A method and system for preventing illegal access to server
An illegal access and server technology, applied in the field of communication, can solve the problems that the server cannot serve normal users, the session key is easy to be cracked, and it is difficult to be modified, so as to increase the difficulty of cracking, prevent behaviors from happening, and easy to update.
Active Publication Date: 2021-10-01
HUNAN HAPPLY SUNSHINE INTERACTIVE ENTERTAINMENT MEDIA CO LTD
View PDF4 Cites 0 Cited by
- Summary
- Abstract
- Description
- Claims
- Application Information
AI Technical Summary
Problems solved by technology
This fixed session key is easy to crack and difficult to modify. If a third-party client knows the session key, it can forge a request and access the back-end interface of the server, resulting in information leakage and the server being unable to serve normal users.
Method used
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View moreExamples
Experimental program
Comparison scheme
Effect test
Embodiment Construction
[0040] The method for preventing illegal access to the server includes the following steps:
[0041] Step A1. The client generates a session ID.
[0042] Step A2. The client sends the session identifier to the server.
[0043] Step A3. The server receives the session identifier.
[0044] Step A4. The server encrypts the session ID (session id) with a preset encryption key (key) to obtain the session key. Assuming that the encryption algorithm is des, the session key session key = des(key, session id).
[0045] Step A5. The server synchronizes the session key to the client.
[0046] Step A. The client generates the original resource URL to be requested.
[0047] Step B. The client uses the session key to encrypt the session identifier and the original resource URL, and appends the session identifier to obtain a new URL.
[0048] Step C. The client sends an access request to the server based on the new URL.
[0049] Step D. The server obtains the session ID from the new UR...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More PUM
Login to View More Abstract
The invention discloses a method and system for preventing illegal access to a server, wherein the prevention method includes: the client generates a session ID and sends it to the server; the server receives the session ID and encrypts it to obtain a session key, and synchronizes the session key to the client end; the client generates the original resource URL to be requested, uses the session key to encrypt the session identifier and the original resource URL, and appends the session identifier to obtain a new URL; the client sends an access request to the server based on the new URL; the server obtains the URL from the new URL session ID and obtain the session key; use the session key to decrypt the new URL to obtain the decrypted session ID and the decrypted URL; judge whether the decrypted session ID is consistent with the directly obtained session ID, otherwise reject the request visit; if yes, allow the visit. The invention increases the difficulty of deciphering the session key, can easily update the session key, and can effectively prevent illegal access to the server from occurring.
Description
technical field [0001] The invention belongs to the communication field, in particular to a method and system for preventing illegal access to a server. Background technique [0002] At present, most of the interactive interfaces between the client and the server are implemented through http, wherein the server provides external access interfaces, and these interfaces provide standard http services. [0003] In the prior art, the process of interaction between the client and the server is as follows: [0004] First, the client generates a resource URL (Uniform Resource Locator, Uniform Resource Locator) to be requested, and sends an http request to the server. [0005] Then, the server receives the request and returns the access result to the client. [0006] Finally, the client parses the access result returned by the server and processes the corresponding business logic. [0007] During the above interaction process, if a malicious client modifies the URL or its paramet...
Claims
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More Application Information
Patent Timeline
Login to View More Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06H04L29/08
Inventor 李小红
Owner HUNAN HAPPLY SUNSHINE INTERACTIVE ENTERTAINMENT MEDIA CO LTD