[go: up one dir, main page]

CN202218261U - Network Login Security Appliance - Google Patents

Network Login Security Appliance Download PDF

Info

Publication number
CN202218261U
CN202218261U CN2011203519657U CN201120351965U CN202218261U CN 202218261 U CN202218261 U CN 202218261U CN 2011203519657 U CN2011203519657 U CN 2011203519657U CN 201120351965 U CN201120351965 U CN 201120351965U CN 202218261 U CN202218261 U CN 202218261U
Authority
CN
China
Prior art keywords
user
answer
question
verification module
server
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CN2011203519657U
Other languages
Chinese (zh)
Inventor
陈宏宇
刘纯吟
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Individual
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Priority to CN2011203519657U priority Critical patent/CN202218261U/en
Application granted granted Critical
Publication of CN202218261U publication Critical patent/CN202218261U/en
Anticipated expiration legal-status Critical
Expired - Fee Related legal-status Critical Current

Links

Images

Landscapes

  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

A network entry security device, comprising: the system comprises a server, a conditional verification module and a database, wherein the server is connected with user terminal equipment through the Internet; the conditional verification module is arranged on the server and used for receiving the operation and protection in an operation interface of the conditional verification module when the user terminal equipment logs in a website to which the server belongs through the Internet, the conditional verification module comprises an account input unit for inputting a user account, a password input unit for inputting a user password and a custom question-and-answer unit, the custom question-and-answer unit is a question and answer requiring the user to log in the website in a custom mode, when the answer corresponds to the answer meeting the question, the user can be verified and logged in the website operation, and the database is connected with the server and used for storing data of the conditional verification module.

Description

网络登入安全设备Network Login Security Appliance

技术领域 technical field

本实用新型有关一种安全设备,特别是提供一种网络登入的安全设备。The utility model relates to a safety device, in particular to a safety device for network login.

背景技术 Background technique

由于近来网络病毒、黑客程序与钓鱼网页盛行,使用者极为容易遭受木马病毒程序、蠕虫程序等攻击,一旦这些攻击渗透入侵个人计算机或是企业服务器,所带来的损失往往无法估计;再者,使用者也常因误入钓鱼网页而泄漏个人信息、登入密码、或是信用卡、金融卡等信息而遭到窃取或冒用。一般而言,由于防毒技术日益进步,优良的防毒软件、防火墙确实能够杜绝大部分计算机病毒、木马程序、以及蠕虫程序的危害,然而,钓鱼网页却让使用者防不胜防。Due to the recent prevalence of network viruses, hacker programs, and phishing web pages, users are extremely vulnerable to attacks such as Trojan horse virus programs and worm programs. Once these attacks infiltrate personal computers or corporate servers, the losses caused are often unpredictable; moreover, Users also often leak personal information, login passwords, or credit card, debit card and other information by mistakenly entering phishing webpages and being stolen or fraudulently used. Generally speaking, due to the advancement of anti-virus technology, excellent anti-virus software and firewalls can indeed eliminate most computer viruses, Trojan horse programs, and worm programs. However, phishing web pages make users hard to guard against.

由于因特网的使用者并非人人都有相当的信息安全概念,同时对于潜在危害的察觉程度也因人而异,常因使用者一时的疏忽,或是钓鱼网页的接口过于相似或是精良,导致使用者不疑有他而将个人机密信息或是密码泄漏曝光,等使用者察觉时,自身的权益早已遭到侵害。防范钓鱼网页、网站,最有效的方式却并非防毒软件本身,而在于使用者的使用方式与警觉性,因此,如何提供有效的安全机制而不依赖使用者自身来防范钓鱼网页,即为重要的课题。Because not all Internet users have a considerable concept of information security, and the degree of awareness of potential harm varies from person to person, often due to the user's temporary negligence, or the interface of the phishing webpage is too similar or sophisticated, resulting in If the user leaks personal confidential information or passwords without suspecting him, by the time the user finds out, his own rights have already been violated. The most effective way to prevent phishing webpages and websites is not the antivirus software itself, but the user's usage and vigilance. Therefore, how to provide an effective security mechanism without relying on users themselves to prevent phishing webpages is very important. topic.

在目前的网站、网页的安全机制中,有例如安全图章的方式来防范钓鱼网页、网站,然而这种方式通常都必须锁定特定的使用者终端设备,倘若使用者变更其使用终端设备,则必须重新提供或是设定安全图章,如此并不方便。以这种模式而言,钓鱼网页一样能够模仿并进而窃取使用者登入信息,有鉴于此,如何提供安全的登入防护机制即为相关业者所亟欲思考的问题。In the current security mechanism of websites and webpages, there are methods such as security stamps to prevent phishing webpages and websites. However, this method usually needs to lock specific user terminal equipment. If the user changes his terminal equipment, he must It is not convenient to re-provide or set the security stamp. In this mode, phishing webpages can also imitate and then steal user login information. In view of this, how to provide a secure login protection mechanism is a problem that relevant operators want to think about.

实用新型内容 Utility model content

有鉴于此,本实用新型的目的是提供一种网络登入安全设备,以解决现有技术不能提供安全的登入防护机制的技术问题。In view of this, the purpose of the utility model is to provide a network login security device to solve the technical problem that the prior art cannot provide a secure login protection mechanism.

为实现上述目的,本实用新型采用以下的技术方案:In order to achieve the above object, the utility model adopts the following technical solutions:

一种网络登入安全设备,包含:A network login security device, comprising:

一服务器,通过因特网连接一使用者终端设备;a server connected to a user terminal device through the Internet;

一条件式验证模块,连接该服务器,该条件式验证模块包含:A conditional verification module, connected to the server, the conditional verification module includes:

一账号输入单元,输入使用者账号;An account input unit for inputting a user account;

一密码输入单元,输入使用者密码;及a password input unit for inputting the user password; and

一自定义问答单元,要求使用者自定义登入网站的一提问与一解答,藉由该解答相对应符合该提问的该解答时,得以验证使用者并让使用者登入网站操作;及A self-defined question and answer unit, which requires the user to customize a question and an answer for logging in to the website, and when the answer corresponds to the answer matching the question, the user can be authenticated and the user can log in to the website for operation; and

一数据库,连接于该服务器并储存该条件式验证模块的数据。A database is connected to the server and stores the data of the conditional verification module.

依照本实用新型所述的网络登入安全设备,其中该条件式验证模块还包括一登入条件单元,提供使用者自定义登入条件。According to the network login security device described in the present invention, the conditional verification module further includes a login condition unit, which provides user-defined login conditions.

依照本实用新型所述的网络登入安全设备,其中该自定义问答单元的该提问与该解答为一文字、一密码、一图文件、一数字签章后的文件或是一金钥。According to the network login security device described in the present invention, the question and the answer of the self-defined question and answer unit are a text, a password, a picture file, a digitally signed file or a key.

依照本实用新型所述的网络登入安全设备,其中该自定义问答单元还包括一进阶设定单元,设定所述提问呈现于一操作接口。According to the network login security device described in the present invention, the self-defined question and answer unit further includes an advanced setting unit, which is configured to present the question on an operation interface.

依照本实用新型所述的网络登入安全设备,还包括一管理者终端设备,连接该服务器并对于使用者输入该自定义问答单元的该解答进行评估。The network login security device according to the present invention further includes an administrator terminal device connected to the server and evaluating the answer entered by the user into the self-defined question and answer unit.

依照本实用新型所述的网络登入安全设备,其中该服务器还包括一安全验证模块加以验证。According to the network login security device of the present invention, the server further includes a security verification module for verification.

依照本实用新型所述的网络登入安全设备,其中该安全验证模块为一数字凭证、一签章或一金钥方式进行验证。According to the network login security device described in the present invention, the security verification module performs verification by means of a digital certificate, a signature or a key.

依照本实用新型所述的网络登入安全设备,其中该条件式验证模块的该解答以通过输入或上传方式传至该服务器。According to the network login security device of the present invention, the answer of the conditional verification module is sent to the server by inputting or uploading.

依照本实用新型所述的网络登入安全设备,其中该条件式验证模块还包括一容错率记算单元,当该解答的错误率高于标准,则封锁该账号并产生新的登入密码给使用者端。According to the network login security device described in the present invention, the conditional verification module further includes an error tolerance rate calculation unit, when the error rate of the answer is higher than the standard, the account is blocked and a new login password is generated for the user end.

本实用新型相比现有技术,具有以下的优点和积极效果:Compared with the prior art, the utility model has the following advantages and positive effects:

本实用新型通过条件式验证模块的自定义问答单元要求使用者自定义登入网站的提问与解答,通过解答相对应符合提问的解答,才能够验证使用者并让使用者登入网站操作,形同一把使用者自定义的钥匙,以此来进一步确实防止使用者因不慎泄漏个人登入信息于钓鱼网页,而被黑客入侵导致个人权益的损害。The utility model requires the user to customize the questions and answers for logging in to the website through the self-defined question and answer unit of the conditional verification module. Only by answering the corresponding answers to the questions can the user be verified and the user can log in to the website for operation. User-defined keys, in order to further prevent users from accidentally leaking personal login information on phishing webpages, and being hacked and causing damage to personal rights.

以下在实施方式中详细叙述本实用新型的详细特征以及优点,其内容足以使任何熟习相关技艺者了解本实用新型的技术内容并据以实施,且根据本说明书所公开的内容及附图,任何熟习相关技艺者可轻易地理解本实用新型相关的目的及优点。The detailed features and advantages of this utility model are described in detail below in the implementation mode, and its content is enough to make any person familiar with the related art understand the technical content of this utility model and implement it accordingly, and according to the content disclosed in this specification and the accompanying drawings, any Those skilled in the art can easily understand the purpose and advantages of the present invention.

附图说明 Description of drawings

图1为本实用新型的架构示意图;Fig. 1 is the structural representation of the utility model;

图2为本实用新型的方块示意图;Fig. 2 is a schematic block diagram of the utility model;

图3为本实用新型的操作接口示意图(一);Fig. 3 is the operation interface schematic diagram (1) of the present utility model;

图4为本实用新型的操作接口示意图(二);Fig. 4 is the operation interface schematic diagram (two) of the utility model;

图5为本实用新型的步聚流程示意图。Fig. 5 is a schematic diagram of the step-gathering process of the present invention.

具体实施方式 Detailed ways

请参照图1及图2,图1为架构示意图,图2为方块示意图。Please refer to FIG. 1 and FIG. 2 , FIG. 1 is a schematic diagram of the structure, and FIG. 2 is a schematic diagram of a block.

网络登入安全设备1包含:服务器10、条件式验证模块20及数据库30。The network login security device 1 includes: a server 10 , a conditional verification module 20 and a database 30 .

服务器10通过因特网连接使用者终端设备90。在此,服务器10还包括安全验证模块101,当使用者登入并进行买、卖、上传、下载、变更个人信息、登入密码、提问或解答等时,可藉由安全验证模块101加以验证上述执行程序。本实施例的安全验证模块101可以是数字凭证、签章或金钥等方式进行验证。The server 10 is connected to the user terminal device 90 via the Internet. Here, the server 10 also includes a security verification module 101. When a user logs in and performs purchase, sale, upload, download, change of personal information, login password, question or answer, etc., the above-mentioned execution can be verified by the security verification module 101. program. The security verification module 101 of this embodiment may perform verification by means of digital certificates, signatures, or keys.

条件式验证模块20安装于服务器10,用以通过因特网接收使用者终端设备90于登入服务器10所属的网站时,利用在条件式验证模块20的操作接口21内进行操作与防护,条件式验证模块20包含账号输入单元22、密码输入单元23及自定义问答单元24。The conditional verification module 20 is installed on the server 10, and is used to operate and protect in the operation interface 21 of the conditional verification module 20 when the user terminal device 90 logs in to the website to which the server 10 belongs through the Internet. 20 includes an account input unit 22 , a password input unit 23 and a self-defined question and answer unit 24 .

账号输入单元22为使用者用以输入登入账号区域。The account input unit 22 is an area for the user to input the login account.

密码输入单元23为使用者用以输入登入密码区域。The password input unit 23 is an area for the user to input a login password.

自定义问答单元24要求使用者自定义登入网站时必须提出的提问与相对应提问的解答,藉由解答相对应符合提问的解答时,得以验证使用者并让使用者登入网站操作。在此,提问与解答较佳地为文字、密码、图文件、数字签章后的文件或是金钥,但实际使用时,不以此为限。而解答较佳地以通过输入或上传等方式传至服务器10。The self-defined question and answer unit 24 requires the user to customize the questions that must be asked when logging in to the website and the answers to the corresponding questions. By answering the corresponding answers to the questions, the user can be verified and the user can log in to the website for operation. Here, the question and answer are preferably text, password, image file, digitally signed file or key, but they are not limited to this in actual use. The answer is preferably sent to the server 10 by inputting or uploading.

自定义问答单元24还包括进阶设定单元241,用以设定二个以上的提问时,多个提问如何呈现于操作接口21的操作模式或是顺序等。The self-defined question and answer unit 24 also includes an advanced setting unit 241 for setting how to present multiple questions on the operation interface 21 in an operation mode or sequence when more than two questions are asked.

条件式验证模块20在此实施例还包括登入条件单元25,提供使用者自定义登入条件并加以选择与验证。条件式验证模块20在此实施例还包括容错率记算单元26,提供界定使用者提出的解答的错误率的标准。In this embodiment, the conditional verification module 20 further includes a login condition unit 25, which provides user-defined login conditions for selection and verification. In this embodiment, the conditional verification module 20 further includes an error tolerance rate calculation unit 26 , which provides a standard for defining the error rate of the answer proposed by the user.

数据库30连接于服务器10,数据库30并用以储存使用者在条件式验证模块20所输入的数据。The database 30 is connected to the server 10 , and the database 30 is used to store the data input by the user in the conditional verification module 20 .

本实用新型的网络登入安全设备1还包括管理者终端设备80,连接服务器10并对于使用者输入自定义问答单元24的解答时进行评估。The network login security device 1 of the present invention also includes a manager terminal device 80 , which is connected to the server 10 and evaluates when the user inputs the answer of the user-defined question and answer unit 24 .

请参照图3、图4及图5,图3为操作接口示意图(一),图4为操作接口示意图(二),图5为步聚流程示意图。为使用者登入网页并进行安全验证的操作接口21及其过程说明。Please refer to Figure 3, Figure 4 and Figure 5, Figure 3 is a schematic diagram of the operation interface (1), Figure 4 is a schematic diagram of the operation interface (2), and Figure 5 is a schematic diagram of the step-by-step process. The operation interface 21 and its process description for users to log in to the webpage and perform security verification.

使用者在使用者终端设备90登入服务器10所属的网站并注册账号时,管理者终端设备80的平台提供者为以上述执行的行为,要求使用者在操作接口21的密码输入单元23订定登入密码,同时平台提供者仍会要求使用者在条件式验证模块20自定义登入安全的条件式,即要求使用者自定义其登入的提问与解答。When the user logs in to the website to which the server 10 belongs and registers an account at the user terminal device 90, the platform provider of the manager terminal device 80 requires the user to specify a login at the password input unit 23 of the operation interface 21 for the above-mentioned execution. At the same time, the platform provider will still require the user to customize the conditional expression of login security in the conditional verification module 20, that is, the user is required to customize the question and answer for his login.

使用者所订定的登入提问会在每次使用者输入登入密码并且密码通过的后显示,接着要求使用者输入相对应的解答,在此,提问出现的顺序可以是依序,也可以是随机数方式决定出现的顺序,但不以此为限。且每一个提问与每一个解答均可以为文字、密码、图文件、数字签章后的文件或是金钥等方式来运作,但不以此为限。The login question set by the user will be displayed every time the user enters the login password and the password is passed, and then the user is required to enter the corresponding answer. Here, the order in which the questions appear can be sequential or random The order of appearance is determined by the number method, but it is not limited to this. And each question and each answer can be operated in the form of text, password, image file, digitally signed file or key, but not limited thereto.

特别说明的是,由于每一个提问与每一个解答都是使用者自定义,因此当使用者输入登入密码后发现网页所显示的提问并非自己所设定的,即可确认此网页或是网站出现问题,极有可能为钓鱼网页,此时使用者则可适时地注销网页,并且再次确认其所登入的网页或网站是否正确,从而进行防范。In particular, since each question and each answer is user-defined, when the user enters the login password and finds that the question displayed on the web page is not set by himself, he can confirm that the web page or website appears. If there is a problem, it is very likely to be a phishing webpage. At this time, the user can log out of the webpage in a timely manner, and reconfirm whether the webpage or website he logs in is correct, so as to prevent it.

然而,经由前述的操作,登入密码极可能已经遭人盗取,同时之前出现的提问也可能已经遭人发现并模仿,即便如此,此时使用者的账号仍有高度的安全性,因为使用者自定义的提问与相对应的解答尚未遭到破解,然而提问可以是一个,也可以是多个,使用者可自由以多个提问来进行防护,越多提问或是提问与解答间的关联性越低,其安全性则越高。However, through the aforementioned operations, the login password is likely to have been stolen, and the question that appeared before may have been discovered and imitated. Even so, the user's account is still highly secure at this time, because the user The custom questions and corresponding answers have not been cracked yet. However, there can be one or more questions. Users are free to use multiple questions for protection. The more questions or the correlation between questions and answers The lower it is, the more secure it is.

上述提问的顺序可以是固定,也可以是变动的。平台提供者可依据对于提问所输入对应的解答来进行评估、评判与把关,倘若所输入的账号与登入密码为不肖人士所冒用,企图登入并盗取利益,因为不是正确使用者,所以其无法得知并提供对应是解答,而无法破解登入程序,另一方面,同时平台提供者会依据该非正确使用者所提供是解答的回答状态,而在管理端来决定是否要封锁该账号并且重新产生新的登入密码,之后再将该新的登入密码寄予该账户使用者预设的通信处,例如电子信箱或是任何联络方式,平台提供者同时要求该账户使用者重新以新的密码登入并且再次变更新的登入密码、提问、与相对应的解答,以确保其账户安全。The sequence of the above questions may be fixed or variable. The platform provider can evaluate, judge and check based on the corresponding answers to the questions entered. If the entered account number and login password are fraudulently used by unscrupulous people, attempting to log in and steal benefits, because they are not correct users, so other It is impossible to know and provide the corresponding answer, and it is impossible to crack the login procedure. On the other hand, at the same time, the platform provider will decide whether to block the account on the management side based on the answer status of the incorrect answer provided by the incorrect user and Regenerate a new login password, and then send the new login password to the account user's default communication place, such as email or any contact information, and the platform provider also requires the account user to log in with the new password And change the updated login password, questions, and corresponding answers again to ensure the security of their accounts.

当使用者正确地登入其账号之后,若要进行各种安全性的操作,包括买、卖、上传、下载,或是变更个人信息、登入密码、提问与解答等操作时,本实用新型在服务器10也提供安全验证模块101来验证上述执行的程序,在此安全验证模块101可以数字凭证、签章、金钥等方式来进行验证,待平台提供者验证通过之后才允许其行使各种安全性的操作,如此可以完善地提供多重保护,同时也让本实用新型的网络登入安全设备1的安全性机制更有使用上的弹性。After the user logs in his account correctly, if he wants to perform various security operations, including buying, selling, uploading, downloading, or changing personal information, login password, questions and answers, etc., the utility model will 10 also provides a security verification module 101 to verify the above-mentioned executed programs. Here, the security verification module 101 can perform verification in the form of digital certificates, signatures, keys, etc., and the platform provider is allowed to exercise various types of security after the verification is passed. In this way, multiple protections can be perfectly provided, and at the same time, the security mechanism of the network login security device 1 of the present invention is more flexible in use.

条件式验证模块20本身可提供使用者自定义登入条件,使用者所提供的解答可以通过输入或是上传等方式传至服务器10,若为正确的使用平台,则会针对其所提供的解答进行比对与验证,同样地,在此的验证方式也可结合数字签章、金钥、或是各种加解密的算法,但不以此为限。The conditional verification module 20 itself can provide user-defined login conditions, and the answers provided by the users can be sent to the server 10 by inputting or uploading. Comparison and verification, similarly, the verification method here can also be combined with digital signature, key, or various encryption and decryption algorithms, but not limited thereto.

使用者自定义的条件式即为一把登入的钥匙,在此,网络登入安全设备1所揭露的方式会将这把条件式的登入钥匙,通过判断对应解答的正确状况来进行判读,且因为考虑了真正的使用者也会有输入错误解答的状况,所以在条件式验证模块20还包括容错率记算单元26,并且在考虑了一般输入错误解答的错误率并不会太高,除非提供解答的使用者为非法登入,非法登入的使用者会因无法提出正确解答而导致极高的问题错误率,即无法正确回答提问所对应的解答。因此容错率记算单元26本身可界定出错误标准值,倘若对应解答的错误率超过该错误标准值,则不允许使用者登入并且封锁此账号,同时会将新的使用者密码,通过使用者预设的通信联络方式,例如邮件信箱、电话号码、连络地址等寄予使用者,并要求使用者重新以此新产生的登入密码重新登入账号,再次变更其登入密码、提问与相对应的解答。The conditional expression defined by the user is a login key. Here, the method disclosed by the network login security device 1 will interpret the login key of the conditional expression by judging the correct status of the corresponding answer, and because Considering that real users also have the situation of inputting wrong answers, so the conditional verification module 20 also includes an error tolerance rate calculation unit 26, and considering that the error rate of general input wrong answers will not be too high, unless provided The user who answers is illegally logged in, and the user who is illegally logged in will cause a very high question error rate because he cannot provide a correct answer, that is, he cannot correctly answer the answer corresponding to the question. Therefore the error tolerance calculation unit 26 itself can define the error standard value, if the error rate corresponding to the answer exceeds the error standard value, the user is not allowed to log in and the account is blocked, and the new user password will be passed to the user. The default communication and contact methods, such as email address, phone number, contact address, etc., are sent to the user, and the user is required to log in to the account again with the newly generated login password, and change the login password, question and corresponding answer again .

网络登入安全设备1公开的使用者自定义条件式的安全机制,包含一项施行的特点,即当使用者输入对应于自定义提问的解答时,当输入错误时,操作接口21上不会提示使用者其所输入的为错误的解答,而是等到使用者解答完所有自定义提问后再进行判读,倘若高于前述错误标准值,即底于安全容错的门坎则会告知使用者无法成功登入并封锁该账户,达到的好处在于解答的提供者即使是非法登入,也无法用尝试错误的方法来猜测或是使用暴力攻击法进行破解该相对应的解答。当非法登入者通过钓鱼方式取得登入者账号后,遭遇后续的提问也只有一次机会进行解答的猜测,因此错误率大,便无法登入网络;当真正使用者被告的账号遭人尝试非法登入后,即可自行再次进行提问、解答、与登入密码的变更,如此将能保障使用者账户的安全性。The user-defined conditional security mechanism disclosed by the network login security device 1 includes an implementation feature, that is, when the user inputs the answer corresponding to the self-defined question, when the input is wrong, the operation interface 21 will not prompt What the user enters is a wrong answer, but waits until the user has answered all the custom questions before making an interpretation. If it is higher than the aforementioned error standard value, that is, it is below the threshold of safety and fault tolerance, the user will be notified that he cannot log in successfully The advantage of blocking the account is that even if the provider of the answer logs in illegally, he cannot use trial and error to guess or use a brute force attack to crack the corresponding answer. When an illegal login obtains the login account through phishing, there is only one chance to guess the answer to subsequent questions, so the error rate is high, and the network cannot be logged in; when the account of the real user defendant is illegally logged in, You can ask questions, answer questions, and change the login password by yourself, which will ensure the security of the user account.

本实用新型的网络登入安全设备1公开的使用者自定义条件式的安全机制,其安全性的高低取决于使用者自定义的条件式,其一,使用者自定义的提问与解答间的关联性低,越不易被人破解;其二,使用者自定义的条件式越多,安全性越高,然而缺点是造成使用者登入时的不便,但是如何取决则决定于使用者自身,使用者随时可藉由自定义条件式并考虑输入便利性来变更安全性的高低。The user-defined conditional safety mechanism disclosed by the network login security device 1 of the present utility model, its security depends on the user-defined conditional formula, first, the association between user-defined questions and answers The lower the security, the harder it is to be cracked; second, the more user-defined conditional expressions, the higher the security. However, the disadvantage is that it will cause inconvenience to the user when logging in, but how to decide depends on the user himself. The level of security can be changed at any time by customizing the conditional formula and considering the convenience of input.

平台提供者可以决定所述使用者自定义的条件式的出现顺序是否固定,同时针对不同的需求与安全状况进行调整;此外,提问与解答的验证方式也可视情况进行调整,例如是针对文字、数字性的进行比对;或是针对数字签章后的文件进行验证签章;也可以通过加解密的技术来验证使用者所提供的解答。条件式的往返可以是一次性,也可以是多次性,倘若融合加解密技术,使用者端与平台端也可以通过这种提问与解答的方式传递加解密过的文件,再由后端的程序来进行演算,此皆为可行的应用方式。The platform provider can decide whether the order of appearance of the user-defined conditional expressions is fixed or not, and at the same time adjust it according to different needs and security situations; in addition, the verification method of questions and answers can also be adjusted according to the situation, for example, for text , Digitally compare; or verify the signature for the digitally signed document; it is also possible to verify the answer provided by the user through encryption and decryption technology. The conditional round trip can be one-time or multiple times. If the encryption and decryption technology is integrated, the user end and the platform end can also pass the encrypted and decrypted files through this question and answer method, and then the back-end program To perform calculations, these are all feasible application methods.

虽然本实用新型的技术内容已经以较佳实施例揭露如上,然其并非用以限定本实用新型,任何熟习此技艺者,在不脱离本实用新型的精神所作些许的更动与润饰,皆应涵盖于本实用新型的范畴内,因此本实用新型的保护范围当视权利要求所界定者为准。Although the technical content of the present utility model has been disclosed above with preferred embodiments, it is not intended to limit the present utility model. Anyone who is familiar with the art should make some changes and modifications without departing from the spirit of the present utility model. It falls within the scope of the present utility model, so the protection scope of the present utility model should be defined by the claims.

Claims (9)

1.一种网络登入安全设备,其特征在于,包含:1. A network login security device, characterized in that it comprises: 一服务器,通过因特网连接一使用者终端设备;a server connected to a user terminal device through the Internet; 一条件式验证模块,连接该服务器,该条件式验证模块包含:A conditional verification module, connected to the server, the conditional verification module includes: 一账号输入单元,输入使用者账号;An account input unit for inputting a user account; 一密码输入单元,输入使用者密码;及a password input unit for inputting the user password; and 一自定义问答单元,要求使用者自定义登入网站的一提问与一解答,藉由该解答相对应符合该提问的该解答时,得以验证使用者并让使用者登入网站操作;及A self-defined question and answer unit, which requires the user to customize a question and an answer for logging in to the website, and when the answer corresponds to the answer matching the question, the user can be authenticated and the user can log in to the website for operation; and 一数据库,连接于该服务器并储存该条件式验证模块的数据。A database is connected to the server and stores the data of the conditional verification module. 2.如权利要求1所述的网络登入安全设备,其特征在于,其中该条件式验证模块还包括一登入条件单元,提供使用者自定义登入条件。2. The network login security device according to claim 1, wherein the conditional authentication module further comprises a login condition unit, which provides user-defined login conditions. 3.如权利要求1所述的网络登入安全设备,其特征在于,其中该自定义问答单元的该提问与该解答为一文字、一密码、一图文件、一数字签章后的文件或是一金钥。3. The network login security device according to claim 1, wherein the question and the answer of the self-defined question and answer unit are a text, a password, a picture file, a digitally signed file, or a key. 4.如权利要求1所述的网络登入安全设备,其特征在于,其中该自定义问答单元还包括一进阶设定单元,设定所述提问呈现于一操作接口。4 . The network login security device according to claim 1 , wherein the self-defined question and answer unit further comprises an advanced setting unit for setting the question to be presented on an operation interface. 5.如权利要求1所述的网络登入安全设备,其特征在于,还包括一管理者终端设备,连接该服务器并对于使用者输入该自定义问答单元的该解答进行评估。5. The network login security device according to claim 1, further comprising an administrator terminal device connected to the server and evaluating the answer input by the user into the self-defined question and answer unit. 6.如权利要求1所述的网络登入安全设备,其特征在于,其中该服务器还包括一安全验证模块加以验证。6. The network login security device according to claim 1, wherein the server further includes a security verification module for verification. 7.如权利要求6所述的网络登入安全设备,其特征在于,其中该安全验证模块为一数字凭证、一签章或一金钥方式进行验证。7 . The network login security device according to claim 6 , wherein the security verification module performs verification by means of a digital certificate, a signature or a key. 8.如权利要求1所述的网络登入安全设备,其特征在于,其中该条件式验证模块的该解答以通过输入或上传方式传至该服务器。8. The network login security device according to claim 1, wherein the answer of the conditional verification module is sent to the server by inputting or uploading. 9.如权利要求1所述的网络登入安全设备,其特征在于,其中该条件式验证模块还包括一容错率记算单元,当该解答的错误率高于标准,则封锁该账号并产生新的登入密码给使用者端。9. The network login security device according to claim 1, wherein the conditional verification module further includes a fault-tolerance rate calculation unit, and when the error rate of the answer is higher than the standard, the account is blocked and a new account is generated. The login password for the client.
CN2011203519657U 2011-09-16 2011-09-16 Network Login Security Appliance Expired - Fee Related CN202218261U (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN2011203519657U CN202218261U (en) 2011-09-16 2011-09-16 Network Login Security Appliance

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN2011203519657U CN202218261U (en) 2011-09-16 2011-09-16 Network Login Security Appliance

Publications (1)

Publication Number Publication Date
CN202218261U true CN202218261U (en) 2012-05-09

Family

ID=46017486

Family Applications (1)

Application Number Title Priority Date Filing Date
CN2011203519657U Expired - Fee Related CN202218261U (en) 2011-09-16 2011-09-16 Network Login Security Appliance

Country Status (1)

Country Link
CN (1) CN202218261U (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102693392A (en) * 2012-05-18 2012-09-26 苏州慧飞信息科技有限公司 Protection software
CN103856325A (en) * 2012-11-29 2014-06-11 北京旋极信息技术股份有限公司 Setting method, setting system, transaction protection method and transaction protection system for challenge-response token
CN107944105A (en) * 2017-11-14 2018-04-20 新疆智尚高科电子科技有限公司 Petrochemicals design platform and its method based on triz theories

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102693392A (en) * 2012-05-18 2012-09-26 苏州慧飞信息科技有限公司 Protection software
CN103856325A (en) * 2012-11-29 2014-06-11 北京旋极信息技术股份有限公司 Setting method, setting system, transaction protection method and transaction protection system for challenge-response token
CN107944105A (en) * 2017-11-14 2018-04-20 新疆智尚高科电子科技有限公司 Petrochemicals design platform and its method based on triz theories

Similar Documents

Publication Publication Date Title
US10791126B2 (en) System and methods for protecting users from malicious content
US8370899B2 (en) Disposable browser for commercial banking
USRE46158E1 (en) Methods and systems to detect attacks on internet transactions
Huang et al. Using one-time passwords to prevent password phishing attacks
Krawiecka et al. Safekeeper: Protecting web passwords using trusted execution environments
CN107209830A (en) Method for recognizing and resisting network attack
CN108234519A (en) Detect and prevent the man-in-the-middle attack on encryption connection
KR20130131682A (en) Method for web service user authentication
Aravindhan et al. One time password: A survey
Bursztein et al. Sessionjuggler: secure web login from an untrusted terminal using session hijacking
Tan et al. Enhanced security of internet banking authentication with extended honey encryption (XHE) scheme
CN106209851A (en) A kind of safety protection system and method for Computer information network
Szydlowski et al. Secure input for web applications
CN202218261U (en) Network Login Security Appliance
Bravo-Lillo et al. Operating system framed in case of mistaken identity: measuring the success of web-based spoofing attacks on os password-entry dialogs
Subsorn et al. An investigation of internet banking security of selected licensed banks in Vietnam
AU2011100338A4 (en) Method and /or device for managing authentication data
Woschek Owasp cheat sheets
Aljawarneh et al. A web client authentication system using smart card for e-systems: initial testing and evaluation
Xie et al. VOAuth: A solution to protect OAuth against phishing
Drake et al. Designing a User-Experience-First, Privacy-Respectful, high-security mutual-multifactor authentication solution
CN106789850A (en) Information processing method, the method for login service device, device, server and terminal
KR20150104667A (en) Authentication method
TWI473507B (en) QR code interactive OTP password authentication method
Saini Comparative analysis of top 5, 2-factor authentication solutions

Legal Events

Date Code Title Description
C14 Grant of patent or utility model
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20120509

Termination date: 20150916

EXPY Termination of patent right or utility model