Flow control mechanism suitable for online identity authentication

An online identity and identity credential technology, applied in the field of information security, can solve problems such as hidden dangers and attacks in the online identity authentication process, and achieve the effect of reducing the possibility of hacker attacks, ensuring security, and reducing information leakage.

Inactive Publication Date: 2017-05-10
上海金融云服务集团安全技术有限公司
View PDF5 Cites 5 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, due to the lack of strict process control of the online identity authentication process (that is, the user login process) and strict read and write control of authorized resource sharing objects, hackers can use the HTTP protocol (HyperText Transfer Protocol, hypertext transfer protocol) stateless That is, the connectionless feature, and uses the authorized resource sharing object obtained from the air interface interception or the temporary cache file read by illegal intrusion to forcibly impersonate the identity of a legitimate user to achieve the purpose of man-in-the-middle attack, so that the current online identity authentication process has certain flaws. Security risks

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0016] The flow control mechanism suitable for online identity authentication provided by this embodiment includes the following steps.

[0017]S101. When the client browser opens the service homepage, the service server generates the master SessionID that locks the client browser, and creates a master Session object corresponding to the master SessionID, and then feeds back the master SessionID to the client on the one hand On the other hand, the main SessionID and the corresponding main Session object are sent to the flow control hosting server, and the flow control hosting server performs hosting according to the following first method: storing the main Session object, and then storing the main Session object The main SessionID and the first storage address of the main Session object are added to the read-write whitelist table, and then after successfully verifying the identity certificate of the client browser and before the main Session object is destroyed, the client is a...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to the technical field of information security, and discloses a flow control mechanism suitable for online identity authentication. The mechanism provides a strict flow management and control method for online identity authentication, namely after a marking client browser is locked, strict read-write management and control are carried out on a Session object in a communication session, and strict verification management and control are carried out on Cookies contents, therefore even if the Session ID or Coolies contents and other information are leaked, the hackers can also be prevented from posing the identities of legal users by using these resources to prevent the further leakage of the user information, thereby greatly reducing the possibility of information leakage and hacker attacks, and ensuring the security of the online identity authentication process.

Description

technical field [0001] The invention relates to the technical field of information security, in particular to a flow control mechanism suitable for online identity authentication. Background technique [0002] In order to ensure the security of access between sites, the common practice in the current Internet communication process is: first rely on the interceptor to intercept the URL (Uniform Resource Locator, Uniform Resource Locator) address, and forward it to User login process, and after the user enters information related to identity credentials (such as account and account password, etc.), the authentication server performs authentication matching. If the authentication is successful, a memory-based authorized resource sharing object will be established between the client and the server. (such as the Session object, etc.), and write part of the information of the authorized resource sharing object into the temporary cache file (such as the Cookies file) of the client....

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/08H04L63/083H04L63/1441
Inventor 胥寅于道洪
Owner 上海金融云服务集团安全技术有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap