Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Method, device and system for carrying out service access control on third-party application

A technology of service access and corresponding relationship, applied in the field of service access control for third-party applications, can solve problems such as property security threats, and achieve the effects of improving security, ensuring security, and increasing difficulty

Active Publication Date: 2015-01-14
ALIBABA GRP HLDG LTD
View PDF7 Cites 31 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

For example, after a third-party application steals information such as the protocol and its parameters used in the interaction process in some way, it can forge an access request to simulate operations such as user login or submit a form, so that the user's information in the system Even the safety of property etc. is threatened

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method, device and system for carrying out service access control on third-party application
  • Method, device and system for carrying out service access control on third-party application
  • Method, device and system for carrying out service access control on third-party application

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0053] In the first embodiment, the technical solution of the present application is introduced from the perspective of the first server, that is, in the method involved, the execution subject of each step is the first server, and the first server is still in the form of a JS component Expose some functionality to third-party applications. see figure 1 , the method may include the following steps:

[0054] S101: After receiving the service access request, determine whether the sender of the service access request is the preset JS software development kit JSSDK; wherein, the JSSDK is provided by the first server and is added by the JS The component code automatically downloads the JSSDK to the local third-party application;

[0055] First of all, if a third-party application adds a certain JS component disclosed by the first server, the corresponding interface can be displayed on the webpage of the third-party application. For example, a third-party website adds the "shopping...

Embodiment 2

[0081] The first embodiment above introduces the technical solution provided by the embodiment of the present application from the perspective of the first server, and in the second embodiment, the technical solution provided by the embodiment of the present application is introduced from the perspective of the proxy server. see figure 2 The method for performing service access control on a third-party application from the perspective of a proxy server may include the following steps:

[0082] S201: Receive a service access request sent by the first server; the service access request is a service access request sent by a third-party application to the first server through JSSDK; wherein, the JSSDK is provided by the first server and is provided by the third-party application The added JS component code automatically downloads the JSSDK to the local third-party application;

[0083] S202: Perform a security check on the service access request according to the information carr...

Embodiment 3

[0089] The third embodiment introduces the technical solution provided by the embodiment of the present application from the perspective of JSSDK. Among them, JS components corresponding to specific functions in the first server are added to the third-party application, and the code of the JS component automatically downloads the JSSDK provided by the first server to the third-party application, see image 3 The method for controlling service access to third-party applications from the perspective of JSSDK may include the following steps:

[0090] S301: Monitor an operation instruction related to the specific function issued by a user;

[0091] S302: After receiving the operation instruction, generate a service access request;

[0092] Specifically, when generating a service access request, an API to be called may be determined, API parameters are assembled, and a request for calling the API is generated. Wherein, when assembling the API parameters, information for performing ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The embodiment of the invention discloses a method, device and system for carrying out service access control on a third-party application. The method includes the steps of judging whether a transmitting party of a service access request is a preset JS software developing tool pack JSSDK after receiving the service access request, if the answer is positive, sending the service access request to a preset proxy server so that the proxy server can carry out safety verification on the service access request according to information carried in the service access request, if the service access request passes the verification, transmitting the service access request to a first server again, judging whether the transmitting party of the service access request is the proxy server after receiving the service access request again, and if the answer is positive, feeding back response information according to a designated backhaul address in the service access request. By means of the method, device and system for carrying out service access control on the third-party application, the difficult of faking the service access request can be increased and safety is improved.

Description

technical field [0001] The present application relates to the technical field of service access control in the first server, in particular to a method, device and system for service access control of third-party applications. Background technique [0002] In the Internet age, encapsulating website services into a series of data interfaces that are easily recognizable by computers, and then opening them up for use by third-party developers, this behavior is called open API (Application Programming Interface, application programming interface), providing open API The platform itself is called an open platform. Through an open platform, websites can not only provide simple access to web pages, but also perform complex data interactions, transforming their web sites into development platforms equivalent to operating systems. Third-party developers can develop rich and colorful applications based on these existing and public Web sites. [0003] For example, for an e-commerce tr...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06
CPCH04L63/10
Inventor 阳际荣庄娇艳崔婧
Owner ALIBABA GRP HLDG LTD
Features
  • Generate Ideas
  • Intellectual Property
  • Life Sciences
  • Materials
  • Tech Scout
Why Patsnap Eureka
  • Unparalleled Data Quality
  • Higher Quality Content
  • 60% Fewer Hallucinations
Social media
Patsnap Eureka Blog
Learn More

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2025 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com