Nothing Special   »   [go: up one dir, main page]

CN101951385B - Service switching method for electronic transaction platform - Google Patents

Service switching method for electronic transaction platform Download PDF

Info

Publication number
CN101951385B
CN101951385B CN 201010503133 CN201010503133A CN101951385B CN 101951385 B CN101951385 B CN 101951385B CN 201010503133 CN201010503133 CN 201010503133 CN 201010503133 A CN201010503133 A CN 201010503133A CN 101951385 B CN101951385 B CN 101951385B
Authority
CN
China
Prior art keywords
service
terminal equipment
request
call token
user
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CN 201010503133
Other languages
Chinese (zh)
Other versions
CN101951385A (en
Inventor
虞钢
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
XIBEN NEW LINE STOCK CO Ltd
Original Assignee
XIBEN NEW LINE STOCK CO Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by XIBEN NEW LINE STOCK CO Ltd filed Critical XIBEN NEW LINE STOCK CO Ltd
Priority to CN 201010503133 priority Critical patent/CN101951385B/en
Publication of CN101951385A publication Critical patent/CN101951385A/en
Application granted granted Critical
Publication of CN101951385B publication Critical patent/CN101951385B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Landscapes

  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)
  • Telephonic Communication Services (AREA)

Abstract

The invention provides a service switching method for an electronic transaction platform, which comprises the steps of: receiving a service order selection request from a terminal device by a multi-identity selection registering device and sending to a unified user management device; receiving the service order selection request by the unified user management device, and generating a service invocation token and feeding back to the multi-identity selection registering device, wherein the service invocation token at least comprises a mechanism to which a user belongs, a character and an access authority; feeding the service invocation token to the terminal device by the multi-identity selection registering device; and receiving an access request of the terminal device and the service invocation token by an application server and verifying whether the service invocation token is matched with the access authority of the access request or not.

Description

Service switching method for electronic transaction platform
Technical field
The present invention relates to electronic trade platform, particularly a kind of service switching method for electronic transaction platform.
Background technology
Along with the deep development of social informatization and networking, increasing commodity transaction can be finished based on electronic trade platform.Electronic trade platform is integrated service user and ISP's's (such as finance, logistics service etc.) information in the lump, thisly integrated the information communication that the platform of resource, information has in many ways effectively promoted commodity transaction, brought great convenience to the service user.
On the electronic transaction platform, a lot of concrete application subsystems are often arranged, such as the logistics subsystem, contract subsystem, bank subsystem etc.These application subsystems can be provided by an application server, also can be provided by a plurality of application servers.The user must carry out authentication when these application subsystems of access, and application subsystem is different, and the authorization information that the user uses is also different, and the user must keep many cover user's names and user cipher simultaneously firmly in mind.And same user can be registered in same application subsystem with different identity (role), the function that different identity (role) is corresponding different; Also need the user with different username and password login application subsystems.
Existing login techniques can solve the repeat logon problem that same user accesses different application subsystem in the same application server, but a kind of selection login method based on user role is not provided: the user only logins once, just can safety with a plurality of application submethods of different identity (role) access.Existing electronic trade platform does not provide a kind of service switch method of implicit expression yet.
In sum, existing service switch method, transaction platform and/or service system need to be set up multiple identity and generate corresponding identity information for the user, thereby take the processing resource; And need a large amount of identity data of storage, at processing and query aspects occupying system resources and the storage resources of data, and easily cause login time long, the defective of inefficiency.
Summary of the invention
The technical problem that the present invention solves provides a kind of service switching method for electronic transaction platform, can saving resource, promote treatment effeciency.
In order to address the above problem, the purpose of this invention is to provide a kind of service switching method for electronic transaction platform, described electronic trade platform comprises many identity selection landing devices, unification user management devices and at least one application server, described many identity selection landing devices are suitable for coupling described unification user management devices and terminal equipment, and described service switching method for electronic transaction platform comprises:
Described many identity selection landing devices receive from the service order of described terminal equipment selects request Concurrency to give described unification user management devices;
Described unification user management devices receives described service order and selects request, generates the service call token and feeds back to described many identity selection landing devices, comprises at least user affiliated mechanism, role and access rights in the described service call token;
Described many identity selection landing devices feed back to described terminal equipment with described service call token;
Described application server receives from the access request of described terminal equipment and service call token and verifies whether service call token wherein mates with the access rights of access request.
Optionally, described service switching method for electronic transaction platform also comprises: temporary storage cell is stored the service call token that described service call token acquiring unit obtains.
Optionally, described service switching method for electronic transaction platform, also comprise: the reception of initial registration request processing unit and checking feed back to described terminal equipment from the logging request of utilizing encrypted private key of described terminal equipment with the session key that utilizes public key encryption;
The reception of session logging request processing unit and checking are from the logging request of utilizing session key of described terminal equipment.
Optionally, described service call token is carried in the described access request.
The present invention also provides a kind of service switching method for electronic transaction platform, described electronic trade platform comprises many identity selection landing devices, unification user management devices and at least one application server, described many identity selection landing devices are suitable for coupling described unification user management devices and terminal equipment, and described service switching method for electronic transaction platform comprises:
Described many identity selection landing devices receive from the service order of described terminal equipment selects request Concurrency to give described unification user management devices;
Described unification user management devices receives described service order and selects request, generates the service call token and feeds back to described many identity selection landing devices, comprises at least user affiliated mechanism, role and access rights in the described service call token;
Described many identity selection landing devices feed back to described terminal equipment with described service call token;
Described many identity selection landing devices receive from the access request of described terminal equipment and service call token and verify whether service call token wherein mates with the access rights of access request;
Described many identity selection landing devices are forwarded to described application server with the access request of access rights coupling.
Optionally, described service switching method for electronic transaction platform also comprises: temporary storage cell is stored the service call token that described service call token acquiring unit obtains.
Optionally, described service switching method for electronic transaction platform, also comprise: the reception of initial registration request processing unit and checking feed back to described terminal equipment from the logging request of utilizing encrypted private key of described terminal equipment with the session key that utilizes public key encryption;
The reception of session logging request processing unit and checking are from the logging request of utilizing session key of described terminal equipment.
Optionally, described service call token is carried in the described access request.
Use above-mentioned service switching method for electronic transaction platform, the function that the service call token switches completion service, service is switched the service of using fully transparent.
Description of drawings
Fig. 1 is the schematic diagram that concerns between application service, the role in the application service and the function of a kind of user, order in the embodiment of the present invention;
Fig. 2 is the schematic diagram of service subscription information in the embodiment of the present invention;
Fig. 3 is the schematic diagram of the service subscription information in the one embodiment of the invention;
Fig. 4 is the schematic diagram of service system in the embodiment of the present invention;
Fig. 5 is the register flow chart of service system in the embodiment of the present invention;
Fig. 6 is the structural representation of the many identity selection landing devices of the first provided by the invention;
Fig. 7 is the structural representation of the many identity selection landing devices of the second provided by the invention;
Fig. 8 is the flow chart of a kind of many identity selection login methods of providing of embodiment of the present invention;
Fig. 9 is the structural representation of the third many identity selection landing devices of providing of embodiment of the present invention;
Figure 10 is the flow chart of another kind of many identity selection login methods of providing of embodiment of the present invention;
Figure 11 is the flow chart of a kind of service switching method for electronic transaction platform of providing of embodiment of the present invention;
Figure 12, the 13rd, the user is at the process schematic diagram of transaction platform issue standard contract in the one embodiment of the invention.
Embodiment
For above-mentioned purpose of the present invention, feature and advantage can more be become apparent, below in conjunction with accompanying drawing the specific embodiment of the present invention is described in detail.
Set forth detail in the following description so that fully understand the present invention.But the present invention can be different from alternate manner described here and implements with multiple, and those skilled in the art can be in the situation that do similar popularization without prejudice to intension of the present invention.Therefore the present invention is not subjected to the restriction of following public embodiment.
Among the present invention, when the user orders application service, be to carry out with the name of certain mechanism, such as steel plant or exchange intermediary etc.According to the function that this application service provides, the user is free to define the role's (being called again tissue) in this mechanism, and the corresponding relation between role and the function.
Fig. 1 is the schematic diagram that concerns between user among the present invention, user application service, the role in the application service and the function ordered.The user has ordered application service with the name of mechanism 502, the application service 501 that obtains ordering.The application service 501 of ordering comprises the first function 503, the second function, the 3rd function ... with the N function.Wherein corresponding the second role of the first function and third angle look, the in-house user that namely the first role and third angle look corresponding has authority to use the first function of this application service.Corresponding the first role of the second function and the second role, the corresponding third angle look of the 3rd function, the corresponding M role of N function.
The user defines the tissue of mechanism 502 after ordering the application service success, each tissue comprises user property and role attribute, and the role attribute of tissue is to the operable function of the user member that should organize.Comprise the first tissue the 504, second tissue, the 3rd tissue ... organize with Y.By the user is added in the user property of described tissue, thereby make this user have corresponding role, can use function corresponding to this role.
It should be noted that, user's service subscription information is not user's information of ordering operation (uses, defined which role of mechanism, defined the corresponding relation of which role and function such as which has been ordered), but the mechanism information of user in each application service of having ordered, the subordinate's of mechanism organizational information, operable function information corresponding to Role Information, role that tissue comprises.
Fig. 2 is the schematic diagram of service subscription information among the present invention, and service subscription information 600 comprises user name 601; Also comprise and order name 651, apply names 602, mechanism's name 603, organization name 606, role name 604 and function name 605, the title, the organization name at user place of mechanism that represents respectively title, the user place of title, the application service in this order of an order, title and function title corresponding to role of the role under the user.Described service subscription information comprises a user name 601, at least one order.Comprise one during each is ordered and order sequence number 651, an apply names 602, mechanism's name 603, an organization name 606, at least one role name 604 and at least one function name.
Fig. 3 is the schematic diagram of the service subscription information in the one embodiment of the invention.Service subscription information 610 comprises the service subscription information that user's first 611 is correlated with, and comprises that first orders the 661, second order the 662, the 3rd order the 663 and the 4th order 664.Described the first order 661 is the orders to using 1; User's first belongs to the A of mechanism and organizes A role A, role A corresponding function 1 and the function 2 of organizing A to comprise under user's first, and namely user's first can be used in this first order 661 and use 1 function 1 and function 2.Compare with the first order 661, order in 662 second, user's first belongs to identical mechanism (A of mechanism), different tissue (tissue B), organize B to comprise different role attribute (role D), user's first can be used and use 1 function 1, can not use and use 1 function 2.Order in 663 the 3rd, user's first belongs to different mechanisms (C of mechanism), the function 1 of operable application 1 and function 4.Order in 664 the 4th, user's first belongs to the B of mechanism and organizes B, can use and use 2 function 3, compares with above-mentioned three orders, and the 4th application service of ordering in 664 is different.
The user who orders operation can add oneself the tissue of corresponding mechanism, also can not add any tissue.A user can exist in a plurality of orders that comprise the different application service, also can have corresponding different role attribute and user right in comprising the different order of same application service with different tissues.
Fig. 4 is service system schematic diagram among the present invention, and described service system comprises login system 401 and unification user management devices 404, and unification user management devices 404 is preserved service subscription information.Local terminal 402 is connected with service system with local application server, and remote terminal 403 is connected network and is connected with service system with remote application server.
Each terminal equipment obtains finishing register behind the service call token by unified login system, utilize afterwards the service call token, both can finish by login system the operation of access application service, also can directly send the operation that access request is finished the access application service to application server.
The login process of described service system comprises step as shown in Figure 5:
S301: login system receives the logging request of sending from terminal equipment;
S302: login system is carried out the log-on message checking;
S303: if the verification passes, login system sends login to terminal equipment and replys; Otherwise, send login failure and reply;
S304: login system sends the service subscription information request to the unification user management devices;
S305: the unification user management devices sends service subscription information to login system and replys;
S306: login system is fed back service subscription information to terminal equipment;
S307: login system receives from the service order of terminal equipment and selects request;
S308: login system is transmitted service order and is selected request to the unification user management devices;
S309: login system receives the service call token corresponding with described service order selection request from the unification user management devices;
S310: the service call token that login system is received to the terminal equipment feedback, the user finishes register.
By above-mentioned steps, login process expands to login and orders selection course.After user's login, service subscription information be can obtain, all and this user-dependent application service comprised; Order of user selection is carried out follow-up work, when other application of needs, in the time of perhaps need to using same application service with other role, do not need again to login, only need from service subscription information, to reselect to get final product, saved user's time, be user-friendly to.
After above-mentioned steps was finished, terminal equipment can send access request and service call token to application server by login system, also can directly send access request and service call token to application server.When terminal equipment sent access request and service call token to application server by login system, the access of application server was replied and can be fed back to terminal equipment by login system, also can directly feed back to terminal equipment.
At least comprise mechanism, role and access rights that the user is affiliated in the described service call token.After the application service that application server provides receives the access request and service call token of that terminal equipment sends or login system forwarding, at first relatively whether the access rights in the service call token mate the authority of (covering) access request, if permission match, carry out the instruction in the access request, otherwise, return error message.
It should be noted that above-mentioned service call token both can send separately, also can be carried in the access request; Terminal equipment and login system/service system both can adopt the C/S mode to realize, also can adopt the B/S mode to realize.
Fig. 6 is the structural representation of the many identity selection landing devices of the first provided by the invention.Wherein, terminal equipment comprises terminal equipment 100a, terminal equipment 100b, terminal equipment 100c and terminal equipment 100n, wherein terminal equipment 100a and terminal equipment 100b are local terminal equipments, and terminal equipment 100c and terminal equipment 100n are RTU (remote terminal unit).
Many identity selection landing devices 200 comprise logging request processing unit 201, service subscription information acquiring unit 202 and service call token acquiring unit 203.Unification user management devices 301 couples with many identity selection landing devices 200.Application service comprises application service 302a, application service 302b, application service 302c and application service 302n, and wherein application service 302c and application service 302n are positioned on the remote application server.Unification user management devices 301 is preserved service subscription information.
Logging request processing unit 201 is connected with terminal equipment 100a, terminal equipment 100b, terminal equipment 100c and terminal equipment 100n, receive the logging request that each terminal equipment sends, after the log-on message success of authentication of users, send to login successfully to terminal equipment and reply, reply otherwise send login failure.
Service subscription information acquiring unit 202 is connected with described logging request processing unit 201, and after the user logined successfully, logging request processing unit 201 sent activation data to the service subscription information acquiring unit, activated service subscription information acquiring unit 202.Service subscription information acquiring unit 202 couples with unification user management devices 301, sends the service subscription information request to unification user management devices 301, and the service subscription information that reception unification user management devices 301 returns is replied.
Service call token acquiring unit 203 couples with terminal equipment and unification user management devices 301, receives from terminal equipment and selects request based on the service order of described service subscription information, obtains the service call token and feeds back to described terminal equipment.
Terminal equipment sends access request and service call token to required application service, application service verify described access request requested permissions whether with the service call token in the user right coupling, after checking is passed through, send access and reply to terminal equipment.
Provide the second many identity selection landing devices in the another embodiment of the present invention, as shown in Figure 7.Many identity selection landing devices 200 also comprise and call pretreatment unit 206 and temporary storage cell 204.
Temporary storage cell 204 couples with described service call token acquiring unit 203, and stores service is called the service call token that token acquiring unit 203 obtains; When service call token acquiring unit 203 receives new service order selection request, inquire about at first whether desired data has been kept in the temporary storage cell 204, if preserve, directly obtain the service call token and feed back to described terminal equipment from temporary storage cell 204.
Calling pretreatment unit 206 couples with described terminal equipment.Reception is from access request and the service call token of described terminal equipment, verify described access request requested permissions whether with the service call token in the user right coupling, after checking is passed through, transmit described access request to application service.
Application service on the application server receives after the access request, and directly backward reference is replied to described terminal equipment.
In conjunction with above-mentioned many identity selection landing devices, the present invention also provides a kind of many identity selection login methods, as shown in Figure 8, comprises step:
S401: many identity selection landing devices receive the logging request of sending from terminal equipment;
S402: many identity selection landing devices carry out the log-on message checking;
S403: if the verification passes, many identity selection landing devices send login to terminal equipment and reply; Otherwise, send login failure and reply;
S404: many identity selection landing devices send the service subscription information request to the unification user management devices;
S405: the unification user management devices sends service subscription information to many identity selection landing devices and replys;
S406: many identity selection landing devices feed back service subscription information to terminal equipment;
S407: many identity selection landing devices receive from the service order of terminal equipment and select request;
S408: many identity selection landing devices are transmitted service order and are selected request to the unification user management devices;
S409: many identity selection landing devices receive and store the service call token corresponding with described service order selection request from the unification user management devices;
S410: the service call token that many identity selection landing devices are received to the terminal equipment feedback;
S411: many identity selection landing devices receive access request and the service call token from terminal equipment;
S412: many identity selection landing devices verify described access request requested permissions whether with the service call token in the user right coupling, after checking is passed through, transmit described access request to application service;
S413: application service sends access to terminal equipment and replys.
The third many identity selection landing devices are provided in the another embodiment of the present invention, as shown in Figure 9.Be with the difference of the many identity selection landing devices of the first, also comprise temporary storage cell 204 and call processing unit 207.
Temporary storage cell 204 couples with described service call token acquiring unit 203, and stores service is called the service call token that token acquiring unit 203 obtains; When service call token acquiring unit 203 receives new service order selection request, inquire about at first whether desired data has been kept in the temporary storage cell 204, if preserve, directly obtain the service call token and feed back to described terminal equipment from temporary storage cell 204.
Calling processing unit 207 couples with described terminal equipment.Reception is from access request and the service call token of terminal equipment, verify described access request requested permissions whether with the service call token in the user right coupling, after checking is passed through, transmit described access request to application service.
Application service on the application server receives after the access request, and backward reference is replied to calling processing unit 207.At last, reply described terminal equipment by calling processing unit 207 feedback access.
In conjunction with above-mentioned many identity selection landing devices, the present invention also provides a kind of many identity selection login methods, as shown in figure 10, comprises step:
S501: many identity selection landing devices receive the logging request of sending from terminal equipment;
S502: many identity selection landing devices carry out the log-on message checking;
S503: if the verification passes, many identity selection landing devices send login to terminal equipment and reply; Otherwise, send login failure and reply;
S504: many identity selection landing devices send the service subscription information request to the unification user management devices;
S505: the unification user management devices sends service subscription information to many identity selection landing devices and replys;
S506: many identity selection landing devices feed back service subscription information to terminal equipment;
S507: many identity selection landing devices receive from the service order of terminal equipment and select request;
S508: many identity selection landing devices are transmitted service order and are selected request to the unification user management devices;
S509: many identity selection landing devices receive and store the service call token corresponding with described service order selection request from the unification user management devices;
S510: the service call token that many identity selection landing devices are received to the terminal equipment feedback;
S511: many identity selection landing devices receive access request and the service call token from terminal equipment;
S512: many identity selection landing devices verify described access request requested permissions whether with the service call token in the user right coupling, after checking is passed through, transmit described access request to application service;
S513: application service sends access to many identity selection landing devices and replys;
S514: many identity selection landing devices send access to terminal equipment and reply.
Further, in order to improve the fail safe of communicating by letter between user and the system, in another embodiment of the present invention, the logging request processing unit comprises initial registration request processing unit and session logging request processing unit.
Initial registration request processing unit and terminal equipment couple, and receive the logging request that the user utilizes encrypted private key, after the checking private key, utilize PKI to return session key to the user.Afterwards, the user uses session key and many identity selection landing devices to communicate.
Session logging request processing unit is connected with the initial registration request processing unit, receives described session key.Session logging request processing unit and terminal equipment couple, the logging request that receiving terminal apparatus utilizes session key to send, and utilize session key to send to terminal equipment and reply.
Further, the invention provides a kind of service switching method for electronic transaction platform.Described electronic trade platform comprises many identity selection landing devices, unification user management devices and at least one application server, and described many identity selection landing devices are suitable for coupling described unification user management devices and terminal equipment.
Described transaction platform can be the cloud transaction platform, adopts the modes such as cloud computing and the storage of cloud data to come to provide service for terminal equipment.
As shown in figure 11, service switch method comprises the steps:
S600: described many identity selection landing devices receive from the service order of described terminal equipment selects request Concurrency to give described unification user management devices;
S700: described unification user management devices receives described service order and selects request, generate the service call token and feed back to described many identity selection landing devices, comprise at least user affiliated mechanism, role and access rights in the described service call token;
S800: described many identity selection landing devices feed back to described terminal equipment with described service call token;
S900: described application server receives from the access request of described terminal equipment and service call token and verifies whether service call token wherein mates with the access rights of access request.
Wherein, S600 further comprises the steps: S601: many identity selection landing devices send the service subscription information request to the unification user management devices; S602: the unification user management devices obtains service subscription information and sends to many identity selection landing devices; S603: the unification user management devices feeds back service subscription information to terminal equipment.
Use above-mentioned service switch method, the function that the service call token switches completion service, client did not need again to login when service was switched.
Further, the invention provides a kind of service switching method for electronic transaction platform:
S600: described many identity selection landing devices receive from the service order of described terminal equipment selects request Concurrency to give described unification user management devices;
S700: described unification user management devices receives described service order and selects request, generate the service call token and feed back to described many identity selection landing devices, comprise at least user affiliated mechanism, role and access rights in the described service call token;
S800: described many identity selection landing devices feed back to described terminal equipment with described service call token;
S1000: described many identity selection landing devices receive from the access request of described terminal equipment and service call token and verify whether service call token wherein mates with the access rights of access request;
S1100: described many identity selection landing devices are forwarded to described application server with the access request of access rights coupling.
Use above-mentioned service switch method, the function that the service call token switches completion service, service is switched the service of using fully transparent.
In order to further describe login system provided by the invention and login method, describe below in conjunction with the bulk supply tariff transaction platform.In specific implementation, described bulk supply tariff transaction platform can be the cloud transaction platform.
By the bulk supply tariff transaction platform, the addressable application service of terminal equipment comprises the Transaction Information issue, the issue of transaction contract, and the transaction contract is bought bank loan service, mortgage service, logistics distribution service etc.Each application service can realize at different application servers, also can be developed by different service providers.
Described terminal equipment can be handheld terminal, desktop computer and other electronic service equipment.
Terminal equipment and login system/service system both can adopt the C/S mode to realize, also can adopt the B/S mode to realize.
The below is issued as the process that example explanation user uses many identity selection landing devices with user's Application standard contract.
Shown in Figure 12,13, the user wishes to issue a plurality of standard contracts with different roles on transaction platform.According to aforesaid many identity selection login methods, the user at first carries out terminal equipment login subprocess 701, comprises the steps: that terminal equipment sends logging request 7011, many identity selection landing devices checking logging request 7012 and transmission login and replys 7013.
According to aforesaid many identity selection login methods, after the user successfully logins, carry out terminal equipment and obtain service subscription information subprocess 702, comprise the steps: that many identity selection landing devices send service subscription information request 7021, unification user management devices feedback service subscription information 7022, terminal equipment and send that service order is selected request 7023, many identity selection landing devices obtain selects service call token corresponding to information and feed back to terminal equipment 7024 with described service order.The user obtains service subscription information as shown in Figure 2, wherein detailed record with this user-dependent order, mechanism, role and function.One of them orders user selection, and the application service of this order is the issue standard contract, and the mechanism of order is steel plant, and the role is the salesman of steel plant, and corresponding function comprises the partial function (futures contract) of issuing standard contract.
According to aforesaid many identity selection login methods, after order of user selection, carry out terminal equipment and call application service subprocess 703, comprise the steps: that client sends operating right in access request and service call token 7031, the request of many identity selection landing devices authentication-access and whether mates service call token 7032, calls pretreatment module and transmit and call application request 7033, application module is carried out subprocess 7034.
The process of user's Application standard contract issue is: check whether contract price is passed through, contract price template in the application service invocation database and user's contract price compare at this moment, if contract price is passed through, whether the member's credit that checks the user is enough, user credit data in this moment application service invocation database, if member's credit of user is not enough then can not issue contract, if member's credit is enough, can issue contract, and the generation standard contract takies (the member's credit that takies the user), member's credit of this user simultaneously, then generate standard contract, and the result feedback that will generate standard contract is finished the service request of standard contract issue to the service user.
If the user has finished after the above-mentioned standard contract issue, hope is issued another standard contract (prompt contracts) with the sales manager's of steel plant identity, the user re-executes terminal equipment and obtains service subscription information subprocess 702, and reselects order and get final product.
Those skilled in the art will appreciate that the method that embodiment of the present invention provides can carry out with hardware mode, also can with computer code or similarly software mode cooperate hardware system carry out.When adopting software mode to realize, relevant code (source code and/or object code) and document can be stored in (such as CD, disk etc.) or read-write medium on the computer-readable recording medium.
Although the present invention with specific embodiment openly as above; but it is not to limit the present invention; any those skilled in the art without departing from the spirit and scope of the present invention; can utilize method and the technology contents of above-mentioned announcement that technical solution of the present invention is made possible change and modification; therefore; every content that does not break away from technical solution of the present invention; to any simple modification, equivalent variations and modification that above embodiment does, all belong to the protection range of technical solution of the present invention according to technical spirit of the present invention.

Claims (8)

1. service switching method for electronic transaction platform, described electronic trade platform comprises many identity selection landing devices, unification user management devices and at least one application server, described many identity selection landing devices are suitable for coupling described unification user management devices and terminal equipment, it is characterized in that, described service switching method for electronic transaction platform comprises:
Terminal equipment is selected to send service order based on the user to the order of service subscription information and is selected request, and described service subscription information comprises the mechanism information of user in each application service of having ordered, the subordinate's of mechanism organizational information, operable function information corresponding to Role Information, role that tissue comprises;
Described many identity selection landing devices receive from the service order of described terminal equipment selects request Concurrency to give described unification user management devices;
Described unification user management devices receives described service order and selects request, generation is selected the service call token of request and is fed back to described many identity selection landing devices corresponding to described service order, comprises at least user affiliated mechanism, role and access rights in the described service call token;
Described many identity selection landing devices feed back to described terminal equipment with described service call token;
Described application server receives from the access request of described terminal equipment and service call token and verifies whether service call token wherein mates with the access rights of access request.
2. service switching method for electronic transaction platform as claimed in claim 1 is characterized in that, also comprises:
Temporary storage cell is stored the service call token that described service call token acquiring unit obtains.
3. service switching method for electronic transaction platform as claimed in claim 1 is characterized in that, also comprises:
The reception of initial registration request processing unit and checking feed back to described terminal equipment from the logging request of utilizing encrypted private key of described terminal equipment with the session key that utilizes public key encryption;
The reception of session logging request processing unit and checking are from the logging request of utilizing session key of described terminal equipment.
4. service switching method for electronic transaction platform as claimed in claim 1 is characterized in that, described service call token is carried in the described access request.
5. service switching method for electronic transaction platform, described electronic trade platform comprises many identity selection landing devices, unification user management devices and at least one application server, described many identity selection landing devices are suitable for coupling described unification user management devices and terminal equipment, it is characterized in that, described service switching method for electronic transaction platform comprises:
Terminal equipment is selected to send service order based on the user to the order of service subscription information and is selected request, and described service subscription information comprises the mechanism information of user in each application service of having ordered, the subordinate's of mechanism organizational information, operable function information corresponding to Role Information, role that tissue comprises;
Described many identity selection landing devices receive from the service order of described terminal equipment selects request Concurrency to give described unification user management devices;
Described unification user management devices receives described service order and selects request, generation is selected the service call token of request and is fed back to described many identity selection landing devices corresponding to described service order, comprises at least user affiliated mechanism, role and access rights in the described service call token;
Described many identity selection landing devices feed back to described terminal equipment with described service call token;
Described many identity selection landing devices receive from the access request of described terminal equipment and service call token and verify whether service call token wherein mates with the access rights of access request;
Described many identity selection landing devices are forwarded to described application server with the access request of access rights coupling.
6. service switching method for electronic transaction platform as claimed in claim 5 is characterized in that, also comprises:
Temporary storage cell is stored the service call token that described service call token acquiring unit obtains.
7. service switching method for electronic transaction platform as claimed in claim 5 is characterized in that, also comprises:
The reception of initial registration request processing unit and checking feed back to described terminal equipment from the logging request of utilizing encrypted private key of described terminal equipment with the session key that utilizes public key encryption;
The reception of session logging request processing unit and checking are from the logging request of utilizing session key of described terminal equipment.
8. service switching method for electronic transaction platform as claimed in claim 5 is characterized in that, described service call token is carried in the described access request.
CN 201010503133 2010-09-30 2010-09-30 Service switching method for electronic transaction platform Expired - Fee Related CN101951385B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN 201010503133 CN101951385B (en) 2010-09-30 2010-09-30 Service switching method for electronic transaction platform

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN 201010503133 CN101951385B (en) 2010-09-30 2010-09-30 Service switching method for electronic transaction platform

Publications (2)

Publication Number Publication Date
CN101951385A CN101951385A (en) 2011-01-19
CN101951385B true CN101951385B (en) 2013-01-09

Family

ID=43454745

Family Applications (1)

Application Number Title Priority Date Filing Date
CN 201010503133 Expired - Fee Related CN101951385B (en) 2010-09-30 2010-09-30 Service switching method for electronic transaction platform

Country Status (1)

Country Link
CN (1) CN101951385B (en)

Families Citing this family (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP5875351B2 (en) * 2011-12-01 2016-03-02 キヤノン株式会社 Information processing system, information processing apparatus, authentication method, and computer program
US9230089B2 (en) 2012-07-16 2016-01-05 Ebay Inc. User device security manager
US20130263237A1 (en) * 2012-03-30 2013-10-03 Ebay Inc. User authentication and authorization using personas
CN104036418A (en) * 2014-06-09 2014-09-10 宁波公众信息产业有限公司 Digital electronic trading system
CN106446638A (en) * 2016-10-14 2017-02-22 郑州云海信息技术有限公司 Cloud computing operation system security access method and device
US10951421B2 (en) * 2016-11-28 2021-03-16 Ssh Communications Security Oyj Accessing hosts in a computer network
CN113111355A (en) * 2020-01-13 2021-07-13 华控清交信息科技(北京)有限公司 Authority management method, device, system and storage medium
CN111953708B (en) * 2020-08-24 2022-08-26 北京金山云网络技术有限公司 Cross-account login method and device based on cloud platform and server

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060123472A1 (en) * 2004-12-07 2006-06-08 Microsoft Corporation Providing tokens to access federated resources
CN1805341A (en) * 2006-01-11 2006-07-19 西安电子科技大学 Network authentication and key allocation method across secure domains

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060123472A1 (en) * 2004-12-07 2006-06-08 Microsoft Corporation Providing tokens to access federated resources
CN1805341A (en) * 2006-01-11 2006-07-19 西安电子科技大学 Network authentication and key allocation method across secure domains

Also Published As

Publication number Publication date
CN101951385A (en) 2011-01-19

Similar Documents

Publication Publication Date Title
CN101977184B (en) Multi-identity selection landing device and service system
CN101951385B (en) Service switching method for electronic transaction platform
EP3375161B1 (en) Single sign-on identity management between local and remote systems
US10073958B2 (en) Security system for verification of user credentials
US9397838B1 (en) Credential management
CN110109930A (en) Government data storage, querying method and system based on block chain duplex structure
CN101127108B (en) Method for accessing a information source via a computer system
CN102724221A (en) Enterprise information system using cloud computing and method for setting user authority thereof
KR20180022507A (en) Method for providing document delivery service that is based on the block chain
CN103262466A (en) Authentication system, authentication server, service provision server, authentication method, and computer-readable recording medium
US10873586B2 (en) Systems and methods for secure data access control
WO2020222927A1 (en) Localization of did-related claims and data
CN112861157A (en) Data sharing method based on decentralized identity and proxy re-encryption
CN109450633A (en) Information encrypts sending method and device, electronic equipment, storage medium
CN111327426B (en) Data sharing method and related device, equipment and system
CN114422258A (en) Single sign-on method, medium and electronic equipment based on multiple authentication protocols
CN109615329A (en) Processing method, device and computer equipment on the line of conductive suggestion
US10666644B2 (en) Enterprise key and password management system
CN111178819A (en) Electronic document processing method, system and device
CN107547570B (en) Data security service platform and data security transmission method
JP6027485B2 (en) Electronic trading system, electronic trading method, and program
CN104471541B (en) Promote the method and computer system of mixing application environment
EP4018614B1 (en) Did delegation/revocation to another did
US11349846B2 (en) Managing user identities in a managed multi-tenant service
KR20150116537A (en) Method for user authentication in virtual private cloud system and apparatus for providing virtual private cloud service

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
ASS Succession or assignment of patent right

Owner name: XIBEN NEW LINE E-COMMERCE CO., LTD.

Free format text: FORMER OWNER: XIBEN NEW LINE CO., LTD

Effective date: 20120202

C41 Transfer of patent application or patent right or utility model
C53 Correction of patent of invention or patent application
CB02 Change of applicant information

Address after: 200437, room 2, building 990, 201 East Sports Club Road, Shanghai, Hongkou District

Applicant after: West Ben Shinkansen Ltd.

Address before: 200437, room 2, building 990, 201 East Sports Club Road, Shanghai, Hongkou District

Applicant before: XiBen New Line Stock Co.,Ltd.

COR Change of bibliographic data

Free format text: CORRECT: ADDRESS; FROM: 200437 HONGKOU, SHANGHAI TO: 215434 SUZHOU, JIANGSU PROVINCE

TA01 Transfer of patent application right

Effective date of registration: 20120202

Address after: 215434 No. 88, Binjiang Avenue, Port Development Zone, Taicang port, Jiangsu Province

Applicant after: XiBen New Line Stock Co.,Ltd.

Address before: 200437, room 2, building 990, 201 East Sports Club Road, Shanghai, Hongkou District

Applicant before: West Ben Shinkansen Ltd.

C14 Grant of patent or utility model
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20130109

Termination date: 20180930