CN103514408B - Mobile device and data access authentication method thereof - Google Patents
Mobile device and data access authentication method thereof Download PDFInfo
- Publication number
- CN103514408B CN103514408B CN201210210370.9A CN201210210370A CN103514408B CN 103514408 B CN103514408 B CN 103514408B CN 201210210370 A CN201210210370 A CN 201210210370A CN 103514408 B CN103514408 B CN 103514408B
- Authority
- CN
- China
- Prior art keywords
- user
- mobile device
- information
- use information
- answer
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/316—User authentication by observing the pattern of computer usage, e.g. typical user behaviour
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/45—Structures or tools for the administration of authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2103—Challenge-response
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2141—Access rights, e.g. capability lists, access control lists, access tables, access matrices
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- General Health & Medical Sciences (AREA)
- Health & Medical Sciences (AREA)
- Social Psychology (AREA)
- Databases & Information Systems (AREA)
- Bioethics (AREA)
- Storage Device Security (AREA)
- Telephone Function (AREA)
Abstract
A kind of mobile device and data access authentication method thereof, this mobile device includes information acquisition module and authentication question generator.This information acquisition module periodically records user and uses the use information of this mobile device, and this use information is stored in an information database.When needing the request of data of certification in receiving a user and accessing mobile device, this authentication question generator is random from this information database reads a use information, and carries out puing question to certification according to use information one safety certification problem of generation of this reading.If the answer of user's input is correct, then allow user accesses data.The mobile device of the present invention can automatically record daily use information, and stochastic generation safety certification problem according to user to the service condition of this mobile device, thus strengthens the safeguard protection of data access.The data access authentication method of the present invention is simple to operate, and allows user without memorizing mechanically password, and is avoided that because of leakage password or forgets Password and the puzzlement that brings.
Description
Technical field
The present invention relates to information security field, particularly relate to a kind of mobile device remembering user's service condition and data access authentication method thereof.
Background technology
Information security is the most all subject to people's attention, and in order to strengthen the safety of protection information, people also find out various cipher mode, for example with the password deciphering being made up of numeral, letter, symbol etc., input gesture deciphering, setting problem deciphering etc. of correctly answering a question.But, the encrypting and decrypting mode of these routines is easy to leakage or user easily forgets correct password, so that information security exists hidden danger, brings deciphering trouble also to user self.Therefore, how to guarantee information security, but be not required to user and specially go to memorize mechanically one of password key issue becoming people's attention.
Summary of the invention
In view of this, it is necessary to provide a kind of mobile device and data access authentication method thereof, to solve the problems referred to above.
A kind of mobile device, including:
One information acquisition module, uses the use information of this mobile device for periodically recording a user;
One information database, for preserving the use information of this record;
One authentication question generator, for when needing the request of data of certification in receiving a user and accessing mobile device, from this information database, random reading one uses information, and carries out puing question to certification according to use information one safety certification problem of generation of this reading;
One interface generation module, generates an authentication interface to show this safety certification problem and to receive the input answer of user for the safety certification problem according to this generation;And
One authentication module, for the answer that user inputs being compared with the use information that this authentication question generator reads, and judges that the answer that user inputs is the most correct, if the answer of user's input is correct, then allows user accesses data;Otherwise, then the request of user accesses data is refused.
A kind of data access authentication method, comprises the following steps:
Periodically record a user and use the use information of a mobile device, and this use information is saved in an information database;
When needing the request of data of certification in receiving a user and accessing this mobile device, from this information database, random reading one uses information, and carries out puing question to certification according to use information one safety certification problem of generation of this reading;
Safety certification problem according to this generation generates an authentication interface to show this safety certification problem and to receive the input answer of user;And
The answer of user's input is compared with the use information of this reading, and judges that the answer that user inputs is the most correct, if the answer of user's input is correct, then allow user accesses data;Otherwise, then the request of user accesses data is refused.
The mobile device of the present invention can record daily use information according to user to the service condition of this mobile device automatically; and stochastic generation safety certification problem; make disabled user be difficult to provide correct authentication information cannot access protected data, thus strengthen the safeguard protection of data access.The data access authentication method of the present invention is simple to operate, and allows user without memorizing mechanically password, and is avoided that because of leakage password or forgets Password and the puzzlement that brings.
Accompanying drawing explanation
The functional block diagram of a kind of mobile device that Fig. 1 provides for the present invention.
Fig. 2 is the data access authentication method flow chart of the present invention.
Main element symbol description
Mobile device | 100 |
Clock module | 20 |
GPS module | 30 |
Application management module | 40 |
Information acquisition module | 50 |
Information database | 60 |
Authentication question generator | 70 |
Interface generation module | 80 |
Authentication module | 90 |
Step | S201~S204 |
Following detailed description of the invention will further illustrate the present invention in conjunction with above-mentioned accompanying drawing.
Detailed description of the invention
Refer to Fig. 1, for the functional block diagram of a kind of mobile device 100 that the present invention provides.For convenience of description, illustrate only the part relevant to the embodiment of the present invention.This mobile device 100 includes: clock module 20, global positioning system (GPS) module 30, application management module 40, information acquisition module 50, information database 60, authentication question generator 70, interface generation module 80 and authentication module 90.Wherein, the concrete function that this each functional module of mobile device 100 performs will be described in detail as follows.
Refer to Fig. 2, for the data access authentication method flow chart of the present invention.The method comprises the following steps:
Step S201, this information acquisition module 50 periodically records a user and uses the use information of this mobile device 100, and this use information is saved in this information database 60 (such as at interval of a week).The use information of this record can be made up of multiple elements, such as include but not limited to: the system time recorded by clock module 20, by the positional information of the mobile device 100 that GPS module 30 records, the user recorded by application management module 40 uses the application information of mobile device, and other data.In present embodiment, consisting of of this use information: (system time, gps data, current application program, other data), wherein, corresponding to the moment of the system time of record, browse webpage as user is currently in use browser, then these other data can be the name of a webpage;Playing music as user is currently in use music player, these other data can be the name of a music file;As gps data recurs change, then these other data can be the mode that current mobile device moves, the speed such as changed according to this gps data, it is judged that this mobile device is to move with walking, the mode such as by bus, and walking, the mode such as by bus are recorded as this other data;For another example receive an envelope mail, a phone or a short message, then these other data can be the name of communication counterpart.
Step S202, when needing the request of data of certification in receiving a user and accessing mobile device 100, authentication question generator 70 is random from this information database 60 reads a use information, and carries out puing question to certification according to use information one safety certification problem (Security Questions) of generation of this reading.This safety certification problem can comprise this all or part of element of use information read, and such as this safety certification problem may is that who rang/send out mail/sent out short message to you at nearest 10 days?August 30 about 17:00 you where/what does?... etc..
Step S203, interface generation module 80 generates an authentication interface to show this safety certification problem and to receive the input answer of user according to the safety certification problem that authentication question generator 70 generates.
Step S204, the use information that the answer that user is inputted by this authentication module 90 is read with this authentication question generator 70 is compared, and is judged that the answer that user inputs is the most correct.If the answer of user's input is correct, then allow user accesses data;If the answer mistake of user's input, then refuse the request of user accesses data.
The mobile device of the present invention can record daily use information according to user to the service condition of this mobile device automatically; and stochastic generation safety certification problem; make disabled user be difficult to provide correct authentication information cannot access protected data, thus strengthen the safeguard protection of data access.The data access authentication method of the present invention is simple to operate, and allows user without memorizing mechanically password, and is avoided that because of leakage password or forgets Password and the puzzlement that brings.
Those skilled in the art will be appreciated that; above embodiment is intended merely to the present invention is described; and it is not used as limitation of the invention; as long as within the spirit of the present invention, that is made above example suitably changes and changes all to fall within the scope of protection of present invention.
Claims (8)
1. a mobile device, including:
One information acquisition module, uses making of this mobile device for periodically recording a user
By information, described use information includes that described user uses multiple application journeys of described mobile device
Sequence information;
One information database, for preserving the use information of this record;
One authentication question generator, needs to recognize for working as to receive in a user accesses mobile device
During the request of data of card, random from this information database read one and use information, and root
Generate a safety certification problem according to the use information of this reading to carry out puing question to certification;
One interface generation module, generates a certification for the safety certification problem according to this generation
Interface is to show this safety certification problem and to receive the input answer of user;And
One authentication module, answer and this authentication question generator for user being inputted reads
Use information is compared, and judges that the answer that user inputs is the most correct, if user's input
Answer correct, then allow user accesses data;Otherwise, then asking of user accesses data is refused
Ask.
2. mobile device as claimed in claim 1, it is characterised in that the use letter of this record
Breath is made up of multiple elements.
3. mobile device as claimed in claim 2, it is characterised in that also include clock module,
GPS module and application management module, the use information of this record includes passing through
The system time of clock module record, by the mobile device of GPS module record
Positional information, uses the application journey of mobile device by the user of application management module record
Sequence information.
4. mobile device as claimed in claim 3, it is characterised in that this safety certification problem
Comprise all or part of element of this use information read.
5. a data access authentication method, comprises the following steps:
Periodically record a user and use the use information of a mobile device, and this use is believed
Breath is saved in an information database, and described use information includes that described user uses described movement
Multiple application informations of equipment;
When needing the request of data of certification in receiving a user and accessing this mobile device, from
In this information database, random reading one uses information, and the use information according to this reading is raw
A safety certification problem is become to carry out puing question to certification;
Safety certification problem according to this generation generates an authentication interface to show this safety certification
Problem and the input answer of reception user;And
The answer of user's input is compared with the use information of this reading, and judges that user is defeated
The answer entered is the most correct, if the answer of user's input is correct, then allows user accesses data;
Otherwise, then the request of user accesses data is refused.
6. method as claimed in claim 5, it is characterised in that the use information of this record by
Multiple elements are constituted.
7. method as claimed in claim 6, it is characterised in that the use information of this record is also
Including system time, the positional information of mobile device.
8. method as claimed in claim 7, it is characterised in that this safety certification problem comprises
All or part of element of this use information read.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201210210370.9A CN103514408B (en) | 2012-06-25 | 2012-06-25 | Mobile device and data access authentication method thereof |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201210210370.9A CN103514408B (en) | 2012-06-25 | 2012-06-25 | Mobile device and data access authentication method thereof |
Publications (2)
Publication Number | Publication Date |
---|---|
CN103514408A CN103514408A (en) | 2014-01-15 |
CN103514408B true CN103514408B (en) | 2016-08-10 |
Family
ID=49897113
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201210210370.9A Active CN103514408B (en) | 2012-06-25 | 2012-06-25 | Mobile device and data access authentication method thereof |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN103514408B (en) |
Families Citing this family (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105337928B (en) * | 2014-06-24 | 2019-09-13 | 阿里巴巴集团控股有限公司 | Method for identifying ID, safety protection problem generation method and device |
CN104102864A (en) * | 2014-07-30 | 2014-10-15 | 宇龙计算机通信科技(深圳)有限公司 | Terminal screen locking password resetting method, resetting system and terminal |
CN107911394A (en) * | 2017-12-29 | 2018-04-13 | 福建师范大学 | User's Mi Bao Verification Systems of smart mobile phone short-period used data |
CN109587276A (en) * | 2019-01-11 | 2019-04-05 | 中钞信用卡产业发展有限公司杭州区块链技术研究院 | A kind of data back up method, system and associated component |
WO2021062691A1 (en) * | 2019-09-30 | 2021-04-08 | Citrix Systems, Inc. | Behavior-based authentication |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102047281A (en) * | 2008-02-15 | 2011-05-04 | 卡普查爱德有限责任公司 | CAPTCHA advertising |
CN102317903A (en) * | 2009-03-06 | 2012-01-11 | 费斯布克公司 | Using social information for authenticating a user session |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2005006202A1 (en) * | 2003-07-15 | 2005-01-20 | Hitoshi Kokumai | Individual authentication method using a recording medium and individual authentication system using a recording medium |
-
2012
- 2012-06-25 CN CN201210210370.9A patent/CN103514408B/en active Active
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102047281A (en) * | 2008-02-15 | 2011-05-04 | 卡普查爱德有限责任公司 | CAPTCHA advertising |
CN102317903A (en) * | 2009-03-06 | 2012-01-11 | 费斯布克公司 | Using social information for authenticating a user session |
Also Published As
Publication number | Publication date |
---|---|
CN103514408A (en) | 2014-01-15 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN103077356B (en) | Protecting and tracking method for primary information of mobile terminal based on user behavior pattern | |
CN103514408B (en) | Mobile device and data access authentication method thereof | |
KR101429563B1 (en) | Method and apparatus for unlocking operating system | |
CN104735021B (en) | A kind of account number login method, device and system | |
CN102710847A (en) | Method for managing access of multiple visitors to mobile terminal | |
CN101827148A (en) | Fingerprint identification system applied to mobile phone and operating method thereof | |
CN101616003B (en) | Password-protecting system and method | |
CN103731475B (en) | A kind of data protection system | |
CN103167169A (en) | Terminal unlocking method and terminal unlocking device | |
CN107689097B (en) | Synchronizing Passwords based on frequency hopping generate and verify system and its application | |
EP2693782B1 (en) | Method for backuping and recovering data of mobile terminal and mobile terminal thereof | |
CN103840944A (en) | Short message authentication method, server and system | |
CN105631959A (en) | Attendance checking method and system | |
CN102883047A (en) | Method and system for realizing data security of intelligent mobile terminals | |
CN102571359A (en) | Method for certificating cloud desktop based on smart card | |
CN102075627A (en) | Information prompting method and mobile terminal | |
CN104318286A (en) | NFC label data management method and system and terminal | |
CN102891749A (en) | Method and communication terminal for data encryption | |
CN103581441A (en) | Mobile terminal tracking anti-theft system and method | |
US8984599B2 (en) | Real time password generation apparatus and method | |
CN103020505A (en) | Information management system and information management method based on fingerprint identification | |
CN103391349A (en) | Method of keeping secrets of terminal and terminal | |
CN106559386A (en) | A kind of authentication method and device | |
US9198028B2 (en) | Communication system, mobile communication apparatus and switching method of subscriber identification information | |
CN105138887B (en) | A kind of input method of log-on message, device and terminal device |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C14 | Grant of patent or utility model | ||
GR01 | Patent grant | ||
TR01 | Transfer of patent right | ||
TR01 | Transfer of patent right |
Effective date of registration: 20180226 Address after: Shanghai City, Songjiang Export Processing Zone South Road No. 1925 Patentee after: Ambit Microsystems (Shanghai) Co., Ltd. Address before: 201613 Shanghai City, Songjiang District Songjiang Export Processing Zone South Road No. 1925 Co-patentee before: Hon Hai Precision Industry Co., Ltd. Patentee before: Ambit Microsystems (Shanghai) Co., Ltd. |