CN116318909B - A multi-factor authentication method, device and storage medium - Google Patents
A multi-factor authentication method, device and storage mediumInfo
- Publication number
- CN116318909B CN116318909B CN202310181285.2A CN202310181285A CN116318909B CN 116318909 B CN116318909 B CN 116318909B CN 202310181285 A CN202310181285 A CN 202310181285A CN 116318909 B CN116318909 B CN 116318909B
- Authority
- CN
- China
- Prior art keywords
- parameter
- identity authentication
- local server
- hash
- server
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0861—Network architectures or network communication protocols for network security for authentication of entities using biometrical features, e.g. fingerprint, retina-scan
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3226—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
- H04L9/3231—Biological data, e.g. fingerprint, voice or retina
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2463/00—Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
- H04L2463/082—Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00 applying multi-factor authentication
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- General Health & Medical Sciences (AREA)
- Biomedical Technology (AREA)
- Health & Medical Sciences (AREA)
- Biodiversity & Conservation Biology (AREA)
- Life Sciences & Earth Sciences (AREA)
- Power Engineering (AREA)
- Storage Device Security (AREA)
Abstract
本发明提供一种多重身份认证的方法、设备及存储介质,利用硬件设备将用户的生物特征信息加密后应用于身份认证。结合生物特征信息、硬件设备及网络环境,以软件服务所在的服务器的IP、MAC地址及用户录入的生物特征作为身份认证因素进行身份认证,实现更高安全等级的身份认证同时简化认证流程。
This invention provides a method, device, and storage medium for multi-factor authentication. It utilizes hardware to encrypt the user's biometric information before applying it for authentication. By combining biometric information, hardware, and network environment, it uses the IP and MAC addresses of the server hosting the software service, along with the user's entered biometric data, as authentication factors to achieve a higher level of security while simplifying the authentication process.
Description
Technical Field
The present invention relates to the field of encryption technologies, and in particular, to a multiple identity authentication method, apparatus, and storage medium, which may be used in an identity authentication process of different data nodes in a network environment.
Background
Authentication is the process of determining whether someone or something is actually what it says is. Authentication techniques provide access control to a system by checking whether a user's credentials match credentials in an authorized user database or data authentication server. In this process, authentication ensures secure systems, secure processes and enterprise information security.
There are several types of authentication. For the purpose of user identity, the user is typically identified using a user ID, and authentication occurs when the user provides credentials, such as a password, that matches his user ID. The practice of requiring a user ID and password is known as Single Factor Authentication (SFA). In recent years, companies have enhanced authentication by requiring other authentication factors, such as a unique code or biometric signature provided to the user by the mobile device when attempting to log in. This is called two-factor authentication (2 FA).
The authentication factor may be even further than the SFA, which requires a user ID and password or 2FA, which requires a user ID, password and biometric signature. When authentication is performed using three or more authentication factors, for example, a user ID and password, a biometric signature, and a personal question that the user must answer-known as multi-factor authentication (MFA).
Authentication allows an organization to only allow authenticated users or processes to access their protected resources, thereby ensuring the security of their network. This may include computer systems, networks, databases, websites, and other network-based applications or services. In order to make 2FA as secure as possible, additional steps may be added to the flow. For example, a customer may be required to enter a Personal Identification Number (PIN) and a piece of biometric information. In these cases, this process is referred to as dual identity authentication (mFA). The more steps a customer is required to complete, the more secure the flow. However, the addition of steps also makes this process more cumbersome for the customer.
Disclosure of Invention
The invention aims to solve the problems of low safety or complicated steps of identity authentication in the prior art, and provides a novel multiple identity authentication method, equipment and a storage medium. The identity authentication method comprises a user registration stage and a user login stage, wherein the user registration stage comprises the following steps:
The method comprises the steps that a local server receives registration information of a user, starts an information collector to acquire and store characteristic information of the user, and returns the characteristic information to the local server;
Step two, the local server acquires the IP address and the MAC address of the local equipment network card, generates random salt s, and generates the MAC parameter I of the IP parameter P, MAC address of the IP address, the parameter x and the parameter v by utilizing a hash function, wherein the generation formula is as follows, and g is a fixed parameter in the range of fixed large prime number N:
p=hash (IP address+characteristic information+random number)
I=hash (MAC address+feature information)
X=hash (random salt s, P)
v=g^x
Starting key management equipment to encrypt the characteristic information and the parameter P, and returning the encrypted characteristic information and the encrypted parameter P to a local server; the local server stores the registration information, the parameter I, the encrypted parameter P and the encrypted characteristic information in a first database, and sends the registration information, the parameter I, the parameter v and the random salt s to the identity authentication server;
And step four, the identity authentication server stores the received parameters I, v and the random salt s into a second database, and sends the user registration completion information to the local server.
The information collector comprises a fingerprint collector, a face collector and an iris collector, and the characteristic information is fingerprint characteristics, face characteristics and iris characteristics corresponding to the information collector.
Further, the user login stage includes:
the method comprises the steps that a user sends a login request to a local server, and the local server starts an information collector to collect characteristic information;
the key management equipment encrypts the characteristic information and returns the characteristic information to the local server, and the local server searches in a first database according to the encrypted characteristic information to obtain a corresponding parameter I and an encrypted parameter P;
Calculating a parameter A=gA by a local server, wherein a is a random number, g is a fixed parameter in a system, and transmitting the parameter I and the parameter A to an identity authentication server;
step four, the identity authentication server finds a parameter v and a parameter s in a second database according to a parameter I, and calculates a parameter B=kv+gb, wherein a parameter k=hash (N, g), N is a fixed large prime number, and g is a fixed number in N;
step five, the identity authentication server sends the parameter s and the parameter B to the local server;
Step six, the local server side and the identity authentication server side calculate parameters u=hash (A, B), the local server side calculates parameters x=hash (S, P), parameters S1= (B-kg≡x) ≡a+ux), parameters K1=hash (S1), and the identity authentication server side calculates parameters S2= (Av≡u) ≡b, K2=hash (S2);
Step seven, the local server calculates parameters M1=hash (Hash (N) xor Hash (g), hash (I), s, A, B, K1) and sends the parameters to the identity authentication server;
step eight, the identity authentication server also calculates a parameter M2 and checks the parameter M1 with the received parameter M1, and after the verification is passed, the parameter K1 is stored in a memory as a session key;
Step nine, the identity authentication server calculates Hash (A, M2, K2) and returns the Hash value to the local server;
And step ten, the local server receives the Hash (A, M2, K2), calculates the Hash (A, M1, K1) to check, and stores the parameter K2 in the memory as a session key after the check is passed.
Specifically, after the verification in the step ten is passed, the parameter K1 and the parameter K2 are used as trusted token of the user.
Further, the first database is a local storage system of a local server, the second database is a local storage system of an identity authentication server, and the local server and the identity authentication server can be data circuit terminating equipment such as a hub and a switch and/or data terminal equipment such as a host and a server.
Further, the key management device is a mobile device that can encrypt and decrypt information.
The invention also provides a multiple identity authentication system, which comprises a user terminal and a server, wherein the user terminal comprises an information collector and key management equipment.
The invention also provides a computer device, which comprises a memory and a processor, wherein executable codes are stored in the memory, and when the processor executes the executable codes, any method is realized.
The invention also proposes a computer readable storage medium, characterized in that the computer readable storage medium stores computer executable instructions that, when invoked and executed by a processor, cause the processor to implement any of the methods described above.
Compared with the prior art, the method solves the problems of complicated multiple identity authentication steps and lower safety in the prior art, and firstly ensures that a user can perform identity authentication according to a personal identification code or a section of biological identification information by adding an information acquisition step, and simultaneously encrypts the biological information in mobile encryption and decryption equipment to ensure that data is not exposed.
Drawings
FIG. 1 is a schematic diagram of a user registration process in an embodiment of the present invention;
FIG. 2 is a schematic diagram of a user login procedure according to an embodiment of the present invention;
fig. 3 is a schematic diagram of a computer device according to an embodiment of the present invention.
Detailed Description
The present invention will be described in detail below with reference to the accompanying drawings by way of text recognition.
The present embodiment is implemented on the premise of the technical scheme of the present invention, and a detailed implementation manner and a specific operation process are given, but the protection scope of the present invention is not limited to the following examples.
The embodiment of the invention provides a multiple identity authentication method, which takes fingerprint information collected by an information collector as an example, and details specific steps of the identity authentication method provided by the embodiment of the invention. The identity authentication comprises two stages, namely a user registration stage and a user login stage. Referring to fig. 1, the user registration phase steps are as follows:
the method comprises the steps that a local server receives registration information of a user, starts an information collector to acquire and store characteristic information of the user, and returns the characteristic information to the local server;
In the embodiment of the invention, the local server is deployed at the terminal (desktop or notebook) of the user and mainly has the functions of interacting with fingerprint acquisition equipment and hardware encryption equipment such as Ukey to complete fingerprint acquisition and identification and encrypt key parameters. The local server opens a registration interface for the user and is used for receiving registration information of the user, mainly name, gender and the like. After the user inputs registration information, the local server starts a driver of the fingerprint collector and waits for the user to press the identification area, and after the fingerprint collector collects the user fingerprint, the fingerprint features are stored in the fingerprint collector and returned to the local server.
Step two, the local server acquires an IP address and an MAC address of a local equipment network card, generates random salt s, and generates an IP parameter P of the IP address, an MAC parameter I of the MAC address, a parameter x and a parameter v by utilizing a hash function, wherein the generation formula is as follows, and g is a fixed parameter in a fixed large prime number N range:
p=hash (IP address+characteristic information+random number)
I=hash (MAC address+feature information)
X=hash (random salt s, P)
v=g^x
In the embodiment of the present invention, the random number in the parameter P is not limited and may be any natural number. After the parameters are generated, the key management device is started. The key management device is a mobile device capable of encrypting and decrypting information, and is preferably Ukey in the embodiment of the present invention.
Starting key management equipment to encrypt the characteristic information and the parameter P, and returning the encrypted characteristic information and the parameter P to the local server, wherein the local server stores the registration information, the parameter I, the encrypted parameter P and the encrypted characteristic information in a first database, and sends the registration information, the parameter I, the parameter v and the random salt s to an identity authentication server;
And fourthly, the identity authentication server stores the received parameter I, the parameter v and the random salt s into a second database, and sends user registration completion information to the local server.
In the identity authentication method provided by the embodiment of the invention, the risk of information leakage, tampering or counterfeiting of information during identity information registration in a network is avoided in a user registration stage in an off-line identity information registration mode, and simultaneously the biological characteristics of the user are added, so that the safety is enhanced under the condition of not increasing operation steps. In the subsequent process of user login and encryption transmission, the IP and MAC addresses of the server where the software service is located can be used as identity authentication factors for identity authentication, and once the network environment is changed, the identity authentication cannot pass, and the subsequent operation is terminated.
Further, referring to fig. 2, the user login phase steps are as follows:
the method comprises the steps that a user sends a login request to a local server, and the local server starts an information collector to collect characteristic information;
in the embodiment of the invention, after a user requests a login interface from a local server, the local server starts a driver of a fingerprint collector to collect fingerprints, and sends the collected fingerprint characteristics to a key management device Ukey.
The key management equipment encrypts the characteristic information and returns the characteristic information to the local server, and the local server searches in a first database according to the encrypted characteristic information to obtain a corresponding parameter I and an encrypted parameter P;
Calculating a parameter A=gA by a local server, wherein a is a random number, g is a fixed parameter in a system, and transmitting the parameter I and the parameter A to an identity authentication server;
step four, the identity authentication server finds a parameter v and a parameter s in a second database according to a parameter I, and calculates a parameter B=kv+gb, wherein a parameter k=hash (N, g), N is a fixed large prime number, and g is a fixed number in N;
step five, the identity authentication server sends the parameter s and the parameter B to the local server;
Step six, the local server side and the identity authentication server side calculate parameters u=hash (A, B), the local server side calculates parameters x=hash (S, P), parameters S1= (B-kg≡x) ≡a+ux), parameters K1=hash (S1), and the identity authentication server side calculates parameters S2= (Av≡u) ≡b, K2=hash (S2);
Step seven, the local server calculates parameters M1=hash (Hash (N) xor Hash (g), hash (I), s, A, B, K1) and sends the parameters to the identity authentication server;
step eight, the identity authentication server also calculates a parameter M2 and checks the parameter M1 with the received parameter M1, and after the verification is passed, the parameter K1 is stored in a memory as a session key;
Step nine, the identity authentication server calculates Hash (A, M2, K2) and returns the Hash value to the local server;
And step ten, the local server receives the Hash (A, M2, K2), calculates the Hash (A, M1, K1) to check, and stores the parameter K2 in the memory as a session key after the check is passed.
In the embodiment of the invention, the fingerprint information is combined with the traditional identity authentication method, and the fingerprint characteristics are added into the parameter operation, so that the security of the identity authentication is improved under the condition of not increasing operation steps. The information collector in the embodiment of the invention can collect iris information, face information, voiceprint information and other biological characteristics, and takes fingerprint information as an example.
The embodiment of the invention also provides a multiple identity authentication system which comprises the user terminal and the server. The user terminal comprises an information collector and key management equipment. The system operation method is the same as the above embodiment and will not be described again.
An embodiment of the present invention further provides a computer device, referring to fig. 3, including a processor and a memory. Wherein the processor is adapted to execute executable modules, such as computer programs, stored in the memory.
The memory may include a high-speed random access memory (RAM, random Access Memory), and may further include a non-volatile memory (non-volatile memory), such as at least one disk memory. The memory is used for storing a program, the processor executes the program after receiving an execution instruction, and the method disclosed in any of the foregoing embodiments of the present invention may be applied to the processor or implemented by the processor.
The processor may be an integrated circuit chip having signal processing capabilities. In implementation, the steps of the above method may be performed by integrated logic circuits of hardware in a processor or by instructions in the form of software. The processor may be a general-purpose processor including a central Processing unit (Central Processing Unit, CPU), a network processor (Network Processor, NP), a digital signal processor (DIGITAL SIGNAL Processing, DSP), an Application SPECIFIC INTEGRATED Circuit (ASIC), a Field-Programmable GATE ARRAY (FPGA), a Programmable logic device, a discrete gate or transistor logic device, or a discrete hardware component. The disclosed methods, steps, and logic blocks in the embodiments of the present invention may be implemented or performed. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like. The steps of the method disclosed in connection with the embodiments of the present invention may be embodied directly in the execution of a hardware decoding processor, or in the execution of a combination of hardware and software modules in a decoding processor. The software modules may be located in a random access memory, flash memory, read only memory, programmable read only memory, or electrically erasable programmable memory, registers, etc. as well known in the art. The storage medium is located in a memory, and the processor reads the information in the memory and, in combination with its hardware, performs the steps of the above method.
The identity authentication method, the device and the computer program product of the computer readable storage medium provided by the embodiments of the present invention include the computer readable storage medium storing the program code, and the instructions included in the program code may be used to execute the method described in the foregoing method embodiment, and specific implementation may refer to the method embodiment and will not be repeated herein.
The embodiment of the invention adds two hardware of the information collector and the key management equipment on the basis of the traditional identity authentication method, encrypts the biological characteristic information and then uses the biological characteristic information for identity authentication, thereby simplifying the flow of the identity authentication, enhancing the safety of the identity authentication and ensuring that the personal information of the user is not revealed.
The scope of the present invention is defined by the appended claims, and the techniques, methods, and uses of the techniques, methods, and techniques for text recognition, speech recognition, or image recognition and video signal processing, all of which are intended to be part of the claims of the present specification, and are intended to be protected by the relevant law, as the activation functions constructed in accordance with the present invention are part of the neural network for text recognition, speech recognition, and image recognition and video signal processing.
Claims (8)
1. The multiple identity authentication method is characterized by comprising a user registration stage and a user login stage, wherein the user registration stage comprises the following steps:
the method comprises the steps that a local server receives registration information of a user, starts an information collector to acquire and store characteristic information of the user, and returns the characteristic information to the local server;
step two, the local server acquires the IP address and the MAC address of the local equipment network card, generates random salt s, and generates an IP parameter P of the IP address, an MAC parameter I of the MAC address, a parameter x and a parameter v by utilizing a hash function, wherein the generation formula is as follows:
;
;
;
v;
wherein g is a fixed parameter within a fixed large prime number N range;
Starting key management equipment to encrypt the characteristic information and the parameter P, and returning the encrypted characteristic information and the parameter P to the local server, wherein the local server stores the registration information, the parameter I, the encrypted parameter P and the encrypted characteristic information in a first database, and sends the registration information, the parameter I, the parameter v and the random salt s to an identity authentication server;
And fourthly, the identity authentication server stores the received parameter I, the parameter v and the random salt s into a second database, and sends user registration completion information to the local server.
2. The multiple identity authentication method according to claim 1, wherein the information collector comprises a fingerprint collector, a face collector and an iris collector, and the characteristic information is fingerprint characteristics, face characteristics and iris characteristics corresponding to the information collector.
3. The multiple identity authentication method according to claim 1, wherein the user login phase comprises:
The user sends a login request to the local server, and the local server starts the information collector to collect the characteristic information;
The key management equipment encrypts the characteristic information and returns the characteristic information to the local server; the local server searches in the first database according to the encrypted characteristic information to obtain the corresponding parameter I and the encrypted parameter P; the key management equipment decrypts the encrypted parameter P, obtains the parameter P and returns the parameter P to the local server;
calculating a parameter A=gA by the local server, wherein a is a random number, g is a fixed parameter in a system, and sending the parameter I and the parameter A to the identity authentication server;
Step four, the identity authentication server finds the parameter v and the parameter s in the second database according to the parameter I, and calculates a parameter B=kv+gζb, wherein, a parameter k=hash (N, g);
Step five, the identity authentication server sends the parameter s and the parameter B to the local server;
Step six, the local server side and the identity authentication server side calculate parameters u=hash (A, B), the local server side calculates parameters x=hash (S, P), parameters S1= (B-kg x)/(a+ux), parameters K1=hash (S1), and the identity authentication server side calculates parameters S2= (Avu B, K2=hash (S2);
Step seven, the local server calculates parameters M1=hash (Hash (N) xor Hash (g), hash (I), s, A, B, K1) and sends the parameters to the identity authentication server;
Step eight, the identity authentication server also calculates a parameter M2 and checks the parameter M1 with the received parameter M1, and after the verification is passed, the parameter K1 is stored in a memory as a session key;
step nine, the identity authentication server calculates Hash (A, M2, K2) and returns the Hash value to the local server;
And step ten, the local server receives the Hash (A, M2, K2), calculates the Hash (A, M1, K1) to check, and stores the parameter K2 in the memory as a session key after the verification is passed.
4. The multiple identity authentication method according to claim 2, further comprising the step of using the parameter K1 and the parameter K2 as trusted token for the user after the verification of the step ten is passed.
5. The multiple identity authentication method according to claim 1, wherein the first database is a local storage system of the local server, the second database is a local storage system of the identity authentication server, and the local server and the identity authentication server may be a data circuit terminating device such as a hub, a switch, and/or a data terminal device such as a host, a server, and the like.
6. The multiple identity authentication method according to claim 1, wherein the key management device is a mobile device capable of encrypting and decrypting information.
7. A computer device comprising a memory having executable code stored therein and a processor which, when executing the executable code, implements the method of any of claims 1-6.
8. A computer readable storage medium storing computer executable instructions which, when invoked and executed by a processor, cause the processor to implement an identity authentication method according to any one of claims 1-6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310181285.2A CN116318909B (en) | 2023-02-27 | 2023-02-27 | A multi-factor authentication method, device and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310181285.2A CN116318909B (en) | 2023-02-27 | 2023-02-27 | A multi-factor authentication method, device and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN116318909A CN116318909A (en) | 2023-06-23 |
| CN116318909B true CN116318909B (en) | 2026-01-02 |
Family
ID=86837236
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202310181285.2A Active CN116318909B (en) | 2023-02-27 | 2023-02-27 | A multi-factor authentication method, device and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN116318909B (en) |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101621794A (en) * | 2009-07-07 | 2010-01-06 | 董志 | Method for realizing safe authentication of wireless application service system |
| CN111835752A (en) * | 2020-07-09 | 2020-10-27 | 国网山西省电力公司信息通信分公司 | Lightweight authentication method and gateway based on device identity |
Family Cites Families (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103608829A (en) * | 2011-01-18 | 2014-02-26 | 舍德Ip有限责任公司 | System and method for computerized negotiations based on coded integrity |
| US20160192194A1 (en) * | 2014-12-29 | 2016-06-30 | Gongming Yang | Secure way to build internet credit system and protect private information |
| CN111931144B (en) * | 2020-06-03 | 2023-04-07 | 南京南瑞信息通信科技有限公司 | Unified safe login authentication method and device for operating system and service application |
-
2023
- 2023-02-27 CN CN202310181285.2A patent/CN116318909B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101621794A (en) * | 2009-07-07 | 2010-01-06 | 董志 | Method for realizing safe authentication of wireless application service system |
| CN111835752A (en) * | 2020-07-09 | 2020-10-27 | 国网山西省电力公司信息通信分公司 | Lightweight authentication method and gateway based on device identity |
Also Published As
| Publication number | Publication date |
|---|---|
| CN116318909A (en) | 2023-06-23 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| EP3905078B1 (en) | Identity verification method and system therefor | |
| US9755830B2 (en) | Dynamic seed and key generation from biometric indicia | |
| CN106330850B (en) | Security verification method based on biological characteristics, client and server | |
| TWI776404B (en) | Method of authenticating biological payment device, apparatus, electronic device, and computer-readable medium | |
| US9887983B2 (en) | Apparatus and method for implementing composite authenticators | |
| CN107294900B (en) | Identity registration method and device based on biological characteristics | |
| US9219722B2 (en) | Unclonable ID based chip-to-chip communication | |
| US9485098B1 (en) | System and method of user authentication using digital signatures | |
| CN113678131B (en) | Protecting online applications and websites using blockchain | |
| WO2020073513A1 (en) | Blockchain-based user authentication method and terminal device | |
| KR20070024633A (en) | Renewable and Private Biometric | |
| CN110659467A (en) | Remote user identity authentication method, device, system, terminal and server | |
| US20230042508A1 (en) | Securely communicating service status in a distributed network environment | |
| Ziyad et al. | Critical review of authentication mechanisms in cloud computing | |
| US20220263818A1 (en) | Using a service worker to present a third-party cryptographic credential | |
| Song et al. | Trustcube: An infrastructure that builds trust in client | |
| Wong et al. | Secure biometric-based authentication for cloud computing | |
| US11177958B2 (en) | Protection of authentication tokens | |
| CN119583157B (en) | A device access method, apparatus, authentication server, and storage medium. | |
| CN116318909B (en) | A multi-factor authentication method, device and storage medium | |
| Sudha et al. | A survey on different authentication schemes in cloud computing environment | |
| Wong et al. | Towards Biometric-based Authentication for Cloud Computing. | |
| CN111131153A (en) | Biological identity information authentication method based on 5G cloud and mist mixed unified authentication platform | |
| TW202101299A (en) | Multi-factor dynamic quick response code authentication system and method | |
| CN111083156B (en) | Authentication method, apparatus, electronic device and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |