CN105262762A - Service authentication method based on triangle steadiness rule - Google Patents
Service authentication method based on triangle steadiness rule Download PDFInfo
- Publication number
- CN105262762A CN105262762A CN201510729095.5A CN201510729095A CN105262762A CN 105262762 A CN105262762 A CN 105262762A CN 201510729095 A CN201510729095 A CN 201510729095A CN 105262762 A CN105262762 A CN 105262762A
- Authority
- CN
- China
- Prior art keywords
- service
- conversational communication
- server
- session
- terminal
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 64
- 238000004891 communication Methods 0.000 claims abstract description 85
- 238000013475 authorization Methods 0.000 claims description 11
- 238000005516 engineering process Methods 0.000 description 4
- 230000002452 interceptive effect Effects 0.000 description 3
- 230000009286 beneficial effect Effects 0.000 description 2
- 241000700605 Viruses Species 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 125000004122 cyclic group Chemical group 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0861—Network architectures or network communication protocols for network security for authentication of entities using biometrical features, e.g. fingerprint, retina-scan
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0884—Network architectures or network communication protocols for network security for authentication of entities by delegation of authentication, e.g. a proxy authenticates an entity to be authenticated on behalf of this entity vis-à-vis an authentication entity
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Power Engineering (AREA)
- Health & Medical Sciences (AREA)
- Biomedical Technology (AREA)
- General Health & Medical Sciences (AREA)
- Telephonic Communication Services (AREA)
Abstract
The invention discloses a service authentication method based on the triangle steadiness rule, and relates to the technical field of information safety. When the service authentication method is applied to service authentication, a service triangle which is composed of a service request terminal, a service server and an authentication server executes a unidirectional stable service request flow, an authentication triangle which is composed of an authentication server, a service request terminal and a trusted user terminal executes a unidirectional stable identity authentication flow, and when identity authentication succeeds, the service server is authorized to provide service for the service request terminal, and thus, service authentication initiated by the service request terminal is completed. According to the method, user identity information can be separated from the service request flow, and is prevented from interacting with the service request flow, the service server and communication thereof, all traditional attack means to steal user identity information are avoided in the flow configuration, and information safety in the service authentication process is ensured.
Description
Technical field
The present invention relates to field of information security technology, particularly, relate to a kind of service authentication method based on the firm rule of triangle.
Background technology
In network service procedure, except needs except interactive service requests/response message, also need interactive user identity information between user terminal and service server, to carry out authentication to the user of request service, prevent service from usurping.Traditional service authentication mode is transmission user identity information in same terminal, identical services server and identical conversational communication, and complete service authentication by the process of a cyclic, this service authentication process structure subjects to the attack being subject to following three kinds of traditional means: (1) user side is attacked, illegally virus is implanted in terminal, monitoring service verification process, reads subscriber identity information; (2) man-in-the-middle attack, obtains conversational communication power by fishing mode or communication hijack mode, from illegal communication session, obtains subscriber identity information; (3) server end is attacked, the database of attack traffic server, and batch obtains subscriber identity information.
For the problem of above-mentioned traditional services authentication mode, be necessary to provide a kind of novel service authentication method, can in service authentication process, avoid interactive user identity information in service request terminal, service server and their conversational communication, thus can evade from process structure the attack means that all tradition steal subscriber identity information, ensure the information security in service authentication process.
Summary of the invention
For the problem of aforementioned conventional service authentication mode, the invention provides a kind of service authentication method based on the firm rule of triangle, in service authentication process, by service request terminal, " business service triangle " that service server and certificate server are formed performs the se ce request procedure of one way stable, by certificate server, " authorization identifying triangle " that service request terminal and trust user terminal are formed performs the flow for authenticating ID of one way stable, finally authorize service server to service request Terminal for service when authentication success, thus complete the service authentication initiated by service request terminal.Subscriber identity information can be stripped out by described service authentication method from se ce request procedure, avoid and carry out alternately in service request terminal, service server and their conversational communication, thus can evade from process structure the attack means that all tradition steal subscriber identity information, ensure the information security in service authentication process.
The technical solution used in the present invention, provides a kind of service authentication method based on the firm rule of triangle, comprises the steps: that S101. service request terminal sets up the first conversational communication with service server, and service request information is sent to service server; S102. described service server sets up the second conversational communication with certificate server, and the QR code request message of the Session ID of the terminal identifier and described first conversational communication that comprise described service request terminal is sent to certificate server; S103. described certificate server sets up the 3rd conversational communication with described service request terminal according to the terminal identifier of described service request terminal, and the QR code message of the Session ID of the Session ID and described second conversational communication that comprise described first conversational communication is sent to described service request terminal; S104. described service request terminal shows described QR code message with image format, trust user terminal and obtain the Session ID of described first conversational communication and the Session ID of described 3rd conversational communication by scanning OR coding mode, described trust user terminal is the terminal in described certificate server end completing user registration; S105. described trust user terminal sets up the 4th conversational communication with described certificate server, and sends to described certificate server by comprising the Session ID of described first conversational communication, the Session ID of described second conversational communication and the OTA message of subscriber identity information; S106. described certificate server carries out authentication determination to the described subscriber identity information in described OTA message, if judgement authentication success, then according to the Session ID of described second conversational communication in described OTA message, contained the authorization of service message of described first Session ID to described service server feedback packet by described second conversational communication; S107. described service server is according to described first Session ID in described authorization of service message, by described first conversational communication to described service request terminal feedback service response message.Carry out in service authentication process at the described service authentication method of application, by service request terminal, " business service triangle " execution that service server and certificate server are formed is described by described step S101 to step S103, the se ce request procedure of one way stable, by certificate server, service request terminal and trust " authorization identifying triangle " that user terminal forms and perform that described step S104 to step S106 describes, the flow for authenticating ID of one way stable, finally authorize service server to service request Terminal for service when authentication success, thus complete the service authentication initiated by service request terminal.Subscriber identity information can be stripped out by this service authentication method from se ce request procedure, avoid and carry out alternately in service request terminal, service server and their conversational communication, thus can evade from process structure the attack means that all tradition steal subscriber identity information, ensure the information security in service authentication process.
Concrete, in described step S102, described service server sets up the second conversational communication with certificate server according to OAuth2.0 standard agreement.Utilize OAuth2.0 standard agreement can set up the close authorised channel of state between described service server and described certificate server, make the second conversational communication have high security, ensure the information security in service authentication process between service server and certificate server further.
Concrete, in described step S105, described trust user terminal sets up the 4th conversational communication with described certificate server according to ECC rivest, shamir, adelman and ssl protocol.Utilize ECC rivest, shamir, adelman and ssl protocol can set up the close certification passage of state between described trust user terminal and described certificate server, make the 4th conversational communication have high security, ensure in service authentication process the information security of trusting between user terminal and certificate server further.
Concrete, described subscriber identity information comprises by the user biological condition code information of trusting user terminal instantaneous acquiring/and the device hardware information of trusting user terminal.Described user biological condition code information is for carrying out the certification between user and certificate server, described device hardware information trusts the certification between user terminal and certificate server for carrying out, thus in authentication procedures, not only can carry out the certification between user and certificate server, can also carry out trusting the certification between user terminal and certificate server, guarantee the correctness of authentication, real to realize " Who Am I? I is exactly answer " certification theory.
Concrete further, described user biological condition code information is the combination in any of any one or they in finger print information, voiceprint and face information.
To sum up, adopt a kind of service authentication method based on the firm rule of triangle provided by the present invention, there is following beneficial effect: subscriber identity information can separate by (1) from se ce request procedure, avoid and carry out alternately in service request terminal, service server and their conversational communication, thus can evade from process structure the attack means that all tradition steal subscriber identity information, ensure the information security in service authentication process; (2) in authentication procedures, not only can carry out the certification between user and certificate server, can also carry out trusting the certification between user terminal and certificate server, guarantee the correctness of authentication, really to realize " Who Am I? I is exactly answer " certification theory.
Accompanying drawing explanation
In order to be illustrated more clearly in the embodiment of the present invention or technical scheme of the prior art, be briefly described to the accompanying drawing used required in embodiment or description of the prior art below, apparently, accompanying drawing in the following describes is only some embodiments of the present invention, for those of ordinary skill in the art, under the prerequisite not paying creative work, other accompanying drawing can also be obtained according to these accompanying drawings.
Fig. 1 is the schematic flow sheet of the service authentication method based on the firm rule of triangle provided by the invention.
Embodiment
Hereinafter with reference to accompanying drawing, describe the service authentication method based on the firm rule of triangle provided by the invention in detail by way of example.It should be noted that at this, the explanation for these way of example understands the present invention for helping, but does not form limitation of the invention.
Various technology described herein may be used for but be not limited to field of information security technology, can also be used for other similar field.
Term "and/or" herein, it is only a kind of incidence relation describing affiliated partner, three kinds of relations can be there are in expression, such as, A and/or B, can represent: individualism A, individualism B, there are A and B tri-kinds of situations simultaneously, term "/and " describes another kind of affiliated partner relation herein, and expression can exist two kinds of relations, such as, A/ and B, can represent: individualism A, individualism A and B two kinds of situations, in addition, character "/" herein, general expression forward-backward correlation is to liking a kind of "or" relation.
Embodiment one
Fig. 1 shows the schematic flow sheet of the service authentication method based on the firm rule of triangle provided by the invention.The described service authentication method based on the firm rule of triangle, comprises the steps.
S101. service request terminal sets up the first conversational communication with service server, and service request information is sent to service server.
In step S101, described service request terminal is be configured with display screen unit and can carry out user terminal that is wireless or wire communication with service server, it can receive the network english teaching (such as access network, network service such as login forum website or cloud platform etc.) from service server, such as PC, smart mobile phone, intelligent watch or panel computer etc.Described service server provides the equipment of network english teaching for service supplier side, such as, deposit the server of application website or operation cloud platform.
S102. described service server sets up the second conversational communication with certificate server, and the QR code request message of the Session ID of the terminal identifier and described first conversational communication that comprise described service request terminal is sent to certificate server.
In step s 102, described service server is after receiving described service request information, generate the QR code request message comprising the terminal identifier of described service request terminal and the Session ID of described first conversational communication immediately, then set up the second conversational communication with certificate server, described QR code request message is sent to described certificate server.Concrete, described service server sets up the second conversational communication with certificate server according to OAuth2.0 standard agreement.Utilize OAuth2.0 standard agreement can set up the close authorised channel of state between described service server and described TAC certificate server, make the second conversational communication have high security, ensure the information security in service authentication process between service server and certificate server further.As an example, as shown in Figure 1, described certificate server is TCA (TwoChannelAuthentication, binary channels certification) certificate server (a kind of certificate server realized with outer certification, both can produce and issuer as user identity mark at user's registration phase, also can as the judgement person of user identity), authentication determination can be carried out to subscriber identity information to be certified according to the subscriber identity information of registration, and when judging authentication success, authorize described service server to provide corresponding network english teaching for service request terminal.
S103. described certificate server sets up the 3rd conversational communication with described service request terminal according to the terminal identifier of described service request terminal, and the QR code message of the Session ID of the Session ID and described second conversational communication that comprise described first conversational communication is sent to described service request terminal.
In step s 103, described certificate server is after receiving described QR code request message, apply QR (QuickResponse immediately, fast reaction) Session ID of encryption algorithm to the Session ID of described first conversational communication and described second conversational communication carry out coded treatment, generate QR code (a kind of two-dimensional bar code, a large amount of digital information can be stored by coded system) message, then set up the second conversational communication with certificate server, described QR code request message is sent to described certificate server.
S104. described service request terminal shows described QR code message with image format, trust user terminal and from described QR code message, obtain the Session ID of described first conversational communication and the Session ID of described 3rd conversational communication by scanning OR coding mode, described trust user terminal is the terminal in described certificate server end completing user registration.
In step S104, described service request terminal, after receiving described QR code message, shows described QR code message with image format on display screen unit, such as two-dimentional QR code picture.Described trust user terminal is be configured with image unit and can carry out the user terminal of wire communication or radio communication, such as smart mobile phone, panel computer and notebook etc. with described certificate server.Described trust user terminal can be, but not limited to according to following scanning OR coding mode scanning QR code: the image unit first starting described trust user terminal, then scanning obtains the QR code image shown on the display screen unit of described service request terminal, finally by built-in QR decoding algorithm, described QR code image is decoded, obtain the Session ID of described first conversational communication and the Session ID of described 3rd conversational communication.
S105. described trust user terminal sets up the 4th conversational communication with described certificate server, and sends to described certificate server by comprising the Session ID of described first conversational communication, the Session ID of described second conversational communication and the OTA message of subscriber identity information.
In step S105, described trust user terminal is after the acquisition Session ID of described first conversational communication and the Session ID of described 3rd conversational communication, immediately the Session ID of described first conversational communication, the Session ID of described second conversational communication and subscriber identity information are encrypted, generation can be uploaded to the OTA (Onetrustauthentication of described certificate server, disposable dynamic authentication) message, then set up the 4th conversational communication with described certificate server, described OTA message is sent to described certificate server.Concrete, described trust user terminal sets up the 4th conversational communication with described certificate server according to ECC rivest, shamir, adelman and ssl protocol.Utilize ECC rivest, shamir, adelman and ssl protocol can set up the close certification passage of state between described trust user terminal and described TAC certificate server, make the 4th conversational communication have high security, ensure the information security in service authentication process further.
In step S105, concrete, described subscriber identity information comprises by the user biological condition code information of trusting user terminal instantaneous acquiring/and the device hardware information of trusting user terminal.Described user biological condition code information is for carrying out the certification between user and TCA certificate server, described device hardware information trusts the certification between user terminal and TCA certificate server for carrying out, thus in authentication procedures, not only can carry out the certification between user and TCA certificate server, can also carry out trusting the certification between user terminal and TCA certificate server, guarantee the correctness of authentication, real realization " Who Am I? I is exactly answer " certification theory (namely generate identity marks authority should and had by user oneself, who can judge the authority that Who Am I should and authorized by user).Concrete further, described user biological condition code information is the combination in any of any one or they in finger print information, voiceprint and face information.Described trust user terminal is also configured with the collecting unit with corresponding acquisition function and gathers described user biological condition code information, such as configure finger scan unit and gather finger print information, configuration recoding unit gathers voiceprint, and configuration image unit gathers face information.
S106. described certificate server carries out authentication determination to the described subscriber identity information in described OTA message, if judgement authentication success, then according to the Session ID of described second conversational communication in described OTA message, contained the authorization of service message of described first Session ID to described service server feedback packet by described second conversational communication.
In step s 106, described certificate server is after receiving described OTA message, immediately corresponding decryption processing is carried out to it, obtain the Session ID of described first conversational communication, the Session ID of described second conversational communication and subscriber identity information, then according to the subscriber identity information of described trust user terminal registration, authentication determination is carried out to the subscriber identity information in the described OTA message uploaded, if judgement authentication success, described service server is then allowed to provide corresponding network english teaching for described service request terminal, namely the second conversational communication is given for change according to the Session ID of described second conversational communication in described OTA message, contained the authorization of service message of described first Session ID to described service server feedback packet by described second conversational communication.
S107. described service server is according to described first Session ID in described authorization of service message, by described first conversational communication to described service request terminal feedback service response message.
In step s 107, described service server is after receiving described authorization of service message, the first conversational communication is given for change according to described first Session ID, by described first conversational communication to the service response message of described service request terminal feedback for described service request information, complete service authentication process.
Carry out in service authentication process at the described service authentication method of application, by service request terminal, " business service triangle " execution that service server and TCA certificate server are formed is described by described step S101 to step S103, the se ce request procedure of one way stable, by TCA certificate server, service request terminal and trust " authorization identifying triangle " that user terminal forms and perform that described step S104 to step S106 describes, the flow for authenticating ID of one way stable, finally authorize service server to service request Terminal for service when authentication success, thus complete the service authentication initiated by service request terminal.Subscriber identity information can be stripped out by this service authentication method from se ce request procedure, avoid and carry out alternately in service request terminal, service server and their conversational communication, thus can evade from process structure the attack means that all tradition steal subscriber identity information, ensure the information security in service authentication process.
To sum up, the service authentication method based on the firm rule of triangle that the present embodiment provides, there is following beneficial effect: subscriber identity information can separate by (1) from se ce request procedure, avoid and carry out alternately in service request terminal, service server and their conversational communication, thus can evade from process structure the attack means that all tradition steal subscriber identity information, ensure the information security in service authentication process; (2) in authentication procedures, not only can carry out the certification between user and TCA certificate server, can also carry out trusting the certification between user terminal and TCA certificate server, guarantee the correctness of authentication, really to realize " Who Am I? I is exactly answer " certification theory.
As mentioned above, the present invention can be realized preferably.For a person skilled in the art, according to instruction of the present invention, designing the multi-form service authentication method based on the firm rule of triangle does not need performing creative labour.Without departing from the principles and spirit of the present invention these embodiments changed, revise, replace, integrate and modification still falls within the scope of protection of the present invention.
Claims (5)
1. based on a service authentication method for the firm rule of triangle, it is characterized in that, comprise the steps:
S101. service request terminal sets up the first conversational communication with service server, and service request information is sent to service server;
S102. described service server sets up the second conversational communication with certificate server, and the QR code request message of the Session ID of the terminal identifier and described first conversational communication that comprise described service request terminal is sent to certificate server;
S103. described certificate server sets up the 3rd conversational communication with described service request terminal according to the terminal identifier of described service request terminal, and the QR code message of the Session ID of the Session ID and described second conversational communication that comprise described first conversational communication is sent to described service request terminal;
S104. described service request terminal shows described QR code message with image format, trust user terminal and obtain the Session ID of described first conversational communication and the Session ID of described 3rd conversational communication by scanning OR coding mode, described trust user terminal is the terminal in described certificate server end completing user registration;
S105. described trust user terminal sets up the 4th conversational communication with described certificate server, and sends to described certificate server by comprising the Session ID of described first conversational communication, the Session ID of described second conversational communication and the OTA message of subscriber identity information;
S106. described certificate server carries out authentication determination to the described subscriber identity information in described OTA message, if judgement authentication success, then according to the Session ID of described second conversational communication in described OTA message, contained the authorization of service message of described first Session ID to described service server feedback packet by described second conversational communication;
S107. described service server is according to described first Session ID in described authorization of service message, by described first conversational communication to described service request terminal feedback service response message.
2. a kind of service authentication method based on the firm rule of triangle as claimed in claim 1, is characterized in that, in described step S102, described service server sets up the second conversational communication with certificate server according to OAuth2.0 standard agreement.
3. a kind of service authentication method based on the firm rule of triangle as claimed in claim 1, it is characterized in that, in described step S105, described trust user terminal sets up the 4th conversational communication with described certificate server according to ECC rivest, shamir, adelman and ssl protocol.
4. a kind of service authentication method based on the firm rule of triangle as claimed in claim 1, is characterized in that, described subscriber identity information comprises by the user biological condition code information of trusting user terminal instantaneous acquiring/and the device hardware information of trusting user terminal.
5. a kind of service authentication method based on the firm rule of triangle as claimed in claim 4, is characterized in that, described user biological condition code information is the combination in any of any one or they in finger print information, voiceprint and face information.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510729095.5A CN105262762A (en) | 2015-10-30 | 2015-10-30 | Service authentication method based on triangle steadiness rule |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510729095.5A CN105262762A (en) | 2015-10-30 | 2015-10-30 | Service authentication method based on triangle steadiness rule |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN105262762A true CN105262762A (en) | 2016-01-20 |
Family
ID=55102267
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510729095.5A Pending CN105262762A (en) | 2015-10-30 | 2015-10-30 | Service authentication method based on triangle steadiness rule |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105262762A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116684109A (en) * | 2022-02-22 | 2023-09-01 | 中国移动通信集团设计院有限公司 | Identity authentication method and system based on zero trust technology |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102158483A (en) * | 2011-03-11 | 2011-08-17 | 青岛海信传媒网络技术有限公司 | Method and system for authenticating access of intelligent television, intelligent television and authentication server |
| US8141775B1 (en) * | 2011-06-24 | 2012-03-27 | American Express Travel Related Services Company, Inc. | Systems and methods for gesture-based interaction with computer systems |
| CN103500399A (en) * | 2013-10-25 | 2014-01-08 | 乐视网信息技术(北京)股份有限公司 | Method, device and system about smart television payment |
| CN103533392A (en) * | 2013-10-25 | 2014-01-22 | 乐视网信息技术(北京)股份有限公司 | Method, electronic device and system for logging in account |
| CN103780397A (en) * | 2014-02-25 | 2014-05-07 | 中国科学院信息工程研究所 | Multi-screen multi-factor WEB identity authentication method convenient and fast to implement |
| CN104580184A (en) * | 2014-12-29 | 2015-04-29 | 华中师范大学 | Identity authentication method for mutual-trust application systems |
-
2015
- 2015-10-30 CN CN201510729095.5A patent/CN105262762A/en active Pending
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102158483A (en) * | 2011-03-11 | 2011-08-17 | 青岛海信传媒网络技术有限公司 | Method and system for authenticating access of intelligent television, intelligent television and authentication server |
| US8141775B1 (en) * | 2011-06-24 | 2012-03-27 | American Express Travel Related Services Company, Inc. | Systems and methods for gesture-based interaction with computer systems |
| CN103500399A (en) * | 2013-10-25 | 2014-01-08 | 乐视网信息技术(北京)股份有限公司 | Method, device and system about smart television payment |
| CN103533392A (en) * | 2013-10-25 | 2014-01-22 | 乐视网信息技术(北京)股份有限公司 | Method, electronic device and system for logging in account |
| CN103780397A (en) * | 2014-02-25 | 2014-05-07 | 中国科学院信息工程研究所 | Multi-screen multi-factor WEB identity authentication method convenient and fast to implement |
| CN104580184A (en) * | 2014-12-29 | 2015-04-29 | 华中师范大学 | Identity authentication method for mutual-trust application systems |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116684109A (en) * | 2022-02-22 | 2023-09-01 | 中国移动通信集团设计院有限公司 | Identity authentication method and system based on zero trust technology |
| CN116684109B (en) * | 2022-02-22 | 2025-10-24 | 中国移动通信集团设计院有限公司 | Identity authentication method and system based on zero trust technology |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| KR101759193B1 (en) | Network authentication method for secure electronic transactions | |
| EP3454504B1 (en) | Service provider certificate management | |
| US10050791B2 (en) | Method for verifying the identity of a user of a communicating terminal and associated system | |
| CN113411187B (en) | Identity authentication method and system, storage medium and processor | |
| US11057195B2 (en) | Method and system for providing security for the first time a mobile device makes contact with a device | |
| CN110278084B (en) | eID establishment method, related equipment and system | |
| US10291588B2 (en) | Secure registration to a service provided by a web server | |
| WO2007039806A2 (en) | Method and arrangement for secure autentication | |
| CN109121135A (en) | Client registers and key sharing method, apparatus and system based on GBA | |
| KR20180013710A (en) | Public key infrastructure based service authentication method and system | |
| CN108848503B (en) | A kind of smart home dynamic encryption means of communication and system transmitted using merogenesis | |
| CN110999215A (en) | Secure Device Access Token | |
| CN113132977A (en) | Network distribution method, network distribution system and computer readable storage medium | |
| Laka et al. | User perspective and security of a new mobile authentication method | |
| CN112020716A (en) | Remote biometric identification | |
| CN113993127B (en) | Implementation method and device for one-key login service | |
| CN109150899B (en) | Mobile communication method and system for Internet of things | |
| CN103746802B (en) | A kind of data processing method and mobile phone based on arranging key | |
| CN114079921B (en) | Session key generation method, anchor point function network element and system | |
| CN103024735A (en) | Service access method and device for cardless terminal | |
| CN114158046B (en) | One-key login service implementation method and device | |
| CN118646545A (en) | Login ticket acquisition method, device, equipment and storage medium | |
| CN105262762A (en) | Service authentication method based on triangle steadiness rule | |
| Kerttula | A novel federated strong mobile signature service—The finnish case | |
| CN115941207B (en) | Signature authentication method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C41 | Transfer of patent application or patent right or utility model | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20160608 Address after: 200000, Room 305, 1501-6 Ying Ying Road, Shanghai, Zhabei District Applicant after: Shanghai Financial Cloud Service Group Security Technology Co., Ltd. Address before: 610000, No. 1, North 78, purple North Street, Chengdu hi tech Zone, Sichuan, 2 Applicant before: Sichuan Ningchao Technology Co., Ltd. |
|
| AD01 | Patent right deemed abandoned |
Effective date of abandoning: 20190104 |
|
| AD01 | Patent right deemed abandoned |