CN104636653A - System method for realizing user identity authentication based on non-contact mode by intelligent terminal equipment - Google Patents
System method for realizing user identity authentication based on non-contact mode by intelligent terminal equipment Download PDFInfo
- Publication number
- CN104636653A CN104636653A CN201310550900.9A CN201310550900A CN104636653A CN 104636653 A CN104636653 A CN 104636653A CN 201310550900 A CN201310550900 A CN 201310550900A CN 104636653 A CN104636653 A CN 104636653A
- Authority
- CN
- China
- Prior art keywords
- intelligent terminal
- authentication
- user
- authentication module
- identity
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 31
- 238000005516 engineering process Methods 0.000 claims description 16
- 230000009977 dual effect Effects 0.000 claims description 4
- 238000004519 manufacturing process Methods 0.000 claims description 3
- 238000013475 authorization Methods 0.000 claims 2
- 238000004891 communication Methods 0.000 abstract description 3
- 238000012795 verification Methods 0.000 description 5
- 230000003542 behavioural effect Effects 0.000 description 4
- 230000000694 effects Effects 0.000 description 4
- 230000006870 function Effects 0.000 description 2
- 238000010586 diagram Methods 0.000 description 1
Landscapes
- Mobile Radio Communication Systems (AREA)
- Collating Specific Patterns (AREA)
Abstract
The invention provides a system method for realizing user identity authentication based on a non-contact mode by intelligent terminal equipment. The system comprises: the intelligent terminal device and the module device (such as an infrared device, a Bluetooth device, an RFID device and the like) for authenticating the user identity, and the intelligent terminal device realize an authentication protocol by carrying out a non-contact communication mode with the identity authentication module device. The authentication method comprises the following steps: firstly, making a module device for identity authentication into an article (such as a bracelet, a ring and the like) which can be worn by a human body and wearing the article on the human body; secondly, when the intelligent terminal equipment is used, the intelligent terminal equipment sends a password inquiry command to the authenticated module device, the module device answers the password, and the intelligent terminal equipment realizes the identity authentication of the user by verifying the password. The authentication mode simplifies the identity recognition process of the intelligent terminal device user, realizes the unification of the identity authentication modes in various different intelligent terminal device applications, and is convenient for the simple realization of various application services of the intelligent terminal device. The system can form an authentication system with stronger function by combining a multi-factor authentication mode of the intelligent terminal equipment.
Description
Technical field
The present invention relates to the communications field and the terminal security field of intelligent terminal, the cordless particular by distance element between intelligent terminal and authenticating device exchanges data, realizes the authentication to intelligent terminal user.
Background technology
Along with the develop rapidly of electronic communication, the intelligent terminal comprising smart mobile phone obtains applying more and more widely, but these intelligent terminals are bringing greatly easily simultaneously, also the safety issue of intelligent terminal is brought, such as: non-authentication user illegal use intelligent terminal, the infringement to intelligent terminal privacy of user is caused.
In order to improve the security of intelligent terminal, following three class method for authenticating user identity in prior art, are there are: traditional recognition technology based on user knowledge (as password, figure lock etc.), based on the recognition technology (as recognition of face, fingerprint recognition etc.) of biological characteristic and the user authen method of Behavior-based control feature.
Wherein, traditional recognition technology based on user knowledge mainly proceeds as follows: authenticated presets a set of authentication information in intelligent terminal, as password or the graphics mode of digital alphabet one class.When will identify user identity, intelligent terminal requires user's input authentication information again, if the authentication information of input is consistent with the authentication information preset, then thinks that this user is for authenticated; Otherwise, then think that this user is non-authentication user.
Traditional recognition technology based on user knowledge has following shortcoming: 1) level of security is low: one is the restriction due to intelligent terminal itself, and the information of authentication can not be oversize, is therefore easy to suffer that brute-force is attacked, and lacks security.Another kind of reason is that, when user's input authentication information, easily by surrounding, other people spy on, imitate, and this reduces security.2) not easily remember: in order to increase security, multiple personal electronic equipments uses different passwords, due to the increasing number of personal electronic equipments, needs to remember many passwords, bring the inconvenience in memory to user, forgetting password may be caused not by the situation of certification.3) convenience and agility poor: the mode of input authentication information is more complicated, adds the difficulty of normal person's certification, more inconvenient for the people such as old, weak, sick, residual.
And above shortcoming can be avoided based on the recognition technology of biological identification, because this recognition technology has following characteristics: 1) characteristic information of biological identification is difficult to imitated or cracks, non-authenticated user cannot by spy on or brute-force is attacked and obtained authentication information, and by the certification of intelligent terminal; 2) based on the certification that the authentication information recognition technology of biological characteristic is to user biological feature intrinsic information, do not need user to remember any preset information especially, there is not user because forget authentication information not by the situation of checking; 3) existing major part is simple to operate based on the recognition technology of biological information, does not need loaded down with trivial details releasing process, has good convenience.
Biological identification technology comparatively ripe at present comprises: fingerprint recognition, iris recognition, recognition of face, voice recognition etc.Wherein, the method such as fingerprint recognition, iris recognition accuracy of identification is the highest.But be limited to the hardware resource of intelligent terminal, when intelligent terminal is applied this two classes recognition technology, need to increase special equipment, thus considerably increase the cost of intelligent terminal, cannot wide popularization and application.And recognition of face and voice recognition technology, directly can use the resource of the intelligent terminal as smart mobile phone one class (as camera, microphone) and without the need to extra equipment, be convenient to large-scale application.But use such recognition technology can consume a large amount of intelligent terminal resource, affect the normal work of other functions of intelligent terminal.Meanwhile, surrounding environment change is as feature damage situations such as light etc., fingerprints, and also can produce a very large impact recognition effect, robustness is low, thus reduces Consumer's Experience effect.
The behavioural characteristic of method for authenticating user identity to user based on human body behavioural characteristic identifies, determines that whether the behavior is the peculiar behavioural characteristic of intelligent terminal owner according to certain decision range.The advantage of the method is that of avoiding gathers around the acquainted inconvenience that judgement brings of verifying based on user, and it also avoid the weakness that biometrics identification technology is intrinsic, user uses and can feel convenient and swift, improves Consumer's Experience effect.
Occurred the user identity identification mode based on human body behavioural characteristic at present, because it have employed the judgment mode based on a scope, therefore his identification accuracy need to improve.Another feature of the method to utilize more computational resource, and therefore, the method also needs to carry out simplifying further on algorithm.
Summary of the invention
The object of this invention is to provide one both convenient and swift, there is again the intelligent terminal identity identifying method of higher-security, make user in the process using intelligent terminal, be hardly aware of and have passed through authentication, the various safe and simples of the various applied business of very convenient intelligent terminal realize.
Method of the present invention comprises the steps:
1) by same password random number seed respectively stored in intelligent terminal and authentication module device, authentication module device
Make n hash operations respectively with intelligent terminal, and store the result of n hash operations;
2) when intelligent terminal needs i-th identifying user identity, he send carry out authentication for i-th time order to authentication module device, authentication module device takes out the result of the n-th-i+1 time hash operations, sends this end value back to intelligent terminal;
3) result of the data received with the n-th-i+1 the hash operations existed in oneself storer compares by intelligent terminal, if identical, then and authentication success;
4) after the value of n hash is finished, stored in same password random number seed, (producing method of this random number is a lot of simultaneously again for two equipment (or device), such as can produce random number with Diffie-Hellan public keys production method etc.), then repeat aforementioned 1) to 3) and step.
The noncontact authentication module of described intelligent terminal has following feature:
1) the portable wearable object of adult body can be done, be convenient to intelligent terminal and user carries out wireless identity identification (containing cordless such as infrared rays);
2) carried out the strict authentication of safety between this authentication module and user, user regularly carries out this kind of authentication, to ensure that this authentication module becomes user's inalienable part with it;
3) this authentication module can carry out computing and storage, realizes simple authentication verification.
A kind of intelligent terminal authenticating user identification system, by noncontact authentication module, intelligent terminal and to non-
Contact modules carry out safety strict authentication Verification System (this Verification System can by factors such as the biological characteristic of routine, passwords
Certification realizes) composition.
Feature of the present invention is: in fact combine Knowledge based engineering authentication mode and the authenticating party based on human body biological characteristics
Formula, the user's (comprising the people such as old, weak, sick, residual) being convenient to various intelligent terminal carries out authentication, can be basic
User's identity verification scheme of upper unified intelligent terminal; When intelligent terminal leaves noncontact authentication module certain distance
After, just again cannot carry out safety certification, prevent the possibility that intelligent terminal is stolen, ensure that intelligent terminal
Safety.
Accompanying drawing explanation
Fig. 1 is the composition structural drawing of intelligent terminal user identity identification system of the present invention.
Fig. 2 is the algorithm realization process flow diagram of intelligent terminal method for identifying ID of the present invention.
Embodiment
Hereinafter with reference to accompanying drawing, implementation content of the present invention is described in detail.
As shown in Figure 1, intelligent terminal user identification system of the present invention is by noncontact authentication module, recognize noncontact
Card module itself carries out certification parts, the intelligent terminal itself of dual factor anthentication.Wherein, to noncontact authentication module itself
The certification parts carrying out dual factor anthentication can be realized by existing certificate server, or are completed by independent authenticating device.
As shown in Figure 2, intelligent terminal method for identifying ID of the present invention is:
Step S01, to noncontact authentication module itself carry out dual factor anthentication (can be realized by existing certificate server, or
Completed by independent authenticating device.);
Step S02, by the number of intelligent terminal user (as the phone number of cellphone subscriber or the MAC of this mobile phone
Location code) give noncontact authentication module, noncontact authentication module stores this number;
Step S03, is established stored in intelligent terminal respectively by the same password random number seed produced by methods such as Diffie-Hellman
Standby with in authentication module device, n hash operations made respectively by authentication module device and intelligent terminal, and store the result of n hash operations;
Step S04, concrete authenticating step is as follows:
1), when each intelligent terminal carries out password authentication, first send the number of oneself to noncontact authentication module, after noncontact authentication module is more consistent with the number be stored in oneself storer by this number, enter identifying procedure, otherwise refusal certification.This is the certification that noncontact authentication module carries out intelligent terminal;
2) when intelligent terminal needs i-th identifying user identity, he send carry out authentication for i-th time order to authentication module device, authentication module device takes out the result of the n-th-i+1 time hash operations, sends this end value back to intelligent terminal;
3) result of the data received with the n-th-i+1 the hash operations existed in oneself storer compares by intelligent terminal, if identical, then and authentication success;
4) after the value of n hash is finished, stored in same password random number seed, (producing method of this random number is a lot of simultaneously again for two equipment (or device), such as can produce random number with Diffie-Hellan public keys production method etc.), then repeat aforementioned 1) to 3) and step.
In the solution of the present invention implementation process, intelligent terminal carries out automatically to the authentication procedures of user, user does not need to carry out any intervention, unless intelligent terminal leaves that user's certain distance just can cause cannot the effect of identity verification, therefore, intelligent terminal can identify user automatically, ensures to only have validated user could operate intelligent terminal, meets user has safety certification function demand to intelligent terminal.
Claims (6)
1. intelligent terminal realizes a systems approach for authenticating user identification based on untouchable mode, comprises the steps:
1) by same password random number seed respectively stored in intelligent terminal and authentication module device, n hash operations made respectively by authentication module device and intelligent terminal, and store the result of n hash operations;
2) when intelligent terminal needs i-th identifying user identity, he send carry out authentication for i-th time order to authentication module device, authentication module device takes out the result of the n-th-i+1 time hash operations, sends this end value back to intelligent terminal;
3) result of the data received with the n-th-i+1 the hash operations existed in oneself storer compares by intelligent terminal, if identical, then and authentication success;
4) after the value of n hash is finished, stored in same password random number seed, (producing method of this random number is a lot of simultaneously again for two equipment (or device), such as can produce random number with Diffie-Hellan public keys production method etc.), then repeat aforementioned 1) to 3) and step.
2. intelligent terminal according to claim 1 is to the identity authorization system method of user, and it is characterized in that authentication module can do the wearable object of adult body, this module can be carried out hash function calculating and communicate.
3. the method for intelligent terminal user identity identification according to claim 1, the wearable object of this human body can realize the biological characteristic authentication of user on special equipment, makes this Wearable article really can become user's inalienable part with it.
4. the method for intelligent terminal user identity identification according to claim 1, when intelligent terminal leaves after the wearable object of this human body reaches certain distance, intelligent terminal, due to can not authenticated identity, just becomes not spendable intelligent terminal user equipment.
5. the method for intelligent terminal user identity identification according to claim 1, for ensureing that noncontact authentication module device is not illegally used, the certification of biological characteristic authentication or other modes must be carried out to this authentication module at fixed cycle time, or dual factor anthentication.
6. intelligent terminal according to claim 1 is to the identity authorization system method of user, it is characterized in that cordless, the all-embracing non-contact technology of which, as the noncontact certification that infrared ray, Bluetooth technology, RFID technique etc. realize.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310550900.9A CN104636653A (en) | 2013-11-09 | 2013-11-09 | System method for realizing user identity authentication based on non-contact mode by intelligent terminal equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310550900.9A CN104636653A (en) | 2013-11-09 | 2013-11-09 | System method for realizing user identity authentication based on non-contact mode by intelligent terminal equipment |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN104636653A true CN104636653A (en) | 2015-05-20 |
Family
ID=53215393
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201310550900.9A Pending CN104636653A (en) | 2013-11-09 | 2013-11-09 | System method for realizing user identity authentication based on non-contact mode by intelligent terminal equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104636653A (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107634835A (en) * | 2017-09-11 | 2018-01-26 | 山东渔翁信息技术股份有限公司 | A kind of auth method, device, equipment and storage medium |
| CN108431840A (en) * | 2015-07-10 | 2018-08-21 | Novatec公司 | For declaration item, for the registration in citizenship liber and the device and method for signing and issuing verified formal certificate |
| CN110059460A (en) * | 2017-12-21 | 2019-07-26 | 丰田自动车株式会社 | Verification System and authentication device |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20060059344A1 (en) * | 2004-09-10 | 2006-03-16 | Nokia Corporation | Service authentication |
| CN101083486A (en) * | 2006-05-31 | 2007-12-05 | 盛年 | Information management device |
| CN101116281A (en) * | 2005-02-10 | 2008-01-30 | 国际商业机器公司 | Challenge-response signatures and secure diffie-hellman protocols |
| CN101133420A (en) * | 2005-12-19 | 2008-02-27 | 日本电信电话株式会社 | Terminal identification method, authentication method, authentication system, server, terminal, radio base station, program, and recording medium |
| CN101174953A (en) * | 2007-03-27 | 2008-05-07 | 兰州大学 | Identity authentication method based on S/Key system |
| US20120317622A1 (en) * | 2011-06-13 | 2012-12-13 | Uniloc Usa, Inc. | Hardware identity in multi-factor authentication at the application layer |
| CN103310142A (en) * | 2013-05-22 | 2013-09-18 | 复旦大学 | Man-machine fusion security authentication method based on wearable equipment |
-
2013
- 2013-11-09 CN CN201310550900.9A patent/CN104636653A/en active Pending
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20060059344A1 (en) * | 2004-09-10 | 2006-03-16 | Nokia Corporation | Service authentication |
| CN101116281A (en) * | 2005-02-10 | 2008-01-30 | 国际商业机器公司 | Challenge-response signatures and secure diffie-hellman protocols |
| CN101133420A (en) * | 2005-12-19 | 2008-02-27 | 日本电信电话株式会社 | Terminal identification method, authentication method, authentication system, server, terminal, radio base station, program, and recording medium |
| CN101083486A (en) * | 2006-05-31 | 2007-12-05 | 盛年 | Information management device |
| CN101174953A (en) * | 2007-03-27 | 2008-05-07 | 兰州大学 | Identity authentication method based on S/Key system |
| US20120317622A1 (en) * | 2011-06-13 | 2012-12-13 | Uniloc Usa, Inc. | Hardware identity in multi-factor authentication at the application layer |
| CN103310142A (en) * | 2013-05-22 | 2013-09-18 | 复旦大学 | Man-machine fusion security authentication method based on wearable equipment |
Non-Patent Citations (3)
| Title |
|---|
| 刘嘉勇: "《应用密码学》", 30 September 2008, 清华大学出版社 * |
| 杨义先等: "《应用密码学(第2版)》", 30 June 2013, 北京邮电大学出版社 * |
| 王洪莹: ""移动商务身份认证系统的研究与设计"", 《中国优秀硕士学位论文全文数据库 信息科技辑》 * |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108431840A (en) * | 2015-07-10 | 2018-08-21 | Novatec公司 | For declaration item, for the registration in citizenship liber and the device and method for signing and issuing verified formal certificate |
| CN108431840B (en) * | 2015-07-10 | 2022-03-25 | Novatec公司 | Device and method for declaring items, registering citizen identity and issuing official certificate |
| CN107634835A (en) * | 2017-09-11 | 2018-01-26 | 山东渔翁信息技术股份有限公司 | A kind of auth method, device, equipment and storage medium |
| CN110059460A (en) * | 2017-12-21 | 2019-07-26 | 丰田自动车株式会社 | Verification System and authentication device |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Saxena et al. | Vibrate-to-unlock: Mobile phone assisted user authentication to multiple personal RFID tags | |
| US20140380445A1 (en) | Universal Authentication and Data Exchange Method, System and Service | |
| US20100088749A1 (en) | System and method for personal authentication using anonymous devices | |
| EP2696306A1 (en) | System and device for authenticating a user | |
| US20190174304A1 (en) | Universal Authentication and Data Exchange Method, System and Service | |
| CN103824012A (en) | Radio frequency near field user identity recognition of intelligent mobile terminal | |
| TW201730418A (en) | An electronic door locking system | |
| CN103310142A (en) | Man-machine fusion security authentication method based on wearable equipment | |
| WO2012155620A1 (en) | Method and mobile communication terminal for protecting near field communication security | |
| CN104156651A (en) | Access control method and device for terminal | |
| CN103226857A (en) | Gate control all-in-one machine adopting multi-verification to obtain complete open password | |
| US20130179944A1 (en) | Personal area network (PAN) ID-authenticating systems, apparatus, method | |
| US20140139315A1 (en) | Vicinity-based multi-factor authentication | |
| KR101345018B1 (en) | Teminal and security certification system therewith | |
| CN110210855A (en) | Hardware wallet illegal method and system based on biological identification technology | |
| CN104636653A (en) | System method for realizing user identity authentication based on non-contact mode by intelligent terminal equipment | |
| CN103596175A (en) | Mobile intelligent terminal certification system and method based on near field communication technology | |
| CN110582771B (en) | Method and apparatus for performing authentication based on biometric information | |
| Syta et al. | RFID-based authentication middleware for mobile devices | |
| CN105847276A (en) | Access control method and device | |
| KR101294805B1 (en) | 2-channel authentication method and system based on authentication application | |
| US20190028470A1 (en) | Method For Verifying The Identity Of A Person | |
| CN103854177A (en) | Safe E-bank implementation method | |
| CN105187419A (en) | Authentication method, device, terminal and system | |
| Singh | Multi-factor authentication and their approaches |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20150520 |