| 摘要 |
A client-side registration module for registering a client device with a server includes computer readable instructions executable by a computer processor of the client device to: generate a registration request including user credentials provided by a user of the client device; transmit the registration request to the server using a communications interface of the client device; if registration by the server is successful, receive via the communications interface a server rolling key input and a user/device identifier from the server; generate an initial rolling key using at least the server rolling key input; save the initial rolling key to a memory of the client device; and transmit the initial rolling key and the user/device identifier back to the server using the communications interface. A server-side registration module for registering a client device with a server includes computer readable instructions executable by a computer processor of the server to: receive, via a server communications interface, a registration request from the client device, the registration request including user credentials; authenticate the user credentials by reference to credentials for the user stored on a server accessible memory; wherein if authentication of the user credentials is successful: generate a server rolling key input; generate a user/device identifier; transmit the server rolling key input and the user/device identifier to the client device; receive a rolling key from the client device; save the rolling key to the server memory. A client-side automatic authentication module includes instructions executable by a computer processor of a client device to: generate an authorisation code based on a current rolling key stored on a memory of the device and an authorisation code input; transmit an authorisation request to a server, the authorisation request including the authorisation code, the authorisation code input, and a user/device identifier; if authentication by the server is successful, receive a rolling key input from the server; generate a new rolling key using the rolling key input and the current rolling key; and save the new rolling key to the memory of the device as a new current rolling key, the new current rolling key usable in subsequent authentication procedures. A server-side automatic authentication module includes instructions executable by a computer processor of a server to: receive an authorisation request from a client device, the authorisation request including an authorisation code, an authorisation code input, and a user/device identifier in respect of the client device and a user of the client device; retrieve from a server accessible memory a current rolling key associated with the device identifier; verify the authorisation code using the authorisation code input and current rolling key; if verification of the authorisation code using the current rolling key is successful: generate a new rolling key input; generate a new current rolling key using the new rolling key input and the current rolling key; save the current rolling key to the server accessible memory as a previous rolling key associated with the device identifier; save the new current rolling key to the server accessible memory as the current rolling key associated with the device identifier; and transmit the new rolling key input to the client device. |
