A terminal device authentication method, device, storage medium and electronic device

By generating an authorization code and verifying the legitimacy of the terminal device based on a signature generation algorithm, the security and management efficiency issues of the terminal device authorization method in the existing technology are solved, realizing automated, secure and efficient authorization verification, and reducing operational complexity and cost.

CN117956462BActive Publication Date: 2026-06-05NO 15 INST OF CHINA ELECTRONICS TECH GRP

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Patents(China)
Current Assignee / Owner
NO 15 INST OF CHINA ELECTRONICS TECH GRP
Filing Date
2023-12-18
Publication Date
2026-06-05

Smart Images

  • Figure CN117956462B_ABST
    Figure CN117956462B_ABST
Patent Text Reader

Abstract

The verification method, device, storage medium and electronic device of the terminal device are provided, and the verification method comprises the following steps: receiving a connection request sent by a terminal device and storing the connection request in a request log, wherein information in a request header corresponding to the connection request at least comprises a terminal number and a first signature; performing verification based on the information in the request header; and calling a specified API interface service after the verification is passed. According to the authorization verification of the terminal device related information, the authorization code is guaranteed to be not impersonated, not tampered with, not denied and traceable.
Need to check novelty before this filing date? Find Prior Art

Description

Technical Field

[0001] This disclosure relates to the field of information security technology, specifically to a terminal verification method, apparatus, storage medium, and electronic device. Background Technology

[0002] Currently, terminal device authorization primarily relies on SMS verification to access the business platform. Direct operation by device manufacturers can lead to various risks, including information security vulnerabilities, device management issues, and customer churn. Furthermore, SMS operations are overly complex. When a batch of devices is produced, they are all assigned to a single business server by default. When shipment, if a different business server needs to be assigned, a separate SMS message must be sent. When a large number of devices are shipped, numerous SMS messages will be required to complete the assignment process, resulting in significant costs.

[0003] Furthermore, there are no permission settings for sending text messages, meaning anyone can change the corresponding business server of the device via SMS, posing potential security risks. When the device's usage period expires or it is deactivated and then reactivated, resending text messages is required, which is very complicated. Summary of the Invention

[0004] The purpose of this disclosure is to provide a terminal verification method, system, storage medium, and electronic device to solve the problems existing in the prior art.

[0005] To solve the above-mentioned technical problems, the embodiments of this disclosure adopt the following technical solutions:

[0006] One aspect of this disclosure provides a verification method for a terminal device, including:

[0007] The connection request sent by the terminal device is received and stored in the request log. The information in the request header corresponding to the connection request includes at least the terminal number and the first signature.

[0008] Verification is performed based on the information in the request header;

[0009] After successful verification, the specified API interface service is invoked.

[0010] In some embodiments, the first signature is determined in the following manner:

[0011] An authorization code for the terminal device is generated based on specified information and a random number. The specified information includes at least one of the following: the name of the manufacturer of the terminal device, the model of the terminal device, the bound IP of the terminal device, the physical address of the terminal device, and the identity code of the user of the terminal device.

[0012] The first signature is generated by calling a preset signature generation algorithm based on the authorization code.

[0013] In some embodiments, after generating the first signature based on the authorization code, the method further includes:

[0014] Add a timestamp to the first signature.

[0015] In some embodiments, the verification based on the information in the request header includes:

[0016] Check whether the terminal number in the request header has been registered;

[0017] Verification was successful if the terminal number had already been registered.

[0018] In some embodiments, the verification based on the information in the request header further includes:

[0019] Parse the physical address corresponding to the terminal number in the request header;

[0020] Query the corresponding authorization code based on the physical address;

[0021] A second signature is generated based on the authorization code using a preset signature generation algorithm.

[0022] The second signature is compared with the first signature, and the verification is successful if the second signature matches the first signature.

[0023] In some embodiments, before comparing the second signature with the first signature, the method further includes:

[0024] Compare the timestamp of the first signature with a preset time range.

[0025] In some embodiments, the verification based on the information in the request header further includes:

[0026] Query the request log for the IP address in the request header of the request record corresponding to the terminal number;

[0027] The verification passes if the IP address in the request header is empty and the number of different IP addresses is no greater than 1.

[0028] Another aspect of this disclosure provides a verification device for a terminal device, comprising:

[0029] The receiving module is used to receive connection requests sent by terminal devices and store them in the request log. The information in the request header corresponding to the connection request includes at least the terminal number and the first signature.

[0030] The verification module is used to verify information based on the information in the request header;

[0031] The calling module is used to invoke the specified API interface service after successful verification.

[0032] Another aspect of this disclosure provides a storage medium storing a computer program, characterized in that the computer program, when executed by a processor, implements the steps of any of the methods described above.

[0033] Another aspect of this disclosure provides an electronic device, including at least a memory and a processor, wherein the memory stores a computer program, characterized in that the processor, when executing the computer program in the memory, implements the steps of any of the methods described above.

[0034] This disclosure embodiment performs authorization verification based on terminal device information to ensure that the authorization code cannot be misused, tampered with, denied, or traceable. Attached Figure Description

[0035] To more clearly illustrate the technical solutions in the embodiments of this disclosure or the prior art, the drawings used in the description of the embodiments or the prior art will be briefly introduced below. Obviously, the drawings described below are only some embodiments recorded in this disclosure. For those skilled in the art, other drawings can be obtained based on these drawings without creative effort.

[0036] Figure 1 This is a schematic diagram illustrating the steps of a terminal verification method according to an embodiment of the present disclosure;

[0037] Figure 2 This is a schematic diagram of the structure of a terminal verification system according to an embodiment of the present disclosure;

[0038] Figure 3 This is a schematic diagram of the structure of a terminal verification system according to an embodiment of the present disclosure;

[0039] Figure 4 This is a schematic diagram of the structure of a terminal verification system according to an embodiment of the present disclosure;

[0040] Figure 5 This is a schematic diagram of the structure of a terminal verification device according to an embodiment of the present disclosure. Detailed Implementation

[0041] Various embodiments and features of this disclosure are described herein with reference to the accompanying drawings.

[0042] It should be understood that various modifications can be made to the embodiments described herein. Therefore, the above description should not be considered as limiting, but merely as an example of embodiments. Other modifications within the scope and spirit of this disclosure will be apparent to those skilled in the art.

[0043] The accompanying drawings, which are included in and form part of this specification, illustrate embodiments of the present disclosure and, together with the general description of the disclosure given above and the detailed description of the embodiments given below, serve to explain the principles of the disclosure.

[0044] These and other features of this disclosure will become apparent from the following description of preferred forms of embodiments given as non-limiting examples, with reference to the accompanying drawings.

[0045] It should also be understood that although this disclosure has been described with reference to some specific examples, those skilled in the art can certainly implement many other equivalent forms of this disclosure, which have the features described in the claims and are therefore all within the scope of protection defined herein.

[0046] The above and other aspects, features and advantages of this disclosure will become more apparent when taken in conjunction with the accompanying drawings and in view of the following detailed description.

[0047] Specific embodiments of this disclosure are described thereafter with reference to the accompanying drawings; however, it should be understood that the claimed embodiments are merely examples of this disclosure, which may be implemented in various ways. Well-known and / or repeated functions and structures are not described in detail to avoid unnecessary or redundant details that could obscure this disclosure. Therefore, the specific structural and functional details claimed herein are not intended to be limiting, but merely to serve as the basis and representative basis for the claims to teach those skilled in the art to use this disclosure in a variety of substantially any suitable detailed structures.

[0048] This specification may use the phrases “in one embodiment,” “in another embodiment,” “in yet another embodiment,” or “in still another embodiment,” all of which may refer to one or more of the same or different embodiments according to this disclosure.

[0049] like Figure 1 As shown, the first embodiment of this disclosure provides a method for verifying a terminal device. This verification method is used on a server side, such as a local server or a web server, a server cluster consisting of several servers, or a cloud computing service center capable of data storage and processing. Figure 1 As shown, the verification method includes the following steps:

[0050] S101, Receive a connection request sent by a terminal device and store it in a request log. The information in the request header corresponding to the connection request includes at least the terminal number and the first signature.

[0051] In step S101, a connection request sent by the terminal device is received and stored in the request log. The information in the request header corresponding to the connection request includes at least the terminal number and the first signature. This connection request is initiated by the terminal device and is used to request a call to the platform API (Application Programming Interface) service. In this embodiment, all connection requests calling the platform API service must include at least the terminal number and the generated first signature in the request header information.

[0052] The terminal number mentioned here is used to uniquely identify the terminal device. In this embodiment, the terminal device may include, but is not limited to, personnel GPS (Global Positioning System) positioning devices, vehicle GPS positioning devices, and various vehicle-mounted terminal monitoring devices, such as smart water meters, odor sensors, soil detectors, and RTU (Remote Terminal Unit) smart terminals. The first signature is used to verify that each connection request is initiated by an authorized terminal device.

[0053] Furthermore, the first signature here is determined in the following way:

[0054] An authorization code for the terminal device is generated based on specified information and a random number. The specified information includes at least one of the following: the name of the manufacturer of the terminal device, the model of the terminal device, the bound IP of the terminal device, the physical address of the terminal device, and the identity code of the user of the terminal device.

[0055] The first signature is generated by calling a preset signature generation algorithm based on the authorization code.

[0056] Furthermore, after generating the first signature based on the authorization code, the process further includes:

[0057] Add a timestamp to the first signature.

[0058] The process of determining the first signature described above can be implemented, for example, in a client application. The specified information concerning the terminal device mentioned here refers to information related to the terminal device and its manufacturing or use, including, for example: the name of the manufacturer of the terminal device, the model of the terminal device, the bound IP address of the terminal device, the physical address of the terminal device, and the identity code of the user of the terminal device.

[0059] The specific form of the designated information of the terminal device mentioned above may include, but is not limited to, numerical codes, alphanumeric codes, text identifiers, IP addresses (Internet Protocol Address) or combinations of several identifiers, such as AAA, 110, Terminal Number 1, etc.; wherein, there is a one-to-one correspondence between the terminal device and the device identifier.

[0060] The authorization code and terminal number are obtained in a timely manner through the device management platform, and a correspondence between the authorization code and terminal number and the device identifier is established. The authorization code and terminal number are stored in the database of the integrated management platform in accordance with the device identifier to maintain the communication stability and security between the terminal device and the integrated management platform.

[0061] In one implementation, an authorization code for the terminal device is generated based on the name of the manufacturer to which the terminal device belongs, the model of the terminal device, the bound IP address of the terminal device, the physical address of the terminal device, the organization code (or personal identification code) using the terminal device, and a random number. The authorization code can be an APPKEY (public key) and an APPSECRET (private key). The authorization code and the terminal number are then encrypted and stored in a database, and provided to the terminal device interface manufacturer for storage on the corresponding terminal device.

[0062] Furthermore, after generating the authorization code for the terminal device based on specified information and a random number, the process further includes: generating a first signature based on the authorization code using a preset signature generation algorithm. This first signature may include a timestamp. Specifically, for example, the terminal device can use the preset signature generation algorithm to generate the first signature based on the authorization code. A timestamp needs to be added to the first signature to determine the time the request was initiated.

[0063] S102, perform verification based on the information in the request header.

[0064] After receiving the connection request sent by the terminal device and storing it in the request log in step S101, this step performs verification based on the information in the request header. In this embodiment, the verification step is performed on the server side using the information in the request header, and only connection requests that pass verification can call the corresponding API interface service.

[0065] Regarding step S102 above, the verification is performed based on the information in the request header, such as... Figure 2 As shown, it includes:

[0066] S201, Check whether the terminal number in the request header has been registered;

[0067] S202, verification passed if the terminal number has been registered.

[0068] In this step, it is necessary to determine whether the terminal device meets the verification conditions for connecting to the server. If the verification conditions are met, the terminal device is allowed to call the API interface service. If the terminal device does not meet the verification conditions, the API interface service is refused. In this embodiment, the verification conditions are determined by whether the terminal number in the request header of the connection request is pre-registered in the database.

[0069] Specifically, the API intercepts connection requests and checks whether the terminal number in the request header has been registered in the database. In other words, by receiving connection requests sent by terminal devices, the server's database is traversed based on the terminal number corresponding to the terminal device carried in the connection request. If the terminal number of the terminal device is found in the database, the verification is considered successful. If the terminal number is not found, the terminal device is determined to be unregistered, and the API interface refuses to provide services. This improves the security of the terminal device's connection.

[0070] Furthermore, the verification is performed based on the information in the request header, such as... Figure 3 As shown, it also includes:

[0071] S301, parse the physical address corresponding to the terminal number in the request header;

[0072] S302, query the corresponding authorization code based on the physical address;

[0073] S303, based on the authorization code, a preset signature generation algorithm is invoked to generate a second signature;

[0074] S304, compare the second signature with the first signature, and if the second signature matches the first signature, the verification is successful.

[0075] In this step, it is necessary to determine whether the terminal device meets the verification conditions for connecting to the server. If the verification conditions are met, the terminal device is allowed to call the API interface service. If the terminal device does not meet the verification conditions, the API interface service is refused. In this embodiment, the verification conditions are determined by whether the signature information in the request header of the connection request is consistent.

[0076] Specifically, the API intercepts connection requests, parses the physical address of the terminal device corresponding to the terminal number in the request header, retrieves the corresponding authorization code's APPKEY and APPSECRET using the physical address, and calls a preset signature generation algorithm to generate a second signature. Finally, the generated second signature is compared with the previously generated first signature; if the two signatures match, the verification is considered successful. For example, it verifies whether the first signature in the request header matches the generated second signature; if they do not match, the first signature is invalid, and the API interface refuses to provide service.

[0077] Furthermore, before judging the signature, the timeliness of the first signature can also be judged. By verifying the timeliness of the first signature, the communication between the terminal device and the server can be kept stable, and the access can be effectively guaranteed.

[0078] Therefore, before comparing the second signature with the first signature, the method further includes comparing the timestamp of the first signature with a preset time range. Specifically, in this step, it is verified whether the timestamp of the first signature is within its validity period; if the timestamp of the first signature is not within its validity period, then the first signature does not have an expiration date. The preset time range here is associated with the corresponding API interface service, and different API interface services can set different preset time ranges.

[0079] Specifically, the system verifies whether the timestamp of the first signature is within the preset time range set by the API interface service. If the timestamp is within the preset time range, the API interface service is provided; otherwise, the API interface refuses to provide service. The timestamp refers to the starting time point from which the terminal device sends the connection request, and the validity period refers to the valid authorization time in the authorization contract signed between the terminal device and the integrated management platform, typically a one-year validity period. Specifically, in practical applications, when the integrated management platform receives a connection request from the terminal device, it can directly obtain the timestamp corresponding to the terminal device carried in the connection request, such as 2013.02.03, and the validity period of the integrated management platform corresponding to the terminal device, such as 2010.01.01-2011.01.01. Then, by comparing the timestamp with the validity period, it can be determined that the signature is not within the validity period, meaning the timestamp exceeds the validity period. Therefore, the first signature lacks validity, and the API interface refuses to provide service.

[0080] Furthermore, the verification is performed based on the information in the request header, such as... Figure 4 As shown, it also includes:

[0081] S401, query the request log for the IP address of the request header in the request record corresponding to the terminal number;

[0082] S402, if the IP address in the request header is empty and the number of different IP addresses is not greater than 1, then the verification is successful.

[0083] In this step, it is necessary to determine whether the terminal device meets the verification conditions for connecting to the server. If the verification conditions are met, the terminal device is allowed to call the API interface service. If the terminal device does not meet the verification conditions, the API interface service is refused. In this embodiment, the number of IP addresses in the request header of the connection request is used to determine whether the verification conditions are met.

[0084] Specifically, the API intercepts connection requests and checks in real time whether the IP address in the request log record corresponding to the same terminal number is not empty and whether the number of different IP addresses is not greater than 1. If it is less than or equal to 1, the verification is considered successful and the interface service is provided to the terminal device. If it is greater than 1, it means that the IP address has been modified, the connection request submitted by the terminal device will be rejected, and a warning will be returned.

[0085] In practical applications, upon receiving a connection request from the terminal device, the terminal ID (e.g., B11) carried in the connection request can be used to determine whether terminal device B meets the verification conditions. Specifically, this can be done by iterating through the database to search for an IP address corresponding to terminal ID B11. If only one IP address (e.g., 152.01.3) is found corresponding to terminal ID B11, it can be interpreted that the terminal device meets the verification conditions, thus allowing connection to be established and API interface services provided. Verifying whether the IP address has been modified reduces resource consumption, lowers time complexity, and to a certain extent ensures the security and accuracy of the initial authorization verification.

[0086] Furthermore, in this embodiment, after each successful verification, a valid connection request is recorded and a request log is generated. The content of the request log includes, for example, at least the terminal device's terminal number and the IP address of the request header. Specifically, after the terminal device meets the verification conditions, the API interface service provides a connection request for the interface service, and these valid connection requests are recorded in the database. The request record for each successful connection request is stored in the request log, and the request record format is: priority number, request method name, request parameters, request processing time, request header IP, and creation time. The request log facilitates traceability and verification.

[0087] S103, after successful verification, calls the specified API interface service.

[0088] After verifying the information in the request header in step S102, this step calls the specified API interface service upon successful verification. The API interface service is provided if the terminal device meets the verification conditions; otherwise, it is refused if the terminal device does not meet the verification conditions.

[0089] Specifically, before a user needs to call the server-side API service using the terminal device, authorization is required based on the terminal device's relevant information. Authorized terminal devices are then allowed to call the API service. Specifically, the connection request is first verified to ensure that each connection request is initiated by an authorized terminal device. This verification process, which judges the authorization conditions of the connection request, enables automated authorization verification, improves authorization processing efficiency, maintains the stability of the communication connection, and achieves automated authorization verification for terminal devices. This is convenient, fast, secure, and cost-effective. This embodiment of the disclosure performs authorization verification based on terminal device information, ensuring that the authorization code is unusable, unalterable, non-repudiable, and traceable.

[0090] The second embodiment of this disclosure provides a verification device for a terminal device, such as... Figure 5 As shown, it includes a receiving module 10, a verification module 20, and a calling module 30 that are coupled to each other, wherein:

[0091] The receiving module is used to receive connection requests sent by terminal devices and store them in the request log. The information in the request header corresponding to the connection request includes at least the terminal number and the first signature.

[0092] The verification module is used to verify information based on the information in the request header;

[0093] The calling module is used to invoke the specified API interface service after successful verification.

[0094] Furthermore, the first signature is determined in the following way:

[0095] An authorization code for the terminal device is generated based on specified information and a random number. The specified information includes at least one of the following: the name of the manufacturer of the terminal device, the model of the terminal device, the bound IP of the terminal device, the physical address of the terminal device, and the identity code of the user of the terminal device.

[0096] The first signature is generated by calling a preset signature generation algorithm based on the authorization code.

[0097] Furthermore, after generating the first signature based on the authorization code, the process further includes:

[0098] Add a timestamp to the first signature.

[0099] Furthermore, the verification module includes:

[0100] The first query unit is used to query whether the terminal number in the request header has been registered;

[0101] The first verification unit is used to verify that the terminal number has been registered.

[0102] Furthermore, the verification module also includes:

[0103] The parsing unit is used to parse the physical address corresponding to the terminal number in the request header;

[0104] The second query unit is used to query the corresponding authorization code based on the physical address;

[0105] The generation unit is used to generate a second signature by calling a preset signature generation algorithm based on the authorization code;

[0106] The second verification unit is used to compare the second signature with the first signature, and the verification is successful when the second signature matches the first signature.

[0107] Furthermore, the verification module also includes:

[0108] The time comparison unit compares the timestamp of the first signature with a preset time range.

[0109] Furthermore, the verification module also includes:

[0110] The third query unit is used to query the IP address of the request header in the request record corresponding to the terminal number in the request log;

[0111] The third verification unit is used to verify if the IP address in the request header is empty and the number of different IP addresses is no greater than 1.

[0112] This disclosure embodiment performs authorization verification based on terminal device information to ensure that the authorization code cannot be misused, tampered with, denied, or traceable.

[0113] The third embodiment of this disclosure provides a storage medium, which is a computer-readable medium storing a computer program. When executed by a processor, the computer program implements the method provided in the first embodiment of this disclosure, including the following steps S11 to S13:

[0114] S11, Receive a connection request sent by a terminal device and store it in a request log. The information in the request header corresponding to the connection request includes at least the terminal number and the first signature.

[0115] S12, perform verification based on the information in the request header;

[0116] S13 calls the specified API interface service after successful verification.

[0117] Furthermore, when the computer program is executed by the processor, it implements other methods provided in the first embodiment of this disclosure.

[0118] This disclosure embodiment performs authorization verification based on terminal device information to ensure that the authorization code cannot be misused, tampered with, denied, or traceable.

[0119] A fourth embodiment of this disclosure provides an electronic device, which includes at least a memory and a processor. The memory stores a computer program, and the processor, when executing the computer program in the memory, implements the method provided in any embodiment of this disclosure. Exemplarily, the computer program steps of the electronic device are as follows: S21 to S23:

[0120] S21, Receive a connection request sent by a terminal device and store it in a request log. The information in the request header corresponding to the connection request includes at least the terminal number and the first signature.

[0121] S22, perform verification based on the information in the request header;

[0122] S23, after successful verification, calls the specified API interface service.

[0123] Furthermore, the processor also executes the computer program described in the third embodiment above.

[0124] This disclosure embodiment performs authorization verification based on terminal device information to ensure that the authorization code cannot be misused, tampered with, denied, or traceable.

[0125] The aforementioned storage medium may be included in the aforementioned electronic device; or it may exist independently and not be assembled into the electronic device.

[0126] The aforementioned storage medium carries one or more programs, which, when executed by the electronic device, cause the electronic device to: acquire at least two Internet Protocol (IP) addresses; send a node evaluation request, including at least two IP addresses, to a node evaluation device, wherein the node evaluation device selects an IP address from the at least two IP addresses and returns it; and receive the IP address returned by the node evaluation device; wherein the acquired IP address indicates an edge node in the content delivery network.

[0127] Alternatively, the storage medium may carry one or more programs that, when executed by the electronic device, cause the electronic device to: receive a node evaluation request including at least two Internet Protocol (IP) addresses; select an IP address from the at least two IP addresses; and return the selected IP address; wherein the received IP address indicates an edge node in the content delivery network.

[0128] Computer program code for performing the operations of this disclosure can be written in one or more programming languages ​​or a combination thereof, including but not limited to object-oriented programming languages ​​such as Java, Smalltalk, and C++, as well as conventional procedural programming languages ​​such as the "C" language or similar programming languages. The program code can be executed entirely on the passenger's computer, partially on the passenger's computer, as a standalone software package, partially on the passenger's computer and partially on a remote computer, or entirely on a remote computer or server. In cases involving a remote computer, the remote computer can be connected to the passenger's computer via any type of network—including a local area network (LAN) or a wide area network (WAN)—or can be connected to an external computer (e.g., via the Internet using an Internet service provider).

[0129] It should be noted that the storage medium described in this disclosure can be a computer-readable signal medium or a computer-readable storage medium, or any combination thereof. A computer-readable storage medium can be, for example,—but not limited to—an electrical, magnetic, optical, electromagnetic, infrared, or semiconductor system, system, or device, or any combination thereof. More specific examples of a computer-readable storage medium may include, but are not limited to: an electrical connection having one or more wires, a portable computer disk, a hard disk, random access memory (RAM), read-only memory (ROM), erasable programmable read-only memory (EPROM or flash memory), optical fiber, portable compact disk read-only memory (CD-ROM), optical storage device, magnetic storage device, or any suitable combination thereof. In this disclosure, a computer-readable storage medium can be any tangible medium containing or storing a program that can be used by or in conjunction with an instruction execution system, system, or device. In this disclosure, a computer-readable signal medium can include a data signal propagated in baseband or as part of a carrier wave, carrying computer-readable program code. Such propagated data signals can take various forms, including but not limited to electromagnetic signals, optical signals, or any suitable combination thereof. A computer-readable signal medium can also be any storage medium other than a computer-readable storage medium, which can send, propagate, or transmit a program for use by or in connection with an instruction execution system, system, or device. The program code contained on the storage medium can be transmitted using any suitable medium, including but not limited to: wires, optical fibers, RF (radio frequency), etc., or any suitable combination thereof.

[0130] The flowcharts and block diagrams in the accompanying drawings illustrate the architecture, functionality, and operation of possible implementations of systems, methods, and computer program products according to various embodiments of this disclosure. In this regard, each block in a flowchart or block diagram may represent a module, segment, or portion of code containing one or more executable instructions for implementing a specified logical function. It should also be noted that in some alternative implementations, the functions indicated in the blocks may occur in a different order than those indicated in the drawings. For example, two consecutively indicated blocks may actually be executed substantially in parallel, and they may sometimes be executed in reverse order, depending on the functions involved. It should also be noted that each block in the block diagrams and / or flowcharts, and combinations of blocks in the block diagrams and / or flowcharts, can be implemented using a dedicated hardware-based system that performs the specified function or operation, or using a combination of dedicated hardware and computer instructions.

[0131] The units described in the embodiments of this disclosure can be implemented in software or hardware. The names of the units are not, in some cases, intended to limit the specific unit.

[0132] The functions described above in this document can be performed, at least in part, by one or more hardware logic components. For example, exemplary types of hardware logic components that can be used, without limitation, include: Field Programmable Gate Arrays (FPGAs), Application-Specific Integrated Circuits (ASICs), Application Standard Products (ASSPs), System-on-Chip (SoCs), Complex Programmable Logic Devices (CPLDs), and so on.

[0133] In the context of this disclosure, a machine-readable medium can be a tangible medium that may contain or store a program for use by or in conjunction with an instruction execution system, system, or device. A machine-readable medium can be a machine-readable signal medium or a machine-readable storage medium. Machine-readable media can be, but is not limited to, electronic, magnetic, optical, electromagnetic, infrared, or semiconductor systems, systems, or devices, or any suitable combination of the foregoing. More specific examples of machine-readable storage media include electrical connections based on one or more wires, portable computer disks, hard disks, random access memory (RAM), read-only memory (ROM), erasable programmable read-only memory (EPROM or flash memory), optical fiber, portable compact disk read-only memory (CD-ROM), optical storage devices, magnetic storage devices, or any suitable combination of the foregoing.

[0134] The above description is merely a preferred embodiment of this disclosure and an explanation of the technical principles employed. Those skilled in the art should understand that the scope of this disclosure is not limited to technical solutions formed by specific combinations of the above-described technical features, but should also cover other technical solutions formed by arbitrary combinations of the above-described technical features or their equivalents without departing from the above-described concept. For example, technical solutions formed by substituting the above features with (but not limited to) technical features disclosed in this disclosure that have similar functions.

[0135] Furthermore, while the operations are described in a specific order, this should not be construed as requiring these operations to be performed in the specific order shown or in a sequential order. In certain environments, multitasking and parallel processing may be advantageous. Similarly, while several specific implementation details are included in the above discussion, these should not be construed as limiting the scope of this disclosure. Certain features described in the context of individual embodiments may also be implemented in combination in a single embodiment. Conversely, various features described in the context of a single embodiment may also be implemented individually or in any suitable sub-combination in multiple embodiments.

[0136] Although the subject matter has been described using language specific to structural features and / or methodological logic, it should be understood that the subject matter defined in the appended claims is not necessarily limited to the specific features or actions described above. Rather, the specific features and actions described above are merely illustrative examples of implementing the claims.

[0137] The foregoing has provided a detailed description of several embodiments of this disclosure. However, this disclosure is not limited to these specific embodiments. Those skilled in the art can make various variations and modifications based on the concept of this disclosure, and all such variations and modifications should fall within the scope of protection claimed by this disclosure.

Claims

1. A method for verifying a terminal device, characterized in that, include: The connection request sent by the terminal device is received and stored in the request log. The information in the request header corresponding to the connection request includes at least the terminal number and the first signature. The first signature is determined by: generating an authorization code for the terminal device based on specified information of the terminal device and a random number; the specified information includes at least one of the following: the name of the manufacturer of the terminal device, the model of the terminal device, the bound IP of the terminal device, the physical address of the terminal device, and the identity code of the user of the terminal device; and generating the first signature by calling a preset signature generation algorithm based on the authorization code. Verification is performed based on the information in the request header; After successful verification, the specified API interface service will be invoked. The verification based on the information in the request header includes: querying whether the terminal number in the request header has been registered, and verifying the terminal number if it has been registered; parsing the physical address corresponding to the terminal number in the request header; querying the corresponding authorization code based on the physical address; generating a second signature by calling a preset signature generation algorithm based on the authorization code; comparing the second signature with the first signature, and verifying the terminal number if the second signature matches the first signature.

2. The verification method according to claim 1, characterized in that, After generating the first signature based on the authorization code, the process further includes: Add a timestamp to the first signature.

3. The verification method according to claim 2, characterized in that, Before comparing the second signature with the first signature, the method further includes: Compare the timestamp of the first signature with a preset time range.

4. The verification method according to claim 1, characterized in that, The verification based on the information in the request header also includes: Query the request log for the IP address in the request header of the request record corresponding to the terminal number; The verification passes if the IP address in the request header is empty and the number of different IP addresses is no greater than 1.

5. A verification device for a terminal device, characterized in that, include: The receiving module is used to receive connection requests sent by terminal devices and store them in the request log. The information in the request header corresponding to the connection request includes at least the terminal number and the first signature. The first signature is determined by: generating an authorization code for the terminal device based on specified information of the terminal device and a random number; the specified information includes at least one of the following: the name of the manufacturer of the terminal device, the model of the terminal device, the bound IP of the terminal device, the physical address of the terminal device, and the identity code of the user of the terminal device; and generating the first signature by calling a preset signature generation algorithm based on the authorization code. The verification module is used to verify information based on the information in the request header; The calling module is used to invoke the specified API interface service after successful verification; The verification module includes: a first query unit for querying whether the terminal number in the request header has been registered; a first verification unit for verifying if the terminal number has been registered; and further includes: a parsing unit for parsing the physical address corresponding to the terminal number in the request header; a second query unit for querying the corresponding authorization code based on the physical address; a generation unit for generating a second signature based on the authorization code using a preset signature generation algorithm; and a second verification unit for comparing the second signature with the first signature, verifying if the second signature matches the first signature.

6. A storage medium storing a computer program, characterized in that, When the computer program is executed by a processor, it implements the steps of the method according to any one of claims 1 to 4.

7. An electronic device, comprising at least a memory and a processor, wherein the memory stores a computer program, characterized in that, The processor implements the steps of the method according to any one of claims 1 to 4 when executing a computer program on the memory.