CN104158816A - Authentication method and device as well as server - Google Patents
Authentication method and device as well as server Download PDFInfo
- Publication number
- CN104158816A CN104158816A CN201410421329.5A CN201410421329A CN104158816A CN 104158816 A CN104158816 A CN 104158816A CN 201410421329 A CN201410421329 A CN 201410421329A CN 104158816 A CN104158816 A CN 104158816A
- Authority
- CN
- China
- Prior art keywords
- message
- server
- digital signature
- pki
- successful
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention relates to an authentication method and device as well as a server. The method comprises the following steps that: a server receives a command sent by a message releasing end, wherein the command is used for instructing the server to generate a key pair in order that the message releasing end generates a digital signature according to a private key in the key pair; the sever receives a first message sent by the message releasing end, wherein the first message comprises a public key in the key pair, the digital signature, a message and a message releasing end IP (Internet Protocol); the server matches the message releasing end IP with a preset white list according to the message releasing end IP; and after successful matching, the server verifies the message according to the public key and the digital signature, and pushes the message after successful verification.
Description
Technical field
The present invention relates to communication technical field, relate in particular to authentication method, device and the server of message push system.
Background technology
Along with the development of technology of Internet of things, people more urgently wish can be whenever and wherever possible from the Internet obtaining information and service.Yet increasing content is just constantly flooded with network, people have been difficult to find own interested resource by simple active searching.In order to guarantee that these information can be seen by user timely and effectively, than traditional mode that pulls, message push mode more meets the needs in practical application.For distributed message push system application, whether issue or the message of subscribing to can arrive safely timely, and communicating pair is all had to very important effect.Message push system need to guarantee integrality and the reliability of message, guarantees that message do not lose, do not repeat, do not distort in transmitting procedure.
Yet, in the design of existing message push system, due to the bootlegging of computer software, the divulging a secret of communication, data security is on the hazard, but lacks security authentication mechanism, has caused the security breaches in message push system.
Summary of the invention
The object of the invention is to guarantee the fail safe of message push system, avoid individual user's illegal connection to invade and destroy data, affect network security.
First aspect, the embodiment of the present invention provides a kind of authentication method, and described method comprises:
The instruction that server receipt message publishing side sends, described instruction is used to indicate described server and generates key pair, so that described data publish end is according to the private key generating digital signature of described cipher key pair;
The first message that described server receipt message publishing side sends, described the first message comprises PKI, digital signature, message and the data publish end IP of described cipher key pair;
Described server, according to described data publish end IP, mates described data publish end IP with local default white list;
After the match is successful, described server, according to described PKI and digital signature, is verified described message, after being proved to be successful, described message is pushed.
Preferably, described server, according to described PKI and digital signature, is verified specifically and is comprised described message:
Described server adopts hash algorithm to obtain the message digest of described message;
Described server adopts PKI to be decrypted the digital signature of described message, gets decrypted message summary;
When described message digest and described decrypted message, make a summary when identical, be proved to be successful.
Preferably, described hash algorithm is specially any one in MD2, MD4, MD5 or SHA-1.
Preferably, described server is MQTT proxy server.
Second aspect, the embodiment of the present invention provides a kind of authenticate device, and described device comprises: the first receiving element, the second receiving element, the first matching unit, the second matching unit;
Described the first receiving element, the instruction sending for server receipt message publishing side, described instruction is used to indicate described server and generates key pair, so that described data publish end is according to the private key generating digital signature of described cipher key pair;
Described the second receiving element, the first message sending for receipt message publishing side, described the first message comprises PKI, digital signature, message and the data publish end IP of described cipher key pair;
Described the first matching unit, for according to described data publish end IP, mates described data publish end IP with local default white list;
Described the second matching unit, for according to described PKI and digital signature, verifies described message, after being proved to be successful, described message is pushed.
Preferably, described the second matching unit specifically for:
Described server adopts hash algorithm to obtain the message digest of described message;
Described server adopts PKI to be decrypted the digital signature of described message, gets decrypted message summary;
When described message digest and described decrypted message, make a summary when identical, be proved to be successful.
Preferably, described hash algorithm is specially any one in MD2, MD4, MD5 or SHA-1.
Preferably, described server is MQTT proxy server.
The third aspect, the embodiment of the present invention provides a kind of server, and described server comprises:
Receiver, the instruction that receipt message publishing side sends, described instruction is used to indicate processor and generates key pair, so that described data publish end is according to the private key generating digital signature of described cipher key pair;
The first message that described receiver also sends for, receipt message publishing side, described the first message comprises PKI, digital signature, message and the data publish end IP of described cipher key pair;
Processor, according to described data publish end IP, mates described data publish end IP with white list default in memory;
Described processor also for, after the match is successful, according to described PKI and digital signature, described message is verified.
Transmitter, after being proved to be successful, pushes described message.
Preferably, described processor specifically for:
Described processor adopting hash algorithm obtains the message digest of described message;
Described processor adopting PKI is decrypted the digital signature of described message, gets decrypted message summary;
When described message digest and described decrypted message, make a summary when identical, be proved to be successful.
The authentication method, device and the server that by the application embodiment of the present invention, provide, after the match is successful, described server is according to PKI and digital signature, message is verified, after success, message is pushed to message subscribing end, guaranteed the fail safe of data publish end to the message of message subscribing end, integrality, reliability and non repudiation, avoided message in transmitting procedure, to be tampered or rogue attacks, met the demand for security of enterprise-level application, disposed simple, cost-saving, extensibility is strong, can be applied in other system equally.
Accompanying drawing explanation
Fig. 1 for the embodiment of the present invention one provide based on MQTT publish/subscribe mechanism message push system Organization Chart;
The authentication method flow chart that Fig. 2 provides for the embodiment of the present invention one;
The publish/subscribe mechanism based on theme that Fig. 3 provides for the embodiment of the present invention one;
The authenticate device schematic diagram that Fig. 4 provides for the embodiment of the present invention two;
The server schematic diagram that Fig. 5 provides for the embodiment of the present invention three.
Embodiment
For making object, technical scheme and the advantage of the embodiment of the present invention clearer, below in conjunction with the accompanying drawing in the embodiment of the present invention, technical scheme in the embodiment of the present invention is clearly and completely described, obviously, described embodiment is the present invention's part embodiment, rather than whole embodiment.Embodiment based in the present invention, those of ordinary skills, not making the every other embodiment obtaining under creative work prerequisite, belong to the scope of protection of the invention.
Understanding for ease of to the embodiment of the present invention, is further explained explanation below in conjunction with accompanying drawing with specific embodiment, and embodiment does not form the restriction to the embodiment of the present invention.
The authentication method that the embodiment of the present application provides, device and server, be applicable to message push to carry out the scene of safety certification, be particularly useful for the scene to the safety certification of message queue remote measurement transmission (Message Queuing Telemetry Transport, MQTT) publish/subscribe mechanism system.
In order to guarantee the fail safe of message push system, avoid individual user's illegal connection to invade and destroy data, affect network security, the application can authenticate and data signature mechanism by IP, the safety while guaranteeing message push operation.
Fig. 1 for the embodiment of the present invention one provide based on MQTT publish/subscribe mechanism message push system Organization Chart.
Message push system mainly comprises three parts: data publish end 110, message server 120 (also can be called for short server hereinafter), message subscribing end 130.Data publish end 110 is equivalent to the producer of message, and the every production a piece of news of application program, does not directly give message recipient, but give server, by server 120, determines message is sent to which receiving terminal.Message subscribing end 130 is equivalent to the consumer of message, message subscribing end 130 is to server 120 subscribe message or the message that cancels subscriptions, message subscribing end 130 has the message sink queue of oneself, and can be as required to message unpack, decompression and decryption processing.Server 120 is soul places of whole message push system, for the message receiving, carries out relevant treatment, is pushed to corresponding message subscribing end 130.
The authentication method that the Fig. 2 of take below provides as the example detailed description embodiment of the present invention, the authentication method flow chart that Fig. 2 provides for the embodiment of the present invention one, subject of implementation is the equipment with disposal ability in embodiments of the present invention: server or device, for example: MQTT proxy server.As shown in Figure 2, this embodiment specifically comprises the following steps:
S210, the instruction that server receipt message publishing side sends, described instruction is used to indicate described server and generates key pair, so that described data publish end is according to the private key generating digital signature of described cipher key pair.
Data publish end can be, but not limited to the web page server in platform of internet of things.Server includes but not limited to MQTT proxy server.
The instruction that server receipt message publishing side sends, this instruction is for the digital signature identification module of invoking server, and server, according to described instruction, generates key pair.Wherein, digital signature identification module is the subprogram in server, can regard relatively independent module as, when message subscribing end need to carry out corresponding certain processing, call corresponding module (processing subprogram), for example need to generate key to time, call number signature verification module.In order to illustrate in greater detail implementation process of the present invention, the software module relating in embodiments of the present invention, all in server.
Key is to comprising PKI and private key, and data publish end adopts hash algorithm, and the raw message digest that generates of the message that will send, adopts private key to be encrypted message digest, and the summary after encryption is the digital signature of message.
Hash algorithm includes but not limited to Message Digest 5 (Message-Digest Algorithm2, MD2), MD4, MD5 or SHA (Secure Hash Algorithm, SHA-1).
S220, the first message that server receipt message publishing side sends, described the first message comprises PKI, digital signature, message and the data publish end IP of described cipher key pair.
The IP address that data publish end IP is web page server.
Message is the data message that data publish end will be issued.
S230, according to data publish end IP, mates described data publish end IP with default white list.
In server, set in advance white list, white list is the data publish end IP of server authorizes.Server can call its IP authentication module, and data publish end IP is mated with white list, and wherein, IP authentication module is the same with digital signature identification module, is the processing subprogram in server.
When data publish end IP and white list are when the match is successful, description messages publishing side is legal, now enters step S240.
When data publish end IP and white list are when it fails to match, description messages publishing side is illegal, and now server returns to miscue to data publish end.
S240, after the match is successful, described server, according to described PKI and digital signature, is verified described message, after being proved to be successful, described message is pushed.
Its digital signature identification module of server calls, verifies message.
Preferably, described server, according to described PKI and digital signature, is verified specifically and is comprised described message:
Described server adopts hash algorithm to obtain the message digest of described message;
Described server adopts PKI to be decrypted the digital signature of described message, gets decrypted message summary;
When described message digest and described decrypted message, make a summary when identical, be proved to be successful.Now, server is pushed to message subscribing end by message, and returns to successfully prompting to data publish end.
When described message digest is different with described decrypted message summary, authentication failed.Now, server does not push this message to message subscribing end, and returns to miscue to data publish end.
Wherein, message subscribing end is terminal, includes but not limited to mobile phone, panel computer, notebook computer, desktop computer.
Be understandable that, the hash algorithm when hash algorithm adopting when server obtains message digest and data publish end extract message digest is same algorithm.
Further, described message comprises message theme;
After being proved to be successful, message server mates described message theme with the theme of message subscribing end, and the corresponding message of message theme is pushed to corresponding message subscribing end.
Particularly, as shown in Figure 3, the publish/subscribe mechanism based on theme that Fig. 3 provides for the embodiment of the present invention one.In Fig. 3, the legal message that server can send the data publish end that receives be arranged, example and non-limiting, server can be arranged message according to message theme, form theme queue, such as, can be by message classification for containing theme X, the message of theme Y etc.Message subscribing end is connected to server, completes registration and obtains register account number, subscribes to or cancel the theme of oneself.Message subscribing end can comprise a terminal, also can comprise a plurality of terminals, the message of described one or more terminal subscribes difference or same subject, server is pushed to corresponding terminal according to the theme of local message theme and the ordered message of message subscribing end by message, such as terminal A and terminal C have subscribed to theme X, server is pushed to the message of theme X terminal A and terminal C, and terminal B has subscribed to theme Y, and server is pushed to terminal B by the message of theme Y.
The authentication method that adopts the embodiment of the present invention to provide, server, according to data publish end IP, mates data publish end IP with default white list; After the match is successful, server, according to described PKI and digital signature, is verified message, after being proved to be successful, message is pushed to message subscribing end, guaranteed the fail safe of data publish end to the message of message subscribing end, integrality, reliability and non repudiation, avoided message in transmitting procedure, to be tampered or rogue attacks, met the demand for security of enterprise-level application, dispose simple, cost-saving, extensibility is strong, can be applied in other system equally.
Fig. 4 is the authenticate device schematic diagram that the embodiment of the present invention two provides.As shown in Figure 4, in the present embodiment, comprising: the first receiving element 410, the second receiving element 420, the first matching unit 430, the second matching units 440;
Described the first receiving element 410, the instruction sending for server receipt message publishing side, described instruction is used to indicate described server and generates key pair, so that described data publish end is according to the private key generating digital signature of described cipher key pair;
Described the second receiving element 420, the first message sending for receipt message publishing side, described the first message comprises PKI, digital signature, message and the data publish end IP of described cipher key pair;
Described the first matching unit 430, for according to described data publish end IP, mates described data publish end IP with default white list;
Described the second matching unit 440, for according to described PKI and digital signature, verifies described message, after being proved to be successful, described message is pushed.
Alternatively, described the second matching unit 440 specifically for:
Described server adopts hash algorithm to obtain the message digest of described message;
Described server adopts PKI to be decrypted the digital signature of described message, gets decrypted message summary;
When described message digest and described decrypted message, make a summary when identical, be proved to be successful.
Alternatively, described hash algorithm is specially any one in MD2, MD4, MD5 or SHA-1.
Alternatively, described server is MQTT proxy server.
The authenticate device that adopts the embodiment of the present invention to provide, server, according to described data publish end IP, mates described data publish end IP with default white list; After the match is successful, described server, according to described PKI and digital signature, is verified described message, after being proved to be successful, described message is pushed to message subscribing end, guaranteed the fail safe of data publish end to the message of message subscribing end, integrality, reliability and non repudiation, avoided message in transmitting procedure, to be tampered or rogue attacks, met the demand for security of enterprise-level application, dispose simple, cost-saving, extensibility is strong, can be applied in other system equally.
The server schematic diagram that Fig. 5 provides for the embodiment of the present invention three.As shown in Figure 5, the present embodiment comprises: receiver 510, processor 520, memory 530, transmitter 540.Wherein receiver 510, processor 520, and memory 530 is connected by system bus (not shown in Fig. 5) with transmitter 540.
Receiver 510, the instruction that receipt message publishing side sends, described instruction is used to indicate described processor and generates key pair, so that described data publish end is according to the private key generating digital signature of described cipher key pair;
The first message that described receiver 510 also sends for, receipt message publishing side, described the first message comprises PKI, digital signature, message and the data publish end IP of described cipher key pair;
Processor 520, according to described data publish end IP, mates described data publish end IP with white list default in memory 530;
Described processor 520 also for, after the match is successful, according to described PKI and digital signature, described message is verified.
Transmitter 540, after being proved to be successful, pushes described message.
Alternatively, described processor 520 specifically for:
Described processor adopting hash algorithm obtains the message digest of described message;
Described processor adopting PKI is decrypted the digital signature of described message, gets decrypted message summary;
When described message digest and described decrypted message, make a summary when identical, be proved to be successful.
Server can adopt the method with Fig. 3, and message is pushed to message subscribing end, repeats no more herein.
Professional should further recognize, unit and the algorithm steps of each example of describing in conjunction with embodiment disclosed herein, can realize with electronic hardware, computer software or the combination of the two, for the interchangeability of hardware and software is clearly described, composition and the step of each example described according to function in the above description in general manner.These functions are carried out with hardware or software mode actually, depend on application-specific and the design constraint of technical scheme.Professional and technical personnel can specifically should be used for realizing described function with distinct methods to each, but this realization should not thought and exceeds scope of the present invention.
The software module that the method for describing in conjunction with embodiment disclosed herein or the step of algorithm can use hardware, processor to carry out, or the combination of the two is implemented.Software module can be placed in the storage medium of any other form known in random asccess memory (RAM), internal memory, read-only memory (ROM), electrically programmable ROM, electrically erasable ROM, register, hard disk, moveable magnetic disc, CD-ROM or technical field.
Above-described embodiment; object of the present invention, technical scheme and beneficial effect are further described; institute is understood that; the foregoing is only the specific embodiment of the present invention; the protection range being not intended to limit the present invention; within the spirit and principles in the present invention all, any modification of making, be equal to replacement, improvement etc., within all should being included in protection scope of the present invention.
Claims (10)
1. an authentication method, is characterized in that, described method comprises:
The instruction that server receipt message publishing side sends, described instruction is used to indicate described server and generates key pair, so that described data publish end is according to the private key generating digital signature of described cipher key pair;
The first message that described server receipt message publishing side sends, described the first message comprises PKI, digital signature, message and the data publish end IP of described cipher key pair;
Described server, according to described data publish end IP, mates described data publish end IP with local default white list;
After the match is successful, described server, according to described PKI and digital signature, is verified described message, after being proved to be successful, described message is pushed.
2. method according to claim 1, is characterized in that, described server, according to described PKI and digital signature, is verified specifically and comprised described message:
Described server adopts hash algorithm to obtain the message digest of described message;
Described server adopts PKI to be decrypted the digital signature of described message, gets decrypted message summary;
When described message digest and described decrypted message, make a summary when identical, be proved to be successful.
3. method according to claim 1 and 2, is characterized in that, described hash algorithm is specially any one in Message Digest 5 MD2, MD4, MD5 and SHA SHA-1.
4. method according to claim 1, is characterized in that, described server is message queue remote measurement transmission MQTT proxy server.
5. an authenticate device, is characterized in that, described device comprises: the first receiving element, the second receiving element, the first matching unit, the second matching unit;
Described the first receiving element, the instruction sending for server receipt message publishing side, described instruction is used to indicate described server and generates key pair, so that described data publish end is according to the private key generating digital signature of described cipher key pair;
Described the second receiving element, the first message sending for receipt message publishing side, described the first message comprises PKI, digital signature, message and the data publish end IP of described cipher key pair;
Described the first matching unit, for according to described data publish end IP, mates described data publish end IP with local default white list;
Described the second matching unit, for according to described PKI and digital signature, verifies described message, after being proved to be successful, described message is pushed.
6. device according to claim 5, is characterized in that, described the second matching unit specifically for:
Described server adopts hash algorithm to obtain the message digest of described message;
Described server adopts PKI to be decrypted the digital signature of described message, gets decrypted message summary;
When described message digest and described decrypted message, make a summary when identical, be proved to be successful.
7. according to the device described in claim 5 or 6, it is characterized in that, described hash algorithm is specially any one in MD2, MD4, MD5 or SHA-1.
8. device according to claim 5, is characterized in that, described server is MQTT proxy server.
9. a server, is characterized in that, described server comprises:
Receiver, the instruction that receipt message publishing side sends, described instruction is used to indicate processor and generates key pair, so that described data publish end is according to the private key generating digital signature of described cipher key pair;
The first message that described receiver also sends for, receipt message publishing side, described the first message comprises PKI, digital signature, message and the data publish end IP of described cipher key pair;
Processor, according to described data publish end IP, mates described data publish end IP with white list default in memory;
Described processor also for, after the match is successful, according to described PKI and digital signature, described message is verified.
Transmitter, after being proved to be successful, pushes described message.
10. server according to claim 9, is characterized in that, described processor specifically for:
Described processor adopting hash algorithm obtains the message digest of described message;
Described processor adopting PKI is decrypted the digital signature of described message, gets decrypted message summary;
When described message digest and described decrypted message, make a summary when identical, be proved to be successful.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410421329.5A CN104158816A (en) | 2014-08-25 | 2014-08-25 | Authentication method and device as well as server |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410421329.5A CN104158816A (en) | 2014-08-25 | 2014-08-25 | Authentication method and device as well as server |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN104158816A true CN104158816A (en) | 2014-11-19 |
Family
ID=51884221
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410421329.5A Pending CN104158816A (en) | 2014-08-25 | 2014-08-25 | Authentication method and device as well as server |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104158816A (en) |
Cited By (20)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105141636A (en) * | 2015-09-24 | 2015-12-09 | 网宿科技股份有限公司 | HTTP safety communication method and system applicable for CDN value added service platform |
| CN105245621A (en) * | 2015-10-30 | 2016-01-13 | 大连大学 | Enterprise message push system and message push method based on Message Queuing Telemetry Transport (MQTT) |
| CN105282143A (en) * | 2015-09-09 | 2016-01-27 | 民航局空管局技术中心 | Message access control method, device and system |
| CN106385491A (en) * | 2016-09-05 | 2017-02-08 | 努比亚技术有限公司 | System and method for controlling push information, mobile terminal and push server |
| CN106452721A (en) * | 2016-10-14 | 2017-02-22 | 牛毅 | Method and system for instruction identification of intelligent device based on identification public key |
| WO2017152767A1 (en) * | 2016-03-08 | 2017-09-14 | 阿里巴巴集团控股有限公司 | Published information processing method and device, and information publishing system |
| CN107809426A (en) * | 2017-10-26 | 2018-03-16 | 珠海优特物联科技有限公司 | The verification method and system of data message |
| CN108173860A (en) * | 2017-12-29 | 2018-06-15 | 深圳市泛海三江科技发展有限公司 | A kind of MQTT connection methods, system, terminal and the server of low side constrained devices |
| CN108494733A (en) * | 2018-02-11 | 2018-09-04 | 上海万达全程健康服务有限公司 | A kind of message queue method for subscribing of health management system arranged communication |
| CN109002705A (en) * | 2018-06-20 | 2018-12-14 | 苏州科达科技股份有限公司 | process authentication method, device and server |
| CN109413040A (en) * | 2018-09-21 | 2019-03-01 | 深圳前海微众银行股份有限公司 | Message authentication method, equipment, system and computer readable storage medium |
| CN109474916A (en) * | 2018-11-19 | 2019-03-15 | 海信集团有限公司 | A kind of device authentication method, apparatus and machine readable media |
| CN109644185A (en) * | 2016-08-18 | 2019-04-16 | 西门子移动有限公司 | Method and apparatus for carrying out secure electronic data communication |
| WO2019127241A1 (en) * | 2017-12-28 | 2019-07-04 | Siemens Aktiengesellschaft | Message queuing telemetry transport (mqtt) data transmission method, apparatus, and system |
| CN110383317A (en) * | 2017-03-07 | 2019-10-25 | 万事达卡国际公司 | For recording the method and system of point-to-point trading processing |
| CN111801926A (en) * | 2018-01-26 | 2020-10-20 | 西门子股份公司 | Method and system for disclosing at least one cryptographic key |
| CN112511564A (en) * | 2021-01-28 | 2021-03-16 | 浙江岩华文化科技有限公司 | Message pushing method, system, electronic device and storage medium |
| CN113098969A (en) * | 2021-04-09 | 2021-07-09 | 薪得付信息技术(上海)有限公司 | Data distribution method, device and system and electronic equipment |
| CN113285934A (en) * | 2021-05-14 | 2021-08-20 | 鼎铉商用密码测评技术(深圳)有限公司 | Server cipher machine client IP detection method and device based on digital signature |
| CN114785603A (en) * | 2022-04-26 | 2022-07-22 | 英赛克科技(北京)有限公司 | MQTT protocol-based security protection method, device, equipment and storage medium |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20050122932A1 (en) * | 2003-12-06 | 2005-06-09 | Walter Robert C. | System for interactive queuing through public communication networks |
| US7379921B1 (en) * | 2004-11-08 | 2008-05-27 | Pisafe, Inc. | Method and apparatus for providing authentication |
| CN103051448A (en) * | 2011-10-12 | 2013-04-17 | 中兴通讯股份有限公司 | Authentication method, device and system for pairing code of business terminal attached to home gateway |
| CN103079176A (en) * | 2012-12-31 | 2013-05-01 | Tcl集团股份有限公司 | Method and system for remotely controlling electronic equipment, mobile terminal and electronic equipment |
| CN103490895A (en) * | 2013-09-12 | 2014-01-01 | 北京斯庄格科技有限公司 | Industrial control identity authentication method and device with state cryptographic algorithms |
| US20140040628A1 (en) * | 2012-08-03 | 2014-02-06 | Vasco Data Security, Inc. | User-convenient authentication method and apparatus using a mobile authentication application |
-
2014
- 2014-08-25 CN CN201410421329.5A patent/CN104158816A/en active Pending
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20050122932A1 (en) * | 2003-12-06 | 2005-06-09 | Walter Robert C. | System for interactive queuing through public communication networks |
| US7379921B1 (en) * | 2004-11-08 | 2008-05-27 | Pisafe, Inc. | Method and apparatus for providing authentication |
| CN103051448A (en) * | 2011-10-12 | 2013-04-17 | 中兴通讯股份有限公司 | Authentication method, device and system for pairing code of business terminal attached to home gateway |
| US20140040628A1 (en) * | 2012-08-03 | 2014-02-06 | Vasco Data Security, Inc. | User-convenient authentication method and apparatus using a mobile authentication application |
| CN103079176A (en) * | 2012-12-31 | 2013-05-01 | Tcl集团股份有限公司 | Method and system for remotely controlling electronic equipment, mobile terminal and electronic equipment |
| CN103490895A (en) * | 2013-09-12 | 2014-01-01 | 北京斯庄格科技有限公司 | Industrial control identity authentication method and device with state cryptographic algorithms |
Cited By (35)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105282143A (en) * | 2015-09-09 | 2016-01-27 | 民航局空管局技术中心 | Message access control method, device and system |
| CN105282143B (en) * | 2015-09-09 | 2018-06-01 | 北京航空航天大学 | message access control method, device and system |
| CN105141636A (en) * | 2015-09-24 | 2015-12-09 | 网宿科技股份有限公司 | HTTP safety communication method and system applicable for CDN value added service platform |
| CN105141636B (en) * | 2015-09-24 | 2018-04-17 | 网宿科技股份有限公司 | Suitable for the HTTP safety communicating methods and system of CDN value-added service platforms |
| CN105245621A (en) * | 2015-10-30 | 2016-01-13 | 大连大学 | Enterprise message push system and message push method based on Message Queuing Telemetry Transport (MQTT) |
| CN105245621B (en) * | 2015-10-30 | 2018-05-22 | 大连大学 | Enterprise message supplying system and information push method based on MQTT |
| US10693846B2 (en) | 2016-03-08 | 2020-06-23 | Alibaba Group Holding Limited | Published information processing method and device, and information publishing system |
| WO2017152767A1 (en) * | 2016-03-08 | 2017-09-14 | 阿里巴巴集团控股有限公司 | Published information processing method and device, and information publishing system |
| RU2723916C2 (en) * | 2016-03-08 | 2020-06-18 | Алибаба Груп Холдинг Лимитед | Apparatus and method of processing published information and an information publishing system |
| CN109644185A (en) * | 2016-08-18 | 2019-04-16 | 西门子移动有限公司 | Method and apparatus for carrying out secure electronic data communication |
| CN106385491A (en) * | 2016-09-05 | 2017-02-08 | 努比亚技术有限公司 | System and method for controlling push information, mobile terminal and push server |
| CN106452721A (en) * | 2016-10-14 | 2017-02-22 | 牛毅 | Method and system for instruction identification of intelligent device based on identification public key |
| US11456868B2 (en) | 2017-03-07 | 2022-09-27 | Mastercard International Incorporated | Method and system for recording point to point transaction processing |
| CN110383313B (en) * | 2017-03-07 | 2023-08-29 | 万事达卡国际公司 | Method and system for recording point-to-point transaction processing |
| CN110383313A (en) * | 2017-03-07 | 2019-10-25 | 万事达卡国际公司 | For recording the method and system of point-to-point trading processing |
| CN110383317A (en) * | 2017-03-07 | 2019-10-25 | 万事达卡国际公司 | For recording the method and system of point-to-point trading processing |
| CN107809426B (en) * | 2017-10-26 | 2020-07-24 | 珠海优特智厨科技有限公司 | Data information verification method and system |
| CN107809426A (en) * | 2017-10-26 | 2018-03-16 | 珠海优特物联科技有限公司 | The verification method and system of data message |
| WO2019127241A1 (en) * | 2017-12-28 | 2019-07-04 | Siemens Aktiengesellschaft | Message queuing telemetry transport (mqtt) data transmission method, apparatus, and system |
| US11297107B2 (en) | 2017-12-28 | 2022-04-05 | Siemens Aktiengesellschaft | Message queuing telemetry transport (MQTT) data transmission method, apparatus, and system |
| CN111183619A (en) * | 2017-12-28 | 2020-05-19 | 西门子股份公司 | Method, device and system for transmitting MQTT data through message queue telemetry transmission |
| CN108173860A (en) * | 2017-12-29 | 2018-06-15 | 深圳市泛海三江科技发展有限公司 | A kind of MQTT connection methods, system, terminal and the server of low side constrained devices |
| CN111801926A (en) * | 2018-01-26 | 2020-10-20 | 西门子股份公司 | Method and system for disclosing at least one cryptographic key |
| CN111801926B (en) * | 2018-01-26 | 2023-04-28 | 西门子股份公司 | Method and system for disclosing at least one cryptographic key |
| CN108494733A (en) * | 2018-02-11 | 2018-09-04 | 上海万达全程健康服务有限公司 | A kind of message queue method for subscribing of health management system arranged communication |
| CN109002705A (en) * | 2018-06-20 | 2018-12-14 | 苏州科达科技股份有限公司 | process authentication method, device and server |
| CN109413040A (en) * | 2018-09-21 | 2019-03-01 | 深圳前海微众银行股份有限公司 | Message authentication method, equipment, system and computer readable storage medium |
| CN109413040B (en) * | 2018-09-21 | 2020-12-18 | 深圳前海微众银行股份有限公司 | Message authentication method, device, system and computer readable storage medium |
| CN109474916B (en) * | 2018-11-19 | 2020-09-18 | 海信集团有限公司 | Equipment authentication method, device and machine readable medium |
| CN109474916A (en) * | 2018-11-19 | 2019-03-15 | 海信集团有限公司 | A kind of device authentication method, apparatus and machine readable media |
| CN112511564A (en) * | 2021-01-28 | 2021-03-16 | 浙江岩华文化科技有限公司 | Message pushing method, system, electronic device and storage medium |
| CN113098969A (en) * | 2021-04-09 | 2021-07-09 | 薪得付信息技术(上海)有限公司 | Data distribution method, device and system and electronic equipment |
| CN113098969B (en) * | 2021-04-09 | 2022-12-20 | 薪得付信息技术(上海)有限公司 | Data distribution method, device and system and electronic equipment |
| CN113285934A (en) * | 2021-05-14 | 2021-08-20 | 鼎铉商用密码测评技术(深圳)有限公司 | Server cipher machine client IP detection method and device based on digital signature |
| CN114785603A (en) * | 2022-04-26 | 2022-07-22 | 英赛克科技(北京)有限公司 | MQTT protocol-based security protection method, device, equipment and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104158816A (en) | Authentication method and device as well as server | |
| US10447674B2 (en) | Key exchange through partially trusted third party | |
| CN106576043B (en) | Virally allocatable trusted messaging | |
| US10129254B2 (en) | Automated provisioning of a network appliance | |
| EP1819123A1 (en) | Secure method of termination of service notification | |
| CN105634737B (en) | Data transmission method, terminal and system | |
| KR102186114B1 (en) | Method, system, and medium for using dynamic public key infrastructure to transmit and receive encrypted messages | |
| US20170279602A1 (en) | Methods, systems, and media for using dynamic public key infrastructure to send and receive encrypted messages | |
| EP2806667A1 (en) | Message filtering method and system | |
| CN112437044B (en) | Instant messaging method and device | |
| EP2942899A1 (en) | Information processing method, trust server and cloud server | |
| CN112637230B (en) | Instant messaging method and system | |
| CN108141353B (en) | Method and equipment for upgrading cryptographic algorithm | |
| JP2009100345A (en) | E-mail relay apparatus | |
| US10742578B2 (en) | Transmitter terminal, receiving apparatus, method of restricting viewing access, and computer program for viewing restriction of electronic data that has already been transmitted | |
| CN110175471B (en) | File storage method and system | |
| WO2015074450A1 (en) | Instant messaging (im) client side data transmission processprocess and apparatus | |
| CN109492359B (en) | Secure network middleware for identity authentication and implementation method and device thereof | |
| EP2587743A1 (en) | Hypertext link verification in encrypted e-mail for mobile devices | |
| WO2016126151A1 (en) | System for establishing secure communication between multiple electronic communication devices | |
| CN113243093A (en) | System and method for message transmission and retrieval using blockchains | |
| CA3008936C (en) | Secure transmission of local private encoding data | |
| CN103297464A (en) | Program information obtaining method and device | |
| CN114595465A (en) | Data encryption processing method and device and electronic equipment | |
| CN114765595B (en) | Chat message display method, chat message sending device, electronic equipment and media |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20141119 |