CN103973649A - Authentication system and authentication method - Google Patents
Authentication system and authentication method Download PDFInfo
- Publication number
- CN103973649A CN103973649A CN201310038999.4A CN201310038999A CN103973649A CN 103973649 A CN103973649 A CN 103973649A CN 201310038999 A CN201310038999 A CN 201310038999A CN 103973649 A CN103973649 A CN 103973649A
- Authority
- CN
- China
- Prior art keywords
- location information
- geographical location
- electronic installation
- network service
- service platform
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Landscapes
- Telephonic Communication Services (AREA)
Abstract
The invention discloses an authentication system and an authentication method. The authentication system and the authentication method have the advantages that users input account numbers and passwords into a display interface provided by a first electronic device, and whether first geographical location information is positioned in a limited area of second geographical location information or a specific trusted area is judged by the aid of the first geographical location information and the second geographical location information of the first electronic device and a second electronic device, so that the first electronic device is allowed to access a network service platform if the first geographical location information is positioned in the limited area of the second geographical location information or the trusted area, or the first electronic device is declined when accessing the network service platform if the first geographical location information is not positioned in the limited area of the second geographical location information or the trusted area, and the account number and password service safety can be improved for the users on the premise that the operation complexity is not increased.
Description
Technical field
The present invention relates to a kind of information security technology, espespecially a kind of Verification System of combination location technology and authentication method.
Background technology
User logins the basic function that technology is any one application system, particularly relates to the website of financial transaction or personal information related service for some, and the fail safe that user logins technology seems particularly important.
Existing website login authentication program is mainly to realize by the relevant mode of logining information (comprising user account and password) of input on the display interface of user's set, but in network environment now, panoramic spy's program is walked crosswise and is wreaked havoc, but very hidden close being difficult to found, in the situation that has no to discover through the user that is everlasting, steal user profile, invade privacy of user and relevant property.
In view of this, network service dealer has developed all types of passwords and re-authentication mode successively, such as intelligent card chip certification, disposal password (One Time Password, OTP) dynamic password and real-time disposal password of SMS etc., it requires user in the time logining website, not only to need to input the information such as account and password, and must input again one group of special password, or instantly must smart card be inserted in calculating punch simultaneously, but these schemes all need user to carry out operation bidirectional, need to buy smart card reader, the extras such as dynamic password generator, and must after the every device of operation, input again the many loaded down with trivial details actions of password etc., though can effectively reduce the threat that account is falsely used, but also increase user and normally used the puzzlement of network service.
Therefore, how to design a safety and Verification System and authentication method simple to operate, be problem to be solved by this invention.
Summary of the invention
An object of the present invention is to provide a kind of Verification System and authentication method, uses the fail safe of account, password to increase user.
Another object of the present invention is to provide a kind of Verification System and authentication method, it is simple to operate and uncomplicated.
The present invention discloses a kind of Verification System, and it comprises: network service platform, the first electronic installation, second electronic device and authentication platform, and this first electronic installation is used for connecting this network service platform, this authentication platform includes setting module, logins module, locating module and authentication module, and wherein, this setting module is for account, password, the localized area setting user and login this network service platform and trust region, login module for for this user by this first electronic installation input account and password, to login module and login this network service platform via this, locating module is for obtaining first, second geographical location information of this first, second electronic installation, and authentication module is in order to judge whether the first geographical location information of this first electronic installation is positioned at maybe this trust region, localized area of the second geographical location information of this second electronic device, if this first geographical location information is positioned at maybe this trust region, localized area of this second geographical location information, allow this this network service platform of the first electronic installation access (access), otherwise, if this first geographical location information is positioned at outside this trust region and not in the localized area of this second geographical location information, refuse this this network service platform of the first electronic installation access.
The present invention also provides a kind of authentication method, is applied to Verification System, and the method comprises the following steps: to set by this Verification System account, password, localized area and the trust region that user logins network service platform; Input account and password are to login this network service platform; Make this Verification System obtain first, second geographical location information of first, second electronic installation; And whether the first geographical location information that judges this first electronic installation is positioned at maybe this trust region, localized area of the second geographical location information of this second electronic device, if this first geographical location information is positioned at maybe this trust region, localized area of this second geographical location information, allow this this network service platform of the first electronic installation access, otherwise, if this first geographical location information is positioned at outside this trust region and not in the localized area of this second geographical location information, refuse this this network service platform of the first electronic installation access.
Than background technology, Verification System provided by the present invention and authentication method are in conjunction with location technology, with after user is by the first electronic installation input account, password, judge that by first, second geographical location information of this first, second electronic installation of identification whether this user is legal, not only can effectively improve user and use the fail safe of account, password, also can not increase the component difficulty of user's operation.
Brief description of the drawings
Fig. 1 is the system architecture schematic diagram of Verification System of the present invention; And
The flow chart of steps that Fig. 2 A-Fig. 2 B is authentication method of the present invention.
Symbol description
1 Verification System
110 first electronic installations
112 application programs
114 display interfaces
120 second electronic devices
130 authentication platforms
132 setting modules
134 login module
136 locating modules
138 authentication modules
140 network service platforms
S201 ~ S217 step.
Embodiment
By particular specific embodiment, technology contents of the present invention is described below, those skilled in the art can understand other advantage of the present invention and effect easily by content disclosed in the present specification, also can be implemented or be applied by other different specific embodiment.
Refer to Fig. 1, Verification System 1 of the present invention is mainly made up of the first electronic installation 110, second electronic device 120, authentication platform 130 and network service platform 140, wherein, this authentication platform 130 can be a kind of according to the multiple-factor authentication platform of geographical location information.
This first electronic installation 110 can be connected to this network service platform 140 by wired or wireless mode, wherein, this first electronic installation 110 can be for example the fixing electronic installations in position such as desktop PC, also can be the mobile electronic devices such as mobile computer, flat computer or intelligent mobile phone.In addition, specific application program 112 is installed in this first electronic installation 110, for example APP program or network browser program, be connected to network service platform 140 for this first electronic installation 110 by network system (not giving icon).
This authentication platform 130 also includes setting module 132, logins module 134, locating module 136 and authentication module 138.
This setting module 132 is logined account, password, localized area and the trust region thereof of this network service platform 140 for setting user.That is to say, user is not before logining this network service platform 140, can in this setting module 132, set account, the password of logining this network service platform 140, and further set the trust region that allows to login this network service platform 140, as the geographical location information such as household, office.In addition, this setting module 132 separately can be set the second electronic device 120 that can identify for this network service platform 140, and the scope of localized area, if radius is 10 kilometers, 1 kilometer etc.
This logins 134 of modules for receiving display interface 114 inputs of user by the first electronic installation 110 for logining the information such as account and password of this network service platform 140, uses via this and logins module 134 and login this network service platform 140.
This locating module 136 is for obtaining the first geographical location information of this first electronic installation 110.In one embodiment of the invention, the network insertion dot information that this locating module 136 can be by obtaining this first electronic installation 110 is to pick out the geographical location information of this first electronic installation 110, as longitude and latitude etc.Particularly, if this first electronic installation 110 is during with wired mode interconnection network system, this locating module 136 is by obtaining the IP address information of this first electronic installation 110, and IP address information is counter looks into for this, to determine the geographical location information of this first electronic installation 110; And if this first electronic installation 110 is during with wireless mode interconnection network system, the Wi-Fi Hotspot information that this locating module 136 connects by obtaining this first electronic installation 110, and for this, Wi-Fi Hotspot information is counter looks into, and obtains the geographical location information of this first electronic installation 110.In addition, in another embodiment of the present invention, on this first electronic installation 110, be mounted with GPS device, it can initiatively be sent to this locating module 136 by geographical location information current this first electronic installation 110.
In addition, this locating module 136 is another for obtaining the second geographical location information of this second electronic device 120.In detail, the electronic installation that this second electronic device 120 can for example be carried for user, it utilizes and judges the geographical location information of this second electronic device 120 as registered places such as base stations, as longitude and latitude etc.
138 of this authentication modules are used to user and login after this network service platform 140 by this first electronic installation 110, whether the first geographical location information that judges this first electronic installation 110 that this locating module 136 obtains is positioned at the localized area (if radius is 10 kilometers) of the second geographical location information of this second electronic device 120 or the trust region (as office) that this setting module 132 sets, if being this first geographical location information, judged result is positioned at maybe this trust region, localized area of this second geographical location information, allow this this network service platform 140 of the first electronic installation 110 accesses, otherwise, if being this first geographical location information, judged result is positioned at outside this trust region and not in the localized area of this second geographical location information, refuse this this network service platform 140 of the first electronic installation 110 accesses, and notify user in the mode such as note or Email.
The flow chart of steps of the concrete enforcement that Fig. 2 A-Fig. 2 B is authentication method of the present invention, authentication method of the present invention is applied to Verification System 1 as shown in Figure 1.As shown in Fig. 2 A-Fig. 2 B, first perform step S201, in this Verification System 1, set the information such as account, password, localized area and trust region thereof that user logins network service platform 140, then perform step S203.
In step S203, provide a display interface to input account and password for user by this first electronic installation 110, then carry out step S205.
At step S205, judge that whether the account of this input and password be correct, if correct, carry out step S207, otherwise, return and carry out S203.
In step S207, make this Verification System 1 obtain the first geographical location information of this first electronic installation 110.In one embodiment of the invention, this first electronic installation 110 is connected to this network service platform 140 by wired or wireless mode.This Verification System 1 such as, by obtaining counter first geographical location information of looking into this first electronic installation 110 of identification of network insertion dot information (IP address information or WI-FI hot information etc.) of this first electronic installation 110.In another embodiment of the present invention, on this first electronic installation 110, be mounted with GPS device, the geographical location information that this Verification System 1 can return by this GPS device, with the first current geographical location information of this first electronic installation 110 of identification, then performs step S209.
At step S209, judge whether this second electronic device 120 is the device that can identify for network service platform 140, if can, for identification, carry out step S211, otherwise, return and carry out S203.
In step S211, make this Verification System 1 obtain the second geographical location information of this second electronic device 120, then perform step S213.
In step S213, judge whether the first geographical location information of this first electronic installation 110 is positioned at the maybe trust region of this setting, localized area of the second geographical location information of this second electronic device 120, be positioned at maybe this trust region, localized area of this second geographical location information if judged result is this first geographical location information, carry out step S215; Otherwise, if being this first geographical location information, judged result is positioned at outside this trust region and not in the localized area of this second geographical location information, carry out step S217.
In step S215, allow this this network service platform 140 of the first electronic installation 110 accesses, and finish this authentication method.
In step S217, refuse this this network service platform 140 of the first electronic installation 110 accesses, and notify user in the mode such as note or Email, and then finish this authentication method.
In sum, Verification System of the present invention and authentication method utilize the location technology of electronic installation to improve user and use account, the fail safe of password, login after network service platform by the first electronic installation in user, whether be positioned at the localized area of the second geographical location information of second electronic device or the trust region setting in advance by the first geographical location information of identification the first electronic installation, judge this network service platform whether login user legal, use and do not increasing under the prerequisite of Operating Complexity, effectively promote account, the safety in utilization of password.
But above-described embodiment is only in order to illustrative principle of the present invention and effect thereof, but not for limiting the present invention.Any those skilled in the art all can, under spirit of the present invention and category, modify to above-described embodiment.Therefore the scope of the present invention, should be as listed in claims.
Claims (12)
1. a Verification System, comprising:
Network service platform;
The first electronic installation, for connecting this network service platform;
Second electronic device; And
Authentication platform, it comprises:
Setting module, logins account, password, the localized area of this network service platform and trusts region for setting user;
Login module, for inputting this account and password by this first electronic installation for this user, to login module and login this network service platform via this;
Locating module, for obtaining the first geographical location information of this first electronic installation and the second geographical location information of this second electronic device; And
Authentication module, in order to judge whether this first geographical location information of this first electronic installation is positioned at maybe this trust region, this localized area of this second geographical location information of this second electronic device.
2. Verification System according to claim 1, it is characterized in that, if this first geographical location information is positioned at maybe this trust region, this localized area of this second geographical location information, allow this this network service platform of the first electronic installation access, otherwise, if this first geographical location information is positioned at outside this trust region and not in this localized area of this second geographical location information, refuse this this network service platform of the first electronic installation access.
3. Verification System according to claim 1, is characterized in that, this first electronic installation is connected to this network service platform by wired or wireless mode.
4. Verification System according to claim 3, is characterized in that, this locating module is by obtaining the network insertion dot information of this first electronic installation with this first geographical location information of this first electronic installation of identification.
5. Verification System according to claim 3, is characterized in that, this first electronic installation is mounted with GPS device, for this first geographical location information of this this first electronic installation of locating module identification.
6. Verification System according to claim 1, is characterized in that, this second electronic device utilizes the registered place of base station to judge this second geographical location information of this second electronic device.
7. an authentication method, is applied to Verification System, and the method comprises the following steps:
Set by this Verification System account, password, localized area and the trust region that user logins network service platform;
Input this account, this password to login this network service platform;
Make this Verification System obtain the first geographical location information of the first electronic installation;
Make this Verification System obtain the second geographical location information of second electronic device; And
Judge whether this first geographical location information of this first electronic installation is positioned at maybe this trust region, this localized area of this second geographical location information of this second electronic device.
8. authentication method according to claim 7, it is characterized in that, if this first geographical location information is positioned at maybe this trust region, this localized area of this second geographical location information, allow this this network service platform of the first electronic installation access, otherwise, if this first geographical location information is positioned at outside this trust region and not in this localized area of this second geographical location information, refuse this this network service platform of the first electronic installation access.
9. authentication method according to claim 7, is characterized in that, this first electronic installation is connected to this network service platform by wired or wireless mode.
10. authentication method according to claim 9, is characterized in that, this Verification System is by obtaining the network insertion dot information of this first electronic installation with this first geographical location information of this first electronic installation of identification.
11. authentication methods according to claim 9, is characterized in that, this first electronic installation is mounted with GPS device, this first geographical location information by this GPS device with this first electronic installation of identification.
12. authentication methods according to claim 7, is characterized in that, this second electronic device utilizes the registered place of base station to judge this second geographical location information of this second electronic device.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310038999.4A CN103973649A (en) | 2013-01-31 | 2013-01-31 | Authentication system and authentication method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310038999.4A CN103973649A (en) | 2013-01-31 | 2013-01-31 | Authentication system and authentication method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN103973649A true CN103973649A (en) | 2014-08-06 |
Family
ID=51242698
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201310038999.4A Pending CN103973649A (en) | 2013-01-31 | 2013-01-31 | Authentication system and authentication method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103973649A (en) |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104767717A (en) * | 2014-01-03 | 2015-07-08 | 腾讯科技(深圳)有限公司 | Identity authentication method and device |
| CN104898542A (en) * | 2015-04-29 | 2015-09-09 | 河南职业技术学院 | Positioning device and programmable logic controller (PLC) |
| CN105148421A (en) * | 2015-07-10 | 2015-12-16 | 昆明医科大学第一附属医院 | Intelligent nasal cavity respirator |
| CN105384019A (en) * | 2015-12-14 | 2016-03-09 | 宁波保众应急科技有限公司 | Internet of Things elevator system |
| CN106339785A (en) * | 2015-12-02 | 2017-01-18 | 广西职业技术学院 | Taxation proxy agent management system |
| CN109889474A (en) * | 2014-09-22 | 2019-06-14 | 阿里巴巴集团控股有限公司 | A kind of method and device of subscriber authentication |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101771684A (en) * | 2009-09-23 | 2010-07-07 | 韩燕� | Internet compuphone authentication method and service system thereof |
| CN102780674A (en) * | 2011-05-09 | 2012-11-14 | 同方股份有限公司 | Method and system for processing network service by utilizing multifactor authentication method |
| US20120331527A1 (en) * | 2011-06-22 | 2012-12-27 | TerraWi, Inc. | Multi-layer, geolocation-based network resource access and permissions |
-
2013
- 2013-01-31 CN CN201310038999.4A patent/CN103973649A/en active Pending
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101771684A (en) * | 2009-09-23 | 2010-07-07 | 韩燕� | Internet compuphone authentication method and service system thereof |
| CN102780674A (en) * | 2011-05-09 | 2012-11-14 | 同方股份有限公司 | Method and system for processing network service by utilizing multifactor authentication method |
| US20120331527A1 (en) * | 2011-06-22 | 2012-12-27 | TerraWi, Inc. | Multi-layer, geolocation-based network resource access and permissions |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104767717A (en) * | 2014-01-03 | 2015-07-08 | 腾讯科技(深圳)有限公司 | Identity authentication method and device |
| CN104767717B (en) * | 2014-01-03 | 2019-01-29 | 腾讯科技(深圳)有限公司 | Auth method and device |
| CN109889474A (en) * | 2014-09-22 | 2019-06-14 | 阿里巴巴集团控股有限公司 | A kind of method and device of subscriber authentication |
| CN104898542A (en) * | 2015-04-29 | 2015-09-09 | 河南职业技术学院 | Positioning device and programmable logic controller (PLC) |
| CN105148421A (en) * | 2015-07-10 | 2015-12-16 | 昆明医科大学第一附属医院 | Intelligent nasal cavity respirator |
| CN106339785A (en) * | 2015-12-02 | 2017-01-18 | 广西职业技术学院 | Taxation proxy agent management system |
| CN105384019A (en) * | 2015-12-14 | 2016-03-09 | 宁波保众应急科技有限公司 | Internet of Things elevator system |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10152581B2 (en) | Methods and systems for data entry | |
| CN104798076B (en) | Privacy using polymerization security engine for Internet Service Provider strengthens key management | |
| US8887232B2 (en) | Central biometric verification service | |
| US8959608B2 (en) | Single sign-on for a native application and a web application on a mobile device | |
| CN105306204B (en) | Security verification method, device and system | |
| US20180295514A1 (en) | Method and apparatus for facilitating persistent authentication | |
| CN103973649A (en) | Authentication system and authentication method | |
| CN107493378B (en) | Method and device for logging in application program, computer equipment and readable storage medium | |
| US11989618B2 (en) | Two-dimensional code processing method and device | |
| CN104270250A (en) | WiFi Internet surfing connecting authentication method and system based on asymmetric full-process encryption | |
| US20190281053A1 (en) | Method and apparatus for facilitating frictionless two-factor authentication | |
| CN107835162B (en) | Software digital permit server gives the method and software digital permit server that permission is signed and issued in the license of software developer's software digital | |
| CN108769366B (en) | Authority management method, device, mobile terminal and storage medium | |
| US20140215582A1 (en) | Verification system and verification method | |
| CN106209918A (en) | The method of a kind of internet security management and terminal | |
| CN108763884B (en) | Authority management method, device, mobile terminal and storage medium | |
| CN106302519A (en) | The method of a kind of internet security management and terminal | |
| KR101161182B1 (en) | Method and system capable of user integrated authentication according to security level of internet site by automatically detecting user authentication request | |
| CN105577621B (en) | Business operation verification method, device and system | |
| US11888844B2 (en) | Electrical circuit testing device and method | |
| Bai et al. | Apple ZeroConf holes: How hackers can steal iPhone photos | |
| CN106411862A (en) | Network security management method and terminal | |
| KR102261789B1 (en) | Smishing message monitoring method and smishing level determination method | |
| KR20210003529A (en) | Authentication method and telecommunication server using IP address and SMS | |
| KR102208332B1 (en) | Authentication method and telecommunication server using location information and SMS |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20140806 |
|
| WD01 | Invention patent application deemed withdrawn after publication |