User permission control method and device based on url fingerprint technology

A technology of user rights and control methods, applied in user identity/authority verification, electrical components, transmission systems, etc., can solve problems such as security vulnerabilities, subsystem code redundancy, and malicious page attacks, so as to improve the security level and protect important information, reducing the effect of coupling

Active Publication Date: 2017-07-11
ALIBABA (CHINA) CO LTD
View PDF1 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] 1) The business logic of the system is easy to omit to add permission verification, resulting in code redundancy of the subsystem;
[0006] 2) Users can tamper with the URL of the page at will, resulting in SQL injection security holes and malicious attacks on the page;
[0007] 3) The implementation scheme of user authority control will cause unnecessary queries to the database

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • User permission control method and device based on url fingerprint technology
  • User permission control method and device based on url fingerprint technology

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0033] Specific embodiments of the present invention will be described in detail below in conjunction with the accompanying drawings.

[0034] In order to completely separate user authority control from business modules, improve the security level of the entire system, and protect important information of users, the present invention generates fingerprint signatures by combining URLs of pages accessed by users and their local cookie information (where user fingerprint information is stored) Encrypted page URL, encrypted page URL is unique, subsequent users visit the encrypted page URL, the website server only needs to check whether the encrypted page URL matches the local cookie information to determine whether the user has the authority to access the encrypted page URL, therefore, The invention can reduce the coupling between user authority control and business logic, improve the security level of the whole system, and protect important information of users.

[0035] In order...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The present invention provides a user authority control method and device based on URL fingerprinting technology, wherein the method includes: obtaining the user's local cookie information and the page URL requested by the user according to the user's access request; performing fingerprinting according to the user's local cookie information and the page URL The signature generates an encrypted page URL and returns it to the user; fingerprint verification is performed on the encrypted page URL according to the user's access request to the encrypted page URL to determine the user's access authority. Through the present invention, the coupling between user authority control and business logic can be reduced, the security level of the entire system can be improved, and important information of users can be protected.

Description

technical field [0001] The present invention relates to the technical field of Internet user authority control, and more specifically, to a user authority control method and device based on URL fingerprint technology. Background technique [0002] With the progress of society and the development of technology, the Internet has been popularized in people's lives and has become a part of people's lives. [0003] At present, the network identity verification method is mainly based on "ID+password". Accuracy and Safety. The Chinese patent application with the application number 200710163458.9 discloses a method of Internet identity verification, using fingerprint verification as the main means of identity verification, and at the same time adopting two-way identity verification between the WEB server and the client, limiting the time limit for fingerprint feature codes, and generating COOKIE takes these measures to mark the identity of the user to achieve the reliability of th...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L9/32H04L29/06
Inventor 梁捷刘怡梁卡喆
Owner ALIBABA (CHINA) CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap