Unlock instant, AI-driven research and patent intelligence for your innovation.

Method, device and system for security authentication

A security authentication and user authentication technology, applied in the field of information security, can solve the problems of low authentication efficiency and high resource overhead, and achieve the effect of improving authentication efficiency and reducing resource overhead

Active Publication Date: 2019-01-11
TENCENT TECH (SHENZHEN) CO LTD +1
View PDF13 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] When realizing above-mentioned two kinds of encrypted authentications, the inventor finds that there are at least the following problems in the prior art: when using PKI technology, the user must perform an authentication operation before each business processing, and the authentication efficiency is relatively low; when using Kerberos When using technology, the user’s authentication information must be stored and managed in the same management, which will cost a lot of resources

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method, device and system for security authentication
  • Method, device and system for security authentication
  • Method, device and system for security authentication

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0057] A security authentication method provided by an embodiment of the present invention, such as figure 1 As shown, the method may be performed by a client device, including:

[0058] 101. Acquire a user's digital certificate and first user authentication information.

[0059] Wherein, the implementation method for obtaining the user's digital certificate and the first user authentication information specifically includes:

[0060] Sending an authentication information acquisition request to the authentication server, where the authentication information acquisition request includes user information; receiving the user's digital certificate and first user authentication information generated by the authentication server according to the user information.

[0061] Wherein, the digital certificate may carry the identification information of the user who owns the digital certificate and the user's public key, and the authentication server uses the private key of the system ce...

Embodiment 2

[0096] The embodiment of the present invention provides a security authentication method, which can be applied in a distributed application system, and the system mainly includes a client device, an authentication server device and a business server device.

[0097] In this embodiment of the present invention, the method is specifically described by taking the authentication process of user C as an example, as follows Figure 4 As shown, the process includes:

[0098] 401. The client device obtains the user's digital certificate Cert C and user authentication information authenticator.

[0099] Among them, the Cert C The specific definitions of and authenticator are shown in Table 1 below.

[0100] Table 1 Cert C and authenticator definition

[0101]

[0102] Among them, C is the identification information of user C, is the public key of user C, is the private key of user C, The key used by the authentication server device to distribute digital certificates to us...

Embodiment 3

[0133] The embodiment of the present invention provides a client device 50, such as Figure 5 As shown, the device includes: an acquiring unit 51 , a sending unit 52 , a receiving unit 53 , and a generating unit 54 .

[0134] The acquiring unit 51 is configured to acquire the user's digital certificate and first user authentication information.

[0135] The sending unit 52 is configured to send the user's digital certificate and the first user authentication information to the authentication server, so that the authentication server determines the user's identity according to the user's digital certificate and the first user authentication information. When the law is legal, an authentication ticket and session key information are generated according to the user's digital certificate and the first user authentication information.

[0136] The receiving unit 53 is configured to receive the authentication ticket and the session key information sent by the server.

[0137] A ge...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a method, a device and a system for safety authentication, and relates to the technical field of information security. Authentication efficiency can be enhanced and resource cost can be reduced. The invention comprises that: a digital certificate and first user authentication information of a user are acquired; the digital certificate and the first user authentication information of the user are sent to an authentication service terminal; an authentication ticket and conversation secret key information which are sent by the service terminal are received; a conversation secret key is acquired from the conversation secret key information, and second user authentication information is generated according to the conversation secret key; an authentication credential is generated according to the received authentication ticket and the second user authentication information; and the authentication credential and a business request are sent to a business service terminal. The embodiment of the invention is mainly applied to authentication and authorization processes.

Description

technical field [0001] The present invention relates to the technical field of information security, in particular to a method, device and system for security authentication. Background technique [0002] Currently, authentication of distributed applications mainly uses PKI (Public Key Infrastructure) technology based on asymmetric encryption or Kerberos technology based on symmetric encryption. Among them, PKI uses public and private keys and digital certificates as authentication credentials. The Kerberos protocol architecture implements SSO (Single-Sign On, single sign-on), that is, the result obtained from one authentication can be used repeatedly in the subsequent authentication process. [0003] When realizing above-mentioned two kinds of encrypted authentications, the inventor finds that there are at least the following problems in the prior art: when using PKI technology, the user must perform an authentication operation before each business processing, and the auth...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06H04L9/32H04L9/30
Inventor 吴烨杨一飞欧阳君沛杨广
Owner TENCENT TECH (SHENZHEN) CO LTD