[go: up one dir, main page]

CN116561735B - Mutual trust authentication method and system based on multiple authentication sources and electronic equipment - Google Patents

Mutual trust authentication method and system based on multiple authentication sources and electronic equipment Download PDF

Info

Publication number
CN116561735B
CN116561735B CN202310835321.2A CN202310835321A CN116561735B CN 116561735 B CN116561735 B CN 116561735B CN 202310835321 A CN202310835321 A CN 202310835321A CN 116561735 B CN116561735 B CN 116561735B
Authority
CN
China
Prior art keywords
authentication
source
optimal
information
user
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202310835321.2A
Other languages
Chinese (zh)
Other versions
CN116561735A (en
Inventor
杨一蛟
史晓婧
曾明
刘可
乐天
章书焓
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen Zhuyun Technology Co ltd
Original Assignee
Shenzhen Zhuyun Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Zhuyun Technology Co ltd filed Critical Shenzhen Zhuyun Technology Co ltd
Priority to CN202310835321.2A priority Critical patent/CN116561735B/en
Publication of CN116561735A publication Critical patent/CN116561735A/en
Application granted granted Critical
Publication of CN116561735B publication Critical patent/CN116561735B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication
    • G06F21/445Program or device authentication by mutual authentication, e.g. between devices or programs
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

The specification discloses a mutually trusted authentication method, a mutually trusted authentication system and electronic equipment based on multiple authentication sources, which can improve the mutually trusted authentication efficiency, simplify the user operation and optimize the user experience. The method comprises the following steps: receiving a mutual trust authentication request and acquiring application attribute information of a current application terminal; aiming at the mutually trusted authentication request, selecting an optimal authentication source from a plurality of authentication sources based on a preset matching rule according to the application attribute information; user authentication information is obtained from the optimal authentication source, and authentication response is carried out on the mutually trusted authentication request based on the user authentication information. The system comprises an information acquisition module, an optimal authentication source screening module and a mutually trusted authentication response module. The electronic device comprises a memory, a processor and a computer program stored on the memory and capable of running on the processor, wherein the processor realizes a mutually trusted authentication method based on multiple authentication sources when executing the program.

Description

Mutual trust authentication method and system based on multiple authentication sources and electronic equipment
Technical Field
The invention relates to the technical field of information security authentication, in particular to a mutual trust authentication method and system based on multiple authentication sources and electronic equipment.
Background
With the continuous development of information technology, information interaction and function connection between various information systems and information platforms are becoming more and more intimate. Various application service programs have more abundant functions, and can provide multi-party services for users in a cross-platform and cross-system mode. When an application service program provides services for users in a cross-platform and cross-system mode, a service provider needs to conduct identity authentication on the users, and therefore the mutual trust condition between the current application program and the service provider is required to be met. The mutual trust usually combines different authentication sources to authenticate the identity information of the user through a standard protocol, a federal mutual trust relationship is formed among a plurality of authentication sources, and the authentication sources in federal can mutually pull the identity information of the user to authenticate.
In general, the requirements of one-way one-to-one mutual trust authentication service can be met based on the federal mutual trust relationship. With further development of information technology, the number of authentication sources in the mutually trusted federation is gradually increased, and mutually trusted authentication services often face one-to-many or even many-to-many authentication scenes, so that a user is required to manually select the authentication sources, the operation complexity of the user is greatly increased, the response efficiency of an application program is reduced, and the user experience is also affected.
Disclosure of Invention
In view of the above, the embodiments of the present invention provide a mutual trust authentication method, system and electronic device based on multiple authentication sources, which can improve mutual trust authentication efficiency, simplify user operation, and optimize user experience.
In a first aspect, embodiments of the present disclosure provide a mutually trusted authentication method based on multiple authentication sources, including:
receiving a mutual trust authentication request and acquiring application attribute information of a current application terminal;
aiming at the mutually trusted authentication request, selecting an optimal authentication source from a plurality of authentication sources based on a preset matching rule according to the application attribute information;
user authentication information is obtained from the optimal authentication source, and authentication response is carried out on the mutually trusted authentication request based on the user authentication information.
Optionally, for the mutually trusted authentication request, selecting an optimal authentication source from a plurality of authentication sources based on a preset matching rule according to the application attribute information, including:
determining a target service item which corresponds to the mutually trusted authentication request and needs to be called;
selecting an adaptive authentication source corresponding to the target service item from a plurality of authentication sources;
evaluating a plurality of adaptive authentication sources based on the preset matching rules to determine matching values of the adaptive authentication sources relative to the mutually trusted authentication requests;
and selecting and determining the optimal authentication source from a plurality of adaptive authentication sources according to the matching value.
Optionally, for the mutually trusted authentication request, selecting an optimal authentication source from a plurality of authentication sources based on a preset matching rule according to the application attribute information, including:
extracting a plurality of attribute information items from the application attribute information;
selecting a plurality of authentication sources matched with the attribute information items to form an authentication subset according to the preset matching rule;
and determining intersections of a plurality of authentication subsets corresponding to the attribute information items, and taking an authentication source in the intersections as the optimal authentication source.
Optionally, after selecting the optimal authentication source, the method further includes:
generating recommendation information according to the optimal authentication source, and receiving feedback information of a user aiming at the recommendation information;
determining whether the user accepts the optimal authentication source according to the feedback information;
and responding to the user receiving the optimal authentication source, and acquiring user authentication information from the optimal authentication source to perform mutual trust authentication.
Optionally, after receiving the feedback information each time, the method further includes:
collecting the feedback information, and creating a user feedback database according to a plurality of pieces of feedback information;
the user feedback database comprises a plurality of feedback record items, wherein the feedback record items comprise the feedback information, the optimal authentication source corresponding to the feedback information, the mutually trusted authentication request and the application attribute information.
Optionally, the method further includes performing real-time optimization updating on the preset matching rule according to the user feedback database.
Optionally, in response to the user not accepting the optimal authentication source, the method further comprises:
determining a matching authentication source corresponding to the mutually trusted authentication request and the application attribute information as a new optimal authentication source by using a neural network matching model;
generating new recommendation information based on the new optimal authentication source, and recommending again;
the neural network matching model is generated by training the user feedback database.
Optionally, obtaining user authentication information from the optimal authentication source includes:
selecting a mutual trust authentication protocol corresponding to the optimal authentication source, and communicating with the optimal authentication source according to the mutual trust authentication protocol to acquire the user authentication information.
In a second aspect, embodiments of the present disclosure further provide a mutually trusted authentication system based on multiple authentication sources, the system comprising:
the information acquisition module is used for receiving the mutual trust authentication request and acquiring application attribute information of the current application terminal;
the optimal authentication source screening module is used for selecting an optimal authentication source from a plurality of authentication sources based on a preset matching rule according to the application attribute information aiming at the mutually trusted authentication request; and
and the mutual trust authentication response module is used for acquiring user authentication information from the optimal authentication source and carrying out authentication response on the mutual trust authentication request based on the user authentication information.
In a third aspect, embodiments of the present specification also provide a multi-authentication-source based mutually-trusted authentication electronic device, comprising a memory, a processor and a computer program stored on the memory and executable on the processor, the processor implementing the multi-authentication-source based mutually-trusted authentication method as described in the first aspect when the program is executed.
From the above, it can be seen that the mutually trusted authentication method, system and electronic device based on multiple authentication sources provided in the embodiments of the present disclosure have the following beneficial technical effects:
the mutually-trusted authentication method, the mutually-trusted authentication system and the electronic equipment based on the multiple authentication sources receive mutually-trusted authentication requests and acquire application attribute information of the current application terminal, and the mutually-trusted authentication is performed by selecting an optimal authentication source with highest suitability with the mutually-trusted authentication request from the multiple authentication sources according to a preset matching rule based on the mutually-trusted authentication requests and the application attribute information. The mode automatically selects the authentication source to execute mutual trust authentication without manual selection of a user, so that user operation is simplified, the selected authentication source is the authentication source with the highest adaptation degree relative to the current application terminal, the efficiency effect of mutual trust authentication can be ensured, and user experience is optimized.
Drawings
The features and advantages of the present invention will be more clearly understood by reference to the accompanying drawings, which are illustrative and should not be construed as limiting the invention in any way, in which:
FIG. 1 is a flow chart of a mutually trusted authentication method based on multiple authentication sources provided in one or more alternative embodiments of the present disclosure;
FIG. 2 is a flow chart of a method for selecting an optimal authentication source in a mutually trusted authentication method based on multiple authentication sources according to one or more embodiments of the present disclosure;
FIG. 3 is a flow chart of another method for selecting an optimal authentication source in a mutually trusted authentication method based on multiple authentication sources according to one or more alternative embodiments of the present disclosure;
FIG. 4 is a flow chart of a method for generating recommendation information and responding to feedback in a mutually trusted authentication method based on multiple authentication sources according to one or more alternative embodiments of the present disclosure;
FIG. 5 is a schematic diagram of a mutually trusted authentication system based on multiple authentication sources according to one or more alternative embodiments of the present disclosure;
FIG. 6 illustrates a schematic diagram of a mutually trusted authentication electronic device based on multiple authentication sources provided in one or more alternative embodiments of the present disclosure;
Detailed Description
For the purpose of making the objects, technical solutions and advantages of the embodiments of the present invention more apparent, the technical solutions of the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present invention, and it is apparent that the described embodiments are some embodiments of the present invention, but not all embodiments of the present invention. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to fall within the scope of the invention.
With the continuous development of information technology, information interaction and function connection between various information systems and information platforms are becoming more and more intimate. Various application service programs have more abundant functions, and can provide multi-party services for users in a cross-platform and cross-system mode. When an application service program provides services for users in a cross-platform and cross-system mode, a service provider needs to conduct identity authentication on the users, and therefore the mutual trust condition between the current application program and the service provider is required to be met. The mutual trust usually combines different authentication sources to authenticate the identity information of the user through a standard protocol, a federal mutual trust relationship is formed among a plurality of authentication sources, and the authentication sources in federal can mutually pull the identity information of the user to authenticate.
In general, the requirements of one-way one-to-one mutual trust authentication service can be met based on the federal mutual trust relationship. As information technology further develops, the number of authentication sources in the mutually trusted federation also increases, and mutually trusted authentication services often face one-to-many or even many-to-many authentication scenarios, in which case a user is required to manually select an authentication source. A list of various authentication sources is typically presented to the user for manual selection by the user, requiring additional steps of operation, and operations. Many times, the user may directly select the authentication source with the first rank for authentication for convenience. One problem with this situation is that it cannot be guaranteed that the first authentication source in the list is the most suitable authentication source, and although a plurality of authentication sources in the mutually trusted federation all store user identity information, the emphasis of data stored by different authentication sources is biased, and there may be differences in data interaction protocols adopted by mutually trusted authentication of different authentication sources, and performing mutually trusted authentication based on the authentication source selected by the user at will may cause a decrease in authentication efficiency. Such a manner greatly increases the complexity of user operations, reduces the response efficiency of the application program, and affects the user experience.
Aiming at the problems, the embodiment of the specification aims to provide a mutually trusted authentication method, a mutually trusted authentication system and electronic equipment based on multiple authentication sources, wherein the optimal authentication source is selected from the multiple authentication sources according to a user authentication request and current service information to perform mutually trusted authentication, so that the mutually trusted authentication efficiency can be improved, the user operation is simplified, and the user experience is optimized.
In view of the above, in one aspect, embodiments of the present disclosure provide a mutual trust authentication method based on multiple authentication sources.
As shown in fig. 1, one or more alternative embodiments of the present disclosure provide a mutual trust authentication method based on multiple authentication sources, including:
s1: and receiving a mutual trust authentication request and acquiring application attribute information of the current application terminal.
In the use process of the current application terminal, the user may need to jump to other service systems and platforms based on the current application terminal so as to call other functional services, and in this case, the mutually trusted authentication request is triggered. For example, a user may need to query for a concrete definition of a particular concept during browsing information on a forum website, at which point an external database service may be invoked for the particular concept. The mutually trusted authentication request may include a user ID, user rights information, service function information desired to be invoked, and the like.
The user invokes other service functions based on the current application terminal, and also needs to determine application attribute information of the current application terminal, where the application attribute information may include static attribute information and dynamic attribute information.
The static attribute information may be application type information of the current application terminal, where the application type information may include public service class (such as government service platform), forum website class (such as information exchange platform), life service class (such as shopping website, payment application), and the like, and the static attribute information may also include terminal type information of the current application terminal, including web page application, PC application, mobile application, and the like.
The dynamic attribute information may include dynamic operation information performed by a user on the current application terminal, including operation time information, operation location information, operation instruction information, or other operation environment information, etc.
S2: and selecting an optimal authentication source from a plurality of authentication sources according to the application attribute information and based on a preset matching rule aiming at the mutually trusted authentication request.
And aiming at the mutual trust authentication request, the user selects one authentication source from a plurality of authentication sources based on the current application terminal to execute mutual trust authentication. And determining the matching degree of a plurality of authentication sources relative to the application attribute information according to the preset matching rule, so as to select the optimal authentication source.
The preset matching rule can be determined according to an expert knowledge model, and in the application process, the preset matching rule can be optimized, updated and adjusted according to actual requirements.
S3: user authentication information is obtained from the optimal authentication source, and authentication response is carried out on the mutually trusted authentication request based on the user authentication information.
After the optimal authentication source is determined, the current application terminal can communicate with the optimal authentication source to acquire required user authentication information from the optimal authentication source, and identity mutual trust authentication is carried out on the user according to the user authentication information. After the mutual trust authentication is passed, the user can successfully call the service functions of other service systems or platforms through the current application terminal.
In some optional embodiments, the current application terminal may acquire a mutually trusted authentication protocol corresponding to the optimal authentication source, and communicate with the optimal authentication source according to the mutually trusted authentication protocol to acquire the user authentication information.
In the mutual trust authentication method based on multiple authentication sources, a mutual trust authentication request is received, application attribute information of a current application terminal is obtained, and mutual trust authentication is carried out by selecting an optimal authentication source with highest suitability with the mutual trust authentication request from multiple authentication sources according to a preset matching rule based on the mutual trust authentication request and the application attribute information. The mode automatically selects the authentication source to execute mutual trust authentication without manual selection of a user, so that user operation is simplified, the selected authentication source is the authentication source with the highest adaptation degree relative to the current application terminal, the efficiency effect of mutual trust authentication can be ensured, and user experience is optimized.
As shown in fig. 2, in a mutually trusted authentication method based on multiple authentication sources provided in one or more alternative embodiments of the present disclosure, for the mutually trusted authentication request, selecting an optimal authentication source from multiple authentication sources based on a preset matching rule according to the application attribute information, includes:
s201: and determining a target service item which corresponds to the mutually trusted authentication request and needs to be called.
The mutual trust authentication request can comprise user ID, user authority information, service function information expected to be called and the like, and the target service item required to be called by the user at the current application terminal can be determined according to the mutual trust authentication request. The target service item may be, for example, a payment service, a communication service, a kiosk, or the like.
S202: and selecting an adaptive authentication source corresponding to the target service item from a plurality of authentication sources.
Taking the target service item as a payment service as an example, the current application terminal may be a shopping webpage, and the user may trigger the mutually trusted authentication request by clicking a payment link in the shopping webpage. In this case, for the mutually trusted authentication request, an authentication source associated with a payment service needs to be selected from a plurality of authentication sources as the adapted authentication source. It should be noted that there may be a plurality of different payment service providers corresponding to the payment service, and there may be a plurality of the adapted authentication sources corresponding to the plurality of payment service providers.
S203: and evaluating a plurality of adaptive authentication sources based on the preset matching rule so as to determine matching values of the adaptive authentication sources relative to the mutually trusted authentication request.
The preset matching rule can comprise a plurality of rule items, and different rule items correspond to different matching coefficients. In some optional embodiments, the evaluation of the adaptive authentication source based on the preset matching rule may adopt the following scheme: firstly, determining a rule item hit by the adaptive authentication source and a corresponding matching coefficient, and if the adaptive authentication source does not hit the rule item, indicating that the adaptive authentication source is completely not matched with the mutually trusted authentication request; and calculating and determining the matching value of the adaptive authentication source relative to the mutually trusted authentication request according to one or more rule items corresponding to the adaptive authentication source and the corresponding matching coefficient.
S204: and selecting and determining the optimal authentication source from a plurality of adaptive authentication sources according to the matching value. And selecting the adaptive authentication source with the highest matching value as the optimal authentication source.
In the mutual trust authentication method based on multiple authentication sources, firstly, an adaptive authentication source is selected from multiple authentication sources based on a mutual trust authentication request, and further, the matching values of the multiple adaptive authentication sources are calculated and determined according to the preset matching rules, so that the optimal authentication source is selected. The optimal authentication source has the highest adaptation degree relative to the mutually trusted authentication request, and the optimal authentication source is selected to have the highest mutually trusted authentication efficiency and the best effect.
As shown in fig. 3, in a mutually trusted authentication method based on multiple authentication sources provided in one or more alternative embodiments of the present disclosure, for the mutually trusted authentication request, selecting an optimal authentication source from multiple authentication sources based on a preset matching rule according to the application attribute information, includes:
s301: and extracting a plurality of attribute information items from the application attribute information.
The application attribute information may include static attribute information and dynamic attribute information, and may be specifically subdivided into a plurality of attribute information items.
S302: and selecting a plurality of authentication sources matched with the attribute information items to form an authentication subset according to the preset matching rule.
For a plurality of attribute information items in the application attribute information, one or more authentication sources which hit corresponding to the attribute information items can be selected from a plurality of authentication sources according to the preset matching rule, and the hit one or more authentication sources can form an authentication subset of the attribute information items.
S303: and determining intersections of a plurality of authentication subsets corresponding to the attribute information items, and taking an authentication source in the intersections as the optimal authentication source.
And performing an intersection operation on a plurality of authentication subsets, wherein the authentication sources in the determined intersection are authentication sources meeting the preset matching rule, and the authentication sources can be used as optimal authentication sources.
As shown in fig. 4, the mutual trust authentication method based on multiple authentication sources provided in one or more alternative embodiments of the present disclosure further includes, after selecting an optimal authentication source:
s401: and generating recommendation information according to the optimal authentication source, and receiving feedback information of a user aiming at the recommendation information.
S402: and determining whether the user accepts the optimal authentication source according to the feedback information.
S403: and responding to the user receiving the optimal authentication source, and acquiring user authentication information from the optimal authentication source to perform mutual trust authentication.
In the mutual trust authentication method based on multiple authentication sources, after the optimal authentication source is determined from multiple authentication sources, recommendation information is generated based on the optimal authentication source and pushed to a user so as to determine whether the user accepts the optimal authentication source, feedback information of the user in the mechanism has higher decision priority, and the optimal authentication source is used for mutual trust authentication under the condition that the user accepts the optimal authentication source. In the mode, the user feedback information is taken as the high priority basis of the overall decision, and the user feedback is taken into consideration without manually selecting from a plurality of authentication sources, so that the user experience is further optimized.
According to the mutual trust authentication method based on multiple authentication sources provided by one or more optional embodiments of the present disclosure, after receiving the feedback information each time, the feedback information is collected, and a user feedback database is created according to multiple pieces of feedback information; the user feedback database comprises a plurality of feedback record items, wherein the feedback record items comprise the feedback information, the optimal authentication source corresponding to the feedback information, the mutually trusted authentication request and the application attribute information.
According to the mutually trusted authentication method based on the multiple authentication sources, when other service functions are required to be called based on the current application terminal, the optimal authentication source is determined according to the mutually trusted authentication request, and meanwhile feedback information of a user according to the optimal authentication source is recorded, so that a user feedback database is generated. Each feedback record item in the user feedback database records the process information of one mutual trust authentication.
The feedback record data in the user feedback database has high application value. In some optional embodiments, the record data in the user feedback database is updated in real time, and in the mutual trust authentication method based on multiple authentication sources, the preset matching rule may be optimized and updated in real time according to the user feedback database. Specifically, a clustering algorithm, an artificial intelligence algorithm or a neural network training mode may be adopted to analyze and generalize big data in the user feedback database, so as to generate a new matching rule, where the matching rule is used to reflect the mapping relationship among the mutually trusted authentication request, the application attribute information and the optimal authentication source.
In one or more optional embodiments of the present disclosure, if the user is to accept the optimal authentication source, the mutual trust authentication method based on multiple authentication sources may further determine, by using a neural network matching model, an adapted authentication source corresponding to the mutual trust authentication request and the application attribute information as a new optimal authentication source, and generate new recommendation information based on the new optimal authentication source, and recommend again. The neural network matching model is generated by training the user feedback database.
And the optimal authentication source selects and determines from a plurality of authentication sources according to the preset matching rule, and based on recommendation information determined by the optimal authentication source, a new selection strategy, namely, a neural network matching model is adopted to conduct prediction recommendation under the condition that the recommendation information is not accepted by a user, and the matching authentication source is selected from the plurality of authentication sources again to recommend to the user. The neural network matching model is generated by training the user feedback database. As the scheme is continuously implemented, the data volume in the user feedback database is gradually increased, and the matching authentication source determined based on the neural network matching model generated by training the user feedback database is more accurate.
It should be noted that the methods of one or more embodiments of the present description may be performed by a single device, such as a computer or server. The method of the embodiment can also be applied to a distributed scene, and is completed by mutually matching a plurality of devices. In the case of such a distributed scenario, one of the devices may perform only one or more steps of the methods of one or more embodiments of the present description, the devices interacting with each other to accomplish the methods.
It should be noted that the foregoing describes specific embodiments of the present invention. Other embodiments are within the scope of the following claims. In some cases, the actions or steps recited in the claims can be performed in a different order than in the embodiments and still achieve desirable results. In addition, the processes depicted in the accompanying figures do not necessarily require the particular order shown, or sequential order, to achieve desirable results. In some embodiments, multitasking and parallel processing are also possible or may be advantageous.
Based on the same inventive concept, the embodiment of the present specification also provides a mutually trusted authentication system based on multiple authentication sources, corresponding to the method of any embodiment described above.
Referring to fig. 5, the mutual trust authentication system based on multiple authentication sources includes:
the information acquisition module is used for receiving the mutual trust authentication request and acquiring application attribute information of the current application terminal;
the optimal authentication source screening module is used for selecting an optimal authentication source from a plurality of authentication sources based on a preset matching rule according to the application attribute information aiming at the mutually trusted authentication request; and
and the mutual trust authentication response module is used for acquiring user authentication information from the optimal authentication source and carrying out authentication response on the mutual trust authentication request based on the user authentication information.
In the mutually trusted authentication system based on multiple authentication sources provided in one or more optional embodiments of the present disclosure, the optimal authentication source screening module is further configured to determine a target service item to be invoked corresponding to the mutually trusted authentication request; selecting an adaptive authentication source corresponding to the target service item from a plurality of authentication sources; evaluating a plurality of adaptive authentication sources based on the preset matching rules to determine matching values of the adaptive authentication sources relative to the mutually trusted authentication requests; and selecting and determining the optimal authentication source from a plurality of adaptive authentication sources according to the matching value.
In the mutually trusted authentication system based on multiple authentication sources provided in one or more optional embodiments of the present disclosure, the optimal authentication source screening module is further configured to extract multiple attribute information items from the application attribute information; selecting a plurality of authentication sources matched with the attribute information items to form an authentication subset according to the preset matching rule; and determining intersections of a plurality of authentication subsets corresponding to the attribute information items, and taking an authentication source in the intersections as the optimal authentication source.
The mutual trust authentication system based on multiple authentication sources provided by one or more optional embodiments of the present disclosure further includes an optimal authentication source recommendation module. The optimal authentication source recommending module is used for generating recommending information according to the optimal authentication source and receiving feedback information of a user for the recommending information; determining whether the user accepts the optimal authentication source according to the feedback information; and responding to the user receiving the optimal authentication source, and acquiring user authentication information from the optimal authentication source to perform mutual trust authentication.
The mutual trust authentication system based on multiple authentication sources provided by one or more alternative embodiments of the present disclosure further includes a feedback information collection module. The feedback information collection module is used for collecting the feedback information after receiving the feedback information each time, and creating a user feedback database according to a plurality of pieces of feedback information; the user feedback database comprises a plurality of feedback record items, wherein the feedback record items comprise the feedback information, the optimal authentication source corresponding to the feedback information, the mutually trusted authentication request and the application attribute information.
According to the mutually trusted authentication system based on multiple authentication sources provided by one or more optional embodiments of the present disclosure, the feedback information collection module is further configured to perform real-time optimization update on the preset matching rule according to the user feedback database.
In the mutually trusted authentication system based on multiple authentication sources provided in one or more optional embodiments of the present disclosure, the optimal authentication source recommendation module is further configured to determine, by using a neural network matching model, a matching authentication source corresponding to the mutually trusted authentication request and the application attribute information as a new optimal authentication source when the user does not accept the optimal authentication source; generating new recommendation information based on the new optimal authentication source, and recommending again; the neural network matching model is generated by training the user feedback database.
In the mutually trusted authentication system based on multiple authentication sources provided in one or more alternative embodiments of the present disclosure, the mutually trusted authentication response module is further configured to select a mutually trusted authentication protocol corresponding to the optimal authentication source, and communicate with the optimal authentication source according to the mutually trusted authentication protocol to obtain the user authentication information.
For convenience of description, the above devices are described as being functionally divided into various modules, respectively. Of course, the functions of each module may be implemented in one or more pieces of software and/or hardware when implementing one or more embodiments of the present description.
The device of the foregoing embodiment is configured to implement the corresponding method in the foregoing embodiment, and has the beneficial effects of the corresponding method embodiment, which is not described herein.
Fig. 6 shows a more specific hardware architecture of an electronic device according to this embodiment, where the device may include: a processor 1010, a memory 1020, an input/output interface 1030, a communication interface 1040, and a bus 1050. Wherein processor 1010, memory 1020, input/output interface 1030, and communication interface 1040 implement communication connections therebetween within the device via a bus 1050.
The processor 1010 may be implemented by a general-purpose CPU (Central Processing Unit ), microprocessor, application specific integrated circuit (Application Specific Integrated Circuit, ASIC), or one or more integrated circuits, etc. for executing relevant programs to implement the technical solutions provided in the embodiments of the present disclosure.
The Memory 1020 may be implemented in the form of ROM (Read Only Memory), RAM (Random Access Memory ), static storage device, dynamic storage device, or the like. Memory 1020 may store an operating system and other application programs, and when the embodiments of the present specification are implemented in software or firmware, the associated program code is stored in memory 1020 and executed by processor 1010.
The input/output interface 1030 is used to connect with an input/output module for inputting and outputting information. The input/output module may be configured as a component in a device (not shown) or may be external to the device to provide corresponding functionality. Wherein the input devices may include a keyboard, mouse, touch screen, microphone, various types of sensors, etc., and the output devices may include a display, speaker, vibrator, indicator lights, etc.
Communication interface 1040 is used to connect communication modules (not shown) to enable communication interactions of the present device with other devices. The communication module may implement communication through a wired manner (such as USB, network cable, etc.), or may implement communication through a wireless manner (such as mobile network, WIFI, bluetooth, etc.).
Bus 1050 includes a path for transferring information between components of the device (e.g., processor 1010, memory 1020, input/output interface 1030, and communication interface 1040).
It should be noted that although the above-described device only shows processor 1010, memory 1020, input/output interface 1030, communication interface 1040, and bus 1050, in an implementation, the device may include other components necessary to achieve proper operation. Furthermore, it will be understood by those skilled in the art that the above-described apparatus may include only the components necessary to implement the embodiments of the present description, and not all the components shown in the drawings.
The electronic device of the foregoing embodiment is configured to implement the corresponding method in the foregoing embodiment, and has the beneficial effects of the corresponding method embodiment, which is not described herein.
Based on the same inventive concept, corresponding to any of the above embodiments of the method, the present disclosure further provides a non-transitory computer readable storage medium storing computer instructions for causing the computer to perform the multi-authentication source based mutually trusted authentication method as described in any of the above embodiments.
The computer readable media of the present embodiments, including both permanent and non-permanent, removable and non-removable media, may be used to implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of storage media for a computer include, but are not limited to, phase change memory (PRAM), static Random Access Memory (SRAM), dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), read Only Memory (ROM), electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic tape magnetic disk storage or other magnetic storage devices, or any other non-transmission medium, which can be used to store information that can be accessed by a computing device.
The storage medium of the foregoing embodiments stores computer instructions for causing the computer to perform the mutually trusted authentication method based on multiple authentication sources as described in any one of the foregoing embodiments, and has the advantages of the corresponding method embodiments, which are not described herein.
It will be appreciated by those skilled in the art that implementing all or part of the above-described embodiment method may be implemented by a computer program to instruct related hardware, where the program may be stored in a computer readable storage medium, and the program may include the above-described embodiment method when executed. Wherein the storage medium may be a magnetic Disk, an optical Disk, a Read-Only Memory (ROM), a random access Memory (Random Access Memory, RAM), a Flash Memory (Flash Memory), a Hard Disk (HDD), or a Solid State Drive (SSD); the storage medium may also comprise a combination of memories of the kind described above.
The system, apparatus, module or unit set forth in the above embodiments may be implemented in particular by a computer chip or entity, or by a product having a certain function. One typical implementation is a computer. In particular, the computer may be, for example, a personal computer, a laptop computer, a cellular telephone, a camera phone, a smart phone, a personal digital assistant, a media player, a navigation device, an email device, a game console, a tablet computer, a wearable device, or a combination of any of these devices.
For convenience of description, the above devices are described as being functionally divided into various units, respectively. Of course, the functions of each element may be implemented in one or more software and/or hardware elements when implemented in the present application.
It will be appreciated by those skilled in the art that embodiments of the present description may be provided as a method, system, or computer program product. Accordingly, the present specification may take the form of an entirely hardware embodiment, an entirely software embodiment, or an embodiment combining software and hardware aspects. Furthermore, the present description can take the form of a computer program product on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, etc.) having computer-usable program code embodied therein.
It should also be noted that the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising one … …" does not exclude the presence of other like elements in a process, method, article or apparatus that comprises the element.
The application may be described in the general context of computer-executable instructions, such as program modules, being executed by a computer. Generally, program modules include routines, programs, objects, components, data structures, etc. that perform particular tasks or implement particular abstract data types. The application may also be practiced in distributed computing environments where tasks are performed by remote processing devices that are linked through a communications network. In a distributed computing environment, program modules may be located in both local and remote computer storage media including memory storage devices.
In this specification, each embodiment is described in a progressive manner, and identical and similar parts of each embodiment are all referred to each other, and each embodiment mainly describes differences from other embodiments. In particular, for system embodiments, since they are substantially similar to method embodiments, the description is relatively simple, as relevant to see a section of the description of method embodiments.
Those of ordinary skill in the art will appreciate that: the discussion of any of the embodiments above is merely exemplary and is not intended to suggest that the scope of the disclosure, including the claims, is limited to these examples; combinations of features of the above embodiments or in different embodiments are also possible within the spirit of the present disclosure, steps may be implemented in any order, and there are many other variations of the different aspects of one or more embodiments described above which are not provided in detail for the sake of brevity.
While the present disclosure has been described in conjunction with specific embodiments thereof, many alternatives, modifications, and variations of those embodiments will be apparent to those skilled in the art in light of the foregoing description. For example, other memory architectures (e.g., dynamic RAM (DRAM)) may use the embodiments discussed.
The present disclosure is intended to embrace all such alternatives, modifications and variances which fall within the broad scope of the appended claims. Any omissions, modifications, equivalents, improvements, and the like, which are within the spirit and principles of the one or more embodiments of the disclosure, are therefore intended to be included within the scope of the disclosure.

Claims (9)

1.一种基于多认证源的互信认证方法,其特征在于,所述方法包括:1. A mutual trust authentication method based on multiple authentication sources, characterized in that the method comprises: 接收互信认证请求,并获取当前应用终端的应用属性信息;Receive mutual trust authentication request and obtain application attribute information of the current application terminal; 针对所述互信认证请求,根据所述应用属性信息基于预设匹配规则从多个认证源中选取最优认证源;For the mutual trust authentication request, selecting an optimal authentication source from multiple authentication sources based on the application attribute information and a preset matching rule; 从所述最优认证源获取用户认证信息,并基于所述用户认证信息针对所述互信认证请求进行认证响应;Acquire user authentication information from the optimal authentication source, and make an authentication response to the mutual trust authentication request based on the user authentication information; 针对所述互信认证请求,根据所述应用属性信息基于预设匹配规则从多个认证源中选取最优认证源,包括:For the mutual trust authentication request, selecting the best authentication source from multiple authentication sources based on the application attribute information and a preset matching rule includes: 从所述应用属性信息中提取多条属性信息项;extracting a plurality of attribute information items from the application attribute information; 根据所述预设匹配规则选取与所述属性信息项适配的多个认证源构成认证子集;According to the preset matching rule, multiple authentication sources adapted to the attribute information item are selected to form an authentication subset; 确定多条所述属性信息项所对应的多个所述认证子集的交集,将所述交集中认证源作为所述最优认证源。An intersection of a plurality of the authentication subsets corresponding to the plurality of the attribute information items is determined, and an authentication source in the intersection is used as the optimal authentication source. 2.根据权利要求1所述的方法,其特征在于,针对所述互信认证请求,根据所述应用属性信息基于预设匹配规则从多个认证源中选取最优认证源,包括:2. The method according to claim 1, characterized in that, for the mutual trust authentication request, selecting the optimal authentication source from multiple authentication sources based on the application attribute information and a preset matching rule comprises: 确定所述互信认证请求所对应的需要调用的目标服务项;Determine the target service item that needs to be called corresponding to the mutual trust authentication request; 从多个所述认证源中选取与所述目标服务项相对应的适配认证源;Selecting an adapted authentication source corresponding to the target service item from the plurality of authentication sources; 基于所述预设匹配规则针对多个所述适配认证源进行评价,以确定多个所述适配认证源相对所述互信认证请求的匹配值;Evaluate the plurality of adapted authentication sources based on the preset matching rule to determine matching values of the plurality of adapted authentication sources relative to the mutual trust authentication request; 根据所述匹配值从多个所述适配认证源中选取确定所述最优认证源。The optimal authentication source is selected from the plurality of adapted authentication sources according to the matching value. 3.根据权利要求1所述的方法,其特征在于,在选取最优认证源后,还包括:3. The method according to claim 1, characterized in that after selecting the optimal authentication source, it also includes: 根据所述最优认证源生成推荐信息,并接收用户针对所述推荐信息的反馈信息;Generate recommendation information according to the optimal authentication source, and receive feedback information from users regarding the recommendation information; 根据所述反馈信息确定用户是否接受所述最优认证源;Determining whether the user accepts the optimal authentication source according to the feedback information; 响应于用户接受所述最优认证源,再从所述最优认证源获取用户认证信息进行互信认证。In response to the user accepting the optimal authentication source, user authentication information is obtained from the optimal authentication source for mutual trust authentication. 4.根据权利要求3所述的方法,其特征在于,所述方法在每次接受到所述反馈信息后,还包括:4. The method according to claim 3, characterized in that after receiving the feedback information each time, the method further comprises: 收集所述反馈信息,根据多条所述反馈信息创建用户反馈数据库;Collecting the feedback information, and creating a user feedback database according to multiple pieces of feedback information; 所述用户反馈数据库包括多条反馈记录项,所述反馈记录项包括所述反馈信息以及与所述反馈信息相对应的所述最优认证源、所述互信认证请求、所述应用属性信息。The user feedback database includes a plurality of feedback record items, and the feedback record items include the feedback information and the optimal authentication source, the mutual trust authentication request, and the application attribute information corresponding to the feedback information. 5.根据权利要求4所述的方法,其特征在于,还包括根据所述用户反馈数据库对所述预设匹配规则进行实时优化更新。5. The method according to claim 4 is characterized in that it also includes optimizing and updating the preset matching rules in real time according to the user feedback database. 6.根据权利要求4所述的方法,其特征在于,响应于用户未接受所述最优认证源,所述方法还包括:6. The method according to claim 4, characterized in that, in response to the user not accepting the optimal authentication source, the method further comprises: 利用神经网络匹配模型确定与所述互信认证请求、所述应用属性信息相对应的匹配认证源作为新的最优认证源;Determine a matching authentication source corresponding to the mutual trust authentication request and the application attribute information as a new optimal authentication source by using a neural network matching model; 基于新的最优认证源生成新的推荐信息,再次进行推荐;Generate new recommendation information based on the new optimal authentication source and make recommendations again; 其中,所述神经网络匹配模型利用所述用户反馈数据库训练生成。Wherein, the neural network matching model is generated by training using the user feedback database. 7.根据权利要求1所述的方法,其特征在于,从所述最优认证源获取用户认证信息,包括:7. The method according to claim 1, wherein obtaining user authentication information from the optimal authentication source comprises: 选取所述最优认证源相应的互信认证协议,根据所述互信认证协议与所述最优认证源进行通信以获取所述用户认证信息。A mutual trust authentication protocol corresponding to the optimal authentication source is selected, and communication is performed with the optimal authentication source according to the mutual trust authentication protocol to obtain the user authentication information. 8.一种基于多认证源的互信认证系统,其特征在于,所述系统包括:8. A mutual trust authentication system based on multiple authentication sources, characterized in that the system comprises: 信息获取模块,用于接收互信认证请求,并获取当前应用终端的应用属性信息;An information acquisition module is used to receive a mutual trust authentication request and obtain application attribute information of the current application terminal; 最优认证源筛选模块,用于针对所述互信认证请求,根据所述应用属性信息基于预设匹配规则从多个认证源中选取最优认证源,包括:The optimal authentication source screening module is used to select the optimal authentication source from multiple authentication sources according to the application attribute information based on a preset matching rule for the mutual trust authentication request, including: 从所述应用属性信息中提取多条属性信息项;根据所述预设匹配规则选取与所述属性信息项适配的多个认证源构成认证子集;确定多条所述属性信息项所对应的多个所述认证子集的交集,将所述交集中认证源作为所述最优认证源;Extract multiple attribute information items from the application attribute information; select multiple authentication sources adapted to the attribute information items according to the preset matching rule to form an authentication subset; determine the intersection of multiple authentication subsets corresponding to the multiple attribute information items, and use the authentication source in the intersection as the optimal authentication source; 互信认证响应模块,用于从所述最优认证源获取用户认证信息,并基于所述用户认证信息针对所述互信认证请求进行认证响应。The mutual trust authentication response module is used to obtain user authentication information from the optimal authentication source and make an authentication response to the mutual trust authentication request based on the user authentication information. 9.一种电子设备,包括存储器、处理器及存储在存储器上并可在处理器上运行的计算机程序,其特征在于,所述处理器执行所述程序时实现如权利要求1至7任意一项所述的方法。9. An electronic device comprising a memory, a processor, and a computer program stored in the memory and executable on the processor, wherein the processor implements the method according to any one of claims 1 to 7 when executing the program.
CN202310835321.2A 2023-07-10 2023-07-10 Mutual trust authentication method and system based on multiple authentication sources and electronic equipment Active CN116561735B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202310835321.2A CN116561735B (en) 2023-07-10 2023-07-10 Mutual trust authentication method and system based on multiple authentication sources and electronic equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202310835321.2A CN116561735B (en) 2023-07-10 2023-07-10 Mutual trust authentication method and system based on multiple authentication sources and electronic equipment

Publications (2)

Publication Number Publication Date
CN116561735A CN116561735A (en) 2023-08-08
CN116561735B true CN116561735B (en) 2024-04-05

Family

ID=87502278

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202310835321.2A Active CN116561735B (en) 2023-07-10 2023-07-10 Mutual trust authentication method and system based on multiple authentication sources and electronic equipment

Country Status (1)

Country Link
CN (1) CN116561735B (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109145574A (en) * 2018-07-26 2019-01-04 深圳市买买提信息科技有限公司 Identity identifying method, device, server and storage medium
CN109685449A (en) * 2018-11-29 2019-04-26 甘肃万维信息科技有限责任公司 Government affairs service system Internet-based
CN110012028A (en) * 2019-04-19 2019-07-12 福建医联康护信息技术有限公司 Medical identity identifying method and system
CN114491489A (en) * 2022-02-17 2022-05-13 中国工商银行股份有限公司 Request response method and device, electronic equipment and storage medium
CN116192476A (en) * 2023-01-13 2023-05-30 宁波璇玑大数据有限公司 Mutually trusted login system and method

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111383022B (en) * 2018-12-29 2020-12-08 广州市百果园信息技术有限公司 Background architecture method, system, computer equipment and storage medium for aggregated payment

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109145574A (en) * 2018-07-26 2019-01-04 深圳市买买提信息科技有限公司 Identity identifying method, device, server and storage medium
CN109685449A (en) * 2018-11-29 2019-04-26 甘肃万维信息科技有限责任公司 Government affairs service system Internet-based
CN110012028A (en) * 2019-04-19 2019-07-12 福建医联康护信息技术有限公司 Medical identity identifying method and system
CN114491489A (en) * 2022-02-17 2022-05-13 中国工商银行股份有限公司 Request response method and device, electronic equipment and storage medium
CN116192476A (en) * 2023-01-13 2023-05-30 宁波璇玑大数据有限公司 Mutually trusted login system and method

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
基于LDAP实现多认证源的统一身份认证实践――以华东师范大学图书馆为例;李欣 等;现代图书情报技术(第04期);第89-93页 *

Also Published As

Publication number Publication date
CN116561735A (en) 2023-08-08

Similar Documents

Publication Publication Date Title
CN110297848B (en) Recommendation model training method, terminal and storage medium based on federal learning
JP6549128B2 (en) System and method for guided user action
JP7652916B2 (en) Method and apparatus for pushing information - Patents.com
CN113190757A (en) Multimedia resource recommendation method and device, electronic equipment and storage medium
US20130110992A1 (en) Electronic device management using interdomain profile-based inferences
US10887210B2 (en) Online techniques for parameter mean and variance estimation in dynamic regression models
JP2021103506A (en) Method and device for generating information
US11593449B1 (en) Reducing computing calls for webpage load times and resources
US9449104B2 (en) Method and apparatus for deriving and using trustful application metadata
JP5264813B2 (en) Evaluation apparatus, evaluation method, and evaluation program
CN111191143A (en) Application recommended method and device
WO2024152686A1 (en) Method and apparatus for determining recommendation index of resource information, device, storage medium and computer program product
CN115309984B (en) Content item recommendation method, device and server
CN114741502A (en) Method and apparatus for resource determination, electronic device and storage medium
US20210357553A1 (en) Apparatus and method for option data object performance prediction and modeling
CN111582456B (en) Method, apparatus, device and medium for generating network model information
CN116561735B (en) Mutual trust authentication method and system based on multiple authentication sources and electronic equipment
CN116049273B (en) Application interface determination methods, devices, media and equipment
CN117453933A (en) A multimedia data recommendation method, device, electronic equipment and storage medium
CN114443689B (en) Data query method, device, electronic device and storage medium
KR102641628B1 (en) Method and system for providing service using segmented deep learning model
US12506913B2 (en) Unified multimedia streaming
KR102922814B1 (en) System and method to predicting preferences for foods and computer program for the same
CN114944962B (en) Data security protection method and system
CN116501993B (en) House source data recommendation method and device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant