CN114745133B - Method and device for identifying equipment uniqueness - Google Patents
Method and device for identifying equipment uniqueness Download PDFInfo
- Publication number
- CN114745133B CN114745133B CN202210362495.7A CN202210362495A CN114745133B CN 114745133 B CN114745133 B CN 114745133B CN 202210362495 A CN202210362495 A CN 202210362495A CN 114745133 B CN114745133 B CN 114745133B
- Authority
- CN
- China
- Prior art keywords
- token
- terminal
- fingerprint
- sent
- equipment
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 51
- 230000008569 process Effects 0.000 description 14
- 238000010586 diagram Methods 0.000 description 11
- 238000004590 computer program Methods 0.000 description 9
- 230000006870 function Effects 0.000 description 9
- 230000006872 improvement Effects 0.000 description 8
- 238000005516 engineering process Methods 0.000 description 6
- 238000012545 processing Methods 0.000 description 6
- 238000004519 manufacturing process Methods 0.000 description 4
- 230000003287 optical effect Effects 0.000 description 3
- 230000005540 biological transmission Effects 0.000 description 2
- 238000004891 communication Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000001413 cellular effect Effects 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000005055 memory storage Effects 0.000 description 1
- 229920001296 polysiloxane Polymers 0.000 description 1
- 230000000750 progressive effect Effects 0.000 description 1
- 230000004044 response Effects 0.000 description 1
- 238000012954 risk control Methods 0.000 description 1
- 239000010979 ruby Substances 0.000 description 1
- 229910001750 ruby Inorganic materials 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/321—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
- H04L9/3213—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority using tickets or tokens, e.g. Kerberos
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Collating Specific Patterns (AREA)
- Computer And Data Communications (AREA)
Abstract
The application discloses a method and a device for identifying the uniqueness of equipment, which are characterized in that a token corresponding to the equipment fingerprint of a terminal is generated in a random generation mode in advance and is issued to the terminal, then when the equipment fingerprint and the token transmitted by the terminal are received, the token corresponding to the equipment fingerprint can be searched from all generated tokens, and finally whether the searched token is consistent with the token transmitted by the terminal or not is determined by comparing whether the equipment fingerprint is unique or not.
Description
Technical Field
The present application relates to the field of information technologies, and in particular, to a method and an apparatus for identifying device uniqueness.
Background
Device fingerprint (DEVICE FINGERPRINTING) refers to a device characteristic or unique device identification that can be used to uniquely identify a device.
Traditional device fingerprints mainly refer to inherent, harder-to-tamper, unique hardware identifiers. For example, the international mobile equipment identity (International Mobile Equipment Identity, IMEI) is a globally unique code assigned by the manufacturer during production of the mobile phone, or the MAC address assigned by the computer network card during production, etc.
In the prior art, due to the characteristics of difficulty in tampering, fixation and uniqueness of the device fingerprint, the device fingerprint has important significance in the execution process of the service (particularly the service in the wind control field). For example, when multiple accounts are all logged on a device with the same device fingerprint, the multiple accounts are considered to be garbage accounts (i.e. multiple "small numbers" held by the same user) with a high probability, or risk control can be performed according to the device fingerprint in the field of wind control, and the like, which are all common business scenarios using the device fingerprint.
However, with the continuous progress of technology, some methods for tampering with the fingerprint of the device are gradually developed. This makes it a matter of how to determine whether a device fingerprint of a device has been tampered with (i.e., whether the uniqueness of the device fingerprint exists). The present application thus provides a new method of device identification for identifying the uniqueness of a device fingerprint.
Disclosure of Invention
The embodiment of the specification provides a method and a device for identifying the uniqueness of equipment, which are used for solving the problems that the equipment fingerprints are difficult to identify after being tampered in the prior art and the equipment is difficult to be uniquely determined according to the equipment fingerprints.
The embodiment of the specification adopts the following technical scheme:
A method for identifying device uniqueness, which randomly generates a token corresponding to a device fingerprint of a terminal in advance and issues the token to the terminal for storage, comprising:
Receiving the fingerprint and the token of the terminal sending equipment;
searching tokens corresponding to the device fingerprints from the generated tokens;
and comparing whether the searched token is consistent with the token sent by the terminal, and determining whether the device fingerprint is unique according to the comparison result.
An apparatus for identifying device uniqueness, comprising:
The generation module is used for randomly generating a token corresponding to the device fingerprint of the terminal in advance and issuing the token to the terminal for storage;
the receiving module is used for receiving the fingerprint and the token of the terminal sending equipment;
the searching module searches tokens corresponding to the device fingerprints from the generated tokens;
and the identification module is used for comparing whether the searched token is consistent with the token sent by the terminal and determining whether the device fingerprint is unique according to the comparison result.
A server, wherein the server comprises: one or more processors and a memory, the memory storing a program and configured to be executed by the one or more processors to:
A token corresponding to the device fingerprint of the terminal is randomly generated in advance, and the token is issued to the terminal for storage;
Receiving the fingerprint and the token of the terminal sending equipment;
searching tokens corresponding to the device fingerprints from the generated tokens;
and comparing whether the searched token is consistent with the token sent by the terminal, and determining whether the device fingerprint is unique according to the comparison result.
The above-mentioned at least one technical scheme that this description embodiment adopted can reach following beneficial effect:
By the method and the device provided by the specification, the token corresponding to the device fingerprint of the terminal is generated in advance in a random generation mode and is issued to the terminal for storage, then when the device fingerprint and the token sent by the terminal are received, the token corresponding to the device fingerprint can be searched from the generated tokens, and finally whether the device fingerprint is unique or not is determined by comparing whether the searched token is consistent with the token sent by the terminal. Because the token corresponding to the device fingerprint of the terminal can be randomly generated and issued to the terminal for storage, when the device fingerprint of the terminal is tampered or stolen, a pirate does not have the token, and whether the device fingerprint is unique can be determined according to the corresponding relation between the stored device fingerprint and the token. The uniqueness of the device fingerprint can be determined through the comparison result between the tokens, and the problem that whether the device fingerprint is tampered or not cannot be determined is solved.
Drawings
The accompanying drawings, which are included to provide a further understanding of the application and are incorporated in and constitute a part of this specification, illustrate embodiments of the application and together with the description serve to explain the application and do not constitute a limitation on the application. In the drawings:
FIG. 1 is a process for identifying device uniqueness provided by embodiments of the present description;
FIG. 2 is a process for updating a token corresponding to a device fingerprint provided in the present specification;
FIG. 3 is a schematic diagram of providing uniqueness of a fingerprint of an identification device according to an embodiment of the present disclosure;
Fig. 4 is a schematic structural diagram of a device for identifying the uniqueness of a device according to an embodiment of the present disclosure;
fig. 5 is a schematic structural diagram of a server according to an embodiment of the present disclosure.
Detailed Description
For the purposes of making the objects, technical solutions and advantages of the present specification more apparent, the technical solutions of the present application will be clearly and completely described below with reference to specific embodiments of the present specification and corresponding drawings. It will be apparent that the described embodiments are only some, but not all, embodiments of the application. All other embodiments, which can be made by those skilled in the art without the exercise of inventive faculty, are intended to be within the scope of the application, based on the embodiments in the specification.
The following describes in detail the technical solutions provided by the embodiments of the present application with reference to the accompanying drawings.
Fig. 1 is a process for identifying device uniqueness provided in an embodiment of the present disclosure, which specifically includes the following steps:
s100: and receiving the device fingerprint and the token sent by the terminal.
Since the server generally has a need to determine the device fingerprint of the terminal, in order to identify the uniqueness of the device fingerprint, the server may generate a token corresponding to the device fingerprint of the terminal in advance and issue the token to the terminal. So that the server can subsequently determine the uniqueness of the device fingerprint from the terminal sending the device fingerprint and the token.
Specifically, the server may randomly generate a token as the token corresponding to the device fingerprint of the terminal when determining that the token corresponding to the device fingerprint of the terminal has not been generated, and issue the token to the terminal. Wherein, the device fingerprint, the token and the correspondence between the device fingerprint and the token can be stored in the server.
The present specification is not limited herein, and the server determines when a token corresponding to the device fingerprint of the terminal has been generated. For example, a device fingerprint of the terminal is acquired and judged when the user logs in to the account, or a device fingerprint of the terminal is acquired and judged when the user registers to the account, or a device fingerprint of the terminal is acquired and judged when the user performs a service, and so on.
Further, in the present specification, after the server issues the generated token to the terminal, the subsequent steps provided in the present specification may be determined to be performed when the device fingerprint and the token sent by the terminal are received.
Further, in the present specification, the server may be a single device, or may be a system (for example, a distributed server) formed by multiple servers, and the terminal may be a device such as a mobile phone, a personal computer, a tablet computer, etc., which is not limited in the present specification.
In addition, the device fingerprint and the token may be actively sent to the server by the terminal, or may also be returned by the terminal according to the query information sent by the server, which is not limited in the present specification, and may be specifically set according to the need, so long as the server may receive the device fingerprint and the token sent by the terminal, and further execute the subsequent steps.
For example, to reduce the case where the service response caused by determining the device fingerprint before executing the service is slow, it may be configured to send the device fingerprint and the token to the server when the terminal detects an account login.
In this specification, the device fingerprint and token may be transmitted to the server by a program (e.g., client) installed in the terminal, which may be provided by the server.
S102: from the tokens that have been generated, a token corresponding to the device fingerprint is found.
In this specification, since the terminal in step S100 transmits the token to the server, the server may search for a token corresponding to the device fingerprint from among the generated tokens, so that the subsequent step determines whether the device fingerprint is unique by comparing whether the token transmitted by the terminal and the searched token are identical.
Specifically, after the server generates the token, the server may store the device fingerprint, the token, and the correspondence between the device fingerprint and the token, as described in step S100. The server may then determine, from among the stored device fingerprints, a device fingerprint that matches the device fingerprint of the terminal.
And then determining the corresponding token of the matched device fingerprint according to the corresponding relation between the stored device fingerprints and the tokens, and taking the token as the searched token corresponding to the device fingerprint of the terminal.
S104: and comparing whether the searched token is consistent with the token sent by the terminal, and determining whether the device fingerprint is unique according to the comparison result.
In the specification, after the server searches the token, the server can compare whether the searched token is consistent with the token sent by the terminal, if the comparison result is consistent, the device fingerprint is determined to be unique, and if the comparison result is inconsistent, the device fingerprint is determined to be not unique.
Based on the unique process of the identification device shown in fig. 1, since the server randomly generates a token corresponding to the device fingerprint of each terminal for the device fingerprint of each terminal in advance and issues the token to the terminal, only one terminal can acquire the token corresponding to the device fingerprint. Therefore, when the terminal falsifies the device fingerprint of the terminal to impersonate other terminals, the terminal cannot acquire tokens corresponding to the device fingerprints of other terminals issued by the server, so that the impersonated device fingerprints can be identified by the server to be non-unique, and the problem that whether the device fingerprints are falsified cannot be identified in the prior art is solved.
In addition, device fingerprints may be classified into various types according to the manner in which they are generated or the information contained. For example, conventionally, device information (such as IMEI, MAC address, etc.) is generally directly used as a device fingerprint, or the device fingerprint is generated according to a preset fingerprint generation rule and device information of multiple different dimensions, or the device fingerprint is determined by using information of each layer of a network seven-layer protocol (Open System Interconnection, OSI) stack sent by a terminal, and so on.
In step S100 of the present specification, how to determine the device fingerprint is not limited, and the device fingerprint may be specifically set as required.
Further, since the server may also generate the device fingerprint according to the device information and the fingerprint generation rule, in step S100 of the present specification, the server may also receive the device information sent by the terminal, and determine the device fingerprint of the terminal according to the preset fingerprint generation rule and the device information, as the device fingerprint sent by the terminal. Of course, the specific specification of the device information is not limited, so long as the server can determine the device fingerprint according to the device information, and the device information can be set according to the needs.
For example, when the server determines the device fingerprint from the IMEI and MAC address, the program that sends the device fingerprint and token to the server may obtain the IMEI and network card MAC address of the terminal and send to the server.
It should be noted that the fingerprint generation rule is not particularly limited in the present application, and may be set as needed. For example, assuming that the preset fingerprint generation rule is to perform hash encryption on the combination of the device information, the report information carries: IMEI information (e.g., 355637052277589) and MAC address (e.g., 00-01-6C-06-A6-29). The server may determine that the combination of device information is "35563705227758900-01-6C-06-A6-29" and perform a hash256 encryption to obtain a device fingerprint of "C3337dff7cf0a445f54efa064343e0191441C57ea75897dc5C12e0a9f2 bbea".
In addition, in the present specification, when the server determines that the token corresponding to the device fingerprint of the terminal has not been generated, it is explained that the token has not been issued to the terminal, and therefore if the token is not transmitted when the terminal transmits the device instruction to the server at this time, the server may temporarily determine that the device fingerprint is unique.
Further, after the server issues the token to the terminal, there is a situation that the token acquired by the terminal and the device fingerprint of the terminal are stolen, so that in order to prevent the token and the device fingerprint from being stolen together, the problem of reduced recognition accuracy is caused. In this specification, after the server performs step S104, the token corresponding to the device fingerprint may also be updated and issued to the terminal again, as shown in fig. 2.
Fig. 2 is a process for updating a token corresponding to a device fingerprint provided in the present specification.
S200: the token is re-randomly generated.
S202: replacing the corresponding relation between the searched token and the equipment fingerprint with the corresponding relation between the regenerated token and the equipment fingerprint;
S204: and re-issuing the regenerated token to the terminal so that the terminal replaces the stored token with the regenerated token.
Specifically, the server may randomly generate a token corresponding to the device fingerprint in advance as described in step S100, and when the server updates the token, the server may also regenerate a new token by adopting the same random generation manner. Then, the token corresponding to the device fingerprint of the terminal is replaced by the regenerated token in the stored corresponding relation between the device fingerprint and the token. And the server can also issue the regenerated new token to the terminal for storage, so that the terminal replaces the stored token with the regenerated token.
In this specification, the process of updating the token and the process of determining whether the device fingerprint is unique in step S104 may be performed asynchronously, so that only one terminal can acquire the correct token regardless of whether the server determines that the device fingerprint is unique. Thus, even when the device fingerprint of the terminal is stolen together with the token, the stolen terminal is unaware of what is being stolen, so that the token it transmits is an unexpired token, thereby making the server determine that the device fingerprint is not unique.
For ease of understanding, the present disclosure also provides a schematic diagram of the uniqueness of a fingerprint of a recognition device, as shown in fig. 3.
In fig. 3, the left side is the communication between the device and the server, the right side is the correspondence between the device fingerprint stored by the server at different times and the token, and the same device fingerprint x is used by the device a and the device B.
Assuming that the server first received the transmitted device fingerprint x of device a, it may be determined that a token corresponding to the device fingerprint x has not been generated, and thus the server may temporarily determine that the device fingerprint x is unique. The server may then randomly generate token 1, create a correspondence of device fingerprint x to token 1, and return the randomly generated token 1, causing device a to store token 1.
Device B can only send device fingerprint x to the server since device B did not then receive token 1 issued by the server. While the server may determine that the token corresponding to device fingerprint x is token 1 and device B did not send a token, it may be determined that device fingerprint x is not unique. Then, the server can randomly generate the token 2 again and return the token 2 to the device B, so that the device B stores the token 2, and updates the corresponding relation between the device fingerprint x and the token 1 to be the corresponding relation between the device fingerprint x and the token 2.
After that, it is assumed that the device a again transmits the device fingerprint x with the token 1. The server may determine that the token sent by device a (i.e., token 1) is inconsistent with the found token (i.e., token 2), and that the device fingerprint x is not unique. And then returning the random generation card 3 to the device A for storage, and updating the corresponding relation between the device fingerprint x and the token 2 to be the corresponding relation between the device fingerprint x and the token 3.
By repeating the above steps, when the device fingerprints are applied to a plurality of terminals, even if a certain terminal acquires correct device fingerprints and tokens, the tokens fail after other devices send the device fingerprints to the server, so that when the terminal sends the self-stored tokens and the device fingerprints to the server, the server can determine that the device fingerprints are not unique.
Further, in this specification, since the fingerprint generation rule is private data of the server, in order to reduce the possibility that the generation rule of the device fingerprint is broken, the server may not issue the device fingerprint to the terminal after generating the device fingerprint, and the terminal may carry the device information required by the server to generate the device fingerprint (but not carry the device fingerprint generated by the server) in the report information transmitted for the first time or subsequently.
It should be noted that, the execution subjects of each step of the method provided in the embodiments of the present disclosure may be the same device, or the method may also be executed by different devices. For example, the execution subject of step S100 and step S102 may be device 1, and the execution subject of step S102 may be device 2; or the execution subject of step S100 may be device 1, and the execution subjects of step S102 and step S104 may be device 2; etc. The foregoing describes specific embodiments of the present disclosure. Other embodiments are within the scope of the following claims. In some cases, the actions or steps recited in the claims can be performed in a different order than in the embodiments and still achieve desirable results. In addition, the processes depicted in the accompanying figures do not necessarily require the particular order shown, or sequential order, to achieve desirable results. In some embodiments, multitasking and parallel processing are also possible or may be advantageous.
Based on the method for identifying the device uniqueness shown in fig. 1, the embodiment of the present disclosure further provides an apparatus for identifying the device uniqueness, as shown in fig. 4.
Fig. 4 is a schematic structural diagram of an apparatus for identifying device uniqueness according to an embodiment of the present disclosure, where the apparatus includes:
the generating module 200 randomly generates a token corresponding to the device fingerprint of the terminal in advance and issues the token to the terminal for storage.
A receiving module 202, configured to receive a device fingerprint and a token sent by the terminal;
a searching module 204, configured to search tokens corresponding to the device fingerprint from the generated tokens;
And the identification module 206 compares whether the found token is consistent with the token sent by the terminal, and determines whether the device fingerprint is unique according to the comparison result.
The receiving module 202 receives the device information sent by the terminal, and determines, according to a preset fingerprint generation rule and the device information, a device fingerprint of the terminal as the device fingerprint sent by the terminal.
The generating module 200 generates a token randomly as a token corresponding to the device fingerprint when receiving the device fingerprint sent by the terminal but not receiving the token sent by the terminal, and issues the token to the terminal for storage.
The identification module 206 determines that the device fingerprint is unique when the comparison result is consistent, and determines that the device fingerprint is not unique when the comparison result is inconsistent.
The apparatus further comprises:
and the updating module 208 is used for generating the token again at random, replacing the corresponding relation between the searched token and the device fingerprint with the corresponding relation between the regenerated token and the device fingerprint, and re-issuing the regenerated token to the terminal so that the terminal replaces the stored token with the regenerated token.
Based on the method for identifying the device uniqueness shown in fig. 1, the present specification correspondingly provides a server, as shown in fig. 5, wherein the server includes: one or more processors and a memory, the memory storing a program and configured to be executed by the one or more processors to:
the server randomly generates a token corresponding to the device fingerprint of the terminal in advance and issues the token to the terminal for storage;
Receiving a device fingerprint and a token sent by the terminal;
searching tokens corresponding to the device fingerprints from the generated tokens;
and comparing whether the searched token is consistent with the token sent by the terminal, and determining whether the device fingerprint is unique according to the comparison result.
In the 90 s of the 20 th century, improvements to one technology could clearly be distinguished as improvements in hardware (e.g., improvements to circuit structures such as diodes, transistors, switches, etc.) or software (improvements to the process flow). However, with the development of technology, many improvements of the current method flows can be regarded as direct improvements of hardware circuit structures. Designers almost always obtain corresponding hardware circuit structures by programming improved method flows into hardware circuits. Therefore, an improvement of a method flow cannot be said to be realized by a hardware entity module. For example, a programmable logic device (Programmable Logic Device, PLD) (e.g., field programmable gate array (Field Programmable GATE ARRAY, FPGA)) is an integrated circuit whose logic functions are determined by user programming of the device. A designer programs to "integrate" a digital system onto a PLD without requiring the chip manufacturer to design and fabricate application-specific integrated circuit chips. Moreover, nowadays, instead of manually manufacturing integrated circuit chips, such programming is mostly implemented with "logic compiler (logic compiler)" software, which is similar to the software compiler used in program development and writing, and the original code before being compiled is also written in a specific programming language, which is called hardware description language (Hardware Description Language, HDL), but HDL is not just one, but a plurality of kinds, such as ABEL(Advanced Boolean Expression Language)、AHDL(Altera Hardware Description Language)、Confluence、CUPL(Cornell University Programming Language)、HDCal、JHDL(Java Hardware Description Language)、Lava、Lola、MyHDL、PALASM、RHDL(Ruby Hardware Description Language), and VHDL (Very-High-SPEED INTEGRATED Circuit Hardware Description Language) and Verilog are currently most commonly used. It will also be apparent to those skilled in the art that a hardware circuit implementing the logic method flow can be readily obtained by merely slightly programming the method flow into an integrated circuit using several of the hardware description languages described above.
The controller may be implemented in any suitable manner, for example, the controller may take the form of, for example, a microprocessor or processor and a computer readable medium storing computer readable program code (e.g., software or firmware) executable by the (micro) processor, logic gates, switches, application SPECIFIC INTEGRATED Circuits (ASICs), programmable logic controllers, and embedded microcontrollers, examples of controllers include, but are not limited to, the following microcontrollers: ARC625D, atmel AT91SAM, microchip PIC18F26K20, and Silicone Labs C8051F320, the memory controller may also be implemented as part of the control logic of the memory. Those skilled in the art will also appreciate that, in addition to implementing the controller in a pure computer readable program code, it is well possible to implement the same functionality by logically programming the method steps such that the controller is in the form of logic gates, switches, application specific integrated circuits, programmable logic controllers, embedded microcontrollers, etc. Such a controller may thus be regarded as a kind of hardware component, and means for performing various functions included therein may also be regarded as structures within the hardware component. Or even means for achieving the various functions may be regarded as either software modules implementing the methods or structures within hardware components.
The system, apparatus, module or unit set forth in the above embodiments may be implemented in particular by a computer chip or entity, or by a product having a certain function. One typical implementation is a computer. In particular, the computer may be, for example, a personal computer, a laptop computer, a cellular telephone, a camera phone, a smart phone, a personal digital assistant, a media player, a navigation device, an email device, a game console, a tablet computer, a wearable device, or a combination of any of these devices.
For convenience of description, the above devices are described as being functionally divided into various units, respectively. Of course, the functions of each element may be implemented in the same piece or pieces of software and/or hardware when implementing the present application.
It will be appreciated by those skilled in the art that embodiments of the present invention may be provided as a method, system, or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
In one typical configuration, a computing device includes one or more processors (CPUs), input/output interfaces, network interfaces, and memory.
The memory may include volatile memory in a computer-readable medium, random Access Memory (RAM) and/or nonvolatile memory, such as Read Only Memory (ROM) or flash memory (flash RAM). Memory is an example of computer-readable media.
Computer readable media, including both non-transitory and non-transitory, removable and non-removable media, may implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of storage media for a computer include, but are not limited to, phase change memory (PRAM), static Random Access Memory (SRAM), dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), read Only Memory (ROM), electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic tape magnetic disk storage or other magnetic storage devices, or any other non-transmission medium, which can be used to store information that can be accessed by a computing device. Computer-readable media, as defined herein, does not include transitory computer-readable media (transmission media), such as modulated data signals and carrier waves.
It should also be noted that the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising one … …" does not exclude the presence of other like elements in a process, method, article or apparatus that comprises the element.
It will be appreciated by those skilled in the art that embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The application may be described in the general context of computer-executable instructions, such as program modules, being executed by a computer. Generally, program modules include routines, programs, objects, components, data structures, etc. that perform particular tasks or implement particular abstract data types. The application may also be practiced in distributed computing environments where tasks are performed by remote processing devices that are linked through a communications network. In a distributed computing environment, program modules may be located in both local and remote computer storage media including memory storage devices.
In this specification, each embodiment is described in a progressive manner, and identical and similar parts of each embodiment are all referred to each other, and each embodiment mainly describes differences from other embodiments. In particular, for system embodiments, since they are substantially similar to method embodiments, the description is relatively simple, as relevant to see a section of the description of method embodiments.
The foregoing is merely exemplary of the present application and is not intended to limit the present application. Various modifications and variations of the present application will be apparent to those skilled in the art. Any modification, equivalent replacement, improvement, etc. which come within the spirit and principles of the application are to be included in the scope of the claims of the present application.
Claims (17)
1. A method of identifying device uniqueness, comprising:
generating a new token aiming at the equipment fingerprint after the equipment fingerprint sent by the terminal is determined to be not unique or the equipment fingerprint sent by the terminal is determined to be unique; the device fingerprint is not unique or is the result obtained by comparing the token found by the server with the token sent by the terminal; the token searched by the server is a token determined according to the corresponding relation between the device fingerprint and the token;
replacing the token with the new token, wherein the token has a corresponding relation with the device fingerprint;
Sending the new token to the terminal; the terminal is used for verifying the uniqueness of the device fingerprint by utilizing the new token and the device fingerprint.
2. The method of claim 1, prior to generating a new token for the device fingerprint, further comprising:
receiving the device fingerprint and the token sent by the terminal;
Searching tokens with corresponding relation with the device fingerprints from the generated tokens;
Comparing whether the searched token is consistent with the token sent by the terminal or not to obtain a comparison result;
And if the comparison result shows that the found token is inconsistent with the token sent by the terminal, determining that the equipment fingerprint is not unique.
3. The method of claim 2, wherein the comparing whether the found token is consistent with the token sent by the terminal, after obtaining the comparison result, further comprises:
And if the comparison result shows that the found token is consistent with the token sent by the terminal, determining that the equipment fingerprint is unique.
4. The method of claim 1, prior to generating a new token for the device fingerprint, further comprising:
Receiving the equipment fingerprint sent by the terminal;
Searching tokens with corresponding relation with the device fingerprints from the generated tokens;
if the token with the corresponding relation with the equipment fingerprint is found and the token sent by the terminal is not received, determining that the equipment fingerprint is not unique.
5. The method of claim 4, further comprising, after the looking up the token having the correspondence with the device fingerprint:
if the fact that the token with the corresponding relation with the equipment fingerprint is not generated is determined, determining that the equipment fingerprint is unique;
Generating a token with a corresponding relation with the device fingerprint;
And sending the token with the corresponding relation with the equipment fingerprint to the terminal.
6. The method according to any one of claims 2-5, wherein the receiving the device fingerprint sent by the terminal specifically includes:
Receiving equipment information sent by the terminal to obtain equipment fingerprints of the terminal; or alternatively
Receiving equipment information sent by the terminal;
determining the device fingerprint of the terminal according to a preset fingerprint generation rule and the device information; or alternatively
And determining the device fingerprint of the terminal according to the information of each layer of the network seven-layer protocol stack sent by the terminal.
7. The method according to any one of claims 1-5, wherein the token having a correspondence with the device fingerprint is a randomly generated token in a preset random generation manner; the new token is a token randomly generated by adopting the preset random generation mode.
8. The method of claim 1, after the sending the new token to the terminal, further comprising:
receiving the equipment fingerprint and the new token sent by the terminal;
Searching tokens with corresponding relation with the device fingerprints from the generated tokens;
comparing whether the searched token is consistent with the new token sent by the terminal;
If the found token is inconsistent with the new token sent by the terminal, determining that the equipment fingerprint is not unique;
And if the searched token is consistent with the new token sent by the terminal, determining that the equipment fingerprint is unique.
9. An apparatus for identifying device uniqueness, comprising:
The updating module is used for generating a new token aiming at the equipment fingerprint after the equipment fingerprint sent by the terminal is determined to be not unique or the equipment fingerprint sent by the terminal is determined to be unique; the device fingerprint is not unique or is the result obtained by comparing the token found by the server with the token sent by the terminal; the token searched by the server is a token determined according to the corresponding relation between the device fingerprint and the token;
replacing the token with the new token, wherein the token has a corresponding relation with the device fingerprint;
Sending the new token to the terminal; the terminal is used for verifying the uniqueness of the device fingerprint by utilizing the new token and the device fingerprint.
10. The apparatus of claim 9, further comprising:
the receiving module is used for receiving the equipment fingerprint and the token sent by the terminal;
the searching module is used for searching the tokens with the corresponding relation with the device fingerprint from the generated tokens;
the identification module is used for comparing whether the searched token is consistent with the token sent by the terminal or not to obtain a comparison result; and if the comparison result shows that the found token is inconsistent with the token sent by the terminal, determining that the equipment fingerprint is not unique.
11. The apparatus of claim 10, the identification module further to:
And if the comparison result shows that the found token is consistent with the token sent by the terminal, determining that the equipment fingerprint is unique.
12. The apparatus of claim 9, further comprising:
the receiving module is used for receiving the equipment fingerprint sent by the terminal;
the searching module is used for searching the tokens with the corresponding relation with the device fingerprint from the generated tokens;
And the identification module is used for determining that the equipment fingerprint is not unique if the token with the corresponding relation with the equipment fingerprint is found and the token sent by the terminal is not received.
13. The apparatus of claim 12, further comprising:
the generation module is used for determining that the equipment fingerprint is unique if the token which has the corresponding relation with the equipment fingerprint is not generated;
Generating a token with a corresponding relation with the device fingerprint;
And sending the token with the corresponding relation with the equipment fingerprint to the terminal.
14. The apparatus according to any of claims 10-13, the receiving module being specifically configured to:
Receiving equipment information sent by the terminal to obtain equipment fingerprints of the terminal; or alternatively
Receiving equipment information sent by the terminal;
determining the device fingerprint of the terminal according to a preset fingerprint generation rule and the device information; or alternatively
And determining the device fingerprint of the terminal according to the information of each layer of the network seven-layer protocol stack sent by the terminal.
15. The apparatus of any one of claims 9-13, wherein the token having a correspondence with the device fingerprint is a randomly generated token using a preset random generation manner; the new token is a token randomly generated by adopting the preset random generation mode.
16. The apparatus of claim 9, further comprising:
The receiving module is used for receiving the equipment fingerprint and the new token sent by the terminal;
the searching module is used for searching the tokens with the corresponding relation with the device fingerprint from the generated tokens;
the identification module is used for comparing whether the found token is consistent with the new token sent by the terminal; if the found token is inconsistent with the new token sent by the terminal, determining that the equipment fingerprint is not unique; and if the searched token is consistent with the new token sent by the terminal, determining that the equipment fingerprint is unique.
17. A server, wherein the server comprises: one or more processors and a memory, the memory storing a program and configured to be executed by the one or more processors to:
generating a new token aiming at the equipment fingerprint after the equipment fingerprint sent by the terminal is determined to be not unique or the equipment fingerprint sent by the terminal is determined to be unique; the device fingerprint is not unique or is the result obtained by comparing the token found by the server with the token sent by the terminal; the token searched by the server is a token determined according to the corresponding relation between the device fingerprint and the token;
replacing the token with the new token, wherein the token has a corresponding relation with the device fingerprint;
Sending the new token to the terminal; the terminal is used for verifying the uniqueness of the device fingerprint by utilizing the new token and the device fingerprint.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210362495.7A CN114745133B (en) | 2018-03-27 | 2018-03-27 | Method and device for identifying equipment uniqueness |
Applications Claiming Priority (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210362495.7A CN114745133B (en) | 2018-03-27 | 2018-03-27 | Method and device for identifying equipment uniqueness |
| CN201810258259.4A CN108616361B (en) | 2018-03-27 | 2018-03-27 | Method and device for identifying uniqueness of equipment |
Related Parent Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201810258259.4A Division CN108616361B (en) | 2018-03-27 | 2018-03-27 | Method and device for identifying uniqueness of equipment |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN114745133A CN114745133A (en) | 2022-07-12 |
| CN114745133B true CN114745133B (en) | 2024-09-17 |
Family
ID=63659114
Family Applications (2)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201810258259.4A Active CN108616361B (en) | 2018-03-27 | 2018-03-27 | Method and device for identifying uniqueness of equipment |
| CN202210362495.7A Active CN114745133B (en) | 2018-03-27 | 2018-03-27 | Method and device for identifying equipment uniqueness |
Family Applications Before (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201810258259.4A Active CN108616361B (en) | 2018-03-27 | 2018-03-27 | Method and device for identifying uniqueness of equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (2) | CN108616361B (en) |
Families Citing this family (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111953477B (en) * | 2019-05-15 | 2023-06-23 | 奇安信科技集团股份有限公司 | Terminal equipment, generation method of identification token of terminal equipment and interaction method of client |
| CN111432031B (en) * | 2020-04-17 | 2022-06-03 | 支付宝(杭州)信息技术有限公司 | Internet of things equipment identity information generation method and device and electronic equipment |
| CN113542223A (en) * | 2021-06-16 | 2021-10-22 | 杭州拼便宜网络科技有限公司 | Equipment fingerprint-based crawler-resisting method |
| CN113626787B (en) * | 2021-08-27 | 2024-01-30 | 京东方科技集团股份有限公司 | Equipment fingerprint generation method and related equipment |
| CN114039800A (en) * | 2022-01-10 | 2022-02-11 | 中建电子商务有限责任公司 | Access control method and device based on device fingerprint, server and storage medium |
Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107147644A (en) * | 2017-05-10 | 2017-09-08 | 四川长虹电器股份有限公司 | It is a kind of to realize the method that mobile APP user logs in single equipment |
Family Cites Families (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103391197B (en) * | 2013-07-19 | 2016-06-08 | 武汉大学 | A kind of web identity authentication based on handset token and NFC technique |
| US9660974B2 (en) * | 2014-02-18 | 2017-05-23 | Secureauth Corporation | Fingerprint based authentication for single sign on |
| CN104917727B (en) * | 2014-03-12 | 2019-03-01 | 中国移动通信集团福建有限公司 | A kind of method, system and device of account's authentication |
| US9529986B2 (en) * | 2014-10-08 | 2016-12-27 | International Business Machines Corporation | Utilizing multiple computing devices to verify identity |
| CN106161032B (en) * | 2015-04-24 | 2019-03-19 | 华为技术有限公司 | A kind of identity authentication method and device |
| CN106603234A (en) * | 2015-10-14 | 2017-04-26 | 阿里巴巴集团控股有限公司 | Method, device and system for device identity authentication |
| CN105592083B (en) * | 2015-12-18 | 2020-06-12 | 北京奇虎科技有限公司 | Method and device for terminal to access server by using token |
| CN106899410B (en) * | 2016-09-13 | 2019-06-25 | 中国移动通信有限公司研究院 | A kind of method and device of equipment identities certification |
-
2018
- 2018-03-27 CN CN201810258259.4A patent/CN108616361B/en active Active
- 2018-03-27 CN CN202210362495.7A patent/CN114745133B/en active Active
Patent Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107147644A (en) * | 2017-05-10 | 2017-09-08 | 四川长虹电器股份有限公司 | It is a kind of to realize the method that mobile APP user logs in single equipment |
Also Published As
| Publication number | Publication date |
|---|---|
| CN108616361A (en) | 2018-10-02 |
| CN108616361B (en) | 2022-04-08 |
| CN114745133A (en) | 2022-07-12 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN114745133B (en) | Method and device for identifying equipment uniqueness | |
| CN109614823B (en) | Data processing method, device and equipment | |
| CN113297396B (en) | Method, device and equipment for updating model parameters based on federal learning | |
| CN108959341B (en) | Data synchronization method, device and equipment | |
| CN111859470B (en) | Business data chaining method and device | |
| CN106899666B (en) | Data processing method and device for service identification | |
| CN115935428A (en) | Information desensitization method, device and system | |
| CN114327759B (en) | Method and device for processing block chain data | |
| CN110781192B (en) | Verification method, device and equipment of block chain data | |
| CN112491885B (en) | Electronic certificate transmission method, device and equipment | |
| CN111753270B (en) | Application program login verification method, device, equipment and storage medium | |
| CN111651467B (en) | Block chain node interface issuing and calling method and device | |
| CN110995521A (en) | Service providing method, device, equipment and system | |
| CN113626524B (en) | Data processing method and device, data checking system | |
| CN111324778B (en) | Data and service processing method and device and electronic equipment | |
| CN113497805B (en) | Registration processing method, device, equipment and system | |
| CN111258873B (en) | Test method and device | |
| HK1261026A1 (en) | Method and device for identifying uniqueness of equipment | |
| HK1261026B (en) | Method and device for identifying uniqueness of equipment | |
| CN120128364A (en) | SQL injection detection testing method and device | |
| CN116226902A (en) | Data query method and device, storage medium and electronic equipment | |
| CN116151825A (en) | Risk identification method, device and equipment for intelligent contract | |
| HK40047900B (en) | Electronic certificate transmission method, apparatus and device | |
| HK40056988A (en) | Federal learning-based model parameter updating method, device and equipment | |
| CN118259954A (en) | Application configuration information acquisition method, device, equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |