Logon system and method thereof
First Claim
1. A logon system comprising a non-transitory computer-readable medium and a key device, wherein the computer-readable medium comprises computer instructions executable by a processor to cause the processor to perform a logon method of:
- calling, by a computer operating system, a Credential Provider module corresponding to the key device according to a key device logon certificate in the key device;
popping up, by the Credential Provider module, a human-computer interactive interface when the Credential Provider module is called by the computer operating system;
collecting, by the Credential Provider module, information needed for logging on the computer operating system;
transferring, by the Credential Provider module, authentication information in the collected information to the computer operating system;
receiving, by a Cryptographic Service Provider module, the authentication information from the computer operating system;
performing, by the Cryptographic Service Provider module, authentication with the authentication information; and
performing, by the Cryptographic Service Provider module, an operation with a private key corresponding to the key device logon certificate to generate credential information needed for logging on the computer operating system in case authentication is successful,wherein before transferring the authentication information in the collected information to the computer operating system, an assembly unit in the Credential Provider module assembles the authentication information, and an encryption unit in the Credential Provider module encrypts the authentication information; and
wherein a disassembly unit in the Cryptographic Service Provider module disassembles the received authentication information before performing authentication with the authentication information.
1 Assignment
0 Petitions
Accused Products
Abstract
The invention discloses a logon system and a method thereof, which relates to information security field. The invention solves the problems that the user can log on Windows by username and password only. In the invention, the Credential Provider module adapted to pop up a human-computer interactive interface when the Credential Provider module is called by the operating system of the computer; further adapted to collect the information needed for logging on the operating system and transfer the collected information to the operating system of the computer; the Cryptographic Service Provider module is adapted to perform authentication with the information received from the operating system of the computer; and, if the authentication is successful, to perform operation with the corresponding private key of the key device logon certificate to generate credential information needed for logging on the operating system. The embodiments of the invention are applied for logging on the Windows, which provide more alternative logon ways for the user.
9 Citations
20 Claims
-
1. A logon system comprising a non-transitory computer-readable medium and a key device, wherein the computer-readable medium comprises computer instructions executable by a processor to cause the processor to perform a logon method of:
-
calling, by a computer operating system, a Credential Provider module corresponding to the key device according to a key device logon certificate in the key device; popping up, by the Credential Provider module, a human-computer interactive interface when the Credential Provider module is called by the computer operating system; collecting, by the Credential Provider module, information needed for logging on the computer operating system; transferring, by the Credential Provider module, authentication information in the collected information to the computer operating system; receiving, by a Cryptographic Service Provider module, the authentication information from the computer operating system; performing, by the Cryptographic Service Provider module, authentication with the authentication information; and performing, by the Cryptographic Service Provider module, an operation with a private key corresponding to the key device logon certificate to generate credential information needed for logging on the computer operating system in case authentication is successful, wherein before transferring the authentication information in the collected information to the computer operating system, an assembly unit in the Credential Provider module assembles the authentication information, and an encryption unit in the Credential Provider module encrypts the authentication information; and wherein a disassembly unit in the Cryptographic Service Provider module disassembles the received authentication information before performing authentication with the authentication information. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A logon method comprising:
-
calling, by a computer operating system, a Credential Provider module corresponding to a key device according to a key device logon certificate in the key device; popping up, by the Credential Provider module, a human-computer interactive interface when the Credential Provider module is called by the computer operating system; collecting, by the Credential Provider module, information needed for logging on the computer operating system; transferring, by the Credential Provider module, authentication information in the collected information to the computer operating system; receiving, by a Cryptographic Service Provider module, the authentication information from the computer operating system; performing, by the Cryptographic Service Provider module, authentication with the authentication information; and performing, by the Cryptographic Service Provider module, an operation with a private key corresponding to the key device logon certificate to generate credential information needed for logging on the computer operating system in case authentication is successful, wherein before transferring the authentication information in the collected information to the computer operating system, an assembly unit in the Credential Provider module assembles the authentication information, and an encryption unit in the Credential Provider module encrypts the authentication information; and wherein a disassembly unit in the Cryptographic Service Provider module disassembles the received authentication information before performing authentication with the authentication information. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
-
Specification