Method for safely using password in delegation mode

A password and security technology, applied in the field of password entrusted use, can solve problems such as inability to use and irreversible passwords, and achieve the effect of ensuring security and facilitating password management and use.

Pending Publication Date: 2022-01-07
CHENGDU DBAPP SECURITY
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] The purpose of the present invention is to provide a method for securely using passwords in a delegated manner. On the premise of ensuring the security of plaintext passwords, it solves the problem of irreversible and unusable passwords caused by hashing and salting storage passwords.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for safely using password in delegation mode
  • Method for safely using password in delegation mode

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0026] In one kind of embodiment of the present embodiment are delegated secure cryptographic methods, such as figure 1 As shown, including the following steps:

[0027] Step 1, a plurality of users to send encrypted password to the login server client, the password for the login server for different clients obtain a plurality of decrypted plain text passwords, login password for authentication plaintext;

[0028] Step 2, the login server to the plurality of passwords stored in plain text server commission, a server commission plaintext generation object identification ID unique passwords a password corresponding to the plaintext password for each of the current;

[0029] Step 3, adding a number of function programs to delegate trust server, the server generates a unique delegate delegate function delegate a function program ID identifying a current corresponding to a delegate for each function program;

[0030] Step 4, delegate the server returns a password object identification ...

Embodiment 2

[0041] The present embodiment further optimization on the basis of the embodiment 1, such as figure 2As shown in the Step 2 and Step 3, the clear text password synchronization interact with the client by deploying a double function program in a single process or delegate server synchronous interaction with the clear text password delegate function program implemented by two servers delegate plaintext password safe storage and backup procedures and delegate functions.

[0042] Further, if only there is a delegate server, deploy a master trust in the process and a backup process server, to synchronize passwords in clear text to interact with the delegate functions of the program between the primary and the backup process through the process of load balancing.

[0043] Further, if the two servers trust exists, a delegate-based server deployment server, the deployment server and the other is standby server entrusted to constitute a HA cluster, the plain text password delegate function...

Embodiment 3

[0056] The present embodiment further optimized based on the above Example 1 or 2 on the proxy server is provided with a code that is loaded on an interface, the interface is loaded by loading the code plug implemented with the functions of the program delegate delegate function program to add a number of delegate server .

[0057] Further, the use of static or dynamically loaded loaded down with the insert delegate functions of the program loaded into the delegate server.

[0058] Dynamic loading:

[0059] Delegation is provided with HTTP server, and other dynamic RPC interfaces for dynamic loading plug, allowing the server password delegate delegate function provides a program interface code can be dynamically loaded, comply with the rules may be received through the interface code and the dynamic code is loaded into the server trust delegate functions among the collection procedures. Dynamic languages ​​dynamically loaded widget

[0060] Received parameter is dynamic interface ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a method for safely using a password in a delegation mode. The method comprises the following steps: a plurality of users send encrypted passwords to a login server through user sides, the login server decrypts the passwords of different user sides to obtain a plurality of password plaintexts, and performs verification login through the password plaintexts; the login server stores the plurality of password plaintexts to a delegation server, and the delegation server generates a unique password object identification ID for the password plaintexts; a plurality of delegation function programs are added to the delegation server, and the delegation server generates a unique delegation function identification ID for the delegation function programs; and the client calls a corresponding password plaintext and a corresponding entrusting function program from the entrusting server by calling the password corresponding identification ID and the entrusting function identification ID. The method realizes remote function security calling with strict data isolation requirements, and meanwhile, on the premise that the security of the password plaintext is ensured, the method solves the problem that: the password is irreversible and cannot be used due to the fact that the password is stored by hash and salt.

Description

Technical field [0001] The present invention belongs to the technical field delegate password used, in particular to a method using a password delegate secure manner. Background technique [0002] Store the user's password, now generally safer to use hash with salt way, the benefits are not reversible, in case of leakage of the database can not launch anti-user password, but also eliminate the possibility of the system to use the password hash with salt password authentication can only exist in time as a comparison basis. [0003] Especially in the management of other systems in the system, if you want to achieve using a user password to other systems, because the password is irreversible and can not achieve this, it can not be achieved at the password strength policy changes, such as to remind the user does not meet the requirements of change passwords the user password is stored as an irreversible result in the user password can not be used to do other things. Inventive conten...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/46G06F21/60
CPCG06F21/46G06F21/602
Inventor 陈杨范渊吴永越郑学新刘韬
Owner CHENGDU DBAPP SECURITY
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap