CN104980420A

CN104980420A - Business processing method, device, terminal and server

Info

Publication number: CN104980420A
Application number: CN201410510032.6A
Authority: CN
Inventors: 刘飞飞; 陈梦; 陈荣; 董梁; 余传生; 陈远斌; 刘宽
Original assignee: Tencent Technology Shenzhen Co Ltd
Current assignee: Tencent Technology Shenzhen Co Ltd; Tencent Cloud Computing Beijing Co Ltd
Priority date: 2014-09-28
Filing date: 2014-09-28
Publication date: 2015-10-14
Anticipated expiration: 2034-09-28
Also published as: CN104980420B

Abstract

The embodiment of the invention provides a business processing method, a business processing device, a business processing terminal and a business processing server, wherein the method could comprise the steps as follows: the server receives a business request transmitted by the terminal, wherein the business request carries a requester identification and information of network environment where the terminal is located; the server detects a network access type of the terminal; the server uses authentication information related to the requester identification to perform safety certificate to the information of the network environment according to the network access type of the terminal, and the server processes the business request after the safety certificate is passed. The business processing method, the business processing device, the business processing terminal and the business processing server could perform safety certificate to the network environment related to a business processing process and improve the safety of business processing.

Description

A kind of method for processing business, device, terminal and server

Technical field

The present invention relates to Internet technical field, be specifically related to business treatment technique field, particularly relate to a kind of method for processing business, device, terminal and server.

Background technology

Along with the development of Internet technology, network-based service processing demands is increasing, such as: e-commerce website needs to process transaction business; For another example: social network sites needs to process interactive service; Etc..In order to ensure the fail safe of Business Processing, business procession needs to carry out authentication usually; Authentication refers to the process of the legal identity confirming the user using Business Processing service.In traditional business procession: when receiving Business Processing request, first need to carry out authentication to requestor, be generally the information such as mark, password checking requestor's input, if information matches such as input information and pre-configured mark, password etc., then authentication success, confirms that user is the user of legal identity; And then institute's requested service is processed.In above-mentioned traditional business procession, its authentication procedures is comparatively simple, the input information such as mark, password are easily maliciously stolen or are distorted, reduce the fail safe of Business Processing, be not too applicable to the business procession relating to the business such as comprising transaction data, the business etc. comprising account data needs higher-security.

Summary of the invention

Embodiments provide a kind of method for processing business, device, terminal and server, safety certification can be carried out to the network environment involved by business procession, promote the fail safe of Business Processing.

Embodiment of the present invention first aspect provides a kind of method for processing business, can comprise:

The service request that server receiving terminal sends, carries the network environment information at requestor's mark and described terminal place in described service request;

Described server detects the network insertion type of described terminal;

Described server is according to the network insertion type of described terminal, and employing identifies with described request person the authentication information be associated and carries out safety certification to described network environment information;

After safety certification is passed through, described server processes institute's requested service.

Embodiment of the present invention second aspect provides another kind of method for processing business, can comprise:

When detecting that service request operates, terminal obtains the network environment information at described terminal place;

Described terminal generates the service request of the network environment information carrying requestor's mark and described terminal place;

Described service request is sent to server by described terminal, to make described server according to the network insertion type of described terminal, employing identifies with described request person the authentication information be associated and carries out safety certification to described network environment information, and after safety certification is passed through, institute's requested service is processed.

The embodiment of the present invention third aspect provides a kind of business processing device, can comprise:

Request receiving module, for the service request that receiving terminal sends, carries the network environment information at requestor's mark and described terminal place in described service request;

Type detection module, for detecting the network insertion type of described terminal;

Security authentication module, for the network insertion type according to described terminal, employing identifies with described request person the authentication information be associated and carries out safety certification to described network environment information;

Processing module, for after safety certification is passed through, processes institute's requested service.

Embodiment of the present invention fourth aspect provides a kind of server, can comprise the business processing device of the above-mentioned third aspect.

The embodiment of the present invention the 5th aspect provides another kind of business processing device, can comprise:

Environment acquisition module, for when detecting that service request operates, obtains the network environment information at terminal place;

Request generation module, for generating the service request of the network environment information carrying requestor's mark and described terminal place;

Service Processing Module, for described service request is sent to server, to make described server according to the network insertion type of described terminal, employing identifies with described request person the authentication information be associated and carries out safety certification to described network environment information, and after safety certification is passed through, institute's requested service is processed.

The embodiment of the present invention the 6th aspect provides a kind of terminal, can comprise the business processing device of above-mentioned 5th aspect.

Implement the embodiment of the present invention, there is following beneficial effect:

In the embodiment of the present invention, server is in the service request process of response terminal, and need to carry out safety certification to the network environment information at described terminal place, after safety certification is passed through, described server processes institute's requested service; Real network environment involved by business procession cannot be forged, and effectively can guarantee the reliability of real network environment involved in business procession to the safety certification process of this network environment, promotes the fail safe of Business Processing.

Accompanying drawing explanation

In order to be illustrated more clearly in the embodiment of the present invention or technical scheme of the prior art, be briefly described to the accompanying drawing used required in embodiment or description of the prior art below, apparently, accompanying drawing in the following describes is only some embodiments of the present invention, for those of ordinary skill in the art, under the prerequisite not paying creative work, other accompanying drawing can also be obtained according to these accompanying drawings.

The structural representation of a kind of transaction processing system that Fig. 1 provides for the embodiment of the present invention;

Fig. 2 is the schematic flow sheet of a kind of method for processing business of the embodiment of the present invention;

Fig. 3 is the schematic flow sheet of the another kind of method for processing business of the embodiment of the present invention;

Fig. 4 is the schematic flow sheet of another method for processing business of the embodiment of the present invention;

The structural representation of a kind of business processing device that Fig. 5 provides for the embodiment of the present invention;

Fig. 6 is the structural representation of the embodiment of the type detection module shown in Fig. 5;

The structural representation of the embodiment that Fig. 7 is the security authentication module shown in Fig. 5;

Fig. 8 is the structural representation of another embodiment of the security authentication module shown in Fig. 5;

Fig. 9 is the structural representation of the embodiment of the authority detection module shown in Fig. 5;

The structural representation of a kind of server that Figure 10 provides for the embodiment of the present invention;

The structural representation of the another kind of business processing device that Figure 11 provides for the embodiment of the present invention;

The structural representation of the embodiment that Figure 12 is the configuration module shown in Figure 11;

Figure 13 is the structural representation of another embodiment of the configuration module shown in Figure 11;

The structural representation of a kind of terminal that Figure 14 provides for the embodiment of the present invention.

Embodiment

Below in conjunction with the accompanying drawing in the embodiment of the present invention, be clearly and completely described the technical scheme in the embodiment of the present invention, obviously, described embodiment is only the present invention's part embodiment, instead of whole embodiments.Based on the embodiment in the present invention, those of ordinary skill in the art, not making the every other embodiment obtained under creative work prerequisite, belong to the scope of protection of the invention.

The Business Processing scheme of the embodiment of the present invention, can be applied in transaction processing system, to realize the processing procedure to business such as the business such as comprising transaction data, the business comprising account data, interactive services.

Referring to Fig. 1, is the structural representation of a kind of transaction processing system that the embodiment of the present invention provides; This transaction processing system can comprise: terminal and server, and the network equipment of the such as gateway be connected for the network realized between terminal with server etc.In transaction processing system shown in Fig. 1, terminal can be any one equipment of the band network functions such as such as notebook computer, mobile phone, PAD (panel computer), intelligent wearable device, car-mounted terminal.Server can for possessing the server of service processing function, it can process business such as such as comprising the business of transaction data, the business comprising account data, interactive service, and the process such as the safety certification that can perform involved by business procession and authority detection.As shown in Figure 1, terminal is by such as 2G (2-Generation, Generation Mobile Telecommunication System technology)/3G (3rd Generation, G mobile communication) etc. Network Access Point be connected to gateway with access data network, carrying out mobile communication with described server is connected; Described terminal is also connected to gateway with access of radio network by Network Access Points such as such as WIFI (Wireless-Fldelity, Wireless Fidelity), carries out mobile communication be connected with described server.

Based on the transaction processing system shown in Fig. 1, below in conjunction with accompanying drawing 2-accompanying drawing 4, the method for processing business that the embodiment of the present invention provides is described in detail.

Referring to Fig. 2, is the schematic flow sheet of a kind of method for processing business of the embodiment of the present invention; The present embodiment sets forth the flow process of method for processing business from server side; The method can comprise the following steps S101-step S104.

S101, the service request that server receiving terminal sends, carries the network environment information at requestor's mark and described terminal place in described service request.

Described server can for possessing the server of service processing function, it can process business such as such as comprising the business of transaction data, the business comprising account data, interactive service, and the process such as the safety certification that can perform involved by business procession and authority detection.Described terminal can be the intelligent terminal of the band network functions such as notebook computer, mobile phone, PAD, intelligent wearable device, car-mounted terminal.Mobile communication can be set up between described server with described terminal be connected, such as: described terminal is by Network Access Point access data networks such as such as 2G/3G, and carrying out mobile communication with described server is connected; For another example: described terminal is by Network Access Point access of radio network such as such as WIFI, and carrying out mobile communication with described server is connected; Etc..Described server can be connected based on the mobile communication between described terminal, receives the service request that described terminal sends.

Wherein, described service request processes business such as the asked business such as comprising transaction data, the business comprising account data, interactive services for asking described server.Described request person's mark can be the mark of described terminal, such as: the sequence number of terminal; Described request person's mark also can be the user ID of described end side, such as: the instant messaging account number of user, SNS (Social Networking Services, social network services) account number, cell-phone number, email (Electronic Mail, Email) account number etc.Described network environment information comprises: the mark of at least one wireless signal; Described wireless signal can be WIFI signal, and the mark of described wireless signal can be the MAC of gateway belonging to WIFI signal (Media AccessControl, media access control layer) address.

S102, described server detects the network insertion type of described terminal.

Described network insertion type can comprise: data network access style or wireless network access style; The Network Access Point of described data network access style is data-signal; Such as: described terminal is by 2G/3G accessing Internet, and because its Network Access Point 2G/3G belongs to data-signal, then the network insertion type of this terminal is data network access style.The Network Access Point of described wireless network access style is wireless signal; Such as: described terminal is by WIFI accessing Internet, and because its Network Access Point WIFI belongs to wireless signal, then the network insertion type of this terminal is wireless network access style.Usually, terminal itself possesses the detectability of network insertion type, and in this step, described server can be connected based on the mobile communication between described terminal, requires described terminal to report network insertion type.

S103, described server is according to the network insertion type of described terminal, and employing identifies with described request person the authentication information be associated and carries out safety certification to described network environment information.

That described authentication information can configure for business procession for described terminal, for carrying out the information of safety certification.Described server is by described request person's mark and described authentication information association store, and association store refers to be identified by described request person, can find the described authentication information of association; Or, by described authentication information, described request person's mark of association can be found.Described authentication information can comprise a master authentication mark and at least one auxiliary certification mark, and the part or all of auxiliary certification mark during described master authentication mark and at least one auxiliary certification described identify forms described terminal check, believable network environment.Because the network insertion type of described terminal can comprise: data network access style or wireless network access style; In this step, described server according to the network insertion type of described terminal, can carry out safety certification to the network environment information involved by business procession; If safety certification is passed through, show the network environment safety at described terminal place, show the network environment safety involved by business procession further, can Business Processing be carried out; If safety certification is not passed through, show that the network environment at described terminal place may exist risk, show that the network environment involved by business procession may exist risk further, need stopping to carry out Business Processing.

S104, after safety certification is passed through, described server processes institute's requested service.

Wherein, institute's requested service can be the transfer service of transaction data, such as: two game users have carried out the transaction of virtual objects in game application, and described server needs concluded the business virtual objects to shift between trade user.Institute's requested service also can be the transfer service of account data, such as: after user buys article in e-commerce website, request pays, and described server needs the account data being used for paying to be transferred to recipient.Be understandable that, institute's requested service can also include but not limited to interactive service, such as: request obtains mutual view data, request obtains mutual audio, video data etc.

In the embodiment of the present invention, server is in the business procession of response terminal, and need to carry out safety certification to the network environment information at described terminal place, after safety certification is passed through, described server processes institute's requested service; Real network environment involved by business procession cannot be forged, and effectively can guarantee the reliability of real network environment involved in business procession to the safety certification process of this network environment, promotes the fail safe of Business Processing.

Referring to Fig. 3, is the schematic flow sheet of the another kind of method for processing business of the embodiment of the present invention; The present embodiment sets forth the flow process of method for processing business from end side; The method can comprise the following steps S201-step S203.

S201, when detecting that service request operates, terminal obtains the network environment information at described terminal place.

In the embodiment of the present invention, the user of end side can perform service request operation by described terminal, such as: user is after game application carries out the transaction of virtual objects with other users, and this user can perform the service request operation this one's own virtual objects being transferred to other users; For another example: after user buys article in e-commerce website, this user can perform request for purchase article carry out the service request that pays and operate; Etc..Described terminal is detectable and obtain the network environment information at self place; Described network environment information can comprise: the mark of at least one wireless signal; Described wireless signal can be WIFI signal, and the mark of described wireless signal can be the MAC Address of gateway belonging to WIFI signal.Such as: when detect user ask by purchase article carry out paying service request operation time, mobile phone detection WIFI signal around, suppose that detecting title is respectively w1, w2, w3 to wn altogether N (N be greater than 1 positive integer) individual WIFI signal, mobile phone obtains the MAC Address of gateway belonging to detected each WIFI signal respectively, the MAC Address supposing to get gateway belonging to w1 is M1, the MAC Address of gateway belonging to w2 is M2, by that analogy, the MAC Address of gateway belonging to wn is Mn, the M1 that mobile phone will get, M2 to Mn is defined as the network environment information at mobile phone place.

S202, described terminal generates the service request of the network environment information carrying requestor's mark and described terminal place.

Wherein, described service request processes business such as the asked business such as comprising transaction data, the business comprising account data, interactive services for asking described server.Described request person's mark can be the mark of described terminal, such as: the sequence number of terminal; Described request person's mark also can be the user ID of described end side, such as: the instant messaging account number, SNS account, cell-phone number, email account number etc. of user.Described terminal based on the Data Transport Protocol reached between described server, can be carried out encapsulation process to the network environment information at described request person's mark and described terminal place, generates described service request.

S203, described service request is sent to server by described terminal, to make described server according to the network insertion type of described terminal, employing identifies with described request person the authentication information be associated and carries out safety certification to described network environment information, and after safety certification is passed through, institute's requested service is processed.

Mobile communication can be set up between described terminal with described server be connected, such as: described terminal is by Network Access Point access data networks such as such as 2G/3G, and carrying out mobile communication with described server is connected; For another example: described terminal is by Network Access Point access of radio network such as such as WIFI, and carrying out mobile communication with described server is connected; Etc..Described terminal can be connected based on the mobile communication between described server, sends described service request to described server.

Referring to Fig. 4, is the schematic flow sheet of another method for processing business of the embodiment of the present invention; The present embodiment sets forth the flow process of method for processing business from the mutual side of terminal and server; The method can comprise the following steps S301-step S318.

S301, when business configuration event being detected, the mark of described at least one WAP (wireless access point) of terminal searching.

In order to ensure the fail safe of Business Processing, need to carry out safety certification to the network environment information involved by business procession, the authentication information for safety certification can be configured by terminal by user.In the embodiment of the present invention, terminal can provide business configuration interface, user can be configured operation in this business configuration interface, described terminal can detect the business configuration event that the configuration operation of user produces, now described terminal can start the network environment function of search of self, explores the mark of at least one WAP (wireless access point) around.Wherein, described WAP (wireless access point) can be WIFI access point, and the mark of described WAP (wireless access point) can be the MAC Address of gateway belonging to WIFI access point.Such as: mobile phone detect title be respectively w1, w2, w3 to wn altogether N (N be greater than 1 positive integer) individual WIFI access point, in this step, mobile phone needs the MAC Address obtaining gateway belonging to detected each WIFI signal respectively, the MAC Address supposing to get gateway belonging to w1 is M1, the MAC Address of gateway belonging to w2 is M2, by that analogy, the MAC Address of gateway belonging to wn is Mn.

S302, described terminal detects the network insertion type of described terminal.

Usually, such as the terminal such as mobile phone, smart mobile phone itself possesses the detectability of network insertion type, and described terminal can detect self network insertion type.Described network insertion type can comprise: data network access style or wireless network access style; The Network Access Point of described data network access style is data-signal; Such as: described terminal is by 2G/3G accessing Internet, and because its Network Access Point 2G/3G belongs to data-signal, then the network insertion type of this terminal is data network access style.The Network Access Point of described wireless network access style is wireless signal; Such as: described terminal is by WIFI accessing Internet, and because its Network Access Point WIFI belongs to wireless signal, then the network insertion type of this terminal is wireless network access style.

S303, described terminal according to the mark of described network insertion type and at least one WAP (wireless access point) described, producing authentication information.

That described authentication information can configure for business procession for described terminal, for carrying out the information of safety certification; Particularly, the mark that described terminal can show at least one WAP (wireless access point) described in business configuration interface is configured operation to be supplied to user, described terminal is according to the configuration operation of user, and the network insertion type in conjunction with described terminal generates described authentication information.Described authentication information can comprise a master authentication mark and at least one auxiliary certification mark, and the part or all of auxiliary certification mark during described master authentication mark and at least one auxiliary certification described identify forms described terminal check, believable network environment.

In the embodiment of the present invention, step S303 can comprise in following two kinds of feasible execution modes, wherein a kind of feasible execution mode in, step S303 specifically can comprise the following steps A-C:

If the described network insertion type of A is data network access style, the mark of at least one WAP (wireless access point) described in described terminal demonstration.

If the network insertion type of described terminal is data network access style, namely show that described terminal is using data-signals such as such as 2G/3G as Network Access Point accessing Internet, terminal described in steps A then can show the mark of its search at least one WAP (wireless access point) described extremely.Particularly, described terminal in business configuration interface, can show the mark of at least one WAP (wireless access point) described in the mode of list.With example shown in step S301, mobile phone can adopt the mode of following table one to show the mark of at least one WIFI access point described, and table one can be expressed as follows:

Table one: the label table of WIFI access point

WIFI access point	Mark
		w1	M1
w2	M2
		w3	M3
…	…
		wn	Mn

It should be noted that, above-mentioned table one is only citing, when for other WAP (wireless access point) such as the such as bluetooths beyond WIFI, and can reference table one similar analysis.

B, when the master authentication selection operation to the mark of at least one WAP (wireless access point) described being detected, described terminal the mark of selected WAP (wireless access point) is configured to master authentication mark.

User can identify by the master authentication chosen for safety certification from the mark of at least one WAP (wireless access point) described in shown by described terminal; Such as: the above-mentioned table one of user according to mobile phone, choose name and be called that the mark M1 of the WIFI access point of w1 identifies as master authentication, then M1 is configured to the master authentication mark that described authentication information comprises by mobile phone.

C, when the auxiliary certification selection operation to the mark of at least one WAP (wireless access point) described being detected, the mark of selected WAP (wireless access point) except described master authentication mark is configured to auxiliary certification mark by described terminal.

User can choose the auxiliary certification mark for safety certification from the mark of at least one WAP (wireless access point) described in shown by described terminal; Such as: the above-mentioned table one of user according to mobile phone, the mark choosing common N-1 the WIFI access point of w2 to wn identifies as auxiliary certification, then M2 to Mn is configured to the auxiliary certification mark that described authentication information comprises by mobile phone.

In the execution mode that another kind is feasible, step S303 specifically can comprise the following steps A '-C ':

A ' is if described network insertion type is wireless network access style, and the mark of Network Access Point is configured to master authentication mark by described terminal.

If the network insertion type of described terminal is data network access style, namely show that described terminal is using WIFI wireless signal as Network Access Point accessing Internet, steps A ' described in terminal can directly by described terminal the mark of Network Access Point be configured to master authentication mark.With example shown in step S301, mobile phone is called the WIFI access point accessing Internet of w2 by the name searched, then name is called that the WIFI access point of w2 is the Network Access Point of mobile phone, then name is directly called that the mark M2 of the WIFI access point of w2 is configured to identify for the master authentication of safety certification by mobile phone.

The mark of at least one WAP (wireless access point) described in B ', described terminal demonstration.

Described terminal in business configuration interface, can show the mark of at least one WAP (wireless access point) described in the mode of list.With example shown in step S301, mobile phone can adopt the mode of above-mentioned table one to show the mark of at least one WIFI access point described.

C ', when the certification selection operation to the mark of at least one WAP (wireless access point) described being detected, the mark of selected WAP (wireless access point) except described master authentication mark is configured to auxiliary certification mark by described terminal.

Because master authentication mark is by described terminal active arrangement, in step C ', user can choose the auxiliary certification mark for safety certification from the mark of at least one WAP (wireless access point) described in shown by described terminal; Such as: the above-mentioned table one of user according to mobile phone, choose the mark that w1 to wn is total to N number of WIFI access point, because name is called that the mark M2 of the WIFI access point of w2 has been configured to master authentication mark, then M1, M3 to Mn are configured to the auxiliary certification mark that described authentication information comprises by mobile phone.

S304, described terminal generates the service configuration information carrying requestor's mark and described authentication information.

Described request person's mark can be the mark of described terminal, such as: the sequence number of terminal; Described request person's mark also can be the user ID of described end side, such as: the instant messaging account number, SNS account, cell-phone number, email account number etc. of user.Described terminal based on the Data Transport Protocol reached between described server, can be carried out encapsulation process to described request person's mark and described authentication information, generates described service configuration information.

S305, described terminal sends described service configuration information to described server.

Mobile communication can be set up between described terminal with described server be connected, such as: described terminal is by Network Access Point access data networks such as such as 2G/3G, and carrying out mobile communication with described server is connected; For another example: described terminal is by Network Access Point access of radio network such as such as WIFI, and carrying out mobile communication with described server is connected; Etc..Described terminal can be connected based on the mobile communication between described server, sends described service configuration information to described server.

S306, described server receives the service configuration information that described terminal sends, and carries described request person's mark and authentication information in described service configuration information.

Described server can be connected based on the mobile communication between described terminal, receives the service configuration information carrying described request person's mark and described authentication information that described terminal sends.

S307, described server identifies according to described request person and judges whether described request person possesses configuration authority.

Described server can perform the process such as safety certification and authority detection involved by business procession.Particularly, this step can comprise the following steps D-E:

D, described server judge whether described request person's mark is default access mark.

In specific implementation, terminal can carry out in advance registering and require to obtain configuration authority, the authority that the mark of terminal described in described server record and described terminal possess in described server; Or, the user of described end side can register and require to obtain configuration authority in described server, the user of described end side logs in described server by described terminal, the authority that the user ID of described this user of server record and this user possess.Described server admin default access mark, this default access mark both can for having possessed the mark of the registration terminal of configuration authority, also can for possessing the mark of the registered user of configuration authority.In step D, described server judges whether described request person's mark is default access mark, namely judges whether described request person is the terminal or the user that possess configuration authority.The deterministic process of this step D can ensure the reliability of the authentication information for Business Processing safety certification.

If E described request person is designated default access mark, described server confirms that described request person possesses configuration authority.

If described request person is designated default access mark, show that described request person is the terminal or the user that possess configuration authority, described server confirms that described request person possesses configuration authority.

S308, if described request person possesses configuration authority, described request person's mark is carried out association store with described authentication information by described server.

Association store refers to be identified by described request person, can find the described authentication information of association; Or, by described authentication information, described request person's mark of association can be found.

S309, when detecting that service request operates, terminal obtains the network environment information at described terminal place.

In the embodiment of the present invention, the user of end side can perform service request operation by described terminal, such as: user is after game application carries out the transaction of virtual objects with other users, and this user can perform the service request operation this one's own virtual objects being transferred to other users; For another example: after user buys article in e-commerce website, this user can perform request for purchase article carry out the service request that pays and operate; Etc..Described terminal is detectable and obtain the network environment information at self place; Described network environment information can comprise: the mark of at least one wireless signal; Described wireless signal can be WIFI signal, and the mark of described wireless signal can be the MAC Address of gateway belonging to WIFI signal.

S310, described terminal generates the service request of carrying described network environment information.

S311, described service request sends described to server by described terminal.

Described terminal can be connected based on the mobile communication between described server, sends described service request to described server.

S312, described server receives the described service request that described terminal sends, and carries the network environment information at requestor's mark and described terminal place in described service request.

Described server can be connected based on the mobile communication between described terminal, receives the service request that described terminal sends.

S313, described server obtains request to described terminal transmission types.

Usually, terminal itself possesses the detectability of network insertion type, and in this step, described server can be connected based on the mobile communication between described terminal, obtain request to described terminal transmission types, described type obtains request and is used for requiring described terminal to report network insertion type.

S314, described terminal receives the described type acquisition request that described server sends.

S315, described terminal obtains request according to described type, reports described network insertion type to described server.

Described terminal can be connected based on the mobile communication between described server, receives the described type acquisition request that described server sends, and responds described type acquisition request, report described network insertion type to described server.

S316, described server receives the network insertion type of described terminal to report.

S317, described server is according to the network insertion type of described terminal, and employing identifies with described request person the authentication information be associated and carries out safety certification to described network environment information.

That described authentication information can configure for business procession for described terminal, for carrying out the information of safety certification.Described authentication information can comprise a master authentication mark and at least one auxiliary certification mark, and the part or all of auxiliary certification mark during described master authentication mark and at least one auxiliary certification described identify forms described terminal check, believable network environment.Because the network insertion type of described terminal can comprise: data network access style or wireless network access style; In this step, described server according to the network insertion type of described terminal, can carry out safety certification to the network environment information involved by business procession; If safety certification is passed through, show the network environment safety at described terminal place, show the network environment safety involved by business procession further, can Business Processing be carried out; If safety certification is not passed through, show that the network environment at described terminal place may exist risk, show that the network environment involved by business procession may exist risk further, need stopping to carry out Business Processing.

In specific implementation, step S317 can comprise following two kinds of feasible execution modes, and in a kind of feasible execution mode wherein, step S317 can comprise the following steps F-H:

F, described server obtain and identify with described request person the authentication information be associated.

Described server can identify according to described request person, searches and state the authentication information that requestor identifies association store from self memory space.

If the network insertion type of the described terminal of G is data network access style, described server judges whether described network environment information comprises described master authentication mark, and judges whether the quantity of the auxiliary certification mark that described network environment information comprises is more than or equal to predetermined threshold value.

Described network environment information can comprise: the mark of at least one wireless signal; Described wireless signal can be WIFI signal, and the mark of described wireless signal can be the MAC Address of gateway belonging to WIFI signal.Wherein, described predetermined threshold value is positive integer, and described predetermined threshold value is less than or equal to the total quantity of at least one auxiliary certification mark described, such as: suppose that the total quantity that at least one auxiliary certification described identifies is N (N is positive integer), described predetermined threshold value then can be set greater than and equal 1 and the arbitrary integer value be less than or equal in N.Described predetermined threshold value can set according to actual needs, as set according to the institute's requirement of requested service to fail safe, if the institute's requirement of requested service to fail safe is higher, then can set the total quantity that described predetermined threshold value equals at least one auxiliary certification mark described; If the institute's requirement of requested service to fail safe is relatively low, then can set the total quantity that described predetermined threshold value is less than at least one auxiliary certification mark described.

In this step G, described server judges whether described network environment information comprises described master authentication mark, namely judges that whether described master authentication mark is the mark of the wireless signal that described network environment information comprises; Such as: the mark that described network environment information comprises 3 wireless signals is respectively M1, M2 and M3, and master authentication is designated M1, described server then can judge that described network environment information comprises described master authentication mark.

In this step G, described server judges whether the quantity of the auxiliary certification mark that described network environment information comprises is more than or equal to predetermined threshold value, namely judges whether comprise part or all of auxiliary certification mark in described network environment information; Such as: according to the example in this step, suppose that auxiliary certification is designated M2, M3, M4, predetermined threshold value is 2, and described network environment information comprises M2 and M3 totally 2 auxiliary certification marks, and described server then can judge that the quantity of the auxiliary certification mark that described network environment information comprises equals predetermined threshold value.

If the described network environment information of H comprises described master authentication mark and the quantity that the auxiliary certification that described network environment information comprises identifies is more than or equal to predetermined threshold value, described server confirms that safety certification is passed through.

If described network environment information comprises described master authentication mark and the quantity that the auxiliary certification that described network environment information comprises identifies is more than or equal to predetermined threshold value, show that the network environment at the current place of described terminal is that described terminal confirms in advance, believable network environment, show the network environment safety involved by business procession further, described server confirms that safety certification is passed through.Otherwise, show that the network environment at the current place of described terminal is not that described terminal is that confirm in advance, believable network environment, show that the network environment involved by business procession may exist risk further, described server confirms that safety certification is not passed through, and needs to stop business processing flow.

In the execution mode that another kind is feasible, step S317 can comprise the following steps F '-I ':

F ', described server obtain and identify with described request person the authentication information be associated.

G ' is if described network insertion type is wireless network access style, and described server judges whether the mark of the Network Access Point of described terminal is described master authentication mark.

H ' is if the described master authentication that is designated of the Network Access Point of described terminal identifies, and described server judges whether the quantity of the auxiliary certification mark that described network environment information comprises is more than or equal to predetermined threshold value.

I ' is if the quantity that the auxiliary certification that described network environment information comprises identifies is more than or equal to predetermined threshold value, and described server confirms that safety certification is passed through.

If the described master authentication that is designated of the Network Access Point of described terminal identifies, and the quantity that the auxiliary certification that described network environment information comprises identifies is more than or equal to predetermined threshold value, show that the network environment at the current place of described terminal is that described terminal confirms in advance, believable network environment, show the network environment safety involved by business procession further, described server confirms that safety certification is passed through.Otherwise, show that the network environment at the current place of described terminal is not that described terminal is that confirm in advance, believable network environment, show that the network environment involved by business procession may exist risk further, described server confirms that safety certification is not passed through, and needs to stop business processing flow.

S318, after safety certification is passed through, described server processes institute's requested service.

Wherein, institute's requested service can be transaction data, such as: two game users have carried out the transaction of virtual objects in game application, and described server needs concluded the business virtual objects to shift between trade user.Institute's requested service also can be account data, such as: after user buys article in e-commerce website, request pays, and described server needs the account data being used for paying to be transferred to recipient.Be understandable that, institute's requested service can also include but not limited to the view data, audio, video data etc. that need to carry out processing, in addition, in the process that institute's requested service is processed, can also such as check to requestor the authentication that mark, password etc. input information based on the network environment of this safety further.

Below in conjunction with accompanying drawing 5-accompanying drawing 9, the 26S Proteasome Structure and Function of a kind of business processing device that the embodiment of the present invention provides is described in detail.It should be noted that, the business processing device shown in Fig. 5-Fig. 9 can in runtime server, to be applied in the method shown in above-mentioned Fig. 2-Fig. 4.

Referring to Fig. 5, is the structural representation of a kind of business processing device that the embodiment of the present invention provides; This device can comprise: request receiving module 101, type detection module 102, security authentication module 103 and processing module 104.

Request receiving module 101, for the service request that receiving terminal sends, carries the network environment information at requestor's mark and described terminal place in described service request.

Described server can for possessing the server of service processing function, it can process business such as such as comprising the business of transaction data, the business comprising account data, interactive service, and the process such as the safety certification that can perform involved by business procession and authority detection.Described terminal can be the intelligent terminal of the band network functions such as notebook computer, mobile phone, PAD, intelligent wearable device, car-mounted terminal.Mobile communication can be set up between described server with described terminal be connected, such as: described terminal is by Network Access Point access data networks such as such as 2G/3G, and carrying out mobile communication with described server is connected; For another example: described terminal is by Network Access Point access of radio network such as such as WIFI, and carrying out mobile communication with described server is connected; Etc..Described request receiver module 101 can be connected based on the mobile communication between described terminal, receives the service request that described terminal sends.

Wherein, described service request processes business such as the asked business such as comprising transaction data, the business comprising account data, interactive services for asking described server.Described request person's mark can be the mark of described terminal, such as: the sequence number of terminal; Described request person's mark also can be the user ID of described end side, such as: the instant messaging account number, SNS account, cell-phone number, email account number etc. of user.Described network environment information comprises: the mark of at least one wireless signal; Described wireless signal can be WIFI signal, and the mark of described wireless signal can be the MAC Address of gateway belonging to WIFI signal.

Type detection module 102, for detecting the network insertion type of described terminal.

Described network insertion type can comprise: data network access style or wireless network access style; The Network Access Point of described data network access style is data-signal; Such as: described terminal is by 2G/3G accessing Internet, and because its Network Access Point 2G/3G belongs to data-signal, then the network insertion type of this terminal is data network access style.The Network Access Point of described wireless network access style is wireless signal; Such as: described terminal is by WIFI accessing Internet, and because its Network Access Point WIFI belongs to wireless signal, then the network insertion type of this terminal is wireless network access style.Usually, terminal itself possesses the detectability of network insertion type, and described type detection module 102 can be connected based on the mobile communication between described terminal, requires described terminal to report network insertion type.

Security authentication module 103, for the network insertion type according to described terminal, employing identifies with described request person the authentication information be associated and carries out safety certification to described network environment information.

That described authentication information can configure for business procession for described terminal, for carrying out the information of safety certification.Described server is by described request person's mark and described authentication information association store, and association store refers to be identified by described request person, can find the described authentication information of association; Or, by described authentication information, described request person's mark of association can be found.Described authentication information can comprise a master authentication mark and at least one auxiliary certification mark, and described master authentication mark and at least one auxiliary certification mark described form described terminal check, believable network environment.Because the network insertion type of described terminal can comprise: data network access style or wireless network access style; Described security authentication module 103 according to the network insertion type of described terminal, can carry out safety certification to the network environment information involved by business procession; If safety certification is passed through, show the network environment safety at described terminal place, show the network environment safety involved by business procession further, can Business Processing be carried out; If safety certification is not passed through, show that the network environment at described terminal place may exist risk, show that the network environment involved by business procession may exist risk further, need stopping to carry out Business Processing.

Processing module 104, for after safety certification is passed through, processes institute's requested service.

Wherein, institute's requested service can be the transfer service of transaction data, such as: two game users have carried out the transaction of virtual objects in game application, and described processing module 104 needs concluded the business virtual objects to shift between trade user.Institute's requested service also can be the transfer service of account data, such as: after user buys article in e-commerce website, request pays, and described processing module 104 needs the account data being used for paying to be transferred to recipient.Be understandable that, institute's requested service can also include but not limited to interactive service, such as: request obtains mutual view data, request obtains mutual audio, video data etc.

Refer to Fig. 5 again, alternatively, this device also can comprise: configuration receiver module 105, authority detection module 106 and association store module 107.

Configuration receiver module 105, for receiving the service configuration information that described terminal sends, carries described request person's mark and authentication information in described service configuration information.

Described configuration receiver module 105 can be connected based on the mobile communication between described terminal, receives the service configuration information carrying described request person's mark and described authentication information that described terminal sends.

For identifying according to described request person, authority detection module 106, judges whether described request person possesses configuration authority.

Association store module 107, if possess configuration authority for described request person, carries out association store by described request person's mark with described authentication information.

Referring to Fig. 6, is the structural representation of the embodiment of the type detection module shown in Fig. 5; The type detection module 102 can comprise: type obtains request unit 1201 and type reception unit 1202.

Type obtains request unit 1201, for obtaining request to described terminal transmission types, obtains request report network access style to make described terminal according to described type.

Usually, terminal itself possesses the detectability of network insertion type, described type obtains request unit 1201 and can be connected based on the mobile communication between described terminal, obtains request to described terminal transmission types, and described type obtains request and is used for requiring described terminal to report network insertion type.

Type reception unit 1202, for receiving the network insertion type of described terminal to report.

Referring to Fig. 7, is the structural representation of an embodiment of the security authentication module shown in Fig. 5; This security authentication module 103 can comprise: the first acquiring unit 1301, first judging unit 1302 and the first confirmation unit 1303.

First acquiring unit 1301, identifies with described request person the authentication information be associated for obtaining.

Described first acquiring unit 1301 can identify according to described request person, searches and state the authentication information that requestor identifies association store from the memory space of described server.

First judging unit 1302, if the network insertion type for described terminal is data network access style, judge whether described network environment information comprises described master authentication mark, and judge whether the quantity of the auxiliary certification mark that described network environment information comprises is more than or equal to predetermined threshold value.

Described first judging unit 1302 judges whether described network environment information comprises described master authentication mark, namely judges that whether described master authentication mark is the mark of the wireless signal that described network environment information comprises; Such as: the mark that described network environment information comprises 3 wireless signals is respectively M1, M2 and M3, and master authentication is designated M1, described first judging unit 1302 can judge that described network environment information comprises described master authentication mark.

Described first judging unit 1302 judges whether the quantity of the auxiliary certification mark that described network environment information comprises is more than or equal to predetermined threshold value, namely judges whether comprise part or all of auxiliary certification mark in described network environment information; Such as: according to the example in the present embodiment, suppose that auxiliary certification is designated M2, M3, M4, predetermined threshold value is 2, described network environment information comprises M2 and M3 totally 2 auxiliary certification marks, and described first judging unit 1302 can judge that the quantity of the auxiliary certification mark that described network environment information comprises equals predetermined threshold value.

First confirmation unit 1303, if comprise described master authentication mark for described network environment information and the quantity of auxiliary certification mark that described network environment information comprises is more than or equal to predetermined threshold value, confirms that safety certification is passed through.

If described network environment information comprises described master authentication mark and the quantity that the auxiliary certification that described network environment information comprises identifies is more than or equal to predetermined threshold value, show that the network environment at the current place of described terminal is that described terminal confirms in advance, believable network environment, show the network environment safety involved by business procession further, described first confirmation unit 1303 confirms that safety certification is passed through.Otherwise, show that the network environment at the current place of described terminal is not that described terminal is that confirm in advance, believable network environment, show that the network environment involved by business procession may exist risk further, described first confirmation unit 1303 confirms that safety certification is not passed through, and needs to stop business processing flow.

Referring to Fig. 8, is the structural representation of another embodiment of the security authentication module shown in Fig. 5; This security authentication module 103 can comprise: second acquisition unit 1311, second judging unit 1312, the 3rd judging unit 1313 and the second confirmation unit 1314.

Second acquisition unit 1311, identifies with described request person the authentication information be associated for obtaining.

Second judging unit 1312, if be wireless network access style for described network insertion type, judges whether the mark of the Network Access Point of described terminal is described master authentication mark.

3rd judging unit 1313, if identify for the described master authentication that is designated of the Network Access Point of described terminal, judges whether the quantity of the auxiliary certification mark that described network environment information comprises is more than or equal to predetermined threshold value.

Second confirmation unit 1314, if the quantity of the auxiliary certification mark comprised for described network environment information is more than or equal to predetermined threshold value, confirms that safety certification is passed through.

If the described master authentication that is designated of the Network Access Point of described terminal identifies, and the quantity that the auxiliary certification that described network environment information comprises identifies is more than or equal to predetermined threshold value, show that the network environment at the current place of described terminal is that described terminal confirms in advance, believable network environment, show the network environment safety involved by business procession further, described second confirmation unit 1314 confirms that safety certification is passed through.Otherwise, show that the network environment at the current place of described terminal is not that described terminal is that confirm in advance, believable network environment, show that the network environment involved by business procession may exist risk further, described second confirmation unit 1314 confirms that safety certification is not passed through, and needs to stop business processing flow.

Referring to Fig. 9, is the structural representation of the embodiment of the authority detection module shown in Fig. 5; This authority detection module 106 can comprise: mark judging unit 1601 and authority confirmation unit 1602.

Mark judging unit 1601, for judging whether described request person's mark is default access mark.

In specific implementation, terminal can carry out in advance registering and require to obtain configuration authority, the authority that the mark of terminal described in described server record and described terminal possess in described server; Or, the user of described end side can register and require to obtain configuration authority in described server, the user of described end side logs in described server by described terminal, the authority that the user ID of described this user of server record and this user possess.Described server admin default access mark, this default access mark both can for having possessed the mark of the registration terminal of configuration authority, also can for possessing the mark of the registered user of configuration authority.Described mark judging unit 1601 judges whether described request person's mark is default access mark, namely judges whether described request person is the terminal or the user that possess configuration authority.The deterministic process of described mark judging unit 1601 can ensure the reliability of the authentication information for Business Processing safety certification.

Authority confirmation unit 1602, if be designated default access mark for described request person, confirms that described request person possesses configuration authority.

If described request person is designated default access mark, show that described request person is the terminal or the user that possess configuration authority, described authority confirmation unit 1602 confirms that described request person possesses configuration authority.

The embodiment of the invention also discloses a kind of server, described server can for possessing the server of service processing function, it can process business such as such as comprising the business of transaction data, the business comprising account data, interactive service, and the process such as the safety certification that can perform involved by business procession and authority detection.This server can comprise a business processing device, and the 26S Proteasome Structure and Function of this business processing device see the associated description of Fig. 5-embodiment illustrated in fig. 9, can be not repeated herein.

Referring to Figure 10, is the structural representation of the another kind of server that the embodiment of the present invention provides; The server of the embodiment of the present invention comprises: at least one processor 10, such as CPU, at least one communication bus 11, at least one network interface 12, memory 13.Wherein, communication bus 11 is for realizing the connection communication between these assemblies.Wherein, described network interface 12 optionally can comprise wireline interface, the wave point (as WI-FI, mobile communication interface etc.) of standard.Described memory 13 can be high-speed RAM memory, also can be non-labile memory (non-volatile memory), such as at least one magnetic disc store.Described memory 13 can also be optionally that at least one is positioned at the storage device away from aforementioned processor 10.As shown in Figure 10, store operating system, network communication module as in a kind of memory 13 of computer-readable storage medium, and the program stored for carrying out Business Processing and other programs.

In a kind of feasible execution mode, wherein concrete, described processor 10 may be used for calling the program for carrying out Business Processing stored in described memory 13, performs following steps:

The service request that receiving terminal sends, carries the network environment information at requestor's mark and described terminal place in described service request;

Detect the network insertion type of described terminal;

According to the network insertion type of described terminal, employing identifies with described request person the authentication information be associated and carries out safety certification to described network environment information;

After safety certification is passed through, institute's requested service is processed.

Further, described processor 10, when performing the step of the network insertion type detecting described terminal, specifically performs following steps:

Obtain request to described terminal transmission types, obtain request report network access style to make described terminal according to described type;

Receive the network insertion type of described terminal to report.

Further, described processor 10, before the step performing the service request that described server receiving terminal sends, also performs following steps:

Receive the service configuration information that described terminal sends, in described service configuration information, carry described request person's mark and authentication information;

Identify according to described request person and judge whether described request person possesses configuration authority;

If described request person possesses configuration authority, described request person's mark is carried out association store with described authentication information.

Further, described processor 10 perform described server according to described request person identify judge described request person whether possess configure the step of authority time, specifically perform following steps:

Judge whether described request person's mark is default access mark;

If described request person is designated default access mark, confirm that described request person possesses configuration authority.

Wherein, described network insertion type comprises: data network access style or wireless network access style;

The Network Access Point of described data network access style is data-signal; The Network Access Point of described wireless network access style is wireless signal;

Described authentication information comprises a master authentication mark and at least one auxiliary certification mark;

Described network environment information comprises: the mark of at least one wireless signal.

Further, described processor 10 is performing according to the network insertion type of described terminal, adopts and described request person identifies the authentication information be associated when carrying out the step of safety certification to described network environment information, specifically performs following steps:

Obtain and identify with described request person the authentication information be associated;

If the network insertion type of described terminal is data network access style, judge whether described network environment information comprises described master authentication mark, and judge whether the quantity of the auxiliary certification mark that described network environment information comprises is more than or equal to predetermined threshold value;

If described network environment information comprises described master authentication mark and the quantity that the auxiliary certification that described network environment information comprises identifies is more than or equal to predetermined threshold value, confirm that safety certification is passed through.

If described network insertion type is wireless network access style, judge whether the mark of the Network Access Point of described terminal is described master authentication mark;

If the described master authentication that is designated of the Network Access Point of described terminal identifies, judge whether the quantity of the auxiliary certification mark that described network environment information comprises is more than or equal to predetermined threshold value;

If the quantity of the auxiliary certification mark that described network environment information comprises is more than or equal to predetermined threshold value, confirm that safety certification is passed through.

Below in conjunction with accompanying drawing 11-accompanying drawing 13, the 26S Proteasome Structure and Function of the another kind of business processing device that the embodiment of the present invention provides is described in detail.It should be noted that, the business processing device shown in Figure 11-Figure 13 can run in terminal, to be applied in the method shown in above-mentioned Fig. 2-Fig. 4.

Referring to Figure 11, is the structural representation of the another kind of business processing device that the embodiment of the present invention provides; This device can comprise: environment acquisition module 201, request generation module 202 and Service Processing Module 203.

Environment acquisition module 201, for when detecting that service request operates, obtains the network environment information at terminal place.

In the embodiment of the present invention, the user of end side can perform service request operation by described terminal, such as: user is after game application carries out the transaction of virtual objects with other users, and this user can perform the service request operation this one's own virtual objects being transferred to other users; For another example: after user buys article in e-commerce website, this user can perform request for purchase article carry out the service request that pays and operate; Etc..Described environment acquisition module 201 is detectable and obtain the network environment information at described terminal place; Described network environment information can comprise: the mark of at least one wireless signal; Described wireless signal can be WIFI signal, and the mark of described wireless signal can be the MAC Address of gateway belonging to WIFI signal.Such as: when detect user ask by purchase article carry out paying service request operation time, described environment acquisition module 201 detects the WIFI signal around mobile phone, suppose that detecting title is respectively w1, w2, w3 to wn altogether N (N be greater than 1 positive integer) individual WIFI signal, described environment acquisition module 201 obtains the MAC Address of gateway belonging to each WIFI signal of detecting respectively, the MAC Address supposing to get gateway belonging to w1 is M1, the MAC Address of gateway belonging to w2 is M2, by that analogy, the MAC Address of gateway belonging to wn is Mn, the M1 that described environment acquisition module 201 will get, M2 to Mn is defined as the network environment information at mobile phone place.

Request generation module 202, for generating the service request of the network environment information carrying requestor's mark and described terminal place.

Wherein, described service request processes business such as the asked business such as comprising transaction data, the business comprising account data, interactive services for asking described server.Described request person's mark can be the mark of described terminal, such as: the sequence number of terminal; Described request person's mark also can be the user ID of described end side, such as: the instant messaging account number, SNS account, cell-phone number, email account number etc. of user.Described request generation module 202 based on the Data Transport Protocol reached between described server, can carry out encapsulation process to the network environment information at described request person's mark and described terminal place, generates described service request.

Service Processing Module 203, for described service request is sent to server, to make described server according to the network insertion type of described terminal, employing identifies with described request person the authentication information be associated and carries out safety certification to described network environment information, and after safety certification is passed through, institute's requested service is processed.

Mobile communication can be set up between described terminal with described server be connected, such as: described terminal is by Network Access Point access data networks such as such as 2G/3G, and carrying out mobile communication with described server is connected; For another example: described terminal is by Network Access Point access of radio network such as such as WIFI, and carrying out mobile communication with described server is connected; Etc..Described Service Processing Module 203 can be connected based on the mobile communication between described server, sends described service request to described server.

Refer to Figure 11 again, alternatively, this device also can comprise: search module 204, type detection module 205, configuration module 206, information generating module 207, information sending module 208, request receiving module 209 and type reporting module 210.

Search module 204, for when business configuration event being detected, searches for the mark of at least one WAP (wireless access point).

In order to ensure the fail safe of Business Processing, need to carry out safety certification to the network environment information involved by business procession, the authentication information for safety certification can be configured by terminal by user.In the embodiment of the present invention, terminal can provide business configuration interface, user can be configured operation in this business configuration interface, described terminal can detect the business configuration event that the configuration operation of user produces, now described search module 204 can start the network environment function of search of described terminal, explores the mark of at least one WAP (wireless access point) around.Wherein, described WAP (wireless access point) can be WIFI access point, and the mark of described WAP (wireless access point) can be the MAC Address of gateway belonging to WIFI access point.Such as: described search module 204 detect title be respectively w1, w2, w3 to wn altogether N (N be greater than 1 positive integer) individual WIFI access point, described search module 204 needs the MAC Address obtaining gateway belonging to detected each WIFI signal respectively, the MAC Address supposing to get gateway belonging to w1 is M1, the MAC Address of gateway belonging to w2 is M2, by that analogy, the MAC Address of gateway belonging to wn is Mn.

Type detection module 205, for detecting the network insertion type of described terminal.

Usually, such as the terminal such as mobile phone, smart mobile phone itself possesses the detectability of network insertion type, and described type detection module 205 can detect the network insertion type of described terminal.Described network insertion type can comprise: data network access style or wireless network access style; The Network Access Point of described data network access style is data-signal; Such as: described terminal is by 2G/3G accessing Internet, and because its Network Access Point 2G/3G belongs to data-signal, then the network insertion type of this terminal is data network access style.The Network Access Point of described wireless network access style is wireless signal; Such as: described terminal is by WIFI accessing Internet, and because its Network Access Point WIFI belongs to wireless signal, then the network insertion type of this terminal is wireless network access style.

Configuration module 206, for the mark according to described network insertion type and at least one WAP (wireless access point) described, producing authentication information.

That described authentication information can configure for business procession for described configuration module 206, for carrying out the information of safety certification; Particularly, the mark that described terminal can show at least one WAP (wireless access point) described in business configuration interface is configured operation to be supplied to user, described configuration module 206 is according to the configuration operation of user, and the network insertion type in conjunction with described terminal generates described authentication information.Described authentication information can comprise a master authentication mark and at least one auxiliary certification mark, and described master authentication mark and at least one auxiliary certification mark described form described terminal check, believable network environment.

Information generating module 207, for generating the service configuration information carrying requestor's mark and described authentication information.

Described request person's mark can be the mark of described terminal, such as: the sequence number of terminal; Described request person's mark also can be the user ID of described end side, such as: the instant messaging account number, SNS account, cell-phone number, email account number etc. of user.Described information generating module 207 based on the Data Transport Protocol reached between described server, can be carried out encapsulation process to described request person's mark and described authentication information, generates described service configuration information.

Information sending module 208, for sending described service configuration information to described server, with make described server according to described request person identify judge described request person whether possess configuration power, and when described request person possesses configuration authority, described request person's mark is carried out association store with described authentication information.

Mobile communication can be set up between described terminal with described server be connected, such as: described terminal is by Network Access Point access data networks such as such as 2G/3G, and carrying out mobile communication with described server is connected; For another example: described terminal is by Network Access Point access of radio network such as such as WIFI, and carrying out mobile communication with described server is connected; Etc..Described information sending module 208 can be connected based on the mobile communication between described server, sends described service configuration information to described server.

Request receiving module 209, the type sent for receiving described server obtains request.

Type reporting module 210, for obtaining request according to described type, reports described network insertion type to described server.

Described request receiver module 209 can be connected based on the mobile communication between described server, receive the described type acquisition request that described server sends, described type reporting module 210 can respond described type and obtain request, reports described network insertion type to described server.

Referring to Figure 12, is the structural representation of an embodiment of the configuration module shown in Figure 11; This configuration module 206 can comprise: the first display unit 2601, first main dispensing unit 2602 and the first auxiliary dispensing unit 2603.

First display unit 2601, if be data network access style for described network insertion type, the mark of display at least one WAP (wireless access point) described.

If the network insertion type of described terminal is data network access style, namely show that described terminal is using data-signals such as such as 2G/3G as Network Access Point accessing Internet, described first display unit 2601 can show the mark of its search at least one WAP (wireless access point) described extremely.Particularly, in the business configuration interface that described first display unit 2601 can provide in described terminal, show the mark of at least one WAP (wireless access point) described in the mode of list.

First main dispensing unit 2602, for when the master authentication selection operation to the mark of at least one WAP (wireless access point) described being detected, is configured to master authentication mark by the mark of selected WAP (wireless access point).

User can identify by the master authentication chosen for safety certification from the mark of at least one WAP (wireless access point) described in shown by described terminal; The mark of user-selected WAP (wireless access point) of getting is configured to the master authentication mark that described authentication information comprises by described first main dispensing unit 2602.

First auxiliary dispensing unit 2603, for when the auxiliary certification selection operation to the mark of at least one WAP (wireless access point) described being detected, is configured to auxiliary certification mark by the mark of the selected WAP (wireless access point) except described master authentication mark.

User can choose the auxiliary certification mark for safety certification from the mark of at least one WAP (wireless access point) described in shown by described terminal; The mark of the WAP (wireless access point) except described master authentication mark is configured to auxiliary certification mark by described first auxiliary dispensing unit 2603.

Referring to Figure 13, is the structural representation of another embodiment of the configuration module shown in Figure 11; This configuration module 206 can comprise: the second main dispensing unit 2611, second display unit 2612 and the second auxiliary dispensing unit 2613.

Second main dispensing unit 2611, if be wireless network access style for described network insertion type, is configured to master authentication mark by the mark of Network Access Point.

If the network insertion type of described terminal is data network access style, namely show that described terminal is using WIFI wireless signal as Network Access Point accessing Internet, described second main dispensing unit 2611 can directly by described terminal the mark of Network Access Point be configured to master authentication mark.

Second display unit 2612, for showing the mark of at least one WAP (wireless access point) described.

In the business configuration interface that described second display unit 2612 can provide in described terminal, show the mark of at least one WAP (wireless access point) described in the mode of list.

Second auxiliary dispensing unit 2613, for when the certification selection operation to the mark of at least one WAP (wireless access point) described being detected, is configured to auxiliary certification mark by the mark of the selected WAP (wireless access point) except described master authentication mark.

Because master authentication mark is by described terminal active arrangement, user can choose the auxiliary certification mark for safety certification from the mark of at least one WAP (wireless access point) described in shown by described terminal; The mark of the WAP (wireless access point) except described master authentication mark is configured to auxiliary certification mark by described second auxiliary dispensing unit 2613.

The embodiment of the invention also discloses a kind of terminal, this terminal can be the intelligent terminal of the band network functions such as notebook computer, mobile phone, PAD (panel computer), intelligent wearable device, car-mounted terminal.This terminal can comprise a business processing device, and the 26S Proteasome Structure and Function of this device see the associated description of Figure 11-embodiment illustrated in fig. 13, can be not repeated herein.

Referring to Figure 14, is the structural representation of the another kind of terminal that the embodiment of the present invention provides; The terminal of the embodiment of the present invention comprises: at least one processor 20, such as CPU, at least one communication bus 21, at least one network interface 22, memory 23.Wherein, communication bus 21 is for realizing the connection communication between these assemblies.Wherein, described network interface 22 optionally can comprise wireline interface, the wave point (as WI-FI, mobile communication interface etc.) of standard.Described memory 23 can be high-speed RAM memory, also can be non-labile memory (non-volatile memory), such as at least one magnetic disc store.Described memory 23 can also be optionally that at least one is positioned at the storage device away from aforementioned processor 20.As shown in figure 14, store operating system, network communication module as in a kind of memory 23 of computer-readable storage medium, and the program stored for carrying out Business Processing and other programs.

In a kind of feasible execution mode, wherein concrete, described processor 20 may be used for calling the program for carrying out Business Processing stored in described memory 23, performs following steps:

When detecting that service request operates, obtain the network environment information at described terminal place;

Generate the service request of the network environment information carrying requestor's mark and described terminal place;

Described service request is sent to server, to make described server according to the network insertion type of described terminal, employing identifies with described request person the authentication information be associated and carries out safety certification to described network environment information, and after safety certification is passed through, processes institute's requested service.

Further, described processor 20 is described when detecting that service request operates in execution, and terminal also performs following steps before obtaining the step of the network environment information at described terminal place:

When business configuration event being detected, search for the mark of at least one WAP (wireless access point);

Detect the network insertion type of described terminal;

According to the mark of described network insertion type and at least one WAP (wireless access point) described, producing authentication information.

Further, described processor 20 is performing the mark of described terminal according to described network insertion type and at least one WAP (wireless access point) described, during the step of producing authentication information, specifically performs following steps:

If described network insertion type is data network access style, the mark of display at least one WAP (wireless access point) described;

When the master authentication selection operation to the mark of at least one WAP (wireless access point) described being detected, the mark of selected WAP (wireless access point) is configured to master authentication mark;

When the auxiliary certification selection operation to the mark of at least one WAP (wireless access point) described being detected, the mark of the selected WAP (wireless access point) except described master authentication mark is configured to auxiliary certification mark.

Further, described processor 20 is performing the mark according to described network insertion type and at least one WAP (wireless access point) described, during the step of producing authentication information, specifically performs following steps:

If described network insertion type is wireless network access style, the mark of Network Access Point is configured to master authentication mark;

The mark of display at least one WAP (wireless access point) described;

When the certification selection operation to the mark of at least one WAP (wireless access point) described being detected, the mark of the selected WAP (wireless access point) except described master authentication mark is configured to auxiliary certification mark.

Further, described processor 20 is performing the mark of described terminal according to described network insertion type and at least one WAP (wireless access point) described, after the step of producing authentication information, also performs following steps:

Generate the service configuration information carrying requestor's mark and described authentication information;

Described service configuration information is sent to described server, with make described server according to described request person identify judge described request person whether possess configuration power, and when described request person possesses configuration authority, described request person's mark is carried out association store with described authentication information.

Further, described processor 20, after described service request is sent to the step of server by execution, also performs following steps:

Receive the type acquisition request that described server sends;

Obtain request according to described type, report described network insertion type to described server.

One of ordinary skill in the art will appreciate that all or part of flow process realized in above-described embodiment method, that the hardware that can carry out instruction relevant by computer program has come, described program can be stored in a computer read/write memory medium, this program, when performing, can comprise the flow process of the embodiment as above-mentioned each side method.Wherein, described storage medium can be magnetic disc, CD, read-only store-memory body (Read-Only Memory, ROM) or random store-memory body (Random Access Memory, RAM) etc.

Above disclosedly be only present pre-ferred embodiments, certainly can not limit the interest field of the present invention with this, therefore according to the equivalent variations that the claims in the present invention are done, still belong to the scope that the present invention is contained.

Claims

1. a method for processing business, is characterized in that, comprising:

Described server detects the network insertion type of described terminal;

2. the method for claim 1, is characterized in that, described server detects the network insertion type of described terminal, comprising:

Described server obtains request to described terminal transmission types, obtains request report network access style to make described terminal according to described type;

Described server receives the network insertion type of described terminal to report.

3. the method for claim 1, is characterized in that, before the service request that described server receiving terminal sends, also comprises:

Described server receives the service configuration information that described terminal sends, and carries described request person's mark and authentication information in described service configuration information;

Described server identifies according to described request person and judges whether described request person possesses configuration authority;

If described request person possesses configuration authority, described request person's mark is carried out association store with described authentication information by described server.

4. method as claimed in claim 3, it is characterized in that, described server identifies according to described request person and judges whether described request person possesses configuration authority, comprising:

Described server judges whether described request person's mark is default access mark;

If described request person is designated default access mark, described server confirms that described request person possesses configuration authority.

5. the method as described in any one of claim 1-4, is characterized in that, described network insertion type comprises: data network access style or wireless network access style;

6. method as claimed in claim 5, is characterized in that, described server is according to the network insertion type of described terminal, and employing identifies with described request person the authentication information be associated and carries out safety certification to described network environment information, comprising:

Described server obtains and identifies with described request person the authentication information be associated;

If the network insertion type of described terminal is data network access style, described server judges whether described network environment information comprises described master authentication mark, and judges whether the quantity of the auxiliary certification mark that described network environment information comprises is more than or equal to predetermined threshold value;

If described network environment information comprises described master authentication mark and the quantity that the auxiliary certification that described network environment information comprises identifies is more than or equal to described predetermined threshold value, described server confirms that safety certification is passed through.

7. method as claimed in claim 5, is characterized in that, described server is according to the network insertion type of described terminal, and employing identifies with described request person the authentication information be associated and carries out safety certification to described network environment information, comprising:

If described network insertion type is wireless network access style, described server judges whether the mark of the Network Access Point of described terminal is described master authentication mark;

If the described master authentication that is designated of the Network Access Point of described terminal identifies, described server judges whether the quantity of the auxiliary certification mark that described network environment information comprises is more than or equal to predetermined threshold value;

If the quantity of the auxiliary certification mark that described network environment information comprises is more than or equal to described predetermined threshold value, described server confirms that safety certification is passed through.

8. a method for processing business, is characterized in that, comprising:

9. method as claimed in claim 8, it is characterized in that, described when detecting that service request operates, terminal also comprises before obtaining the network environment information at described terminal place:

When business configuration event being detected, the mark of described at least one WAP (wireless access point) of terminal searching;

Described terminal detects the network insertion type of described terminal;

Described terminal according to the mark of described network insertion type and at least one WAP (wireless access point) described, producing authentication information.

10. method as claimed in claim 9, it is characterized in that, described network insertion type comprises: data network access style or wireless network access style;

11. methods as claimed in claim 10, is characterized in that, described terminal is according to the mark of described network insertion type and at least one WAP (wireless access point) described, and producing authentication information, comprising:

If described network insertion type is data network access style, the mark of at least one WAP (wireless access point) described in described terminal demonstration;

When the master authentication selection operation to the mark of at least one WAP (wireless access point) described being detected, the mark of selected WAP (wireless access point) is configured to master authentication mark by described terminal;

When the auxiliary certification selection operation to the mark of at least one WAP (wireless access point) described being detected, the mark of the selected WAP (wireless access point) except described master authentication mark is configured to auxiliary certification mark by described terminal.

12. methods as claimed in claim 10, is characterized in that, described terminal is according to the mark of described network insertion type and at least one WAP (wireless access point) described, and producing authentication information, comprising:

If described network insertion type is wireless network access style, the mark of Network Access Point is configured to master authentication mark by described terminal;

The mark of at least one WAP (wireless access point) described in described terminal demonstration;

When the certification selection operation to the mark of at least one WAP (wireless access point) described being detected, the mark of the selected WAP (wireless access point) except described master authentication mark is configured to auxiliary certification mark by described terminal.

13. methods as described in claim 11 or 12, is characterized in that, described terminal, according to the mark of described network insertion type and at least one WAP (wireless access point) described, after producing authentication information, also comprises:

Described terminal generates the service configuration information carrying requestor's mark and described authentication information;

Described terminal sends described service configuration information to described server, with make described server according to described request person identify judge described request person whether possess configuration power, and when described request person possesses configuration authority, described request person's mark is carried out association store with described authentication information.

14. methods as claimed in claim 9, is characterized in that, described terminal also comprises after described service request is sent to server:

Described terminal receives the type acquisition request that described server sends;

Described terminal obtains request according to described type, reports described network insertion type to described server.

15. 1 kinds of business processing devices, is characterized in that, comprising:

16. devices as claimed in claim 15, it is characterized in that, described type detection module comprises:

Type obtains request unit, for obtaining request to described terminal transmission types, obtains request report network access style to make described terminal according to described type;

Type reception unit, for receiving the network insertion type of described terminal to report.

17. devices as claimed in claim 15, is characterized in that, also comprise:

Configuration receiver module, for receiving the service configuration information that described terminal sends, carries described request person's mark and authentication information in described service configuration information;

For identifying according to described request person, authority detection module, judges whether described request person possesses configuration authority;

Association store module, if possess configuration authority for described request person, carries out association store by described request person's mark with described authentication information.

18. devices as claimed in claim 17, it is characterized in that, described authority detection module comprises:

Mark judging unit, for judging whether described request person's mark is default access mark;

Authority confirmation unit, if be designated default access mark for described request person, confirms that described request person possesses configuration authority.

19. devices as described in any one of claim 15-18, it is characterized in that, described network insertion type comprises: data network access style or wireless network access style;

20. devices as claimed in claim 19, it is characterized in that, described security authentication module comprises:

First acquiring unit, identifies with described request person the authentication information be associated for obtaining;

First judging unit, if the network insertion type for described terminal is data network access style, judge whether described network environment information comprises described master authentication mark, and judge whether the quantity of the auxiliary certification mark that described network environment information comprises is more than or equal to predetermined threshold value;

First confirmation unit, if comprise described master authentication mark for described network environment information and the quantity of auxiliary certification mark that described network environment information comprises is more than or equal to described predetermined threshold value, confirms that safety certification is passed through.

21. devices as claimed in claim 19, it is characterized in that, described security authentication module comprises:

Second acquisition unit, identifies with described request person the authentication information be associated for obtaining;

Second judging unit, if be wireless network access style for described network insertion type, judges whether the mark of the Network Access Point of described terminal is described master authentication mark;

3rd judging unit, if identify for the described master authentication that is designated of the Network Access Point of described terminal, judges whether the quantity of the auxiliary certification mark that described network environment information comprises is more than or equal to predetermined threshold value;

Second confirmation unit, if the quantity of the auxiliary certification mark comprised for described network environment information is more than or equal to described predetermined threshold value, confirms that safety certification is passed through.

22. 1 kinds of servers, is characterized in that, comprise the business processing device as described in any one of claim 15-21.

23. 1 kinds of business processing devices, is characterized in that, comprising:

24. devices as claimed in claim 23, is characterized in that, also comprise:

Search module, for when business configuration event being detected, searches for the mark of at least one WAP (wireless access point);

Configuration module, for the mark according to described network insertion type and at least one WAP (wireless access point) described, producing authentication information.

25. devices as claimed in claim 24, it is characterized in that, described network insertion type comprises: data network access style or wireless network access style;

26. devices as claimed in claim 25, it is characterized in that, described configuration module comprises:

First display unit, if be data network access style for described network insertion type, the mark of display at least one WAP (wireless access point) described;

First main dispensing unit, for when the master authentication selection operation to the mark of at least one WAP (wireless access point) described being detected, is configured to master authentication mark by the mark of selected WAP (wireless access point);

First auxiliary dispensing unit, for when the auxiliary certification selection operation to the mark of at least one WAP (wireless access point) described being detected, is configured to auxiliary certification mark by the mark of the selected WAP (wireless access point) except described master authentication mark.

27. devices as claimed in claim 25, it is characterized in that, described configuration module comprises:

Second main dispensing unit, if be wireless network access style for described network insertion type, is configured to master authentication mark by the mark of Network Access Point;

Second display unit, for showing the mark of at least one WAP (wireless access point) described;

Second auxiliary dispensing unit, for when the certification selection operation to the mark of at least one WAP (wireless access point) described being detected, is configured to auxiliary certification mark by the mark of the selected WAP (wireless access point) except described master authentication mark.

28. devices as described in claim 26 or 27, is characterized in that, also comprise:

Information generating module, for generating the service configuration information carrying requestor's mark and described authentication information;

Information sending module, for sending described service configuration information to described server, with make described server according to described request person identify judge described request person whether possess configuration power, and when described request person possesses configuration authority, described request person's mark is carried out association store with described authentication information.

29. devices as claimed in claim 24, is characterized in that, also comprise:

Request receiving module, the type sent for receiving described server obtains request;

Type reporting module, for obtaining request according to described type, reports described network insertion type to described server.

30. 1 kinds of terminals, is characterized in that, comprise the business processing device as described in any one of claim 23-29.