[go: up one dir, main page]

TWI615735B - Application of the method of hiding network services - Google Patents

Application of the method of hiding network services Download PDF

Info

Publication number
TWI615735B
TWI615735B TW106100088A TW106100088A TWI615735B TW I615735 B TWI615735 B TW I615735B TW 106100088 A TW106100088 A TW 106100088A TW 106100088 A TW106100088 A TW 106100088A TW I615735 B TWI615735 B TW I615735B
Authority
TW
Taiwan
Prior art keywords
token
service
server
code
electronic device
Prior art date
Application number
TW106100088A
Other languages
Chinese (zh)
Other versions
TW201826161A (en
Inventor
Xiu-Ming Ye
Cheng-Yu Huang
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed filed Critical
Priority to TW106100088A priority Critical patent/TWI615735B/en
Application granted granted Critical
Publication of TWI615735B publication Critical patent/TWI615735B/en
Publication of TW201826161A publication Critical patent/TW201826161A/en

Links

Landscapes

  • Data Exchanges In Wide-Area Networks (AREA)

Description

應用符記於隱藏網路服務之方法Application of the method of hiding network services

本發明係關於一種應用符記於隱藏網路服務之方法,特別係指一種將使用者識別碼與欲進行之行為轉換成一符記,以提高資料傳遞的安全性。The invention relates to a method for writing a hidden network service, in particular to converting a user identification code and a behavior to be performed into a token to improve the security of data transmission.

近年來隨著網路的普及,越來越多商家藉由網路提供各種服務,然而隨著網路的掀起,有些不法人士就將犯罪行為移至網路上進行,鑽研網路的漏洞,投機取巧從中牟利,因而網路安全也越來越受到大眾的關注。In recent years, with the popularity of the Internet, more and more businesses are providing various services through the Internet. However, with the rise of the Internet, some unscrupulous people have moved criminal activities to the Internet, exploiting loopholes in the network, and opportunistic. From the profit, network security has also received more and more attention from the public.

過去有人提出將資料加密的方式以達到保護的目的,其加密方法有對稱式加密和非對稱式加密,然加密方法與金鑰若被破解,則資料內容仍會被得知進而做些損害使用者權益之行為,故有人提出加入隨機碼機制,用以混淆犯罪者,使其不易辨別資料內容,還有人提出加入檢查碼機制,以確保資料內容並無被修改。In the past, some people proposed to encrypt data in order to achieve the purpose of protection. The encryption methods include symmetric encryption and asymmetric encryption. If the encryption method and key are cracked, the data content will still be known and used for damage. The behavior of the rights and interests, it was proposed to join the random code mechanism to confuse the perpetrators, making it difficult to distinguish the content of the data, and some people proposed to join the check code mechanism to ensure that the data content has not been modified.

雖然上述之方法皆能提高網路安全性,但是網路服務的運作方法基本是固定的,也就是告知使用者有哪些服務,透過網址附加一些參數,將資料傳回至伺服器,或是透過選擇的方式將後續的執行動作寫入於其選擇的項目內,而這之間不管是服務的內容或是使用者輸入的資料,其傳遞會用明碼的方式傳遞。如在傳遞的過程中不希望被人隨意查看,就需要對資料進行加密,若所有人的加密都使用同一把金鑰,則安全性會很低,若要針對不同使用者採用不同金鑰,則不管哪種加密方式,進行加密前皆需要知道使用者的身分才能取出對應之金鑰,如此在加密前,就必須先知道使用者的身分,才能取得相對應之金鑰,在不確定使用者身分的情況下,是無法順利進行加解密的。Although the above methods can improve the security of the network, the operation method of the network service is basically fixed, that is, the user is informed of the services, and some parameters are added through the website to transmit the data back to the server, or through The selected method writes the subsequent execution actions into the selected item, and the delivery is transmitted in clear code regardless of the content of the service or the data input by the user. If you don't want to be arbitrarily viewed during the delivery process, you need to encrypt the data. If everyone encrypts the same key, the security will be low. If you want to use different keys for different users, Regardless of the encryption method, before the encryption, the user's identity needs to be known to retrieve the corresponding key. Therefore, before encrypting, the user's identity must be known before the corresponding key can be obtained. In the case of the identity of the person, it is impossible to carry out encryption and decryption smoothly.

即便將資料加密,使用者所選擇的服務也是以明碼方式呈現,而這就給了犯罪者可趁之機,犯罪者可以專注於某些提供特定網路服務之伺服器(例如:銀行的網站、購物平台等)進行攻擊,由於已知服務內容,故可得知其服務內容執行時所必要之資料,因此即便資料被加密,也可以不斷嘗試各種攻擊方式破解其內容,從而竊取、竄改或仿冒等犯罪行為,故除了保護資料外,也應保護目前進行之網路服務,以防止有心人士針對特定的網路服務進行攻擊,因此,提出一個保護資料和網路服務內容的方法是很有必要的。Even if the data is encrypted, the user's chosen service is presented in clear format, which gives the perpetrators a chance to focus on certain servers that provide specific network services (eg, the bank's website). Attacks, shopping platforms, etc.), because the service content is known, it is possible to know the information necessary for the execution of its service content, so even if the data is encrypted, you can constantly try various attack methods to crack its content, thereby stealing, tampering or Counterfeiting and other criminal activities, in addition to protecting information, it should also protect the current network services to prevent people from attacking specific network services. Therefore, it is very important to propose a way to protect data and network services. necessary.

本發明之主要目的,係提供一種應用符記於隱藏網路服務之方法,其可隱藏目前執行之網路服務。The primary object of the present invention is to provide a method of applying a hidden network service that hides the currently executing network service.

本發明之次要目的,係提供一種應用符記於隱藏網路服務之方法,其透過一代碼混淆演算法將一客戶端識別碼及一服務代碼轉換成無法直接理解之符記,故無法從符記中得到目前的網路服務為何。A secondary object of the present invention is to provide a method for registering a hidden network service, which converts a client identification code and a service code into a token that cannot be directly understood through a code confusion algorithm, and thus cannot What is the current network service in the token?

本發明之又一目的,係提供一種應用符記於隱藏網路服務之方法,其符記中包含一客戶端識別碼,故除非遺失符記,否則客戶端只需進行一次登入後就無須再提供帳號及密碼,降低帳號及密碼被第三者得知的機率。Another object of the present invention is to provide a method for registering a hidden network service, wherein the token includes a client identifier, so unless the token is lost, the client only needs to perform one login and no longer need to perform the login. Provide an account number and password to reduce the chance that the account and password will be known by a third party.

為了達到上述之目的,本發明之一實施例係揭示一種應用符記於隱藏網路服務之方法,其步驟包含:一客戶端使用一電子裝置登入至一伺服器,該伺服器依該客戶端取得對應之權限產生一符記,該符記包含該客戶端之一客戶端識別碼及對應一服務項目之一服務代碼,該伺服器將該客戶端對應之權限之該服務項目及該符記傳送至該電子裝置,該電子裝置選擇該服務項目,該電子裝置將對應該服務項目之該符記傳送至該伺服器,該伺服器依據該符記之該服務代碼及該客戶端識別碼進行相應之處理。In order to achieve the above objective, an embodiment of the present invention discloses a method for registering a hidden network service, the method comprising: a client logging in to a server by using an electronic device, the server according to the client Obtaining the corresponding authority generates a token, the token includes one client identifier of the client and a service code corresponding to a service item, and the server has the service item corresponding to the client and the token Transmitting to the electronic device, the electronic device selects the service item, and the electronic device transmits the token corresponding to the service item to the server, and the server performs the service code according to the token and the client identifier Corresponding processing.

於本發明之一實施例中,其中於一客戶端使用一電子裝置登入至一伺服器時,包含下列步驟:該伺服器發送一初始符記至該電子裝置,該初始符記包含對應於該服務項目之一登入服務之該服務代碼,該客戶端於該電子裝置輸入一帳號及一密碼並將該帳號、該密碼及該初始符記傳送至該伺服器,該伺服器將該帳號及該密碼與一客戶資料庫進行身分驗證,當驗證通過後,該伺服器依據該帳號取得對應之權限產生該符記。In an embodiment of the present invention, when a client logs in to a server using an electronic device, the method includes the following steps: the server sends an initial token to the electronic device, and the initial token includes the corresponding One of the service items logs in to the service code of the service, the client inputs an account number and a password to the electronic device, and transmits the account number, the password and the initial token to the server, the server and the account The password is authenticated with a customer database. When the verification is passed, the server generates the corresponding token according to the corresponding authority of the account.

於本發明之一實施例中,其中該符記產生方式係以一代碼混淆演算法進行字元轉換或位置交換。In an embodiment of the invention, the token generation mode is performed by a code confusion algorithm for character conversion or position exchange.

於本發明之一實施例中,其中於該電子裝置將對應該服務項目之該符記傳送至該伺服器後,包含下列步驟:該符記用該代碼混淆演算法進行逆程序處理後從該符記中取得該客戶端識別碼及該服務代碼。In an embodiment of the present invention, after the electronic device transmits the token corresponding to the service item to the server, the method includes the following steps: the token is processed by the code obfuscation algorithm after the inverse program processing The client identification code and the service code are obtained in the token.

於本發明之一實施例中,其中於該伺服器將該客戶端對應之權限之至少一服務項目及該符記傳送至該電子裝置之步驟中,該符記記載於一網址或一網頁。In an embodiment of the present invention, the server transmits the at least one service item of the authority corresponding to the client and the token to the electronic device, and the token is recorded in a web address or a webpage.

於本發明之一實施例中,其中於該電子裝置將對應該服務項目之該符記傳送至該伺服器步驟前,其進一步包含該客戶端於該電子裝置對應該服務項目之一輸入資訊。In an embodiment of the present invention, before the electronic device transmits the token corresponding to the service item to the server step, the method further includes the client inputting information to one of the service items corresponding to the electronic device.

於本發明之一實施例中,其中該符記更包含一隨機碼及一檢查碼。In an embodiment of the invention, the token further comprises a random code and a check code.

於本發明之一實施例中,其中該隨機碼係用一隨機演算法產生。In an embodiment of the invention, the random code is generated using a random algorithm.

於本發明之一實施例中,其中該檢查碼係用該隨機碼、該客戶端識別碼及該服務代碼進行一位元運算產生。In an embodiment of the invention, the check code is generated by performing a one-bit operation using the random code, the client identifier, and the service code.

於本發明之一實施例中,其中於該電子裝置將對應該服務項目之該符記傳送至該伺服器之步驟後,其進一步包含下列步驟:該伺服器將該符記之該客戶端識別碼、該服務代碼及該隨機碼進行該位元運算產生一驗證檢查碼,然後比對該符記之該檢查碼與該驗證檢查碼是否一致。In an embodiment of the present invention, after the step of transmitting, by the electronic device, the identifier corresponding to the service item to the server, the method further includes the following steps: the server identifies the client of the token The code, the service code, and the random code perform the bit operation to generate a verification check code, and then compare the check code with the verification check code.

為使 貴審查委員對本發明之特徵及所達成之功效有更進一步之瞭解與認識,謹佐以較佳之實施例及配合詳細之說明,說明如後:In order to provide a better understanding and understanding of the features and the efficacies of the present invention, the preferred embodiment and the detailed description are as follows:

本實施案例提供一種應用符記於隱藏網路服務之方法,先前技術往往將目前進行之網路服務以明碼方式於網路中傳遞,因而有心人士可以針對特定之網路服務嘗試取得其內容,因此本發明提出一種將客戶端識別碼及服務項目之代碼進行混淆產生一符記,以防止有心人士竊取資料。藉由符記將客戶端識別碼與服務代碼隱藏並進行傳遞,並且符記可於客戶端保存,因此除非符記遺失,執行過一次登入驗證後,之後就無須再進行登入動作,可降低帳號及密碼被竊取的機率。This embodiment provides a method for writing a hidden network service. The prior art often transmits the currently performed network service to the network in a clear manner, so that a person with a heart can try to obtain the content for a specific network service. Therefore, the present invention proposes to confuse the client identification code and the code of the service item to generate a token to prevent the intentional person from stealing the data. The client ID and the service code are hidden and transmitted by the token, and the token can be saved on the client. Therefore, unless the token is lost, after performing a login verification, the login operation is not required, and the account can be lowered. And the chance that the password was stolen.

在此說明本發明之第一實施例之應用符記於隱藏網路服務之方法之流程,請參閱第一圖,其係為本發明之第一實施例之應用符記於隱藏網路服務之方法之流程圖。如圖所示,本實施例之應用符記於隱藏網路服務之方法其步驟包含:The flow of the method for hiding the network service in the first embodiment of the present invention is described herein. Please refer to the first figure, which is the application of the first embodiment of the present invention to the hidden network service. Flow chart of the method. As shown in the figure, the method of the application of the embodiment in the method of hiding the network service includes:

步驟S1:登入連線至一伺服器;Step S1: login to a server;

步驟S3:伺服器產生符記;Step S3: the server generates a token;

步驟S5:傳送服務項目與符記;Step S5: transmitting the service item and the token;

步驟S7:選擇服務項目;Step S7: selecting a service item;

步驟S9:傳送對應服務項目之符記;以及Step S9: transmitting a token corresponding to the service item;

步驟S11:依據符記進行相應之處理。Step S11: Perform corresponding processing according to the token.

接著說明為達成本發明之應用符記於隱藏網路服務之方法所需之系統,請參閱第二圖,其係本發明之第一實施例之應用符記於隱藏網路服務之方法之系統示意圖。如圖所示,本發明之應用符記於隱藏網路服務之方法之系統包含:一電子裝置10、一伺服器30及一客戶資料庫301。Next, a system for implementing the method of the present invention for concealing a network service is described. Please refer to the second figure, which is a system for applying the method of hiding the network service according to the first embodiment of the present invention. schematic diagram. As shown, the system of the present invention for the method of hiding network services includes an electronic device 10, a server 30, and a client database 301.

上述之一電子裝置10為桌上型電腦、筆記型電腦、智慧型手機、個人數位助理或功能型手機等各種能與網路連線之裝置。One of the above electronic devices 10 is a device that can be connected to the Internet, such as a desktop computer, a notebook computer, a smart phone, a personal digital assistant, or a function mobile phone.

上述之一客戶資料庫301可位於該伺服器30內或是位於一外部伺服器,此僅一較佳之實施例,然設置方式並不限於此。One of the above-mentioned customer databases 301 may be located in the server 30 or in an external server. This is only a preferred embodiment, but the arrangement is not limited thereto.

以下將說明本發明之第一實施例之應用符記於隱藏網路服務之方法之流程,請參閱搭配第一圖及第二圖。當一電子裝置10透過網路連線至一伺服器30時,將執行步驟S1至S11。In the following, the flow of the application of the first embodiment of the present invention to the hidden network service will be described. Please refer to the first figure and the second figure. When an electronic device 10 is connected to a server 30 via a network, steps S1 to S11 are performed.

於步驟S1中,當一電子裝置10連線至一伺服器30之登入頁面時,登入頁面包含一初始符記傳送至電子裝置10,客戶端於登入頁面輸入帳號及密碼後,帳號、密碼以及初始符記會傳送至伺服器30。In step S1, when an electronic device 10 is connected to the login page of the server 30, the login page includes an initial token transmitted to the electronic device 10. After the client enters the account number and password on the login page, the account number, password, and The initial token is transmitted to the server 30.

於本發明之一實施例中,於步驟S1,該初始符記包含一代表登入服務之服務代碼。In an embodiment of the present invention, in step S1, the initial token includes a service code representing a login service.

於步驟S3中,伺服器30從初始符記中取得一服務代碼,得知目前預執行服務為登入服務,伺服器30會依據帳號、密碼與客戶資料庫301進行身分驗證,當通過身分驗證後,會依據帳號對應權限之可行使之服務產生相對應數量之符記。In step S3, the server 30 obtains a service code from the initial token, and learns that the current pre-execution service is a login service, and the server 30 performs identity verification according to the account number and password and the customer database 301, and after passing the identity verification. The corresponding amount of the service will be generated according to the service that can be exercised according to the corresponding authority of the account.

於本發明之一實施例中,於步驟S3,該符記包含客戶端識別碼及對應服務項目之服務代碼,且用一代碼混淆演算法產生。In an embodiment of the present invention, in step S3, the token includes a client identification code and a service code of the corresponding service item, and is generated by a code confusion algorithm.

於步驟S5中,伺服器30依帳號之權限將可行使之服務項目與符記傳送至電子裝置10。In step S5, the server 30 transmits the extensible service items and tokens to the electronic device 10 according to the rights of the account.

於本發明之一實施例中,於步驟S5,該符記記載於一網址或一網頁中。In an embodiment of the present invention, in step S5, the token is recorded in a web address or a web page.

於步驟S7中,於電子裝置10選擇預做之服務項目。In step S7, the pre-made service item is selected in the electronic device 10.

於步驟S9中,電子裝置10傳送對應選擇服務項目之符記至伺服器30。In step S9, the electronic device 10 transmits a token corresponding to the selected service item to the server 30.

於本發明之一實施例中,於步驟S9,伺服器30會將符記做代碼混淆演算法之逆程序處理,並從符記中取得客戶端識別碼及服務代碼。In an embodiment of the present invention, in step S9, the server 30 processes the token as an inverse program of the code obfuscation algorithm, and obtains the client identifier and the service code from the token.

於步驟S11中,伺服器30依據符記中之服務代碼及客戶端識別碼進行相應之處理。In step S11, the server 30 performs corresponding processing according to the service code and the client identification code in the token.

於此,即完成本發明之第一實施例之應用符記於隱藏網路服務之方法,伺服器接收客戶端傳送之帳號及密碼並進行身分驗證後,可依據該帳號對應之權限之可行使之服務項目產生包含客戶端識別碼與服務代碼之符記,依據客戶端選擇之服務項目會回傳相應之符記至伺服器,故伺服器可從該符記中得知後續要執行之動作,由於客戶端識別碼與服務代碼皆隱藏於符記中,因此不易被有心人士依據服務項目猜測並破解其資料內容,提高資料於網路中傳遞之安全性。其可應用於帳戶登入後之查詢服務,但不限於此應用。In this case, the method for writing the application identifier of the first embodiment of the present invention to the hidden network service is completed. After the server receives the account and password transmitted by the client and performs identity verification, the server can perform the operation according to the authority corresponding to the account. The service item generates a token including the client identifier and the service code, and the service item selected by the client returns the corresponding token to the server, so the server can learn the action to be performed from the token. Because the client identification code and the service code are hidden in the token, it is not easy for the person concerned to guess and crack the data content according to the service item, and improve the security of the data transmission in the network. It can be applied to the inquiry service after the account is logged in, but is not limited to this application.

接著說明為達成本發明之第二實施例之應用符記於隱藏網路服務之方法,請參閱第二圖及第三圖,本實施例之流程與第一實施例之差異在於:本實施例之流程中,其步驟S3所產生之符記更包含一隨機碼與一檢查碼,隨機碼係用一隨機演算法產生,檢查碼係用隨機碼、客戶端識別碼及服務代碼用一位元運算產生,且本實施例包含一步驟S10。The following is a description of the method for implementing the second embodiment of the present invention in the hidden network service. Referring to the second and third figures, the flow of the embodiment differs from the first embodiment in that: In the process, the token generated in step S3 further includes a random code and a check code, and the random code is generated by a random algorithm, and the check code uses a random code, a client identifier, and a service element with a bit. An operation is generated, and the embodiment includes a step S10.

於步驟S10中,檢查符記完整性,伺服器30接收傳送過來之符記且進行代碼混淆演算法之逆程序後,伺服器30從符記中取得客戶端識別碼、服務代碼及隨機碼進行位元運算產生一驗證檢查碼,隨後比對符記中之檢查碼與驗證檢查碼是否一致以確認完整性。In step S10, the integrity of the token is checked, and after the server 30 receives the transmitted token and performs the inverse procedure of the code obfuscation algorithm, the server 30 obtains the client identifier, the service code, and the random code from the token. The bit operation produces a verification check code, and then the check code in the match check is consistent with the verification check code to confirm the integrity.

藉由本實施例,符記增加之隨機碼每次產生皆不相同,故可保證符記之唯一性且無法預測符記內容,增加檢查碼則可以檢查符記傳遞過程中是否有被竄改,以確保資料完整性,故進一步提高資料傳遞的安全性。With the embodiment, the random code added by the token is different every time, so that the uniqueness of the token can be guaranteed and the content of the token cannot be predicted. If the check code is added, it can be checked whether the token has been tampered with during the transmission. To ensure the integrity of the data, the security of data transmission is further improved.

接著說明為達成本發明之第三實施例之應用符記於隱藏網路服務之方法,請參閱第二圖及第四圖,本實施例之流程與第一實施例之差異在於:本實施例之流程中,其步驟S71與步驟S91分別取代步驟S7與步驟S9。The method for the application of the hidden network service in the third embodiment of the present invention is described. Referring to the second and fourth figures, the process of this embodiment differs from the first embodiment in that: this embodiment In the flow, step S71 and step S91 replace step S7 and step S9, respectively.

於步驟S71中,選擇服務項目及輸入資訊,於電子裝置10選擇預做之服務項目後,依據所選之服務項目,需客戶端填選一輸入資訊,該輸入資訊係供伺服器30所執行該服務所需之資訊。In step S71, the service item and the input information are selected. After the electronic device 10 selects the pre-made service item, the client needs to fill in an input information according to the selected service item, and the input information is executed by the server 30. Information required for this service.

於步驟S91中,傳送對應服務項目之符記及輸入資訊,電子裝置10傳送對應選擇服務項目之符記及客戶端填選之輸入資訊至伺服器30。In step S91, the token of the corresponding service item and the input information are transmitted, and the electronic device 10 transmits the input information corresponding to the selected service item and the input information of the client's selection to the server 30.

藉由本實施例,藉由客戶端傳送額外之資訊至伺服器,可使伺服器依客戶端需求執行不同服務。其可應用於轉帳、電子支付等應用上,但不限於此應用。With this embodiment, the client can transmit different information to the server, so that the server can perform different services according to the client's requirements. It can be applied to applications such as transfer, electronic payment, etc., but is not limited to this application.

接著說明為達成本發明之第四實施例之應用符記於隱藏網路服務之方法,請參閱第二圖及第五圖,本實施例之流程與第二實施例之差異在於:本實施例之流程中,其步驟S71與步驟S91分別取代步驟S7與步驟S9,步驟S71與步驟S91之流程第三實施例相同,故不再贅述。The method for the application of the hidden network service in the fourth embodiment of the present invention is described. Referring to the second and fifth figures, the difference between the flow of this embodiment and the second embodiment is: this embodiment In the process, the steps S71 and S91 are replaced by the steps S7 and S9, respectively, and the steps S71 and S91 are the same as the third embodiment, and therefore will not be described again.

惟以上所述者,僅為本發明之較佳實施例而已,並非用來限定本發明實施之範圍,舉凡依本發明申請專利範圍所述之形狀、構造、特徵及精神所為之均等變化與修飾,均應包括於本發明之申請專利範圍內。The above is only the preferred embodiment of the present invention, and is not intended to limit the scope of the present invention, and the variations, modifications, and modifications of the shapes, structures, features, and spirits described in the claims of the present invention. All should be included in the scope of the patent application of the present invention.

本發明係實為依據有新穎性、進步性及可供產業利用者,應符合我國專利法所規定之專利申請要件無疑,爰依法提出發明專利申請,祈 鈞局早日賜准專利,至感為禱。The invention is based on the novelty, the progressiveness and the availability of the industrial use, and should conform to the patent application requirements stipulated in the Patent Law of China, and the invention patent application is filed according to law, and the prayer bureau will grant the patent as soon as possible. prayer.

10‧‧‧電子裝置10‧‧‧Electronic devices

30‧‧‧伺服器30‧‧‧Server

301‧‧‧客戶資料庫301‧‧‧Customer Database

第一圖:其係本發明之一第一實施例之應用符記於隱藏網路服務之方法之流程圖; 第二圖:其係本發明之一第一實施例之應用符記於隱藏網路服務之方法之系統示意圖; 第三圖:其係本發明之一第二實施例之應用符記於隱藏網路服務之方法之流程圖; 第四圖:其係本發明之一第三實施例之應用符記於隱藏網路服務之方法之流程圖;以及 第五圖:其係本發明之一第四實施例之應用符記於隱藏網路服務之方法之流程圖。The first figure is a flowchart of a method for hiding a network service according to a first embodiment of the present invention; the second figure is an application of the first embodiment of the present invention to a hidden network. A schematic diagram of a system for a method of road service; a third diagram: a flowchart of a method for hiding a network service in a second embodiment of the present invention; and a fourth diagram: a third implementation of the present invention A flow chart of a method for hiding a network service; and a fifth diagram: a flowchart of a method for hiding a network service according to a fourth embodiment of the present invention.

Claims (9)

一種應用符記於隱藏網路服務之方法,其步驟包含:一客戶端使用一電子裝置登入至一伺服器;該伺服器發送一初始符記至該電子裝置,該初始符記包含對應於一服務項目之一登入服務之一服務代碼;該客戶端於該電子裝置輸入一帳號及一密碼並將該帳號、該密碼及該初始符記傳送至該伺服器;該伺服器將該帳號及該密碼與一客戶資料庫進行身分驗證;當驗證通過後,該伺服器依據該帳號取得對應之權限產生一符記;該符記包含該客戶端之一客戶端識別碼及對應該服務項目之該服務代碼;該伺服器將該客戶端對應之權限之該服務項目及該符記傳送至該電子裝置;該電子裝置選擇該服務項目;該電子裝置將對應該服務項目之該符記傳送至該伺服器;以及該伺服器依據該符記之該服務代碼及該客戶端識別碼進行相應之處理。 A method for registering a hidden network service, the method comprising: a client logging in to a server using an electronic device; the server sending an initial token to the electronic device, the initial token comprising a corresponding one One of the service items is a service code of the login service; the client inputs an account number and a password to the electronic device, and transmits the account number, the password and the initial token to the server; the server uses the account and the account The password is authenticated with a customer database; after the verification is passed, the server generates a token according to the corresponding authority of the account; the token includes one of the client identifiers of the client and the corresponding service item a service code; the server transmits the service item and the token corresponding to the client to the electronic device; the electronic device selects the service item; the electronic device transmits the token corresponding to the service item to the The server; and the server performs corresponding processing according to the service code of the token and the client identifier. 如申請專利範圍第1項所述之應用符記於隱藏網路服務之方法,其中該符記產生方式係以一代碼混淆演算法進行字元轉換或位置交換。 The application described in claim 1 is for the method of hiding a network service, wherein the token generation method performs character conversion or location exchange by a code confusion algorithm. 如申請專利範圍第2項所述之應用符記於隱藏網路服務之方法,其中於該電子裝置將對應該服務項目之該符記傳送至該伺服器後,包含下列步驟:該符記用該代碼混淆演算法進行逆程序處理;以及從該符記中取得該客戶端識別碼及該服務代碼。 The method of claim 2, wherein the electronic device transmits the token corresponding to the service item to the server, and the following steps are included: the token is used by the electronic device to transmit the identifier corresponding to the service item to the server. The code obfuscation algorithm performs inverse program processing; and the client identifier and the service code are obtained from the token. 如申請專利範圍第1項所述之應用符記於隱藏網路服務之方法,其中於該伺服器將該客戶端對應之權限之至少一服務項目及該符記傳送至該電子裝置之步驟中,該符記記載於一網址或一網頁。 The method of claim 1, wherein the server transmits the at least one service item corresponding to the client and the token to the electronic device. The token is recorded on a web address or a web page. 如申請專利範圍第1項所述之應用符記於隱藏網路服務之方法,其中於該電子裝置將對應該服務項目之該符記傳送至該伺服器步驟前,其進一步包含該客戶端於該電子裝置對應該服務項目之一輸入資訊。 The method of claim 1, wherein the application further includes the client before the electronic device transmits the token corresponding to the service item to the server step. The electronic device inputs information corresponding to one of the service items. 如申請專利範圍第1項所述之應用符記於隱藏網路服務之方法,其中該符記更包含一隨機碼及一檢查碼。 The method of claim 1, wherein the identifier further comprises a random code and a check code. 如申請專利範圍第6項所述之應用符記於隱藏網路服務之方法,其中該隨機碼係用一隨機演算法產生。 The application described in claim 6 is for the method of hiding a network service, wherein the random code is generated by a random algorithm. 如申請專利範圍第6項所述之應用符記於隱藏網路服務之方法,其中該檢查碼係用該隨機碼、該客戶端識別碼及該服務代碼進行一位元運算產生。 The method of claim 6, wherein the check code is generated by performing a one-bit operation using the random code, the client identifier, and the service code. 如申請專利範圍第8項所述之應用符記於隱藏網路服務之方法,其中於該電子裝置將對應該服務項目之該符記傳送至該伺服器之步驟後,其進一步包含下列步驟:該伺服器將該符記之該客戶端識別碼、該服務代碼及該隨機碼進行該位元運算產生一驗證檢查碼;以及比對該符記之該檢查碼與該驗證檢查碼是否一致。 The method of claim 8, wherein the application is recorded in the hidden network service, wherein after the electronic device transmits the token corresponding to the service item to the server, the method further comprises the following steps: The server performs the bit operation on the client identifier, the service code and the random code to generate a verification check code; and whether the check code of the token matches the verification check code.
TW106100088A 2017-01-03 2017-01-03 Application of the method of hiding network services TWI615735B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
TW106100088A TWI615735B (en) 2017-01-03 2017-01-03 Application of the method of hiding network services

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
TW106100088A TWI615735B (en) 2017-01-03 2017-01-03 Application of the method of hiding network services

Publications (2)

Publication Number Publication Date
TWI615735B true TWI615735B (en) 2018-02-21
TW201826161A TW201826161A (en) 2018-07-16

Family

ID=62014644

Family Applications (1)

Application Number Title Priority Date Filing Date
TW106100088A TWI615735B (en) 2017-01-03 2017-01-03 Application of the method of hiding network services

Country Status (1)

Country Link
TW (1) TWI615735B (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TW200828939A (en) * 2006-12-22 2008-07-01 Ind Tech Res Inst Security mechanism for one-time secured data access
JP2012224537A (en) * 2011-04-07 2012-11-15 Hitachi Metals Ltd Sintered body for ptc element, method for producing the same, the ptc element, and heat generating module
CN103765454A (en) * 2011-06-07 2014-04-30 维萨国际服务协会 Payment privacy tokenization apparatuses, methods and systems
US20140372308A1 (en) * 2013-06-17 2014-12-18 John Sheets System and method using merchant token
US20150312246A1 (en) * 2012-03-30 2015-10-29 Protegrity Corporation Tokenization in a centralized tokenization environment

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TW200828939A (en) * 2006-12-22 2008-07-01 Ind Tech Res Inst Security mechanism for one-time secured data access
JP2012224537A (en) * 2011-04-07 2012-11-15 Hitachi Metals Ltd Sintered body for ptc element, method for producing the same, the ptc element, and heat generating module
CN103765454A (en) * 2011-06-07 2014-04-30 维萨国际服务协会 Payment privacy tokenization apparatuses, methods and systems
US20150312246A1 (en) * 2012-03-30 2015-10-29 Protegrity Corporation Tokenization in a centralized tokenization environment
US20140372308A1 (en) * 2013-06-17 2014-12-18 John Sheets System and method using merchant token

Also Published As

Publication number Publication date
TW201826161A (en) 2018-07-16

Similar Documents

Publication Publication Date Title
US8898086B2 (en) Systems and methods for transmitting financial account information
US8478990B2 (en) Mobile transaction methods and devices with three-dimensional colorgram tokens
US8245030B2 (en) Method for authenticating online transactions using a browser
KR101718948B1 (en) Integrated certification system using one time random number
CN104322003B (en) Cryptographic authentication and identification method using real-time encryption
JP6538872B2 (en) Common identification data replacement system and method
CN103905188B (en) Utilize the method and intelligent cipher key equipment of intelligent cipher key equipment generation dynamic password
JP2008269610A (en) Protecting sensitive data intended for remote application
US20140258718A1 (en) Method and system for secure transmission of biometric data
CN106506158A (en) A kind of encryption method and system based on whitepack
CN104301288B (en) Online identity certification, online transaction checking, the method and system of online verification protection
CN104836660A (en) Password management method and system
Balayogi et al. An approach for mitigating cognitive load in password management by integrating QR codes and steganography
US20100005303A1 (en) Universal authentication method
US10051468B2 (en) Process for authenticating an identity of a user
US10771970B2 (en) Method of authenticating communication of an authentication device and at least one authentication server using local factor
CN102833239B (en) Method for implementing nesting protection of client account information based on network identity
TWI615735B (en) Application of the method of hiding network services
US10701105B2 (en) Method for website authentication and for securing access to a website
CN102314566A (en) Computer-to-computer authentication and man-to-machine authentication method applied to cloud computing
TWI640928B (en) System for generating and decrypting two-dimensional codes and method thereof
TWM542905U (en) System using token to hide network service
KR101427733B1 (en) Device and method for authenticating server
Wei et al. Enhancing the security of credit card transaction based on visual DSC
TWI644227B (en) Cross verification system implemented along with a mobile device and method thereof