CN109409078A - A kind of solution of the local more accounts of browser-cross signature - Google Patents
A kind of solution of the local more accounts of browser-cross signature Download PDFInfo
- Publication number
- CN109409078A CN109409078A CN201811226647.0A CN201811226647A CN109409078A CN 109409078 A CN109409078 A CN 109409078A CN 201811226647 A CN201811226647 A CN 201811226647A CN 109409078 A CN109409078 A CN 109409078A
- Authority
- CN
- China
- Prior art keywords
- local
- account
- program
- browser
- accounts
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/45—Structures or tools for the administration of authentication
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Information Transfer Between Computers (AREA)
Abstract
The invention proposes a kind of solutions of the local more accounts of browser-cross signature, it include: step S1, after detecting that local program is installed, in local boot one system-level finger daemon system system process, wherein, the system system process possesses the highest permission of current system;Step S2 carries out encryption communication using the system system process and local service process;Step S3, the system system process detect and guard the state of local service program, simulate the account currently logged in and carry out starting local service program, to guarantee that the operation being associated with current logon account is unaffected.The present invention is higher than the already existing system manager's process system process in local computer top by setting one to manage, and is able to detect state, the variation of system, is preferably managed to the program in account.
Description
Technical field
The present invention relates to field of information security technology, in particular to a kind of solution party of the local more accounts of browser-cross signature
Method.
Background technique
In existing financial system, such as bank net system, in logging in system by user or the operation such as do business, need
Want the identity of server authentication operator, such user operates every time is both needed in operation that (server is to each use with local KEY
In the certificate that family is issued is stored in) in certificate sign, then in server authentication this signature, to determine, this time operation is for I
Operation for it, has the function that anti-repudiation, and the small step of each of other a special operations either operation may be used
Encryption technology encrypts in this way and signs while applying, achievees the effect that anti-repudiation and encryption.
Solution is that application system judges whether local service program can be used now, if it is not, needing
The manual startup program of user is wanted, it is more troublesome.Although solving the problems, such as more account signatures to a certain extent, very not
Conveniently, for example user can be potentially encountered this problem when nullifying, logging in again, shut down, restart, switch user.
Compared with existing client signature scheme, main be to solve interacted using by browser with local KEY originally
When signing, if only supporting the single switching of windows Account Logon user, logging off users, cause browser can not be with local
The case where program interaction.
Fig. 1 a and Fig. 1 b are existing client signature method flow diagram.The shortcomings that prior art is local program and current
The relevance of account is too strong, and after causing the account currently logged in that program is installed and activated, browser does the equal no problem of interaction therewith,
But when user restart computer, switching user, nullify active user when secondary login, newly increase account, delete account
After, local service may not will start, and cause browser that can not interact, therefore local client also cannot be achieved
Signature function.
Because existing usage mode is cumbersome and inconvenient, and there are many problem of being easy to appear, for example local account is restarted, infused
Pin is closed, is logged in, and be may result in local program and is not started, and local same program corresponds to more accounts, and there may be communications to mix
Disorderly, a series of problems, such as rights concerns.
Summary of the invention
The purpose of the present invention aims to solve at least one of described technological deficiency.
For this purpose, an object of the present invention is to provide a kind of solutions of the local more accounts of browser-cross signature.
To achieve the goals above, the embodiment of the present invention provides a kind of solution party of local more accounts of browser-cross signature
Method, packet following steps:
Step S1, after detecting that local program is installed, in one system-level finger daemon system system of local boot
System process, wherein the system system process possesses the highest permission of current system;
Step S2 carries out encryption communication using the system system process and local service process;
Step S3, the system system process detect and guard the state of local service program, what simulation currently logged in
Account carries out starting local service program, to guarantee that the operation being associated with current logon account is unaffected.
Further, in the step S3, the system system process detect the state of each logon account, starting,
It closes, nullify, restart, start or restart the local service program of corresponding account when managing each logon account state change.
Further, in the step S2, the system system process and local service process carry out encryption communication, adopt
With following cipher mode: 3DES, AES, SM4 scheduling algorithm.
The solution of the local more accounts of browser-cross signature according to an embodiment of the present invention, may be implemented local client
More account Single Sign-On browsers are higher than by calling a new generation's signature client to realize local KEY signature by being arranged one
Local computer top already existing system manager's process system process manages, closing, start-stop, real-time detection service
Program and the system service program that current logon account behavior can be simulated.Since system process possesses highest permission, so
The problem of encountering in current account, can solve, and also be able to detect state, the variation of system.It can be preferably to account
In program be managed.
The additional aspect of the present invention and advantage will be set forth in part in the description, and will partially become from the following description
Obviously, or practice through the invention is recognized.
Detailed description of the invention
Above-mentioned and/or additional aspect of the invention and advantage will become from the description of the embodiment in conjunction with the following figures
Obviously and it is readily appreciated that, in which:
Fig. 1 a and Fig. 1 b are existing client signature method flow diagram;
Fig. 2 is the flow chart according to the solution of the local more accounts of the browser-cross of embodiment of the present invention signature;
Fig. 3 is the schematic diagram according to the solution of the local more accounts of the browser-cross of embodiment of the present invention signature.
Specific embodiment
The embodiment of the present invention is described below in detail, examples of the embodiments are shown in the accompanying drawings, wherein from beginning to end
Same or similar label indicates same or similar element or element with the same or similar functions.Below with reference to attached
The embodiment of figure description is exemplary, it is intended to is used to explain the present invention, and is not considered as limiting the invention.
The present invention proposes a kind of solution of the local more accounts of browser-cross signature, by be arranged system-level permission into
Journey realizes the more account Single Sign-On browsers of local client by calling a new generation's signature client to realize local KEY signature
Method.
As shown in Figures 2 and 3, the solution of the local more accounts of browser-cross signature of the embodiment of the present invention, including such as
Lower step:
Step S1, after detecting that local program is installed, in one system-level finger daemon system system of local boot
System process, wherein system system process possesses the highest permission of current system.
Step S2 carries out encryption communication using system system process and local service process.Wherein, system system into
Journey and local service process carry out encryption communication, using following cipher mode: 3DES, AES, SM4 scheduling algorithm.
Step S3, system system process possesses the highest permission of current system, detects and guards local service program
State simulates the account currently logged in and carries out starting local service program, to guarantee the behaviour being associated with current logon account
Make unaffected.
Installation procedure system-level guards (service) process system system when being installed, at local boot one
System, detects and guards the state of specified local service program, local service program when to guarantee multi-user's Single Sign-On
It can use and normal communication function is provided.
System system process detects the state of each logon account, starting, closing, nullifies, restarts, and manages each login
Start or restart the local service program of corresponding account when account status changes.
To sum up, system system process can complete following functions:
(1) the account starting local application that simulation currently logs in.
(2) state of current logon account is detected, starting, closing, nullifies, restart.
(3) with os starting, and possess system permission.
(4) with local service process encryption communication.
(5) any designated program on local computer can be started, support but be not limited to service routine.
It should be noted that the method for similarly realizing this purpose is exactly to manually boot corresponding local application.When
Preceding user manually boots locally specified application program after logging in, application program default is run with current account, when this account is infused
Pin after restarting, needs manually again by application program launching.If being required to open manually under active user after switching user
Move specified application program.
The solution of the local more accounts of browser-cross signature according to an embodiment of the present invention, may be implemented local client
More account Single Sign-On browsers are higher than by calling a new generation's signature client to realize local KEY signature by being arranged one
Local computer top already existing system manager's process system process manages, closing, start-stop, real-time detection service
Program and the system service program that current logon account behavior can be simulated.Since system process possesses highest permission, so
The problem of encountering in current account, can solve, and also be able to detect state, the variation of system.It can be preferably to account
In program be managed.
In the description of this specification, reference term " one embodiment ", " some embodiments ", " example ", " specifically show
The description of example " or " some examples " etc. means specific features, structure, material or spy described in conjunction with this embodiment or example
Point is included at least one embodiment or example of the invention.In the present specification, schematic expression of the above terms are not
Centainly refer to identical embodiment or example.Moreover, particular features, structures, materials, or characteristics described can be any
One or more embodiment or examples in can be combined in any suitable manner.
Although the embodiments of the present invention has been shown and described above, it is to be understood that above-described embodiment is example
Property, it is not considered as limiting the invention, those skilled in the art are not departing from the principle of the present invention and objective
In the case where can make changes, modifications, alterations, and variations to the above described embodiments within the scope of the invention.The scope of the present invention
It is extremely equally limited by appended claims.
Claims (3)
1. a kind of solution of the local more accounts of browser-cross signature, which comprises the steps of:
Step S1, after detecting that local program is installed, local boot one system-level finger daemon system system into
Journey, wherein the system system process possesses the highest permission of current system;
Step S2 carries out encryption communication using the system system process and local service process;
Step S3, the system system process detect and guard the state of local service program, simulate the account currently logged in
Starting local service program is carried out, to guarantee that the operation being associated with current logon account is unaffected.
2. the solution of the local more accounts of browser-cross signature as described in claim 1, which is characterized in that in the step
In S2, the system system process detects the state of each logon account, starting, closing, nullifies, restarts, and management is each stepped on
Start or restart the local service program of corresponding account when record account status variation.
3. the solution of the local more accounts of browser-cross signature as described in claim 1, which is characterized in that in the step
In S2, the system system process and local service process carry out encryption communication, using following cipher mode: 3DES, AES,
SM4 algorithm.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811226647.0A CN109409078A (en) | 2018-10-22 | 2018-10-22 | A kind of solution of the local more accounts of browser-cross signature |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811226647.0A CN109409078A (en) | 2018-10-22 | 2018-10-22 | A kind of solution of the local more accounts of browser-cross signature |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN109409078A true CN109409078A (en) | 2019-03-01 |
Family
ID=65468584
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811226647.0A Pending CN109409078A (en) | 2018-10-22 | 2018-10-22 | A kind of solution of the local more accounts of browser-cross signature |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109409078A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110224818A (en) * | 2019-06-03 | 2019-09-10 | 北京信安世纪科技股份有限公司 | The signature license control method of browser-cross |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101021896A (en) * | 2007-04-06 | 2007-08-22 | 中兴通讯股份有限公司 | Method for realizing multi-task access smart card |
| US20080120719A1 (en) * | 2006-11-18 | 2008-05-22 | Friend Doug | Login security daemon |
-
2018
- 2018-10-22 CN CN201811226647.0A patent/CN109409078A/en active Pending
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20080120719A1 (en) * | 2006-11-18 | 2008-05-22 | Friend Doug | Login security daemon |
| CN101021896A (en) * | 2007-04-06 | 2007-08-22 | 中兴通讯股份有限公司 | Method for realizing multi-task access smart card |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110224818A (en) * | 2019-06-03 | 2019-09-10 | 北京信安世纪科技股份有限公司 | The signature license control method of browser-cross |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11991051B2 (en) | Providing mobile device management functionalities | |
| US9858428B2 (en) | Controlling mobile device access to secure data | |
| US9654508B2 (en) | Configuring and providing profiles that manage execution of mobile applications | |
| CN104102882B (en) | Protection method and device for privacy data of application program | |
| EP2992477B1 (en) | User and system authentication in enterprise systems | |
| US9231914B2 (en) | Mobile device security management system | |
| US20140109172A1 (en) | Providing Virtualized Private Network Tunnels | |
| US9244705B1 (en) | Intelligent micro-virtual machine scheduling | |
| EP3058502A1 (en) | Secure client drive mapping and file storage system for mobile device management type security | |
| WO2015102608A2 (en) | Providing mobile device management functionalities | |
| US11768692B2 (en) | Systems and methods for automated application launching | |
| CN109726041B (en) | Method, apparatus and computer readable medium for restoring files in a virtual machine disk | |
| CN112632605A (en) | Method and device for preventing unauthorized access, computer equipment and storage medium | |
| CN109409078A (en) | A kind of solution of the local more accounts of browser-cross signature | |
| Song et al. | App’s auto-login function security testing via android os-level virtualization | |
| US9128743B1 (en) | Graphic visualization of a suspended virtual machine | |
| Dimitriadis et al. | Malevolent app pairs: an android permission overpassing scheme | |
| KR20150030047A (en) | Method and system for application authentication | |
| CN119278448A (en) | Technologies used to provide safety-related information | |
| KR101351243B1 (en) | Method and system for application authentication | |
| CN104967636A (en) | Method and apparatus for realizing social networking services (SNS) application | |
| KR101308704B1 (en) | Accredited certificate management system and management method thereof | |
| KR20130114366A (en) | Method for performing virtual process on security card number via network in computing system and method for controlling the same in management server |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20190301 |
|
| WD01 | Invention patent application deemed withdrawn after publication |