Search

CN-122027194-A - Client verification method and device

CN122027194ACN 122027194 ACN122027194 ACN 122027194ACN-122027194-A

Abstract

The embodiment of the disclosure provides a method, a device and electronic equipment for checking a client, and relates to the technical field of clients. The method comprises the steps of obtaining a client identifier of a client when a verification trigger event is a first verification trigger event, sending a hardware fingerprint of a user terminal and the client identifier of the client to a server, inquiring a historical binding fingerprint corresponding to the client by the server based on the client identifier of the client, verifying the hardware fingerprint of the user terminal based on the historical binding fingerprint of the client to obtain a first verification result, and receiving the first verification result fed back by the server. Therefore, the credibility requirement of various scenes on the client can be effectively met.

Inventors

  • Song Daohan
  • CHAI CHUNLEI
  • SUN SHOUQIAN
  • HUANG QI
  • XU WENJIE
  • KAN ZONGTING
  • ZHANG HAILONG
  • ZOU YAFENG

Assignees

  • 浙江大学长三角智慧绿洲创新中心

Dates

Publication Date
20260512
Application Date
20251223

Claims (10)

  1. 1. A method for client verification, applied to a user terminal, the method comprising: under the condition that a verification trigger event in the running process of the client is monitored by using a verification probe, acquiring the hardware fingerprint of the user terminal in real time, wherein the hardware fingerprint of the user terminal is generated based on the hardware information of the user terminal; Under the condition that the verification trigger event is a first verification trigger event, acquiring a client identifier of the client, wherein the client identifier of the client is a unique identifier of the client generated by a server by using a preset identifier generation algorithm based on registration parameters sent by a developer; The method comprises the steps that a hardware fingerprint of a user terminal and a client identifier of a client are sent to a server, so that the server can inquire a history binding fingerprint corresponding to the client based on the client identifier of the client, and check the hardware fingerprint of the user terminal based on the history binding fingerprint of the client to obtain a first check result, wherein the first check result is used for representing whether the user terminal running the client is an authorized terminal of the client; And receiving the first check result fed back by the server.
  2. 2. The method according to claim 1, wherein the method further comprises: Acquiring an activation credential of the client from a configuration file of the client under the condition that the verification trigger event is a second verification trigger event, wherein the activation credential of the client is a credential generated under the condition that an authorized client of the client starts the client for the first time, and the activation credential comprises a binding fingerprint of the authorized client; and verifying the hardware fingerprint of the user terminal by utilizing the binding fingerprint of the authorization terminal to obtain a second verification result, wherein the second verification result is used for representing whether the user terminal running the client is the authorization terminal of the client.
  3. 3. The method according to claim 1, wherein the method further comprises: under the condition that a service verification trigger event aiming at the client is monitored, acquiring a client identifier of the client, a service parameter corresponding to the service verification trigger event and a first application key corresponding to the client; generating a first service signature based on the client identifier of the client, the service parameter and the first application key; And sending a service request carrying the first service signature to the service end, wherein the service request comprises a client identifier of the client and the service parameter, and is used for generating a second service signature by the service end based on the client identifier of the client, the service parameter and a second application key corresponding to the client, and executing service operation corresponding to the service request under the condition that the first service signature is consistent with the second service signature, wherein the application key of the client is a random key generated by the service end according to a preset period.
  4. 4. The method of claim 3, wherein the generating a first traffic signature based on the client identification of the client, the traffic parameter, and the first application key comprises: Splicing the client identifier of the client, the service parameter and the first application key to obtain a spliced character string; And signing the spliced character strings through a preset signature algorithm to obtain the first service signature.
  5. 5. The method according to claim 1, characterized in that the method comprises: Under the condition that the user terminal starts the client for the first time, acquiring a client identifier of the client and a hardware fingerprint of the user terminal; Sending an activation request to the server, wherein the activation request comprises a client identifier of the client and a hardware fingerprint of the user terminal, so that the server can sequentially check the client identifier of the client and the hardware fingerprint of the user terminal, and dynamically generate an activation certificate of the client based on the client identifier of the client, the hardware fingerprint of the user terminal and a third application key corresponding to the client under the condition that the client identifier of the client and the hardware fingerprint of the user terminal pass the verification; And receiving and storing the activation certificate of the client sent by the server.
  6. 6. A method for client verification, applied to a server, the method comprising: Receiving a hardware fingerprint of a user terminal and a client identifier of a client, wherein the hardware fingerprint of the user terminal is obtained in real time under the condition that a first verification trigger event in the operation process of the client is monitored by a verification probe, the hardware fingerprint of the user terminal is generated based on hardware information of the user terminal, and the client identifier of the client is a unique identifier of the client, which is generated by a server by a preset identifier generation algorithm based on registration parameters sent by a developer; inquiring historical binding fingerprints corresponding to the client based on the client identification of the client; Verifying the hardware fingerprint of the user terminal based on the historical binding fingerprint of the client to obtain a first verification result, wherein the first verification result is used for representing whether the user terminal running the client is an authorized terminal of the client; And feeding back the first check result to the user terminal.
  7. 7. The method of claim 6, wherein the method further comprises: Receiving a service request which is sent by a user terminal and carries a first service signature under the condition that a service verification trigger event aiming at the client is monitored, wherein the first service signature is generated based on a client identifier of the client, a service parameter corresponding to the service verification trigger event and a first application key; generating a second service signature based on the client identifier of the client, the service parameter and a second application key corresponding to the client; And executing the business operation corresponding to the business request under the condition that the first business signature is consistent with the second business signature.
  8. 8. The method according to claim 6, characterized in that the method comprises: Receiving an activation request sent by a user terminal, wherein the activation request comprises a client identifier of the client and a hardware fingerprint of the user terminal; Sequentially checking a client identifier of the client and a hardware fingerprint of the user terminal; dynamically generating an activation credential of the client based on the client identifier of the client, the hardware fingerprint of the user terminal and a third application key corresponding to the client under the condition that the client identifier of the client and the hardware fingerprint of the user terminal are checked to pass; And sending the activation credential of the client to the user terminal for the user terminal to store the activation credential of the client.
  9. 9. An apparatus for client verification, applied to a user terminal, the apparatus comprising: The acquisition module is used for acquiring the hardware fingerprint of the user terminal in real time under the condition that a verification trigger event in the operation process of the client is monitored by using the verification probe, and the hardware fingerprint of the user terminal is generated based on the hardware information of the user terminal; the acquisition module is further used for acquiring a client identifier of the client when the verification trigger event is a first verification trigger event, wherein the client identifier of the client is a unique identifier of the client generated by a server by using a preset identifier generation algorithm based on registration parameters sent by a development machine; The sending module is used for sending the hardware fingerprint of the user terminal and the client identifier of the client to the server, inquiring the historical binding fingerprint corresponding to the client based on the client identifier of the client by the server, and checking the hardware fingerprint of the user terminal based on the historical binding fingerprint of the client to obtain a first checking result, wherein the first checking result is used for representing whether the user terminal running the client is an authorized terminal of the client; and the receiving module is used for receiving the first check result fed back by the server side.
  10. 10. An apparatus for client verification, applied to a server, the apparatus comprising: The system comprises a receiving module, a verification probe and a development machine, wherein the receiving module is used for receiving a hardware fingerprint of a user terminal and a client identifier of a client, the hardware fingerprint of the user terminal is obtained in real time under the condition that a first verification trigger event in the operation process of the client is monitored by the verification probe, the hardware fingerprint of the user terminal is generated based on hardware information of the user terminal, and the client identifier of the client is a unique identifier of the client, which is generated by a server by a preset identifier generation algorithm based on registration parameters sent by the development machine; the inquiry module is used for inquiring the history binding fingerprint corresponding to the client based on the client identifier of the client; The verification module is used for verifying the hardware fingerprint of the user terminal based on the historical binding fingerprint of the client to obtain a first verification result, wherein the first verification result is used for representing whether the user terminal running the client is an authorized terminal of the client; and the feedback module is used for feeding back the first check result to the user terminal.

Description

Client verification method and device Technical Field The disclosure relates to the technical field of clients, and in particular relates to a client verification method, a client verification device and electronic equipment. Background Along with the digitalized transformation of key scenes such as financial transaction terminals, industrial control clients and enterprise office systems, the cross-platform characteristic of Java-based clients is widely applied to the scenes. However, as the requirements of enterprises on security compliance and business authorization management and control are continuously improved, severe requirements are put on the credibility of clients in such scenes, but the severe requirements on the credibility of clients in the scenes cannot be met in the prior art. Disclosure of Invention The disclosure provides a client verification method, a client verification device and electronic equipment, so as to at least solve the technical problems in the prior art. In a first aspect, an embodiment of the present disclosure provides a method for checking a client, which is applied to a user terminal, and the method includes: Under the condition that a verification trigger event in the operation process of the client is monitored by using a verification probe, acquiring the hardware fingerprint of the user terminal in real time, wherein the hardware fingerprint of the user terminal is generated based on the hardware information of the user terminal; Under the condition that the verification trigger event is a first verification trigger event, acquiring a client identifier of a client, wherein the client identifier of the client is a unique identifier of the client generated by a server by using a preset identifier generation algorithm based on registration parameters sent by a developer; The method comprises the steps of sending a hardware fingerprint of a user terminal and a client identifier of a client to a server, inquiring a history binding fingerprint corresponding to the client based on the client identifier of the client by the server, and checking the hardware fingerprint of the user terminal based on the history binding fingerprint of the client to obtain a first checking result, wherein the first checking result is used for representing whether the user terminal running the client is an authorized terminal of the client or not; And receiving a first check result fed back by the server. In a second aspect, an embodiment of the present disclosure provides a method for checking a client, which is applied to a server, where the method includes: receiving a hardware fingerprint of a user terminal and a client identifier of a client, wherein the hardware fingerprint of the user terminal is obtained in real time under the condition that a first verification trigger event in the operation process of the client is monitored by a verification probe, the hardware fingerprint of the user terminal is generated based on hardware information of the user terminal, and the client identifier of the client is a unique identifier of the client, which is generated by a server by a preset identifier generation algorithm based on registration parameters sent by a developer; inquiring historical binding fingerprints corresponding to the client based on the client identifier of the client; verifying hardware fingerprints of the user terminal based on historical binding fingerprints of the client to obtain a first verification result, wherein the first verification result is used for representing whether the user terminal running the client is an authorized terminal of the client; And feeding back the first verification result to the user terminal. In a third aspect, an embodiment of the present disclosure provides an apparatus for client verification, applied to a user terminal, where the apparatus includes: The acquisition module is used for acquiring the hardware fingerprint of the user terminal in real time under the condition that a verification trigger event in the operation process of the client is monitored by using the verification probe, and the hardware fingerprint of the user terminal is generated based on the hardware information of the user terminal; the acquisition module is further used for acquiring a client identifier of the client when the verification trigger event is a first verification trigger event, wherein the client identifier of the client is a unique identifier of the client generated by the server by using a preset identifier generation algorithm based on registration parameters sent by the developer; The system comprises a sending module, a client and a client identification module, wherein the sending module is used for sending a hardware fingerprint of a user terminal and a client identification of the client to the server, inquiring a historical binding fingerprint corresponding to the client based on the client identification of the client by the server, and verifying t