Method and apparatus for managing application identifier
First Claim
Patent Images
1. A method, comprising:
- receiving, by an apparatus, an application access certificate request sent by a user, wherein the application certificate access request comprises;
a user identifier, an application identifier of the user, and a type of the application identifier;
extracting, by the apparatus, the user identifier and the application identifier of the user from the application access certificate request;
acquiring, by the apparatus, a biometric feature identifier of the user according to the user identifier;
generating, by the apparatus, an application access certificate according to the application identifier, the type of the application identifier, and the biometric feature identifier of the user, wherein generating the application access certificate according to the application identifier, the type of the application identifier, and the biometric feature identifier of the user comprises;
combining, by the apparatus, a second randomization factor with the biometric feature identifier of the user to obtain a fourth string;
performing, by the apparatus, hashing on the fourth string according to a preset hash function to obtain a second hash value;
obtaining, by the apparatus, a fifth string according to the type of the application identifier, the application identifier, and the second hash value;
performing, by the apparatus using a private key, digital signing on the fifth string to obtain a sixth string; and
assembling, by the apparatus, the type of the application identifier, the application identifier, and the sixth string into the application access certificate according to a preset sequence; and
sending, by the apparatus, the application access certificate to the user.
1 Assignment
0 Petitions
Accused Products
Abstract
Embodiments provide a method and an apparatus for managing an application identifier. The method includes: receiving, by an identifier management apparatus, an application identifier certificate application request sent by a user, and acquiring a user identifier and an application identifier of the user according to the application identifier certificate application request. The method also includes acquiring a feature identifier of the user according to the user identifier, generating an application identifier certificate according to the application identifier and the feature identifier of the user, and sending the application identifier certificate to the user.
-
Citations
18 Claims
-
1. A method, comprising:
-
receiving, by an apparatus, an application access certificate request sent by a user, wherein the application certificate access request comprises;
a user identifier, an application identifier of the user, and a type of the application identifier;extracting, by the apparatus, the user identifier and the application identifier of the user from the application access certificate request; acquiring, by the apparatus, a biometric feature identifier of the user according to the user identifier; generating, by the apparatus, an application access certificate according to the application identifier, the type of the application identifier, and the biometric feature identifier of the user, wherein generating the application access certificate according to the application identifier, the type of the application identifier, and the biometric feature identifier of the user comprises; combining, by the apparatus, a second randomization factor with the biometric feature identifier of the user to obtain a fourth string; performing, by the apparatus, hashing on the fourth string according to a preset hash function to obtain a second hash value; obtaining, by the apparatus, a fifth string according to the type of the application identifier, the application identifier, and the second hash value; performing, by the apparatus using a private key, digital signing on the fifth string to obtain a sixth string; and assembling, by the apparatus, the type of the application identifier, the application identifier, and the sixth string into the application access certificate according to a preset sequence; and sending, by the apparatus, the application access certificate to the user. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A method, comprising:
-
receiving, by a terminal, an application access certificate sent by an apparatus, wherein the application access certificate is in an encrypted state; decrypting, by the terminal, the application access certificate according to a private key of a user to acquire a first string and a digital signature of the first string from the application access certificate, wherein the first string is generated according to an application identifier and a biometric feature identifier of the user, and the digital signature of the first string is created by the apparatus according to the first string and a private key of the apparatus; decrypting, by the terminal, the digital signature of the first string according to a public key of the apparatus to obtain a second string; verifying, by the terminal, validity of the application access certificate according to the first string and the second string; after it is verified that the application access certificate is valid, determining, by the terminal, a target server according to an application requirement of the user; and sending, by the terminal, a registration request to the target server, wherein the registration request comprises a user identifier, the application access certificate, and a digital signature of the application access certificate, and wherein sending the registration request to the target server causes the target server to verify the validity of the application access certificate and to complete a registration process for the terminal, wherein the digital signature of the application access certificate is created by the terminal according to the application access certificate and the private key of the user. - View Dependent Claims (8, 9)
-
-
10. An apparatus, comprising:
-
a receiver, configured to receive an application access certificate request sent by a user, wherein the application certificate access request comprises;
a user identifier, an application identifier of the user, and a type of the application identifier;a processor; and a non-transitory computer-readable storage medium storing a program to be executed by the processor, the program including instructions for; extracting the user identifier and the application identifier of the user from the application access certificate request; acquiring a biometric feature identifier of the user according to the user identifier; and generating an application access certificate according to the application identifier, the type of the application identifier, and the biometric feature identifier of the user, wherein generating the application access certificate according to the application identifier, the type of the application identifier, and the biometric feature identifier of the user comprises; combining a second randomization factor with the biometric feature identifier of the user to obtain a fourth string; performing hashing on the fourth string according to a preset hash function to obtain a second hash value; obtaining a fifth string according to the type of the application identifier, the application identifier, and the second hash value; performing, using a private key, digital signing on the fifth string to obtain a sixth string; and assembling the type of the application identifier, the application identifier, and the sixth string into the application access certificate according to a preset sequence; and a transmitter, configured to send the application access certificate to the user. - View Dependent Claims (11, 12, 13, 14, 15)
-
-
16. A terminal, comprising:
-
a receiver, configured to receive an application access certificate sent by apparatus, wherein the application access certificate is in an encrypted state; a processor; a non-transitory computer-readable storage medium storing a program to be executed by the processor, the program including instructions for; decrypting the application access certificate according to a private key of a user to acquire a first string and a digital signature of the first string from the application access certificate, wherein the first string is generated according to an application identifier and a biometric feature identifier of the user, and the digital signature of the first string is created by the apparatus according to the first string and a private key of the apparatus; decrypting the digital signature of the first string according to a public key of the apparatus to obtain a second string; verifying validity of the application access certificate according to the first string and the second string; and after it is verified that the application access certificate is valid, determining a target server according to an application requirement of the user; and a transmitter, configured to send a registration request to the target server, wherein the registration request comprises a user identifier, the application access certificate, and a digital signature of the application access certificate, and wherein sending the registration request to the target server causes the target server to verify the validity of the application access certificate and to complete a registration process for the terminal, wherein the digital signature of the application access certificate is created by the terminal according to the application access certificate and the private key of the user. - View Dependent Claims (17, 18)
-
Specification