.
Then, the distance calculated and predetermined distance range are contrasted.When the distance calculated is within predetermined distance range, service security can be judged.When the distance calculated is outside predetermined distance range, can judge that business is dangerous.
Predetermined distance range refers to the security activity scope of information receiving device.In a specific embodiment, predetermined distance range can be preassigned by user.Such as predetermined distance range can be user's such as security activity scope of preassigned information receiving device when registering to service server.For example, user can set its information receiving device security activity scope such as within circumference 10-13 kilometer etc.
In other embodiments, predetermined distance range also can be preassigned by service server.Such as, can be that the scope of activities of this information receiving device can be obtain by carrying out statistical analysis to the position getting information receiving device from information server by service server according to identify the scope of activities of the information receiving device of binding preassigned with specific user.
Correspondingly, in the embodiment of the present application, this security authentication request can also comprise predetermined distance range.In other words, information server can receive predetermined distance range parameter for safety verification process from service server.In other embodiments, information server itself can be used for safety verification process according to the scope of activities determination predetermined distance range of information receiving device.
After completing safety verification process, in step S740 place, information server can send the whether safe safety verification result of indicating services to service server.
So far the service security verification method implementing safety verification process in information server side has been described in conjunction with specific embodiments in detail, wherein verify the fail safe of business based on the distance between the position of Business Initiator and the position of information receiving device, and then greatly improve the fail safe of service data interaction.In addition, Information Authentication process can be carried out further when service security, the fail safe of Information Authentication can be guaranteed thus, reduce leakage and the loss of authorization information.
< service security demo plant >
Similar with above-mentioned service security verification method, the embodiment of the present application additionally provides corresponding service security demo plant.
Fig. 8 shows the structured flowchart of the service security demo plant 800 according to the application's embodiment, this service security demo plant 800 can be positioned on service server, performs the service security verification method implementing safety verification process in service server side.
Specifically, this device 800 can comprise service request receiver module 810, initiator's position determination module 820, device location determination module 830 and service security authentication module 840.
More specifically, service request receiver module 810 may be used for receiving Business Initiator identifies initiation service request with specific user.Initiator's position determination module 820 may be used for the position determining Business Initiator.Device location determination module 830 may be used for the position of comformed information receiving equipment.Service security authentication module 840 may be used for according to the distance between the position of Business Initiator and the position of information receiving device, the fail safe of checking business.
According to the embodiment of the application, device location determination module 830 can from the position of information server obtaining information receiving equipment.Particularly, device location determination module 830 may further include and sends submodule and receive submodule (not shown), send submodule to may be used for sending position acquisition request to information server, position acquisition request at least can comprise the unique identification information of information receiving device.Receive submodule and may be used for the position receiving the information receiving device determined according to the unique identification information of information receiving device by information server from information server.
According to the embodiment of the application, service security authentication module 840 may further include decision sub-module (not shown), and this decision sub-module may be used for: when the distance calculated is within predetermined distance range, judges service security; And when the distance calculated is outside predetermined distance range, judge that business is dangerous.
According to the service security demo plant of the present embodiment, the fail safe of business can be verified based on the distance between the position of Business Initiator and the position of information receiving device, and then greatly improve the fail safe of service data interaction.
Fig. 9 shows the structured flowchart of the service security demo plant 900 according to another embodiment of the application, this service security demo plant 900 can be positioned on service server, performs the service security verification method implementing safety verification process in information server side.
Specifically, this device 900 can comprise service request receiver module 910, initiator's position determination module 920, security authentication request sending module 930 and safety verification result receiver module 940.
More specifically, service request receiver module 910 may be used for receiving Business Initiator identifies initiation service request with specific user.Initiator's position determination module 920 may be used for the position determining Business Initiator.Security authentication request sending module 930 may be used for sending security authentication request to information server.This security authentication request at least can comprise the position of Business Initiator and the unique identification information of information receiving device, with by the position of information server according to the unique identification information comformed information receiving equipment of information receiving device, and according to the distance between the position of Business Initiator and the position of information receiving device, the fail safe of checking business.Safety verification result receiver module 940 may be used for receiving the whether safe safety verification result of indicating services from information server.
Correspondingly, the service security demo plant implementing corresponding safety verification process is also needed in information server side.Figure 10 shows the structured flowchart of the service security demo plant 1000 according to another embodiment of the application, this service security demo plant 1000 can be positioned on information server, performs the service security verification method implementing safety verification process in information server side.
Specifically, this device 1000 can comprise security authentication request receiver module 1010, device location determination module 1020, service security authentication module 1030 and safety verification result sending module 1040.
More specifically, security authentication request receiver module 1010 may be used for receiving security authentication request from service server.Security authentication request at least can comprise and identifies the position of the Business Initiator of initiating business request with specific user and identify the unique identification information of information receiving device of binding with this specific user.Device location determination module 1020 may be used for the position of the unique identification information comformed information receiving equipment according to information receiving device.Service security authentication module 1030 may be used for according to the distance between the position of Business Initiator and the position of information receiving device, the fail safe of checking business.Safety verification result sending module 1040 may be used for sending the whether safe safety verification result of indicating services to service server.
According to the embodiment of the application, service security authentication module 1030 may further include decision sub-module (not shown), and this decision sub-module may be used for: when the distance calculated is within predetermined distance range, judges service security; And when the distance calculated is outside predetermined distance range, judge that business is dangerous.
According to the service security demo plant of the present embodiment, also can verify the fail safe of business based on the distance between the position of Business Initiator and the position of information receiving device, and then greatly improve the fail safe of service data interaction.
Each service security demo plant described above is corresponding with the process of the corresponding service security verification method described before, therefore, about more detailed ins and outs, and can see the method described before.
In one typically configuration, computing equipment comprises one or more processor (CPU), input/output interface, network interface and internal memory.Internal memory may comprise the volatile memory in computer-readable medium, and the forms such as random access memory (RAM) and/or Nonvolatile memory, as read-only memory (ROM) or flash memory (flash RAM).Internal memory is the example of computer-readable medium.
Computer-readable medium comprises permanent and impermanency, removable and non-removable media can be stored to realize information by any method or technology.Information can be computer-readable instruction, data structure, the module of program or other data.The example of the storage medium of computer comprises, but be not limited to phase transition internal memory (PRAM), static RAM (SRAM), dynamic random access memory (DRAM), the random access memory (RAM) of other types, read-only memory (ROM), Electrically Erasable Read Only Memory (EEPROM), fast flash memory bank or other memory techniques, read-only optical disc read-only memory (CD-ROM), digital versatile disc (DVD) or other optical storage, magnetic cassette tape, tape magnetic rigid disk stores or other magnetic storage apparatus or any other non-transmitting medium, can be used for storing the information can accessed by computing equipment.According to defining herein, computer-readable medium does not comprise temporary computer readable media (transitory media), as data-signal and the carrier wave of modulation.
Those skilled in the art should understand, the embodiment of the application can be provided as method, system or computer program.Therefore, the application can adopt the form of complete hardware embodiment, completely software implementation or the embodiment in conjunction with software and hardware aspect.And the application can adopt in one or more form wherein including the upper computer program implemented of computer-usable storage medium (including but not limited to magnetic disc store, CD-ROM, optical memory etc.) of computer usable program code.
The foregoing is only the embodiment of the application, be not limited to the application, for a person skilled in the art, the application can have various modifications and variations.Within all spirit in the application and principle, any amendment done, equivalent replacement, improvement etc., within the right that all should be included in the application.
Claims (13)
1. a service security verification method, is characterized in that, comprising:
Receive Business Initiator identifies initiation service request with specific user;
Determine the position of described Business Initiator;
Determine the position of the information receiving device identifying binding with described specific user; And
According to the distance between the position of described Business Initiator and the position of described information receiving device, the fail safe of checking business.
2. method according to claim 1, is characterized in that, also comprises:
If it is determined that service security, then ask for information services device sends authorization information to described information receiving device, and according to the consistency of the return information received and described authorization information, determines whether to grant described service request; And
If it is determined that business is dangerous, then refuse described service request.
3. method according to claim 1, is characterized in that, determines that the step identifying the position of the information receiving device of binding with described specific user comprises further:
The position of described information receiving device is obtained from information server.
4. method according to claim 3, is characterized in that, the step obtaining the position of described information receiving device from information server comprises further:
Send position acquisition request to information server, described position acquisition request at least comprises the unique identification information of described information receiving device; And
The position of the described information receiving device determined according to the unique identification information of described information receiving device by described information server is received from information server.
5. method according to claim 1, is characterized in that, according to the distance between the position of described Business Initiator and the position of described information receiving device, the step of the fail safe of checking business comprises further:
When described distance is within predetermined distance range, judge service security; And
When described distance is outside predetermined distance range, judge that business is dangerous.
6. a service security demo plant, is characterized in that, comprising:
Service request receiver module, to identify the service request of initiation with specific user for receiving Business Initiator;
Initiator's position determination module, for determining the position of described Business Initiator;
Device location determination module, for determining the position of the information receiving device identifying binding with described specific user; And
Service security authentication module, for according to the distance between the position of described Business Initiator and the position of described information receiving device, the fail safe of checking business.
7. device according to claim 6, is characterized in that, described device location determination module obtains the position of described information receiving device from information server.
8. device according to claim 7, is characterized in that, described device location determination module comprises further:
Send submodule, for sending position acquisition request to information server, described position acquisition request at least comprises the unique identification information of described information receiving device; And
Receive submodule, for receiving the position of the described information receiving device determined according to the unique identification information of described information receiving device by described information server from information server.
9. device according to claim 6, is characterized in that, described service security authentication module comprises decision sub-module further, for:
When described distance is within predetermined distance range, judge service security; And
When described distance is outside predetermined distance range, judge that business is dangerous.
10. a service security verification method, is characterized in that, comprising:
Receive Business Initiator identifies initiation service request with specific user;
Determine the position of described Business Initiator;
Send security authentication request to information server, described security verification request at least comprises the position of described Business Initiator and identifies the unique identification information of information receiving device of binding with described specific user; And
The whether safe safety verification result of indicating services is received from information server, described the result is determined the position of described note receiving equipment according to the unique identification information of described information receiving device by described information server, and according to the distance between the position of described Business Initiator and the position of described note receiving equipment, the result of the fail safe of checking business.
11. 1 kinds of service security demo plants, is characterized in that, comprising:
Service request receiver module, to identify the service request of initiation with specific user for receiving Business Initiator;
Initiator's position determination module, for determining the position of described Business Initiator;
Security authentication request sending module, for sending security authentication request to information server, described security authentication request at least comprises the position of described Business Initiator and the unique identification information of described information receiving device; And
Safety verification result receiver module, for receiving the whether safe safety verification result of indicating services from information server, described safety verification result is determined the position of described information receiving device, and according to the distance between the position of described Business Initiator and the position of described information receiving device, the result of the fail safe of checking business.
12. 1 kinds of service security verification methods, is characterized in that, comprising:
Receive security authentication request from service server, described security authentication request at least comprises and identifies the position of the Business Initiator of initiating business request with specific user and identify the unique identification information of information receiving device of binding with described specific user;
The position of described information receiving device is determined according to the unique identification information of described information receiving device;
According to the distance between the position of described Business Initiator and the position of described information receiving device, the fail safe of checking business; And
The whether safe safety verification result of indicating services is sent to described service server.
13. 1 kinds of service security demo plants, is characterized in that, comprising:
Security authentication request receiver module, for receiving security authentication request from service server, described security authentication request at least comprises and identifies the position of the Business Initiator of initiating business request with specific user and identify the unique identification information of information receiving device of binding with described specific user;
Device location determination module, for determining the position of described information receiving device according to the unique identification information of described information receiving device;
Service security authentication module, for according to the distance between the position of described Business Initiator and the position of described information receiving device, the fail safe of checking business; And
Safety verification result sending module, for sending the whether safe safety verification result of indicating services to described service server.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310369971.9A CN104426846A (en) | 2013-08-22 | 2013-08-22 | Service security verifying method and apparatus |
| HK15105275.8A HK1204829A1 (en) | 2013-08-22 | 2015-06-03 | Method for security verification of service and device thereof |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310369971.9A CN104426846A (en) | 2013-08-22 | 2013-08-22 | Service security verifying method and apparatus |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN104426846A true CN104426846A (en) | 2015-03-18 |
Family
ID=52974805
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201310369971.9A Pending CN104426846A (en) | 2013-08-22 | 2013-08-22 | Service security verifying method and apparatus |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN104426846A (en) |
| HK (1) | HK1204829A1 (en) |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106685945A (en) * | 2016-12-21 | 2017-05-17 | 深圳市金立通信设备有限公司 | Service request processing method, verifying method of service handling number, and terminal thereof |
| CN108513267A (en) * | 2017-02-27 | 2018-09-07 | 中国移动通信集团浙江有限公司 | Safe verification method, authentication server and the service terminal of communication service |
| CN108696370A (en) * | 2017-04-06 | 2018-10-23 | 中国移动通信集团甘肃有限公司 | A kind of server and business-binding reconciliation binding method, apparatus and system |
| CN109711133A (en) * | 2018-12-26 | 2019-05-03 | 广州市巽腾信息科技有限公司 | Authentication method, device and the server of identity information |
| CN116868642A (en) * | 2023-05-12 | 2023-10-10 | 北京小米移动软件有限公司 | Information processing methods, devices, communication equipment and storage media |
Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102790674A (en) * | 2011-05-20 | 2012-11-21 | 阿里巴巴集团控股有限公司 | Authentication method, equipment and system |
-
2013
- 2013-08-22 CN CN201310369971.9A patent/CN104426846A/en active Pending
-
2015
- 2015-06-03 HK HK15105275.8A patent/HK1204829A1/en unknown
Patent Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102790674A (en) * | 2011-05-20 | 2012-11-21 | 阿里巴巴集团控股有限公司 | Authentication method, equipment and system |
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106685945A (en) * | 2016-12-21 | 2017-05-17 | 深圳市金立通信设备有限公司 | Service request processing method, verifying method of service handling number, and terminal thereof |
| CN108513267A (en) * | 2017-02-27 | 2018-09-07 | 中国移动通信集团浙江有限公司 | Safe verification method, authentication server and the service terminal of communication service |
| CN108696370A (en) * | 2017-04-06 | 2018-10-23 | 中国移动通信集团甘肃有限公司 | A kind of server and business-binding reconciliation binding method, apparatus and system |
| CN108696370B (en) * | 2017-04-06 | 2021-04-13 | 中国移动通信集团甘肃有限公司 | A method, device and system for binding and unbinding a server and a service |
| CN109711133A (en) * | 2018-12-26 | 2019-05-03 | 广州市巽腾信息科技有限公司 | Authentication method, device and the server of identity information |
| CN116868642A (en) * | 2023-05-12 | 2023-10-10 | 北京小米移动软件有限公司 | Information processing methods, devices, communication equipment and storage media |
| WO2024234208A1 (en) * | 2023-05-12 | 2024-11-21 | 北京小米移动软件有限公司 | Information processing method and apparatus, and communication device and storage medium |
| CN116868642B (en) * | 2023-05-12 | 2024-11-22 | 北京小米移动软件有限公司 | Information processing method, device, communication equipment and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| HK1204829A1 (en) | 2015-12-04 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10460309B2 (en) | Payment verification method, apparatus and system | |
| KR102372571B1 (en) | Mobile payment methods, devices and systems | |
| CN113132404B (en) | Identity authentication method, terminal and storage medium | |
| CN106034134B (en) | Method, auxiliary method and device for carrying out identity authentication request in webpage application program | |
| CN106897586B (en) | Application Programming Interface (API) authority management method and device | |
| CN107682336B (en) | Geographic position-based identity authentication method and device | |
| CN107135201B (en) | Network server login authentication method, device and storage medium | |
| KR20090077958A (en) | System and method for authenticating remote server access | |
| CN106203021B (en) | A kind of more certification modes are integrated to apply login method and system | |
| CN104426846A (en) | Service security verifying method and apparatus | |
| CN105323253A (en) | Identity verification method and device | |
| CN105635168A (en) | Off-line transaction device and security key using method thereof | |
| CN106533685B (en) | Identity authentication method, device and system | |
| CN106548065B (en) | Application program installation detection method and device | |
| CN106603472A (en) | Method, server and system for user authentication | |
| CN105471920A (en) | Identifying code processing method and device | |
| KR101212510B1 (en) | System and method for service security based on location | |
| CN109450953B (en) | Authorization method and device, electronic equipment and computer readable storage medium | |
| CN108574657B (en) | Server access method, device and system, computing equipment and server | |
| CN107104922B (en) | Method and device for authority management and resource control | |
| CN114418586A (en) | Reserved mobile phone number verification method, reserved mobile phone number verification device, reserved mobile phone number verification electronic equipment, reserved mobile phone number verification medium and program product | |
| KR101195027B1 (en) | System and method for service security | |
| KR101675549B1 (en) | System for electronic certification using complex certification and Method of electronic certification the same | |
| KR20130005635A (en) | System for providing secure card payment system using mobile terminal and method thereof | |
| KR101577060B1 (en) | Payment processing method using otipi |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| REG | Reference to a national code |
Ref country code: HK Ref legal event code: DE Ref document number: 1204829 Country of ref document: HK |
|
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20150318 |
|
| REG | Reference to a national code |
Ref country code: HK Ref legal event code: WD Ref document number: 1204829 Country of ref document: HK |