CN115333855A - Authentication method, system and terminal equipment - Google Patents
Authentication method, system and terminal equipment Download PDFInfo
- Publication number
- CN115333855A CN115333855A CN202211121577.9A CN202211121577A CN115333855A CN 115333855 A CN115333855 A CN 115333855A CN 202211121577 A CN202211121577 A CN 202211121577A CN 115333855 A CN115333855 A CN 115333855A
- Authority
- CN
- China
- Prior art keywords
- domain name
- authentication
- information
- name system
- region
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/08—Configuration management of networks or network elements
- H04L41/0803—Configuration setting
- H04L41/0813—Configuration setting characterised by the conditions triggering a change of settings
- H04L41/0816—Configuration setting characterised by the conditions triggering a change of settings the condition being an adaptation, e.g. in response to network events
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer And Data Communications (AREA)
Abstract
The application relates to an authentication method, an authentication system and terminal equipment. The method comprises the following steps: the terminal equipment sends a first authentication request and monitors an authentication result of the first authentication request; if the authentication result of the first authentication request is detected to be authentication failure, acquiring domain name system information matched with the region where the terminal equipment is located from domain name system information which is preset for different regions respectively; according to the domain name system information, modifying the domain name system configuration information of the terminal equipment; and triggering and sending a second authentication request according to the modified domain name system configuration information, and starting to normally provide service after the authentication is successful. The method can solve the problem of authentication failure.
Description
Technical Field
The present application relates to the field of computer technologies, and in particular, to an authentication method, an authentication system, and a terminal device.
Background
With the development of science and technology, various terminal devices are more and more popular, and some terminal devices need to be authenticated after being started to determine whether the terminal devices have the authority, and can be normally used after the authentication is successful, for example: after the internet television is started, the internet television needs to be connected with an authentication server of an internet television license plate maker for authentication, and the internet television can be normally used after the authentication is successful.
However, in some cases, the problem of unsuccessful connection of the terminal device to the authentication server is likely to occur, such as: in some remote areas, the authentication service cannot be completely covered, which easily causes the failure of the terminal device to connect the authentication server, thereby failing to authenticate and failing to normally use the terminal device.
Disclosure of Invention
In view of the above, it is necessary to provide an authentication method, system, terminal device, computer-readable storage medium and computer program product capable of solving the problem of authentication failure.
In a first aspect, the present application provides an authentication method. The method comprises the following steps:
the terminal equipment sends a first authentication request and monitors an authentication result of the first authentication request;
if the authentication result of the first authentication request is detected to be authentication failure, acquiring domain name system information matched with the region where the terminal equipment is located from domain name system information which is preset aiming at different regions respectively;
according to the domain name system information, modifying the domain name system configuration information of the terminal equipment;
and triggering and sending a second authentication request according to the modified domain name system configuration information, and starting to normally provide service after the authentication is successful.
In a second aspect, the application further provides an authentication system. The system comprises: a terminal device; wherein:
the terminal equipment is used for sending a first authentication request and monitoring an authentication result of the first authentication request; if the authentication result of the first authentication request is detected to be authentication failure, acquiring domain name system information matched with the region where the terminal equipment is located from domain name system information which is preset aiming at different regions respectively; according to the domain name system information, modifying the domain name system configuration information of the terminal equipment; and triggering and sending a second authentication request according to the modified domain name system configuration information, and starting to normally provide service after the authentication is successful.
In one embodiment, the system further comprises: a domain name scheme server; wherein:
the terminal device is further configured to, if it is monitored that the authentication result of the first authentication request is authentication failure, acquire region-related information of a region where the terminal device is located, generate a domain name system information acquisition request based on the region-related information, and send the domain name system information acquisition request to the domain name scheme server;
the domain name scheme server is used for responding to the domain name system information acquisition request, matching corresponding target region related information from a preset domain name scheme according to the region related information in the domain name system information acquisition request; the preset domain name scheme correspondingly stores region related information and domain name system information; and determining domain name system information which is correspondingly stored with the relevant information of the target area from the preset domain name scheme, and sending the domain name system information to the terminal equipment.
In one embodiment, the region-related information includes region information; the target area related information comprises target area information; the domain name scheme server is also used for responding to the domain name system information acquisition request, and determining the region information of the region where the terminal equipment is located according to the domain name system information acquisition request; and matching corresponding target region information from a preset domain name scheme according to the region information.
In one embodiment, the domain name scheme server is further configured to determine, according to the region information, upper-level region information corresponding to the region information from a preset domain name scheme as target region information.
In one embodiment, the domain name scheme server is further configured to determine, according to the region information, region information of a region adjacent to the region information from a preset domain name scheme as target region information.
In one embodiment, the regional-related information includes a public network IP address; the relevant information of the target area comprises a target public network IP address; the domain name scheme server is also used for responding to the domain name system information acquisition request, and determining a public network IP address connected with the terminal equipment according to the domain name system information acquisition request; and performing similarity matching on the public network IP address and the IP address in the preset domain name scheme to determine a target public network IP address.
In one embodiment, the system further comprises: a virtual private network server; wherein:
the terminal equipment is also used for monitoring an authentication result responding to the sent second authentication request; if the authentication result of the second authentication request is the authentication failure, sending a connection request to a virtual private network server;
the virtual private network server is used for establishing private network connection between the terminal equipment and the authentication server;
the terminal device is further configured to send a third authentication request to the authentication server through the private network connection.
In one embodiment, the virtual private network server is arranged in a region with the lowest authentication failure rate.
In a third aspect, the present application further provides a terminal device. The computer device comprises a memory and a processor, wherein the memory stores a computer program, and the computer program, when executed by the processor, causes the processor to execute the steps of the authentication method according to the embodiments of the present application.
In a fourth aspect, the present application further provides a computer-readable storage medium. The computer readable storage medium has a computer program stored thereon, which, when executed by a processor, causes the processor to perform the steps of the authentication method according to the embodiments of the present application.
In a fifth aspect, the present application further provides a computer program product. The computer program product comprises a computer program, which, when executed by a processor, causes the processor to perform the steps of the authentication method according to the embodiments of the present application.
According to the authentication method, the authentication system, the terminal device, the storage medium and the computer program product, the terminal device sends the first authentication request and monitors the authentication result of the first authentication request, if the authentication result of the first authentication request is the authentication failure, domain name system information matched with the region where the terminal device is located is obtained from domain name system information which is set aiming at different regions in advance, the domain name system configuration information of the terminal device is modified according to the domain name system information, the sending of the second authentication request is triggered according to the modified domain name system configuration information, and the normal service providing is started after the authentication is successful. The domain name system information matched with the region where the terminal equipment is located can be automatically acquired when authentication fails, and the resending of the authentication request is triggered according to the matched more proper domain name system information, so that the problem of authentication failure is solved.
Drawings
FIG. 1 is a diagram of an application environment of an authentication method in one embodiment;
FIG. 2 is a diagram of an application environment of an authentication method in another embodiment;
FIG. 3 is a flow diagram illustrating an authentication method in one embodiment;
FIG. 4 is a schematic overall flow chart of the authentication method in one embodiment;
FIG. 5 is an architecture diagram of an authentication system in one embodiment;
FIG. 6 is an architecture diagram of an authentication system in another embodiment;
FIG. 7 is an architecture diagram of an authentication system in other embodiments;
fig. 8 is an internal configuration diagram of a terminal device in one embodiment.
Detailed Description
In order to make the objects, technical solutions and advantages of the present application more apparent, the present application is described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the present application and are not intended to limit the present application.
In an embodiment, the authentication method provided in the embodiment of the present application may be applied to an application environment as shown in fig. 1. Therein, the terminal device 102 communicates with a first domain name system server 104, a second domain name system server 106, an authentication server 108 and a domain name scheme server 110 over a network. After the terminal device 102 is started, the terminal device 102 may communicate with the first domain name system server 104 corresponding to the preset domain name system configuration information according to the domain name system configuration information to obtain an IP address of the authentication server, then send a first authentication request to the authentication server 108 according to the IP address of the authentication server, and monitor an authentication result of the first authentication request. If it is detected that the authentication result of the first authentication request is authentication failure, the terminal device 102 may obtain domain name system information matched with the region where the terminal device is located from domain name system information of the domain name scheme server 110, which is set in advance for different regions, respectively. The terminal device 102 may modify the domain name system configuration information of the terminal device according to the domain name system information, then communicate with the second domain name system server 106 corresponding to the modified domain name system configuration information according to the modified domain name system configuration information to obtain the IP address of the authentication server, then trigger to send a second authentication request to the authentication server 108, and start to provide services normally after the authentication is successful. The terminal device 102 may be, but not limited to, various personal computers, notebook computers, smart phones, tablet computers, internet of things devices, and portable wearable devices, and the internet of things devices may be smart projectors, smart speakers, smart televisions, smart air conditioners, smart car-mounted devices, and the like. The portable wearable device can be a smart watch, a smart bracelet, a head-mounted device, and the like. The first domain name system server 104, the second domain name system server 106, the authentication server 108, and the domain name scheme server 110 may be implemented as separate servers or as a server cluster composed of a plurality of servers.
In another embodiment, the authentication method provided in the embodiment of the present application may be applied to an application environment as shown in fig. 2. The terminal device 102 communicates with the first domain name system server 104, the second domain name system server 106, the authentication server 108, the domain name scheme server 110, and the virtual private network server 112 via a network, and the authentication server 108 communicates with the virtual private network server 112 via the network. After triggering the sending of the second authentication request, the terminal device 102 may monitor an authentication result in response to the sent second authentication request, and if it is monitored that the authentication result of the second authentication request is authentication failure, the terminal device 102 sends a connection request to the virtual private network server 112, so that the virtual private network server 112 establishes a private network connection between the terminal device and the authentication server, and the terminal device 102 may send a third authentication request to the authentication server 108 through the private network connection. The virtual private network server 112 may be implemented by a separate server or a server cluster composed of a plurality of servers. In other embodiments, the domain name scheme server 110 and the virtual private network server 112 may be implemented by the same server.
In an embodiment, as shown in fig. 3, an authentication method is provided, which is described by taking the method as an example applied to the terminal device 102 in fig. 1, and includes the following steps:
step 302, the terminal device sends the first authentication request and monitors an authentication result of the first authentication request.
The authentication request is a request sent by the terminal device for identifying whether the terminal device has the authority to provide the service. The authentication result is an authentication result obtained in response to the authentication request.
In one embodiment, the terminal device may be an internet television (i.e., a smart television), or any one of other internet of things devices, a personal computer, a notebook computer, a smart projector, a smart phone, a tablet computer, or a portable wearable device.
Specifically, after the terminal device is started, the terminal device may send a first authentication request to the authentication server, and if the authentication server receives the first authentication request, the authentication server may perform authentication processing and return an authentication result to the terminal device, and the terminal device may monitor the authentication result.
In one embodiment, an authentication monitoring service may be provided in the terminal device to monitor the authentication result through the authentication monitoring service.
In an embodiment, the authentication request may include a Media Access Control Address (MAC Address) of the terminal device, and the authentication server may perform authentication processing based on the MAC Address in the authentication request. The MAC address is an address for identifying the location of the network device.
In one embodiment, the authentication result may include authentication success and authentication failure. Wherein, the authentication is successful, which indicates that the terminal device can start to provide the service normally. And the authentication fails, which indicates that the terminal equipment cannot be connected to the authentication server.
In one embodiment, the terminal device may determine a corresponding first domain name system server according to domain name system configuration information preset in the terminal device, and acquire the IP address of the authentication server from the first domain name system server. The terminal device may send a first authentication request to the authentication server according to the IP address of the authentication server.
In one embodiment, the first domain name system server may determine the IP address of the authentication server according to the domain name of the authentication server sent by the terminal device.
The configuration information of the domain name system refers to domain name system information configured in the terminal device. The domain name system information is information for specifying a domain name system server. The first domain name system server is a server corresponding to domain name system configuration information preset in the terminal equipment and used for providing domain name system service. The Domain Name System (DNS) is a service of the internet and is used for recording the mapping relationship between Domain names and IP addresses.
In one embodiment, the domain name system information may be an IP address of a domain name system server.
Step 304, if it is monitored that the authentication result of the first authentication request is authentication failure, acquiring domain name system information matched with the region where the terminal device is located from domain name system information which is respectively set aiming at different regions in advance.
In one embodiment, domain name system information respectively set for different regions may be stored in the domain name scheme server in advance. Specifically, the domain name system information of different regions may be collected and summarized, and then the summarized domain name system information set in different regions respectively is stored in the domain name scheme server.
In an embodiment, if it is monitored that the authentication result is authentication failure, the terminal device may obtain domain name system information matched with the region where the terminal device is located from domain name system information stored in the domain name scheme server and respectively set for different regions in advance.
In an embodiment, if it is monitored that the authentication result is authentication failure, the terminal device may send a domain name system information acquisition request to the domain name scheme server, and the domain name scheme server may determine, in response to the domain name system information acquisition request, domain name system information matching an area where the terminal device is located from domain name system information set for different areas in advance, and send the domain name system information to the terminal device.
In one embodiment, if it is monitored that the authentication result is authentication failure, the terminal device may obtain region-related information of a region where the terminal device is located, generate a domain name system information acquisition request based on the region-related information, and send the domain name system information acquisition request to the domain name scheme server. The domain name scheme server can respond to the domain name system information acquisition request, determine domain name system information matched with the region where the terminal equipment is located from domain name system information which is preset aiming at different regions respectively according to region related information in the domain name system information acquisition request, and send the domain name system information to the terminal equipment.
Step 306, according to the domain name system information, modifying the domain name system configuration information of the terminal device.
Specifically, the terminal device may replace the domain name system information in the preset domain name system configuration information with the matched domain name system information.
And 308, triggering and sending a second authentication request according to the modified domain name system configuration information, and starting to provide services normally after the authentication is successful.
In an embodiment, the terminal device may determine a corresponding second domain name system server according to the modified domain name system configuration information, and obtain the IP address of the authentication server from the second domain name system server. The terminal device may trigger sending a second authentication request to the authentication server according to the IP address of the authentication server, and start providing services normally after the authentication is successful.
In one embodiment, the second domain name system server may determine the IP address of the authentication server according to the domain name of the authentication server sent by the terminal device.
According to the authentication method, the terminal device sends the first authentication request, monitors the authentication result of the first authentication request, acquires domain name system information matched with the region where the terminal device is located from domain name system information which is set aiming at different regions in advance if the authentication result of the first authentication request is monitored to be authentication failure, modifies the domain name system configuration information of the terminal device according to the domain name system information, triggers and sends the second authentication request according to the modified domain name system configuration information, and starts to provide services normally after the authentication is successful. The domain name system information matched with the region where the terminal equipment is located can be automatically acquired when authentication fails, and the resending of the authentication request is triggered according to the matched more proper domain name system information, so that the problem of authentication failure is solved, and the success rate of authentication is improved. In addition, compared with the mode that the user needs to manually modify the domain name system configuration information under the guidance of the customer service system when the authentication fails, the method can quickly and automatically match the proper domain name system information and automatically modify the domain name system configuration information, and improves the efficiency of solving the authentication failure problem.
In one embodiment, if it is monitored that the authentication result of the first authentication request is authentication failure, acquiring domain name system information matched with the region where the terminal device is located from domain name system information respectively set in advance for different regions includes: if the authentication result of the first authentication request is judged to be authentication failure, acquiring region-related information of a region where the terminal equipment is located, generating a domain name system information acquisition request based on the region-related information, and sending the domain name system information acquisition request to a domain name scheme server; responding to a domain name system information acquisition request by a domain name scheme server, acquiring area related information in the request according to the domain name system information, and matching corresponding target area related information from a preset domain name scheme; the method comprises the steps that region related information and domain name system information are correspondingly stored in a preset domain name scheme; and determining domain name system information which is stored corresponding to the relevant information of the target area from a preset domain name scheme, and sending the domain name system information to the terminal equipment.
The region-related information is information related to a region. The target region related information refers to region related information matched from a preset domain name scheme.
Specifically, if it is monitored that the authentication result of the first authentication request is authentication failure, the terminal device may obtain region-related information of a region where the terminal device is located, generate a domain name system information obtaining request based on the region-related information, and send the domain name system information obtaining request to the domain name scheme server. The domain name scheme server can respond to the domain name system information acquisition request, match corresponding target region related information from a preset domain name scheme according to region related information in the domain name system information acquisition request, then determine domain name system information stored corresponding to the target region related information from the preset domain name scheme, and send the domain name system information to the terminal equipment.
In one embodiment, the regional related information may include at least one of regional information and public network IP addresses, and the like. The region information is information of a region where the terminal device is located. The public network IP address is an IP address of a public network to which the terminal device is connected.
In one embodiment, the preset domain name scheme may be stored in the domain name scheme server in advance.
In one embodiment, the matched target region related information may be the same as or similar to the region related information of the region where the terminal device is located.
In one embodiment, the domain name scheme server may perform similarity matching between the region-related information of the region where the terminal device is located and the region-related information in the preset domain name scheme, and determine the matched target region-related information.
In the above embodiment, if it is monitored that the authentication result of the first authentication request is authentication failure, the terminal device sends a domain name system information acquisition request to the domain name scheme server, and the domain name scheme server responds to the domain name system information acquisition request, matches corresponding target region related information from a preset domain name scheme according to region related information of a region where the terminal device is located, then determines domain name system information stored corresponding to the target region related information from the preset domain name scheme, and sends the domain name system information to the terminal device, so that more appropriate domain name system information can be matched to trigger resending of the authentication request, the problem of authentication failure is solved, and the authentication success rate is improved.
In one embodiment, the locale-related information includes locale information; the target area related information includes target area information; the domain name scheme server responds to the domain name system information acquisition request, and according to the region related information in the domain name system information acquisition request, the matching of the corresponding target region related information in the preset domain name scheme comprises the following steps: the domain name scheme server responds to the domain name system information acquisition request, and determines the region information of the region where the terminal equipment is located according to the domain name system information acquisition request; and matching corresponding target region information from a preset domain name scheme according to the region information.
In one embodiment, the region information may be an administrative division to which the region where the terminal device is located belongs, such as: city, district, or county, etc. In another embodiment, the region information may be location information of a region where the terminal device is located, such as: latitude and longitude, and the like.
In one embodiment, when the region information is administrative divisions, the domain name scheme server may match the administrative divisions of the region where the terminal device is located with administrative divisions in a preset domain name scheme according to relationships between the administrative divisions, to obtain corresponding target administrative divisions.
In an embodiment, in a case that the region information is location information, the domain name scheme server may perform similarity matching between the location information of the region where the terminal device is located and the location information in the preset domain name scheme, to obtain corresponding target location information.
In the embodiment, the domain name scheme server responds to the domain name system information acquisition request, determines the region information of the region where the terminal device is located according to the domain name system information acquisition request, and matches the corresponding target region information from the preset domain name scheme according to the region information, so that more appropriate domain name system information can be matched according to the region information to trigger resending of the authentication request, the problem of authentication failure is solved, and the authentication success rate is improved.
In one embodiment, matching the corresponding target zone information from the preset domain name scheme according to the zone information includes: and determining the upper-level region information corresponding to the region information from a preset domain name scheme as target region information according to the region information.
In one embodiment, in the case where the region information is an administrative division, the domain name scheme server may determine, as the target region information, an upper-level administrative division corresponding to the administrative division from among preset domain name schemes.
Such as: if the area information of the area where the terminal device is located is the area a, the upper-level area information can be matched from the preset domain name scheme to be the city B, and the city B is used as the target area information. Wherein the A region is a region belonging to B city.
In the above embodiment, the domain name scheme server may determine, according to the region information, the upper-level region information corresponding to the region information from the preset domain name scheme as the target region information, so that the upper-level region information can be accurately matched according to the region information, and the appropriate domain name system information is obtained to trigger resending of the authentication request, thereby solving the problem of authentication failure and improving the success rate of authentication.
In one embodiment, matching the corresponding target zone information from the preset domain name scheme according to the zone information includes: and determining the region information of the adjacent region of the region information from a preset domain name scheme according to the region information, wherein the region information is used as the target region information.
In one embodiment, in the case where the region information is an administrative division, the domain name scheme server may determine an administrative division adjacent to the administrative division from a preset domain name scheme as the target region information.
Such as: if the region information of the region where the terminal device is located is C county, D county adjacent to C county may be matched from the preset domain name scheme as the target region information.
In the above embodiment, the domain name scheme server may determine, according to the region information, region information adjacent to the region information from the preset domain name scheme as target region information, so that the adjacent region information can be accurately matched according to the region information, and appropriate domain name system information is obtained to trigger resending of the authentication request, thereby solving the problem of authentication failure and improving the success rate of authentication.
In one embodiment, the regional-related information includes a public network IP address; the relevant information of the target area comprises a target public network IP address; the domain name scheme server responds to the domain name system information acquisition request, and according to the region related information in the domain name system information acquisition request, matching corresponding target region related information in a preset domain name scheme comprises the following steps: the domain name scheme server responds to the domain name system information acquisition request, and determines a public network IP address connected with the terminal equipment according to the domain name system information acquisition request; and performing similarity matching on the public network IP address and the IP address in the preset domain name scheme to determine the target public network IP address.
In one embodiment, the domain name system information acquisition request may include a public network IP address of the terminal device, and the domain name scheme server may determine the public network IP address to which the terminal device is connected according to the domain name system information acquisition request.
In one embodiment, the domain name scheme server may perform similarity matching between the public network IP address connected to the terminal device and an IP address in a preset domain name scheme, and determine an IP address with the highest similarity as the target public network IP address.
In one embodiment, the domain name scheme server may determine the region information of the region where the terminal device is located according to the public network IP address, and then match corresponding target region information from the preset domain name scheme according to the region information.
In the above embodiment, the domain name scheme server determines the public network IP address connected to the terminal device in response to the domain name system information acquisition request, performs similarity matching between the public network IP address and the IP address in the preset domain name scheme, and determines the target public network IP address, so that the domain name system information that is more appropriate is matched with the public network IP address to trigger resending of the authentication request, thereby solving the problem of authentication failure and improving the success rate of authentication.
In one embodiment, after triggering sending of the second authentication request according to the modified domain name system configuration information, the method further comprises: the terminal equipment monitors an authentication result responding to the sent second authentication request; if the authentication result of the second authentication request is the authentication failure, sending a connection request to the virtual private network server so that the virtual private network server establishes private network connection between the terminal equipment and the authentication server; a third authentication request is sent to the authentication server over the private network connection.
The Virtual Private Network server is a server that provides a Virtual Private Network (VPN) service.
Specifically, after triggering and sending the second authentication request according to the modified domain name system configuration information, the terminal device may monitor an authentication result in response to the sent second authentication request, and if the authentication result of the second authentication request is authentication failure, the terminal device may send a connection request to the virtual private network server. The virtual private network server may establish a private network connection between the terminal device and the authentication server in response to the connection request. The terminal equipment can send a third authentication request to the authentication server through the private network connection, and starts to provide services normally after the authentication is successful.
In one embodiment, the virtual private network server may be located in a region where the authentication failure rate is low. In one embodiment, the authentication failure rate is lower when the authentication failure rate is less than the predetermined threshold.
In one embodiment, the virtual private network server and the domain name scheme server may be the same server. In another embodiment, the virtual private network server and the domain name scheme server may be different servers.
In one embodiment, after sending the third authentication request to the authentication server through the private network connection, the terminal device may monitor an authentication result of the third authentication request, and if the authentication result of the third authentication request is still an authentication failure, the terminal device may display a prompt message to prompt the user to contact the customer service to solve the authentication failure problem.
In the above embodiment, if it is monitored that the authentication result of the second authentication request is authentication failure again, the terminal device may send a connection request to the virtual private network server, so that the virtual private network server establishes a private network connection between the terminal device and the authentication server, and sends a third authentication request to the authentication server through the private network connection, so that, under the condition that authentication still fails by modifying domain name system configuration information for re-authentication, the authentication request may be sent through the virtual private network to re-authenticate, thereby further solving the problem of authentication failure and improving the success rate of authentication.
In one embodiment, the virtual private network server is located in a region with the lowest authentication failure rate.
In the above embodiment, the authentication results of the terminal devices in different regions may be counted to obtain a region with the lowest authentication failure rate, and the virtual private network server is disposed in the region with the lowest authentication failure rate, so that it is ensured that the private network connection is successfully established between the terminal device and the authentication server through the virtual private network server as much as possible, and the authentication success rate is further improved.
Fig. 4 is a schematic overall flow chart of the authentication method in the embodiments of the present application. The terminal equipment sends the first authentication request, monitors the authentication result of the first authentication request, and starts to provide service normally if the authentication result of the first authentication request is successful. If the authentication result of the first authentication request is authentication failure, the terminal device sends a domain name system information acquisition request to a domain name scheme server, the domain name scheme server determines domain name system information matched with the region where the terminal device is located from domain name system information which is preset for different regions respectively and sends the domain name system information to the terminal device, the terminal device modifies the domain name system configuration information of the terminal device according to the domain name system information, triggers and sends a second authentication request according to the modified domain name system configuration information, and monitors the authentication result of the sent second authentication request. And if the authentication result of the second authentication request is authentication success, starting to provide service normally. If the authentication result of the second authentication request is authentication failure, the terminal device sends a connection request to the virtual private network server, the virtual private network server establishes private network connection between the terminal device and the authentication server, the terminal device sends a third authentication request through the private network connection, and monitors the authentication result of the third authentication request. And if the authentication result of the third authentication request is successful, starting to provide the service normally. And if the authentication result of the third authentication request is authentication failure, the terminal equipment displays the prompt information.
It should be understood that, although the steps in the flowcharts related to the embodiments are shown in sequence as indicated by the arrows, the steps are not necessarily executed in sequence as indicated by the arrows. The steps are not performed in the exact order shown and described, and may be performed in other orders, unless explicitly stated otherwise. Moreover, at least a part of the steps in the flowcharts related to the above embodiments may include multiple steps or multiple stages, which are not necessarily performed at the same time, but may be performed at different times, and the order of performing the steps or stages is not necessarily sequential, but may be performed alternately or alternately with other steps or at least a part of the steps or stages in other steps.
Based on the same inventive concept, the embodiment of the present application further provides an authentication system for implementing the above-mentioned authentication method. The implementation scheme for solving the problem provided by the device is similar to the implementation scheme recorded in the method, so the specific limitations in one or more embodiments of the authentication system provided below can refer to the limitations on the authentication method in the above, and are not described herein again.
In one embodiment, as shown in fig. 5, there is provided an authentication system 500 comprising: terminal device 502, wherein:
the terminal equipment is used for sending the first authentication request and monitoring the authentication result of the first authentication request; if the authentication result of the first authentication request is detected to be authentication failure, acquiring domain name system information matched with the region where the terminal equipment is located from domain name system information which is preset aiming at different regions respectively; modifying domain name system configuration information of the terminal equipment according to the domain name system information; and triggering and sending a second authentication request according to the modified domain name system configuration information, and starting to normally provide service after the authentication is successful.
In one embodiment, as shown in fig. 6, the system further comprises: a domain name scheme server 504; wherein:
the terminal device 502 is further configured to, if it is monitored that the authentication result of the first authentication request is authentication failure, obtain region-related information of a region where the terminal device is located, generate a domain name system information obtaining request based on the region-related information, and send the domain name system information obtaining request to the domain name scheme server. The domain name scheme server 504 is configured to respond to the domain name system information acquisition request, match corresponding target region-related information from a preset domain name scheme according to region-related information in the domain name system information acquisition request; the preset domain name scheme correspondingly stores region related information and domain name system information; and determining domain name system information which is stored corresponding to the relevant information of the target area from a preset domain name scheme, and sending the domain name system information to the terminal equipment.
In one embodiment, the locale-related information includes locale information; the target zone related information includes target zone information. The domain name scheme server 504 is further configured to respond to the domain name system information acquisition request, and determine region information of a region where the terminal device is located according to the domain name system information acquisition request; and matching corresponding target region information from a preset domain name scheme according to the region information.
In one embodiment, the domain name scheme server 504 is further configured to determine, according to the region information, upper-level region information corresponding to the region information from a preset domain name scheme as the target region information.
In one embodiment, the domain name scheme server 504 is further configured to determine region information of a region adjacent to the region information from a preset domain name scheme as the target region information according to the region information.
In one embodiment, the locale-related information includes a public network IP address; the target area related information includes a target public network IP address. The domain name scheme server 504 is further configured to determine, in response to the domain name system information acquisition request, a public network IP address to which the terminal device is connected, according to the domain name system information acquisition request; and performing similarity matching on the public network IP address and the IP address in the preset domain name scheme to determine the target public network IP address.
In one embodiment, as shown in fig. 7, the system further comprises: virtual private network server 506, wherein:
In one embodiment, the virtual private network server is located in a region with the lowest authentication failure rate.
In the authentication system, the terminal device sends the first authentication request and monitors the authentication result of the first authentication request, if the authentication result of the first authentication request is monitored to be authentication failure, domain name system information matched with the region where the terminal device is located is obtained from domain name system information which is respectively preset aiming at different regions, the domain name system configuration information of the terminal device is modified according to the domain name system information, the second authentication request is triggered and sent according to the modified domain name system configuration information, and the normal service is provided after the authentication is successful. The domain name system information matched with the region where the terminal equipment is located can be automatically acquired when authentication fails, and the resending of the authentication request is triggered according to the matched more proper domain name system information, so that the problem of authentication failure is solved, and the success rate of authentication is improved. In addition, compared with the mode that the user needs to manually modify the domain name system configuration information under the guidance of the customer service system when the authentication fails, the method can quickly and automatically match the proper domain name system information and automatically modify the domain name system configuration information, and improves the efficiency of solving the authentication failure problem.
In one embodiment, a terminal device is provided, the internal structure of which may be as shown in fig. 8. The terminal device includes a processor, a memory, a communication interface, and a display screen connected by a system bus. Wherein the processor of the terminal device is configured to provide computing and control capabilities. The memory of the terminal equipment comprises a nonvolatile storage medium and an internal memory. The non-volatile storage medium stores an operating system and a computer program. The internal memory provides an environment for the operating system and the computer program to run on the non-volatile storage medium. The communication interface of the terminal device is used for carrying out wired or wireless communication with an external terminal, and the wireless communication can be realized through WIFI, a mobile cellular network, NFC (near field communication) or other technologies. The computer program is executed by a processor to implement an authentication method. The display screen of the terminal equipment can be a liquid crystal display screen or an electronic ink display screen.
Those skilled in the art will appreciate that the architecture shown in fig. 8 is merely a block diagram of some of the structures associated with the disclosed aspects and is not intended to limit the computing devices to which the disclosed aspects apply, as particular computing devices may include more or less components than those shown, or may combine certain components, or have a different arrangement of components.
In one embodiment, a computer device is provided, comprising a memory and a processor, the memory having stored therein a computer program, the processor implementing the steps of the above-described method embodiments when executing the computer program.
In an embodiment, a computer-readable storage medium is provided, on which a computer program is stored which, when being executed by a processor, carries out the steps of the above-mentioned method embodiments.
In an embodiment, a computer program product is provided, comprising a computer program which, when executed by a processor, carries out the steps in the method embodiments described above.
It should be noted that the user information (including but not limited to user device information, user personal information, etc.) and data (including but not limited to data for analysis, stored data, displayed data, etc.) referred to in the present application are information and data authorized by the user or sufficiently authorized by each party.
It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above can be implemented by hardware instructions of a computer program, which can be stored in a non-volatile computer-readable storage medium, and when executed, can include the processes of the embodiments of the methods described above. Any reference to memory, database, or other medium used in the embodiments provided herein may include at least one of non-volatile and volatile memory. The nonvolatile Memory may include Read-Only Memory (ROM), magnetic tape, floppy disk, flash Memory, optical Memory, high-density embedded nonvolatile Memory, resistive Random Access Memory (ReRAM), magnetic Random Access Memory (MRAM), ferroelectric Random Access Memory (FRAM), phase Change Memory (PCM), graphene Memory, and the like. Volatile Memory can include Random Access Memory (RAM), external cache Memory, and the like. By way of illustration and not limitation, RAM can take many forms, such as Static Random Access Memory (SRAM) or Dynamic Random Access Memory (DRAM), for example. The databases referred to in various embodiments provided herein may include at least one of relational and non-relational databases. The non-relational database may include, but is not limited to, a block chain based distributed database, and the like. The processors referred to in the embodiments provided herein may be general purpose processors, central processing units, graphics processors, digital signal processors, programmable logic devices, quantum computing based data processing logic devices, etc., without limitation.
All possible combinations of the technical features in the above embodiments may not be described for the sake of brevity, but should be considered as being within the scope of the present disclosure as long as there is no contradiction between the combinations of the technical features.
The above-mentioned embodiments only express several embodiments of the present application, and the description thereof is more specific and detailed, but not construed as limiting the scope of the present application. It should be noted that, for a person skilled in the art, several variations and modifications can be made without departing from the concept of the present application, and these are all within the scope of protection of the present application. Therefore, the protection scope of the present application shall be subject to the appended claims.
Claims (10)
1. An authentication method, characterized in that the method comprises:
the terminal equipment sends a first authentication request and monitors an authentication result of the first authentication request;
if the authentication result of the first authentication request is detected to be authentication failure, acquiring domain name system information matched with the region where the terminal equipment is located from domain name system information which is preset aiming at different regions respectively;
according to the domain name system information, modifying the domain name system configuration information of the terminal equipment;
and triggering and sending a second authentication request according to the modified domain name system configuration information, and starting to normally provide service after the authentication is successful.
2. The method according to claim 1, wherein if it is monitored that the authentication result of the first authentication request is authentication failure, acquiring domain name system information matched with the region where the terminal device is located from domain name system information respectively set in advance for different regions comprises:
if the authentication result of the first authentication request is authentication failure, acquiring region related information of a region where the terminal equipment is located, generating a domain name system information acquisition request based on the region related information, and sending the domain name system information acquisition request to a domain name scheme server;
the domain name scheme server responds to the domain name system information acquisition request, and matches corresponding target region related information from a preset domain name scheme according to the region related information in the domain name system information acquisition request; the preset domain name scheme correspondingly stores region related information and domain name system information;
and determining domain name system information which is correspondingly stored with the relevant information of the target area from the preset domain name scheme, and sending the domain name system information to the terminal equipment.
3. The method of claim 2, wherein the regional-related information comprises regional information; the target area related information comprises target area information;
the domain name scheme server responds to the domain name system information acquisition request, and according to the region related information in the domain name system information acquisition request, matching corresponding target region related information in a preset domain name scheme comprises the following steps:
the domain name scheme server responds to the domain name system information acquisition request, and determines the region information of the region where the terminal equipment is located according to the domain name system information acquisition request;
and matching corresponding target region information from a preset domain name scheme according to the region information.
4. The method according to claim 3, wherein the matching the corresponding target zone information from the preset domain name scheme according to the zone information comprises:
according to the region information, determining upper-level region information corresponding to the region information from a preset domain name scheme as target region information; or the like, or, alternatively,
and determining the region information of the adjacent region of the region information from a preset domain name scheme as target region information according to the region information.
5. The method of claim 2, wherein the regional-related information comprises a public network IP address; the relevant information of the target area comprises a target public network IP address;
the domain name scheme server responds to the domain name system information acquisition request, and according to the region related information in the domain name system information acquisition request, matching corresponding target region related information from a preset domain name scheme comprises the following steps:
the domain name scheme server responds to the domain name system information acquisition request, and determines a public network IP address connected with the terminal equipment according to the domain name system information acquisition request;
and performing similarity matching on the public network IP address and the IP address in the preset domain name scheme to determine a target public network IP address.
6. The method according to any of claims 1 to 5, wherein after said triggering sending of a second authentication request according to the modified domain name system configuration information, the method further comprises:
the terminal equipment monitors an authentication result responding to the second authentication request;
if the authentication result of the second authentication request is the authentication failure, sending a connection request to a virtual private network server to enable the virtual private network server to establish private network connection between the terminal equipment and the authentication server;
sending a third authentication request to the authentication server over the private network connection.
7. The method of claim 6, wherein the VPN server is located in a region with a lowest authentication failure rate.
8. An authentication system, characterized in that the system comprises: a terminal device; wherein:
the terminal equipment is used for sending a first authentication request and monitoring an authentication result of the first authentication request; if the authentication result of the first authentication request is detected to be authentication failure, acquiring domain name system information matched with the region where the terminal equipment is located from domain name system information which is preset aiming at different regions respectively; according to the domain name system information, modifying the domain name system configuration information of the terminal equipment; and triggering and sending a second authentication request according to the modified domain name system configuration information, and starting to normally provide service after the authentication is successful.
9. The system of claim 8, further comprising: a domain name scheme server; wherein:
the terminal device is further configured to, if it is monitored that the authentication result of the first authentication request is authentication failure, acquire region-related information of a region where the terminal device is located, generate a domain name system information acquisition request based on the region-related information, and send the domain name system information acquisition request to the domain name scheme server;
the domain name scheme server is used for responding to the domain name system information acquisition request, matching corresponding target region related information from a preset domain name scheme according to the region related information in the domain name system information acquisition request; the preset domain name scheme correspondingly stores region related information and domain name system information; and determining domain name system information which is stored correspondingly to the relevant information of the target area from the preset domain name scheme, and sending the domain name system information to the terminal equipment.
10. A terminal device comprising a memory and a processor, the memory storing a computer program, characterized in that the processor, when executing the computer program, implements the steps of the method of any of claims 1 to 7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211121577.9A CN115333855A (en) | 2022-09-15 | 2022-09-15 | Authentication method, system and terminal equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211121577.9A CN115333855A (en) | 2022-09-15 | 2022-09-15 | Authentication method, system and terminal equipment |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN115333855A true CN115333855A (en) | 2022-11-11 |
Family
ID=83929534
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202211121577.9A Pending CN115333855A (en) | 2022-09-15 | 2022-09-15 | Authentication method, system and terminal equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115333855A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116669042A (en) * | 2023-07-26 | 2023-08-29 | 中国电信股份有限公司 | Re-authentication method and device for voice wireless local area network and communication equipment |
-
2022
- 2022-09-15 CN CN202211121577.9A patent/CN115333855A/en active Pending
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116669042A (en) * | 2023-07-26 | 2023-08-29 | 中国电信股份有限公司 | Re-authentication method and device for voice wireless local area network and communication equipment |
| CN116669042B (en) * | 2023-07-26 | 2023-11-14 | 中国电信股份有限公司 | Re-authentication method and device for voice wireless local area network and communication equipment |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| EP3937525B1 (en) | Methods, apparatuses, devices and systems for backtracking service behavior | |
| US8560648B2 (en) | Location control service | |
| US9786010B2 (en) | Homeowners insurance application process using geotagged photos | |
| KR101970123B1 (en) | Dual channel identity authentication | |
| CN113079134B (en) | Mobile terminal access method, mobile terminal access device, computer equipment and medium | |
| US11737012B2 (en) | Maintaining access to services via SIM card | |
| WO2014111022A1 (en) | Mobile terminal user information display method, mobile terminal, and service system | |
| CN115333855A (en) | Authentication method, system and terminal equipment | |
| EP3210158B1 (en) | Secure transmission | |
| CN114222288B (en) | Equipment identifier generation method, equipment identifier verification method and device | |
| US11716203B2 (en) | Secure transmission | |
| CN116233847A (en) | Login method, login device, computer equipment and storage medium | |
| CN114844851A (en) | Information display method, information display device, computer equipment and storage medium | |
| CN115118421A (en) | Key alternation method, device and computer equipment | |
| CN116055186A (en) | Access authentication method, device, computer equipment and storage medium | |
| CN114363461B (en) | Application control method, device, electronic equipment and computer readable storage medium | |
| CN116681403A (en) | Automatic communication identifier updating method, device, computer equipment and storage medium | |
| CN117078263A (en) | Resource transfer method, device, computer equipment and storage medium | |
| CN117151717A (en) | Device password modification method, device, computer device and storage medium | |
| CN117081782A (en) | Network access method, system, computer equipment and storage medium | |
| CN117436888A (en) | Payment service processing method, device, computer equipment and storage medium | |
| CN116796299A (en) | Fraud-related application detection method, system and storage medium based on login authentication | |
| CN118694813A (en) | Device positioning method, device, computer device and storage medium | |
| CN116842541A (en) | Data encryption and decryption processing method and device, computer equipment and storage medium | |
| CN117311740A (en) | HongMong application program installation method, device, computer equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |