Method and system for double-factor bidirectional authentication

A two-way authentication, two-factor technology, applied in the field of network communication, can solve the problems that the client cannot download correctly, cannot execute correctly, and the deployment of plug-ins is difficult, and achieves the effect of wide range of use, simple design and improved security performance

Active Publication Date: 2015-04-01
GUANGDONG RAILWAY TECH
View PDF3 Cites 23 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, code programs as plugins are known to have many disadvantages
For example, the deployment of plug-ins on the client is very difficult. For example, the client may not be able to download correctly, and may not execute correctly after downloading. When downloading, it is necessary to set the security level of IE, etc., which makes the operation cumbersome.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and system for double-factor bidirectional authentication
  • Method and system for double-factor bidirectional authentication
  • Method and system for double-factor bidirectional authentication

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0070] Generate a certificate library through conventional certificate generation tool software, such as KeyTool and OpenSSL1.0.1g. The personal certificate of the client in the certificate store can be stored in the personal Ukey to achieve the purpose of protecting the personal certificate and identifying the identity of the user. Because Tomcat is an open source and free server, the following server uses Tomcat7 as an example to explain the two-way authentication process of accessing the Http / Https interface of the server through the two factors of account password and digital certificate stored in Ukey;

[0071] Such as figure 1 As shown, the system and its components involved in this embodiment are as follows:

[0072] (1) The key system is used to issue the client personal certificate, the server certificate, the CA certificate used for signature when making the digital certificate, etc., which is realized by using a conventional certificate generation tool;

[0073] (...

Embodiment 2

[0110] Combine below Figure 4 Explain the two-way authentication process of accessing the Web Service interface of the server through the account password and the digital certificate stored in Ukey. The specific content such as configuration of Https and certificate issuance that are the same as those in Embodiment 1 will not be described repeatedly, and only the content that is different from it will be described here. In this embodiment, the configuration of the configuration files of the Web Service server and client is mainly implemented through the Apache Rampart framework. Configure the Rampart framework to support digital certificates. Such as Figure 4 As shown, the specific authentication process in this embodiment is as follows:

[0111] Step S201: Publish the digital certificates and CA certificates of the server and client;

[0112] Step S202: Configure the Https interface on the server, specifically configure the server port, certificate store, certificate ty...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a method for double-factor bidirectional authentication. The method comprises the following steps: releasing a digital certificate and a CA certificate used for signature during the making of the digital certificate by a secret key system; configuring the configuration files of a client and a server-side so as to support the access of the client to an application interface of the server-side; accessing the application interface of the server-side by the client in a double-factor authentication mode; carrying out first verification on a server-side certificate by the client, carrying out second verification on a client certificate by the server-side, and after passing through of both the first verification and the second verification, allowing the client to access the application interface of the server-side. Besides, the invention discloses a system for double-factor bidirectional authentication, corresponding to the method. The method and the system for double-factor bidirectional authentication have the advantages of higher compatibility, wider application range, simpler design, more efficiency in use, and higher safety in data communication.

Description

technical field [0001] The invention relates to the field of network communication, in particular to a two-factor two-way authentication method and system. Background technique [0002] Currently popular two-factor authentication technology is mainly composed of account password and SSL (Secure Sockets Layer, Secure Sockets Layer) one-way authentication technology on the server side. On the one hand, due to the server-side SSL one-way authentication technology, the implementation scheme is relatively simple, and the content transmitted between the client and the server can only be simply encrypted, and the identity of the client cannot be guaranteed. Therefore, this scheme has certain potential security risks, such as being vulnerable to network attacks such as spoofing by intermediate links; (Http protocol with SSL enabled) authentication. Because Web Service is based on the SOAP protocol, if you want to implement two-factor authentication, you must overcome the compatibi...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L9/32H04L29/08
CPCH04L9/3263H04L9/3273H04L63/0823H04L63/0869H04L67/02
Inventor 蔡哲李占龙郝孔占
Owner GUANGDONG RAILWAY TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap