Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

A method of security control flow execution

A security control and process technology, applied in the field of computer programs, can solve problems such as insufficient security of multi-stage request processes, and achieve high security, easy expansion, and simple effects

Inactive Publication Date: 2019-03-26
CITIC AIBANK CORPORATION LIMITED
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] In order to solve the problem that each stage of the multi-stage request process is not fully executed or the skip-stage request is recognized, the security of the multi-stage request process is insufficient, so as to strictly control the visitor's access to the pre-set interactive nodes and prevent " The effect of "out of the route", the present invention provides a method for safe control process execution, such as figure 1 As shown, it specifically includes the following steps:

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A method of security control flow execution
  • A method of security control flow execution
  • A method of security control flow execution

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0037] Such as image 3 As shown, this embodiment is an example process of simulating account opening. Account opening is the last node, and the pre-intermediate nodes include requesting face, identity verification, card verification, and SMS verification. only process nodes.

[0038] Since the request involves many services, the process is also decomposed into multiple stages in the functional design, resulting in the fact that one request cannot complete the business operation. It needs to interact with the background multiple times and record the corresponding status data in the background before it can be truly implemented. effective interaction. However, the whole process is very long, and if a potential illegal user wants to tamper with the request operation to illegally open an account, it may have immeasurable consequences.

[0039] The entire process is pre-defined, not only a certain operation, but even multiple processes will also be considered illegal requests, b...

Embodiment 2

[0047] When a process node contains a dynamic node, once the dynamic node is triggered, the preset score will change. Taking the process of transferring money to an unbound card as an example, there are several ways to transfer out to an unbound card. Here, the fingerprint payment process is used to illustrate. The process includes: fingerprint (11 points)->SMS (7 points)- >Face (3 points)[Dynamic]->Transfer without binding card, in which 'face' is a dynamic node in this process, if the user's single transfer amount exceeds the preset amount, the 'face' node will be triggered , the preset score for the whole process is 231. If the user's single transfer amount does not exceed the preset amount, the face node will not be triggered, and the preset score is 77 points.

[0048] If the user transfers out of the non-bound card in a single transaction and exceeds the limit of a single preset amount, the new preset score will be recalculated to become 231 points. On the contrary, it ...

Embodiment 3

[0051] Step 1: Define a preset database table for recording process control request records, which mainly includes: process name, preset score, process number, status, actual score, etc.

[0052] Step 2: Sort out the process of existing multi-stage scenarios, and pre-define each scenario, including specific intermediate nodes and final nodes, and define their process names. (either file configuration or database storage)

[0053] Step 3: Define each specific process node in the process, and define a name and a score for the node, where the score must be a prime number. (either file configuration or database storage)

[0054] Step 4: To integrate the business logic, you only need to add the annotation MpbFlowControl field to the execution method corresponding to each node in the specific process. The specific parameters include node score, whether it is the final node, role, process definition, etc. .

[0055] Step 5: Since the current code has been sealed, it is not allowed...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to a method for executing a safety control flow, which comprises the following steps: 1) presetting a flow path and a node score; 2) presetting that final score; 3) identifying that cal process. 4) comparing that actual final score with the preset final score to determine whether to execute the process: judging the attribute of the current node; if the node is the intermediate node, calculating according to the preset algorithm, and taking the calculate result as the actual score; If the node is the final node, carrying out the calculation according to the preset algorithm, and taking the calculated result as the actual final score; Judging whether the actual final score is consistent with the preset final score, and if so, continuing to execute; Refuse to execute ifinconsistent. The invention can prevent the unsafe problem that the skip request is recognized in the multi-stage request flow, can achieve the effect of strictly controlling the visitor to access thepreset interaction node, and can prevent the visitor from disconnecting from the route.

Description

technical field [0001] The patent of the present invention relates to a method of security control process execution, which is mainly used for the security control method of multi-stage request process execution, applied in the field of computer programs, including the security control of the execution process of computer-side programs and mobile-side program execution processes. Background technique [0002] Traditional mobile applications use atomic operations, that is, to pass the dependent or required request data to the service backend for processing as much as possible, avoiding or reducing multiple requests as much as possible; in this way, both from the perspective of security and system implementation Is a relatively simple feasible method. However, with the development of the Internet, Internet-based web-side products are also springing up. Considering the user experience, the rationality of system interaction, and system expansion, business operations in some scen...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06Q10/06
CPCG06Q10/0633
Inventor 不公告发明人
Owner CITIC AIBANK CORPORATION LIMITED
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com