Authentication method and device, electronic equipment and storage medium

By using distributed nodes to determine authorized user terminals for online authentication, the problem of low efficiency in paper-based authentication is solved, achieving efficient and reliable authentication processing.

CN122247649APending Publication Date: 2026-06-19PICC INFORMATION TECH CO LTD

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Applications(China)
Current Assignee / Owner
PICC INFORMATION TECH CO LTD
Filing Date
2026-01-27
Publication Date
2026-06-19

AI Technical Summary

Technical Problem

The current technology of using paper materials for authentication results in low authentication efficiency.

Method used

The system uses distributed nodes to identify the authorized user terminal corresponding to the target organization identifier, performs verification, and sends the object to be authenticated to the authorized user terminal for online authentication after successful verification, thus avoiding the use of offline paper materials.

Benefits of technology

It improved certification efficiency, enhanced the reliability and security of certification, and reduced the use of paper materials.

✦ Generated by Eureka AI based on patent content.

Smart Images

  • Figure CN122247649A_ABST
    Figure CN122247649A_ABST
Patent Text Reader

Abstract

This application provides an authentication method, apparatus, electronic device, and storage medium. In some embodiments of this disclosure, an authentication request is received, the authentication request including an object to be authenticated and a target organization identifier; based on the authentication request, an authorized user terminal corresponding to the target organization identifier is determined through distributed nodes; the authorized user terminal is verified to obtain a verification result; if the verification result is successful, the object to be authenticated is sent to the authorized user terminal so that the authorized user terminal can perform authentication processing on the object to be authenticated; this disclosure determines the authorized user terminal through distributed nodes, allowing authentication to be performed directly online through the authorized user terminal, avoiding offline paper-based authentication, thereby improving authentication efficiency.
Need to check novelty before this filing date? Find Prior Art

Description

Technical Field

[0001] This application relates to the field of Internet technology, and in particular to an authentication method, device, electronic device and storage medium. Background Technology

[0002] Before an object can be used, it needs to be authenticated. The object can be a protocol or contract, etc. Authentication makes the object effective. The two parties using the object can be users or organizations.

[0003] In related technologies, during the certification process, organizations need to authenticate paper materials by using seals or stamps.

[0004] However, the complexities of the authentication process involving paper materials result in low authentication efficiency. Summary of the Invention

[0005] This application provides authentication methods, apparatus, electronic devices, storage media, and program products to improve authentication efficiency.

[0006] In a first aspect, embodiments of this application provide an authentication method, comprising: receiving an authentication request, the authentication request including an object to be authenticated and a target organization identifier; determining an authorized user terminal corresponding to the target organization identifier through distributed nodes according to the authentication request; performing verification processing on the authorized user terminal to obtain a verification result; and if the verification result is successful, sending the object to be authenticated to the authorized user terminal so that the authorized user terminal performs authentication processing on the object to be authenticated.

[0007] In one possible implementation, determining the authorized user terminal corresponding to the target organization through distributed nodes based on the authentication request includes: determining a target database from the distributed nodes; generating a target query instruction based on the target organization identifier; performing query processing based on the target database and the target query instruction to obtain a query result; and determining the authorized user terminal based on the query result.

[0008] In one possible implementation, the query result includes: query success and query failure. Determining the authorized user terminal based on the query result includes: if the query result is a successful query, then determining the authorized user terminal based on the first user terminal identifier found in the query; or, if the query result is a failed query, then determining the organization user terminal corresponding to the target organization identifier, sending an authorization request to the organization user terminal, receiving a second user terminal identifier sent by the organization user terminal, and determining the authorized user terminal based on the second user terminal identifier.

[0009] In one possible implementation, the method further includes: establishing a mapping relationship based on the target organization identifier and the second user terminal identifier; and updating the target database according to the mapping relationship to obtain an updated database.

[0010] In one possible implementation, the verification process for the authorized user terminal to obtain a verification result includes: sending a verification request to the authorized user terminal; receiving current identity information sent by the authorized user terminal; determining standard identity information corresponding to the authorized user terminal from the target database; if the current identity information and the standard identity information are the same, then determining the verification result as verification passed; if the current identity information and the standard identity information are inconsistent, then determining the verification result as verification failed.

[0011] In one possible implementation, after sending the object to be authenticated to the authorized user terminal, the method further includes: receiving authentication information sent by the authorized user terminal; merging the authentication information with the object to be authenticated to obtain an authenticated object; encrypting the authenticated object using a target encryption algorithm to obtain an encrypted file; and storing the encrypted file in a target database.

[0012] In one possible implementation, the method further includes: if the verification result is that the verification fails, locking the object to be authenticated; generating alarm information based on the object to be authenticated; and sending the alarm information to the authorized user terminal.

[0013] Secondly, embodiments of this application provide an authentication device, comprising: a receiving module for receiving an authentication request, the authentication request including an object to be authenticated and a target organization identifier; a determining module for determining, based on the authentication request, an authorized user terminal corresponding to the target organization identifier through distributed nodes; and a verification module for performing verification processing on the authorized user terminal to obtain a verification result of the object to be authenticated, so that the authorized user terminal can perform authentication processing on the object to be authenticated.

[0014] Thirdly, embodiments of this application provide an authentication device, including: a memory and a processor; The memory stores computer-executed instructions; The processor executes computer execution instructions stored in the memory, causing the processor to perform the first aspect and / or various possible implementations of the first aspect as described above.

[0015] Fourthly, embodiments of this application provide a computer-readable storage medium storing computer-executable instructions, which, when executed by a processor, are used to implement the first aspect and / or various possible implementations of the first aspect.

[0016] Fifthly, embodiments of this application provide a computer program product, including a computer program that, when executed by a processor, implements the first aspect and / or various possible implementations of the first aspect.

[0017] In some embodiments of this disclosure, an authentication request is received, the authentication request including an object to be authenticated and a target organization identifier; based on the authentication request, an authorized user terminal corresponding to the target organization identifier is determined through distributed nodes; the authorized user terminal is verified to obtain a verification result; if the verification result is successful, the object to be authenticated is sent to the authorized user terminal so that the authorized user terminal can perform authentication processing on the object to be authenticated; this disclosure determines the authorized user terminal through distributed nodes, which can directly perform authentication online through the authorized user terminal, avoiding authentication through offline paper materials, thereby improving authentication efficiency.

[0018] It should be understood that the above general description and the following detailed description are exemplary and explanatory only, and are not intended to limit this disclosure. Attached Figure Description

[0019] The accompanying drawings, which are incorporated in and form part of this specification, illustrate embodiments consistent with this disclosure and, together with the description, serve to explain the principles of this disclosure, and are not intended to unduly limit this disclosure.

[0020] Figure 1 This is a schematic diagram illustrating an application scenario of an authentication method provided in an embodiment of this application; Figure 2 A flowchart illustrating an authentication method provided in an embodiment of this application; Figure 3 A flowchart illustrating another authentication method provided in an embodiment of this application; Figure 4 A schematic diagram illustrating the query provided in an embodiment of this application; Figure 5 A schematic diagram illustrating the determination of the authorized user terminal provided in an embodiment of this application; Figure 6 A schematic diagram of the authentication process provided in the embodiments of this application; Figure 7 This is a schematic diagram of the structure of an authentication device provided in an embodiment of this application; Figure 8 This is a schematic diagram of the structure of an electronic device provided in an embodiment of this application. Detailed Implementation

[0021] Exemplary embodiments will now be described in detail, examples of which are illustrated in the accompanying drawings. When the following description relates to the drawings, unless otherwise indicated, the same numbers in different drawings denote the same or similar elements. The embodiments described in the following exemplary embodiments do not represent all embodiments consistent with this application. Rather, they are merely examples of apparatuses and methods consistent with some aspects of this application as detailed in the appended claims.

[0022] It should be noted that the user information (including but not limited to user device information, user personal information, etc.) and data (including but not limited to data used for analysis, data stored, data displayed, etc.) involved in this application are all information and data authorized by the user or fully authorized by all parties. Furthermore, the collection, use, processing, transmission, provision, disclosure, and application of the relevant data all comply with the relevant laws, regulations, and standards of the relevant countries and regions, have taken necessary confidentiality measures, do not violate public order and good morals, and provide corresponding operation portals for users to choose to authorize or refuse.

[0023] Furthermore, the technical solution involved in this application, which involves big data analysis of user information (including but not limited to personal biometrics, identity data, consumption data, asset data, electronic terminal operation data, etc.) and the use of artificial intelligence technology for automated decision-making, and makes decisions that have a significant impact on personal rights based on the results of automated decision-making, provides users with corresponding operation entry points for users to choose to agree to or reject the results of automated decision-making; if the user chooses to reject, the process will proceed to the expert decision-making process.

[0024] It should be noted that the authentication methods, devices, electronic devices, storage media, and program products of this application can be used in the field of Internet technology, or in any field other than the Internet. The application fields of the authentication methods, devices, electronic devices, storage media, and program products of this application are not limited.

[0025] Figure 1 This is a schematic diagram illustrating an application scenario of an authentication method provided in this application embodiment. Using the illustrated scenario as an example: the authentication system sends an object to be authenticated to the user terminal; the user terminal reviews the object; if the review is successful, the user terminal sends authentication information to the authentication system to complete the authentication process.

[0026] Optionally, the user terminal can be used by a single user or an organization, with the organization including multiple users.

[0027] Optionally, if a single user is using the client, they can conduct online verification and send authentication information to the authentication system upon successful verification. If an organization is using the client, multiple levels of verification are required within the organization, with each level approving the verification before sending authentication information to the system. This requires offline circulation of paper materials between these levels.

[0028] Optionally, if a single user is using the client, their authentication information can be their signature, and they can directly send the authentication information online via electronic signature. If an organization is using the client, their authentication information is their seal, which needs to be used offline with paper materials, and then uploaded and sent to the authentication system.

[0029] Based on the scenario examples, for organizations using user terminals, authentication needs to be processed through a combination of online and offline methods, which results in low authentication efficiency.

[0030] The authentication method provided in this application is intended to solve the above-mentioned technical problems of the prior art.

[0031] The technical solution of this application and how the technical solution of this application solves the above-mentioned technical problems are described in detail below with specific embodiments. These specific embodiments can be combined with each other, and the same or similar concepts or processes may not be described again in some embodiments. The embodiments of this application will now be described with reference to the accompanying drawings.

[0032] Figure 2 This application provides a flowchart illustrating an authentication method, which includes the following steps: S201. Receive authentication request, which includes the object to be authenticated and the target organization identifier.

[0033] The entity implementing this application may be an authentication system.

[0034] Optionally, the object to be certified is an object that has been generated but has no validity. The object to be certified will have validity after certification.

[0035] Optionally, the target organization identifier is a unique identifier of the organization using the object to be authenticated, which can uniquely identify the target organization.

[0036] S202. Based on the authentication request, determine the authorized user terminal corresponding to the target organization identifier through distributed nodes.

[0037] Optionally, the authorized user terminals are all pre-authorized user terminals of the target organization.

[0038] Optionally, a user with the authority to use an authorized client can perform authentication processing on behalf of the target organization for the object to be authenticated.

[0039] Optionally, the user's authorization information can be stored in the distributed nodes.

[0040] Optionally, after authorizing a user, each organization generates corresponding user authorization information. This user authorization information is uploaded to any distributed node, and through the broadcast mechanism of the distributed nodes, it is sent to each distributed node, enabling the authentication system to accurately determine the authorized user from the corresponding distributed node.

[0041] S203. Perform verification on the authorized user terminal to obtain the verification result, which is either verification passed or verification failed.

[0042] Optionally, the verification process is used to verify whether the user currently using the authorized client has the necessary permissions.

[0043] Optionally, after authorizing the client, each organization may also authorize the user using the client, obtain user authorization information, and upload the user authorization information to the distributed nodes. This allows the authentication system to obtain the user authorization information from the distributed nodes and perform verification processing on the user currently using the authorized client based on the user authorization information.

[0044] With the help of scenario examples, it is shown that after the authorized user terminal is determined, further verification of the user using the authorized user terminal can effectively improve the reliability of authentication.

[0045] S204. If the verification result is successful, the object to be authenticated is sent to the authorized user terminal so that the authorized user terminal can perform authentication processing on the object to be authenticated.

[0046] With the example scenario, after successful verification, the authentication system sends the object to be authenticated to the authorized user terminal, so that the user representative organization using the authorized user terminal can conduct online auditing and authentication without the need for offline paper materials.

[0047] The authentication method provided in this application receives an authentication request, which includes an object to be authenticated and a target organization identifier. Based on the authentication request, an authorized user terminal corresponding to the target organization identifier is determined through distributed nodes. The authorized user terminal is verified to obtain a verification result, which is either successful or unsuccessful. If the verification result is successful, the object to be authenticated is sent to the authorized user terminal so that the authorized user terminal can perform authentication processing on the object. This scheme, by determining the authorized user terminal through distributed nodes, allows for direct online authentication by the authorized user terminal, avoiding offline paper-based authentication and thus improving authentication efficiency.

[0048] Based on any of the above embodiments, the following, in conjunction with Figure 3 The detailed certification process is explained.

[0049] Figure 3 This is a flowchart illustrating another authentication method provided in an embodiment of this application. Figure 3 As shown, the method includes: S301. Receive an authentication request, which includes the object to be authenticated and the target organization identifier.

[0050] It should be noted that the execution process of S301 is the same as that of S201, and will not be repeated here.

[0051] S302. Determine the target database from the distributed nodes.

[0052] Optionally, the distributed nodes corresponding to the authentication system are determined, and the target database is determined from the distributed nodes corresponding to the authentication system.

[0053] Optionally, the target database stores the data broadcast by each distributed node.

[0054] S303. Generate a target query instruction based on the target organization identifier.

[0055] Optionally, a query template can be defined, and the target organization identifier and the query template can be combined to obtain the target query instruction. It can be understood that using a query template can improve the efficiency of generating query instructions, thereby effectively improving query efficiency.

[0056] Optionally, the target database stores the mapping relationship between organizations and authorized client terminals. The target query command is used to determine the authorized client terminals of the target organization from the target database based on the mapping relationship.

[0057] S304. Perform query processing based on the target database and the target query instruction to obtain the query result, which is either the first user terminal identifier or the query failed.

[0058] The first user terminal identifier is the identifier corresponding to the user terminal authorized by the target organization.

[0059] For example, the query results include successful and unsuccessful queries. If the query result is successful and the first user terminal identifier is found, it means that the target organization has authorized the user terminal and updated the authorization information to the database. If the query result is unsuccessful, it means that the target organization has not authorized the user terminal or has not updated the authorization information to the database.

[0060] Below, in conjunction with Figure 4 Provide a description of the query.

[0061] Figure 4 This is a schematic diagram illustrating a query provided in an embodiment of this application. For example... Figure 4 As shown, the first step is to determine the target node corresponding to the authentication system. Optionally, the target node can be pre-assigned based on function or geographical location. Next, the target database corresponding to the target node is determined. Finally, the authentication system performs query processing from the target database.

[0062] S305. Based on the query results, determine the authorized user terminal.

[0063] One feasible implementation method is to determine the authorized user terminal as follows: if the query result is a first user terminal identifier, then determine the authorized user terminal based on the first user terminal identifier; or, if the query result is that the query was unsuccessful, then determine the organization user terminal corresponding to the target organization identifier, send an authorization request to the organization user terminal, receive the second user terminal identifier sent by the organization user terminal, and determine the authorized user terminal based on the second user terminal identifier.

[0064] For example, if the query result is the first user terminal identifier, then the user terminal corresponding to the first user terminal identifier is the authorized user terminal.

[0065] For example, if the query result is that the query was unsuccessful, the system will directly request the authorized user terminal authorized by the target organization.

[0066] Among them, the organization user terminal is the user terminal for the target organization to send and receive information, and the organization user terminal does not have authentication permissions.

[0067] With the example scenario, the authentication system sends an authorization request to the organization's user terminal. The target organization determines the authorized user terminal based on the authorization request. The target organization determines the second user terminal identifier of the authorized user terminal and sends the second user terminal identifier to the authentication system through the organization's user terminal.

[0068] In this feasible implementation, the authorized user terminal is determined by matching the query results for different query results, which can adapt to various scenarios and thus improve the applicability of authentication.

[0069] One feasible implementation method for authentication further includes: establishing a mapping relationship based on the target organization identifier and the second user identifier; and updating the target database based on the mapping relationship to obtain an updated database.

[0070] With a scenario example, for a query result indicating an unsuccessful query, the second user terminal identifier is obtained from the organization's user terminal, and the authorized user terminal is determined based on this identifier. The second user terminal identifier is updated in the target database either simultaneously with or after the authorized user terminal is determined.

[0071] Optionally, if the target organization redetermines the authorized client, the target database is updated based on the redetermined authorized client.

[0072] Below, in conjunction with Figure 5 Explanation of the process for determining authorized user terminals.

[0073] Figure 5 This is a schematic diagram illustrating the determination of the authorized user terminal provided in an embodiment of this application. For example... Figure 5 As shown, a query is performed on the target database to obtain the query results. If the query result is a first user terminal identifier, the authorized user terminal is determined based on the first user terminal identifier. If the query result indicates that the query was unsuccessful, a second user terminal identifier is obtained from the organization's user terminal, and the authorized user terminal is determined based on the second user terminal identifier. The database is then updated based on the second user terminal identifier.

[0074] In this feasible implementation, updating the target database allows for the rapid identification of authorized users during subsequent authentication processes, thereby improving authentication efficiency.

[0075] S306. Perform verification on the authorized user terminal to obtain the verification result, which is either verification passed or verification failed.

[0076] One feasible implementation method is to perform verification processing as follows: send a verification request to the authorized user terminal; receive the current identity information sent by the authorized user terminal; determine the standard identity information corresponding to the authorized user terminal from the target database; if the current identity information and the standard identity information are the same, the verification result is determined to be successful; if the current identity information and the standard identity information are inconsistent, the verification result is determined to be unsuccessful.

[0077] The verification process is used to verify users using authorized client terminals.

[0078] Optionally, the identity information includes, but is not limited to, at least one of the following: fingerprints, facial information, voiceprint information, etc.

[0079] Optionally, when the target organization authorizes the target user terminal, it will authorize the users using the target user terminal and store the identity information of the authorized users in the target database.

[0080] With the example scenario, during the verification process, the current identity information of the user currently using the authorized user terminal is obtained through the authorized user terminal. By comparing the current identity information with the standard identity information, it is determined whether the user currently using the authorized user terminal has the necessary permissions.

[0081] Optionally, when the target organization generates new standard identity information or updates standard identity information, a synchronous update process is performed in the target database.

[0082] In this feasible implementation, by verifying users using authorized client terminals, unauthorized users can be prevented from participating in the authentication process, thereby improving the reliability of authentication.

[0083] S307. Send the object to be authenticated to the authorized user terminal so that the authorized user terminal can perform authentication processing on the object to be authenticated.

[0084] One feasible implementation method, after sending the object to be authenticated, further includes: receiving authentication information sent by an authorized user terminal; merging the authentication information with the object to be authenticated to obtain an authenticated object; determining a target encryption algorithm; encrypting the authenticated object using the target encryption algorithm to obtain an encrypted file; and storing the encrypted file in a target database.

[0085] Optionally, the authentication information can be an electronic signature.

[0086] Optionally, the authentication information can be the electronic signature of the user using the authorized client.

[0087] Optionally, encryption can be used to control whether a user can open a file, or to prevent a file from being modified, thereby improving file security.

[0088] Below, in conjunction with Figure 6 The authentication process is explained.

[0089] Figure 6 This is a schematic diagram illustrating the authentication process provided in an embodiment of this application. For example... Figure 6 As shown, the authorization process is initiated by the organization's user terminal to determine the authorized user terminal. The authentication system sends the object to be authenticated to the authorized user terminal. The authorized user terminal reviews the object to be authenticated, and if the review is successful, sends authentication information to the authentication system. The authentication system combines the authentication information with the object to be authenticated to obtain the authenticated object. The authenticated object is valid. An encrypted file is then generated based on the authenticated object.

[0090] refer to Figure 6 Once the authorization process is completed on the organization's user end, and the authorized user end is determined, it can perform online authentication on behalf of the target organization. The organization's user end does not need to participate in the authentication process.

[0091] In this feasible implementation method, authentication can be performed online through authorized user terminals, which can effectively improve authentication efficiency compared to offline processes.

[0092] One feasible implementation is that the verification result is "verification failed"; the authentication method also includes: locking the object to be authenticated; generating alarm information based on the object to be authenticated; and sending alarm information to the authorized user terminal.

[0093] Optionally, after locking the object to be authenticated, the object cannot be authenticated temporarily until the lock is released.

[0094] In a scenario example, if verification fails, it means the user currently using the authorized client is unauthorized. Locking the object to be authenticated can prevent unauthorized users from authenticating it. Sending an alert to the authorized client can notify relevant personnel of the existing risk, allowing them to address it promptly.

[0095] Optionally, alarm information can be sent to authorized user terminals and / or organizational user terminals for alarm processing.

[0096] In this feasible implementation, locking and alerting can provide timely notifications when risks occur, thereby improving the reliability of authentication.

[0097] Figure 7 This is a schematic diagram of the structure of an authentication device 70 provided for an exemplary embodiment of this disclosure. (See diagram below.) Figure 7 As shown, the authentication device 70 includes: a receiving module 71, a determining module 72, a verifying module 73, and a sending module 74.

[0098] The receiving module 71 is used to receive authentication requests, which include the object to be authenticated and the target organization identifier. The determination module 72 is used to determine the authorized user terminal corresponding to the target organization identifier through distributed nodes based on the authentication request; The verification module 73 is used to verify the authorized user terminal and obtain the verification result; The sending module 74 is used to send the object to be authenticated to the authorized user terminal if the verification result is successful, so that the authorized user terminal can perform authentication processing on the object to be authenticated.

[0099] Optionally, when determining the authorized user terminal corresponding to the target organization through distributed nodes based on the authentication request, the determining module 72 is used to: Identify the target database from distributed nodes; Generate a target query instruction based on the target organization identifier; The query is processed based on the target database and the target query command to obtain the query results; Based on the query results, determine the authorized user terminal.

[0100] Optionally, the query results include: query successful and query unsuccessful. When determining the authorized user terminal based on the query results, module 72 is used for: If the query result is successful, the authorized user terminal is determined based on the first user terminal identifier found in the query; or, If the query result is unsuccessful, the organization client corresponding to the target organization identifier is determined, an authorization request is sent to the organization client, a second client identifier is received from the organization client, and the authorized client is determined based on the second client identifier.

[0101] Optionally, module 72 can also be used for: Establish a mapping relationship based on the target organization identifier and the second user terminal identifier; The target database is updated based on the mapping relationship to obtain the updated database.

[0102] Optionally, when the verification module 73 performs verification processing on the authorized user terminal and obtains the verification result, it is used for: Send a verification request to the authorized user terminal; Receive current identity information sent by authorized user terminals; Determine the standard identity information corresponding to the authorized user terminal from the target database; If the current identity information is the same as the standard identity information, the verification result is determined to be successful. If the current identity information is inconsistent with the standard identity information, the verification result is determined to be verification failed.

[0103] Optionally, after sending the object to be authenticated to the authorized user terminal, the sending module 74 can also be used for: Receive authentication information sent by authorized user terminals; The authentication information is merged with the object to be authenticated to obtain the authenticated object; The target encryption algorithm is used to encrypt the authentication object to obtain an encrypted file; The encrypted file is stored in the target database.

[0104] Optionally, the sending module 74 can also be used for: If the verification result is that the verification failed, the object to be authenticated will be locked. Generate alarm information based on the object to be authenticated; Send alarm information to authorized user terminals.

[0105] Figure 8 This is a schematic diagram of the structure of an electronic device provided as an exemplary embodiment of the present disclosure. For example... Figure 8 As shown, the electronic device includes a memory 81 and a processor 82. Additionally, the electronic device also includes a power supply component 83 and a communication component 84.

[0106] Memory 81 is used to store computer programs and can be configured to store various other data to support operation on the electronic device. Examples of this data include instructions for any application or method used to operate on the electronic device.

[0107] The memory 81 can be implemented by any type of volatile or non-volatile storage device or a combination thereof, such as static random access memory (SRAM), electrically erasable programmable read-only memory (EEPROM), erasable programmable read-only memory (EPROM), programmable read-only memory (PROM), read-only memory (ROM), magnetic storage, flash memory, magnetic disk or optical disk.

[0108] Communication component 84 is used for data transmission with other devices.

[0109] The processor 82 is executable computer instructions stored in the memory 81 to: receive an authentication request, the authentication request including an object to be authenticated and a target organization identifier; determine the authorized user terminal corresponding to the target organization identifier through distributed nodes according to the authentication request; perform verification processing on the authorized user terminal to obtain a verification result; if the verification result is successful, send the object to be authenticated to the authorized user terminal so that the authorized user terminal can perform authentication processing on the object to be authenticated.

[0110] Accordingly, embodiments of this disclosure also provide a computer-readable storage medium storing a computer program. When the computer-readable storage medium stores a computer program, and the computer program is executed by one or more processors, it causes one or more processors to perform... Figure 1 Each step in the method embodiment.

[0111] Accordingly, embodiments of this disclosure also provide a computer program product, which includes a computer program / instructions that are executed by a processor. Figure 1 Each step in the method embodiment.

[0112] The above Figure 8 The communication component is configured to facilitate wired or wireless communication between the device containing the communication component and other devices. The device containing the communication component can access wireless networks based on communication standards, such as WiFi, 2G, 8G, 4G / LTE, 5G, or combinations thereof. In one exemplary embodiment, the communication component receives broadcast signals or broadcast-related information from an external broadcast management system via a broadcast channel. In one exemplary embodiment, the communication component also includes a Near Field Communication (NFC) module to facilitate short-range communication. For example, the NFC module may be implemented based on Radio Frequency Identification (RFID), Infrared Data Association (IrDA) technology, Ultra-Wideband (UWB) technology, Bluetooth (BT) technology, and other technologies.

[0113] The above Figure 8The power supply component provides power to the various components of the device in which it resides. The power supply component may include a power management system, one or more power supplies, and other components associated with generating, managing, and distributing power to the device in which it resides.

[0114] The aforementioned electronic devices also include a display screen and audio components.

[0115] The display includes a screen, which may include a liquid crystal display (LCD) and a touch panel (TP). If the screen includes a touch panel, the screen can be implemented as a touchscreen to receive input signals from the user. The touch panel includes one or more touch sensors to sense touches, swipes, and gestures on the touch panel. The touch sensors can sense not only the boundaries of touch or swipe actions, but also the duration and pressure associated with the touch or swipe operation.

[0116] An audio component may be configured to output and / or input audio signals. For example, the audio component includes a microphone (MIC) configured to receive external audio signals when the device containing the audio component is in an operating mode, such as call mode, recording mode, or voice recognition mode. The received audio signals may be further stored in memory or transmitted via a communication component. In some embodiments, the audio component also includes a speaker for outputting audio signals.

[0117] Those skilled in the art will understand that embodiments of this disclosure can be provided as methods, systems, or computer program products. Therefore, this disclosure can take the form of a completely hardware embodiment, a completely software embodiment, or an embodiment combining software and hardware aspects. Furthermore, this disclosure can take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, etc.) containing computer-usable program code.

[0118] This disclosure is described with reference to flowchart illustrations and / or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of this disclosure. It will be understood that each block of the flowchart illustrations and / or block diagrams, and combinations of blocks in the flowchart illustrations and / or block diagrams, can be implemented by computer program instructions. These computer program instructions can be provided to a processor of a general-purpose computer, special-purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create a machine for implementing the flowchart illustrations and / or block diagrams. Figure 1 One or more processes and / or boxes Figure 1 A device that provides the functions specified in one or more boxes.

[0119] These computer program instructions may also be stored in a computer-readable storage medium that can direct a computer or other programmable data processing device to function in a particular manner, such that the instructions stored in the computer-readable storage medium produce an article of manufacture including instruction means, which are implemented in a process Figure 1 One or more processes and / or boxes Figure 1 The function specified in one or more boxes.

[0120] These computer program instructions may also be loaded onto a computer or other programmable data processing equipment to cause a series of operational steps to be performed on the computer or other programmable equipment to produce a computer-implemented process, thereby providing instructions that execute on the computer or other programmable equipment for implementing the process. Figure 1 One or more processes and / or boxes Figure 1 The steps of the function specified in one or more boxes.

[0121] In a typical configuration, a computing device includes one or more processors (CPU), input / output interfaces, network interfaces, and memory.

[0122] Memory may include non-persistent storage in computer-readable media, such as random access memory (RAM) and / or non-volatile memory, such as read-only memory (ROM) or flash RAM. Memory is an example of computer-readable media.

[0123] Computer-readable media include both permanent and non-permanent, removable and non-removable media that can store information using any method or technology. Information can be computer-readable instructions, data structures, modules of programs, or other data. Examples of computer storage media include, but are not limited to, phase-change memory (PRAM), static random access memory (SRAM), dynamic random access memory (DRAM), other types of random access memory (RAM), read-only memory (ROM), electrically erasable programmable read-only memory (EEPROM), flash memory or other memory technologies, CD-ROM, digital versatile optical disc (DVD) or other optical storage, magnetic tape, disk storage or other magnetic storage devices, or any other non-transferable medium that can be used to store information accessible by a computing device. As defined herein, computer-readable media does not include transient computer-readable media, such as modulated data signals and carrier waves.

[0124] It should be noted that, in this document, relational terms such as "first" and "second" are used merely to distinguish one entity or operation from another, and do not necessarily require or imply any such actual relationship or order between these entities or operations. Furthermore, the terms "comprising," "including," or any other variations thereof are intended to cover non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements includes not only those elements but also other elements not expressly listed, or elements inherent to such a process, method, article, or apparatus. Unless otherwise specified, an element defined by the phrase "comprising one..." does not exclude the presence of other identical elements in the process, method, article, or apparatus that includes the element.

[0125] The above are merely specific embodiments of this disclosure, enabling those skilled in the art to understand or implement this disclosure. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the general principles defined herein may be implemented in other embodiments without departing from the spirit or scope of this disclosure. Therefore, this disclosure is not to be limited to these embodiments, but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.

Claims

1. An authentication method, characterized in that, include: Receive an authentication request, the authentication request including the object to be authenticated and the target organization identifier; Based on the authentication request, the authorized user terminal corresponding to the target organization identifier is determined through distributed nodes; The authorized user terminal is verified to obtain the verification result; If the verification result is successful, the object to be authenticated is sent to the authorized user terminal so that the authorized user terminal can perform authentication processing on the object to be authenticated.

2. The method according to claim 1, characterized in that, The step of determining the authorized user terminal corresponding to the target organization through distributed nodes based on the authentication request includes: The target database is determined from the distributed nodes; Generate a target query instruction based on the target organization identifier; The query is processed based on the target database and the target query instruction to obtain the query results; Based on the query results, the authorized user terminal is determined.

3. The method according to claim 2, characterized in that, The query results include: query successful and query unsuccessful. Determining the authorized user terminal based on the query results includes: If the query result indicates that the query was successful, then the authorized user terminal is determined based on the first user terminal identifier found in the query; or, If the query result is that the query was unsuccessful, then the organization user terminal corresponding to the target organization identifier is determined, an authorization request is sent to the organization user terminal, a second user terminal identifier sent by the organization user terminal is received, and the authorized user terminal is determined based on the second user terminal identifier.

4. The method according to claim 3, characterized in that, The method further includes: Establish a mapping relationship based on the target organization identifier and the second user terminal identifier; The target database is updated according to the mapping relationship to obtain the updated database.

5. The method according to claim 4, characterized in that, The verification process for the authorized user terminal, to obtain the verification result, includes: Send a verification request to the authorized user terminal; Receive the current identity information sent by the authorized user terminal; Determine the standard identity information corresponding to the authorized user terminal from the target database; If the current identity information is the same as the standard identity information, then the verification result is determined to be successful. If the current identity information and the standard identity information are inconsistent, the verification result is determined to be verification failure.

6. The method according to any one of claims 1, characterized in that, After sending the object to be authenticated to the authorized user terminal, the step further includes: Receive authentication information sent by the authorized user terminal; The authentication information is merged with the object to be authenticated to obtain the authenticated object; The authenticated object is encrypted using the target encryption algorithm to obtain an encrypted file; The encrypted file is stored in the target database.

7. The method according to any one of claims 1, characterized in that, The method further includes: If the verification result is that the verification failed, the object to be authenticated will be locked. Based on the object to be authenticated, generate alarm information; The alarm information is sent to the authorized user terminal.

8. An authentication device, characterized in that, include: The receiving module is used to receive authentication requests, the authentication requests including the object to be authenticated and the target organization identifier; The determination module is used to determine the authorized user terminal corresponding to the target organization identifier through distributed nodes based on the authentication request; The verification module is used to verify the authorized user terminal and obtain the verification result; The sending module is used to send the object to be authenticated to the authorized user terminal if the verification result is successful, so that the authorized user terminal can perform authentication processing on the object to be authenticated.

9. An electronic device, characterized in that, include: A processor, and a memory communicatively connected to the processor; The memory stores computer-executed instructions; The processor executes computer execution instructions stored in the memory to implement the method as described in any one of claims 1-7.

10. A computer-readable storage medium, characterized in that, The computer-readable storage medium stores computer-executable instructions, which, when executed by a processor, are used to implement the method as described in any one of claims 1-7.