[go: up one dir, main page]

CN107395344A - User profile guard method and device - Google Patents

User profile guard method and device Download PDF

Info

Publication number
CN107395344A
CN107395344A CN201710587032.XA CN201710587032A CN107395344A CN 107395344 A CN107395344 A CN 107395344A CN 201710587032 A CN201710587032 A CN 201710587032A CN 107395344 A CN107395344 A CN 107395344A
Authority
CN
China
Prior art keywords
checking information
checking
user
conversion process
safety device
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201710587032.XA
Other languages
Chinese (zh)
Inventor
孙吉平
刘跃峰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Senseshield Technology Co Ltd
Original Assignee
Beijing Senseshield Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Senseshield Technology Co Ltd filed Critical Beijing Senseshield Technology Co Ltd
Priority to CN201710587032.XA priority Critical patent/CN107395344A/en
Publication of CN107395344A publication Critical patent/CN107395344A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0877Generation of secret information including derivation or calculation of cryptographic keys or passwords using additional device, e.g. trusted platform module [TPM], smartcard, USB or hardware security module [HSM]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0891Revocation or update of secret information, e.g. encryption key update or rekeying
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0894Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)

Abstract

The embodiment of the invention discloses a kind of user profile guard method, including:Send the first checking information via the first user of Network Capture to safety device and carry out predetermined conversion process at least once and obtain at least one second checking information;At least one second checking information is stored in first storage device, and private data used in carrying out the conversion process is merely stored in the safety device.The embodiment of the present invention also discloses a kind of user profile protection system.It by embodiments of the invention, can effectively ensure user information safety, significantly reduce the risk that storehouse is dragged by hacker.

Description

User profile guard method and device
Technical field
The present invention relates to field of communication security, more particularly to a kind of user profile guard method and device.
Background technology
With the arrival of cybertimes, the every aspect of people's routine work and life nearly all joins closely with internet System.In the website based on account-encryption apparatus, it is necessary to by verifying the password of user come the identity of certification user, so as to obtain The authority that must be accessed.Due to being stored with many important informations of a large number of users in website, therefore, the storage and verification of user cipher Security it is extremely important.User cipher may then cause the leakage of user profile, consequently, it is possible to user's once revealing Economy and spirit are brought about great losses, while very big negative effect can be also brought to related web site.
In the prior art, website carries out digest calculations after user cipher generally is added into salt, stores the result into website In database.User cipher is even stored directly in database by some websites, and attacker is more prone to obtain the original of user Beginning password.In this case, it is easy to hacker attacks website occurs, the database for being stored with registered user's information is all stolen That walks drags storehouse behavior.Specifically, website attacker has once broken through database, then can be obtained by means such as dictionary attacks User original password, hacker utilize these username and password login service devices, further acquisition include user mobile phone number, The extremely detailed user profile such as address list, even Net silver, and by some technological means and Dark Industry Link, will be valuable User profile become the purpose that cash is illegally made a profit to reach.
The content of the invention
Therefore, the embodiments of the invention provide a kind of by carrying out special encryption to the account number cipher of user and will add The close method that user profile is protected with Dynamic data exchange storage.
Specifically, the embodiments of the invention provide a kind of user profile guard method, including:By via Network Capture The first checking information of first user, which sends safety device to and carries out predetermined conversion process at least once, obtains at least one the Two checking informations;At least one second checking information is stored in first storage device, and the conversion will be carried out Private data used in processing is merely stored in the safety device.
Alternately, method according to embodiments of the present invention also includes:The checking that the first user is received via network please Ask, the checking request includes the 3rd checking information;The 3rd checking information is sent to the safety device to carry out Predetermined conversion process obtains the 4th checking information;By the 4th checking information and at least one second checking information of storage It is compared, is verified if at least one second checking information includes the 4th checking information, otherwise verifies Do not pass through.
Alternately, the once predetermined conversion process include carrying out the sub- computing of at least one safety or carry out two kinds with At least one combinatorial operation of the upper sub- computing of safety.
Alternately, method according to embodiments of the present invention also includes:After predetermined interval time, by being stored in At least one second checking information for stating each user in first storage device is replaced by different from described at least one At least one 5th checking information of second checking information, at least one 5th checking information is by the safety device to institute State the first checking information and carry out predetermined conversion process at least once and obtain.
Alternately, method according to embodiments of the present invention also includes:The safety device, which does not have, to be used for the private Data-interface derived from ciphertext data.
The embodiment of the present invention additionally provides a kind of user profile protection device, and described device includes:Communicator, its via The first checking information of the user of Network Capture first;Safety device, it carries out change predetermined at least once to the first checking information Change processing and obtain at least one second checking information, and private data used in carrying out the conversion process is merely stored in institute State in safety device;And first storage device, it stores at least one second checking information.
Alternately, the communicator is additionally configured to receive the checking request of first user via network, described Checking request includes the 3rd checking information;The safety device is additionally configured to described predetermined to the 3rd checking information progress Conversion process obtains the 4th checking information, and described device also includes:Device is verified, it is configured to enter safety device at line translation The 4th obtained checking information is managed compared with least one second checking information that first storage device stores, if institute State at least one second checking information and include the 4th checking information and be then verified, otherwise verify and do not pass through.
Alternately, the safety device is configured to, and after predetermined interval time, first checking information is entered Conversion process predetermined at least once of going obtains at least one 5th checking different from least one second checking information Information;The first storage device is configured at least one second checking information of each user of storage being replaced by institute State at least one 5th checking information.
Alternately, the safety device is configured to by carrying out the sub- computing of at least one safety or carrying out two or more peaces At least one combinatorial operation of complete sub- computing carries out the once predetermined conversion process.
Alternately, the safety device, which does not have, is used for data-interface derived from the private data.
By the embodiment of the present invention, first, stored again after carrying out conversion process to user account password by safety device, And private data used in conversion process is formed and stored in safety device and can not exported, and can effectively improve institute The safe class of the user data of storage, the difficulty that hacker is inversely cracked to database data is greatly enhanced, is reduced Hacker drags the risk in storehouse.
Brief description of the drawings
Fig. 1 is the indicative flowchart of an embodiment of the user profile guard method of the present invention;
Fig. 2 is the indicative flowchart of another embodiment of the user profile guard method of the present invention;
Fig. 3 is the indicative flowchart of a specific embodiment of the user profile guard method of the present invention;
Fig. 4 is the schematic block diagram that the user profile of the present invention protects an embodiment of system.
Embodiment
Embodiments of the present invention are described in detail with reference to the accompanying drawings.
Fig. 1 is the indicative flowchart of an embodiment of the user profile guard method of the present invention.
As shown in figure 1, the user profile guard method of present embodiment includes:
S101, the first checking information via the first user of Network Capture is sent to safety device carried out at least once Predetermined conversion process obtains at least one second checking information;
First user can send account registration request via network by client to service end, be wrapped in account registration request The first checking information of the first user setting is included, the first checking information of the first user can for example include user name and/or use Family password.
After account registration request of the service end via Network Capture to the first user, first in account registration request is tested Information transmission is demonstrate,proved to safety device, conversion process predetermined at least once is carried out to first checking information by safety device.
In embodiments of the present invention, safety device can be carried out one or many predetermined to the first checking information as needed Conversion process.Once predetermined conversion process can for example include carrying out the sub- computing of at least one safety or carry out two or more peaces At least one combinatorial operation of complete sub- computing.The above-mentioned sub- computing of safety can for example add selected from data encryption, data summarization, data Salt, calculate the safe computings such as authentication code (MAC), digital signature.
Safety device carries out obtaining after predetermined conversion process at least once at least one to first checking information Second checking information can be used for carrying out authentication to the first user.For example, safety device can be tested the first of each user Demonstrate,prove information and carry out once predetermined conversion process, the second checking information of generation is stored in same storage region.In addition for example, When safety device carries out repeatedly predetermined conversion process to the first checking information, different conversion process can be used every time, Obtain multiple the second different checking informations and save as the login authentication information of the first user jointly.Safety device is to different use First checking information at family can be used the second checking information of generation after the one or many predetermined conversion process of identical Same storage region is stored in, different one or many predetermined changes can also be used to the first checking information of each user Change and handle and the incidence relation of conversion process and different user used by recording, such as by user name and corresponding conversion process It is associated storage.
S102, at least one second checking information is stored in first storage device, and the change will be carried out Private data used in changing processing is merely stored in the safety device.
First storage device is the storage device outside safety device, for example, it may be the database of service end, Huo Zheke To be the memory that directly or indirectly can be connected with secure device communication.
Safety device carries out private data used in conversion process once the generation in safety device or incoming safety dress Postpone and be just merely stored in the safety device and can not export to outside safety device.Private data can for example include number According to encryption key, AES and the salt figure etc. in salt computing is added to be used for the data for carrying out conversion process.
The embodiment of the present invention is stored after carrying out conversion process to user account password by safety device and only pacified Private data used in full device memory storage conversion process, the transformed user profile stored have higher encryption stage Not, user profile can be effectively protected, reduces the risk that hacker drags storehouse behavior.
Fig. 2 is the indicative flowchart of another embodiment of the user profile guard method of the present invention.
As shown in Fig. 2 present embodiment further comprises on the basis of embodiment illustrated in fig. 1:
S201, the checking request for receiving via network the first user, the checking request include the 3rd checking information;
First user can send account logging request via network by client to service end, be wrapped in account logging request The 3rd checking information of the first user is included, the 3rd checking information can for example include user name and/or user cipher.
S202, first checking information is sent to the safety device carry out predetermined conversion process and obtain the 4th testing Demonstrate,prove information;
Service end via after the account logging request of Network Capture to the first user, it is necessary to verify in account logging request The 3rd checking information it is whether identical in the first checking information submitted during account registration with the first user.Therefore, service End sends the 3rd checking information to safety device, and predetermined conversion process is carried out to the 3rd checking information by safety device.
The first checking information for the first user's registration before safety device has been carried out once at predetermined conversion When reason generates second checking information, safety device can be using when being transformed to the second checking information by the first checking information Used same predetermined conversion process carries out conversion process to the 3rd checking information.For example, when the checking of generation first When having used the sub- operation group cooperation of safety of data encryption, data summarization and digital signature to be predetermined conversion process during information, Safety device is still become using the sub- computing combination of safety of data encryption, data summarization and digital signature to the 3rd checking information Change processing and obtain the 4th checking information.
The first checking information for each user's registration before safety device has been carried out at multiple predetermined conversion When reason generates multiple second checking informations, safety device can use is transformed to multiple second checking letters by the first checking information Any one or more conversion process during breath in used multiple predetermined conversion process become to the 3rd checking information Change processing and obtain one or more 4th checking informations.
S203, by the 4th checking information with store at least one second checking information compared with, if it is described extremely Few second checking information includes the 4th checking information and is then verified, and otherwise verifies and does not pass through.
One or more the 4th is generated after safety device carries out first checking information predetermined conversion process to test Information is demonstrate,proved, the 4th checking information generated and at least one second checking information in advance for the first user storage are compared Compared with being verified if at least one second checking information includes the 4th checking information, otherwise verify and do not pass through.For example, The checking information of one or more second generated for the first user can associate with the user name used during the first user's registration deposits Storage is in order to inquiring and authenticating.
In the present embodiment, when user is to service end register account number, in the account registration request submitted to user First checking information device safe to use carries out conversion process predetermined at least once to obtain at least one second checking information, At least one second checking information is stored in first storage device.In this way, for example for the original licensed of some user Password is stored with least one second checking generated by conversion process predetermined at least once in first storage device Information.So, even if hacker invades database and obtains the second checking information in first storage device, it is also difficult to by simple Reverse generation dictionary crack the log-in password of all users in database.
In addition, when users log on, predetermined conversion process carried out to the first checking information obtain the 4th checking information be A kind of conversion process referred in the above-mentioned predetermined conversion process at least once of the login password progress inputted when being logged in user arrives 4th checking information.So, in S203 verification step, according to the number for carrying out conversion process, the 4th checking can be verified Whether information and the second checking information stored are identical, or can verify whether multiple second checking informations include the 4th checking Information.If including being verified, otherwise verifying and do not pass through.
In yet another embodiment of the present invention, can be deposited first after predetermined interval time, will be stored in The second checking information of each user in storage device is replaced by the 5th checking information different from the second checking information, and Five checking informations carry out conversion process predetermined at least once to the first checking information by safety device and obtained.Implement in the present invention In example, the first checking information that can register customers as submitting during account is backed up in the second storage device for periodically converting and replacing Change checking information.Different from such as be database access network first storage device, the second storage device can be not with Such as flash memory device of network connection, so as to which the original account information of user is carried out into safekeeping.
It is every at least one second checking information for being stored in the first storage device according to present embodiment Substituted every predetermined interval time, i.e., to conversion process used by the sub- computing of safety be updated, so, even if hacker The database of first storage device is invaded, it is also difficult to the password of whole database is cracked in a short time, by the scheduled time Afterwards, the checking information in database is re-encrypted, then all that has been achieved is spoiled by the cracking work general before hacker, so as to preferably Protect the safety of user profile.
Above-mentioned predetermined interval time can set according to specific needs in the embodiment of the present invention.For example, between predetermined It can be set to 1 week, 1 month, 3 months etc. every the time.
In yet another embodiment of the present invention, safety device, which does not have, is used to connect data derived from private data Mouthful.Therefore, private data used in conversion process is carried out once generating or be externally introduced in safety device and store it Afterwards, it can not just export to outside safety device, further ensure that user information safety.
Fig. 3 is the flow chart of a specific embodiment of the user profile guard method of the present invention.
As shown in figure 3, the present embodiment includes setting user cipher and checking two stages of user cipher:
First, the user cipher stage is set to comprise the following steps:
S301, safety device point will be sent to via the original password of the first user of Network Capture (the first checking information) The sub- computing 1 of following three kinds of safety is not carried out) add the laggard row information digest algorithm 5 (MD5) of salt to obtain the second checking original password Information a;2) progress SHA SHA1 obtains the second checking information b after original password being added into salt;3) original password is added SHA SHA256 is carried out after salt and obtains the second checking information c.
S302, the database that the second checking information a, the second checking information b, the second checking information c are stored in server In, and the private data such as salt and key used in carrying out the sub- computing of above-mentioned three kinds of safety is merely stored in the safety dress In putting and it can not export.
Next, the checking user cipher stage comprises the following steps:
S303, the checking request for receiving via network the first user, the checking request include password the (the 3rd to be verified Checking information).
S304, password to be verified is sent to the safety device, to carrying out SHA SHA256 after itself plus salt Obtain the 4th checking information d.
S305, by the 4th checking information d with storage the second checking information a, the second checking information b, the second checking information c It is compared, if the second checking information a, the second checking information b, the second checking information c include the 4th checking information d It is verified, otherwise verifies and do not pass through.
The numerous embodiments of the user profile protection device of the present invention are illustrated below.
Fig. 4 is the block diagram that the user profile of the present invention protects an embodiment of system.
As illustrated, the system of embodiment of the present invention includes communicator 1, safety device 2 and first storage device 3。
Communicator 1 is configured to the first checking information via the user of Network Capture first.Communicator 1 connects including communication Mouthful.Alternatively, it is serial line interface (UART), parallel interface, USB (USB), live wire that communicator 1, which can include, (IEEE1394), the interface such as IC bus interface (IIC), serial peripheral (SPI), blue tooth interface.
Safety device 2 is configured to carry out first checking information predetermined conversion process at least once to obtain at least one Individual second checking information, and private data used in carrying out conversion process is merely stored in safety device 2.For example, safety Device 2 can be the microprocessors such as intelligent card chip, single-chip microcomputer.
Safety device 2 can include conversion process module 11 and memory module 12.Specifically, safety device 2 receives After the first checking information for the first user that communicator 1 is sent, conversion process module 11 in memory module 12 using storing Private data conversion process carried out to the first checking information of the first user obtain at least one second checking information.
In embodiments of the present invention, safety device 2, which does not have, is used for data-interface derived from private data.Therefore, enter Private data used in line translation processing is stored by the memory module 12 in safety device 2, and can not export to safety device Outside.Therefore, hacker can not obtain private data used in conversion process, so as to be difficult to directly be obtained by inversely cracking The log-in password of all users in database.
Alternatively, the conversion process at least once that safety device 2 is carried out can include the sub- computing of at least one safety or two At least one combinatorial operation of the sub- computing of safety more than kind.The sub- computing of safety includes but is not limited to data encryption, data summarization, number According to adding salt, calculate authentication code (MAC), the safe computing such as digital signature.
First storage device 3 is connected with safety device 2, and is configured to store at least one second checking information.It is optional Ground, first storage device 3 include but is not limited to:EPROM, EEPROM, Flash, hard disk, ferroelectric memory, intelligent card chip etc. Component comprising store function.
In the present embodiment, when safety device 2 is to user's registration to service end submit the first checking information carry out to Lack once predetermined conversion process to obtain at least one second checking information, at least one second checking information of generation is deposited Storage is in first storage device 3.So, the log-in password for some user be stored with first storage device 3 by At least one second checking information of predetermined conversion process generation at least once.So, even if hacker invades database and obtained The second checking information into first storage device, it is also difficult to own by simple reverse generation dictionary to crack in database The log-in password of user.
In another embodiment of the invention, communicator 1 is additionally configured to receive the checking of the first user via network Request, checking request include the first checking information;Safety device is additionally configured to carry out at predetermined conversion the first checking information Reason obtains the 4th checking information, and user profile protection device also includes:Device 4 is verified, it is configured to enter safety device 2 The 4th checking information that line translation handles to obtain is compared with least one second checking information that first storage device 3 stores Compared with being verified if at least one second checking information includes the 4th checking information, otherwise verify and do not pass through.
In the present embodiment, when users log on, the 3rd checking information that safety device 2 includes to checking request is entered The predetermined conversion process of row obtains the 4th checking information, i.e., the login password progress inputted when being logged in user is above-mentioned at least once A kind of conversion process in predetermined conversion process obtains the 4th checking information.Next, checking device 4 verifies at least one the Whether include the 4th checking information in two checking informations, if including being verified, otherwise verifying and do not pass through.
In the above-described embodiment, if safety device 2 is believed the first checking for being committed to service end in user's registration Breath has carried out multiple predetermined conversion process and has generated multiple second checking informations, then when user logs in being committed to service end 3rd checking information carries out any of above-mentioned multiple predetermined conversion process predetermined conversion process and obtains the 4th checking letter Breath, and the 4th checking information of generation is subjected to zoom with multiple second checking informations stored before.Tested by many-to-one Card mode, further increase the difficulty that hacker inversely decodes user login password.
In further embodiment of the present invention, safety device 2 is configured to, after predetermined interval time, to first Checking information carries out predetermined conversion process at least once and obtains at least one the different from least one second checking information Five checking informations;First storage device 3 be configured to by least one second checking information of each user of storage be replaced by Few 5th checking information.According to present embodiment, to the second checking information for being stored in first storage device 3 every pre- Fixed interval time is substituted, i.e., to conversion process used by the sub- computing of safety be updated.So, by the scheduled time Afterwards, the checking information in database is re-encrypted, so as to be effectively protected the safety of user profile.It is above-mentioned it is predetermined between It can be set according to specific needs every the time.For example, the predetermined interval time can be set to 1 week, 1 month, 3 Month etc..
Some embodiments of the present invention are illustrated above, but the invention is not restricted to these specific embodiments Son, those skilled in the art, which are based on above-mentioned record, can make a variety of variants and modifications, and these modifications and modification should all fall into this Within the protection domain of invention.

Claims (10)

1. a kind of user profile guard method, it is characterised in that comprise the following steps:
Send the first checking information via each user of Network Capture to safety device and carry out conversion predetermined at least once Processing obtains at least one second checking information;
At least one second checking information of each user is stored in first storage device, and the conversion will be carried out Private data used in processing is merely stored in the safety device.
2. according to the method for claim 1, wherein, this method also includes:
The checking request of the first user is received via network, the checking request includes the 3rd checking information;
Send the 3rd checking information to the safety device progress predetermined conversion process and obtain the 4th checking letter Breath;
By the 4th checking information compared with least one second checking information stored, if described at least one second Checking information includes the 4th checking information and is then verified, and otherwise verifies and does not pass through.
3. according to the method for claim 1, wherein, the once predetermined conversion process includes carrying out at least one safety Sub- computing or at least one combinatorial operation for carrying out the two or more sub- computings of safety.
4. according to the method for claim 1, wherein, this method also includes:
After predetermined interval time, by described at least one the of each user being stored in the first storage device Two checking informations are replaced by least one 5th checking information different from least one second checking information, it is described at least One the 5th checking information carries out conversion process predetermined at least once to first checking information by the safety device and obtained Arrive.
5. according to the method for claim 1, wherein, the safety device, which does not have, to be used for derived from the private data Data-interface.
6. a kind of user profile protects system, it is characterised in that including:
Communicator, its via the user of Network Capture first the first checking information;
Safety device, it carries out predetermined conversion process at least once to first checking information and obtains at least one second testing Information is demonstrate,proved, and private data used in carrying out the conversion process is merely stored in the safety device;And
First storage device, it stores at least one second checking information.
7. device according to claim 6, wherein,
The communicator is additionally configured to receive the checking request of first user via network, and the checking request includes the Three checking informations;
The safety device is additionally configured to obtain the 4th checking to the 3rd checking information progress predetermined conversion process Information,
Described device also includes:
Device is verified, it is configured to deposit the 4th checking information that safety device progress conversion process obtains with first storage device At least one second checking information of storage is compared, if at least one second checking information includes the described 4th Checking information is then verified, and is otherwise verified and is not passed through.
8. device according to claim 6, wherein,
The safety device is configured to, and after predetermined interval time, first checking information is carried out pre- at least once Fixed conversion process obtains at least one 5th checking information different from least one second checking information;
The first storage device is configured at least one second checking information of each user of storage being replaced by institute State at least one 5th checking information.
9. device according to claim 6, wherein, the safety device is configured to by carrying out at least one safety fortune At least one combinatorial operation of the sub- computing of two or more safety is calculated or carried out to carry out the once predetermined conversion process.
10. device according to claim 6, wherein, the safety device, which does not have, to be used to export the private data Data-interface.
CN201710587032.XA 2017-07-18 2017-07-18 User profile guard method and device Pending CN107395344A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710587032.XA CN107395344A (en) 2017-07-18 2017-07-18 User profile guard method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710587032.XA CN107395344A (en) 2017-07-18 2017-07-18 User profile guard method and device

Publications (1)

Publication Number Publication Date
CN107395344A true CN107395344A (en) 2017-11-24

Family

ID=60339429

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710587032.XA Pending CN107395344A (en) 2017-07-18 2017-07-18 User profile guard method and device

Country Status (1)

Country Link
CN (1) CN107395344A (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108650210A (en) * 2018-03-14 2018-10-12 深圳市中易通安全芯科技有限公司 A kind of Verification System and method
CN112688972A (en) * 2021-03-19 2021-04-20 杭州天谷信息科技有限公司 Method and system for protecting account security

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1949241A (en) * 2006-11-02 2007-04-18 北京飞天诚信科技有限公司 Method and system of software identify identification
CN101084694A (en) * 2004-12-22 2007-12-05 诺基亚公司 Method for producing authentication information
CN105279649A (en) * 2014-06-12 2016-01-27 恩智浦有限公司 Method for configuring secure element, and configurable secure element
CN105306456A (en) * 2015-09-30 2016-02-03 深圳市先河系统技术有限公司 System login method, server, system and network-attached storage device
CN105897730A (en) * 2016-05-12 2016-08-24 广西尊达电子商务有限公司 User name and password information encryption and verification method

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101084694A (en) * 2004-12-22 2007-12-05 诺基亚公司 Method for producing authentication information
CN1949241A (en) * 2006-11-02 2007-04-18 北京飞天诚信科技有限公司 Method and system of software identify identification
CN105279649A (en) * 2014-06-12 2016-01-27 恩智浦有限公司 Method for configuring secure element, and configurable secure element
CN105306456A (en) * 2015-09-30 2016-02-03 深圳市先河系统技术有限公司 System login method, server, system and network-attached storage device
CN105897730A (en) * 2016-05-12 2016-08-24 广西尊达电子商务有限公司 User name and password information encryption and verification method

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108650210A (en) * 2018-03-14 2018-10-12 深圳市中易通安全芯科技有限公司 A kind of Verification System and method
CN112688972A (en) * 2021-03-19 2021-04-20 杭州天谷信息科技有限公司 Method and system for protecting account security

Similar Documents

Publication Publication Date Title
US11283797B2 (en) Authenticating a user device associated with a user to communicate via a wireless network in a secure web-based environment
JP6606156B2 (en) Data security service
JP6527590B2 (en) System and method for detecting covert channel network intrusion based on offline network traffic
CN110569658B (en) User information processing method and device based on blockchain network, electronic equipment and storage medium
CN109274652B (en) Identity information verification system, method and device and computer storage medium
CN101873331B (en) Safety authentication method and system
KR20180026508A (en) A security verification method based on biometric characteristics, a client terminal, and a server
CN104484620B (en) A method of false sales volume and inventory are avoided in pin sales management cloud system fastly
EP3552131B1 (en) Password security
CN110932859B (en) User information processing method, apparatus, device and readable storage medium
CN110490640B (en) Method, device and system for object distribution processing
CN101420302A (en) Safe identification method and device
CN101741826A (en) Method and system for realizing encryption unloading on virtualized platform
CN104125230A (en) Short message authentication service system and authentication method
CN117332395A (en) A data management method and system for data sharing
WO2019178440A1 (en) System and method for securing private keys behind a biometric authentication gateway
CN107395344A (en) User profile guard method and device
CN107844290B (en) Software product design method and device based on data stream security threat analysis
CN114598478B (en) Data encryption method, device, electronic equipment and storage medium
CN116248368A (en) Identity authentication method, system, equipment and storage medium based on block chain
CN109547404A (en) The acquisition methods and server of data
JP5947358B2 (en) Authentication processing apparatus, method and program
Xie et al. VOAuth: A solution to protect OAuth against phishing
TWI640887B (en) User verification system implemented along with a mobile device and method thereof
TWI472189B (en) Network monitoring system and method for managing key

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20171124

RJ01 Rejection of invention patent application after publication