Security authentication method and system based on open interface communication

A security authentication, open interface technology, applied in the computer field, can solve the problems of high memory cost, interface replay attack, key leakage and so on

Pending Publication Date: 2021-07-06
SHANGHAI MININGLAMP ARTIFICIAL INTELLIGENCE GRP CO LTD
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0002] With the upgrading of Internet micro-services and distributed technology, communication between services is essential. We often use a scenario where the open service interface authorizes our designated authorized services to access, and the authorized services are accessed by us. If there is no security verification for the interface, the open service interface will be exposed to other non-target services on the public network or intranet, and may be accessed or even maliciously used by other services not specified by us, and may be cracked due to interface replay attacks , if there is high-frequency interface access authentication, it is likely to cause database penetration. At this time, it is necessary to design a data access authorization scheme for directional service authorization to ensure that our services can only be accessed by our designated authenticated services. , to achieve the ultimate goal of data security
Existing data access authorization schemes have a certain amount of demand for machine memory, and the cost of memory is relatively high. There may also be security issues caused by unpacking HTTP request data and causing secret keys to be leaked or cracked.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Security authentication method and system based on open interface communication
  • Security authentication method and system based on open interface communication
  • Security authentication method and system based on open interface communication

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0052] figure 1 It is a schematic diagram of steps of a security authentication method based on open interface communication provided by the present invention. Such as figure 1 As shown, this embodiment discloses a specific implementation of a security authentication method based on open interface communication (hereinafter referred to as "method").

[0053] Specifically, the method disclosed in this embodiment mainly includes the following steps:

[0054] Step S1: Build the authorization service and MYSQL service, and initialize the related authorization table in the MYSQL service;

[0055] Specifically, build the MYSQL service and initialize the relevant authorization table (OpenAuth) in the MYSQL service. The information specified in the authorization table field includes but is not limited to: App source name, AppId, AppSecret, status validity, and creation date.

[0056] Step S2: cache the updated authorization data in the authorization table into the memory data of th...

Embodiment 2

[0080] In combination with the security authentication method based on open interface communication disclosed in Embodiment 1, this embodiment discloses a specific implementation example of a security authentication system based on open interface communication (hereinafter referred to as "system").

[0081] refer to image 3 As shown, the system includes:

[0082] Service building unit 11: build authorization service and MYSQL service, and initialize related authorization tables in MYSQL service;

[0083] Data cache unit 12: cache the updated authorization data in the authorization table into the memory data of the authorization service;

[0084] Interface specifying unit 13: the authorized service specifies an interface requiring security authentication;

[0085] Interface request unit 14: the authorized service initiates a request to the interface that has passed security authentication among the interfaces, and carries relevant authentication parameters at the same time; ...

Embodiment 3

[0094] combine Figure 4 As shown, this embodiment discloses a specific implementation manner of a computer device. The computer device may comprise a processor 81 and a memory 82 storing computer program instructions.

[0095] Specifically, the processor 81 may include a central processing unit (CPU), or an Application Specific Integrated Circuit (ASIC for short), or may be configured to implement one or more integrated circuits in the embodiments of the present application.

[0096] Among them, the memory 82 may include mass storage for data or instructions. For example without limitation, the memory 82 may include a hard disk drive (Hard Disk Drive, referred to as HDD), a floppy disk drive, a solid state drive (SolidState Drive, referred to as SSD), flash memory, optical disk, magneto-optical disk, magnetic tape or universal serial bus (Universal Serial Bus, referred to as USB) drive or a combination of two or more of the above. Storage 82 may comprise removable or non-r...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a security authentication method and system based on open interface communication, and the method comprises the steps: building an authorization service and an MYSQL service, and initializing a related authorization table in the MYSQL service; caching the updated authorization data in the authorization table to the memory data of the authorization service; enabling the authorized service to specify an interface needing security authentication; enabling the authorized service to initiate a request to an interface passing the security authentication in the interface, and carrying related authentication parameters at the same time; obtaining a comparison sign according to the authentication parameters, the authorization table and the memory data, and comparing the comparison sign with sign in the authentication parameters; and after the comparison is passed, enabling the interface to perform authorization authentication through the authorization authentication module, and determining that the authorization process is completed if the authorization authentication succeeds.

Description

technical field [0001] The invention relates to the field of computer technology, in particular to a safety authentication method and system based on open interface communication. Background technique [0002] With the upgrading of Internet micro-services and distributed technology, communication between services is essential. We often use a scenario where the open service interface authorizes our designated authorized services to access, and the authorized services are accessed by us. If there is no security verification for the interface, the open service interface will be exposed to other non-target services on the public network or intranet, and may be accessed or even maliciously used by other services not specified by us, and may be cracked due to interface replay attacks , if there is high-frequency interface access authentication, it is likely to cause database penetration. At this time, it is necessary to design a data access authorization scheme for directional ser...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F21/62G06F16/2455G06F16/25
CPCG06F21/6218G06F16/24552G06F16/25G06F2221/2141
Inventor 刘杨
Owner SHANGHAI MININGLAMP ARTIFICIAL INTELLIGENCE GRP CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap