CN103581114A - Authentication method and system - Google Patents

Authentication method and system Download PDF

Info

Publication number
CN103581114A
CN103581114A CN201210253880.4A CN201210253880A CN103581114A CN 103581114 A CN103581114 A CN 103581114A CN 201210253880 A CN201210253880 A CN 201210253880A CN 103581114 A CN103581114 A CN 103581114A
Authority
CN
China
Prior art keywords
server
browser
client
authentication
described server
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201210253880.4A
Other languages
Chinese (zh)
Inventor
陈磊
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
SHANGHAI ZHANLU NETWORK TECHNOLOGY Co Ltd
Original Assignee
SHANGHAI ZHANLU NETWORK TECHNOLOGY Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by SHANGHAI ZHANLU NETWORK TECHNOLOGY Co Ltd filed Critical SHANGHAI ZHANLU NETWORK TECHNOLOGY Co Ltd
Priority to CN201210253880.4A priority Critical patent/CN103581114A/en
Publication of CN103581114A publication Critical patent/CN103581114A/en
Pending legal-status Critical Current

Links

Images

Abstract

The invention discloses an authentication method and system. The authentication method includes the following steps that S1, a user obtains a device activation credential from a server; S2, the server verifies whether the device activation credential received from a browser of a client side is valid or not, if yes, the S3 is executed, and if not, the process is ended; S3, the server generates a device authentication mark and returns the mark to the client side; S4, the browser of the client side sends an access request including the device authentication mark to the server; S5, the server verifies whether the device authentication mark is valid or not, if yes, the S6 is executed, and if not, the process is ended; S6, a conversation is established between the browser of the client side and a Web application of the server. The mode of device activation is adopted for establishing a unique incidence relation between the client side and the server, and therefore using is greatly simplified for the user.

Description

Authentication method and Verification System thereof
Technical field
The present invention relates to a kind of authentication method and Verification System thereof, particularly relate to authentication method and Verification System thereof between a kind of client and server.
Background technology
In the Internet, the Web based on browser be applied in people production and life in bringing into play more and more important effect.Wherein just comprise the Web application that much fail safe is had suitable requirement, the user's access after authentication is only accepted in these application.The most widely used user's authentication mode is the authentication mode based on usemame/password now, that is to say when user accesses related Web application at every turn, need to input correct usemame/password pair, the server of network side can authenticate relevant usemame/password, only has the user by authentication can access Web and apply.
But in some use scenes, the safety certification strategy of Web application, based on equipment, needs the equipment of access by authentication.And equipment itself can be used by a plurality of users, and sole user also can use the Web application of a plurality of equipment access servers, if during the now authentication of user's name/password, fundamentally cannot determine a usemame/password whether with a concrete equipment between associated, and same equipment may have different user to use, or a user uses a plurality of equipment, now just need user to obtain the usemame/password setting of a plurality of equipment, this has just increased the leakage of security information, also to user, bring mass memory burden, lowered user's experience.
Summary of the invention
The technical problem to be solved in the present invention is security information leakage and the poor defect of experience causing in order to overcome the certification mode of available technology adopting usemame/password mode, a kind of authentication method and Verification System thereof are provided, by adopting the mode of device activation, make between equipment and server, to there is unique association, so greatly simplified user's use, and guaranteed the safety of user profile.
The present invention solves above-mentioned technical problem by following technical proposals:
The invention provides a kind of authentication method, be characterized in, described authentication method comprises the following steps:
S 1, user obtains a device activation voucher from a server;
S 2, whether the described device activation voucher that receives from the browser of a client of described server authentication effective, if effectively enter step S 3, otherwise flow process finishes;
S 3, described server generates a device authentication sign, and is back to described client;
S 4, described client browser send comprise described device authentication sign an access request to described server;
S 5, whether device authentication sign effective described in described server authentication, if effectively, enter step S 6, otherwise flow process finishes;
S 6, the browser of described client and Web(network, the Internet of described server) set up session between application.
Wherein the present invention is by activating the method for voucher from server equipment, avoided user to authenticate at server end by the mode of usemame/password, because not only also avoided the leakage of user profile for user provides convenience.
Described in the present invention, described in server authentication, whether device activation voucher is that described server sends, thereby judge that whether described device activation voucher is effective, in addition described server can also verify that described device activation voucher is whether in an effective time limit further, thereby avoid further the existence of " dormancy " device activation voucher, save memory space and relevant arrange etc. of described server.
Described in the present invention, described in server authentication, whether the sign of device authentication described in access request is that described server produces, thereby judges whether to allow the Web application of server described in described browser access.
And the application of Web described in the present invention refers to browser/server framework (Browser/Server in prior art, abbreviation B/S) application program, and the true kernel of Web application is mainly that the data of database are processed, thereby described browser/server framework can be applied on wide area network well.
In addition the browser of client described in the present invention and described server are set up after session, between the browser of described client and described server, just can effectively carry out data communication.Wherein said session is the Essential Terms of the communications field, is just no longer described in detail herein.
Preferably, described step S 2for:
S 21, whether the described device activation voucher that receives from the browser of described client of described server authentication be the device activation voucher that described server sends, if enter step S 22, otherwise flow process finishes;
S 22, described server authentication receive described device activation voucher current time whether in an effective time limit, if enter step S 3, otherwise flow process finishes.
Wherein said effective time limit is by server free setting, and described effective time limit is for limiting the time range that described server receives described device activation voucher again, prevent that ossified device activation voucher from taking too much server resource, for example, when server receives described device activation voucher again, the current time detect receiving whether in a default effective time section, if, described device activation voucher is still effective, otherwise described device activation voucher is invalid.
In addition described device activation voucher is through encryption, thus described server generally described device activation voucher need to be decrypted, thereby be convenient to subsequent treatment.
Preferably, described step S 5for:
S 51, described server authentication sends between the browser of client of described access request and described server whether built vertical session, if flow process finishes, otherwise enters step S 52;
S 52, whether the device authentication sign described in described server authentication in access request be the device authentication sign that described server sends, if enter step S 6, otherwise flow process finishes.
Preferably, described step S 51for:
S 511, described server authentication sends between the browser of client of described access request and described server whether built vertical session, if enter step S 512, otherwise enter step S 52;
S 512, described in described server authentication browser and the session between described server of client whether effective, if so, flow process finishes, otherwise enters step S 52.
Owing to existing session to exist between client and server, but the situation that session had been lost efficacy, so also need in the present invention to judge that whether session is still the mode of active session, avoids setting up the existence of the active session that can transmit data.
Preferably, described step S 512for:
Whether the Cookies of the session described in described server authentication between the browser of client and described server is effective, and if so, flow process finishes, otherwise enters step S 52.
Wherein said Cookies refers in the communications field between server and client side in order to distinguish user identity, to carry out the Essential Terms of the data of session tracking, so be no longer described in detail herein.
Whether mode by described Cookies while wherein requiring emphasis ground not only can detect session subscriber also in effective status, and whether the Session Time that can also detect user is overtime, thereby can prevent the existence of ossified session, saves server resource.
Preferably, described step S 52for:
Described server sends an authentication data request;
The browser of described client generates a verify data based on described device authentication sign;
The device authentication sign of described server based in described access request generates a comparing data;
Whether the more described verify data of described server and described comparing data be identical, if enter step S 6, otherwise flow process finishes.
Preferably, the browser of described client and described server are all based on MD5(Message Digest Algorithm 5), SHA-1(SHA-1) and/or SHA256(SHA 256) process respectively described device authentication sign and obtain described verify data and described comparing data.
The function that in the present invention, each processing obtains described verify data and described comparing data is all selected arbitrarily from MD5, SHA-1 and SHA256.So raising fail safe.
Preferably, described step S 1for:
User obtains described device activation voucher by the mode of Email or short message from described server.
The present invention also provides a kind of Verification System, is characterized in that described Verification System comprises a server and a client; Wherein said client comprises a browser, and described server comprises a Web application module; Whether described server is effective from the described device activation voucher of the browser reception of described client for generating a device activation voucher checking;
Wherein, when described device activation voucher is effective, described server is also stored to described client for generating a device authentication sign and returning;
The browser of described client is for sending the access request that comprises described device authentication sign to described server; Whether described server is also effective for verifying described device authentication sign;
When described device authentication sign is effective, the Web(network of the browser of described client and described server, the Internet) set up session between application module.
Preferably, described server also comprises a device activation module and a device authentication module, and whether wherein said device activation module is effective from the described device activation voucher of the browser reception of described client for generating described device activation voucher checking;
Described device authentication module is used for generating a device authentication sign and passback is stored to described client, and verifies that whether the described device authentication sign that the browser of described client sends is effective.
Preferably, described device activation module is for verifying that whether the described device activation voucher that receives from the browser of described client is that the device activation voucher that sends of described server and the current time that receives described device activation voucher are whether in an effective time limit.
Preferably, described device authentication module is for verifying between the browser of the client that sends described access request and described server whether built vertical session, and described device authentication module is also for verifying whether the device authentication sign of described access request is the device authentication sign that described server sends.
Preferably, whether described device authentication module is also effective for verifying browser and the session between described server of described client.
Preferably, whether described device authentication module is effective for verifying the browser of described client and the Cookies of the session between described server.
Preferably, described device authentication module also sends an authentication data request for the browser to described client, and the device authentication sign based in described access request generates a comparing data;
The browser of described client is also for generating a verify data based on described device authentication sign;
Whether described device authentication module is also identical for more described verify data and described comparing data.
Preferably, the browser of described client and described server are all processed respectively described device authentication sign based on MD5, SHA-1 and/or SHA256 and are obtained described verify data and described comparing data.
Positive progressive effect of the present invention is:
Authentication method of the present invention and Verification System thereof, by adopting the mode of device activation, thereby between client and server, set up unique incidence relation, so no longer need to set up between equipment that the mode by usemame/password used user and server associated, therefore greatly simplified user's use, and user do not need to remember usemame/password, so also guaranteed the safety of user profile.
Accompanying drawing explanation
Fig. 1 is the structural representation of the preferred embodiment of Verification System of the present invention.
Fig. 2 is the flow chart of the authentication method of preferred embodiment of the present invention.
Embodiment
Below in conjunction with accompanying drawing, provide preferred embodiment of the present invention, to describe technical scheme of the present invention in detail.
Embodiment:
Verification System of the present invention by setting up the authentication relationship associated with device hardware unique identification between server and client side's browser, thereby no longer need the mode of usemame/password to authenticate, thereby simplified user's verification process, but also avoided the leakage of user profile.
So as shown in Figure 1, the Verification System of the present embodiment comprises a server 1 and a client 2;
Wherein said server 1 comprises a Web application module 11, a device activation module 12 and a device authentication module 13.Described client 2 comprises a browser 21.
Described device authentication module 13 is stored to described client 2 for generating a device authentication sign and returning,
Described device authentication module 13 is also for verifying between the browser 21 of the client 2 that sends described access request and described server 1 whether built vertical session.
Owing to existing session to exist between client and server, but the situation that session had been lost efficacy, so also need in the present invention to judge that whether session is still the mode of active session, avoids setting up the existence of the active session that can transmit data.
The module of device authentication described in the present embodiment 13 is by verifying whether the browser 21 of described client 2 and the Cookies of the session between described server 1 effectively confirm the validity of the session between described browser 21 and described server 1.
Whether mode by described Cookies while wherein requiring emphasis ground not only can detect session subscriber also in effective status, and whether the Session Time that can also detect user is overtime, thereby can prevent the existence of ossified session, saves server resource.
Described device authentication module 13 is also for verifying whether the device authentication sign of described access request is the device authentication sign that described server 1 sends.
Described device activation module 12 is for verifying that whether the described device activation voucher that receives from the browser 21 of described client 2 is that the device activation voucher that sends of described server 1 and the current time that receives described device activation voucher are whether in an effective time limit.
Wherein said effective time limit is by server free setting, and described effective time limit is for limiting the time range that described server receives described device activation voucher again, prevent that ossified device activation voucher from taking too much server resource, for example, when server receives described device activation voucher again, the current time detect receiving whether in a default effective time section, if, described device activation voucher is still effective, otherwise described device activation voucher is invalid.Thereby avoid further the existence of " dormancy " device activation voucher, save memory space and relevant arrange etc. of described server.
And between the module 13 of device authentication described in the present embodiment and browser 21, device authentication module 13 described in verification process also sends an authentication data request for the browser 21 to described client 2, and the device authentication sign based in described access request generates a comparing data.The browser 21 of described client 2 is also for generating a verify data based on described device authentication sign.
Whether described device authentication module 13 is also identical for more described verify data and described comparing data.
The browser 21 of wherein said client 2 and described server 1 are all processed respectively described device authentication sign based on MD5, SHA-1 and/or SHA256 and are obtained described verify data and described comparing data.
The various interaction datas of above-mentioned server 1 and client 2, as device authentication sign and as described in device activation voucher etc. be through encryption, so described server 1 generally described interaction data need to be decrypted, thereby be convenient to subsequent treatment.
And when described device authentication sign is effective, the browser 21 of described client 2 and Web(network, the Internet of described server 1) set up session between application module 11.
In addition, for convenience of description, in the present embodiment, the server of described Verification System is divided into various modules according to function and describes respectively, so when implementing the present embodiment, the function of each module can be realized in same or a plurality of software and/or hardware.
The application can be used in numerous general or special purpose computingasystem environment or configuration.For example: personal computer, server computer, handheld device or portable set, plate equipment, multicomputer system, the system based on microprocessor, set top box, programmable consumer-elcetronics devices, network PC(PC), small-sized meter machine, mainframe computer, comprise distributed computing environment (DCE) of above any system or equipment etc.
By authentication method concrete in above-mentioned Verification System as shown in Figure 2, comprising following steps:
Step 1, user obtains described device activation voucher by the mode of Email or short message from described server.In addition user can also adopt oral exchange or the mode such as written to obtain described device activation voucher, and be not limited only to electronics mode, obtains described device activation voucher.
Step 2, whether described server authentication is the device activation voucher that described server sends from the described device activation voucher of the browser reception of described client, if so, enter step 3, otherwise flow process finishes.
Step 3, whether the current time that described server authentication receives described device activation voucher is in an effective time limit, if enter step 4, otherwise flow process finishes.
Step 4, described server generates a device authentication sign, and is back to described client.
Step 5, whether device authentication sign is effective described in described server authentication, if effectively, enter step 6, otherwise flow process finishes.
Step 6, described server authentication sends between the browser of client of described access request and described server whether built vertical session, if enter step 7, otherwise enters step 8.
Owing to existing session to exist between client and server, but the situation that session had been lost efficacy, so also need in the present invention to judge that whether session is still the mode of active session, avoids setting up the existence of the active session that can transmit data.
Step 7, whether the browser of client and the Cookies of the session between described server be effective described in described server authentication, and if so, flow process finishes, otherwise enters step 8.
Wherein said Cookies refers in the communications field between server and client side in order to distinguish user identity, to carry out the Essential Terms of the data of session tracking, so be no longer described in detail herein.
Whether mode by described Cookies while wherein requiring emphasis ground not only can detect session subscriber also in effective status, and whether the Session Time that can also detect user is overtime, thereby can prevent the existence of ossified session, saves server resource.
Step 8, described server sends an authentication data request.
Step 9, the browser of described client generates a verify data based on described device authentication sign; The device authentication sign of described server based in described access request generates a comparing data.
The browser of client described in step 8 and step 9 and described server are all based on MD5(Message Digest Algorithm 5), SHA-1(SHA-1) and/or SHA256(SHA 256) process respectively described device authentication sign and obtain described verify data and described comparing data.
The function that in the present invention, each processing obtains described verify data and described comparing data is all selected arbitrarily from MD5, SHA-1 and SHA256.So raising fail safe.
Step 10, whether the more described verify data of described server and described comparing data be identical, if enter step 11, otherwise flow process finishes.
Step 11, sets up session between the browser of described client and the Web of described server application.
Wherein the present embodiment is by activating the method for voucher from server equipment, avoided user to authenticate at server end by the mode of usemame/password, because not only also avoided the leakage of user profile for user provides convenience.
Described in the present embodiment, described in server authentication, whether device activation voucher is that described server sends, thereby judge that whether described device activation voucher is effective, in addition described server can also verify that described device activation voucher is whether in an effective time limit further, thereby avoid further the existence of " dormancy " device activation voucher, save memory space and relevant arrange etc. of described server.
Described in the present embodiment, described in server authentication, whether the sign of device authentication described in access request is that described server produces, thereby judges whether to allow the Web application of server described in described browser access.
In addition the browser of client described in the present embodiment and described server are set up after session, between the browser of described client and described server, just can effectively carry out data communication.Wherein said session is the Essential Terms of the communications field, is just no longer described in detail herein.
Although more than described the specific embodiment of the present invention, it will be understood by those of skill in the art that these only illustrate, protection scope of the present invention is limited by appended claims.Those skilled in the art is not deviating under the prerequisite of principle of the present invention and essence, can make various changes or modifications to these execution modes, but these changes and modification all fall into protection scope of the present invention.

Claims (16)

1. an authentication method, is characterized in that, described authentication method comprises the following steps:
S 1, user obtains a device activation voucher from a server;
S 2, whether the described device activation voucher that receives from the browser of a client of described server authentication effective, if effectively enter step S 3, otherwise flow process finishes;
S 3, described server generates a device authentication sign, and is back to described client;
S 4, described client browser send comprise described device authentication sign an access request to described server;
S 5, whether device authentication sign effective described in described server authentication, if effectively, enter step S 6, otherwise flow process finishes;
S 6, the browser of described client and Web(network, the Internet of described server) set up session between application.
2. authentication method as claimed in claim 1, is characterized in that, described step S 2for:
S 21, whether the described device activation voucher that receives from the browser of described client of described server authentication be the device activation voucher that described server sends, if enter step S 22, otherwise flow process finishes;
S 22, described server authentication receive described device activation voucher current time whether in an effective time limit, if enter step S 3, otherwise flow process finishes.
3. authentication method as claimed in claim 1, is characterized in that, described step S 5for:
S 51, described server authentication sends between the browser of client of described access request and described server whether built vertical session, if flow process finishes, otherwise enters step S 52;
S 52, whether the device authentication sign described in described server authentication in access request be the device authentication sign that described server sends, if enter step S 6, otherwise flow process finishes.
4. authentication method as claimed in claim 3, is characterized in that, described step S 51for:
S 511, described server authentication sends between the browser of client of described access request and described server whether built vertical session, if enter step S 512, otherwise enter step S 52;
S 512, described in described server authentication browser and the session between described server of client whether effective, if so, flow process finishes, otherwise enters step S 52.
5. authentication method as claimed in claim 4, is characterized in that, described step S 512for:
Whether the Cookies of the session described in described server authentication between the browser of client and described server is effective, and if so, flow process finishes, otherwise enters step S 52.
6. authentication method as claimed in claim 3, is characterized in that, described step S 52for:
Described server sends an authentication data request;
The browser of described client generates a verify data based on described device authentication sign;
The device authentication sign of described server based in described access request generates a comparing data;
Whether the more described verify data of described server and described comparing data be identical, if enter step S 6, otherwise flow process finishes.
7. authentication method as claimed in claim 6, is characterized in that, the browser of described client and described server are all processed respectively described device authentication sign based on MD5, SHA-1 and/or SHA256 and obtained described verify data and described comparing data.
8. authentication method as claimed in claim 1, is characterized in that, described step S 1for:
User obtains described device activation voucher by the mode of Email or short message from described server.
9. a Verification System, is characterized in that, described Verification System comprises: a server and a client; Wherein said client comprises a browser, and described server comprises a Web application module; Whether described server is effective from the described device activation voucher of the browser reception of described client for generating a device activation voucher checking;
Wherein, when described device activation voucher is effective, described server is also stored to described client for generating a device authentication sign and returning;
The browser of described client is for sending the access request that comprises described device authentication sign to described server; Whether described server is also effective for verifying described device authentication sign;
When described device authentication sign is effective, between the Web application module of the browser of described client and described server, set up session.
10. Verification System as claimed in claim 9, it is characterized in that, described server also comprises a device activation module and a device authentication module, and whether wherein said device activation module is effective from the described device activation voucher of the browser reception of described client for generating described device activation voucher checking;
Described device authentication module is used for generating a device authentication sign and passback is stored to described client, and verifies that whether the described device authentication sign that the browser of described client sends is effective.
11. Verification Systems as claimed in claim 10, it is characterized in that, described device activation module is for verifying that whether the described device activation voucher that receives from the browser of described client is that the device activation voucher that sends of described server and the current time that receives described device activation voucher are whether in an effective time limit.
12. Verification Systems as claimed in claim 11, it is characterized in that, described device authentication module is for verifying between the browser of the client that sends described access request and described server whether built vertical session, and described device authentication module is also for verifying whether the device authentication sign of described access request is the device authentication sign that described server sends.
13. Verification Systems as claimed in claim 12, is characterized in that, whether described device authentication module is also effective for verifying browser and the session between described server of described client.
14. Verification Systems as claimed in claim 13, is characterized in that, whether described device authentication module is effective for verifying the browser of described client and the Cookies of the session between described server.
15. Verification Systems as claimed in claim 10, is characterized in that, described device authentication module also sends an authentication data request for the browser to described client, and the device authentication sign based in described access request generates a comparing data;
The browser of described client is also for generating a verify data based on described device authentication sign;
Whether described device authentication module is also identical for more described verify data and described comparing data.
16. Verification Systems as claimed in claim 15, is characterized in that, the browser of described client and described server are all processed respectively described device authentication sign based on MD5, SHA-1 and/or SHA256 and obtained described verify data and described comparing data.
CN201210253880.4A 2012-07-20 2012-07-20 Authentication method and system Pending CN103581114A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201210253880.4A CN103581114A (en) 2012-07-20 2012-07-20 Authentication method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201210253880.4A CN103581114A (en) 2012-07-20 2012-07-20 Authentication method and system

Publications (1)

Publication Number Publication Date
CN103581114A true CN103581114A (en) 2014-02-12

Family

ID=50052053

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201210253880.4A Pending CN103581114A (en) 2012-07-20 2012-07-20 Authentication method and system

Country Status (1)

Country Link
CN (1) CN103581114A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104135482A (en) * 2014-08-07 2014-11-05 浪潮(北京)电子信息产业有限公司 Authentication method and device as well as server

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6226752B1 (en) * 1999-05-11 2001-05-01 Sun Microsystems, Inc. Method and apparatus for authenticating users
CN101582764A (en) * 2009-04-02 2009-11-18 北京飞天诚信科技有限公司 Method and system for identity authentication based on dynamic password
CN102047709A (en) * 2008-06-02 2011-05-04 微软公司 Trusted device-specific authentication
CN102446251A (en) * 2011-08-24 2012-05-09 杭州华三通信技术有限公司 Device activation realizing method and equipment

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6226752B1 (en) * 1999-05-11 2001-05-01 Sun Microsystems, Inc. Method and apparatus for authenticating users
CN102047709A (en) * 2008-06-02 2011-05-04 微软公司 Trusted device-specific authentication
CN101582764A (en) * 2009-04-02 2009-11-18 北京飞天诚信科技有限公司 Method and system for identity authentication based on dynamic password
CN102446251A (en) * 2011-08-24 2012-05-09 杭州华三通信技术有限公司 Device activation realizing method and equipment

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104135482A (en) * 2014-08-07 2014-11-05 浪潮(北京)电子信息产业有限公司 Authentication method and device as well as server

Similar Documents

Publication Publication Date Title
TWI749061B (en) Blockchain identity system
CN105024819B (en) A kind of multiple-factor authentication method and system based on mobile terminal
CN102201915B (en) Terminal authentication method and device based on single sign-on
US8701166B2 (en) Secure authentication
CN102098317B (en) Data transmitting method and system applied to cloud system
CN104767731B (en) A kind of Restful move transactions system identity certification means of defence
CN109815656A (en) Login authentication method, device, equipment and computer readable storage medium
CN103139200B (en) A kind of method of Web service single-sign-on
US8769289B1 (en) Authentication of a user accessing a protected resource using multi-channel protocol
EP2722001B1 (en) Secure data communication
US20120204245A1 (en) Secure authentication using one-time passwords
US10193895B2 (en) System and method for remote authentication with dynamic usernames
CN103581108A (en) Login authentication method, login authentication client, login authentication server and login authentication system
CN108880822A (en) A kind of identity identifying method, device, system and a kind of intelligent wireless device
CN101997824A (en) Identity authentication method based on mobile terminal as well as device and system thereof
CN106161475B (en) Method and device for realizing user authentication
CN104426659A (en) Dynamic password generating method, authentication method, authentication system and corresponding equipment
CN105376208A (en) Secure data verification method, system and computer readable storage medium
SG175860A1 (en) Methods of robust multi-factor authentication and authorization and systems thereof
CN101360107A (en) Method, system and apparatus enhancing security of single system login
CN113938283B (en) Code scanning login method, system, device, electronic equipment and storage medium
KR101197213B1 (en) Authentication system and method based by positioning information
CN109495458A (en) A kind of method, system and the associated component of data transmission
CA2797353C (en) Secure authentication
KR20120122185A (en) Voice one-time password based user authentication method and system on smart phone

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
WD01 Invention patent application deemed withdrawn after publication

Application publication date: 20140212

WD01 Invention patent application deemed withdrawn after publication