Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

A cross-domain security authentication method based on information separation management

An authentication method and domain security technology, applied in key distribution, which can solve the problems of complex password settings, threats to account security, threats to "password" security, etc.

Active Publication Date: 2019-04-16
葛峰
View PDF5 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0002] At present, with the widespread use of Internet technology in life, almost everyone needs to establish their own account identity in the online world, and the common methods for network identity authentication are mainly "username" and "password"; Life is everywhere, so users need to remember and manage more and more "passwords". However, even so, various new types of password cracking technologies that continue to emerge are still seriously threatening the security of "passwords", especially such as "password dictionary" and "social engineering" (commonly known as "crash library"), etc. With the application of password cracking technology, traditional password protection methods are almost difficult to guarantee "password security"
[0003] The root cause of this kind of password security problem is that the network service provider holds the user's account information and password information at the same time, just like putting the key and the lock together. Once the network is attacked, the user account will be leaked. At the same time, The leakage of user account information of a network server will also seriously threaten the security of the user's account in other network service providers, resulting in the security of the user account is often in a very dangerous situation

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A cross-domain security authentication method based on information separation management

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0084] A cross-domain security authentication method based on information separation management, which includes a registration step and a login step;

[0085] Registration steps include:

[0086] S1-1. Various websites (including APP clients, web pages, and other forms of network service sites) that need to activate authentication services send requests to the authentication server of the security authentication system to apply for activation of security authentication services; the authentication server authorizes each website to access authentication server permissions;

[0087]S1-2. The user uses a network terminal to access any website, and registers an account on the website (when registering an account on a website, common input information may include mobile phone number, ID number, address, email address and / or user name, etc. One or more of them, the website assigns a registered account IDa to it; wherein, the registered account IDa or other identity information that...

Embodiment 2

[0101] On the basis of Embodiment 1, in order to prevent the data transmitted between the authentication server and the website, between the authentication APP and the authentication server from being intercepted;

[0102] Step S2-1 also includes:

[0103] The authentication server issues the key K0 to the background server of the website;

[0104] The background server of the website uses the key K0 to encrypt the visual verification information Str1 and the user code Ca, and then encrypts and transmits it to the authentication server through SSL encryption. After receiving it, the authentication server decrypts it with the key K0 to obtain the visual verification information Str1 and the user code Ca and recorded in the database;

[0105] After the authentication APP establishes communication with the authentication server, when accessing the authentication server for the first time, the authentication server issues a key K1 to the authentication APP; in step S2-2, the auth...

Embodiment 3

[0107] On the basis of Embodiment 1, in order to confirm the authenticity of the feedback information sent back by the authentication server and prevent the authentication server from being forged, in the registration step, steps S1-4, S2-1, and S2-2 also include:

[0108] S1-4, the background server of the website also generates a random character string Str2 for the username Na;

[0109] S2-1. The background server of the website also transmits the random character string Str2 to the authentication server;

[0110] S2-2. After the authentication server associates the user code Ca of the website, the hardware device identification code IDp, and the identification code X, it also includes:

[0111] A. The authentication server transmits the random character string Str2 and the identification code X to the authentication APP installed on the mobile terminal whose corresponding hardware device identification code is IDp;

[0112] B. The authentication APP uses obfuscation techn...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to an information-separation-management-based cross-domain safety authentication method. A user carries out registration by using a user name Na at a website, and the website establishes an association relationship between the Na and Ca without the need for setting a password of an account; the website establishes a correspondence relationship with an authentication APP by an authentication server, wherein the website establishes a correspondence relationship with the authentication server by the Ca, the authentication server establishes a correspondence relationship between the Ca and an identification code, and the authentication APP establishes a correspondence relationship between an identification code X and the user name Na, and data interaction is carried out based on the above-mentioned correspondence relationships during logging-in steps. According to the invention, complete information of an account of a user is segmented and the segmented information is managed respectively by third parties; and authentication is carried out by executing three authentication links from a website, an authentication server, and a mobile terminal device each time, thereby realizing safety identity authentication. No complete data can be obtained even though one or two links are cracked, so that safety and reliability are improved.

Description

technical field [0001] The invention belongs to the field of network security, and relates to a safe identity authentication method. In particular, in the authentication method, the user does not need to use a password. Specifically, it is a method of dividing and separately managing the user's account information to realize High security level authentication technology. Background technique [0002] At present, with the widespread use of Internet technology in life, almost everyone needs to establish their own account identity in the online world, and the common methods for network identity authentication are mainly "username" and "password"; Life is everywhere, so users need to remember and manage more and more "passwords". However, even so, various new types of password cracking technologies that continue to emerge are still seriously threatening the security of "passwords", especially such as "password dictionary" and "social engineering" (commonly known as "crash libra...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L9/08H04L29/06
CPCH04L9/0819H04L9/0825H04L9/0861H04L63/083
Inventor 葛峰
Owner 葛峰
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products