技术领域technical field
本发明涉及网络安全通讯领域,具体涉及一种基于位置认证的智能移动客户端支付方法及服务器系统。The invention relates to the field of network security communication, in particular to an intelligent mobile client payment method and server system based on location authentication.
背景技术Background technique
信息安全的主要任务提供以下5种安全服务:身份认证服务、访问控制服务、数据保密服务,数据完整性服务和抗抵赖服务。其中身份认证服务实现网络安全的重要服务之一,它是网络应用系统中的第一道防线,是安全的网络系统的门户。涉及网络通信的各方必须通过某种形式的身份认证机制来证明它们的身份。目前主流的身份认证方式有3种,一种是传统的“用户名+口令”的基本认证方式,一种是基于生物特征的认证方式如人的指纹和虹膜,最后一种是基于“口令+硬件加密设备(如动态口令卡、USBKEY)”的双因素认证方式。传统的“用户名+口令”的认证方式其口令很容易被截取,安全性很低。基于生物特征的认证方式虽然安全性很高,但由于成本和技术的原因其应用有限。因此基于“口令+硬件加密设备”的双因素认证方式是目前电子商务和电子政务中广泛采用的身份认证机制The main task of information security is to provide the following five security services: identity authentication service, access control service, data confidentiality service, data integrity service and non-repudiation service. Among them, the identity authentication service is one of the important services to realize network security. It is the first line of defense in the network application system and the portal of a secure network system. Parties involved in network communications must prove their identity through some form of authentication mechanism. There are currently three mainstream identity authentication methods, one is the traditional basic authentication method of "username + password", the other is based on biometric authentication methods such as human fingerprints and irises, and the last is based on "password + Hardware encryption equipment (such as dynamic password card, USBKEY)" two-factor authentication method. The password of the traditional "username + password" authentication method is easy to be intercepted, and the security is very low. Although biometric authentication is highly secure, its application is limited due to cost and technical reasons. Therefore, the two-factor authentication method based on "password + hardware encryption device" is currently an identity authentication mechanism widely used in e-commerce and e-government affairs.
近年随着智能手机的移动支付越来越普及,安全问题成为一个重要挑战。一方面由于手机病毒、钓鱼链接、支付环境复杂、快捷支付验证环节简化等影响,使用基于账户密码的身份认证并不能提供足够的安全保障,在支付过程中在账号密码的基础上添加基于位置认证,可以提高支付的安全性。另一方面智能手机是开放系统,手机上的app可能篡改伪造位置信息,对需要真实位置的服务造成影响,尤其可能欺骗基于位置的认证应用。In recent years, with the increasing popularity of mobile payments on smartphones, security issues have become an important challenge. On the one hand, due to the impact of mobile phone viruses, phishing links, complex payment environment, and simplification of quick payment verification links, the use of identity authentication based on account passwords cannot provide sufficient security. In the payment process, location-based authentication is added on the basis of account passwords. , can improve the security of payment. On the other hand, smartphones are open systems, and apps on mobile phones may tamper with and forge location information, which will affect services that require real locations, and may especially deceive location-based authentication applications.
发明内容Contents of the invention
本发明针对上述现有技术中存在的技术问题,提供一种基于位置认证的智能移动客户端支付方法及服务器系统,大幅度增加了系统的可扩展性和重用性,在支付过程中在账号密码的基础上添加基于位置认证,可以有效提高支付的安全性。The present invention aims at the technical problems existing in the above-mentioned prior art, and provides an intelligent mobile client payment method and server system based on location authentication, which greatly increases the scalability and reusability of the system. Adding location-based authentication on the basis of , can effectively improve the security of payment.
为达到上述目的,本发明所采用的技术方案如下:In order to achieve the above object, the technical scheme adopted in the present invention is as follows:
一种基于位置认证的智能移动客户端支付方法,由移动客户端生产包含城市级别的位置信息,生成订单时在身份认证的基础上,智能移动客户端需要同时向服务器系统上传位置信息,服务器系统通过算法进行位置认证,对于可信的位置即可直接完成移动客户端的电子订单,对于不可信的位置,则要求用户进行更高级别的身份认证;如果支付时遇到问题导致暂时难以获得其位置信息,则移动客户端查询之前使用过的位置信息,如果时间戳在可接受范围内,则上传该记忆位置信息至服务器,否则,认为位置认证失败,要求客户端进行更高级的身份认证。An intelligent mobile client payment method based on location authentication. The mobile client produces location information including city level. When generating an order, on the basis of identity authentication, the intelligent mobile client needs to upload the location information to the server system at the same time, and the server system Location authentication is performed through an algorithm. For credible locations, the electronic order of the mobile client can be directly completed. For untrustworthy locations, the user is required to perform a higher level of identity authentication; if there is a problem during payment, it is temporarily difficult to obtain its location. information, the mobile client queries the previously used location information, if the timestamp is within an acceptable range, uploads the memorized location information to the server, otherwise, considers the location authentication to have failed, and requires the client to perform more advanced identity authentication.
所述服务器系统通过算法进行位置认证的具体方法是:采取时钟T这个动态因素,在位置认证的初始阶段,当用户在客户端登陆并向资源服务器发出资源访问请求时,系统提示用户输入用户名ID和密码PW,同时产生系统时钟T,然后调用RSA算法(RSA公钥密码算法是一种公认十分安全的公钥密码算法),用自己的私匙Ke计算出M=H(ID,PW,T),再将数据(ID,M)发送到服务器端,服务器端收到数据M后,查询用户数据库,得到用户密码PW’以及用户公匙Kd,同时系统采用上述相同方法计算得出时间因素T’,然后调用RSA算法,用用户的公匙Kd对M进行解密得到ID、PW和T,再将PW与PW’,T与T’分别进行比较,只有当它们都匹配的时候才能通过客户端的身份认证。The specific method for the server system to perform location authentication through an algorithm is: take the dynamic factor of clock T, and at the initial stage of location authentication, when the user logs in at the client and sends a resource access request to the resource server, the system prompts the user to enter the user name ID and password PW, generate the system clock T at the same time, then call the RSA algorithm (RSA public key cryptographic algorithm is a public key cryptographic algorithm that is recognized as very safe), use your own private key Ke to calculate M=H(ID, PW, T), and then send the data (ID, M) to the server. After the server receives the data M, it queries the user database to obtain the user password PW' and the user public key Kd. At the same time, the system uses the same method as above to calculate the time factor T', then call the RSA algorithm, use the user's public key Kd to decrypt M to get ID, PW and T, and then compare PW with PW', T and T' respectively, and only when they all match can the customer pass through end authentication.
所述时间戳不超过5min。Said time stamp shall not exceed 5 minutes.
一种基于位置认证的智能移动客户端支付的服务器系统,用于完成上述的支付方法的位置认证,包括以下模块组成:A server system for intelligent mobile client payment based on location authentication, used to complete the location authentication of the above-mentioned payment method, including the following modules:
-位置认证模块-Location authentication module
对于客户端上传到服务器的位置信息进行认证,并为通过位置认证的用户生成一个全局会话Session。Authenticate the location information uploaded by the client to the server, and generate a global session session for the user who has passed the location authentication.
位置认证模块还要实现服务器端监听线程,对于每个请求认证的客户专门使用一个线程,处理与相应客户端的所有事务。The location authentication module also implements a server-side monitoring thread, and uses a thread for each client requesting authentication to handle all transactions with the corresponding client.
-系统管理模块- System Management Module
系统管理模块主要实现一个服务器主线程,处理相应的事务;The system management module mainly implements a server main thread to handle corresponding transactions;
系统针对每一个连接的用户创建一个单独的线程,当用户通过服务器的身份认证后,会产生一个全局会话Session,驻留在服务器内存中,服务器处理该用户的一些服务请求时会参考Session里的信息;The system creates a separate thread for each connected user. When the user passes the identity authentication of the server, a global session session will be generated, which resides in the server memory. The server will refer to the session in the session when processing some service requests of the user. information;
Session包括用户ID,用户IP,用户名,创建时间,生存时间,访问权限等;Session includes user ID, user IP, user name, creation time, survival time, access rights, etc.;
系统管理模块还实现了对系统管理的接口。其主要功能有:数据库接口,设定数据库连接,以便于和后台数据库通讯。创建数据表格并且生成相应数据;The system management module also implements the interface to system management. Its main functions are: database interface, setting database connection, so as to communicate with background database. Create a data table and generate corresponding data;
-用户模块- user module
用户帐号管理,包括增加、删除、修改用户帐号,修改密码,修改密匙,修改密匙有效期,修改权限等功能;User account management, including functions such as adding, deleting, and modifying user accounts, changing passwords, changing keys, changing the validity period of keys, and changing permissions;
其中的用户管理主要包括两个方面的内容,分别为:新用户注册和用户信息更新。The user management mainly includes two aspects: new user registration and user information update.
这些信息被保存在数据库中,以备系统调用;These information are saved in the database for system calls;
此外用户模块还充当CA的角色,用来给用户发放证书;In addition, the user module also acts as a CA to issue certificates to users;
-RSA模块:RSA模块是系统的核心模块之一,主要完成大数运算,RSA算法,文本的加密解密;-RSA module: RSA module is one of the core modules of the system, which mainly completes large number operations, RSA algorithm, and text encryption and decryption;
-CA模块-CA module
给用户发放证书;Issue certificates to users;
当用户注册,证书的有效期限已经到期或者证书的私匙已经泄漏的时候,用户必须重新申请证书,CA经过核实后再对用户发放新的证书。如果是由于用户的私匙泄漏而产生的证书申请,那么更新后证书的内容与旧证书一样,只是CA用自己的新私钥对它进行数字签名;When the user registers, the validity period of the certificate has expired or the private key of the certificate has been leaked, the user must reapply for the certificate, and the CA will issue a new certificate to the user after verification. If the certificate application is generated due to the leakage of the user's private key, the content of the updated certificate is the same as that of the old certificate, except that the CA digitally signs it with its new private key;
-数据库管理模块- Database management module
维护和后台MySQL数据库通信的基本模块;The basic module for maintaining and background MySQL database communication;
其主要接口包括:数据连接,建立和维护和后台MySQL数据库的连接。其主要功能有连接数据库服务器,重新连接数据库服务器,选择数据库;Its main interfaces include: data connection, establishment and maintenance of the connection with the background MySQL database. Its main functions are to connect to the database server, reconnect to the database server, and select the database;
-日志审计模块- Log audit module
服务器系统的一个常用基本模块,几乎被所有其他模块所调用;A commonly used basic module of the server system, which is called by almost all other modules;
其主要的接口有生成相应事件日志记录,参数主要包括:时间,状态,事件类型,用户,时间处理对象等。Its main interface is to generate corresponding event log records. The parameters mainly include: time, status, event type, user, time processing object, etc.
本发明采用上述技术方案,所带来的有益效果如下:The present invention adopts above-mentioned technical scheme, and brought beneficial effect is as follows:
当代智能手机的移动支付越来越普及,安全问题是一个重要挑战。由于手机病毒、钓鱼链接、支付环境复杂、快捷支付验证环节简化等影响,使用基于账户密码的身份认证并不能提供足够的安全保障,本发明中提出的一种基于位置认证的智能移动客户端支付方法及服务器系统,在支付过程中在账号密码的基础上添加基于位置认证,可以有效提高支付的安全性。移动客户端生产包含城市级别的位置信息,生成订单时在身份认证的基础上,智能移动客户端需要同时向服务器系统上传位置信息,服务器系统通过算法进行位置认证,主要构造出一种基于位置认证的智能移动客户端支付的服务器系统,采用面向对象的软件构建技术,采用模块化设计的思想,从而大幅度增加了系统的可扩展性和重用性。With the increasing popularity of mobile payments on contemporary smartphones, security issues are an important challenge. Due to the impact of mobile phone viruses, phishing links, complex payment environment, and simplified verification links of fast payment, the use of identity authentication based on account passwords cannot provide sufficient security protection. A smart mobile client payment based on location authentication proposed in this invention In the method and server system, the location-based authentication is added to the account password in the payment process, which can effectively improve the security of payment. The mobile client production includes city-level location information. When generating an order, on the basis of identity authentication, the smart mobile client needs to upload location information to the server system at the same time. The server system performs location authentication through an algorithm, and mainly constructs a location-based authentication. The server system of intelligent mobile client payment adopts object-oriented software construction technology and the idea of modular design, which greatly increases the scalability and reusability of the system.
附图说明Description of drawings
通过阅读参照以下附图对非限制性实施例所作的详细描述,本发明的其它特征、目的和优点将会变得更明显:Other characteristics, objects and advantages of the present invention will become more apparent by reading the detailed description of non-limiting embodiments made with reference to the following drawings:
图1是本发明位置认证过程流程图;Fig. 1 is a flow chart of the location authentication process of the present invention;
图2是本发明系统结构模块组成框图;Fig. 2 is a composition block diagram of the system structure module of the present invention;
图3是RSA认证系统简化图;Fig. 3 is a simplified diagram of the RSA authentication system;
图4是RSA认证基本协议框图。Fig. 4 is a block diagram of the basic protocol of RSA authentication.
具体实施方式Detailed ways
下面结合具体实施例对本发明进行详细说明。以下实施例将有助于本领域的技术人员进一步理解本发明,但不以任何形式限制本发明。应当指出的是,对本领域的普通技术人员来说,在不脱离本发明构思的前提下,还可以做出若干变形和改进,这些都属于本发明的保护范围。The present invention will be described in detail below in conjunction with specific embodiments. The following examples will help those skilled in the art to further understand the present invention, but do not limit the present invention in any form. It should be noted that those skilled in the art can make several modifications and improvements without departing from the concept of the present invention, and these all belong to the protection scope of the present invention.
本发明所提供的基于位置认证的移动客户端支付方法,具体内容如下:The mobile client payment method based on location authentication provided by the present invention, the specific content is as follows:
智能移动设备周期性较长(例如小时),长时间间隔地的向服务器发送位置信息帧,为避免隐私泄露,移动客户端可生产包含城市级别的位置信息。生成订单时在身份认证的基础上,智能手机移动客户端需要同时向服务器系统上传位置信息,服务器系统通过算法分析该位置信息是否可信,对于可信的位置即可直接完成手机客户端的电子订单,对于不可信的位置,则要求用户进行更高级别的身份认证(例手机动态验证码等验证方式)。如果支付时遇到网络传输困难等问题导致暂时难以获得其位置信息,则移动客户端可查询之前使用过的位置信息,如果时间戳在可接受范围内一般不会超过5min,则上传该记忆位置信息至服务器,否则,认为位置认证失败,要求客户端进行更高级的身份认证。位置认证过程如图1所示。Smart mobile devices have a relatively long period (such as hours), and send location information frames to the server at long intervals. In order to avoid privacy leakage, the mobile client can generate location information including city levels. On the basis of identity authentication when generating an order, the smartphone mobile client needs to upload location information to the server system at the same time, and the server system analyzes whether the location information is credible through an algorithm, and can directly complete the electronic order of the mobile client for a credible location , for untrusted locations, the user is required to perform a higher level of identity authentication (such as mobile phone dynamic verification code and other verification methods). If it is temporarily difficult to obtain its location information due to problems such as network transmission difficulties during payment, the mobile client can query the previously used location information. If the time stamp is within an acceptable range and generally does not exceed 5 minutes, upload the memory location information to the server, otherwise, the location authentication is deemed to have failed, and the client is required to perform more advanced identity authentication. The location authentication process is shown in Figure 1.
本发明所提供的基于位置认证的移动客户端支付方法中的服务器系统,其实现思想是采用面向对象的软件构建技术,采用模块化设计的思想,大幅度增加了系统的可扩展性和重用性。服务器系统包括位置认证模块、系统管理模块、用户模块、RSA加密模块、数据库管理模块和日志审计模块六个主要模块。The realization idea of the server system in the mobile client payment method based on location authentication provided by the present invention is to adopt object-oriented software construction technology and the idea of modular design, which greatly increases the scalability and reusability of the system . The server system includes six main modules: location authentication module, system management module, user module, RSA encryption module, database management module and log audit module.
为了进行可靠的客户端位置认证,并进行安全传输,系统服务器中加入了特有的位置认证模块与RSA模块。服务器系统的整个模块结构如图2所示,其中RSA模块是系统的基础模块,主要用来实现大数运算、RSA加密解密等功能,经常会被其他模块所调用。数据库管理模块用来处理于用户数相关的一些操作,也会被其他模块基本所调用。系统的核心模块是系统管理模块,它主要用来加载服务,协调其他模块之间的功能调用。In order to perform reliable client location authentication and secure transmission, a unique location authentication module and RSA module are added to the system server. The entire module structure of the server system is shown in Figure 2. The RSA module is the basic module of the system, which is mainly used to implement functions such as large number calculation and RSA encryption and decryption, and is often called by other modules. The database management module is used to handle some operations related to the number of users, and is basically called by other modules. The core module of the system is the system management module, which is mainly used to load services and coordinate function calls between other modules.
客户端与服务器间进行位置认证时需要通过RSA模块进行身份认证,在此基础上保障了数据传输的安全性。目前在Internet上使用基于公共密钥的安全策略进行身份认证必须有一个第三方的证明授权(CA)中心为客户签发身份证明。客户和服务器各自从CA获取证明,并且信任该证明授权中心。在会话和通讯时首先交换身份证明,其中包含了将各自的公钥交给对方,然后才使用对方的公钥验证对方的数字签名、交换通讯的加密密钥等。在确定是否接受对方的身份证明时,还需检查有关服务器,以确认该证明是否有效。简化的RSA位置认证系统结构图如图3所示。The location authentication between the client and the server needs to be authenticated through the RSA module, which ensures the security of data transmission on this basis. At present, a third-party certificate authority (CA) center must issue identity certificates for customers when using public key-based security strategies for identity authentication on the Internet. The client and server each obtain a certificate from a CA and trust the certificate authority. During the conversation and communication, identity certificates are first exchanged, which includes handing over their public keys to each other, and then using the other party's public key to verify the other party's digital signature, exchanging encryption keys for communication, etc. When determining whether to accept the identity certificate of the other party, it is also necessary to check the relevant server to confirm whether the certificate is valid. The structure diagram of the simplified RSA location authentication system is shown in Fig. 3 .
该系统设计中简化了PKI机制,CA机构包含在系统服务器中,成为服务器的一个功能模块,其作用是用来为用户发放证书。客户端和服务器端总共只进行了两次信息传递,实现了一次性身份认证,简单快捷,但可能存在安全性不足的可能。为了提高安全性,系统设计中采取了时钟T这个动态因素。The system design simplifies the PKI mechanism. The CA organization is included in the system server and becomes a functional module of the server. Its role is to issue certificates for users. There are only two information transfers between the client and the server, which realizes one-time identity authentication, which is simple and fast, but there may be a possibility of insufficient security. In order to improve security, the dynamic factor of clock T is adopted in the system design.
在位置认证的初始阶段,客户端根据当前的系统时间计算出时间因素T,然后调用RSA算法,用自己的私匙Ke计算出M=H(ID,PW,T),再将数据(ID,M)发送到服务器端。服务器端收到数据M后,查询用户数据库,得到用户密码PW’以及用户公匙Kd,同时计算得出时间因素T’,然后调用RSA算法,用用户的公匙Kd对M进行解密得到ID,PW和T,再将PW与PW’,T与T’分别进行比较,只有当它们都匹配的时候才能通过客户端的身份认证。基本协议如图4所示。In the initial stage of location authentication, the client calculates the time factor T according to the current system time, then calls the RSA algorithm, calculates M=H(ID, PW, T) with its own private key Ke, and then transfers the data (ID, M) Send to the server. After the server receives the data M, it queries the user database to obtain the user password PW' and the user's public key Kd, and calculates the time factor T' at the same time, and then calls the RSA algorithm to decrypt M with the user's public key Kd to obtain the ID. PW and T, and then compare PW with PW', T with T' respectively, and only when they all match can the identity authentication of the client be passed. The basic protocol is shown in Figure 4.
以上对本发明的具体实施例进行了描述。需要理解的是,本发明并不局限于上述特定实施方式,本领域技术人员可以在权利要求的范围内做出各种变形或修改,这并不影响本发明的实质内容。Specific embodiments of the present invention have been described above. It should be understood that the present invention is not limited to the specific embodiments described above, and those skilled in the art may make various changes or modifications within the scope of the claims, which do not affect the essence of the present invention.
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510107347.0ACN104657856A (en) | 2015-03-11 | 2015-03-11 | Smart mobile client payment method and server system based on location authentication |
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510107347.0ACN104657856A (en) | 2015-03-11 | 2015-03-11 | Smart mobile client payment method and server system based on location authentication |
| Publication Number | Publication Date |
|---|---|
| CN104657856Atrue CN104657856A (en) | 2015-05-27 |
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510107347.0APendingCN104657856A (en) | 2015-03-11 | 2015-03-11 | Smart mobile client payment method and server system based on location authentication |
| Country | Link |
|---|---|
| CN (1) | CN104657856A (en) |
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106600258A (en)* | 2016-10-14 | 2017-04-26 | 惠州Tcl移动通信有限公司 | Payment location notification method and system, and server |
| CN106910057A (en)* | 2016-06-23 | 2017-06-30 | 阿里巴巴集团控股有限公司 | The safety certifying method and device of mobile terminal and mobile terminal side |
| CN107580001A (en)* | 2017-10-20 | 2018-01-12 | 珠海市魅族科技有限公司 | Using login and authentication information method to set up, device, computer installation and storage medium |
| WO2018054065A1 (en)* | 2016-09-23 | 2018-03-29 | 惠州Tcl移动通信有限公司 | Mobile terminal-based payment method and mobile terminal |
| WO2018232667A1 (en)* | 2017-06-21 | 2018-12-27 | 深圳支点电子智能科技有限公司 | Network payment method and system |
| CN111510862A (en)* | 2020-04-24 | 2020-08-07 | 支付宝(杭州)信息技术有限公司 | Terminal area positioning method and device and electronic equipment |
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101373528A (en)* | 2007-08-21 | 2009-02-25 | 联想(北京)有限公司 | Electronic payment system, device and method based on position authentication |
| CN102685093A (en)* | 2011-12-08 | 2012-09-19 | 陈易 | Mobile-terminal-based identity authentication system and method |
| CN103138921A (en)* | 2011-11-22 | 2013-06-05 | 阿里巴巴集团控股有限公司 | Method and system for verifying identity information |
| CN103532797A (en)* | 2013-11-06 | 2014-01-22 | 网之易信息技术(北京)有限公司 | Abnormity monitoring method and device for user registration |
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101373528A (en)* | 2007-08-21 | 2009-02-25 | 联想(北京)有限公司 | Electronic payment system, device and method based on position authentication |
| CN103138921A (en)* | 2011-11-22 | 2013-06-05 | 阿里巴巴集团控股有限公司 | Method and system for verifying identity information |
| CN102685093A (en)* | 2011-12-08 | 2012-09-19 | 陈易 | Mobile-terminal-based identity authentication system and method |
| CN103532797A (en)* | 2013-11-06 | 2014-01-22 | 网之易信息技术(北京)有限公司 | Abnormity monitoring method and device for user registration |
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106910057A (en)* | 2016-06-23 | 2017-06-30 | 阿里巴巴集团控股有限公司 | The safety certifying method and device of mobile terminal and mobile terminal side |
| WO2018054065A1 (en)* | 2016-09-23 | 2018-03-29 | 惠州Tcl移动通信有限公司 | Mobile terminal-based payment method and mobile terminal |
| CN106600258A (en)* | 2016-10-14 | 2017-04-26 | 惠州Tcl移动通信有限公司 | Payment location notification method and system, and server |
| WO2018232667A1 (en)* | 2017-06-21 | 2018-12-27 | 深圳支点电子智能科技有限公司 | Network payment method and system |
| CN107580001A (en)* | 2017-10-20 | 2018-01-12 | 珠海市魅族科技有限公司 | Using login and authentication information method to set up, device, computer installation and storage medium |
| CN111510862A (en)* | 2020-04-24 | 2020-08-07 | 支付宝(杭州)信息技术有限公司 | Terminal area positioning method and device and electronic equipment |
| Publication | Publication Date | Title |
|---|---|---|
| US11606352B2 (en) | Time-based one time password (TOTP) for network authentication | |
| CN107426157B (en) | Alliance chain authority control method based on digital certificate and CA authentication system | |
| CN108270571B (en) | Blockchain-based Internet of Things identity authentication system and its method | |
| CN108235806B (en) | Method, device and system for safely accessing block chain, storage medium and electronic equipment | |
| CN108092776B (en) | System based on identity authentication server and identity authentication token | |
| Abdullah et al. | Blockchain based approach to enhance big data authentication in distributed environment | |
| KR102424055B1 (en) | Apparatus and Method for Providing API Authentication using Two API Tokens | |
| CN108768988A (en) | Block chain access control method, equipment and computer readable storage medium | |
| CN103051628B (en) | Obtain the method and system of authentication token based on server | |
| KR101730757B1 (en) | Method and system for accessing device by a user | |
| US10298561B2 (en) | Providing a single session experience across multiple applications | |
| CN101978650B (en) | Secure network authentication system and method | |
| WO2018170341A1 (en) | Methods and systems for universal storage and access to user-owned credentials for trans-institutional digital authentication | |
| WO2019109097A1 (en) | Identity verification document request handling utilizing a user certificate system and user identity document repository | |
| CN105791272A (en) | A method and device for secure communication in the Internet of Things | |
| CN101686127A (en) | Novel USBKey secure calling method and USBKey device | |
| CN104657856A (en) | Smart mobile client payment method and server system based on location authentication | |
| CN105072110A (en) | Two-factor remote identity authentication method based on smart card | |
| CN110932850A (en) | Communication encryption method and system | |
| WO2020038361A1 (en) | Alliance chain-based authentication method, device and equipment and readable storage medium | |
| US20240348592A1 (en) | Apparatus and method for managing credentials | |
| CN108574576A (en) | Cross-cloud authentication method based on Kerberos system | |
| CN108566274B (en) | Method, equipment and storage equipment for seamless docking between block chain authentication systems | |
| CN117118759B (en) | Method for reliable use of user control server terminal key | |
| CN115334505B (en) | Multi-mode intelligent terminal secure communication method and system for 5G+Beidou |
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | Application publication date:20150527 | |
| RJ01 | Rejection of invention patent application after publication |