CN106953872B - A kind of method and apparatus of business authentication - Google Patents
A kind of method and apparatus of business authentication Download PDFInfo
- Publication number
- CN106953872B CN106953872B CN201710254432.9A CN201710254432A CN106953872B CN 106953872 B CN106953872 B CN 106953872B CN 201710254432 A CN201710254432 A CN 201710254432A CN 106953872 B CN106953872 B CN 106953872B
- Authority
- CN
- China
- Prior art keywords
- authentication
- seeds
- business
- dimensional code
- center
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/44—Program or device authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computing Systems (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The present invention provides a kind of method and apparatus of business authentication, can be improved safety when business authentication.The method of the embodiment of the present invention includes: service generation authentication seeds needed for selection, and the authentication seeds and authentication timeliness is sent to Authentication Center;The Authentication Center is obtained to be linked according to the two dimensional code that the authentication seeds generate;Two dimensional code link and the authentication seeds are sent to user terminal;It is linked in the user terminal according to the two dimensional code and user's seed in the Authentication Center completes authentication in the authentication timeliness, after marking the corresponding business interface of the authentication seeds to pass through certification so as to the Authentication Center, receives the certification that the Authentication Center returns and complete message;The business service condition of the Authentication Center push is received during business is carried out.
Description
Technical field
The present invention relates to field of computer technology more particularly to a kind of method and apparatus of business authentication.
Background technique
With the continuous development of internet and computer technology, more and more business under line by going on line.For use
Before family offer business, need first to verify the identity of user, to ensure service security.
The network authentication mode more often applied is mainly include the following types: first is that based on user name, password and additional at present
The authentication mode of check code;Second is that the authentication mode based on electronic key or U-shield;There are also one is the certifications based on biological characteristic
Mode, such as finger print identifying.
In realizing process of the present invention, at least there are the following problems in the prior art for inventor's discovery: (1) business is default
Visible for user, the use request of business is issued by user;When being desirable to provide new business, then need to use user
Software etc. is updated, and new business is added, complicated and time-consuming more;Further for the high occasion of security requirement, it is desirable to
User is asked only can just to get business interface when needed, to ensure that Information Security and controllability, the prior art can not reach
To this effect;It (2) is pre-generated preservation for the authority, such as password, electronic key, biological characteristic etc. of business authentication
, it is easy to happen the problems such as password is revealed, influences safety.
Summary of the invention
In view of this, the embodiment of the present invention provides a kind of method and apparatus of business authentication, when can be improved business authentication
Safety.
To achieve the above object, according to a first aspect of the embodiments of the present invention, a kind of method of business authentication is provided, is answered
For management end, comprising:
Service generation authentication seeds needed for selection, and the authentication seeds and authentication timeliness are sent to Authentication Center;
The Authentication Center is obtained to be linked according to the two dimensional code that the authentication seeds generate;
Two dimensional code link and the authentication seeds are sent to user terminal;
The user terminal linked according to the two dimensional code and the authentication seeds in the Authentication Center in the authentication
Authentication is completed in timeliness, so that the Authentication Center marks the corresponding business interface of the authentication seeds to pass through certification
Afterwards, it receives the certification that the Authentication Center returns and completes message;The Authentication Center push is received during business is carried out
Business service condition.
To achieve the above object, according to a second aspect of the embodiments of the present invention, a kind of method of business authentication is provided, is answered
For Authentication Center, comprising:
Authentication seeds and authentication timeliness that receiver management terminal is sent, service generation needed for selection;
Two dimensional code and the link of corresponding two dimensional code are generated according to the authentication seeds, and two dimensional code link is returned to
Management end;
Authentication is carried out to the user terminal according to the authentication seeds and authentication timeliness;
After determining that the user terminal completes authentication, marks the corresponding business interface of the authentication seeds to pass through and recognize
Card, and message is completed to the management end return authentication;
Record traffic service condition during business is carried out, and it is pushed to management end.
Optionally, authentication is carried out to the user terminal according to the authentication seeds and authentication timeliness, comprising:
It obtains the two-dimensional barcode information that the user terminal is got by the identification two dimensional code and is obtained from the management end
After authentication seeds, according to the certification factor of the two-dimensional barcode information and authentication seeds generation;
According to the authentication seeds and authentication timeliness, judge whether the certification factor meets authentication condition.
To achieve the above object, according to a third aspect of the embodiments of the present invention, a kind of method of business authentication is provided, is answered
For user terminal, comprising:
Authentication seeds that receiver management terminal is sent, service generation needed for selection and Authentication Center are according to the certification kind
Two dimensional code link that is that son generates and returning to the management end;
Identify that the two dimensional code links corresponding two dimensional code;
Authentication is carried out according to the authentication seeds and the two dimensional code and the Authentication Center, so as in the authentication
The heart marks the corresponding business interface of the authentication seeds to pass through certification after determining and completing authentication, and to the management
Return authentication is held to complete message;
Regular check authentication state obtains the corresponding business interface of the authentication seeds when determination has passed through certification.
Optionally, authentication is carried out according to the authentication seeds and the two dimensional code and the Authentication Center, comprising:
Identify the two dimensional code to obtain two-dimensional barcode information;
According to the authentication seeds, biological identification is locally completed;
The certification factor is generated according to the two-dimensional barcode information and the authentication seeds, and is sent to the Authentication Center and carries out
Authentication.
To achieve the above object, according to a fourth aspect of the embodiments of the present invention, a kind of device of business authentication is provided, is wrapped
It includes:
Authentication seeds generation module, for selecting required service generation authentication seeds, and by the authentication seeds and mirror
Temporary effect is sent to Authentication Center;
The first receiving module of management end, the two dimensional code chain generated for obtaining the Authentication Center according to the authentication seeds
It connects;
Management end sending module, for two dimensional code link and the authentication seeds to be sent to user terminal;
The second receiving module of management end, for the user terminal linked according to the two dimensional code and the authentication seeds in
The Authentication Center completes authentication in the authentication timeliness, so that the Authentication Center marks the authentication seeds corresponding
Business interface passed through certification after, receive the certification that the Authentication Center returns and complete message;
Management end third receiving module, the business for receiving the Authentication Center push during business is carried out use
Situation.
To achieve the above object, according to a fifth aspect of the embodiments of the present invention, a kind of device of business authentication is provided, is wrapped
It includes:
Authentication Center receiving module, authentication seeds and authentication that receiver management terminal is sent, service generation needed for selection
Timeliness;
The first sending module of Authentication Center generates two dimensional code according to the authentication seeds and corresponding two dimensional code links, and
Two dimensional code link is returned into management end;
Authentication module, for carrying out authentication to the user terminal according to the authentication seeds and authentication timeliness;
The second sending module of Authentication Center, for marking the certification after determining that the user terminal completes authentication
The corresponding business interface of seed has passed through certification, and completes message to the management end return authentication;
Operating audit module for record traffic service condition during business is carried out, and is pushed to management end.
Optionally, the authentication module is also used to: obtaining the user terminal by identifying that the two dimensional code gets two dimension
Code information and after obtaining authentication seeds from the management end, the certification generated according to the two-dimensional barcode information and the authentication seeds
The factor;According to the authentication seeds and authentication timeliness, judge whether the certification factor meets authentication condition.
To achieve the above object, according to a sixth aspect of the embodiments of the present invention, a kind of device of business authentication is provided, is wrapped
It includes:
The first receiving module of user terminal sends for receiver management terminal, selects the authentication seeds of required service generation
Two dimensional code link that is being generated with Authentication Center according to the authentication seeds and returning to the management end;
Two dimensional code identification module, the two dimensional code links corresponding two dimensional code for identification;
Business authentication module is recognized for carrying out identity with the Authentication Center according to the authentication seeds and the two dimensional code
Card marks the corresponding business interface of the authentication seeds to pass through so that the Authentication Center is after determining completion authentication
Certification, and message is completed to the management end return authentication;
Business obtains module, is used for regular check authentication state, when determination has passed through certification, obtains the authentication seeds
Corresponding business interface.
Optionally, the business authentication module is also used to: identifying the two dimensional code to obtain two-dimensional barcode information;According to described
Authentication seeds locally complete biological identification;The certification factor is generated according to the two-dimensional barcode information and the authentication seeds, concurrently
It send to the Authentication Center and carries out authentication.
One embodiment in foregoing invention has the following advantages that or the utility model has the advantages that starts industry by management end because using
Business verification process, just solves from Authentication Center to the technological means of user terminal transmission service interface after the completion of business authentication
Business is that user is visible, the technical issues of can not issuing as needed or hide business in the prior art, has reached raising industry
The technical effect of flexibility, service security is issued in business.
Further effect possessed by above-mentioned non-usual optional way adds hereinafter in conjunction with specific embodiment
With explanation.
Detailed description of the invention
Attached drawing for a better understanding of the present invention, does not constitute an undue limitation on the present invention.Wherein:
Fig. 1 is the schematic diagram of the key step of the method for business authentication according to a first embodiment of the present invention;
Fig. 2 is the schematic diagram of the key step of the method for business authentication according to a second embodiment of the present invention;
Fig. 3 is the schematic diagram of the key step of the method for business authentication according to a third embodiment of the present invention;
Fig. 4 is the schematic diagram of the main modular of the device of business authentication according to a fourth embodiment of the present invention;
Fig. 5 is the schematic diagram of the main modular of the device of business authentication according to a fifth embodiment of the present invention;
Fig. 6 is the schematic diagram of the main modular of the device of business authentication according to a sixth embodiment of the present invention;
Fig. 7 is the time diagram of the main component function of the system of business authentication according to a seventh embodiment of the present invention.
Specific embodiment
Below in conjunction with attached drawing, an exemplary embodiment of the present invention will be described, including the various of the embodiment of the present invention
Details should think them only exemplary to help understanding.Therefore, those of ordinary skill in the art should recognize
It arrives, it can be with various changes and modifications are made to the embodiments described herein, without departing from scope and spirit of the present invention.Together
Sample, for clarity and conciseness, descriptions of well-known functions and structures are omitted from the following description.
First embodiment
Fig. 1 is the schematic diagram of the key step of the method for business authentication according to a first embodiment of the present invention.
As shown in Figure 1, first embodiment of the invention provides a kind of method of business authentication, it is applied to management end and (has pipe
Permission is managed, the terminal of issuing service is capable of), comprising:
S10 selects required service generation authentication seeds, and the authentication seeds and authentication timeliness is sent in authentication
The heart.Authentication seeds are after selecting the information such as task specified object (such as a certain user name), type of service by administrator, by managing
End automatically generates, and the task that can further include specifies biometric information (such as fingerprint, iris information, the face of object
Portion's identification information etc.), and encryption seed for communication encryption etc..Authenticating timeliness is a preset time span, for
Authentication Center controls the total time-consuming maximum value of user terminal finishing service identifying procedure, when user terminal is not completed in authentication timeliness
When business authentication, it is determined that the publication failure of this subtask.
S11 obtains institute's Authentication Center and is linked according to the two dimensional code that the authentication seeds generate.Authentication Center can be according to certification
Seed, generate include authentication seeds information two dimensional code, and uniquely corresponding two dimensional code links with the two dimensional code, and by two
It ties up code link and returns to management end.
Two dimensional code link and the authentication seeds are sent to user terminal by S12.
S13, the user terminal linked according to the two dimensional code and the authentication seeds in the Authentication Center described
It authenticates and completes authentication in timeliness, recognize so that the Authentication Center marks the corresponding business interface of the authentication seeds to pass through
After card, receives the certification that the Authentication Center returns and complete message.Wherein, business interface refers to that user terminal is used to orientation business
Entrance, such as can be a page link.
S14 receives the business service condition of the Authentication Center push during business is carried out.In the Authentication Center
After carrying out business authentication and certification with the user terminal during realization business, whenever Authentication Center and user terminal
Primary more important communication is carried out, when advancing operation flow, Authentication Center returns to the progress letter of business authentication to management end
Breath, so that management end supervises this business process.
From the above it can be seen that the technical solution of the embodiment of the present invention, starts business by management end because using
Verification process solves existing just from Authentication Center to the technological means of user terminal transmission service interface after the completion of business authentication
Business is that user is visible, the technical issues of can not issuing as needed or hide business in technology, has reached raising business
Issue the technical effect of flexibility, service security.
Second embodiment
Fig. 2 is the schematic diagram of the key step of the method for business authentication according to a second embodiment of the present invention;
As shown in Fig. 2, second embodiment of the invention provides a kind of method of business authentication, it is applied to Authentication Center, comprising:
S20, authentication seeds and authentication timeliness that receiver management terminal is sent, service generation needed for selection.Authentication seeds
It is after selecting the information such as task specified object (such as a certain user name), type of service by administrator, to be automatically generated by management end
, the task that can further include specifies biometric information (such as fingerprint, iris information, the facial recognition information of object
Deng), and encryption seed for communication encryption etc..Authenticating timeliness is a preset time span, for Authentication Center control
The total time-consuming maximum value of user terminal finishing service identifying procedure processed, when the user terminal not finishing service certification in authentication timeliness
When, it is determined that the publication failure of this subtask.
S21 generates two dimensional code according to the authentication seeds and corresponding two dimensional code links, and two dimensional code link is returned
Back to management end.Authentication Center can according to authentication seeds, generate include authentication seeds information two dimensional code, and with the two dimension
The unique corresponding two dimensional code link of code, and two dimensional code is linked and returns to management end.
S22 carries out authentication to the user terminal according to the authentication seeds and authentication timeliness.
S23 marks the corresponding business interface of the authentication seeds to lead to after determining that the user terminal completes authentication
Certification is crossed, and completes message to the management end return authentication.Wherein, business interface refers to that user terminal is used to entering for orientation business
Mouthful, such as can be a page link.
S24, record traffic service condition during business is carried out, and it is pushed to management end.The Authentication Center with
The user terminal carries out after business authentication and certification during realization business, whenever Authentication Center and user terminal into
The primary more important communication of row, when advancing operation flow, Authentication Center returns to the progress msg of business authentication to management end,
So that management end supervises this business process.
In some alternative embodiments, S22 carries out the user terminal according to the authentication seeds and authentication timeliness
Authentication, comprising: obtain the user terminal by identifying two-dimensional barcode information that the two dimensional code is got and from the management
After end obtains authentication seeds, according to the certification factor of the two-dimensional barcode information and authentication seeds generation;According to the certification
Seed and authentication timeliness, judge whether the certification factor meets authentication condition.The certification factor includes user terminal for certification kind
Match condition, user terminal in sub comprising information are locally carrying out the performance of other Additional Verification modes etc. information, recognize
The card factor is considered as user terminal after parsing authentication seeds, for the answer that the information for including in authentication seeds is carried out, mirror
Power center according to compare authentication seeds and authenticate the factor in corresponding informance, that is, can determine whether user terminal whether can finishing service recognize
Card.
From the above it can be seen that the technical solution of the embodiment of the present invention, starts business by management end because using
Verification process solves existing just from Authentication Center to the technological means of user terminal transmission service interface after the completion of business authentication
Business is that user is visible, the technical issues of can not issuing as needed or hide business in technology, has reached raising business
Issue the technical effect of flexibility, service security.
3rd embodiment
Fig. 3 is the schematic diagram of the key step of the method for business authentication according to a third embodiment of the present invention.
As shown in figure 3, third embodiment of the invention provides a kind of method of business authentication, it is applied to user terminal, comprising:
S30, authentication seeds that receiver management terminal is sent, service generation needed for selection and Authentication Center are recognized according to
Two dimensional code link that is that card seed generates and returning to the management end.Authentication seeds are to select task by administrator to specify object
It after the information such as (such as a certain user name), type of service, is automatically generated by management end, it is specified to can further include task
The biometric information (such as fingerprint, iris information, facial recognition information etc.) of object, and the encryption kind for communication encryption
Son etc..Authentication Center can generate the two dimensional code comprising authentication seeds information, and unique with the two dimensional code according to authentication seeds
Corresponding two dimensional code link, and two dimensional code is linked and returns to management end.
S31 identifies that the two dimensional code links corresponding two dimensional code.It can be the browser using user terminal itself, it can also
To be the browser using external equipment, as long as successful request can be linked according to the two dimensional code to the two dimensional code.
S32 carries out authentication according to the authentication seeds and the two dimensional code and the Authentication Center, so as to the mirror
Power center marks the corresponding business interface of the authentication seeds to pass through certification after determining and completing authentication, and to described
Management end return authentication completes message.Business interface refers to that user terminal is used to the entrance of orientation business, such as can be a page
Face link.
In some alternative embodiments, S32, according to the authentication seeds and the two dimensional code and the Authentication Center
Carry out authentication, comprising: identify the two dimensional code to obtain two-dimensional barcode information;According to the authentication seeds, in local completion
Biological identification, it is ensured that be that user is operating;The certification factor is generated according to the two-dimensional barcode information and the authentication seeds, and
It is sent to the Authentication Center and carries out authentication.The certification factor include user terminal for include in authentication seeds information matching
Situation, user terminal are locally carrying out the performance of other Additional Verification modes etc. information, authenticate the factor and are considered as user
End is after parsing authentication seeds, and for the answer that the information for including in authentication seeds is carried out, Authentication Center is authenticated according to comparison
Corresponding informance in seed and the certification factor can determine whether user terminal being capable of finishing service certification.
In the previous embodiments it has been noted that business seed may include task specify object biometric information (such as
Fingerprint, iris information, facial recognition information etc.), and user terminal needs locally complete verifying according to these biometric informations,
So it has ensured that the current holder of user terminal is user, has further improved safety when authentication business, it can
Effectively business information to be avoided to reveal.
From the above it can be seen that the technical solution of the embodiment of the present invention, starts business by management end because using
Verification process solves existing just from Authentication Center to the technological means of user terminal transmission service interface after the completion of business authentication
Business is that user is visible, the technical issues of can not issuing as needed or hide business in technology, has reached raising business
Issue the technical effect of flexibility, service security;Because solving existing skill by the way of biometric information certification
Art certification authority be it is default, the problem of safety deficiency has reached the technical effect for further increasing service security.
Fourth embodiment
Fig. 4 is the schematic diagram of the main modular of the device of business authentication according to a fourth embodiment of the present invention.
As shown in figure 4, fourth embodiment of the invention provides a kind of device 40 of business authentication, it is applied to management end, including
Authentication seeds generation module 401, the first receiving module of management end 402, management end sending module 403, management end second receive mould
Block 404 and management end third receiving module 405, in which: authentication seeds generation module 401, for selecting required service generation
Authentication seeds, and the authentication seeds and authentication timeliness are sent to Authentication Center;The first receiving module of management end 402, is used for
The Authentication Center is obtained to be linked according to the two dimensional code that the authentication seeds generate;Management end sending module 403, being used for will be described
Two dimensional code link and the authentication seeds are sent to user terminal;The second receiving module of management end 404, in the user terminal root
Authentication is completed in the authentication timeliness in the Authentication Center according to two dimensional code link and the authentication seeds, so as to
After the Authentication Center marks the corresponding business interface of the authentication seeds to pass through certification, receive what the Authentication Center returned
Message is completed in certification;Management end third receiving module 405, for receiving the Authentication Center push during business is carried out
Business service condition.
From the above it can be seen that the technical solution of the embodiment of the present invention, starts business by management end because using
Verification process solves existing just from Authentication Center to the technological means of user terminal transmission service interface after the completion of business authentication
Business is that user is visible, the technical issues of can not issuing as needed or hide business in technology, has reached raising business
Issue the technical effect of flexibility, service security.
5th embodiment
Fig. 5 is the schematic diagram of the main modular of the device of business authentication according to a fifth embodiment of the present invention.
As shown in figure 5, fourth embodiment of the invention provides a kind of device 50 of business authentication, it is applied to Authentication Center, packet
It includes Authentication Center receiving module 501, the first sending module of Authentication Center 502, authentication module 503, Authentication Center second and sends mould
Block 504 and operating audit module 505;Wherein: Authentication Center receiving module 501, industry needed for receiver management terminal is sent, selection
The authentication seeds generated of being engaged in and authentication timeliness;The first sending module of Authentication Center 502 generates two dimensional code according to the authentication seeds
It is linked with corresponding two dimensional code, and two dimensional code link is returned into management end;Authentication module 503, for recognizing according to
It demonstrate,proves seed and authentication timeliness and authentication is carried out to the user terminal;The second sending module of Authentication Center 504, for determining
It states after user terminal completes authentication, the corresponding business interface of the authentication seeds is marked to pass through certification, and to the management
Return authentication is held to complete message;Operating audit module 505 for record traffic service condition during business is carried out, and pushes away
Give management end.
In some alternative embodiments, the authentication module 503 is also used to: being obtained the user terminal and is passed through identification institute
It states after two dimensional code gets two-dimensional barcode information and obtain authentication seeds from the management end, according to the two-dimensional barcode information and described
The certification factor that authentication seeds generate;According to the authentication seeds and authentication timeliness, judge whether the certification factor meets mirror
Power condition.
From the above it can be seen that the technical solution of the embodiment of the present invention, starts business by management end because using
Verification process solves existing just from Authentication Center to the technological means of user terminal transmission service interface after the completion of business authentication
Business is that user is visible, the technical issues of can not issuing as needed or hide business in technology, has reached raising business
Issue the technical effect of flexibility, service security.
Sixth embodiment
Fig. 6 is the schematic diagram of the main modular of the device of business authentication according to a sixth embodiment of the present invention.
As shown in fig. 6, a kind of device 60 of business authentication of the embodiment of the present invention, is applied to user terminal, including user terminal
First receiving module 601, two dimensional code identification module 602, business authentication module 603 and business obtain module 604, in which: user
The first receiving module 601 is held, is sent for receiver management terminal, selects the authentication seeds and Authentication Center of required service generation
Two dimensional code link that is being generated according to the authentication seeds and returning to the management end;Two dimensional code identification module 602, for identification
The two dimensional code links corresponding two dimensional code;Business authentication module 603, for according to the authentication seeds and the two dimensional code with
The Authentication Center carries out authentication, so that the Authentication Center is after determining completion authentication, marks the certification kind
The corresponding business interface of son has passed through certification, and completes message to the management end return authentication;Business obtains module 604, uses
The corresponding business interface of the authentication seeds is obtained when determination has passed through certification in regular check authentication state.
In some alternative embodiments, the business authentication module 603 is also used to: identifying the two dimensional code to obtain two
Tie up code information;According to the authentication seeds, biological identification is locally completed;According to the two-dimensional barcode information and the authentication seeds
The certification factor is generated, and is sent to the Authentication Center and carries out authentication.
From the above it can be seen that the technical solution of the embodiment of the present invention, starts business by management end because using
Verification process solves existing just from Authentication Center to the technological means of user terminal transmission service interface after the completion of business authentication
Business is that user is visible, the technical issues of can not issuing as needed or hide business in technology, has reached raising business
Issue the technical effect of flexibility, service security;Because solving existing skill by the way of biometric information certification
Art certification authority be it is default, the problem of safety deficiency has reached the technical effect for further increasing service security.
7th embodiment
Fig. 7 is the time diagram of the main component function of the system of business authentication according to a seventh embodiment of the present invention.
As shown in fig. 7, the embodiment of the present invention also provides a kind of system of business authentication, including authorized administrator APP, authorization
Center, user APP and user browser.System is for completing following identifying procedure:
1. administrator selects to need open business;
2. administrator APP automatically generates certification Seed value, and Seed value and validity period are sent to authorization center.In authorization
The heart generates interim and unique certification URL and corresponding two dimensional code after receiving the certification Seed value that administrator APP is sent;And it will
URL returns to administrator APP;
3. administrator is as needed, selection needs the user using service, and administrator APP issues certification Seed automatically at this time
Give user APP;
4. administrator is sent to user for URL is authenticated;
5. user opens the URL received in a browser, the two dimensional code of certification is showed in the page;
6. user scans the two-dimensional code according to the authorization prompt of the page, with APP and identifies authentication content therein;
7.APP prompt user needs to verify fingerprint;
8. after fingerprint authentication passes through, APP generates the certification factor according to QR code content, certification Seed and submits to authorization center
Verifying;
9. authorization center authentication verification information, return authentication result is to APP;
10. for the user that passes through of certification, then the transmission service Portal page;It should be noted that pushing here
The Portal page is not intended to be pushed to specific browser, in terms of Project Realization, step 5 open this two dimensional code URL its
Authentication Center can be periodically gone to detect authentication state in fact, after certification passes through, browser will automatically be obtained business service
To and show, therefore, essence is that browser goes to obtain;As for which kind of browser used, if use the browsing of user terminal
Device does not need then to be limited.
11. authorization center notifies administrator, selected user to pass through certification, start access service;
12. monitoring user behavior during executing access service according to preset rules and generating behavior auditing message
Return to administrator.
Additional description:
In step 8, subsequent identifying procedure is not continued to if fingerprint authentication failure;
In step 9, if authorization center authentication failed, user's APP authentification failure is returned to.
Above-mentioned specific embodiment, does not constitute a limitation on the scope of protection of the present invention.Those skilled in the art should be bright
It is white, design requirement and other factors are depended on, various modifications, combination, sub-portfolio and substitution can occur.It is any
Made modifications, equivalent substitutions and improvements etc. within the spirit and principles in the present invention, should be included in the scope of the present invention
Within.
Claims (10)
1. a kind of method of business authentication, which is characterized in that be applied to management end, comprising:
Service generation authentication seeds needed for selection, and the authentication seeds and authentication timeliness are sent to Authentication Center;
The Authentication Center is obtained to be linked according to the two dimensional code that the authentication seeds generate;
Two dimensional code link and the authentication seeds are sent to user terminal;
The user terminal linked according to the two dimensional code and the authentication seeds in the Authentication Center in the authentication timeliness
Interior completion authentication connects after marking the corresponding business interface of the authentication seeds to pass through certification so as to the Authentication Center
It receives the certification that the Authentication Center returns and completes message;
The business service condition of the Authentication Center push is received during business is carried out.
2. a kind of method of business authentication, which is characterized in that be applied to Authentication Center, comprising:
Authentication seeds and authentication timeliness that receiver management terminal is sent, according to required service generation;
Two dimensional code and the link of corresponding two dimensional code are generated according to the authentication seeds, and two dimensional code link is returned into management
End;
Authentication is carried out to user terminal according to the authentication seeds and authentication timeliness;
After determining that the user terminal completes authentication, the corresponding business interface of the authentication seeds is marked to pass through certification,
And message is completed to the management end return authentication;
Record traffic service condition during business is carried out, and it is pushed to management end.
3. according to the method described in claim 2, it is characterized in that, according to the authentication seeds and authentication timeliness to the user
End carries out authentication, comprising:
It obtains the two-dimensional barcode information that the user terminal is got by the identification two dimensional code and is obtained from the management end and authenticated
After seed, according to the certification factor of the two-dimensional barcode information and authentication seeds generation;
According to the authentication seeds and authentication timeliness, judge whether the certification factor meets authentication condition.
4. a kind of method of business authentication, which is characterized in that be applied to user terminal, comprising:
Authentication seeds that receiver management terminal is sent, service generation needed for selection and Authentication Center are raw according to the authentication seeds
At and return to the management end two dimensional code link;
Identify that the two dimensional code links corresponding two dimensional code;
Authentication is carried out according to the authentication seeds and the two dimensional code and the Authentication Center, so that the Authentication Center exists
It determines after completing authentication, marks the corresponding business interface of the authentication seeds to pass through certification, and return to the management end
It returns certification and completes message;
Regular check authentication state obtains the corresponding business interface of the authentication seeds when determination has passed through certification.
5. according to the method described in claim 4, it is characterized in that, according to the authentication seeds and the two dimensional code and the mirror
Power center carries out authentication, comprising:
Identify the two dimensional code to obtain two-dimensional barcode information;
According to the authentication seeds, biological identification is locally completed, it is ensured that be that user is operating;
The certification factor is generated according to the two-dimensional barcode information and the authentication seeds, and is sent to the Authentication Center and carries out identity
Certification.
6. a kind of device of business authentication characterized by comprising
Authentication seeds generation module, for selecting required service generation authentication seeds, and when by the authentication seeds and authentication
Effect is sent to Authentication Center;
The first receiving module of management end is linked for obtaining the Authentication Center according to the two dimensional code that the authentication seeds generate;
Management end sending module, for two dimensional code link and the authentication seeds to be sent to user terminal;
The second receiving module of management end is used to be linked in the user terminal according to the two dimensional code and the authentication seeds is in described
Authentication Center completes authentication in the authentication timeliness, so that the Authentication Center marks the corresponding industry of the authentication seeds
After business interface has passed through certification, receives the certification that the Authentication Center returns and complete message;
Management end third receiving module, the business for receiving the Authentication Center push during business is carried out use feelings
Condition.
7. a kind of device of business authentication characterized by comprising
Authentication Center receiving module, authentication seeds and authentication timeliness that receiver management terminal is sent, according to required service generation;
The first sending module of Authentication Center generates two dimensional code and corresponding two dimensional code according to the authentication seeds and links, and by institute
It states two dimensional code link and returns to management end;
Authentication module, for carrying out authentication to user terminal according to the authentication seeds and authentication timeliness;
The second sending module of Authentication Center, for marking the authentication seeds after determining that the user terminal completes authentication
Corresponding business interface has passed through certification, and completes message to the management end return authentication;
Operating audit module for record traffic service condition during business is carried out, and is pushed to management end.
8. device according to claim 7, which is characterized in that the authentication module is also used to: it is logical to obtain the user terminal
Cross identify the two dimensional code get two-dimensional barcode information and from the management end obtain authentication seeds after, according to the two dimensional code believe
The certification factor that breath and the authentication seeds generate;According to the authentication seeds and authentication timeliness, judge that the certification factor is
It is no to meet authentication condition.
9. a kind of device of business authentication characterized by comprising
The first receiving module of user terminal, authentication seeds and mirror sent for receiver management terminal, service generation needed for selection
Two dimensional code link that is that power center is generated according to the authentication seeds and returning to the management end;
Two dimensional code identification module, the two dimensional code links corresponding two dimensional code for identification;
Business authentication module, for carrying out authentication according to the authentication seeds and the two dimensional code and the Authentication Center,
So that the Authentication Center is after determining completion authentication, marks the corresponding business interface of the authentication seeds to pass through and recognize
Card, and message is completed to the management end return authentication;
Business obtains module, is used for regular check authentication state, and when determination has passed through certification, it is corresponding to obtain the authentication seeds
Business interface.
10. device according to claim 9, which is characterized in that the business authentication module is also used to: identifying the two dimension
Code is to obtain two-dimensional barcode information;According to the authentication seeds, biological identification is locally completed;According to the two-dimensional barcode information and institute
It states authentication seeds and generates the certification factor, and be sent to the Authentication Center and carry out authentication.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710254432.9A CN106953872B (en) | 2017-04-18 | 2017-04-18 | A kind of method and apparatus of business authentication |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710254432.9A CN106953872B (en) | 2017-04-18 | 2017-04-18 | A kind of method and apparatus of business authentication |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN106953872A CN106953872A (en) | 2017-07-14 |
| CN106953872B true CN106953872B (en) | 2019-08-16 |
Family
ID=59476312
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201710254432.9A Active CN106953872B (en) | 2017-04-18 | 2017-04-18 | A kind of method and apparatus of business authentication |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN106953872B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115082224A (en) * | 2022-07-08 | 2022-09-20 | 中国银行股份有限公司 | Identity authentication method, device, electronic device and computer storage medium |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101436280A (en) * | 2008-12-15 | 2009-05-20 | 北京华大智宝电子系统有限公司 | Method and system for implementing electronic payment of mobile terminal |
| CN101482962A (en) * | 2009-02-26 | 2009-07-15 | 北控易码通(北京)科技有限公司 | Service data processing terminal and service data processing method |
| CN102208923A (en) * | 2011-05-19 | 2011-10-05 | 中国联合网络通信集团有限公司 | Application-type service management method of near filed communication intelligent card and system thereof |
| CN103236935A (en) * | 2013-05-21 | 2013-08-07 | 北京梅泰诺电子商务有限公司 | Two-dimension code user registration certification system and method thereof |
| CN103297231A (en) * | 2012-03-01 | 2013-09-11 | 盛大计算机(上海)有限公司 | Identity authentication method and system |
| WO2014182957A1 (en) * | 2013-05-08 | 2014-11-13 | Acuity Systems, Inc. | Authentication system |
| CN106230594A (en) * | 2016-07-22 | 2016-12-14 | 浪潮通用软件有限公司 | Method for user authentication based on dynamic password |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8756651B2 (en) * | 2011-09-27 | 2014-06-17 | Amazon Technologies, Inc. | Policy compliance-based secure data access |
| WO2014106031A1 (en) * | 2012-12-28 | 2014-07-03 | Vasco Data Security, Inc. | Remote authentication and transaction signatures |
-
2017
- 2017-04-18 CN CN201710254432.9A patent/CN106953872B/en active Active
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101436280A (en) * | 2008-12-15 | 2009-05-20 | 北京华大智宝电子系统有限公司 | Method and system for implementing electronic payment of mobile terminal |
| CN101482962A (en) * | 2009-02-26 | 2009-07-15 | 北控易码通(北京)科技有限公司 | Service data processing terminal and service data processing method |
| CN102208923A (en) * | 2011-05-19 | 2011-10-05 | 中国联合网络通信集团有限公司 | Application-type service management method of near filed communication intelligent card and system thereof |
| CN103297231A (en) * | 2012-03-01 | 2013-09-11 | 盛大计算机(上海)有限公司 | Identity authentication method and system |
| WO2014182957A1 (en) * | 2013-05-08 | 2014-11-13 | Acuity Systems, Inc. | Authentication system |
| CN103236935A (en) * | 2013-05-21 | 2013-08-07 | 北京梅泰诺电子商务有限公司 | Two-dimension code user registration certification system and method thereof |
| CN106230594A (en) * | 2016-07-22 | 2016-12-14 | 浪潮通用软件有限公司 | Method for user authentication based on dynamic password |
Also Published As
| Publication number | Publication date |
|---|---|
| CN106953872A (en) | 2017-07-14 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN107172008B (en) | A kind of system and method carrying out multisystem certification and synchronization in a mobile device | |
| CN107079034B (en) | Identity authentication method, terminal equipment, authentication server and electronic equipment | |
| CN110149328B (en) | Interface authentication method, device, equipment and computer readable storage medium | |
| CN101742499B (en) | Account number protection system for mobile communication equipment terminal and application method thereof | |
| CN105827573B (en) | System, method and the relevant apparatus of internet of things equipment strong authentication | |
| CN109150541B (en) | Authentication system and working method thereof | |
| TW201741922A (en) | Biometric-based safety authentication method and device | |
| US20140329497A1 (en) | Smartdevices Enabled Secure Access to Multiple Entities (SESAME) | |
| CN109583181A (en) | A kind of authentication method, device and machine readable storage medium | |
| CN103544746A (en) | Electronic access control system of dynamic bar code | |
| CN103825871A (en) | Authentication system and emission terminal, reception terminal and authority authentication method thereof | |
| CN101087193A (en) | New method for using the mobile number bond with account for identity identification | |
| CN103986584A (en) | Double-factor identity verification method based on intelligent equipment | |
| CN115842680B (en) | Network identity authentication management method and system | |
| CN104125230B (en) | A kind of short message certification service system and authentication method | |
| CN104424676A (en) | Identity information sending method, identity information sending device, access control card reader and access control system | |
| CN103024706A (en) | Short message based device and short message based method for bidirectional multiple-factor dynamic identity authentication | |
| CN102868702A (en) | System login device and system login method | |
| CN110740140A (en) | network information security supervision system based on cloud platform | |
| CN104469736B (en) | A kind of data processing method, server and terminal | |
| CN106982430A (en) | A kind of portal authentication method and system based on user's use habit | |
| CN102413146B (en) | Client authorized logon method based on dynamic codes | |
| CN112383401A (en) | User name generation method and system for providing identity authentication service | |
| CN106953872B (en) | A kind of method and apparatus of business authentication | |
| CN103428191A (en) | Single sign on method based on combination of CAS framework and fingerprint |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| CB02 | Change of applicant information | ||
| CB02 | Change of applicant information |
Address after: 100083 room 6, floor 708, No. 1, No. 1, North Beach a, Chaoyang District, Beijing Applicant after: BEIJING ABLOOMY TECHNOLOGIES, Inc. Address before: 100083 room 6, floor 708, No. 1, No. 1, North Beach a, Chaoyang District, Beijing Applicant before: BEIJING ABLOOMY TECHNOLOGY Co.,Ltd. |
|
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20231124 Address after: Room 307, 3rd Floor, Building 1-5, No.1 Beishatan A, Chaoyang District, Beijing, 100083 Patentee after: Beijing Heyun Shengxing Technology Co.,Ltd. Address before: Room 708, 6 / F, building 1, No.1, Beisha beach, Chaoyang District, Beijing 100083 Patentee before: BEIJING ABLOOMY TECHNOLOGIES, Inc. |