CN109784024A - One kind authenticating FIDO method and system based on the polyfactorial quick online identity of more authenticators - Google Patents
One kind authenticating FIDO method and system based on the polyfactorial quick online identity of more authenticators Download PDFInfo
- Publication number
- CN109784024A CN109784024A CN201811535134.8A CN201811535134A CN109784024A CN 109784024 A CN109784024 A CN 109784024A CN 201811535134 A CN201811535134 A CN 201811535134A CN 109784024 A CN109784024 A CN 109784024A
- Authority
- CN
- China
- Prior art keywords
- fido
- relying party
- client
- request
- server
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 40
- 238000012795 verification Methods 0.000 claims abstract description 30
- 238000012790 confirmation Methods 0.000 claims description 7
- 230000001755 vocal effect Effects 0.000 claims description 6
- 238000010586 diagram Methods 0.000 description 2
- 230000003068 static effect Effects 0.000 description 2
Landscapes
- Computer And Data Communications (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
- Storage Device Security (AREA)
Abstract
The present invention provides a kind of based on the polyfactorial FIDO authentication method of more authenticators and system.FIDO software authentication device and the two kinds of multiple authenticators of FIDO hardware identification device are integrated into same FIDO client by described method and system, more selections are provided on the mobile terminal for supported FIDO, authentication based on FIDO agreement can also be provided in the mobile device for not supporting FIDO for user, and the present invention integrates multiple authenticators, support a variety of living things feature recognition identity, make different relying party's platforms, different user can select corresponding authenticator and biological characteristic verification mode according to their needs, have the characteristics that it is more diversified with it is humanized, this has preferable impetus to the popularization and development of FIDO, and the present invention by TEE and whitepack cryptographic applications into FIDO system, it is effective against cryptographic attack, FIDO is greatly improved to recognize The stability and safety of card system.
Description
Technical field
The present invention relates to online identity field of authentication, and polyfactorial based on more authenticators more particularly, to one kind
Quick online identity authenticates FIDO method and system.
Background technique
With the fast development of mobile application and mobile Internet, mobile applications become increasingly abundant diversification, believe simultaneously
It is also following to cease safety problem.Recently carry out great leaking data Frequent Accidents, online identity of the tradition based on password verifies skill
Art has been difficult to safeguard the safety of internet.Past, user are proved " by modes such as static password, short message verification code and U-shields
The people of operation is me ".Static password, which faces, the challenge such as drags library, hits library, fishing, wooden horse and Brute Force.Short message verification code etc.
Intercepted risk is likely to occur with outer authentication.Above scheme can not " testimony of a witness unification " solve asking for authentication
Topic.FIDO comes into being, FIDO alliance be push go password to go the strong authentication agreement of password and be born, can solve " I just
It is me " the problem of.
FIDO, Fast IDentity Online provide a kind of solution for separating authentication mode with authentication protocol
Scheme can support a variety of biological characteristic authentication modes, including fingerprint, face, vocal print and iris recognition, in addition, FIDO may be used also
Support different security levels, the authentication mode that Internet Service Provider has according to user and authentication capability are come custom authentication plan
Slightly.
FIDO UAF (UAF, Universal Authentication Framework) agreement allows network server to mention
For no password and multiple-factor security service.User passes through local authentication mechanism (fingerprint, face, vocal print or PIN code) first and passes through
Proof of identity takes log-on data, registers a user to online service end then by interacting with FIDO UAF authenticator
(FIDO server) completes registration.UAF agreement allows which factor of safety of services selection to carry out user authentication.Once user is complete
At registration, when later user service needs to call FIDO UAF server, as long as can be complete simply by local authentication
At verification process, hereafter user, which no longer needs to input password, can carry out user's login, and encipherment is gone in realization, and solving tradition can not
The authentication problem of " I is exactly me " that solves.
But in the prior art some mobile terminals do not support the authenticator quantity of FIDO or hardware supported FIDO compared with
It is few, more selections can not be provided for relying party, and authenticator is generally run in REE, operation relevant to key by
The risk of attack is higher, and key information and trade confirmation content are easy to be stolen and distorted, the safety and stability of system
It is lower.
Summary of the invention
It is lower in order to solve few mobile terminal FIDO authenticator in the prior art and FIDO security of system and stability
The technical issues of, the present invention provides a kind of based on the polyfactorial quick online identity certification FIDO method of more authenticators, the side
Method includes:
Relying party's client generates trigger request, is sent to relying party's server;
Received trigger request is forwarded to FIDO server by relying party's server;
FIDO server generates certification request according to trigger request, and is back to relying party client by relying party's server
End;
After relying party's client receives certification request, inquiry can use FIDO client, and the certification request is sent
To FIDO client;
FIDO client checks FIDO authentication protocol version, and according to certification request, pop-up meets the FIDO of certification request
Authenticator list is selected for relying party;
After authenticator selects, a kind of progress is selected from relying in a variety of biological characteristic verification modes that method, apparatus is supported
Biological characteristic verification, when passed the verification, is sent to authenticator control module (Authen) for certification request;
After authenticator control module receives certification request, public private key pair is generated, private key information is used into whitepack Encryption Algorithm
It is encrypted, and is saved into trusted execution environments TEE, public key information and certification response message are then generated into response and asked
It asks, and the respond request is returned into FIDO client;
Respond request is back to relying party's client by FIDO client;
Received respond request is sent to relying party's server by relying party's client, and relying party's server transmitted response is asked
It asks to FIDO server;
After FIDO server carries out the verification of respond request, check results are forwarded to relying party visitor through relying party's server
Family end;
Check results complete the operation in trigger request to relying party based on the received.
Further, the method also includes relying party's client generate trigger request information before relying party led to
Relying party's client is crossed to complete user's registration in relying party's server and login successfully.
Further, the FIDO authenticator in the method includes hardware identification device and software authentication device.
Further, the trigger request that relying party's client generates includes registration, logs in identification, trade confirmation and note
Pin.
Further, the FIDO client checks FIDO authentication protocol version, and according to certification request, pop-up, which meets, to be recognized
The FIDO authenticator list for demonstrate,proving request, which refers to for relying party's selection by obtaining authenticator information interface, obtains dependence method, apparatus
In integrate all authenticators, and pop up in the form of a list for relying party select.
Further, after the authenticator selection, from a variety of biological characteristic verification modes for relying on method, apparatus support
It is middle that a kind of progress biological characteristic is selected to verify any one referred in selection face, vocal print, fingerprint, iris and PIN code.
According to another aspect of the present invention, the present invention is provided one kind and is recognized based on the polyfactorial quick online identity of more authenticators
FIDO system is demonstrate,proved, the system comprises:
Relying party's client is used to generate trigger request, is sent to relying party's server, receive FIDO server according to
It is sent to FIDO client after the certification request that trigger request generates, and is sent to after receiving respond request from FIDO client
FIDO server is verified, and receives the check results of FIDO server return;
Relying party's server is used to the trigger request that relying party sends being forwarded to FIDO server, FIDO is serviced
Device is forwarded to relying party's client according to the certification request that trigger request generates, and the response that relying party's client is sent is asked
It asks and is forwarded to FIDO server;
FIDO server is used to receive trigger request, is taken according to after trigger request generation certification request by relying party
Certification request is back to relying party's client by business device, and the respond request returned to relying party's client verifies, and
Check results are forwarded to relying party's client through relying party's server;
FIDO client is used to check FIDO authentication protocol version, and according to certification request, pop-up meets certification request
The list of FIDO authenticator for relying party select, and receive authenticator control module respond request and be forwarded to relying party visitor
Family end;
FIDO authenticator is used to select a kind of progress from a variety of biological characteristic verification modes for relying on method, apparatus support
Biological characteristic verification, when passed the verification, is sent to authenticator control module for certification request;
Authenticator control module generates after being used to receive certification request, and public private key pair adds private key information using whitepack
Close algorithm is encrypted, and is saved into trusted execution environments TEE, and public key information and certification response message are generated response and asked
It asks, and the respond request is returned into FIDO client.
Further, relying party's client is also used to that relying party is made to complete user's registration in relying party's server and steps on
Record.
Further, the FIDO authenticator includes hardware identification device and software authentication device.
Further, the trigger request that relying party's client generates includes registration, logs in identification, trade confirmation and note
Pin.
Technical solution of the present invention provide based on the polyfactorial FIDO authentication method of more authenticators and system by FIDO software
Authenticator and the two kinds of multiple authenticators of FIDO hardware identification device are integrated into same FIDO client, are supporting FIDO
Mobile terminal on more selections are provided, can also be provided in the mobile device for not supporting FIDO for user based on FIDO agreement
Authentication, and the present invention integrates multiple authenticators, supports that a variety of biological characteristics (such as know by face, vocal print, fingerprint and iris
Not), make different relying party's platforms, different user that can select corresponding authenticator and biological characteristic verification side according to their needs
Formula, have the characteristics that it is more diversified with it is humanized, this has preferable impetus, Er Qieben to the popularization of FIDO and development
TEE and whitepack cryptographic applications into FIDO system, are effective against cryptographic attack by invention, greatly improve FIDO certification system
The stability and safety of system.
Detailed description of the invention
By reference to the following drawings, exemplary embodiments of the present invention can be more fully understood by:
Fig. 1 is to authenticate FIDO based on the polyfactorial quick online identity of more authenticators according to the preferred embodiment for the present invention
The flow chart of method;
Fig. 2 is to authenticate FIDO based on the polyfactorial quick online identity of more authenticators according to the preferred embodiment for the present invention
The structural schematic diagram of system.
Specific embodiment
Exemplary embodiments of the present invention are introduced referring now to the drawings, however, the present invention can use many different shapes
Formula is implemented, and is not limited to the embodiment described herein, and to provide these embodiments be at large and fully disclose
The present invention, and the scope of the present invention is sufficiently conveyed to person of ordinary skill in the field.Show for what is be illustrated in the accompanying drawings
Term in example property embodiment is not limitation of the invention.In the accompanying drawings, identical cells/elements use identical attached
Icon note.
Unless otherwise indicated, term (including scientific and technical terminology) used herein has person of ordinary skill in the field
It is common to understand meaning.Further it will be understood that with the term that usually used dictionary limits, should be understood as and its
The context of related fields has consistent meaning, and is not construed as Utopian or too formal meaning.
Fig. 1 is to authenticate FIDO based on the polyfactorial quick online identity of more authenticators according to the preferred embodiment for the present invention
The flow chart of method.As shown in Figure 1, being recognized described in this preferred embodiment based on the polyfactorial quick online identity of more authenticators
Card method 100 is since step 101.
In step 101, relying party's client generates trigger request, is sent to relying party's server.
In the preferred embodiment, relying party's client generates triggering registration request, is sent to relying party's server.
In step 102, received trigger request is forwarded to FIDO server by relying party's server.
In step 103, FIDO server generates certification request according to trigger request, and is back to by relying party's server
Relying party's client.
In the preferred embodiment, FIDO server generates registration information according to triggering registration request, and passes through
Relying party's server is back to relying party's client.
In step 104, after relying party's client receives certification request, inquiry can use FIDO client, and recognize described
Card request is sent to FIDO client.
In step 105, FIDO client checks FIDO authentication protocol version, and according to certification request, pop-up meets certification
The FIDO authenticator list of request is selected for relying party.
In the preferred embodiment, FIDO client provides alternative according to FIDO UAF agreement for relying party
FIDO authenticator list.
In step 106, after authenticator selects, selected from relying in a variety of biological characteristic verification modes that method, apparatus is supported
It selects a kind of progress biological characteristic verification and certification request is sent to authenticator control module when passed the verification.
In the preferred embodiment,
In step 107, after authenticator control module receives certification request, public private key pair is generated, by private key information using white
Box Encryption Algorithm is encrypted, and is saved into trusted execution environments TEE, then that public key information and certification response message is raw
FIDO client is returned at respond request, and by the respond request.
In step 108, respond request is back to relying party's client by FIDO client.
In step 109, received respond request is sent to relying party's server, relying party's server by relying party's client
Transmitted response is requested to FIDO server.
Check results are forwarded through relying party's server after FIDO server carries out the verification of respond request in step 110
To relying party's client.
In step 111, check results complete the operation in trigger request to relying party based on the received.
Further, the method also includes relying party's client generate trigger request information before relying party led to
Relying party's client is crossed to complete user's registration in relying party's server and login successfully.
Further, the FIDO authenticator in the method includes hardware identification device and software authentication device.
Further, the trigger request that relying party's client generates includes registration, logs in identification, trade confirmation and note
Pin.
Further, the FIDO client checks FIDO authentication protocol version, and according to certification request, pop-up, which meets, to be recognized
The FIDO authenticator list for demonstrate,proving request, which refers to for relying party's selection by obtaining authenticator information interface, obtains dependence method, apparatus
In integrate all authenticators, and pop up in the form of a list for relying party select.
Further, after the authenticator selection, from a variety of biological characteristic verification modes for relying on method, apparatus support
It is middle that a kind of progress biological characteristic is selected to verify any one referred in selection face, vocal print, fingerprint, iris and PIN code.
Fig. 2 is to authenticate FIDO based on the polyfactorial quick online identity of more authenticators according to the preferred embodiment for the present invention
The structural schematic diagram of system.As shown in Fig. 2, polyfactorial quickly in line body based on more authenticators described in this preferred embodiment
Part authenticates FIDO system 200
Relying party's client 201 is used to generate trigger request, is sent to relying party's server 202, receives FIDO service
It is sent to FIDO client 204 after the certification request that device 203 is generated according to trigger request, and is received from FIDO client 204
It is sent to FIDO server 203 after respond request to be verified, and receives the check results of the return of FIDO server 203;
Relying party's server 202 is used to the trigger request that relying party sends being forwarded to FIDO server 203, will
FIDO server 203 is forwarded to relying party's client 201 according to the certification request that trigger request generates, and by relying party client
The respond request that end 201 is sent is forwarded to FIDO server 203;
FIDO server 203 is used to receive trigger request, passes through relying party after generating certification request according to trigger request
Certification request is back to relying party's client 201 by server 202, and to the respond request that relying party's client 201 returns
It is verified, and check results is forwarded to relying party's client 201 through relying party's server 202;
FIDO client 204 is used to check FIDO authentication protocol version, and according to certification request, pop-up meets certification
205 list of FIDO authenticator of request is selected for relying party, and receives respond request and the forwarding of authenticator control module 206
To relying party's client 201;
FIDO authenticator 205 is used to select one kind from a variety of biological characteristic verification modes for relying on method, apparatus support
It carries out biological characteristic verification and certification request is sent to authenticator control module 206 when passed the verification;
Authenticator control module 206 generates public private key pair after being used to receive certification request, and private key information is used whitepack
Encryption Algorithm is encrypted, and is saved into trusted execution environments TEE, and public key information and certification response message are generated response
Request, and the respond request is returned into FIDO client 201.
Further, relying party's client 201 is also used to that relying party is made to complete user's note in relying party's server 202
Volume simultaneously logs in.
Further, the FIDO authenticator 205 includes hardware identification device and software authentication device.
Further, the trigger request that relying party's client 201 generates includes registration, identification, trade confirmation and note
Pin.
The present invention is described by reference to a small amount of embodiment.However, it is known in those skilled in the art, as
Defined by subsidiary Patent right requirement, in addition to the present invention other embodiments disclosed above equally fall in it is of the invention
In range.
Normally, all terms used in the claims are all solved according to them in the common meaning of technical field
It releases, unless in addition clearly being defined wherein.All references " one/described/be somebody's turn to do [device, component etc.] " are all opened ground
At least one example being construed in described device, component etc., unless otherwise expressly specified.Any method disclosed herein
Step need not all be run with disclosed accurate sequence, unless explicitly stated otherwise.
Claims (10)
1. one kind authenticates FIDO method based on the polyfactorial quick online identity of more authenticators, which is characterized in that the method packet
It includes:
Relying party's client generates trigger request, is sent to relying party's server;
Received trigger request is forwarded to FIDO server by relying party's server;
FIDO server generates certification request according to trigger request, and is back to relying party's client by relying party's server;
After relying party's client receives certification request, inquiry can use FIDO client, and the certification request is sent to
FIDO client;
FIDO client checks FIDO authentication protocol version, and according to certification request, and pop-up meets the FIDO certification of certification request
Device list is selected for relying party;
After authenticator selects, a kind of progress biology is selected in a variety of biological characteristic verification modes that method, apparatus is supported from relying on
Feature verification, when passed the verification, is sent to authenticator control module for certification request;
After authenticator control module receives certification request, public private key pair is generated, private key information is carried out using whitepack Encryption Algorithm
Encryption, and save into trusted execution environments TEE, public key information and certification response message are then generated into respond request, and
The respond request is returned into FIDO client;
Respond request is back to relying party's client by FIDO client;
Received respond request is sent to relying party's server by relying party's client, relying party's server transmitted response request to
FIDO server;
After FIDO server carries out the verification of respond request, check results are forwarded to relying party client through relying party's server
End;
Check results complete the operation in trigger request to relying party based on the received.
2. the method according to claim 1, wherein the method also includes generating to trigger in relying party's client
Relying party has passed through relying party's client and has completed user's registration in relying party's server and login successfully before solicited message.
3. the method according to claim 1, wherein the FIDO authenticator in the method includes hardware identification device
With software authentication device.
4. according to the method described in claim 1, it is particularly in the trigger request that relying party's client generates includes note
Volume logs in identification, trade confirmation and cancellation.
5. the method according to claim 1, wherein the FIDO client check FIDO authentication protocol version,
And according to certification request, the FIDO authenticator list that pop-up meets certification request refers to for relying party's selection by obtaining authenticator
Information interface relies on all authenticators integrated in method, apparatus to obtain, and pops up select for relying party in the form of a list.
6. according to the method described in claim 4, it is characterized in that, the authenticator select after, from rely on method, apparatus branch
Selected in a variety of biological characteristic verification modes held a kind of verification of progress biological characteristic refer to selection face, vocal print, fingerprint, iris and
Any one in PIN code.
7. one kind authenticates FIDO system based on the polyfactorial quick online identity of more authenticators, which is characterized in that the system packet
It includes:
Relying party's client is used to generate trigger request, is sent to relying party's server, receives FIDO server according to triggering
It is sent to FIDO client after requesting the certification request generated, and is sent to FIDO after receiving respond request from FIDO client
Server is verified, and receives the check results of FIDO server return;
Relying party's server is used to the trigger request that relying party sends being forwarded to FIDO server, by FIDO server root
It is forwarded to relying party's client according to the certification request that trigger request generates, and the respond request that relying party's client is sent turns
It is sent to FIDO server;
FIDO server is used to receive trigger request, passes through relying party's server after generating certification request according to trigger request
Certification request is back to relying party's client, and the respond request returned to relying party's client verifies, and high-ranking officers
It tests result and is forwarded to relying party's client through relying party's server;
FIDO client is used to check FIDO authentication protocol version, and according to certification request, pop-up meets certification request
The list of FIDO authenticator is selected for relying party, and is received the respond request of authenticator control module and be forwarded to relying party client
End;
FIDO authenticator is used to from a variety of biological characteristic verification modes for relying on method, apparatus support select a kind of progress biology
Feature verification, when passed the verification, is sent to authenticator control module for certification request;
Authenticator control module generates after being used to receive certification request, and public private key pair calculates private key information using whitepack encryption
Method is encrypted, and is saved into trusted execution environments TEE, and public key information and certification response message are generated respond request,
And the respond request is returned into FIDO client.
8. system according to claim 7, which is characterized in that relying party's client is also used to relying on relying party
Square server is completed user's registration and is logged in.
9. system according to claim 7, which is characterized in that the FIDO authenticator includes that hardware identification device and software are recognized
Demonstrate,prove device.
10. system according to claim 7, particularly in the trigger request that relying party's client generates includes
Registration logs in identification, trade confirmation and cancellation.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811535134.8A CN109784024A (en) | 2018-12-14 | 2018-12-14 | One kind authenticating FIDO method and system based on the polyfactorial quick online identity of more authenticators |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811535134.8A CN109784024A (en) | 2018-12-14 | 2018-12-14 | One kind authenticating FIDO method and system based on the polyfactorial quick online identity of more authenticators |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN109784024A true CN109784024A (en) | 2019-05-21 |
Family
ID=66496988
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811535134.8A Pending CN109784024A (en) | 2018-12-14 | 2018-12-14 | One kind authenticating FIDO method and system based on the polyfactorial quick online identity of more authenticators |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109784024A (en) |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110401663A (en) * | 2019-07-30 | 2019-11-01 | 飞天诚信科技股份有限公司 | A kind of method and system of fast registration authenticator |
| CN110784395A (en) * | 2019-11-04 | 2020-02-11 | 航天信息股份有限公司 | Mail safety login method and system based on FIDO authentication |
| TWI720738B (en) * | 2019-12-16 | 2021-03-01 | 臺灣網路認證股份有限公司 | System for combining architectures of fido and pki to identity user and method thereof |
| CN112822007A (en) * | 2020-12-29 | 2021-05-18 | 中国农业银行股份有限公司 | User authentication method, device and equipment |
| CN115459994A (en) * | 2022-09-06 | 2022-12-09 | 亚数信息科技(上海)有限公司 | A FIDO2 authentication system and method based on Internet |
| CN116346495A (en) * | 2023-04-19 | 2023-06-27 | 三未信安科技股份有限公司 | A three-factor based certificateless identity authentication and key agreement method |
| CN116866093A (en) * | 2023-09-05 | 2023-10-10 | 鼎铉商用密码测评技术(深圳)有限公司 | Identity authentication method, identity authentication device, and readable storage medium |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105656890A (en) * | 2015-12-30 | 2016-06-08 | 深圳数字电视国家工程实验室股份有限公司 | FIDO (Fast Identity Online) authenticator, system and method based on TEE (Trusted Execution Environment) and wireless confirmation |
| CN106549973A (en) * | 2016-11-21 | 2017-03-29 | 飞天诚信科技股份有限公司 | A kind of client and its method of work based on living things feature recognition |
| CN108092776A (en) * | 2017-12-04 | 2018-05-29 | 南京南瑞信息通信科技有限公司 | A kind of authentication server and authentication token |
| CN108234509A (en) * | 2018-01-16 | 2018-06-29 | 国民认证科技(北京)有限公司 | FIDO authenticators, Verification System and method based on TEE and PKI certificates |
-
2018
- 2018-12-14 CN CN201811535134.8A patent/CN109784024A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105656890A (en) * | 2015-12-30 | 2016-06-08 | 深圳数字电视国家工程实验室股份有限公司 | FIDO (Fast Identity Online) authenticator, system and method based on TEE (Trusted Execution Environment) and wireless confirmation |
| CN106549973A (en) * | 2016-11-21 | 2017-03-29 | 飞天诚信科技股份有限公司 | A kind of client and its method of work based on living things feature recognition |
| CN108092776A (en) * | 2017-12-04 | 2018-05-29 | 南京南瑞信息通信科技有限公司 | A kind of authentication server and authentication token |
| CN108234509A (en) * | 2018-01-16 | 2018-06-29 | 国民认证科技(北京)有限公司 | FIDO authenticators, Verification System and method based on TEE and PKI certificates |
Cited By (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110401663A (en) * | 2019-07-30 | 2019-11-01 | 飞天诚信科技股份有限公司 | A kind of method and system of fast registration authenticator |
| CN110401663B (en) * | 2019-07-30 | 2021-08-31 | 飞天诚信科技股份有限公司 | A method and system for quickly registering an authenticator |
| CN110784395A (en) * | 2019-11-04 | 2020-02-11 | 航天信息股份有限公司 | Mail safety login method and system based on FIDO authentication |
| CN110784395B (en) * | 2019-11-04 | 2023-02-21 | 航天信息股份有限公司 | Mail safety login method and system based on FIDO authentication |
| TWI720738B (en) * | 2019-12-16 | 2021-03-01 | 臺灣網路認證股份有限公司 | System for combining architectures of fido and pki to identity user and method thereof |
| CN112822007A (en) * | 2020-12-29 | 2021-05-18 | 中国农业银行股份有限公司 | User authentication method, device and equipment |
| CN112822007B (en) * | 2020-12-29 | 2023-11-03 | 中国农业银行股份有限公司 | User authentication method, device and equipment |
| CN115459994A (en) * | 2022-09-06 | 2022-12-09 | 亚数信息科技(上海)有限公司 | A FIDO2 authentication system and method based on Internet |
| CN116346495A (en) * | 2023-04-19 | 2023-06-27 | 三未信安科技股份有限公司 | A three-factor based certificateless identity authentication and key agreement method |
| CN116866093A (en) * | 2023-09-05 | 2023-10-10 | 鼎铉商用密码测评技术(深圳)有限公司 | Identity authentication method, identity authentication device, and readable storage medium |
| CN116866093B (en) * | 2023-09-05 | 2024-01-05 | 鼎铉商用密码测评技术(深圳)有限公司 | Identity authentication method, identity authentication device, and readable storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11172361B2 (en) | System and method of notifying mobile devices to complete transactions | |
| US8151326B2 (en) | Using audio in N-factor authentication | |
| US10652282B2 (en) | Brokered authentication with risk sharing | |
| CN109784024A (en) | One kind authenticating FIDO method and system based on the polyfactorial quick online identity of more authenticators | |
| KR101019458B1 (en) | Extended one-time password method and device | |
| US8474028B2 (en) | Multi-party, secure multi-channel authentication | |
| US20190281028A1 (en) | System and method for decentralized authentication using a distributed transaction-based state machine | |
| US8434133B2 (en) | Single-party, secure multi-channel authentication | |
| US20050021975A1 (en) | Proxy based adaptive two factor authentication having automated enrollment | |
| US20160337351A1 (en) | Authentication system | |
| CN104202162B (en) | A kind of system logged in based on mobile phone and login method | |
| US20080209213A1 (en) | Authorizing secure resources | |
| AU2007303059B2 (en) | Secure multi-channel authentication | |
| CN106664208A (en) | System and method for establishing trust using a secure transport protocol | |
| US12388656B2 (en) | Systems methods and devices for dynamic authentication and identification | |
| CN103119975A (en) | User Account Recovery | |
| US12407531B2 (en) | Transparent short-range wireless device factor in a multi-factor authentication system | |
| CN107645471A (en) | A kind of method and system for mobile terminal user identity certification | |
| WO2010128451A2 (en) | Methods of robust multi-factor authentication and authorization and systems thereof | |
| Hauck | OpenID for Verifiable Credentials: formal security analysis using the Web Infrastructure Model | |
| US20090025066A1 (en) | Systems and methods for first and second party authentication | |
| CN113992380B (en) | Trusted employee certificate authentication method and system based on network mapping certificate | |
| WO2015108924A2 (en) | Authentication system | |
| US12488080B2 (en) | Method and system for user authentication | |
| US20260100841A1 (en) | Secure enrollment of passkeys with verifiable credentials |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20190521 |
|
| RJ01 | Rejection of invention patent application after publication |