Http (hypertext transfer protocol) access method, http server and http system

An access method and server technology, used in transmission systems, digital transmission systems, and key distribution, can solve problems such as illegal access, and achieve the effect of preventing data leakage and ensuring data security.

Active Publication Date: 2018-07-06
ULTRAPOWER SOFTWARE
View PDF4 Cites 16 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0007] but figure 1 and figure 2 The way of using the API Key shown in the http access request is managed, and

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Http (hypertext transfer protocol) access method, http server and http system
  • Http (hypertext transfer protocol) access method, http server and http system
  • Http (hypertext transfer protocol) access method, http server and http system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0032] image 3 The flow chart of the http access method provided by the embodiment of the present invention, such as image 3 As shown, the method includes:

[0033] S300. When establishing an http connection with the client browser, send a predetermined encryption rule to the client browser, so that the client browser encrypts the client ID according to the encryption rule to generate a session token.

[0034] The predetermined encryption rule in this embodiment is to use the method name method of each application programming interface (Application Programming Interface, API) on the server side to encrypt the client ID, replacing the commonly used ulr of the application programming interface to encrypt the client ID. encryption.

[0035] Since the method name method of each API is different, and is developed and designed by the developer, the design rules of the method name method of the API are relatively free and flexible, difficult for illegal users to obtain, and have ...

Embodiment 2

[0052] Based on the same technical idea as the embodiment, this embodiment provides an http server.

[0053] Figure 4 The structural block diagram of the http server provided for the embodiment of the present invention, such as Figure 4 As shown, the http server includes: a sending unit 41, a receiving unit 42, an encryption unit 43, and a judging unit 44;

[0054] The sending unit 41 is used to send the predetermined encryption rules to the client browser when establishing an http connection with the client browser, so that the client browser encrypts the client identification according to the encryption rules to generate a session token Card;

[0055] The receiving unit 42 is configured to receive the http access request sent by the client browser, where the http access request carries the client identification and the session token;

[0056] An encryption unit 43, configured to encrypt the client ID carried in the http access request according to pre-determined encrypt...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an http (hypertext transfer protocol) access method, an http server and an http system. The method comprises the steps of sending a predetermined encryption rule to a client browser when http connection with the client browser is established; receiving an http access request which is sent by the client browser and carries a client identity and a session token; encrypting the client identity carried in the http access request according to the predetermined encryption rule and generating a local token; and sending resource data corresponding to the http access request tothe client browser when the local token is the same as the session token and the session token is not used in valid time. According to the method, the server and the system, the session token is generated through utilization of the specific encryption rule and whether the received session token is used in the valid time or not is judged, so the session token is prevented from being reused in the valid time, the two-level security protection of the http access in a client browser/server mode is realized, and the data security is ensured.

Description

technical field [0001] The invention relates to the technical field of HTTP access control, in particular to an HTTP access method, an HTTP server and a system. Background technique [0002] The hypertext transfer protocol (hypertext transfer protocol, http) is a rule that specifies the communication between the browser and the World Wide Web server in detail. The http protocol is a stateless protocol, so there are http access requests in the browser / server mode There is a possibility of illegal access. [0003] At present, in order to improve the security of http access requests, API Key is usually used to manage http access requests. API Key is a key assigned by the server to the client browser after user authentication. like figure 1 and figure 2 Shown: [0004] The client browser registers with the server, and the server registers by sending the response api_key and security_key to the client browser; [0005] The client browser uses the hmacsha256 algorithm to obt...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06H04L9/08H04L9/32H04L29/08
CPCH04L9/0866H04L9/3213H04L63/0807H04L63/0876H04L63/105H04L63/108H04L67/02
Inventor 雷中雄王庆磊韩炳海
Owner ULTRAPOWER SOFTWARE
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap