Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Identity authentication method and system based on digital signature of token

A digital signature and identity authentication technology, applied in the field of Internet security, can solve problems such as performance degradation, session ineffectiveness, memory space consumption, etc., and achieve the effects of improving efficiency and security, simple structure, and wide application prospects

Inactive Publication Date: 2018-03-16
ZHENGZHOU YUNHAI INFORMATION TECH CO LTD
View PDF5 Cites 23 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Although the session is generated by the server, you can still choose cookies as its storage carrier in the temporary storage of the client. Once the client disables the cookie function, the session will also fail to take effect.
In addition, once the number of users is huge, the server will generate a large amount of session id information in a short period of time, greatly consuming memory space and causing performance degradation

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Identity authentication method and system based on digital signature of token

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 2

[0063] Embodiment 2 provides a token-based digital signature authentication system, including

[0064] The client input module is used for the client to initiate a request;

[0065] The server-side detection module is used to detect whether the request information input by the input module carries a token;

[0066] When the server-side detection module detects that the received request information does not carry a token, the return module is used to return an error message and prompt the user to re-authenticate;

[0067] The verification module is used to verify the digital signature;

[0068] The server decryption module is used to decrypt the token content;

[0069] The verification module is used to verify the legitimacy of the token content.

[0070] The system also includes a confirmation module and an encryption module;

[0071] The confirmation module is used to determine the original information data for generating the token;

[0072] The encryption module is used...

Embodiment 3

[0077] Embodiment 3, when the customer logs in for the first time, he needs to provide a user name and password for the first identity verification. After the server receives the user name and password information, it detects, and if the authentication passes, it prepares to generate a Token; after the user passes the first authentication, it needs to determine the original information data used to generate the token, which is called payload, which can be regarded as a key-value The object can save some non-critical basic information such as user name and email address. After building the payload data, choose an encryption method and determine a unique private key to encrypt the payload. The encrypted data is called Token, and then use the private key to sign the Token. Finally, the combination of token and signature All the data is sent to the client, and the client can choose multiple ways to cache this data. In this way, the server does not save any identity information an...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to an identity authentication method and system based on a digital signature of a token. The method comprises the following steps: a client sends a request; if a server-side detection module detects that received request information does not carry the token, a return module returns error information to prompt a user to carry out verification again; if the server-side detection module detects that the received request information carries the token, a verification module verifies the digital signature; and if the digital signature is valid, a server decryption module decrypts token contents through a private key, the verification module verifies the validity of the token contents, and data is acquired for subsequent operations. The method and system adopting the technical scheme has the advantages that authentication and status information of a user is managed and operated through server-side encryption and decryption technologies, so that no relevant information isstored on a server, and high safety and higher efficiency are further ensured.

Description

technical field [0001] The invention belongs to the technical field of Internet security, and in particular relates to an identity authentication method and system based on token digital signatures. Background technique [0002] In the process of browsing the Internet, in order to protect the interests of all parties from loss, whether it is a user or a service provider, identity verification is required in quite a few business contexts to ensure that the corresponding role can obtain the resources they want. At the same time, it prevents illegal users from obtaining sensitive data. The two most commonly used identification methods in the traditional Internet are session and cookie mechanisms. [0003] A cookie is a method of saving user authentication information and state information on the client side. The server only generates corresponding cookies according to the instructions of the browser by adding some unique codes in the HTTP header. When using cookies, the brow...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L9/32H04L29/06
CPCH04L9/3213H04L9/3247H04L63/083
Inventor 梁盛楠
Owner ZHENGZHOU YUNHAI INFORMATION TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com