Nothing Special   »   [go: up one dir, main page]

CN106878327A - Towards the login method of auto service platform - Google Patents

Towards the login method of auto service platform Download PDF

Info

Publication number
CN106878327A
CN106878327A CN201710172770.8A CN201710172770A CN106878327A CN 106878327 A CN106878327 A CN 106878327A CN 201710172770 A CN201710172770 A CN 201710172770A CN 106878327 A CN106878327 A CN 106878327A
Authority
CN
China
Prior art keywords
service platform
party application
application system
auto service
user
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201710172770.8A
Other languages
Chinese (zh)
Inventor
王权
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Jiangsu Jinyida Supply Chain Management Co Ltd
Original Assignee
Jiangsu Jinyida Supply Chain Management Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Jiangsu Jinyida Supply Chain Management Co Ltd filed Critical Jiangsu Jinyida Supply Chain Management Co Ltd
Priority to CN201710172770.8A priority Critical patent/CN106878327A/en
Publication of CN106878327A publication Critical patent/CN106878327A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0815Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/321Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

The invention discloses a kind of login method towards auto service platform, including:1, user associates the third-party application system of ready access in auto service platform login account;2, crypto identity checking information;Auto service platform is that each third-party application system is distributed an identity and acts on behalf of re-encrypted private key;3, when logging in auto service platform, the ciphertext after crypto identity checking information with storage in background server is compared, identical, logins successfully;4, when redirecting access third-party application system, by acting on behalf of re-encryption, third-party application system obtains the authentication information of user in plain text, user's Successful login third-party application system.The present invention realizes multiple third-party application systems and shares authentication information with auto service platform based on Re-encryption Technology is acted on behalf of, and user logs in multiple application systems, realizes " once logging in, multi-party certification " by need to only remembeing an account name and password.

Description

Towards the login method of auto service platform
Technical field
Present invention relates particularly to a kind of login method towards auto service platform.
Background technology
At present, the development of trading electronic commerce has attracted the concern of various circles of society, and government department also pays high attention to China's trade The future development of easy ecommerce, to build an environment for being conducive to it to develop, all departments launch respectively related measure, set up Auto service platform(Substantially network service platform)Carry out A clear guidance trading electronic commerce.Auto service platform interior is disposed Substantial amounts of application system, such as transaction platform, manufacturing enterprise's system, government notice system, logistical tracking systems.These systems Often interrelated in business and authentication mechanism is independent mutually.With the expansion of system quantity, the login for constantly repeating, largely Authentication information memory all bring inconvenience to user, reduce Consumer's Experience, increased security risk;In addition, authentication information Redundancy increased management cost, the asynchronous of change is easier to cause the inconsistent of data, in addition, new system certification mould Block needs stand-alone development also to increase development difficulty.
The content of the invention
It is an object of the invention to overcome deficiency of the prior art, there is provided towards the login side of auto service platform Method, based on Re-encryption Technology is acted on behalf of, realizes multiple third-party application systems and shares authentication information with auto service platform.
In order to solve the above technical problems, the invention provides a kind of login method towards auto service platform, including with Lower step:
Step S1, user fills in accounts information and associates ready access in the account first in auto service platform login account Third-party application system, accounts information include authentication information;
Step S2, auto service platform encrypts the authentication information for logging in, the public key generated with AES to it After obtain original cipher text, by original cipher text storage in the background server of auto service platform;
Simultaneously for the third-party application system that ready access is associated in account, auto service platform is each third-party application system One identity of distribution, and be that the generation of each third-party application system accesses key pair using AES, based on key generation Act on behalf of re-encrypted private key;Then by identity and key to sending to each third-party application system;Simultaneously also by identity Stored with acting on behalf of re-encrypted private key and sending to background server;
Step S3, when user logs in auto service platform next time, authentication information is filled in login page, and auto service is put down Ciphertext after the private key encryption that platform generates this authentication information AES with storage in background server is compared, If identical, checking eligible users are logined successfully;
Step S4, when client by auto service platform redirect access third-party application system when, third-party application system first to Background server sends identity and access request, and background server acts on behalf of re-encryption according to its identity acquisition is corresponding Key, is encrypted using re-encrypted private key is acted on behalf of to the original cipher text of account number name, obtains re-encryption ciphertext, and background server will Re-encryption ciphertext is sent to corresponding third-party application system, and third-party application system is entered after receiving re-encryption ciphertext with private key Row decryption, obtains the account number name of user in plain text, user's Successful login third-party application system.
Further, if background server does not find and the transmission of third-party application system in all identity What identity matched, then illustrate that user does not associate this third-party application system, then user can not be from auto service platform Jump to this third-party application system.
Further, AES is Elgamal AESs.
Further, accounts information includes account number name, account number cipher, the pet name, mailbox and telephone number.
Further, the account number name of user is shown in real time in the browsing pages of auto service platform in plain text.
Further, the account number name of user is shown in real time in the browsing pages of third-party application system in plain text.
Compared with prior art, the beneficial effect that is reached of the present invention is:The present invention is based on Elgamal AESs and generation Reason Re-encryption Technology, realizes multiple third-party application systems and shares authentication information with auto service platform, and user only needs Multiple application systems are logged in by remembeing an account name and password, is realized " once logging in, multi-party certification ".And third-party application System only obtains account number name, in this case it is not apparent that the account number cipher of user, ensures the safety of password, reduces the possibility that password is exposed Property.The inventive method is simple, facilitates user, is favorably improved the information resources share of multiple auto service platforms, and convenient The unified management of user profile.
Brief description of the drawings
Fig. 1 is the schematic flow sheet of login method of the present invention.
Specific embodiment
The invention will be further described below in conjunction with the accompanying drawings.Following examples are only used for clearly illustrating the present invention Technical scheme, and can not be limited the scope of the invention with this.
A kind of login method towards auto service platform of the invention, as shown in figure 1, comprising the following steps:
Step S1, user fills in accounts information and associates ready access in the account first in auto service platform login account Third-party application system, the wherein accounts information information such as including account number name, account number cipher, the pet name, mailbox, telephone number; When logging in auto service platform, generally only need to be input into correct account number name and account number cipher, in the present invention by account number name with Account number cipher is referred to as authentication information.Described third-party application system, refers to that can be linked in auto service platform herein Manufacturing enterprise's system, government notice system, logistical tracking systems for redirecting etc..Multiple third-party application systems can be associated herein System, can be included in show in auto service platform all can the third-party application system that arrives of redirected link.
Step S2, auto service platform will be used for the authentication information for logging in, with the public key of AES generation to it Original cipher text is obtained after encryption, by original cipher text storage in the background server of auto service platform;
Simultaneously for the third-party application system that ready access is associated in account, auto service platform is each third-party application system One identity of distribution, and be that the generation of each third-party application system accesses key pair using AES, based on key generation Act on behalf of re-encrypted private key;Then by identity and key to sending to each third-party application system;Simultaneously also by identity Stored with acting on behalf of re-encrypted private key and sending to background server.
Step S3, when user logs in auto service platform next time, authentication information, trade clothes is filled in login page Ciphertext after the private key encryption that this authentication information generate with AES by business platform with storage in background server is carried out Compare, if identical, checking eligible users are logined successfully;Show the account of user in real time in the browsing pages of auto service platform Number name.
Step S4, when client redirects access third-party application system by auto service platform, third-party application system Identity and access request first are sent to background server, background server obtains corresponding agency's weight according to its identity Encryption key, is encrypted using re-encrypted private key is acted on behalf of to the original cipher text of account number name, obtains re-encryption ciphertext, background service Device sends to corresponding third-party application system re-encryption ciphertext, and third-party application system uses private after receiving re-encryption ciphertext Key is decrypted, and obtains the account number name of user in plain text, user's Successful login third-party application system.In third-party application system The account number name of user is shown in browsing pages in real time.
If background server does not find the identity sent with third-party application system in all identity Match, then illustrate that user does not associate this third-party application system, then user can not jump to this from auto service platform Third-party application system.
Used as the preferred embodiments of the present invention, AES can use Elgamal AESs of the prior art or RSA AES.
The above is only the preferred embodiment of the present invention, it is noted that for the ordinary skill people of the art For member, on the premise of the technology of the present invention principle is not departed from, some improvement and modification can also be made, these are improved and modification Also should be regarded as protection scope of the present invention.

Claims (6)

1. a kind of login method towards auto service platform, it is characterized in that, comprise the following steps:
Step S1, user fills in accounts information and associates ready access in the account first in auto service platform login account Third-party application system, accounts information include authentication information;
Step S2, auto service platform encrypts the authentication information for logging in, the public key generated with AES to it After obtain original cipher text, by original cipher text storage in the background server of auto service platform;
Simultaneously for the third-party application system that ready access is associated in account, auto service platform is each third-party application system One identity of distribution, and be that the generation of each third-party application system accesses key pair using AES, based on key generation Act on behalf of re-encrypted private key;Then by identity and key to sending to each third-party application system;Simultaneously also by identity Stored with acting on behalf of re-encrypted private key and sending to background server;
Step S3, when user logs in auto service platform next time, authentication information is filled in login page, and auto service is put down Ciphertext after the private key encryption that platform generates this authentication information AES with storage in background server is compared, If identical, checking eligible users are logined successfully;
Step S4, when client by auto service platform redirect access third-party application system when, third-party application system first to Background server sends identity and access request, and background server acts on behalf of re-encryption according to its identity acquisition is corresponding Key, is encrypted using re-encrypted private key is acted on behalf of to the original cipher text of account number name, obtains re-encryption ciphertext, and background server will Re-encryption ciphertext is sent to corresponding third-party application system, and third-party application system is entered after receiving re-encryption ciphertext with private key Row decryption, obtains the account number name of user in plain text, user's Successful login third-party application system.
2. the login method towards auto service platform according to claim 1, it is characterized in that, if background server is in institute Have and do not find what the identity sent with third-party application system matched in identity, then illustrate that user is not closed Join this third-party application system, then user can not jump to this third-party application system from auto service platform.
3. the login method towards auto service platform according to claim 1, it is characterized in that, AES is Elgamal AESs.
4. the login method towards auto service platform according to claim 1, it is characterized in that, accounts information includes account number Name, account number cipher, the pet name, mailbox and telephone number.
5. the login method towards auto service platform according to claim 1, it is characterized in that, in auto service platform The account number name of user is shown in browsing pages in real time in plain text.
6. the login method towards auto service platform according to claim 1, it is characterized in that, in third-party application system Browsing pages in real time display user account number name in plain text.
CN201710172770.8A 2017-03-22 2017-03-22 Towards the login method of auto service platform Pending CN106878327A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710172770.8A CN106878327A (en) 2017-03-22 2017-03-22 Towards the login method of auto service platform

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710172770.8A CN106878327A (en) 2017-03-22 2017-03-22 Towards the login method of auto service platform

Publications (1)

Publication Number Publication Date
CN106878327A true CN106878327A (en) 2017-06-20

Family

ID=59172352

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710172770.8A Pending CN106878327A (en) 2017-03-22 2017-03-22 Towards the login method of auto service platform

Country Status (1)

Country Link
CN (1) CN106878327A (en)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107277066A (en) * 2017-08-11 2017-10-20 中国银行股份有限公司 Account management method, portable electric appts and account management system
CN108229805A (en) * 2017-12-27 2018-06-29 苏州工业园区报关有限公司 Rule dynamic evaluating system and its method are closed in trade
CN108810010A (en) * 2018-06-29 2018-11-13 芜湖奥优商贸有限公司 A kind of information sharing method for internet trade information service platform
CN111107060A (en) * 2019-11-29 2020-05-05 视联动力信息技术股份有限公司 Login request processing method, server, electronic equipment and storage medium
CN112543166A (en) * 2019-09-20 2021-03-23 北京思源政通科技集团有限公司 Real name login method and device

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101626364A (en) * 2008-07-08 2010-01-13 赵运磊 Method for authentication for resisting secrete data disclosure and key exchange based on passwords
CN101883100A (en) * 2010-06-11 2010-11-10 北京大学 Digital content distributed authorization method
CN102170354A (en) * 2011-04-11 2011-08-31 桂林电子科技大学 Centralized account password authenticating and generating system
CN102655508A (en) * 2012-04-19 2012-09-05 华中科技大学 Method for protecting privacy data of users in cloud environment
CN103179114A (en) * 2013-03-15 2013-06-26 华中科技大学 Fine-grained access control method for data in cloud storage
CN103826220A (en) * 2014-03-12 2014-05-28 西安电子科技大学 Private matching method based on matrix transformation algorithm
EP2755159A1 (en) * 2013-01-09 2014-07-16 Thomson Licensing Method and device for privacy-respecting data processing

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101626364A (en) * 2008-07-08 2010-01-13 赵运磊 Method for authentication for resisting secrete data disclosure and key exchange based on passwords
CN101883100A (en) * 2010-06-11 2010-11-10 北京大学 Digital content distributed authorization method
CN102170354A (en) * 2011-04-11 2011-08-31 桂林电子科技大学 Centralized account password authenticating and generating system
CN102655508A (en) * 2012-04-19 2012-09-05 华中科技大学 Method for protecting privacy data of users in cloud environment
EP2755159A1 (en) * 2013-01-09 2014-07-16 Thomson Licensing Method and device for privacy-respecting data processing
CN103179114A (en) * 2013-03-15 2013-06-26 华中科技大学 Fine-grained access control method for data in cloud storage
CN103826220A (en) * 2014-03-12 2014-05-28 西安电子科技大学 Private matching method based on matrix transformation algorithm

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107277066A (en) * 2017-08-11 2017-10-20 中国银行股份有限公司 Account management method, portable electric appts and account management system
CN108229805A (en) * 2017-12-27 2018-06-29 苏州工业园区报关有限公司 Rule dynamic evaluating system and its method are closed in trade
CN108810010A (en) * 2018-06-29 2018-11-13 芜湖奥优商贸有限公司 A kind of information sharing method for internet trade information service platform
CN112543166A (en) * 2019-09-20 2021-03-23 北京思源政通科技集团有限公司 Real name login method and device
CN112543166B (en) * 2019-09-20 2023-07-21 朗新数据科技有限公司 Real name login method and device
CN111107060A (en) * 2019-11-29 2020-05-05 视联动力信息技术股份有限公司 Login request processing method, server, electronic equipment and storage medium

Similar Documents

Publication Publication Date Title
US20220309490A1 (en) Group signatures for a smart wallet on a blockchain platform
EP3496332B1 (en) Method and system for securely sharing validation information using blockchain technology
US10949388B2 (en) Systems and methods for distributed data storage and delivery using blockchain
US10764051B2 (en) Privacy-preserving identity verification
CN109922077B (en) Identity authentication method and system based on block chain
CN105681273B (en) Client-side deduplication method
US6539093B1 (en) Key ring organizer for an electronic business using public key infrastructure
Moffat et al. A survey on ciphertext-policy attribute-based encryption (CP-ABE) approaches to data security on mobile devices and its application to IoT
CN106878327A (en) Towards the login method of auto service platform
KR101982237B1 (en) Method and system for data sharing using attribute-based encryption in cloud computing
US20120179909A1 (en) Systems and methods for providing individual electronic document secure storage, retrieval and use
CN109447647A (en) A kind of safety payment system based on block chain
US20100154041A1 (en) Transforming claim based identities to credential based identities
CN104158827B (en) Ciphertext data sharing method, device, inquiry server and upload data client
Youn et al. Efficient client-side deduplication of encrypted data with public auditing in cloud storage
Pradeep et al. An efficient framework for sharing a file in a secure manner using asymmetric key distribution management in cloud environment
Xie et al. Cryptanalysis and security enhancement of a robust two‐factor authentication and key agreement protocol
Buccafurri et al. Integrating digital identity and blockchain
CN101815091A (en) Cipher providing equipment, cipher authentication system and cipher authentication method
CN110189184B (en) Electronic invoice storage method and device
CN105577612A (en) Identity authentication method, third party server, merchant server, and user terminal
CN106302411A (en) The secure cloud storage method and system of support file encryption based on windows platform
CN109981287A (en) A kind of code signature method and its storage medium
CN103326856A (en) Cloud storage data responsibility confirmation structure and method based on two-way digital signature
Mukundrao et al. Enhancing security in cloud computing

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20170620