CN105071939A - User information authentication method and user information authentication system - Google Patents
User information authentication method and user information authentication system Download PDFInfo
- Publication number
- CN105071939A CN105071939A CN201510417209.2A CN201510417209A CN105071939A CN 105071939 A CN105071939 A CN 105071939A CN 201510417209 A CN201510417209 A CN 201510417209A CN 105071939 A CN105071939 A CN 105071939A
- Authority
- CN
- China
- Prior art keywords
- user
- terminal
- certification
- dynamic key
- authentication
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Landscapes
- Information Transfer Between Computers (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The invention provides a user information authentication method and a user information authentication system, wherein the user information authentication method comprises the steps of acquiring user information by an authentication terminal, wherein the user information is uploaded by a user terminal and comprises a user identification and an information abstract value; acquiring a dynamic key by the authentication terminal, performing encryption operation on the user identification and the dynamic key through a preset encryption algorithm, and performing authentication on the information abstract value according to an encryption operation result. According to the user information authentication method and the user information authentication system, in a user information authentication process, real-time network inquiring or local inquiring by the authentication terminal on the user information are not required, and the authentication terminal can quickly feed the authentication result back to the user, thereby improving an authentication efficiency and furthermore improving safety through the dynamic key.
Description
Technical field
The present invention relates to the self-service control field of industrial equipment, in particular to a kind of user information authentication method and system.
Background technology
At present, often need in daily life to carry out certification to user profile, to determine user identity.Such as, user is when obtaining the ticket of its cyber ordering by station terminal, station terminal needs to carry out certification to the user profile of this user, to confirm the passenger identity of this user.
Current, provide a kind of method of user information authentication in correlation technique, comprising: the user profile storing each user in server, the user profile of user is handed down to user terminal by server in advance.When carrying out certification to user profile, certification terminal obtains user profile from user terminal, and this user profile is sent to server.Server carries out certification to this user profile, then authentication result is returned to certification terminal.Certification terminal confirms user identity according to this authentication result.
Realizing in process of the present invention, inventor finds that correlation technique at least exists following problem:
User profile is sent to server by certification terminal, carries out certification by server, needs certain network response time, and especially when network speed is very slow, certification will spend the plenty of time, causes authentication efficiency very low.
Summary of the invention
In view of this, the object of the embodiment of the present invention is to provide a kind of user information authentication method and system, and for the information security of industrial control equipment, achieving certification terminal can carry out certification to user profile fast, improves authentication efficiency.
First aspect, embodiments provide a kind of user information authentication method, described method comprises:
The user profile that the terminal that certification terminal obtains user is uploaded, described user profile comprises user ID and informative abstract value;
Described certification terminal obtains dynamic key, is encrypted computing, carries out certification according to cryptographic calculation result to described informative abstract value by the cryptographic algorithm preset to described user ID and described dynamic key.
In conjunction with first aspect, embodiments provide the first possible implementation of above-mentioned first aspect, wherein, the user profile that the terminal that described certification terminal obtains user is uploaded, comprising:
The Quick Response Code of the terminal demonstration of described certification terminal scanning user, extracts the user profile of user from the described Quick Response Code of scanning; Or,
Described certification terminal sets up the communication connection between the terminal of described user, is obtained the user profile of described user by described communication connection.
In conjunction with first aspect, embodiments provide the implementation that the second of above-mentioned first aspect is possible, wherein, before the user profile that the terminal that described certification terminal obtains user is uploaded, also comprise:
Certification terminal generates dynamic key every the first preset time period, store described dynamic key, and described dynamic key is sent to server, described informative abstract value is sent to the terminal of described user according to described dynamic key for user's information generated digest value to make described server.
In conjunction with the implementation that the second of first aspect is possible, embodiments provide the third possible implementation of above-mentioned first aspect, wherein, described described dynamic key is sent to server before, also comprise:
Described certification terminal obtains dynamic code every the second preset time period from described server, is encrypted described dynamic key by the described dynamic code obtained recently.
In conjunction with first aspect, embodiments provide the 4th kind of possible implementation of above-mentioned first aspect, wherein, described method also comprises:
Certification terminal generates dynamic key every preset time period, according to the user ID of described dynamic key and user, generate the informative abstract value of described user, the user ID of described user and described informative abstract value are sent to server, to make described server, the informative abstract value of described user is transmitted to the terminal of described user.
Second aspect, embodiments provides a kind of method of user information authentication, and described method comprises:
Server receives the authentication-related information that certification terminal sends;
When described authentication-related information comprises mark and the dynamic key of described certification terminal, described server is according to the mark of described certification terminal, inquire about the mark of authorized user corresponding to described certification terminal, according to described dynamic key, for described authorized user information generated digest value, described informative abstract value is sent to the terminal of described authorized user, carry out user information authentication according to described informative abstract value to described certification terminal to make the terminal of described authorized user.
In conjunction with second aspect, embodiments provide the first possible implementation of above-mentioned second aspect, wherein, when described authentication-related information comprises the corresponding relation of user ID and informative abstract value, described server obtains the informative abstract value of user ID and correspondence thereof from described corresponding relation, by the terminal of the user that described informative abstract value sends to described user ID corresponding.
In conjunction with the first possible implementation of second aspect or second aspect, embodiments provide the implementation that the second of above-mentioned second aspect is possible, wherein, described method also comprises:
Described server generates dynamic code every the second preset time period, described dynamic code is sent to the terminal of described certification terminal and described user, encrypt information to be sent to make the terminal of described certification terminal and described user by described dynamic code and deciphered the information received by described dynamic code.
The third aspect, embodiments provide a kind of user information authentication system, described system comprises:
Certification terminal, for generating dynamic key every the first preset time period, storing described dynamic key, and described dynamic key is sent to described server; The user profile that the terminal obtaining user is uploaded, obtain dynamic key, by the cryptographic algorithm preset, computing is encrypted to described user ID and described dynamic key, carry out certification according to cryptographic calculation result to described informative abstract value, described user profile comprises user ID and informative abstract value;
Server, for receiving the authentication-related information that certification terminal sends; When described authentication-related information comprises mark and the dynamic key of described certification terminal, according to the mark of described certification terminal, inquire about the mark of authorized user corresponding to described certification terminal, according to described dynamic key, for described authorized user information generated digest value, described informative abstract value is sent to the terminal of described authorized user.
In conjunction with the third aspect, embodiments provide a kind of possible implementation of the above-mentioned third aspect, wherein,
Described certification terminal, also for generating dynamic key every preset time period, according to the user ID of described dynamic key and user, generating the informative abstract value of described user, the user ID of described user and described informative abstract value is sent to described server;
Described server, also for when described authentication-related information comprises the corresponding relation of user ID and informative abstract value, the informative abstract value of user ID and correspondence is obtained, by the terminal of the user that described informative abstract value sends to described user ID corresponding from described corresponding relation.
In the method and system that the embodiment of the present invention provides, the user profile that the terminal that certification terminal obtains user is uploaded, obtain dynamic key, by the cryptographic algorithm preset, computing is encrypted to user ID and dynamic key, according to cryptographic calculation result, certification is carried out to informative abstract value.Certification terminal is in the process of user information authentication, and do not need to carry out real-time network inquiry to user profile, authentication result can be fed back to user by certification terminal fast, improves authentication efficiency.
For making above-mentioned purpose of the present invention, feature and advantage become apparent, preferred embodiment cited below particularly, and coordinate appended accompanying drawing, be described in detail below.
Accompanying drawing explanation
In order to be illustrated more clearly in the technical scheme of the embodiment of the present invention, be briefly described to the accompanying drawing used required in embodiment below, be to be understood that, the following drawings illustrate only some embodiment of the present invention, therefore the restriction to scope should be counted as, for those of ordinary skill in the art, under the prerequisite not paying creative work, other relevant accompanying drawings can also be obtained according to these accompanying drawings.
Figure 1A shows the Signalling exchange figure of a kind of user information authentication that the embodiment of the present invention 1 provides;
Figure 1B shows the mutual schematic diagram of the first information of a kind of user information authentication that the embodiment of the present invention 1 provides;
Fig. 1 C shows the second information interaction schematic diagram of a kind of user information authentication that the embodiment of the present invention 1 provides;
Fig. 2 shows the structural representation of a kind of user information authentication system that the embodiment of the present invention 2 provides.
Embodiment
Below in conjunction with accompanying drawing in the embodiment of the present invention, be clearly and completely described the technical scheme in the embodiment of the present invention, obviously, described embodiment is only the present invention's part embodiment, instead of whole embodiments.The assembly of the embodiment of the present invention describing and illustrate in usual accompanying drawing herein can be arranged with various different configuration and design.Therefore, below to the detailed description of the embodiments of the invention provided in the accompanying drawings and the claimed scope of the present invention of not intended to be limiting, but selected embodiment of the present invention is only represented.Based on embodiments of the invention, the every other embodiment that those skilled in the art obtain under the prerequisite not making creative work, all belongs to the scope of protection of the invention.
Consider in correlation technique, user profile is sent to server by certification terminal, carries out certification by server, and especially when network speed is very slow, certification needs to spend long time, causes authentication efficiency very low.Based on this, embodiments provide a kind of user information authentication method and system, for the information security of industrial control equipment.Be described below by embodiment.
Embodiment 1
See Figure 1A, embodiments provide a kind of user information authentication method.Wherein, certification terminal generally has corresponding multiple authorized users.In embodiments of the present invention, store the corresponding relation of the mark of certification terminal and the mark of authorized user in advance in the server, the mark of authorized user can be the mark of the terminal of authorized user.When a user carries out certification to this certification terminal, the method that certification terminal can be provided by the embodiment of the present invention carries out rapid authentication to the user profile of this user, to verify that whether the identity of this user is the authorized user of this certification terminal.The method comprises the following steps:
Wherein, when carrying out certification to the user profile of user, the operation of 101-104 as follows is first needed to come for user's configure user information.
Step 101: server generates dynamic code every the second preset time period, dynamic code is sent to the terminal of certification terminal and user;
Above-mentioned second preset time period can be 10 minutes or 30 minutes etc.Above-mentioned dynamic code can be the character string of server stochastic generation or key etc., and server generates a dynamic code every the second preset time period, and each dynamic code generated is all not identical.When server generates new dynamic code at every turn, new dynamic code is sent to certification terminal by the mark according to the certification terminal stored in server, and according to the mark of all authorized users corresponding to this certification terminal stored, the terminal of each authorized user being sent to by new dynamic code this certification terminal corresponding, is all encrypted information to be sent by this dynamic code to make the terminal of certification terminal and all authorized users and is deciphered the information received by dynamic code in subsequent communications process.
Server like this, when carrying out the transmission of information between certification terminal and the terminal of user, the information of transmission all uses dynamic code to encrypt, and improves the fail safe of information transmission.In addition, owing to generating new dynamic code every the second preset time period, such dynamic code is frequently changed, even if malefactor steals dynamic code, its dynamic code stolen also can lose efficacy very soon, thus the fail safe of the information that further ensures in transmitting procedure.
In embodiments of the present invention, server also stores the dynamic code of generation after generating dynamic code, so that use the enciphered message that the terminal of dynamic code decrypted authentication terminal or the user stored sends.Because dynamic code is periodic replacement ground, after server can generate new dynamic code at every turn, delete the old dynamic code of storage and store new dynamic code.
But when dynamic code is changed very frequent, may occur that dynamic code upgrades, but still receive the situation of the information using old dynamic code encryption.In order to avoid this situation occurs, in the embodiment of the present invention, server can also store the dynamic code from the nearest predetermined number of current time, even if multiple old dynamic code is all effective in certain hour.
Step 102: certification terminal generates dynamic key every the first preset time period, obtains dynamic code, be encrypted by the dynamic code obtained recently to dynamic key every the second preset time period from server;
Above-mentioned first preset time period can be 5 minutes or 10 minutes etc.Above-mentioned dynamic key is certification terminal stochastic generation, each dynamic key generated only in the first preset time period after its formation effectively, the length of dynamic key can set according to the actual requirements.And the dynamic key that certification terminal generates is all not identical at every turn.
Certification terminal obtains dynamic code every the second preset time period from server.Generate dynamic code due to server in a step 101 every the second preset time period and dynamic code sent to certification terminal, so the operation that certification terminal in this step obtains dynamic code can be: the dynamic code sent every the second preset time period certification terminal reception server.
In addition, except the mode of above-mentioned acquisition dynamic code, certification terminal can also obtain dynamic code in the following way: every the second preset time period, certification terminal initiatively sends the acquisition request for obtaining dynamic code to server, the dynamic code of up-to-date generation is sent to this certification terminal after receiving the acquisition request of certification terminal transmission by server.
Certification terminal is encrypted by the dynamic key of this dynamic code to up-to-date generation after getting up-to-date dynamic code by aforesaid operations.Wherein, the cryptographic algorithm adopted when being encrypted dynamic key can be symmetric encipherment algorithm or rivest, shamir, adelman etc.
In embodiments of the present invention, by dynamic code, dynamic key is encrypted, improves the fail safe of dynamic key in transmitting procedure.In addition, dynamic code and dynamic key are all frequent replacings, the term of validity is all very short, even if malefactor has stolen dynamic code and successful decryption goes out dynamic key, its dynamic key decrypted also can lose efficacy very soon, so by controlling the term of validity of dynamic code and dynamic key, multiple maintaining secrecy can be carried out to the transmission of dynamic key and storage, further increasing the fail safe of dynamic key.
In embodiments of the present invention, certification terminal gets dynamic code and after generating dynamic key, also dynamic code and dynamic key is stored in terminal local.Because dynamic code and dynamic key are all periodic replacement ground, after certification terminal can get new dynamic code at every turn, delete the old dynamic code of local storage and store new dynamic code.Similarly, after certification terminal can generate new dynamic key at every turn, delete the old dynamic key of local storage and store new dynamic key.
In addition, when dynamic code and dynamic key are changed very frequent, may occur that dynamic code and dynamic key upgrade, but exist and still use old dynamic code and dynamic key and the situation that causes authentification failure.In order to avoid this situation occurs, in the embodiment of the present invention, certification terminal can store dynamic code from the nearest predetermined number of current time and dynamic key, though multiple old dynamic code and multiple old dynamic key all effective in certain hour.
Step 103: the mark of the dynamic key after encryption and certification terminal is formed authentication-related information by certification terminal, and this authentication-related information is sent to server;
Step 104: server receives the authentication-related information that certification terminal sends, the authorized user corresponding according to this authentication-related information authentication query terminal, and is authorized user configure user information;
Server obtains the dynamic code that self stores, and the dynamic key after the encryption comprised this authentication-related information by this dynamic code is decrypted, and obtains dynamic key.The mark of the certification terminal that server comprises according to this authentication-related information, from the mark of certification terminal stored and the mark inquiring corresponding authorized user the corresponding relation of the mark of authorized user.For the mark of each authorized user inquired, the mark of server to dynamic key and authorized user is encrypted computing, obtain the informative abstract value of this authorized user, according to the mark of this authorized user, this informative abstract value is sent to the terminal of authorized user, to make the terminal of this authorized user according to this informative abstract value generating user information.
The informative abstract value of above-mentioned authorized user is the unique identification of authorized user, and for identifying the identity of authorized user, subsequent authentication terminal can determine the authorized user identities of user according to informative abstract value.In embodiments of the present invention, informative abstract value can be represented by the combining form of symbol, numeral or symbol and numeral, can also by representing divided by other form above enumerated.
In embodiments of the present invention, as shown in Figure 1B, the mark of certification terminal and dynamic key are sent to server by certification terminal.The authorized user that this certification terminal of server lookup is corresponding, and the informative abstract value generating authorized user, send to the terminal of user by the digest value of authorized user.Then user profile sends to certification terminal to carry out certification by the terminal of user, and this user profile comprises user ID and informative abstract value.Authorized user corresponding to authentication query terminal is carried out and for authorized user information generated digest value by server, and due to dynamic key be periodic replacement, so server periodically carries out the operation of above-mentioned query manipulation and information generated digest value, avoid each certification and all complete by server the situation that all operations causes response speed slow.User only carries out rapid authentication in certification end side when carrying out certification, and authentication response is fast, and authentication efficiency is high, shortens period of reservation of number simultaneously, improves user experience.
Above-mentioned steps 101-104 is in the process of user's configure user information, and the authorized user that authentication query terminal is corresponding and the operation for authorized user information generated digest value have come by server.But in embodiments of the present invention, the operation of above-mentioned query manipulation and information generated digest value also can be realized by certification terminal, and specific implementation process is as follows:
The user ID of all authorized users corresponding to this certification terminal is stored in advance in certification terminal.Certification terminal generates dynamic key every preset time period, according to the user ID of this dynamic key and each authorized user, generate the informative abstract value of each authorized user respectively, the user ID of each authorized user and informative abstract value are stored in the corresponding relation list of user ID and informative abstract value, using the corresponding relation list of this user ID and informative abstract value as authentication-related information, this authentication-related information is sent to server.After server receives this authentication-related information of certification terminal transmission, user ID and the informative abstract value of each authorized user is obtained from this authentication-related information, then respectively according to the user ID of each authorized user, the informative abstract value of authorized user is sent to the terminal of authorized user, to make the terminal of authorized user according to informative abstract value generating user information.
As shown in Figure 1 C, after certification terminal generates the informative abstract value of authorized user, the user ID of authorized user and informative abstract value are sent to server, and the informative abstract value of authorized user is transmitted to the terminal of user by server.Then user profile sends to certification terminal to carry out certification by the terminal of user.Above-mentioned when realizing the operation of query manipulation and information generated digest value by certification terminal, because dynamic key is periodic replacement, so certification terminal periodic ground carries out the operation of above-mentioned query manipulation and information generated digest value, then the user ID of all authorized users and informative abstract value are sent to server, be transmitted to each authorized user by server.So it also avoid each certification and all complete by server the situation that all operations causes response speed slow.User carries out rapid authentication in certification end side when carrying out certification, and authentication response is fast, and authentication efficiency is high, shortens period of reservation of number simultaneously, improves user experience.
Complete as after user's configure user information by aforesaid operations, can as follows 105 and 106 operation user is carried out to the certification of user profile, to determine the identity of user.
Step 105: the user profile that the terminal that certification terminal obtains user is uploaded, this user profile comprises user ID and informative abstract value;
Above-mentioned user profile can have many forms, as forms such as the graphic code such as Quick Response Code or bar code and text message, fingerprint or induced signals.Accordingly, the user information authentication terminal for different expression form can obtain user profile in several ways, and the obtain manner provided in the embodiment of the present invention is as follows:
When the form of expression of user profile is Quick Response Code, the Quick Response Code of the terminal demonstration of certification terminal scanning user, extracts the user profile of user from the Quick Response Code of scanning;
Similarly, when the form of expression of user profile be other graphic codes such as bar code or fingerprint time also can carry out scanning by certification terminal and obtain;
When user profile is text message or induced signal etc., certification terminal sets up the communication connection between the terminal of user, is obtained the user profile of user by this communication connection.
Above-mentioned communication connection can be wired connection or wireless connections.Wherein, wireless connections can connect for bluetooth, infrared connection, NFC (NearFieldCommunication, near-field communication) connect or WiFi (Wireless-Fidelity, Wireless Fidelity) connect etc.Wired connection can connect for cable, Fiber connection or by USB (UniversalSerialBus, USB) socket connection etc.
After certification terminal gets user profile by the operation of above-mentioned steps 105, the operation of 106 carries out certification to this user profile as follows, to confirm that whether the identity of user is for authorized user.
Step 106: certification terminal obtains dynamic key, is encrypted computing by the cryptographic algorithm preset to user ID and dynamic key, carries out certification according to cryptographic calculation result to informative abstract value.
The cryptographic algorithm preset can be hash encryption algorithm or other non-reversible algorithm etc., can arrange default cryptographic algorithm according to actual needs.
After certification terminal is encrypted computing by the cryptographic algorithm preset to user ID and dynamic key, the informative abstract value result of cryptographic calculation and user profile comprised compares, if it is identical to compare both, then authentication success, determines that the identity of this user is authorized user.If it is not identical to compare both, then authentification failure, determines that the identity of this user is not authorized user.
After authentication operation completes, authentication result is also fed back to user by certification terminal.When the authentication is successful, certification terminal sends the terminal of information to user for pointing out authentication success, to point out user authentication success.When the authentication fails, certification terminal sends the terminal of information to user for pointing out authentification failure, to point out this user for unauthorized user.
In the method that the embodiment of the present invention provides, the user profile that the terminal that certification terminal obtains user is uploaded, obtain dynamic key, by the cryptographic algorithm preset, computing is encrypted to user ID and dynamic key, according to cryptographic calculation result, certification is carried out to informative abstract value.Certification terminal is in the process of user information authentication, and do not need to carry out real-time network inquiry to user profile, authentication result can be fed back to user by certification terminal fast, improves authentication efficiency.
Embodiment 2
See Fig. 2, embodiments provide a kind of user information authentication system, this system is used for realizing above-mentioned user information authentication method.This system comprises certification terminal 1 and server 2.
Certification terminal 1, for generating dynamic key every the first preset time period, storing dynamic key, and dynamic key is sent to server 2; The user profile that the terminal obtaining user is uploaded, obtain dynamic key, be encrypted computing by the cryptographic algorithm preset to user ID and dynamic key, carry out certification according to cryptographic calculation result to informative abstract value, user profile comprises user ID and informative abstract value;
Server 2, for receiving the authentication-related information that certification terminal 1 sends; When authentication-related information comprises mark and the dynamic key of certification terminal 1, according to the mark of certification terminal 1, the mark of the authorized user of authentication query terminal 1 correspondence, according to dynamic key, for authorized user information generated digest value, informative abstract value is sent to the terminal of authorized user.
In the present embodiment, provide a kind of system realizing user information authentication method, certification terminal 1 can be the information recognition devices such as self-help terminal equipment.Such as certification terminal 1 can be the industrial control equipments such as ticket machine, picking machine or electronic access.
When user request information certification, certification terminal 1 can obtain user profile from user terminal, if this user profile is encrypted, then first this user profile is decrypted, obtain the dynamic key self stored, the cryptographic calculation then by presetting is encrypted computing to the user ID that this dynamic key and user profile comprise, and the informative abstract value in cryptographic calculation result and user profile is compared, if both are consistent, authentication success, if both are inconsistent, authentification failure.
Server 2 can the user profile of the mark of authentication storage terminal and each authorized user corresponding to this certification terminal.Server 2 carrys out each authorized user configure user information for this certification terminal 1 correspondence according to the dynamic key that certification terminal 1 sends.
Certification terminal 1, server 2 and user terminal are according to the method for user information authentication, and when network speed is very slow, can carry out certification rapidly to user profile, the time that verification process spends is very short, improves authentication efficiency.
In embodiments of the present invention, certification terminal 1 is also for generating dynamic key every preset time period, according to the user ID of dynamic key and user, generate the informative abstract value of user, using the user ID of user and informative abstract value as authentication-related information, this authentication-related information is sent to server 2, by server 2, the informative abstract value of user is transmitted to the terminal of user.
Certification terminal 1 can generate the informative abstract value of user by the computing module of self, and by dispensing device, the user ID of user and informative abstract value is sent to server 2.
Server 2 is also for comprising the corresponding relation of user ID and informative abstract value during when authentication-related information, from corresponding relation, obtain the informative abstract value of user ID and correspondence, by the terminal of the user that informative abstract value sends to user ID corresponding.
In the method that the embodiment of the present invention provides, the user profile that the terminal that certification terminal obtains user is uploaded, obtain dynamic key, by the cryptographic algorithm preset, computing is encrypted to user ID and dynamic key, according to cryptographic calculation result, certification is carried out to informative abstract value.Certification terminal is in the process of user information authentication, and do not need to carry out real-time network inquiry to user profile, authentication result can be fed back to user by certification terminal fast, improves authentication efficiency.
In several embodiments that the application provides, should be understood that disclosed system and method can realize by another way.System embodiment described above is only schematic.
The above; be only the specific embodiment of the present invention, but protection scope of the present invention is not limited thereto, is anyly familiar with those skilled in the art in the technical scope that the present invention discloses; change can be expected easily or replace, all should be encompassed within protection scope of the present invention.Therefore, protection scope of the present invention should described be as the criterion with the protection range of claim.
Claims (10)
1. a user information authentication method, is characterized in that, described method comprises:
The user profile that the terminal that certification terminal obtains user is uploaded, described user profile comprises user ID and informative abstract value;
Described certification terminal obtains dynamic key, is encrypted computing, carries out certification according to cryptographic calculation result to described informative abstract value by the cryptographic algorithm preset to described user ID and described dynamic key.
2. method according to claim 1, is characterized in that, the user profile that the terminal that described certification terminal obtains user is uploaded, and comprising:
The Quick Response Code of the terminal demonstration of described certification terminal scanning user, extracts the user profile of user from the described Quick Response Code of scanning; Or,
Described certification terminal sets up the communication connection between the terminal of described user, is obtained the user profile of described user by described communication connection.
3. method according to claim 1, is characterized in that, before the user profile that the terminal that described certification terminal obtains user is uploaded, also comprises:
Certification terminal generates dynamic key every the first preset time period, store described dynamic key, and described dynamic key is sent to server, described informative abstract value is sent to the terminal of described user according to described dynamic key for user's information generated digest value to make described server.
4. method according to claim 3, is characterized in that, described described dynamic key is sent to server before, also comprise:
Described certification terminal obtains dynamic code every the second preset time period from described server, is encrypted described dynamic key by the described dynamic code obtained recently.
5. method according to claim 1, is characterized in that, described method also comprises:
Certification terminal generates dynamic key every preset time period, according to the user ID of described dynamic key and user, generate the informative abstract value of described user, the user ID of described user and described informative abstract value are sent to server, to make described server, the informative abstract value of described user is transmitted to the terminal of described user.
6. a user information authentication method, is characterized in that, described method comprises:
Server receives the authentication-related information that certification terminal sends;
When described authentication-related information comprises mark and the dynamic key of described certification terminal, described server is according to the mark of described certification terminal, inquire about the mark of authorized user corresponding to described certification terminal, according to described dynamic key, for described authorized user information generated digest value, described informative abstract value is sent to the terminal of described authorized user, carry out user information authentication according to described informative abstract value to described certification terminal to make the terminal of described authorized user.
7. method according to claim 6, it is characterized in that, when described authentication-related information comprises the corresponding relation of user ID and informative abstract value, described server obtains the informative abstract value of user ID and correspondence thereof from described corresponding relation, by the terminal of the user that described informative abstract value sends to described user ID corresponding.
8. the method according to claim 6 or 7, is characterized in that, described method also comprises:
Described server generates dynamic code every the second preset time period, described dynamic code is sent to the terminal of described certification terminal and described user, encrypt information to be sent to make the terminal of described certification terminal and described user by described dynamic code and deciphered the information received by described dynamic code.
9. a user information authentication system, is characterized in that, described system comprises:
Certification terminal, for generating dynamic key every the first preset time period, storing described dynamic key, and described dynamic key is sent to described server; The user profile that the terminal obtaining user is uploaded, obtain dynamic key, by the cryptographic algorithm preset, computing is encrypted to described user ID and described dynamic key, carry out certification according to cryptographic calculation result to described informative abstract value, described user profile comprises user ID and informative abstract value;
Server, for receiving the authentication-related information that certification terminal sends; When described authentication-related information comprises mark and the dynamic key of described certification terminal, according to the mark of described certification terminal, inquire about the mark of authorized user corresponding to described certification terminal, according to described dynamic key, for described authorized user information generated digest value, described informative abstract value is sent to the terminal of described authorized user.
10. system according to claim 9, is characterized in that,
Described certification terminal, also for generating dynamic key every preset time period, according to the user ID of described dynamic key and user, generating the informative abstract value of described user, the user ID of described user and described informative abstract value is sent to described server;
Described server, also for when described authentication-related information comprises the corresponding relation of user ID and informative abstract value, the informative abstract value of user ID and correspondence is obtained, by the terminal of the user that described informative abstract value sends to described user ID corresponding from described corresponding relation.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510417209.2A CN105071939B (en) | 2015-07-15 | 2015-07-15 | A kind of user information authentication method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510417209.2A CN105071939B (en) | 2015-07-15 | 2015-07-15 | A kind of user information authentication method and system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN105071939A true CN105071939A (en) | 2015-11-18 |
| CN105071939B CN105071939B (en) | 2018-12-28 |
Family
ID=54501226
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510417209.2A Active CN105071939B (en) | 2015-07-15 | 2015-07-15 | A kind of user information authentication method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105071939B (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107517179A (en) * | 2016-06-15 | 2017-12-26 | 阿里巴巴集团控股有限公司 | A kind of method for authenticating, device and system |
| CN109618326A (en) * | 2018-07-03 | 2019-04-12 | 劳伦斯·刘 | User's dynamic identifier generation method and service registration method, login validation method |
| CN112291774A (en) * | 2020-12-31 | 2021-01-29 | 飞天诚信科技股份有限公司 | Method and system for communicating with authenticator |
| CN114785845A (en) * | 2022-04-13 | 2022-07-22 | 浙江大华技术股份有限公司 | Session establishing method and device, storage medium and electronic device |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6076164A (en) * | 1996-09-03 | 2000-06-13 | Kokusai Denshin Denwa Co., Ltd. | Authentication method and system using IC card |
| CN101232372A (en) * | 2007-01-26 | 2008-07-30 | 华为技术有限公司 | Authentication method, authentication system and authentication device |
| CN102497354A (en) * | 2011-11-08 | 2012-06-13 | 陈嘉贤 | Method, system and device for identifying user's identity |
| CN102946384A (en) * | 2012-10-24 | 2013-02-27 | 北京奇虎科技有限公司 | User authentication method and device |
| CN104217478A (en) * | 2014-08-13 | 2014-12-17 | 王波 | Hotel Bluetooth access control intelligent management method |
-
2015
- 2015-07-15 CN CN201510417209.2A patent/CN105071939B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6076164A (en) * | 1996-09-03 | 2000-06-13 | Kokusai Denshin Denwa Co., Ltd. | Authentication method and system using IC card |
| CN101232372A (en) * | 2007-01-26 | 2008-07-30 | 华为技术有限公司 | Authentication method, authentication system and authentication device |
| CN102497354A (en) * | 2011-11-08 | 2012-06-13 | 陈嘉贤 | Method, system and device for identifying user's identity |
| CN102946384A (en) * | 2012-10-24 | 2013-02-27 | 北京奇虎科技有限公司 | User authentication method and device |
| CN104217478A (en) * | 2014-08-13 | 2014-12-17 | 王波 | Hotel Bluetooth access control intelligent management method |
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107517179A (en) * | 2016-06-15 | 2017-12-26 | 阿里巴巴集团控股有限公司 | A kind of method for authenticating, device and system |
| CN109618326A (en) * | 2018-07-03 | 2019-04-12 | 劳伦斯·刘 | User's dynamic identifier generation method and service registration method, login validation method |
| CN109618326B (en) * | 2018-07-03 | 2021-06-18 | 劳伦斯·刘 | User dynamic identifier generation method, service registration method and login verification method |
| CN112291774A (en) * | 2020-12-31 | 2021-01-29 | 飞天诚信科技股份有限公司 | Method and system for communicating with authenticator |
| CN112291774B (en) * | 2020-12-31 | 2021-03-16 | 飞天诚信科技股份有限公司 | Method and system for communicating with authenticator |
| WO2022142874A1 (en) * | 2020-12-31 | 2022-07-07 | 飞天诚信科技股份有限公司 | Method and system for communicating with authenticator |
| CN114785845A (en) * | 2022-04-13 | 2022-07-22 | 浙江大华技术股份有限公司 | Session establishing method and device, storage medium and electronic device |
| CN114785845B (en) * | 2022-04-13 | 2023-08-29 | 浙江大华技术股份有限公司 | Session establishment method and device, storage medium and electronic device |
Also Published As
| Publication number | Publication date |
|---|---|
| CN105071939B (en) | 2018-12-28 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101165701B (en) | Methods and systems for providing radio frequency identification (RFID) security mutual authentication | |
| CN107358441B (en) | Payment verification method and system, mobile device and security authentication device | |
| US20080258864A1 (en) | Communication Apparatus and Communication Method | |
| CN105205898A (en) | Electronic code permission management system for intelligent lock | |
| CN108650028B (en) | Multiple identity authentication system and method based on quantum communication network and true random number | |
| CN101772024B (en) | User identification method, device and system | |
| CN104349947A (en) | Authentication system and authentication method | |
| CN103875006A (en) | Radio frequency identification technology incorporating cryptographics | |
| WO2010077910A3 (en) | Enhanced security for direct link communications | |
| CN108667791B (en) | Identity authentication method | |
| CN102664898A (en) | Fingerprint identification-based encrypted transmission method, fingerprint identification-based encrypted transmission device and fingerprint identification-based encrypted transmission system | |
| JP5380583B1 (en) | Device authentication method and system | |
| CN103051641A (en) | Method and system for updating multiple-client key, and information security transmission method | |
| CN105071939A (en) | User information authentication method and user information authentication system | |
| CN109041263B (en) | TBox Bluetooth connection method and device | |
| CN104270244A (en) | NFC encryption method and system | |
| CN110738776B (en) | Method and system for opening Bluetooth access control, Bluetooth device and working method thereof | |
| CN103297224A (en) | Encryption key information distribution method and related device | |
| CN105142134A (en) | Parameter obtaining and transmission methods/devices | |
| CN103152326A (en) | Distributed authentication method and authentication system | |
| CN106416187B (en) | Use the network node safety of short range communication | |
| KR100559958B1 (en) | System and Method for Intermediate of Authentication Tool Between Mobile Communication Terminal | |
| CN112564901B (en) | Method and system for generating secret key, storage medium and electronic device | |
| CN104506509A (en) | Multifunctional security authentication terminal and authentication method based on terminal | |
| CN109472890A (en) | intelligent lock and intelligent lock control method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |