The content of the invention
The purpose of the application is to propose a kind of improved checking system, method and apparatus, to solve background above technologyThe technical problem that part is mentioned.
In a first aspect, the embodiment of the present application provides a kind of checking system, the system includes authentication server, air control serviceDevice, service server;Wherein, authentication server, the target verification code for receiving the transmission of target terminal equipment obtain request, andSend to air control server;Air control server, for determining that target verification code obtains the corresponding targeted security grade of request, andSend to authentication server;Authentication server, it is additionally operable to obtain the target verification code information corresponding to targeted security grade, concurrentlyTarget terminal equipment is delivered to, is verified so that target terminal equipment is sent according to the prompting of target verification code information to service serverCode;Service server, for receiving identifying code from target terminal equipment, and send to authentication server;Authentication server, also useIn identifying code is matched with the target verification code corresponding to target verification code information, the first matching result is obtained, and sendTo service server;Service server, it is additionally operable to determine to verify whether to pass through according to the first matching result.
In certain embodiments, air control server, it is specifically used for:Obtain the present flow rate of service server;To currently it flowAmount obtains the first comparative result compared with the first predetermined threshold value;Obtain the safe class corresponding with the first comparative resultAs targeted security grade, wherein, the first different comparative results corresponds to different safe classes.
In certain embodiments, target verification code, which obtains request, includes targeted customer's mark;And air control server, specificallyFor:Targeted customer's mark is matched in the reference user's logo collection prestored, obtains the second matching result;ObtainThe safe class corresponding with the second matching result is taken as targeted security grade, wherein, the second different matching results is correspondingDifferent safe classes.
In certain embodiments, target verification code, which obtains request, includes target service mark;And air control server, specificallyFor:The identifying code obtained in the first preset time period obtains request set, wherein, identifying code, which obtains request, includes business markKnow;Identifying code out of first preset time period, which obtains, extracts service identification set in request set;By target service mark withEach service identification in service identification set is matched respectively, obtains the number that the match is successful;By the number that the match is successfulCompared with the second predetermined threshold value, the second comparative result is obtained;The safe class corresponding with the second comparative result is obtained to makeFor targeted security grade, wherein, the second different comparative results corresponds to different safe classes.
In certain embodiments, target verification code, which obtains request, includes targeted internet Protocol IP address;And air control clothesBusiness device, is specifically used for:The identifying code obtained in the second preset time period obtains request set, wherein, identifying code obtains request bagInclude IP address;Identifying code out of second preset time period, which is obtained in request set, extracts the identifying code including target ip addressRequest is obtained, identifying code to be determined is generated and obtains request set;It is pre- to determine whether identifying code acquisition request set to be determined meetsIf condition, and obtain determining result;The safe class corresponding with determining result is obtained as targeted security grade, wherein, noSame determination result corresponds to different safe classes.
In certain embodiments, identifying code, which obtains request, includes user's mark, and air control server is previously stored with reference to useFamily logo collection;And preparatory condition is including at least one of following:Identifying code to be determined obtains the checking corresponding to request setNumber is not less than the 3rd predetermined threshold value;Identifying code to be determined obtain corresponding to request set to be proved to be successful rate pre- not less than the 4thIf threshold value;Identifying code to be determined obtains the ratio of the quantity and the quantity of all users mark of the reference user mark in request setValue is not less than the 5th predetermined threshold value;And identifying code to be determined obtains the checking corresponding to the reference user mark in request setThe ratio of the number checking number corresponding with all users mark is not less than the 6th predetermined threshold value.
In certain embodiments, service server, it is additionally operable to:The target verification request that target terminal equipment is sent is received,And send target session request to create to authentication server;Authentication server, it is additionally operable to:Target session is created, and by target meetingThe information of words is sent to service server;Service server, it is additionally operable to:The information of target session is sent to target terminal and setIt is standby, so that target terminal equipment sends target verification code by target session to authentication server obtains request.
Second aspect, the embodiment of the present application provide a kind of verification method for authentication server, and this method includes:ConnectReceive the target verification code that target terminal equipment is sent and obtain request, and send to air control server, so that air control server determinesTarget verification code obtains the corresponding targeted security grade of request;Targeted security grade is obtained from air control server, obtains targetTarget verification code information corresponding to safe class, and send to target terminal equipment, so that target terminal equipment is according to targetThe prompting of verification code information sends identifying code to service server;Identifying code is obtained from service server, and by identifying code and meshTarget verification code corresponding to mark verification code information is matched, and obtains the first matching result;By the first matching result send toService server, so that service server determines to verify whether to pass through according to the first matching result.
In certain embodiments, targeted security grade is that air control server obtains as follows:Acquisition business takesThe present flow rate of business device;By present flow rate compared with the first predetermined threshold value, the first comparative result is obtained;Obtain and the first ratioThe safe class corresponding compared with result as targeted security grade, wherein, the first different comparative results corresponds to different safetyGrade.
In certain embodiments, target verification code, which obtains request, includes targeted customer's mark;And targeted security grade isAir control server obtains as follows:Targeted customer's mark is carried out in the reference user's logo collection prestoredMatching, obtains matching result;The safe class corresponding with matching result is obtained as targeted security grade, wherein, it is differentMatching result corresponds to different safe classes.
In certain embodiments, target verification code, which obtains request, includes target service mark;And targeted security grade isAir control server obtains as follows:The identifying code obtained in the first preset time period obtains request set, wherein, testCard code, which obtains request, includes service identification;Identifying code out of first preset time period, which is obtained in request set, extracts service identificationSet;Target service is identified and matched respectively with each service identification in service identification set, obtains what the match is successfulNumber;By the number that the match is successful compared with the second predetermined threshold value, the second comparative result is obtained;Obtain and tied compared with secondThe corresponding safe class of fruit as targeted security grade, wherein, the second different comparative results corresponds to different safe classes.
In certain embodiments, target verification code, which obtains request, includes targeted internet Protocol IP address;And target peaceCongruent level is that air control server obtains as follows:Obtain the identifying code in the second preset time period and obtain request collectionClose, wherein, identifying code, which obtains request, includes IP address;Identifying code out of second preset time period obtains to be extracted in request setGo out the identifying code including target ip address and obtain request, generate identifying code to be determined and obtain request set;Determine checking to be determinedCode obtains whether request set meets preparatory condition, and obtains determining result;Obtain the safe class corresponding with determining resultAs targeted security grade, wherein, different determination results corresponds to different safe classes.
In certain embodiments, identifying code, which obtains request, includes user's mark, and air control server is previously stored with reference to useFamily logo collection;And preparatory condition is including at least one of following:Identifying code to be determined obtains the checking corresponding to request setNumber is not less than the 3rd predetermined threshold value;Identifying code to be determined obtain corresponding to request set to be proved to be successful rate pre- not less than the 4thIf threshold value;Identifying code to be determined obtains the ratio of the quantity and the quantity of all users mark of the reference user mark in request setValue is not less than the 5th predetermined threshold value;And identifying code to be determined obtains the checking corresponding to the reference user mark in request setThe ratio of the number checking number corresponding with all users mark is not less than the 6th predetermined threshold value.
The third aspect, the embodiment of the present application provide a kind of checking device for authentication server, and the device includes:ConnectUnit is received, is configured to receive the target verification code acquisition request that target terminal equipment is sent, and is sent to air control server, withAir control server is set to determine that target verification code obtains the corresponding targeted security grade of request;Acquiring unit, it is configured to from windControl server and obtain targeted security grade, obtain the target verification code information corresponding to targeted security grade, and send to targetTerminal device, so that target terminal equipment sends identifying code according to the prompting of target verification code information to service server;MatchingUnit, it is configured to obtain identifying code from service server, and identifying code and the target corresponding to target verification code information is testedCard code is matched, and obtains the first matching result;Transmitting element, it is configured to send the first matching result to business serviceDevice, so that service server determines to verify whether to pass through according to the first matching result.
In certain embodiments, targeted security grade is that air control server obtains as follows:Acquisition business takesThe present flow rate of business device;By present flow rate compared with the first predetermined threshold value, the first comparative result is obtained;Obtain and the first ratioThe safe class corresponding compared with result as targeted security grade, wherein, the first different comparative results corresponds to different safetyGrade.
In certain embodiments, target verification code, which obtains request, includes targeted customer's mark;And targeted security grade isAir control server obtains as follows:Targeted customer's mark is carried out in the reference user's logo collection prestoredMatching, obtains matching result;The safe class corresponding with matching result is obtained as targeted security grade, wherein, it is differentMatching result corresponds to different safe classes.
In certain embodiments, target verification code, which obtains request, includes target service mark;And targeted security grade isAir control server obtains as follows:The identifying code obtained in the first preset time period obtains request set, wherein, testCard code, which obtains request, includes service identification;Identifying code out of first preset time period, which is obtained in request set, extracts service identificationSet;Target service is identified and matched respectively with each service identification in service identification set, obtains what the match is successfulNumber;By the number that the match is successful compared with the second predetermined threshold value, the second comparative result is obtained;Obtain and tied compared with secondThe corresponding safe class of fruit as targeted security grade, wherein, the second different comparative results corresponds to different safe classes.
In certain embodiments, target verification code, which obtains request, includes targeted internet Protocol IP address;And target peaceCongruent level is that air control server obtains as follows:Obtain the identifying code in the second preset time period and obtain request collectionClose, wherein, identifying code, which obtains request, includes IP address;Identifying code out of second preset time period obtains to be extracted in request setGo out the identifying code including target ip address and obtain request, generate identifying code to be determined and obtain request set;Determine checking to be determinedCode obtains whether request set meets preparatory condition, and obtains determining result;Obtain the safe class corresponding with determining resultAs targeted security grade, wherein, different determination results corresponds to different safe classes.
In certain embodiments, identifying code, which obtains request, includes user's mark, and air control server is previously stored with reference to useFamily logo collection;And preparatory condition is including at least one of following:Identifying code to be determined obtains the checking corresponding to request setNumber is not less than the 3rd predetermined threshold value;Identifying code to be determined obtain corresponding to request set to be proved to be successful rate pre- not less than the 4thIf threshold value;Identifying code to be determined obtains the ratio of the quantity and the quantity of all users mark of the reference user mark in request setValue is not less than the 5th predetermined threshold value;And identifying code to be determined obtains the checking corresponding to the reference user mark in request setThe ratio of the number checking number corresponding with all users mark is not less than the 6th predetermined threshold value.
Fourth aspect, the embodiment of the present application provide a kind of server, and the server includes:One or more processors;Storage device, for storing one or more programs;When one or more programs are executed by one or more processors so that oneIndividual or multiple processors realize the method as described in any implementation in second aspect.
5th aspect, the embodiment of the present application provide a kind of computer-readable recording medium, are stored thereon with computer journeySequence, the method as described in any implementation in second aspect is realized when the computer program is executed by processor.
Checking system, the method and apparatus of the embodiment of the present application offer, authentication server receive target terminal equipment and sentTarget verification code obtain request, and send to air control server;It is right that air control server determines that target verification code obtains request instituteThe targeted security grade answered, and send to authentication server;The target that authentication server obtains corresponding to targeted security grade is testedDemonstrate,prove code information, and send to target terminal equipment so that target terminal equipment according to the prompting of target verification code information to businessServer sends identifying code;Service server receives identifying code from target terminal equipment, and sends to authentication server;Checking clothesBusiness device is matched identifying code with the target verification code corresponding to target verification code information, obtains the first matching result, concurrentlyDeliver to service server;Service server determines to verify whether to pass through according to the first matching result.By air control server to meshMark identifying code obtains request and analyzed, so that it is determined that going out target verification code obtains the corresponding targeted security grade of request, leads toThe target verification code information corresponding to authentication server acquisition targeted security grade is crossed, is pointedly carried out it is achieved thereby that being imbued withChecking.
Embodiment
The application is described in further detail with reference to the accompanying drawings and examples.It is understood that this place is retouchedThe specific embodiment stated is used only for explaining related invention, rather than the restriction to the invention.It also should be noted that in order toBe easy to describe, illustrate only in accompanying drawing to about the related part of invention.
It should be noted that in the case where not conflicting, the feature in embodiment and embodiment in the application can phaseMutually combination.Describe the application in detail below with reference to the accompanying drawings and in conjunction with the embodiments.
Fig. 1 shows the exemplary system architecture 100 of the checking system according to the embodiment of the present application.
As shown in figure 1, system architecture 100 can include terminal device 101,102,103, authentication server 104, business clothesBusiness device 105, air control server 106 and network 107,108.Network 107 is in terminal device 101,102,103, the service for checking credentialsThe medium of communication link is provided between device 104 and service server 105.Network 108 is in authentication server 104 and air control clothesThe medium of communication link is provided between business device 106.Network 107,108 can include various connection types, such as wired, channel radioBelieve link or fiber optic cables etc..
User can be interacted with using terminal equipment 101,102,103 by network 107 with authentication server 104, to receiveOr send message etc..Various telecommunication customer end applications, such as web browser can be installed on terminal device 101,102,103Using, shopping class application, JICQ, mailbox client, social platform software etc..
Terminal device 101,102,103 can be had display screen and support the various electronics that verification code information browses to setIt is standby, including but not limited to smart mobile phone, tablet personal computer, intelligent wearable device (such as intelligent watch), portable meter on kneeCalculation machine and desktop computer etc..
Authentication server 104 can provide various services.For example, authentication server 104 can be by network 107 from terminalEquipment 101,102,103 receives target verification code and obtains request, and target verification code is obtained into request by network 108 and sent extremelyAir control server 106;Authentication server 105 can also receive targeted security grade by network 108 from air control server 106,Obtain targeted security grade corresponding to target verification code information, and by network 107 send to terminal device 101,102,103;Authentication server 104 can also receive identifying code by network 107 from service server 105, by received checkingCode is matched with the identifying code corresponding to target verification code information, obtains the first matching result, and by network 107 send toService server 105.
Service server 105 can be the background server of terminal device 101,102,103 requested services.Business serviceDevice 105 can be according to the matching result of difference first received by network 107 from authentication server 104, to terminal device101st, the different interface of 102,103 displayings.
Air control server 106 can be interacted by network 108 with authentication server 104, to send or receive message etc..ExampleSuch as, air control server 106 can receive target verification code from authentication server 104 with used network 108 and obtain request, and to targetIdentifying code obtains request and carries out the processing such as analyzing, and result (such as targeted security grade) is fed back to by network 108Authentication server 104.
It should be noted that the verification method for authentication server that the embodiment of the present application is provided typically is taken by checkingBusiness device 104 is performed, and correspondingly, the checking device for authentication server is generally positioned in authentication server 104.
It should be understood that the number of the terminal device, authentication server, service server, air control server and network in Fig. 1It is only schematical.According to realizing needs, can have any number of terminal device, authentication server, service server,Air control server and network.
With continued reference to Fig. 2, it illustrates the sequential 200 of one embodiment of the checking system according to the application.
Checking system in the present embodiment can include authentication server (such as authentication server 104 shown in Fig. 1), windControl server (such as air control server 106 shown in Fig. 1), service server (such as service server 105 shown in Fig. 1);Wherein, authentication server, the target verification code for receiving the transmission of target terminal equipment obtains request, and sends to air control serviceDevice;Air control server, for determining that target verification code obtains the corresponding targeted security grade of request, and send to the service for checking credentialsDevice;Authentication server, it is additionally operable to obtain the target verification code information corresponding to targeted security grade, and sends to target terminal and setIt is standby, so that target terminal equipment sends identifying code according to the prompting of target verification code information to service server;Service server,For receiving identifying code from target terminal equipment, and send to authentication server;Authentication server, it is additionally operable to identifying code and meshTarget verification code corresponding to mark verification code information is matched, and obtains the first matching result, and send to service server;IndustryBusiness server, it is additionally operable to determine to verify whether to pass through according to the first matching result.
As shown in Fig. 2 in step 201, authentication server receives the target verification code that target terminal equipment is sent and obtainedRequest.
In the present embodiment, authentication server (such as authentication server 104 shown in Fig. 1) can be by wired connection sideFormula or radio connection receive target from target terminal equipment (such as terminal device 101,102,103 shown in Fig. 1) and testedDemonstrate,prove code and obtain request.Wherein, target verification code, which obtains request, can include but is not limited to targeted customer's mark, target service markKnowledge, Target IP (Internet Protocol, Internet protocol) address etc..Targeted customer's mark can send target to testUser's mark that code obtains the currently logged on user for the target terminal equipment asked is demonstrate,proved, generally by the group such as numeral, letter, symbolInto for unique mark user, for example, targeted customer's mark can be targeted customer's account.Target service mark can be meshThe service identification of the current request business of terminal device is marked, is generally made up of numeral, letter, symbol etc., for unique mark industryBusiness.Target ip address can be the IP address of target terminal equipment, can be used for unique mark terminal device.
In some optional implementations of the present embodiment, target terminal equipment can be taken by target session to checkingBusiness device sends target verification code and obtains request.Specifically, can be realized by following steps:
First, service server receives the target verification request that target terminal equipment is sent, and is sent to authentication serverTarget session request to create.
Here, when target terminal equipment is to service server (such as service server 105 shown in Fig. 1) requested service,Checking button would generally be included on the interface that service server is shown in target terminal equipment.Pressed when targeted customer clicks on checkingDuring button, target terminal equipment just sends target verification request to service server.Asked when service server receives target verificationWhen asking, target session request to create will be sent to authentication server.
Afterwards, authentication server creates target session, and the information of target session is sent to service server.
Then, service server sends the information of target session to target terminal equipment.
Finally, target terminal equipment sends target verification code to authentication server by target session and obtains request.
Here, target terminal equipment sends mesh by the target session indicated by the information of target session to authentication serverMark identifying code and obtain request.
In step 202, target verification code is obtained request and sent to air control server by authentication server.
In the present embodiment, request is obtained based on target verification code received in step 201, authentication server can be withTarget verification code is obtained into request to send to air control server (the air control server 106 shown in Fig. 1).
In step 203, air control server determines that target verification code obtains the corresponding targeted security grade of request.
In the present embodiment, after receiving the target verification code transmitted by identifying code server and obtaining request, air controlServer can determine that target verification code obtains the corresponding targeted security grade of request.
In some optional implementations of the present embodiment, air control server can determine that target is pacified as followsCongruent level:
First, the present flow rate of service server is obtained.
Wherein, the present flow rate of service server can be the current accessed amount of service server.
Then, by present flow rate compared with the first predetermined threshold value, the first comparative result is obtained.
As an example, the first comparative result can include, present flow rate is more than the first predetermined threshold value and present flow rate is not more thanFirst predetermined threshold value.
Finally, the safe class corresponding with the first comparative result is obtained as targeted security grade.
Wherein, the first different comparative results can correspond to different safe classes.As an example, if present flow rate is more thanFirst predetermined threshold value, the then corresponding higher safe class of the first comparative result;If present flow rate is not more than the first predetermined threshold value,First comparative result corresponds to relatively low safe class.
In some optional implementations of the present embodiment, obtaining request in target verification code includes targeted customer's markIn the case of, air control server can determine targeted security grade as follows:
First, targeted customer's mark is matched in the reference user's logo collection prestored, obtains secondWith result.
Here, air control server can identify targeted customer with being marked with reference to the user that each refers in user's logo collectionKnowledge is compared one by one, if identical with targeted customer's mark with reference to user's mark in the presence of one, the match is successful, conversely, thenWith unsuccessful.
Wherein, can be carried out according to a large number of users behavioral data with reference to the reference user mark in user's logo collectionAnalysis, so as to which the user behavior data obtained is abnormal (for example, reward voucher, interior same at one week was used for multiple times in one dayShop repeatedly places an order, in one week to the repeatedly comment etc. of same shop) the user of user identify.
Then, the safe class corresponding with the second matching result is obtained as targeted security grade.
Wherein, the second different matching results can correspond to different safe classes.As an example, if targeted customer identifiesThe match is successful in reference to user's logo collection, then the corresponding higher safe class of the second matching result;If targeted customer identifiesUnsuccessful with reference to matching in user's logo collection, then the second matching result corresponds to relatively low safe class.
In some optional implementations of the present embodiment, obtaining request in target verification code includes target service markIn the case of, air control server can determine targeted security grade as follows:
First, the identifying code obtained in the first preset time period obtains request set.
Wherein, identifying code, which obtains request, can include service identification.As an example, air control server can obtain it is previousIdentifying code in hour obtains request set.
Afterwards, the identifying code out of first preset time period, which obtains, extracts service identification set in request set.
Then, target service is identified and matched respectively with each service identification in service identification set, acquisitionWith successful number.
Wherein, the number that the match is successful can represent the target industry that target service mark is indicated in the first preset time periodIt is engaged in requested number.
Then, the number that the match is successful is obtained into the second comparative result compared with the second predetermined threshold value.
As an example, the second comparative result can include, the number that the match is successful is more than the second predetermined threshold value and the match is successfulNumber be not more than the second predetermined threshold value.
Finally, the safe class corresponding with the second comparative result is obtained as targeted security grade,
Wherein, the second different comparative results can correspond to different safe classes.If as an example, time that the match is successfulNumber is more than the second predetermined threshold value, then the corresponding higher safe class of the second comparative result;If the number that the match is successful is no more than theTwo predetermined threshold values, then the second comparative result correspond to relatively low safe class.
In some optional implementations of the present embodiment, obtaining request in target verification code includes targeted internet associationIn the case of discussing IP address, air control server can determine targeted security grade as follows:
First, the identifying code obtained in the second preset time period obtains request set.
Wherein, identifying code, which obtains request, can include IP address.As an example, air control server can obtain it is previous smallWhen in identifying code obtain request set.
Afterwards, the identifying code out of second preset time period obtains in request set and extracts testing including target ip addressDemonstrate,prove code and obtain request, generate identifying code to be determined and obtain request set.
Then, it is determined that identifying code to be determined obtains whether request set meets preparatory condition, and obtain determining result.
As an example, determine that result can include meeting preparatory condition and be unsatisfactory for preparatory condition.
Optionally, preparatory condition can include but is not limited at least one of following:
1st, the checking number that identifying code to be determined is obtained corresponding to request set is not less than the 3rd predetermined threshold value.Wherein, treatDetermine that identifying code obtains the quantity identifying code acquisition request set i.e. to be determined that the checking to be determined in request set obtains requestCorresponding checking number.
2nd, the rate that is proved to be successful that identifying code to be determined is obtained corresponding to request set is not less than the 4th predetermined threshold value.Wherein,Identifying code to be determined obtain corresponding to request set being proved to be successful rate identifying code i.e. to be determined obtain in request set checking intoThe checking to be determined that the quantity of work(is obtained with identifying code to be determined in request set obtains the ratio of the quantity of request.
3rd, identifying code to be determined obtains the quantity of the quantity and all users mark of the reference user mark in request setRatio be not less than the 5th predetermined threshold value.Wherein, identifying code, which obtains request, can include user's mark, and air control server in advance may be usedUser's logo collection is referred to be stored with.
4th, identifying code to be determined obtains the corresponding checking number of reference user mark and all users in request setThe ratio of the corresponding checking number of mark is not less than the 6th predetermined threshold value.Wherein, identifying code, which obtains request, can include userMark, air control server can be stored with reference to user's logo collection in advance.
Finally, the safe class corresponding with determining result is obtained as targeted security grade.
Wherein, different determination results can correspond to different safe classes.As an example, if identifying code to be determined obtainsRequest set meets preparatory condition, it is determined that the corresponding higher safe class of result;If identifying code to be determined obtains request setIt is unsatisfactory for preparatory condition, it is determined that result corresponds to relatively low safe class.
In step 204, air control server sends targeted security grade to authentication server.
In the present embodiment, the targeted security grade determined based on step 203, air control server can be pacified targetCongruent level is sent to authentication server.
In step 205, authentication server obtains the target verification code information corresponding to targeted security grade.
In the present embodiment, authentication server can obtain the target verification code information corresponding to targeted security grade.ItsIn, substantial amounts of verification code information can be previously stored with authentication server, wherein, different safe classes corresponds to different identificationsThe verification code information of difficulty.As an example, safe class is higher, its corresponding verification code information identification difficulty is higher;Safety etc.Level is lower, and its corresponding verification code information identification difficulty is lower.Wherein, verification code information can include but is not limited to Gif(Graphics Interchange Format, graphic interchange format) animation identifying code, mobile phone note verification code, mobile phone speechIdentifying code, video verification code etc..
In some optional implementations of the present embodiment, authentication server can also be updated periodically identifying code figureThe grade of piece.As an example, authentication server can be with per the grade for updating one-time authentication code picture every other hour.
In step 206, authentication server sends target verification code information to target terminal equipment.
In the present embodiment, can be by target based on the target verification code information accessed by step 205, authentication serverVerification code information is sent to target terminal equipment, so that target terminal equipment takes according to the prompting of target verification code information to businessBusiness device sends identifying code.
In step 207, service server receives identifying code from target terminal equipment.
In the present embodiment, after input validation code under prompting of the targeted customer in target verification code information, business serviceDevice can receive identifying code from target terminal equipment.
In a step 208, service server sends identifying code to authentication server.
In the present embodiment, identifying code can be sent and tested based on the identifying code received by step 207, service serverDemonstrate,prove server.
In step 209, authentication server carries out the target verification code corresponding to identifying code and target verification code informationMatching, obtains the first matching result.
In the present embodiment, identifying code server can be by the target verification corresponding to identifying code and target verification code informationCode is compared, if identifying code and target verification code-phase are same, the match is successful, if identifying code is different from target verification code,With unsuccessful.
In step 210, authentication server sends the first matching result to service server.
In the present embodiment, can be by the first matching based on the first matching result obtained by step 209, authentication serverAs a result send to service server.
In step 211, service server determines to verify whether to pass through according to the first matching result.
In the present embodiment, service server can determine to verify whether to pass through according to the first matching result.
Generally, in the case where the match is successful, service server can determine to be verified, and then to target terminal equipmentTransmission is verified result, and result is verified so as to be presented in target terminal equipment;In the case of matching is unsuccessful, businessServer can determine checking not by, and then to target terminal equipment send checking not by result so that target terminal is setStandby upper presentation checking does not pass through result.As an example, in the case where being verified, can be with presentation user in target terminal equipmentThe interface of institute's requested service;In checking not in the case of, the boundary for re-starting checking can be presented in target terminal equipmentFace.
The checking system that the embodiment of the present application provides, authentication server receive the target verification code that target terminal equipment is sentRequest is obtained, and is sent to air control server;Air control server determines that target verification code obtains the corresponding targeted security of requestGrade, and send to authentication server;Authentication server obtains the target verification code information corresponding to targeted security grade, concurrentlyTarget terminal equipment is delivered to, is verified so that target terminal equipment is sent according to the prompting of target verification code information to service serverCode;Service server receives identifying code from target terminal equipment, and sends to authentication server;Authentication server by identifying code withTarget verification code corresponding to target verification code information is matched, and obtains the first matching result, and send to service server;Service server determines to verify whether to pass through according to the first matching result.Target verification code is obtained by air control server and askedAnalyzed, so that it is determined that going out target verification code obtains the corresponding targeted security grade of request, obtained by authentication serverTarget verification code information corresponding to targeted security grade, is pointedly verified it is achieved thereby that being imbued with.
With further reference to Fig. 3, it illustrates the implementation of one of the verification method for authentication server according to the applicationThe flow 300 of example.This is used for the flow 300 of the verification method of authentication server, comprises the following steps:
Step 301, receive the target verification code that target terminal equipment is sent and obtain request, and send to air control server.
In the present embodiment, authentication server (such as authentication server 104 shown in Fig. 1) can be by wired connection sideFormula or radio connection receive target from target terminal equipment (such as terminal device 101,102,103 shown in Fig. 1) and testedDemonstrate,prove code and obtain request, and target verification code is obtained into request and sent to air control server (such as the air control server shown in Fig. 1106), so that air control server determines that target verification code obtains the corresponding targeted security grade of request.
In some optional implementations of the present embodiment, it is as follows that targeted security grade can be that air control server passes throughWhat step obtained:Obtain the present flow rate of service server;By present flow rate compared with the first predetermined threshold value, first is obtainedComparative result;The safe class corresponding with the first comparative result is obtained as targeted security grade, wherein, the different first ratioRelatively result corresponds to different safe classes.
In some optional implementations of the present embodiment, target verification code, which obtains request, can include targeted customer's markKnow;And targeted security grade can be that air control server obtains as follows:Targeted customer is identified and deposited in advanceMatched in reference user's logo collection of storage, obtain matching result;The safe class corresponding with matching result is obtained to makeFor targeted security grade, wherein, different matching results corresponds to different safe classes.
In some optional implementations of the present embodiment, target verification code, which obtains request, can include target service markKnow;And targeted security grade can be that air control server obtains as follows:Obtain in the first preset time periodIdentifying code obtains request set, wherein, identifying code, which obtains request, includes service identification;Identifying code out of first preset time periodObtain and service identification set is extracted in request set;By target service mark and each service identification point in service identification setDo not matched, obtain the number that the match is successful;By the number that the match is successful compared with the second predetermined threshold value, second is obtainedComparative result;The safe class corresponding with the second comparative result is obtained as targeted security grade, wherein, the different second ratioRelatively result corresponds to different safe classes.
In some optional implementations of the present embodiment, target verification code, which obtains request, can include targeted internetProtocol IP address;And targeted security grade can be that air control server obtains as follows:When acquisition second is defaultBetween identifying code in section obtain request set, wherein, identifying code, which obtains request, includes IP address;Out of second preset time periodIdentifying code obtains the identifying code acquisition request extracted in request set including target ip address, generates identifying code to be determined and obtainsRequest set;Determine that identifying code to be determined obtains whether request set meets preparatory condition, and obtain determining result;Obtain and trueThe corresponding safe class of result is determined as targeted security grade, wherein, different determination results corresponds to different safe classes.
In some optional implementations of the present embodiment, identifying code, which obtains request, can include user's mark, air controlServer is previously stored with reference to user's logo collection;And preparatory condition can be including but not limited at least one of following:TreatDetermine that the checking number that identifying code is obtained corresponding to request set is not less than the 3rd predetermined threshold value;Identifying code to be determined obtains requestThe corresponding rate that is proved to be successful of set is not less than the 4th predetermined threshold value;Identifying code to be determined obtains the reference user in request setThe ratio of the quantity of mark and the quantity of all users mark is not less than the 5th predetermined threshold value;And identifying code to be determined is obtained and askedSeek the ratio of the corresponding checking number of the reference user mark in the set checking number corresponding with all users mark notLess than the 6th predetermined threshold value.
Step 302, targeted security grade is obtained from air control server, obtains the target verification corresponding to targeted security gradeCode information, and send to target terminal equipment.
In the present embodiment, authentication server can obtain targeted security grade from air control server, find out target peaceTarget verification code information corresponding to congruent level, and target verification code information is sent to target terminal equipment, so that target is wholeEnd equipment sends to service server (such as service server 105 shown in Fig. 1) according to the prompting of target verification code information and testedDemonstrate,prove code.
Step 303, identifying code, and the target corresponding to by identifying code and target verification code information are obtained from service serverIdentifying code is matched, and obtains the first matching result.
In the present embodiment, authentication server can obtain identifying code from service server, and identifying code and target are testedTarget verification code corresponding to card code information is compared, if identifying code and target verification code-phase are same, the match is successful, if checkingCode is different from target verification code, then matches unsuccessful.
Step 304, the first matching result is sent to service server.
In the present embodiment, authentication server can send the first matching result to service server, so that business takesBusiness device determines to verify whether to pass through according to the first matching result.
The verification method for authentication server that the embodiment of the present application provides, first, receive target terminal equipment and sendTarget verification code obtain request, and send to air control server, so that air control server determines that target verification code obtains requestCorresponding targeted security grade;Afterwards, targeted security grade is obtained from air control server, obtained corresponding to targeted security gradeTarget verification code information, and send to target terminal equipment so that target terminal equipment carrying according to target verification code informationShow to service server and send identifying code;Then, identifying code is obtained from service server, and identifying code and target verification code is believedThe corresponding target verification code of breath is matched, and obtains the first matching result;Finally, the first matching result is sent to business and takenBusiness device, so that service server determines to verify whether to pass through according to the first matching result.Asked by the way that target verification code is obtainedSend to air control server, analyze so that air control server obtains request to target verification code, tested so that it is determined that going out targetDemonstrate,prove code and obtain the corresponding targeted security grade of request, to obtain the target verification code information corresponding to targeted security grade, fromAnd realize to be imbued with and pointedly verified.
With further reference to Fig. 4, as the realization to method shown in above-mentioned Fig. 3, it is used to verify clothes this application provides one kindOne embodiment of the checking device of business device, the device embodiment is corresponding with the embodiment of the method shown in Fig. 3, and the device is specificIt can apply in various electronic equipments.
As shown in figure 4, the checking device 400 for authentication server shown in the present embodiment can include:Receiving unit401st, acquiring unit 402, matching unit 403 and transmitting element 404.Wherein, receiving unit 401, it is configured to receive target endThe target verification code that end equipment is sent obtains request, and sends to air control server, so that air control server determines target verificationCode obtains the corresponding targeted security grade of request;Acquiring unit 402, it is configured to obtain targeted security etc. from air control serverLevel, the target verification code information corresponding to targeted security grade is obtained, and sent to target terminal equipment, so that target terminal is setThe standby prompting according to target verification code information sends identifying code to service server;Matching unit 403, it is configured to take from businessBusiness device obtains identifying code, and identifying code is matched with the target verification code corresponding to target verification code information, obtains firstMatching result;Transmitting element 404, it is configured to send the first matching result to service server, so that service server rootDetermine to verify whether to pass through according to the first matching result.
In the present embodiment, in the checking device 400 of authentication server:Receiving unit 401, acquiring unit 402,Specific processing and its caused technique effect with unit 403 and transmitting element 404 can be respectively with reference in the corresponding embodiments of figure 3Step 301, step 302, the related description of step 303 and step 304, will not be repeated here.
In some optional implementations of the present embodiment, it is as follows that targeted security grade can be that air control server passes throughWhat step obtained:Obtain the present flow rate of service server;By present flow rate compared with the first predetermined threshold value, first is obtainedComparative result;The safe class corresponding with the first comparative result is obtained as targeted security grade, wherein, the different first ratioRelatively result corresponds to different safe classes.
In some optional implementations of the present embodiment, target verification code, which obtains request, can include targeted customer's markKnow;And targeted security grade can be that air control server obtains as follows:Targeted customer is identified and deposited in advanceMatched in reference user's logo collection of storage, obtain matching result;The safe class corresponding with matching result is obtained to makeFor targeted security grade, wherein, different matching results corresponds to different safe classes.
In some optional implementations of the present embodiment, target verification code, which obtains request, can include target service markKnow;And targeted security grade can be that air control server obtains as follows:Obtain in the first preset time periodIdentifying code obtains request set, wherein, identifying code, which obtains request, includes service identification;Identifying code out of first preset time periodObtain and service identification set is extracted in request set;By target service mark and each service identification point in service identification setDo not matched, obtain the number that the match is successful;By the number that the match is successful compared with the second predetermined threshold value, second is obtainedComparative result;The safe class corresponding with the second comparative result is obtained as targeted security grade, wherein, the different second ratioRelatively result corresponds to different safe classes.
In some optional implementations of the present embodiment, target verification code, which obtains request, can include targeted internetProtocol IP address;And targeted security grade can be that air control server obtains as follows:When acquisition second is defaultBetween identifying code in section obtain request set, wherein, identifying code, which obtains request, includes IP address;Out of second preset time periodIdentifying code obtains the identifying code acquisition request extracted in request set including target ip address, generates identifying code to be determined and obtainsRequest set;Determine that identifying code to be determined obtains whether request set meets preparatory condition, and obtain determining result;Obtain and trueThe corresponding safe class of result is determined as targeted security grade, wherein, different determination results corresponds to different safe classes.
In some optional implementations of the present embodiment, identifying code, which obtains request, can include user's mark, air controlServer is previously stored with reference to user's logo collection;And preparatory condition can be including but not limited at least one of following:TreatDetermine that the checking number that identifying code is obtained corresponding to request set is not less than the 3rd predetermined threshold value;Identifying code to be determined obtains requestThe corresponding rate that is proved to be successful of set is not less than the 4th predetermined threshold value;Identifying code to be determined obtains the reference user in request setThe ratio of the quantity of mark and the quantity of all users mark is not less than the 5th predetermined threshold value;And identifying code to be determined is obtained and askedSeek the ratio of the corresponding checking number of the reference user mark in the set checking number corresponding with all users mark notLess than the 6th predetermined threshold value.
Below with reference to Fig. 5, it illustrates suitable for for realizing the computer system 500 of the server of the embodiment of the present applicationStructural representation.Server shown in Fig. 5 is only an example, should not be to the function and use range band of the embodiment of the present applicationCarry out any restrictions.
As shown in figure 5, computer system 500 includes CPU (CPU) 501, it can be read-only according to being stored inProgram in memory (ROM) 502 or be loaded into program in random access storage device (RAM) 503 from storage part 508 andPerform various appropriate actions and processing.In RAM 503, also it is stored with system 500 and operates required various programs and data.CPU 501, ROM 502 and RAM 503 are connected with each other by bus 504.Input/output (I/O) interface 505 is also connected to alwaysLine 504.
I/O interfaces 505 are connected to lower component:Importation 506 including keyboard, mouse etc.;Penetrated including such as negative electrodeThe output par, c 507 of spool (CRT), liquid crystal display (LCD) etc. and loudspeaker etc.;Storage part 508 including hard disk etc.;And the communications portion 509 of the NIC including LAN card, modem etc..Communications portion 509 via such as becauseThe network of spy's net performs communication process.Driver 510 is also according to needing to be connected to I/O interfaces 505.Detachable media 511, such asDisk, CD, magneto-optic disk, semiconductor memory etc., it is arranged on as needed on driver 510, in order to read from itComputer program be mounted into as needed storage part 508.
Especially, in accordance with an embodiment of the present disclosure, it may be implemented as computer above with reference to the process of flow chart descriptionSoftware program.For example, embodiment of the disclosure includes a kind of computer program product, it includes being carried on computer-readable mediumOn computer program, the computer program include be used for execution flow chart shown in method program code.In such realityTo apply in example, the computer program can be downloaded and installed by communications portion 509 from network, and/or from detachable media511 are mounted.When the computer program is performed by CPU (CPU) 501, perform what is limited in the present processesAbove-mentioned function.
It should be noted that the above-mentioned computer-readable medium of the application can be computer-readable signal media or meterCalculation machine readable storage medium storing program for executing either the two any combination.Computer-readable recording medium can be for example but not limited toElectricity, magnetic, optical, electromagnetic, system, device or the device of infrared ray or semiconductor, or it is any more than combination.It is computer-readableThe more specifically example of storage medium can include but is not limited to:Electrical connection, portable computing with one or more wiresMachine disk, hard disk, random access storage device (RAM), read-only storage (ROM), erasable programmable read only memory (EPROMOr flash memory), optical fiber, portable compact disc read-only storage (CD-ROM), light storage device, magnetic memory device or above-mentionedAny appropriate combination.In this application, computer-readable recording medium can be it is any include or storage program it is tangibleMedium, the program can be commanded the either device use or in connection of execution system, device.And in this application,Computer-readable signal media can be included in a base band or as a part of data-signal propagated of carrier wave, wherein carryingComputer-readable program code.The data-signal of this propagation can take various forms, and including but not limited to electromagnetism is believedNumber, optical signal or above-mentioned any appropriate combination.Computer-readable signal media can also be computer-readable storage mediumAny computer-readable medium beyond matter, the computer-readable medium can be sent, propagated or transmitted for being held by instructionRow system, device either device use or program in connection.The program code included on computer-readable mediumIt can be transmitted, included but is not limited to any appropriate medium:Wirelessly, electric wire, optical cable, RF etc., or above-mentioned any conjunctionSuitable combination.
Flow chart and block diagram in accompanying drawing, it is illustrated that according to the system of the various embodiments of the application, method and computer journeyArchitectural framework in the cards, function and the operation of sequence product.At this point, each square frame in flow chart or block diagram can generationThe part of one module of table, program segment or code, the part of the module, program segment or code include one or more useIn the executable instruction of logic function as defined in realization.It should also be noted that marked at some as in the realization replaced in square frameThe function of note can also be with different from the order marked in accompanying drawing generation.For example, two square frames succeedingly represented are actuallyIt can perform substantially in parallel, they can also be performed in the opposite order sometimes, and this is depending on involved function.Also to noteMeaning, the combination of each square frame and block diagram in block diagram and/or flow chart and/or the square frame in flow chart can be with holdingFunction as defined in row or the special hardware based system of operation are realized, or can use specialized hardware and computer instructionCombination realize.
Being described in unit involved in the embodiment of the present application can be realized by way of software, can also be by hardThe mode of part is realized.Described unit can also be set within a processor, for example, can be described as:A kind of processor bagInclude receiving unit, acquiring unit, matching unit and transmitting element.Wherein, the title of these units not structure under certain conditionsThe paired restriction of the unit in itself, for example, receiving unit is also described as " receiving the target that target terminal equipment is sent to testDemonstrate,prove code and obtain request, and send to the unit of air control server ".
As on the other hand, present invention also provides a kind of computer-readable medium, the computer-readable medium can beIncluded in server described in above-described embodiment;Can also be individualism, and without be incorporated the server in.It is above-mentionedComputer-readable medium carries one or more program, when said one or multiple programs are performed by the server,So that the server:Receive the target verification code that target terminal equipment is sent and obtain request, and send to air control server, so thatAir control server determines that target verification code obtains the corresponding targeted security grade of request;Targeted security is obtained from air control serverGrade, the target verification code information corresponding to targeted security grade is obtained, and sent to target terminal equipment, so that target terminalEquipment sends identifying code according to the prompting of target verification code information to service server;Identifying code is obtained from service server, andIdentifying code is matched with the target verification code corresponding to target verification code information, obtains the first matching result;By firstSent with result to service server, so that service server determines to verify whether to pass through according to the first matching result.
Above description is only the preferred embodiment of the application and the explanation to institute's application technology principle.People in the artMember should be appreciated that invention scope involved in the application, however it is not limited to the technology that the particular combination of above-mentioned technical characteristic formsScheme, while should also cover in the case where not departing from foregoing invention design, carried out by above-mentioned technical characteristic or its equivalent featureThe other technical schemes for being combined and being formed.Such as features described above has similar work(with (but not limited to) disclosed hereinThe technical scheme that the technical characteristic of energy is replaced mutually and formed.