171results about How to "Simplify the certification process" patented technology

The invention relates to a unified access method for mobile cellular network and radio local area network, comprising: step 1, setting a radio local area network authentication, authorization, charging server which is connected with a WAP gateway, a wireless controller respectively; step 2, a mobile terminal does a WAP registration to the radio local area network authentication, authorization, charging server; step 3, a radio local area network authentication of the mobile terminal is authenticated by the radio local area network authentication, authorization, charging server. The invention needs not rebuild PDSN (package data service node) of the CDMA1X network or SGSN/GGSN, WAP gateways of the GSM/GPRS network, keeps the package data service flow of the original mobile cellular network basically, does not change existing CDMA1X, CDMA1X service flow and net element functions, has high safety, centralized service flow, which is convenient to manage.

The embodiment of the invention discloses an authentication method for invoking an open interface and a system for executing the method. The method comprises the following steps: a service provision platform receives an interface invoking request of an application program transmitted by a server side or a client side, wherein the interface invoking parameters comprise application identification, a private secret key and valid time allocated by the server side for the interface invoking; the private secret key is allocated by the service provision platform when the server side is registered in the service provision platform; the client side logs in the server side, acquires authentication and acquires the interface invoking parameters from the server side; the service provision platform acquires the private secret key corresponding to the application identification from the pre-assigned parameter records, and authenticates the interface invoking request based on the acquired private secret key; if the authentication is successful, the corresponding interface invoking is permitted; or, the interface invoking request party is refused to invoke the corresponding interface. The authentication method can ensure the interface invoking security, the interface invoking process is simple, and the interface invoking efficiency is high.

The present invention discloses a verification method to on-line game client side and server cluster and comprises the following steps: verifying ID to authentication server with username and password by client; assigning a random number and a symmetric encryption key to client; encrypting the random number with the symmetric encryption key by client and taking the encrypted random number as verification evidence for ID verification with other server in server cluster. The random number and symmetric encryption key assigned by authentication server are taken as the basis of ID verification and authentication between client and on-line game server in server cluster through the invention; hence, there is no need to save username and password for long time in client side and possibility of leaking username and password is prevented, verification process of server cluster is simplified, efficiency of on-line game server is improved.

The invention provides a method which is used for distributing an IP address in the process of authorizing a user terminal and a device thereof, wherein, after an authorizing server is authorized at the user terminal, the IP address is distributed to the user terminal. By adopting the method and the device of the invention, a DHCP server is not needed to be deployed in a network, thus reducing the cost of network building.

The invention provides a mobile commerce identity authentication method. In the method, key negotiation is realized by the most efficient elliptic curve-based public key cryptosystem in public key cryptosystems. An elliptic curve algorithm has the characteristics of low calculated amount and high safety, so the elliptic curve algorithm is used for generating a public key and a private key, and a public key cryptosystem without a third-party is realized and applied to the two-way authentication service of a client and a server.

The invention provides an intelligent identity authentication system. The intelligent identity authentication system comprises an authentication client SDK, an authentication server SDK, an authentication service proxy device, an authentication server, an authentication analysis engine and a cloud service platform, wherein the authentication client SDK is used for acquiring client information of authenticated users; the authentication server SDK is used for checking service strategies, and executing and forwarding information of an authentication client; the authentication service proxy device is used for providing a server reverse proxy when the authentication server SDK cannot implement an authentication function; the authentication server is used for managing the service strategies, authentication modes and cases, and displaying authentication analysis results; the authentication analysis engine is used for performing risk analysis based on a risk control model, wherein the risk analysis includes the steps of performing risk level scoring based on predefined rules and implementing big data analysis in combination with a big data analysis engine; and the cloud service platform dynamically adjusts identity authentication modes and requirements according to risk analysis results of the authentication server and the authentication analysis engine, performs identity authentication for the users, and returns an authentication result to the authentication analysis engine. According to the intelligent identity authentication system provided by the invention, an appropriate identity authentication mode can be selected for the users based on a risk analysis method.

The invention discloses an imaging device based on vein pattern and backside pattern of a finger and a multimode identity authentication method, wherein the imaging device comprises an acquisition support on which a concave finger putting area is arranged; a visible light imaging device which is arranged at one side of the concave finger putting area of the acquisition support and used for acquiring the back picture of the finger; a near infrared imaging device which is arranged at the other side of the concave finger putting area of the acquisition support and opposite to the visible light imaging device, and used for acquiring the vein picture of the finger by the irradiation of a near infrared light supply; and the bar-shaped near infrared light supply which is arranged on the acquisition support and used for irradiating near infrared light to the finger from the side of the finger. The identity authentication method comprises a logon procedure and an authentication procedure, and the adopted biological features thereof comprise the backside pattern and vein pattern of the same finger. The invention also relates to identity authentication equipment comprising the imaging device, which has better anti-counterfeit performance, and can effectively improve the stability and applicability of a biometrics identification system.

Computer system to be used in the cockpit of an aircraft, comprising a fixed screen, a docking unit and a portable computer in order to display on the fixed screen in the cockpit information which is stored on the portable computer, wherein the docking unit comprises an embedded computer with a network connection for connecting an arbitrary portable computer to the computer system, a screen connection for connecting the fixed screen to the docking unit, a graphic processor, a power connection and an input connection for receiving signals from input means and a corresponding retrofitting set, a corresponding docking unit and a corresponding method.

The embodiment of the invention provides an identity authentication method and a device. The method is applied to a client end. The method comprises the following steps: sending a first authenticationrequest carrying an identification number of a user identification SIM card of a terminal to a server, wherein the client is installed on the terminal; receiving a random number fed back by the server for the first authentication request; encrypting the random number to obtain a first ciphertext according to a first preset algorithm and a preset certificate public key in the SIM card; sending a second authentication request carrying the identification number and the first ciphertext to the server. The authentication process in the embodiment of the invention is simple and convenient to operate. As most communication terminals are provided with SIM card slots, the embodiment of the invention is easy to popularize, has strong applicability, and does not need to add other hardware equipment.

The invention discloses a data security certification transmission method and device for an Internet of Things terminal. The method comprises the steps: presetting identification key pairs in a factory of an Internet of Things terminal, and presetting a corresponding public key matrix in an edge gateway; according to a preset identification key pair of the Internet of Things terminal and a presetpublic key matrix of the edge gateway, completing the bidirectional authentication of the Internet of Things terminal and the edge gateway, and acquiring a communication encryption/decryption key; andcompleting the encryption and decryption of transmission data between the Internet of Things terminal and the edge gateway by using the communication encryption/decryption key. And the problem that the traditional safety means is difficult to meet the Internet-of-Things scene is effectively solved. A key management system which is realized based on a public key cryptography technology and can beapplied to an Internet of Things terminal is constructed through a lightweight authentication system, online support of a third party is not needed, large-scale key generation is conveniently realized, the authentication efficiency is high, the authentication process is simple, a cryptographic protocol and a cryptographic module are realized on the basis of a national cryptographic algorithm, andthe interactive authentication and data encryption of the Internet of Things terminal are realized.

The invention discloses a Web authentication method and a Web authentication device, aiming at simplifying Web authentication process and saving network transmission resource. The method comprises the following steps: when a Web authentication is enabled, issuing an ACL (Access Control List) rule, which is an HTTP protocol, before the Web authentication, and forwarding IP message of which the destination IP address is not the local IP address to a CPU; permitting the forwarding of DNS protocol message; permitting the forwarding of broadcasting message; permitting direction communication between equipment connected with the local port and an switch; receiving the HTTP message, including message transmission information, sent by internal network users, wherein the message transmission information includes a destination IP address transmitted by the HTTP message, the used transmission protocol information and a destination port; judging whether the destination IP address is the local IP address, the used transmission protocol is TCP, and the destination port is 80; and if all results are yes, performing Web authentication of the internal network user.

A method for certifying network device includes providing intelligent card to network device, obtaining enciphered result E by network device, sending enciphered result and relevant data to CA center, distributing a communication cipher key to said network device by CA and informing new switched-in network device information of the other network device passed certification of CA by enciphering information with cipher key and informing relevant information of new switch-in network device to the other network device passed certification by CA center.

The invention discloses a hotel public network wired/wireless unified authentication roaming method. During two-layer networking, an unique 802.1Q virtual local area network (VLAN) number is configured for a wired network port for each guest room, a VLAN which is different from wired networks of the guest rooms is configured for other public wireless coverage areas, and all the VLANs end at an access port of a high speed internet access (HSIC). When a guest accesses the wired/wireless network port in the guest room, the HSIC can conduct authentication according to the 802.1Q VLAN or Portal passwords of an upward message. When the authentication is passed, HSIA works out an authentication record. When the user accesses the network again, the HSIA conduct the authentication directly according to a machine aided cognition (MAC) address of an accessed terminal device or Cookie identification (ID) of the accessed terminal device. Authentication is not needed for accessing each time, and therefore an authentication process of accessing the terminal device of the guest is greatly simplified and fast and intelligentized surfing authentication service is provided for hotel users.

Using message authentication code (MAC) to authenticate message, the invention uses one-off variable. The method includes steps: before using one-off variable, saving range and use state of one-off variable; it must carry out operation for one-off variable and message together to calculate MAC; in authenticating MAC, must authenticate one-off variable, and its state; after using one-off variable, must mark and save use state; for certain cipher key and authentication function, one-off variable is only use for once to authenticate message effectively. Using one-off variable can realize integrality and freshness of authenticating message. Advantages are: synchronous use one-off variable to prevent security attack in many ways, and simple method for realizing complicated authentication application.

The invention discloses an authentication method and an authentication device for a user request. The authentication method for the user request comprises the following steps of receiving the user request; authenticating the user request according to authentication information stored in a target application program; when the user request passes the authentication, sending the user request to a server to obtain a response message which responds to the user request; when the user request does not pass the authentication, sending a first refresh request to the server to obtain a second access token; and when the second access token sent by the server is received, sending the first access token included in the user request to the server after replacing to a second access token in order to obtain a response message which responds to the user request. According to the authentication method and the authentication device, the problem of inconvenience for user operation due to a more complicated way for authenticating the user request in the prior art is solved, so that the effects of simplifying an authentication process for the user request and improving the authentication efficiency are achieved.

A server, having an automatic management mechanism, automatically delivers a request for license from a user to a communication window, automatically arranges information such as titles of software parts, keywords of the software parts, etc. in a hierarchical structure, performs a certification only when a user access a web page for which a certification is necessary, or automatically extracts, from a document such as a specification or a manual, an explanation of a software part to be registered, whereby the procedure for arranging images is automated, the process for certification is simplified so that the time necessary for the certification procedure is shortened, and the time necessary for a user to wait until the explanation becomes useable is shortened.

The invention discloses a method and a system for logging in a cloud desktop. The method comprises steps of: receiving 4A account information input by a user on a 4A login page; when a cloud desktop login link is triggered, sending the 4A account information to a cloud desktop account management server so as to allow the cloud desktop account management server to authenticate the received 4A account information; storing the 4A account information of the user and corresponding cloud desktop access authority information on the cloud desktop account management server; if the authentication is passed, according to the 4A account information of the user and the corresponding cloud desktop access authority information, generating a cloud desktop list and sending the cloud desktop list to the cloud desktop server so as to send the cloud desktop list to the user; and the authentication is not passed, sending an authentication failure to the cloud desktop server so as to send a cloud desktop login failure to the user. According to the invention, by carrying out unified management and storage on the 4A account information of the user and the corresponding cloud desktop access authority information, the user is required to only input the 4A account information for authentication once when logging in the cloud desktop, so authentication processes are saved and use experience of the user is improved.

The invention relates to the field of information security, particularly to security authentication system and method when an intelligent device receives a control command and discloses an identity authentication system based on identifiers. The identity authentication system comprises a client, a private key generation server and at least one terminal device. The client is used for generating a public key to identify a user and controlling digital signatures of the control commands of the terminal devices to generate signing messages; the private key generation server is used for generating a private key and a public parameter. Each terminal device is internally provided with an authentication module based on identifiers and certificating the control command according to the public parameter and the public key. According to the arrangement, IBC (identity-based cryptography) modules are arranged in the terminal devices, allowing the control commands received by the terminal devices to be more reliable and safe; bad effects, caused by the fact that the terminal devices receive the wrong commands, are avoided; once the faults occur to the terminal devices, the causes of the problems can be rapidly found, and effective measures are taken.

The invention discloses a VoWiFi business achieving method, system and an AAA server. The method comprises the steps that the EAP-AKA authentication requests initiated by UE are verified by the AAA server, if the verification is passed, a first authentication success information is returned to the UE and the EAP-AKA authorized authentication success information of the UE is saved; the IKE-Auther-Request information initiated by the UE is verified by the AAA server, if the EAP-AKA authorized authentication success information of the UE is saved in the AAA server, the verification is passed. The VoWiFi business achieving method, system and the AAA server can avoid the problem of a second time billing of the WiFi data stream and the VoWiFi voice data stream and the WiFi business stream passing through the P-GW device twice, through the saving of the EAP-AKA authorized authentication success information of a user on 3GPP-AAA at the time of crediting the WiFi access authentication, a second time EAP-AKA authentication is no longer needed when the S2b is being authenticated, and the time delay and the system computation amount at the authentication of the user are effectively reduced.

The invention discloses a Portal authentication method, a Portal authentication device and a Portal authentication system based on signal strength, belonging to the field of wireless communication. The method comprises the steps of acquiring signal strength information of terminal equipment to be authenticated, determining that the signal strength of the terminal equipment meets predetermined conditions according to the signal strength information, and notifying a wireless router to release the terminal equipment, thus ending authentication. The predetermined conditions can be conditions which can be met only by indoor visitors. Thus, only when the terminal equipment meets the predetermined conditions, identity authentication can be completed to get the access to Internet. Ordinary network squatters (illegal users) are generally unable to meet the predetermined conditions, so identity authentication fails to be completed. Compared with the prior art, the method, the device and the system are characterized in that password leak is prevented, authentication is simple, and the network is prevented from being squatted.