[go: up one dir, main page]

CN104657639B - A kind of method of testing and system of operating system identity authentication scheme - Google Patents

A kind of method of testing and system of operating system identity authentication scheme Download PDF

Info

Publication number
CN104657639B
CN104657639B CN201510053569.9A CN201510053569A CN104657639B CN 104657639 B CN104657639 B CN 104657639B CN 201510053569 A CN201510053569 A CN 201510053569A CN 104657639 B CN104657639 B CN 104657639B
Authority
CN
China
Prior art keywords
virtual machine
test
msub
screenshot
standard image
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CN201510053569.9A
Other languages
Chinese (zh)
Other versions
CN104657639A (en
Inventor
林璟锵
荆继武
李从午
刘丽敏
潘无穷
崔益民
刘宇
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
UNIT 63928 OF PLA
Data Assurance and Communication Security Research Center of CAS
Original Assignee
UNIT 63928 OF PLA
Data Assurance and Communication Security Research Center of CAS
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by UNIT 63928 OF PLA, Data Assurance and Communication Security Research Center of CAS filed Critical UNIT 63928 OF PLA
Priority to CN201510053569.9A priority Critical patent/CN104657639B/en
Publication of CN104657639A publication Critical patent/CN104657639A/en
Application granted granted Critical
Publication of CN104657639B publication Critical patent/CN104657639B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/36User authentication by graphic or iconic representation
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • G06F21/53Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Debugging And Monitoring (AREA)
  • Computer And Data Communications (AREA)

Abstract

本发明公开了一种操作系统身份鉴别机制的测试方法和系统。本方法为:1)在宿主机上创建一客户虚拟机,在该宿主机的虚拟机监控器VMM上运行一测试程序;测试程序包括键盘/鼠标消息发送模块、客户虚拟机图像获取模块、图像比较模块以及测试用例配置模块;测试用例配置模块对待测操作系统建立一标准图像库;2)在客户虚拟机上运行该操作系统;对于每一设定的测试项目,键盘/鼠标消息发送模块向客户虚拟机发送模拟键盘/鼠标消息;3)客户虚拟机执行收到的键盘/鼠标消息并缓存执行后的屏幕截图;4)客户虚拟机图像获取模块将每一屏幕截图分别与标准图像库中的标准图像进行匹配判定测试项目是否测试成功。本发明大大提高了测试效率和准确性。

The invention discloses a testing method and system for an operating system identity authentication mechanism. The method is: 1) create a client virtual machine on the host computer, run a test program on the virtual machine monitor VMM of the host computer; the test program includes a keyboard/mouse message sending module, a client virtual machine image acquisition module, an image Comparing module and test case configuration module; Test case configuration module sets up a standard image storehouse to be tested operating system; 2) run this operating system on client virtual machine; For each test item of setting, keyboard/mouse message sends module to The client virtual machine sends the simulated keyboard/mouse message; 3) the client virtual machine executes the received keyboard/mouse message and caches the screen shot after execution; 4) the client virtual machine image acquisition module compares each screen shot with the standard image library The standard image is matched to determine whether the test item is successfully tested. The invention greatly improves the testing efficiency and accuracy.

Description

一种操作系统身份鉴别机制的测试方法和系统A testing method and system for operating system identity authentication mechanism

技术领域technical field

本发明涉及计算机安全领域,特别涉及一种操作系统身份鉴别机制的测试方法和系统。The invention relates to the field of computer security, in particular to a testing method and system for an operating system identity authentication mechanism.

背景技术Background technique

身份认证作为操作系统安全的第一道防线,是保障操作系统安全的门户。目前,身份认证主要通过下面三种基本途径之一或其组合来实现:①所知:个人所知道的或掌握的知识,如口令。②所有:个人所拥有的东西,如身份证、护照、信用卡、钥匙或证书等。③个人特征:个人所具有的生物特性,如指纹、掌纹、声纹、脸形、DNA、视网膜等等。基于口令的身份认证技术因其简单、易用并且几乎所有的操作系统都对口令认证提供了支持,得到了广泛的使用。其基本原理是:用户在注册阶段生成用户名和初始口令,系统在其数据库中保存用户的信息列表(用户名ID+口令PW)。当被认证对象要求访问提供服务的系统时,提供服务的认证方要求被认证对象提交该对象的口令,认证方收到口令后,将其与系统中存储的用户口令进行比较,以确认被认证对象是否为合法访问者。As the first line of defense for operating system security, identity authentication is the portal to ensure the security of the operating system. At present, identity authentication is mainly realized through one of the following three basic ways or a combination thereof: ①Knowledge: knowledge known or mastered by individuals, such as passwords. ②Own: things owned by individuals, such as ID cards, passports, credit cards, keys or certificates, etc. ③Personal characteristics: The biological characteristics of individuals, such as fingerprints, palmprints, voiceprints, face shapes, DNA, retina, etc. Password-based identity authentication technology is widely used because of its simplicity and ease of use, and almost all operating systems support password authentication. The basic principle is: the user generates a username and an initial password during the registration phase, and the system stores the user's information list (username ID+password PW) in its database. When the authenticated object requests access to the system that provides the service, the authenticating party that provides the service requires the authenticated object to submit the password of the object. After receiving the password, the authenticating party compares it with the user password stored in the system to confirm the authenticated object Whether the object is a legitimate visitor.

由于基于口令的身份认证实现十分简单,其安全性非常值得考量。目前,使用口令认证的单因素认证系统主要存在以下问题:Since the implementation of password-based identity authentication is very simple, its security is worth considering. At present, the single-factor authentication system using password authentication mainly has the following problems:

1.猜测攻击(社会工程学攻击):某些攻击者利用用户口令使用生日,人名等有意义的单词或数字的特点,通过猜测来尝试用户的口令。因此,在口令中加入各种特殊字符可以增加口令的安全性。1. Guessing attack (social engineering attack): Some attackers use the characteristics of meaningful words or numbers such as birthdays and personal names in user passwords to try the user's password by guessing. Therefore, adding various special characters to the password can increase the security of the password.

2.穷举攻击:如果用户口令较短,攻击者就会使用字符串的全集作为字典,来对用户口令进行猜测。它是字典攻击的一种特殊形式。因此,使用较长的口令可以显著降低被穷举攻击的风险。2. Exhaustive attack: If the user password is short, the attacker will use the complete set of character strings as a dictionary to guess the user password. It is a special form of dictionary attack. Therefore, using longer passwords can significantly reduce the risk of brute force attacks.

另外,如果口令更换周期长或根本不更换,会导致口令易被窃取。如果系统能够检查用户修改的口令保证与之前的口令不同,也能够提高口令的安全性。In addition, if the password replacement period is long or not changed at all, the password will be easily stolen. If the system can check the password modified by the user to ensure that it is different from the previous password, the security of the password can also be improved.

为了应对这些问题,一部分的操作系统部署了口令安全策略。口令安全策略主要有以下几种:To deal with these problems, some operating systems implement password security policies. Password security policies mainly include the following types:

1.口令必须符合复杂性规则,具体来说,包含不能以纯数字或者纯字符作为密码、口令不能与用户名相同和密码长度需达到一定的要求等规则。1. The password must comply with the complexity rules, specifically, it includes the rules that cannot use pure numbers or characters as the password, the password cannot be the same as the user name, and the password length must meet certain requirements.

2.口令历史记录,即记录用户过去使用的口令,要求用户不能重复使用同一口令。2. Password history records, which record the passwords used by users in the past, and require users not to use the same password repeatedly.

3.账户锁定策略,即当一个用户超过了指定的失败登录次数时,操作系统就会自动的锁定这个帐号,一定时间内无法登录。3. Account lock policy, that is, when a user exceeds the specified number of failed logins, the operating system will automatically lock the account and cannot log in for a certain period of time.

操作系统的口令安全策略实现之后需要测试是否正确完成所申明的功能。目前,这些测试通常是人工完成的。如果能够自动化完成口令测试,就能极大地提高效率。After the password security policy of the operating system is implemented, it is necessary to test whether the declared functions are completed correctly. Currently, these tests are often done manually. If the password test can be automated, the efficiency can be greatly improved.

虚拟化是指计算元件在虚拟的基础上而不是真实的基础上运行。虚拟化技术可以扩大硬件的容量,简化软件的重新配置过程。CPU的虚拟化技术可以单CPU模拟多CPU并行,允许一台物理计算机同时运行多个虚拟机(逻辑计算机),每个虚拟机可运行不同的操作系统,并且应用程序都可以在相互独立的空间内运行而互不影响,从而显著提高计算机的工作效率。Virtualization refers to computing elements operating on a virtual basis rather than a real one. Virtualization technology can expand the capacity of hardware and simplify the process of reconfiguring software. CPU virtualization technology can simulate multiple CPUs in parallel with a single CPU, allowing a physical computer to run multiple virtual machines (logical computers) at the same time, each virtual machine can run a different operating system, and applications can run in independent spaces It runs within the computer without affecting each other, thereby significantly improving the work efficiency of the computer.

随着AMD和Intel相继推出支持硬件虚拟化的产品,虚拟化技术得到广泛应用。企业利用虚拟化,可以减少资金成本、降低空间需求、提高可用性、提升业务的灵活适应力、提高安全性。As AMD and Intel successively launched products supporting hardware virtualization, virtualization technology has been widely used. Enterprises use virtualization to reduce capital costs, reduce space requirements, improve availability, improve business flexibility and adaptability, and improve security.

虚拟化平台一个重要的组成部分是虚拟机监控器(Virtual Machine Monitor,VMM),它的主要作用是管理宿主机(要运行虚拟机的物理计算机)的资源,以使在其之上运行的客户虚拟机可以共享同一套物理计算机的资源。VMM可以访问客户虚拟机的各种资源,并且为虚拟机提供各种接口,通过这种方式,运行在客户虚拟机上的操作系统与运行在物理机上的操作系统运行环境保持一致。An important part of the virtualization platform is the virtual machine monitor (Virtual Machine Monitor, VMM). Virtual machines can share the resources of the same physical computer. The VMM can access various resources of the guest virtual machine and provide various interfaces for the virtual machine. In this way, the operating system running on the guest virtual machine is consistent with the operating environment of the operating system running on the physical machine.

本发明提出一种在虚拟机环境下模拟人工口令测试的方法,这种方法可以自动化地实现口令测试并且运行环境与人工口令测试一致,在保证正确性的前提下能极大地提高效率。The invention proposes a method for simulating a manual password test in a virtual machine environment, the method can automatically realize the password test and the operating environment is consistent with the manual password test, and the efficiency can be greatly improved under the premise of ensuring correctness.

发明内容Contents of the invention

本发明设计了一种在虚拟化环境中模拟人工口令测试的方法。目前,绝大多数的操作系统都使用了基于口令的身份认证。为了检验目标操作系统实现的口令安全策略功能是否正确,通常需要人工测试,而人工进行口令测试不仅效率低下,还很容易出现统计错误。The invention designs a method for simulating artificial password testing in a virtualized environment. Currently, most operating systems use password-based authentication. In order to verify whether the password security policy function implemented by the target operating system is correct, manual testing is usually required, and manual password testing is not only inefficient, but also prone to statistical errors.

由于用户还没有登录操作系统,在本机上无法实现机器自动口令测试。另一方面,虽然可以通过SSH等方式在另一台主机上运行自动口令测试程序并利用网络远程登录会话来实现该功能,但是目标操作系统的运行环境发生了变化(在目标操作系统上会开启SSH守护进程,无法确认口令测试结果与SSH守护进程是否相关,并且客户端SSH软件也可能出错),不能保证测试结果的正确性。Since the user has not logged in to the operating system, the automatic password test of the machine cannot be realized on this machine. On the other hand, although it is possible to run the automatic password test program on another host through SSH and other methods and use the network remote login session to realize this function, but the operating environment of the target operating system has changed (on the target operating system will open SSH daemon process, it is impossible to confirm whether the password test result is related to the SSH daemon process, and the client SSH software may also have errors), and the correctness of the test results cannot be guaranteed.

本发明的技术方案为:Technical scheme of the present invention is:

一种操作系统身份鉴别机制的测试方法,其步骤为:A method for testing an operating system identity authentication mechanism, the steps of which are:

1)在宿主机上创建一客户虚拟机,在该宿主机的虚拟机监控器VMM上运行一测试程序;所述测试程序包括键盘/鼠标消息发送模块、客户虚拟机图像获取模块、图像比较模块以及测试用例配置模块;所述测试用例配置模块对待测操作系统建立一标准图像库,用于存储该操作系统测试项目反馈的标准图像;1) Create a client virtual machine on the host computer, run a test program on the virtual machine monitor VMM of the host computer; the test program includes keyboard/mouse message sending module, client virtual machine image acquisition module, image comparison module And a test case configuration module; the test case configuration module establishes a standard image library for the operating system to be tested, which is used to store the standard image of the operating system test item feedback;

2)在所述客户虚拟机上运行该待测操作系统;其中,对于每一设定的测试项目,所述键盘/鼠标消息发送模块向客户虚拟机发送模拟键盘/鼠标消息;2) run the operating system to be tested on the client virtual machine; wherein, for each set test item, the keyboard/mouse message sending module sends a simulated keyboard/mouse message to the client virtual machine;

3)所述客户虚拟机执行收到的键盘/鼠标消息并缓存执行后的屏幕截图;3) The client virtual machine executes the received keyboard/mouse message and caches the screenshot after execution;

4)所述客户虚拟机图像获取模块定期读取所述客户虚拟机缓存的屏幕截图,并将每一屏幕截图分别与所述标准图像库中的标准图像进行匹配,直至当前测试项目结束;如果匹配结果符合当前测试项目的设定条件,则判定当前测试项目测试成功,否则判定为测试失败。4) The client virtual machine image acquisition module regularly reads the screenshots cached by the client virtual machine, and matches each screenshot with the standard image in the standard image library until the end of the current test project; if If the matching result meets the setting conditions of the current test item, it is determined that the test of the current test item is successful, otherwise it is determined that the test fails.

进一步的,每一所述测试项目包括一组标准图像和一设定条件。Further, each of the test items includes a set of standard images and a setting condition.

进一步的,所述测试项目包括账户创建、账户鉴别和口令修改。Further, the test items include account creation, account authentication and password modification.

进一步的,所述将每一屏幕截图分别与所述标准图像库中的标准图像进行匹配的方法为:Further, the method for matching each screenshot with the standard image in the standard image library is as follows:

1)对于屏幕截图a,获取其所有像素点,以RGB24的形式表示出来(xa1,ya1,za1),(xa2,ya2,za2)……(xan,yan,zan),其中,n为该屏幕截图的像素点总数;1) For screenshot a, get all its pixels and express them in the form of RGB24 (x a1 ,y a1 ,z a1 ),(x a2 ,y a2 ,z a2 )...(x an ,y an ,z an ), wherein, n is the total number of pixels of the screenshot;

2)按照步骤1)方法获取标准图像b所有像素点,以RGB24的形式表示出来(xb1,yb1,zb1),(xb2,yb2,zb2)……(xbn,ybn,zbn),然后将a中的像素点与b中对应的像素点进行一一比较,如:(xa1,ya1,za1)与(xb1,yb1,zb1)进行比较,检查是否相等;;如果相等的像素点与总像素点的比率大于设定阈值,例如:99%,则判定屏幕截图a与标准图像b匹配成功,否则匹配失败。2) Acquire all pixels of the standard image b according to step 1) and express them in the form of RGB24 (x b1 , y b1 , z b1 ), (x b2 , y b2 , z b2 )...(x bn ,y bn ,z bn ), and then compare the pixels in a with the corresponding pixels in b, such as: compare (x a1 ,y a1 ,z a1 ) with (x b1 ,y b1 ,z b1 ), Check whether they are equal; if the ratio of the equal pixels to the total pixels is greater than the set threshold, for example: 99%, it is determined that the screenshot a matches the standard image b successfully, otherwise the match fails.

进一步的,所述将每一屏幕截图分别与所述标准图像库中的标准图像进行匹配的方法为:Further, the method for matching each screenshot with the standard image in the standard image library is as follows:

1)对于屏幕截图a,获取其所有像素点(x1,y1,z1),(x2,y2,z2)……(xn,yn,zn);其中,n为该屏幕截图的像素点总数;1) For screenshot a, get all its pixels (x 1 ,y 1 ,z 1 ),(x 2 ,y 2 ,z 2 )...(x n ,y n ,z n ); where n is The total number of pixels in the screenshot;

2)取该屏幕截图所有像素点矢量和的平均值:2) Take the average of the vector sum of all pixels in the screenshot:

3)按照步骤1)、2)方法计算标准图像b所有像素点矢量和的平均值(xb,yb,zb),然后计算屏幕截图a与标准图像b的距离:如果d小于设定阈值,则判定屏幕截图a与标准图像b匹配成功,否则匹配失败。3) Calculate the average value (x b , y b , z b ) of the vector sum of all pixels in standard image b according to steps 1) and 2), and then calculate the distance between screenshot a and standard image b: If d is less than the set threshold, it is determined that the screenshot a matches the standard image b successfully, otherwise the matching fails.

进一步的,所述虚拟机监控器VMM通过VNC服务器模拟所述键盘/鼠标消息发送模块向客户虚拟机发送模拟键盘/鼠标消息;所述测试程序通过VNC运行库与所述VNC服务器通信。Further, the virtual machine monitor VMM simulates the keyboard/mouse message sending module through the VNC server to send simulated keyboard/mouse messages to the client virtual machine; the test program communicates with the VNC server through the VNC runtime.

进一步的,所述输入请求包括测试数据以及操作类型。Further, the input request includes test data and operation type.

一种系统身份鉴别机制的测试系统,其特征在于,包括一宿主机,所述宿主机上创建有一客户虚拟机,且在该宿主机的虚拟机监控器VMM上运行一测试程序;所述测试程序包括键盘/鼠标消息发送模块、客户虚拟机图像获取模块、图像比较模块以及测试用例配置模块;所述测试用例配置模块对待测操作系统建立一标准图像库,用于存储该操作系统测试项目反馈的标准图像;在所述客户虚拟机上运行该待测操作系统;其中,A test system of a system identity authentication mechanism is characterized in that it includes a host machine, a client virtual machine is created on the host machine, and a test program is run on the virtual machine monitor VMM of the host machine; the test The program includes a keyboard/mouse message sending module, a client virtual machine image acquisition module, an image comparison module, and a test case configuration module; the test case configuration module sets up a standard image library for the operating system to be tested, and is used to store the operating system test item feedback A standard image; run the operating system to be tested on the guest virtual machine; wherein,

所述键盘/鼠标消息发送模块根据每一设定的测试项目向客户虚拟机发送模拟键盘/鼠标消息;The keyboard/mouse message sending module sends simulated keyboard/mouse messages to the client virtual machine according to each set test item;

所述客户虚拟机,用于执行收到的键盘/鼠标消息并缓存执行后的屏幕截图;The client virtual machine is used to execute the received keyboard/mouse message and cache the screenshot after execution;

所述客户虚拟机图像获取模块,用于定期读取所述客户虚拟机缓存的屏幕截图,并将每一屏幕截图分别与所述标准图像库中的标准图像进行匹配,直至当前测试项目结束;如果匹配结果符合当前测试项目的设定条件,则判定当前测试项目测试成功,否则判定为测试失败。The client virtual machine image acquisition module is used to periodically read the screenshots cached by the client virtual machine, and match each screenshot with the standard image in the standard image library until the current test project ends; If the matching result meets the setting conditions of the current test item, it is determined that the test of the current test item is successful, otherwise it is determined that the test fails.

进一步的,每一所述测试项目包括一组标准图像和一设定条件。Further, each of the test items includes a set of standard images and a setting condition.

进一步的,所述宿主机对于所读取的屏幕截图a,获取其所有像素点,以RGB24的形式表示出来(xa1,ya1,za1),(xa2,ya2,za2)……(xan,yan,zan),其中,n为该屏幕截图的像素点总数;然后按上述方法获取标准图像b的所有像素点,以RGB24的形式表示出来(xb1,yb1,zb1),(xb2,yb2,zb2)……(xbn,ybn,zbn);所述宿主机将a中的像素点与b中对应的像素点进行一一比较,检查是否相等;如果相等的像素点与总像素点的比率大于设定阈值,则判定屏幕截图a与标准图像b匹配成功,否则匹配失败。Further, for the read screen shot a, the host computer obtains all its pixels and expresses them in the form of RGB24 (x a1 , y a1 , z a1 ), (x a2 , y a2 , z a2 )... …(x an ,y an ,z an ), wherein, n is the total number of pixels in the screenshot; then obtain all the pixels of the standard image b according to the above method, and express it in the form of RGB24 (x b1 , y b1 , z b1 ),(x b2 ,y b2 ,z b2 )...(x bn ,y bn ,z bn ); the host compares the pixels in a with the corresponding pixels in b one by one, and checks Whether they are equal; if the ratio of the equal pixels to the total pixels is greater than the set threshold, it is determined that the screenshot a and the standard image b are successfully matched, otherwise the match fails.

进一步的,所述虚拟机监控器VMM通过VNC服务器模拟所述键盘/鼠标消息发送模块向客户虚拟机发送模拟键盘/鼠标消息;所述测试程序通过VNC运行库与所述VNC服务器通信。Further, the virtual machine monitor VMM simulates the keyboard/mouse message sending module through the VNC server to send simulated keyboard/mouse messages to the client virtual machine; the test program communicates with the VNC server through the VNC runtime.

本发明设计在虚拟机中运行目标操作系统并且在VMM中运行口令测试程序通过测试程序中的测试用例配置模块进行初始化并建立标准图像库,然后由键盘/鼠标消息发送模块向客户虚拟机发送模拟键盘/鼠标消息,再使用客户虚拟机图像获取模块获取当前测试图像,最后通过图像比较模块处理测试结果。通过以上方式,本发明可以实现机器自动口令测试的功能,其运行环境与人工在物理机上进行口令测试没有差别。The present invention is designed to run the target operating system in the virtual machine and the password test program in the VMM to initialize and establish a standard image library through the test case configuration module in the test program, and then send the simulation to the client virtual machine by the keyboard/mouse message sending module Keyboard/mouse messages, and then use the client virtual machine image acquisition module to obtain the current test image, and finally process the test result through the image comparison module. Through the above method, the present invention can realize the function of machine automatic password test, and its operating environment is no different from manual password test on a physical machine.

机器自动口令测试具有以下特点:Machine automatic password test has the following characteristics:

●宿主机通过操作接口为客户虚拟机提供测试账户名、测试口令以及操作类型,机器自动完成所有测试,无需人工干预。●The host computer provides the test account name, test password and operation type for the client virtual machine through the operation interface, and the machine automatically completes all tests without manual intervention.

●将测试程序从客户虚拟机中隔离出来。●Isolate the test program from the guest virtual machine.

●客户虚拟机中的模拟测试与人工测试运行环境一致。●The simulated test in the client virtual machine is consistent with the artificial test operating environment.

与现有技术相比,本发明具有以下优点:Compared with the prior art, the present invention has the following advantages:

1.保证测试环境的一致性,排除SSH(Secure Shell,一种较可靠,专为远程登录会话和其他网络服务提供安全性的协议)守护进程的干扰,客户端SSH软件错误等问题。1. Ensure the consistency of the test environment, and eliminate the interference of the SSH (Secure Shell, a more reliable protocol designed to provide security for remote login sessions and other network services) daemon process, client SSH software errors and other issues.

2.自动口令测试在速度上比人工口令测试快并且不容易出错。2. Automatic password test is faster than artificial password test in speed and is not easy to make mistakes.

3.在一台物理机上可以运行多个客户虚拟机,充分利用硬件资源,在某个客户虚拟机账户锁定期间可以进行其他客户虚拟机的口令测试。3. Multiple client virtual machines can be run on one physical machine, making full use of hardware resources, and password testing of other client virtual machines can be performed during the period when a client virtual machine account is locked.

附图说明Description of drawings

图1为本发明测试系统架构图。Fig. 1 is a structure diagram of the testing system of the present invention.

图2为测试程序结构图。Figure 2 is a structural diagram of the test program.

具体实施方式detailed description

为使本发明的上述目的、特征和优点能够更加明显易懂,下面通过具体实施例和附图,对本发明做进一步说明。In order to make the above objects, features and advantages of the present invention more obvious and understandable, the present invention will be further described below through specific embodiments and accompanying drawings.

如图2所示,测试程序主要分为4个模块:键盘/鼠标消息发送模块、客户虚拟机图像获取模块、图像比较模块以及测试用例配置模块。As shown in Figure 2, the test program is mainly divided into four modules: keyboard/mouse message sending module, client virtual machine image acquisition module, image comparison module and test case configuration module.

测试用例配置模块的功能是初始化测试程序,对待测操作系统建立标准图像库。键盘/鼠标消息发送模块的功能是VMM向客户虚拟机发送模拟键盘/鼠标消息,本实施例使用VNC服务器(虚拟网络计算机服务器,Virtual Network Computer Server)来实现这一功能。客户虚拟机图像获取模块的功能是截取客户虚拟机的屏幕图像,返回到VMM,本实施例通过调用VNC运行库的接口,每隔一定时间就读取客户虚拟机的内存,截取屏幕图像并返回来实现该功能。图像比较模块的功能是将测试图像与标准图像进行一一匹配,判定测试状态,本发明提出了一种像素对比方法,通过该方法可以达到图像比较的目的。The function of the test case configuration module is to initialize the test program and establish a standard image library for the operating system to be tested. The function of the keyboard/mouse message sending module is that the VMM sends simulated keyboard/mouse messages to the client virtual machine, and this embodiment uses a VNC server (Virtual Network Computer Server, Virtual Network Computer Server) to realize this function. The function of the guest virtual machine image acquisition module is to intercept the screen image of the guest virtual machine and return to the VMM. In this embodiment, by calling the interface of the VNC runtime library, the memory of the guest virtual machine is read at regular intervals, and the screen image is intercepted and returned to the VMM. Come back to implement the function. The function of the image comparison module is to match the test image with the standard image one by one to determine the test state. The invention proposes a pixel comparison method, through which the purpose of image comparison can be achieved.

本实施例使用测试程序是运行在VMM上的,并且通过QEMU中的VNC服务器与客户虚拟机进行交互。在VNC服务器上打开相应端口之后,测试程序就可以通过调用VNC运行库来连接VNC服务端口,然后VMM就能向客户虚拟机发送模拟键盘、鼠标信息以及接收屏幕显示信息了。The test program used in this embodiment runs on the VMM, and interacts with the client virtual machine through the VNC server in QEMU. After opening the corresponding port on the VNC server, the test program can connect to the VNC service port by calling the VNC runtime library, and then the VMM can send simulated keyboard and mouse information to the client virtual machine and receive screen display information.

图1是采用本发明方法在虚拟化环境中模拟人工口令测试的示意图。VNC服务器可通过QEMU进行设置。测试程序运行在宿主机上,并且通过VNC运行库与VNC服务器沟通,向客户虚拟机发送测试数据以及接收屏幕显示信息。测试所包含的项目如下:Fig. 1 is a schematic diagram of simulating artificial password testing in a virtualized environment by adopting the method of the present invention. The VNC server can be set via QEMU. The test program runs on the host computer, communicates with the VNC server through the VNC runtime library, sends test data to the client virtual machine and receives information displayed on the screen. The items included in the test are as follows:

1.账户创建:测试用户名、口令的长度是否可达到申明的要求,用户名、口令的可含字符是否可涵盖申明的种类,不符合要求的弱口令是否能被正确识别。1. Account creation: Test whether the length of the user name and password can meet the requirements of the statement, whether the characters that can be included in the user name and password can cover the types of the statement, and whether weak passwords that do not meet the requirements can be correctly identified.

2.账户鉴别:测试操作系统合法账户是否可以正确登录,非法账户是否禁止登录,多次错误登录后的处理是否和申明的一致,可容忍错误的次数是否和申明的次数一致。2. Account identification: test whether the legal account of the operating system can log in correctly, whether the illegal account is prohibited from logging in, whether the processing after multiple wrong logins is consistent with the statement, and whether the number of tolerable errors is consistent with the declared number of times.

3.口令修改:测试用户修改后的口令是否可以在一定时间内和修改之前的口令相同。3. Password modification: Test whether the modified password of the user can be the same as the password before modification within a certain period of time.

测试程序首先通过预先打开的VNC服务端口调用操作接口,向客户虚拟机发送测试数据以及操作类型并借由VNC服务器向客户虚拟机发送输入请求,客户虚拟机接收到请求后就会按照操作类型使用测试数据进行相应测试。对于每一个需要测试的操作系统预先建立一个标准图像库;各项测试结果的标准图像预先存储在VMM中,VNC服务器每隔一定时间就读取客户虚拟机的内存,获取此时的屏幕图像并将屏幕图像返回测试程序。测试程序通过将该图像与所有标准图像进行像素对比,确定客户虚拟机的状态。(标准图像库包含等待登录、正在登录、账户登录成功、帐户登录失败、账户锁定5张图像,当匹配图像为等待登录和正在登录时会等待一定时间重新读取内存。)The test program first calls the operation interface through the pre-opened VNC service port, sends test data and operation types to the client virtual machine, and sends input requests to the client virtual machine through the VNC server. After receiving the request, the client virtual machine will use it according to the operation type Test data for corresponding tests. For each operating system that needs to be tested, a standard image library is pre-established; the standard images of various test results are pre-stored in the VMM, and the VNC server reads the memory of the client virtual machine at regular intervals, obtains the screen image at this time and Return the screen image to the test program. The test program determines the state of the guest virtual machine by comparing the pixels of this image to all standard images. (The standard image library contains 5 images of waiting for login, logging in, successful account login, account login failure, and account locked. When the matching image is waiting for login and logging in, it will wait for a certain period of time to re-read the memory.)

具体像素对比方法如下:The specific pixel comparison method is as follows:

1.对于屏幕截图a,获取其所有像素点,以RGB24的形式表示出来(xa1,ya1,za1),(xa2,ya2,za2)……(xan,yan,zan),其中,n为该屏幕截图的像素点总数;1. For screenshot a, get all its pixels and express them in the form of RGB24 (x a1 ,y a1 ,z a1 ),(x a2 ,y a2 ,z a2 )...(x an ,y an ,z an ), wherein, n is the total number of pixels of the screenshot;

2.按照步骤1)方法获取标准图像b所有像素点(xb1,yb1,zb1),(xb2,yb2,zb2)……(xbn,ybn,zbn),然后将a中的像素点与b中对应的像素点进行一一比较,如:(xa1,ya1,za1)与(xb1,yb1,zb1)进行比较,检查是否相等;;如果相等的像素点与总像素点的比率大于设定阈值,例如:99%,则判定屏幕截图a与标准图像b匹配成功,否则匹配失败。2. Acquire all pixels (x b1 ,y b1 ,z b1 ),(x b2 ,y b2 ,z b2 )...(x bn ,y bn ,z bn ) of standard image b according to step 1), and then set Compare the pixels in a with the corresponding pixels in b, such as: compare (x a1 , y a1 , z a1 ) with (x b1 , y b1 , z b1 ) to check whether they are equal; if they are equal The ratio of the pixel points to the total pixel points is greater than the set threshold, for example: 99%, it is determined that the screenshot a and the standard image b are successfully matched, otherwise the matching fails.

或者采用如下比对方法:Or use the following comparison method:

1、分析得到图像a(b、c……)所有的像素点,以RGB24的形式表示出来。例:(x1,y1,z1),(x2,y2,z2)……(xn,yn,zn)。1. Analyze and obtain all the pixels of the image a (b, c...) and express them in the form of RGB24. Example: (x 1 ,y 1 ,z 1 ),(x 2 ,y 2 ,z 2 )...(x n ,y n ,z n ).

2、取所有像素点矢量和的平均值:2. Take the average of all pixel vector sums:

3.重复1、2步获得图像b(c……)所有像素点矢量和的平均值(xb,yb,zb),计算两者的距离: 3. Repeat steps 1 and 2 to obtain the average value (x b , y b , z b ) of all pixel vector sums in image b (c...), and calculate the distance between them:

4.如果d小于10,则匹配成功,否则重复1、2、3步,进行图像a与图像c的像素对比(图像a为客户虚拟机的测试结果屏幕图像,图像b、c……为各项测试结果的标准图像)。如果当前测试图像与所有标准图像都不匹配,那么确定对应请求时,客户虚拟机的状态为测试失败。4. If d is less than 10, the matching is successful; otherwise, repeat steps 1, 2, and 3 to compare the pixels of image a and image c (image a is the test result screen image of the client virtual machine, and images b, c... are each standard image of test results). If the current test image does not match any of the standard images, the state of the guest virtual machine is test failure when determining the corresponding request.

表1是测试程序借由VNC服务器向客户虚拟机发出的输入请求的数据格式,其中各项所占的byte数如表1。操作类型分别对应:00——锁定上限测试;01——口令字符测试(各种类型的口令以及不同用户名和口令长度的组合能否正常登录,这些用户是已经创建好了的);02——错误口令测试(与正确口令不同的能否正确被拒绝登录);03——时间策略测试(锁定之后一定时间内不能登录,之后可以登录,用户修改后的口令是否可以在一定时间内和修改之前的口令相同)。选择项用于时间策略测试(时间延迟,第一条为0,以后递增)、口令字符测试和错误口令测试(结束标志,后面还有输入请求时置1,最后一条时置0),锁定上限测试时补0。Table 1 is the data format of the input request sent by the test program to the client virtual machine through the VNC server, and the number of bytes occupied by each item is shown in Table 1. The operation types correspond to: 00—lock upper limit test; 01—password character test (whether various types of passwords and combinations of different user names and password lengths can log in normally, these users have already been created); 02—— Wrong password test (whether the password that is different from the correct password can be correctly refused to log in); 03——Time strategy test (cannot log in for a certain period of time after being locked, and can log in afterwards, whether the modified password of the user can be used within a certain period of time and before the modification) same password). The option is used for time strategy test (time delay, the first one is 0, and then incremented), password character test and wrong password test (end flag, set 1 when there is an input request behind, and set 0 when the last one), lock upper limit Fill in 0 when testing.

表1、输入请求数据格式表Table 1. Input request data format table

当操作类型为00时,测试成功判定条件为测试图像与标准图像库中的账户锁定图像匹配,此时返回锁定上限次数。(重复多次使用同一输入请求进行测试,当输入请求得到的测试图像与标准图形库中的账户登录失败图像匹配时则重复测试,否则返回测试失败)When the operation type is 00, the test success determination condition is that the test image matches the account lock image in the standard image library, and at this time, the upper limit of lock times is returned. (Repeat the test with the same input request multiple times. When the test image obtained by the input request matches the account login failure image in the standard graphics library, repeat the test, otherwise return the test failure)

当操作类型为01时,测试成功判定条件为选择项为0的输入请求得到的测试图像与标准图形库中的账户登录成功图像匹配。(所有选择项为1的输入请求得到的测试图像都应当与标准图形库中的账户登录成功图像匹配,任一失败则返回测试失败)When the operation type is 01, the test success determination condition is that the test image obtained by the input request whose option is 0 matches the account login success image in the standard graphics library. (All the test images obtained by the input request with option 1 should match the account login success image in the standard graphics library, and if any one fails, the test failure will be returned)

当操作类型为02时,测试成功判定条件为选择项为0的输入请求得到的测试图像与标准图像库中的账户登录失败图像匹配。(所有选择项为1的输入请求得到的测试图像都应当与标准图形库中的账户登录失败图像匹配,任一失败则返回测试失败)When the operation type is 02, the test success determination condition is that the test image obtained by the input request with the option 0 matches the account login failure image in the standard image library. (All the test images obtained by the input request with option 1 should match the account login failure images in the standard graphics library, and if any one fails, the test failure will be returned)

当操作类型为03时,在第一次发送选择项为0的输入请求后,测试程序会在一个小时内重复发送选择项为0的输入请求(这个输入请求包含错误的用户名和口令组合),之后,每隔一定时间间隔发送一条输入请求并且选择项对应的数值加1,直到输入请求得到的测试图像与标准图像库中的账户登录成功图像匹配,此时返回选择项对应的数值。(当输入请求得到的测试图像与标准图形库中的账户锁定图像或帐号登录失败匹配时则等待进行下一次测试,否则返回测试失败;测试成功时,返回的选择项对应的数值乘上时间间隔即为口令时间策略中禁止登录的时间)When the operation type is 03, after sending the input request with the option 0 for the first time, the test program will repeatedly send the input request with the option 0 within one hour (this input request contains a wrong username and password combination), Afterwards, an input request is sent at regular intervals and the value corresponding to the option is increased by 1 until the test image obtained by the input request matches the account login success image in the standard image library, and the value corresponding to the option is returned at this time. (When the test image obtained by the input request matches the account lock image in the standard graphics library or the account login fails, wait for the next test, otherwise return the test failure; when the test is successful, multiply the value corresponding to the returned option by the time interval It is the time when login is prohibited in the password time policy)

下面给出一个具体实例。我们想要测试Windows 7操作系统的锁定次数上限,客户虚拟机里建立好了用户test,口令123456,测试程序按图2的数据格式将测试数据封装好(0004test051234500000000),然后借由VNC服务器向客户虚拟机发出输入请求。客户虚拟机收到输入请求后按照图2的数据格式解析操作类型、用户名、口令,开始重复登录;VNC服务器每隔一段时间就读取客户虚拟机的内存,截取屏幕图像与标准图像进行匹配,当屏幕图像与标准图像库中的等待登录、正在登录匹配时,则不进行任何处理,再等待一定时间后继续截取屏幕图像与标准图像进行匹配;当屏幕图像与标准图像库中的账户登录失败匹配时,则锁定次数+1,等待一定时间后继续截取屏幕图像与标准图像进行匹配;当屏幕图像与标准图像库中的帐户登录锁定匹配时,则返回锁定次数,测试成功。A specific example is given below. We want to test the upper limit of locking times of the Windows 7 operating system. The user test is established in the customer virtual machine, and the password is 123456. The test program encapsulates the test data according to the data format in Figure 2 (0004test051234500000000), and then sends the test data to the customer through the VNC server. The virtual machine issues a request for input. After receiving the input request, the client virtual machine parses the operation type, user name, and password according to the data format in Figure 2, and starts to log in repeatedly; the VNC server reads the memory of the client virtual machine at regular intervals, and captures the screen image to match the standard image , when the screen image matches the waiting login and logging in in the standard image library, no processing will be performed, and after waiting for a certain period of time, continue to capture the screen image and match the standard image; when the screen image matches the account login in the standard image library When the match fails, the number of locks will be +1, and after waiting for a certain period of time, continue to capture the screen image and match it with the standard image; when the screen image matches the account login lock in the standard image library, return the number of locks, and the test is successful.

以上实施例仅用以说明本发明的技术方案而非对其进行限制,本领域的普通技术人员可以对本发明的技术方案进行修改或者等同替换,而不脱离本发明的精神和范围,本发明的保护范围应以权利要求所述为准。The above embodiments are only used to illustrate the technical solution of the present invention and not to limit it. Those of ordinary skill in the art can modify or equivalently replace the technical solution of the present invention without departing from the spirit and scope of the present invention. The scope of protection should be determined by the claims.

Claims (9)

1. A method for testing an identity authentication mechanism of an operating system comprises the following steps:
1) creating a guest virtual machine on a host machine, and running a test program on a Virtual Machine Monitor (VMM) of the host machine; the test program comprises a keyboard/mouse message sending module, a client virtual machine image acquisition module, an image comparison module and a test case configuration module; the test case configuration module establishes a standard image library for the operating system to be tested and is used for storing standard images fed back by the test items of the operating system;
2) running the operating system to be tested on the client virtual machine; for each set test item, the keyboard/mouse message sending module sends a simulated keyboard/mouse message to the client virtual machine;
3) the client virtual machine executes the received keyboard/mouse message and caches the executed screenshot;
4) the client virtual machine image acquisition module periodically reads the screenshots cached by the client virtual machine and respectively matches each screenshot with the standard image in the standard image library until the current test item is finished; if the matching result meets the set condition of the current test item, the test of the current test item is judged to be successful, otherwise, the test is judged to be failed.
2. The method of claim 1, wherein each of the test items comprises a set of standard images and a set condition.
3. The method of claim 1 or 2, wherein the test items include account creation, account authentication, and password modification.
4. The method of claim 1 or 2, wherein the method of matching each screenshot with a standard image in the standard image library respectively is:
1) for screenshot a, all its pixels are obtained and represented in RGB24 form (x)a1,ya1,za1),(xa2,ya2,za2)……(xan,yan,zan) (ii) a Wherein n is the total number of pixel points of the screenshot;
2) acquiring all pixel points of the standard image b, and expressing the pixel points in the form of RGB24 (x)b1,yb1,zb1),(xb2,yb2,zb2)……(xbn,ybn,zbn) Then the pixel points in the screenshot a are corresponded to the pixel points in the standard image bThe pixel points are compared one by one, if the ratio of the equal pixel points to the total pixel points is larger than a set threshold value, the matching between the screenshot a and the standard image b is judged to be successful, and if not, the matching is failed.
5. The method of claim 1 or 2, wherein the method of matching each screenshot with a standard image in the standard image library respectively is:
1) for screenshot a, all its pixels (x) are obtained1,y1,z1),(x2,y2,z2)……(xn,yn,zn) (ii) a Wherein n is the total number of pixel points of the screenshot;
2) taking the average value of the vector sum of all pixel points of the screenshot:
<mrow> <mo>(</mo> <mfrac> <mrow> <msub> <mi>x</mi> <mn>1</mn> </msub> <mo>+</mo> <msub> <mi>x</mi> <mn>2</mn> </msub> <mo>+</mo> <mo>...</mo> <mo>+</mo> <msub> <mi>x</mi> <mi>n</mi> </msub> </mrow> <mi>n</mi> </mfrac> <mo>,</mo> <mfrac> <mrow> <msub> <mi>y</mi> <mn>1</mn> </msub> <mo>+</mo> <msub> <mi>y</mi> <mn>2</mn> </msub> <mo>+</mo> <mo>...</mo> <mo>+</mo> <msub> <mi>y</mi> <mi>n</mi> </msub> </mrow> <mi>n</mi> </mfrac> <mo>,</mo> <mfrac> <mrow> <msub> <mi>z</mi> <mn>1</mn> </msub> <mo>+</mo> <msub> <mi>z</mi> <mn>2</mn> </msub> <mo>+</mo> <mo>...</mo> <mo>+</mo> <msub> <mi>z</mi> <mi>n</mi> </msub> </mrow> <mi>n</mi> </mfrac> <mo>=</mo> <mo>(</mo> <msub> <mi>x</mi> <mi>a</mi> </msub> <mo>,</mo> <msub> <mi>y</mi> <mi>a</mi> </msub> <mo>,</mo> <msub> <mi>z</mi> <mi>a</mi> </msub> <mo>)</mo> <mo>;</mo> </mrow>
3) calculating the average value (x) of the vector sums of all pixel points of the standard image b according to the methods of the steps 1) and 2)b,yb,zb) Then, the distance between the screenshot a and the standard image b is calculated:if d is smaller than the set threshold, judging that the screenshot a is successfully matched with the standard image b, and otherwise, judging that the matching fails.
6. A test system of a system identity authentication mechanism is characterized by comprising a host machine, wherein a client virtual machine is established on the host machine, and a test program runs on a Virtual Machine Monitor (VMM) of the host machine; the test program comprises a keyboard/mouse message sending module, a client virtual machine image acquisition module, an image comparison module and a test case configuration module; the test case configuration module establishes a standard image library for the operating system to be tested and is used for storing standard images fed back by the test items of the operating system; running the operating system to be tested on the client virtual machine; wherein,
the keyboard/mouse message sending module sends simulation keyboard/mouse messages to the client virtual machine according to each set test item;
the client virtual machine is used for executing the received keyboard/mouse message and caching the executed screenshot;
the client virtual machine image acquisition module is used for periodically reading the screenshots cached by the client virtual machine and respectively matching each screenshot with the standard image in the standard image library until the current test item is finished; if the matching result meets the set condition of the current test item, the test of the current test item is judged to be successful, otherwise, the test is judged to be failed.
7. The system of claim 6, wherein each of the test items includes a set of standard images and a set condition.
8. System according to claim 6 or 7, characterized in that the host acquires all the pixel points of the screenshot a read, expressed in RGB24 (x)a1,ya1,za1),(xa2,ya2,za2)……(xan,yan,zan) (ii) a Wherein n is the total number of pixel points of the screenshot; then all the pixel points of the standard image b are obtained and expressed in the form of RGB24 (x)b1,yb1,zb1),(xb2,yb2,zb2)……(xbn,ybn,zbn) (ii) a And then comparing the pixel points in the screenshot a with the corresponding pixel points in the standard image b one by one, if the ratio of the equal pixel points to the total pixel points is greater than a set threshold, judging that the screenshot a is successfully matched with the standard image b, and otherwise, judging that the matching fails.
9. The system of claim 6 or 7, wherein the Virtual Machine Monitor (VMM) sends a simulated keyboard/mouse message to a guest virtual machine through a VNC server simulating the keyboard/mouse message sending module; the test program communicates with the VNC server through a VNC runtime.
CN201510053569.9A 2015-02-02 2015-02-02 A kind of method of testing and system of operating system identity authentication scheme Expired - Fee Related CN104657639B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201510053569.9A CN104657639B (en) 2015-02-02 2015-02-02 A kind of method of testing and system of operating system identity authentication scheme

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201510053569.9A CN104657639B (en) 2015-02-02 2015-02-02 A kind of method of testing and system of operating system identity authentication scheme

Publications (2)

Publication Number Publication Date
CN104657639A CN104657639A (en) 2015-05-27
CN104657639B true CN104657639B (en) 2017-08-25

Family

ID=53248751

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201510053569.9A Expired - Fee Related CN104657639B (en) 2015-02-02 2015-02-02 A kind of method of testing and system of operating system identity authentication scheme

Country Status (1)

Country Link
CN (1) CN104657639B (en)

Families Citing this family (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107623716B (en) * 2017-08-13 2020-08-25 惠州市德赛西威汽车电子股份有限公司 Test method for HMI (human machine interface) of vehicle-mounted multimedia terminal
CN107784649B (en) * 2017-10-20 2021-09-03 长飞光纤光缆股份有限公司 Image recognition-based mandrel testing remote alarm system and method
CN108470377A (en) * 2018-03-12 2018-08-31 万维云视(上海)数码科技有限公司 AR sees room device
CN108389112A (en) * 2018-03-12 2018-08-10 万维云视(上海)数码科技有限公司 3D house type model display methods
CN108509343A (en) * 2018-04-04 2018-09-07 浙江小泰科技有限公司 Automated testing method based on image recognition technology and system
CN110188031A (en) * 2019-04-19 2019-08-30 深圳壹账通智能科技有限公司 Electronic device, keyboard and APP compatibility test method and storage medium
CN111857958B (en) * 2020-07-23 2024-02-27 深信服科技股份有限公司 Virtual machine interaction method, device, equipment and storage medium
CN111831400B (en) * 2020-07-23 2024-02-23 深信服科技股份有限公司 Virtual machine interaction method, device, equipment and storage medium
CN113507500A (en) * 2021-06-04 2021-10-15 上海闻泰信息技术有限公司 Terminal control method, terminal control device, computer equipment and computer-readable storage medium
CN113326513B (en) * 2021-06-16 2022-09-02 百度在线网络技术(北京)有限公司 Application testing method and device, system, electronic equipment and computer readable medium
CN115499339B (en) * 2022-08-24 2023-07-25 苏州浪潮智能科技有限公司 Pressure testing method, system and device for VNC function and storage medium
CN115529163A (en) * 2022-08-25 2022-12-27 江苏电力信息技术有限公司 A login identification and encryption method for digital business halls of electric power systems
CN119473841A (en) * 2025-01-15 2025-02-18 先进操作系统创新中心(天津)有限公司 A method, device, equipment and storage medium for automatic peripheral adaptation testing

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101135989A (en) * 2006-08-31 2008-03-05 中国银联股份有限公司 Method and device for automated testing of a web application system
CN101447876A (en) * 2008-12-31 2009-06-03 北京工业大学 Identity authentication test method of security operating system
CN103313289A (en) * 2012-03-09 2013-09-18 腾讯科技(深圳)有限公司 Wap system automatic test system and method

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050223362A1 (en) * 2004-04-02 2005-10-06 Gemstone Systems, Inc. Methods and systems for performing unit testing across multiple virtual machines

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101135989A (en) * 2006-08-31 2008-03-05 中国银联股份有限公司 Method and device for automated testing of a web application system
CN101447876A (en) * 2008-12-31 2009-06-03 北京工业大学 Identity authentication test method of security operating system
CN103313289A (en) * 2012-03-09 2013-09-18 腾讯科技(深圳)有限公司 Wap system automatic test system and method

Also Published As

Publication number Publication date
CN104657639A (en) 2015-05-27

Similar Documents

Publication Publication Date Title
CN104657639B (en) A kind of method of testing and system of operating system identity authentication scheme
CN110602052B (en) Micro-service processing method and server
US10909638B2 (en) Verified social media content
US10038690B2 (en) Multifactor authentication processing using two or more devices
US10454922B2 (en) System and method for recognizing malicious credential guessing attacks
US9525684B1 (en) Device-specific tokens for authentication
US9098689B2 (en) Efficiently throttling user authentication
US10462148B2 (en) Dynamic data masking for mainframe application
US9934310B2 (en) Determining repeat website users via browser uniqueness tracking
JP4891402B2 (en) Virtual user authentication system and virtual user authentication method
CN111159691B (en) A method and system for dynamic trusted verification of application program
US9747434B1 (en) Authenticating with an external device by providing a message having message fields arranged in a particular message field order
US9626495B2 (en) Authenticating a device based on availability of other authentication methods
US10657234B2 (en) Method, computer program, and system to realize and guard over a secure input routine based on their behavior
US20220141029A1 (en) Using multi-factor and/or inherence-based authentication to selectively enable performance of an operation prior to or during release of code
CN105337739B (en) Safe login method, device, server and terminal
CN111581661A (en) Terminal management method and device based on biological feature recognition and computer equipment
US10904011B2 (en) Configuration updates for access-restricted hosts
KR20130085566A (en) Apparatus and method of authentifying password using captcha
CN112182665B (en) Equipment ID generation method, equipment binding method and device and computing equipment
US20220158986A1 (en) Non-stored multiple factor verification
KR102521684B1 (en) metaverse platform system of transactions authentication associated with biometrics certification
CN110516430A (en) Identity authentication method, server and client
CN115001808B (en) Domain user login method, device, equipment and medium
US12107848B1 (en) Automated login framework for application security testing

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20170825

Termination date: 20220202

CF01 Termination of patent right due to non-payment of annual fee