CN105323355A - Android privacy protection system based on palm print recognition - Google Patents
Android privacy protection system based on palm print recognition Download PDFInfo
- Publication number
- CN105323355A CN105323355A CN201510609322.0A CN201510609322A CN105323355A CN 105323355 A CN105323355 A CN 105323355A CN 201510609322 A CN201510609322 A CN 201510609322A CN 105323355 A CN105323355 A CN 105323355A
- Authority
- CN
- China
- Prior art keywords
- android
- client
- protection system
- file
- system based
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000004891 communication Methods 0.000 claims abstract description 11
- 238000000151 deposition Methods 0.000 claims 1
- 238000000034 method Methods 0.000 abstract description 11
- 238000005516 engineering process Methods 0.000 description 5
- 238000000605 extraction Methods 0.000 description 3
- 230000005540 biological transmission Effects 0.000 description 2
- 238000010586 diagram Methods 0.000 description 2
- 230000006870 function Effects 0.000 description 2
- 238000012544 monitoring process Methods 0.000 description 2
- 230000026676 system process Effects 0.000 description 2
- 238000012546 transfer Methods 0.000 description 2
- 241001269238 Data Species 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 239000000284 extract Substances 0.000 description 1
- 230000001815 facial effect Effects 0.000 description 1
- 238000004321 preservation Methods 0.000 description 1
- 238000011946 reduction process Methods 0.000 description 1
- 238000011160 research Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04M—TELEPHONIC COMMUNICATION
- H04M1/00—Substation equipment, e.g. for use by subscribers
- H04M1/68—Circuit arrangements for preventing eavesdropping
- H04M1/70—Lock-out or secrecy arrangements in party-line systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
- G06F21/121—Restricting unauthorised execution of programs
- G06F21/125—Restricting unauthorised execution of programs by manipulating the program code, e.g. source code, compiled code, interpreted code, machine code
- G06F21/126—Interacting with the operating system
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/32—User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04M—TELEPHONIC COMMUNICATION
- H04M1/00—Substation equipment, e.g. for use by subscribers
- H04M1/72—Mobile telephones; Cordless telephones, i.e. devices for establishing wireless links to base stations without route selection
- H04M1/724—User interfaces specially adapted for cordless or mobile telephones
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- General Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- Signal Processing (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Health & Medical Sciences (AREA)
- Computer Networks & Wireless Communication (AREA)
- Human Computer Interaction (AREA)
- Multimedia (AREA)
- Technology Law (AREA)
- Telephone Function (AREA)
Abstract
The invention provides an Android privacy protection system based on palm print recognition. The protection system adopts palm print recognition as an identity authentication method, combines palm print recognition and protection of the personal privacy and sharing resources, and carries out multi-directional and multi-dimensional protection on documents, applications, communications and passwords on a mobile phone and the sharing resources on a remote server on an Android platform. The whole system is divided into a client and a server side, wherein palm print recognition, local privacy protection and secure access to the remote resources are realized by the client, and meanwhile, a palm print recognition algorithm based on texture element statistical characteristics is provided. Encrypted storage and role-based access control for the sharing resources are realized by the server side. The client is communicated with the server side through a secure channel combining domestic cryptographic SM4 and RSA algorithms. In addition, document resources in the client and the server side are encrypted through the SM4 algorithm, the time limits of the document resources are arranged, the document resources can be automatically deleted when exceeding the time limit, and more guarantee is provided for privacy.
Description
Technical field
The present invention relates to software field, particularly a kind of Android intimacy protection system based on personal recognition.
Background technology
Along with the develop rapidly of intelligent mobile terminal, increasing people start to be accustomed to face on the mobile apparatus and store a large amount of individual privacy information if address list, message registration, short message, geographical position, vital document and some business informations etc. are to improve the efficiency of study, work, life.But the many reasons such as the loss of mobile device, other people malice are checked, the loss of password can cause privacy leakage, these private datas are concerning most important user, and user does not wish that these data are illegally obtained by other people and use.Therefore study and improve the safety of mobile device, to authenticating user identification and privacy information protection very important.
Traditional identity identifying method has identity-based to identify knowledge and identity-based marking articles, but this two kinds of methods exist easily crack, easily steal, easily lose, the problem such as difficult memory.In recent ten years, researcher proposes biometrics identification technology.Compared with traditional identity authentication mode, biometrics identification technology need not consider the problem of carrying, almost can not forge and without the need to memory.Most outstanding feature is exactly easy to use, simultaneously more safe, reliable and effective.The development of this technology is very fast, and oneself can be applied to very easily in the various occasions of nowadays informationized society go through achieving a lot of achievement in research.
At present, many biometrics identification technologies are used to be fingerprint and recognition of face at mobile device.Fingerprint recognition is divided into contact and contactless.Contact fingerprint recognition needs a special hardware module, and current most mobile device does not possess this condition.For contactless, because the pickup area of fingerprint is less, it just needs the image of very high definition could obtain higher accuracy of identification, and common mobile device is also difficult to accomplish this point.Two kinds of modes of fingerprint recognition require all very high to hardware device, do not have generality.The uniqueness of recognition of face is poor, and facial image is easy to be obtained by other people.By contrast, the hardware cost of personal recognition is low, has applicability and uniqueness, and generally palmprint image is not easily obtained by other people, is also highly suitable for mobile device.
Consider the many advantages of personal recognition; personal recognition can be adopted as identification authentication mode; it is combined with secret protection, Android mobile terminal realizes the multi-faceted protection to shared file on mobile phone files, application, address list, note and far-end server.
Summary of the invention
The object of the invention is to the Privacy Protection for mobile device, propose a kind of Android intimacy protection system based on personal recognition, to improve fail safe and the privacy of Android device data.
For achieving the above object, the invention provides a kind of Android intimacy protection system based on personal recognition, comprise personal recognition authentication module, local secret protection module, far-end shared resource protection module.Wherein said local secret protection module comprises procedure lock again, and private file is protected, privacy communication protection and code book four submodules.
Personal recognition authentication module of the present invention can realize user when each use native system, and all need to carry out palmprint authentication, authentication success just can enter native system, otherwise cannot enter native system.
Procedure lock module of the present invention can realize user for the application program on cell phone system and lock.When opening the application program locked at every turn, all need to carry out palmprint authentication and just can open.
Private file protection module of the present invention can realize user for the file on cell phone system and be encrypted.
File after encryption cannot show on the file manager of cell phone system, and can only browse in the present system.
Privacy communication protection module of the present invention can realize user and private contact carries out private communication.After user adds private contact on native system, the note that this number is sent, by protected, can only be read in the present system, and the incoming call of this number also can preset interception.
Code book module of the present invention can realize account and the password that user preserves e-mail, website etc. on native system.Data wherein are all encrypted preservation with domestic cryptographic algorithm SM4.
Far-end shared resource protection module of the present invention can realize user and conduct interviews according to the shared resource of its own right to far-end.
Accompanying drawing explanation
Fig. 1 is system function module figure of the present invention.
Fig. 2 is system architecture diagram of the present invention.
Fig. 3 is the flow chart of personal recognition certification.
Fig. 4 is the secure communication flow chart of client and server
Embodiment
Below in conjunction with accompanying drawing, the specific embodiment of the present invention is described.
Fig. 1 is system function module figure of the present invention, and the present invention is a kind of Android intimacy protection system based on personal recognition, comprises personal recognition authentication module, local secret protection module, far-end shared resource protection module.Personal recognition authentication module is divided into again palmmprint to register/revise and palmmprint verifies two submodules; Local secret protection module is divided into procedure lock again, and private file is protected, privacy communication protection and code book four submodules; Far-end shared resource protection module is divided into again user's registration/certification and shared resource to access two submodules;
Fig. 2 is system architecture diagram of the present invention, and system is divided into client and service end.Client realizes personal recognition certification, the protection of local privacy and the secure access to remote resource.Propose the palm-print identifying arithmetic based on texture primitive statistical nature.Service end realization is to the cryptographic storage of shared resource and access control based roles.
Fig. 3 is the flow chart of personal recognition certification.In personal recognition authentication module, personal recognition is mainly divided into palmmprint to register and palmprint authentication two modules.
(1) palmmprint registration: when user uses native system for the first time, system can require that user carries out palmmprint registration.After user clicks shooting, system can carry out preliminary treatment to the image photographed, ROI region is obtained according to coordinate transform, then texture primitive characteristic statistics is carried out to ROI region, use the close SM4 algorithm of state to be encrypted the characteristic value of extraction, and preserve in the file of inner for the content write-in program after encryption catalogue.Original characteristic value seemingly, will first be carried out backing up covering the new characteristic value of write again by palmmprint amendment and palmmprint registration class unlike palmmprint amendment.
(2) palmprint authentication: when non-first time runs native system, need to carry out authentication.In the authentication stage, the module such as preliminary treatment, feature extraction used when needing equally to call registration.Register with palmmprint and adopt the process of live preview frame unlike, palmprint authentication, i.e. system auto-focusing photographic images in setting-up time interval.Each after successfully focusing obtains image, carry out characteristics extraction to it, preserve characteristic value hereof, then the cosine similarity of calculating two characteristic values when then reading and decipher registration, similarity is more than or equal to 99% and is considered as that the match is successful.Otherwise continuing to obtain live preview frame to process, when automatically identifying number of times more than 10 times, being considered as that it fails to match, automatic termination routine.The time interval that we set auto-focusing shooting is at present 1.2s, and this is the mobile device in order to the most of reduction process ability of compatibility.
Local secret protection module is mainly divided into application lock (for designated mobile phone application locks), private file protection (encryption is hidden file also), privacy communication protection (hiding incoming call and the note of private contact), code book (record account number and password) these four sub-function module.
1) procedure lock module
Procedure lock module can lock according to the application-specific that is set to of user.Realize primarily of two monitoring services, whether the application that each user of one of them services listen opens is locked application, if then eject palmprint authentication interface, authentication success just can carry out.Whether the application of another services listen temporary unlock terminates, if terminate, again locks to it.
2) private file protection module
In this module, user can select oneself to want the file locked to be encrypted in listed files, and file copy can be deleted original to the storage inside catalogue of program by native system, and then carry out SM4 encryption to file, now file is encrypted cannot access.
2.3 privacy communication protection modules
Privacy communication protection module realizes primarily of two monitoring services, tackles respectively to incoming call and note before android system process, extracts wherein letter people number, determines whether private contact.If then to its interception, only show on native system.Otherwise let pass, transfer to android system process.
2.4 code book modules
In this module, user can select to preserve e-mail, bank card, the account of website and password even memo information etc.Account number and password can carry out copying stickup, facilitate user to input.Account and password are adopt SM4 algorithm for encryption to be stored in this locality equally.
Shared resource protection refers to and is encrypted protection to remote resource, and each user is assigned with a role, and server is to its control that conducts interviews.During each access services device of client, palm print characteristics value can be sent.Mate with the palm print characteristics table in database after server receives palm print characteristics, find the role of relative users, return listed files that user can access to client according to the access rights of role.User can carry out the download of file according to listed files or upload.In addition, client and server all can to the resource settings time limit, and overstepping the time limit resource will be automatically deleted.
Fig. 4 is a kind of safe transmission method combined with RSA by close for state SM4 algorithm that native system adopts in the transfer of data of client with server, and concrete steps are as follows:
(1) client sends http session request (simultaneously a set of RSA+SM4 encryption rule that oneself is supported can be sent to server)
(2) server returns RSA PKI after receiving HTTP request, and preserves RSA private key.
(3) after client receives the PKI of server transmission, SM4 algorithm is utilized to generate the key of symmetric cryptography, and with the RSA PKI that server sends, SM4 symmetric key is encrypted, encrypt rear client, by HTTPPOST request, enciphered message is mail to server.
(4) after server receives enciphered message, utilize the SM4 key of RSA private key pair encryption to be decrypted, obtain SM4 symmetric cryptographic key.
(5) data of server and client side are all encrypted by this SM4 symmetric key.
Claims (6)
1. the Android intimacy protection system based on personal recognition; it is characterized in that: this system comprises Android client and remote service end; described Android client is used for the basic operation of user; it comprise palmmprint registration/certification, for application program lock, encrypt file, private communication, record password, upload shared resource, download shared resource, described remote service end is for depositing shared resource and the access control to user.
2. the Android intimacy protection system based on personal recognition according to claim 1, is characterized in that: when entering Android client first, and user needs to carry out palmmprint registration, and non-entering first needs palmprint authentication just can be entered by rear.
3. the Android intimacy protection system based on personal recognition according to claim 1, is characterized in that: needed to carry out palmprint authentication by the application program locked and just can be entered by rear.
4. the Android intimacy protection system based on personal recognition according to claim 1; it is characterized in that: described encrypt file copies in the inside catalogue of program after referring to and file being adopted SM4 algorithm for encryption; and delete original; user can arrange the time-to-live of file simultaneously, and the file gone beyond the time limit will be automatically deleted.
5. the Android intimacy protection system based on personal recognition according to claim 1; it is characterized in that: described private communication refers to and can not to show in cell phone system with the dealing note of the private contact set, and can only carry out in the present system checking and replying.
6. the Android intimacy protection system based on personal recognition according to claim 1; it is characterized in that: described shared resource is the file that user selects in Android client to upload; when uploading, whether user can arrange the file time-to-live and namely burn after readding.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510609322.0A CN105323355A (en) | 2015-09-22 | 2015-09-22 | Android privacy protection system based on palm print recognition |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510609322.0A CN105323355A (en) | 2015-09-22 | 2015-09-22 | Android privacy protection system based on palm print recognition |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN105323355A true CN105323355A (en) | 2016-02-10 |
Family
ID=55249926
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510609322.0A Pending CN105323355A (en) | 2015-09-22 | 2015-09-22 | Android privacy protection system based on palm print recognition |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105323355A (en) |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105871936A (en) * | 2016-06-23 | 2016-08-17 | 北京金山安全软件有限公司 | File transmission method and device and electronic equipment |
| CN107968788A (en) * | 2017-12-07 | 2018-04-27 | 湖州华科信息咨询有限公司 | A kind of method and apparatus for working document safety management |
| CN108491712A (en) * | 2018-03-28 | 2018-09-04 | 湖州华科信息咨询有限公司 | A kind of method and apparatus for hospital's classified papers safe read-write |
| CN109992942A (en) * | 2019-01-03 | 2019-07-09 | 西安电子科技大学 | Secret protection face authentication method and system, intelligent terminal based on privacy sharing |
| CN111709010A (en) * | 2020-06-19 | 2020-09-25 | 山东省计算中心(国家超级计算济南中心) | Terminal authentication information extraction and verification method and system based on state cryptographic algorithm |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102739856A (en) * | 2012-05-31 | 2012-10-17 | 西安电子科技大学 | Mobile phone unlocking system and method based on palm image information |
| CN103269481A (en) * | 2013-05-13 | 2013-08-28 | 广东欧珀移动通信有限公司 | Method and system for encrypting and protecting procedure or file of portable electronic equipment |
| CN103646236A (en) * | 2013-12-09 | 2014-03-19 | 东南大学 | Palm print information coding, encryption and application method |
| CN104850798A (en) * | 2015-06-26 | 2015-08-19 | 福建六壬网安股份有限公司 | Strategy-customized android equipment privacy protection system and realizing method therefor |
-
2015
- 2015-09-22 CN CN201510609322.0A patent/CN105323355A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102739856A (en) * | 2012-05-31 | 2012-10-17 | 西安电子科技大学 | Mobile phone unlocking system and method based on palm image information |
| CN103269481A (en) * | 2013-05-13 | 2013-08-28 | 广东欧珀移动通信有限公司 | Method and system for encrypting and protecting procedure or file of portable electronic equipment |
| CN103646236A (en) * | 2013-12-09 | 2014-03-19 | 东南大学 | Palm print information coding, encryption and application method |
| CN104850798A (en) * | 2015-06-26 | 2015-08-19 | 福建六壬网安股份有限公司 | Strategy-customized android equipment privacy protection system and realizing method therefor |
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105871936A (en) * | 2016-06-23 | 2016-08-17 | 北京金山安全软件有限公司 | File transmission method and device and electronic equipment |
| CN105871936B (en) * | 2016-06-23 | 2019-03-26 | 北京金山安全软件有限公司 | File transmission method and device and electronic equipment |
| CN107968788A (en) * | 2017-12-07 | 2018-04-27 | 湖州华科信息咨询有限公司 | A kind of method and apparatus for working document safety management |
| CN108491712A (en) * | 2018-03-28 | 2018-09-04 | 湖州华科信息咨询有限公司 | A kind of method and apparatus for hospital's classified papers safe read-write |
| CN108491712B (en) * | 2018-03-28 | 2021-12-07 | 东阳市前途工业设计有限公司 | Method and device for safely reading and writing hospital confidential documents |
| CN109992942A (en) * | 2019-01-03 | 2019-07-09 | 西安电子科技大学 | Secret protection face authentication method and system, intelligent terminal based on privacy sharing |
| CN111709010A (en) * | 2020-06-19 | 2020-09-25 | 山东省计算中心(国家超级计算济南中心) | Terminal authentication information extraction and verification method and system based on state cryptographic algorithm |
| CN111709010B (en) * | 2020-06-19 | 2021-05-07 | 山东省计算中心(国家超级计算济南中心) | Terminal authentication information extraction and verification method and system based on state cryptographic algorithm |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9888382B2 (en) | Mobile data communication using biometric encryption | |
| CN113572614B (en) | Security method and system for data transmission | |
| Zhang et al. | Pop: Privacy-preserving outsourced photo sharing and searching for mobile devices | |
| US9189612B2 (en) | Biometric verification with improved privacy and network performance in client-server networks | |
| US8135180B2 (en) | User authentication method based on the utilization of biometric identification techniques and related architecture | |
| CN110706379B (en) | Access control method and device based on block chain | |
| CN105323355A (en) | Android privacy protection system based on palm print recognition | |
| US11757640B2 (en) | Non-fungible token authentication | |
| US10187383B2 (en) | Method of pushing passwords, and pushing system | |
| US20150304321A1 (en) | An image management system and an image management method based on fingerprint authentication | |
| Akansha | Email security | |
| US11282071B2 (en) | Digital identity management device | |
| CA3156555C (en) | Cryptographic key management | |
| CN114241560A (en) | Face recognition privacy protection system and method | |
| CN113779534B (en) | Personal information providing method and service platform based on digital identity | |
| AU2018100503A4 (en) | Split data/split storage | |
| CN106657072A (en) | Identity authentication method and system | |
| CN104462926A (en) | Intelligent card identity recognition method and system | |
| CN105303085A (en) | File sharing method and sharing system | |
| US20220188395A1 (en) | Digital identity management device | |
| Chand et al. | Biometric Authentication using SaaS in Cloud Computing | |
| PRIYA et al. | TRUSTED HYBRID MULTIFACTOR AUTHENTICATION FOR CLOUD USERS. | |
| US11514144B1 (en) | Universal identification device | |
| US20240007302A1 (en) | Data verification system | |
| Mali et al. | Single input multi factor user authentication protocol for smartphone. |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| WD01 | Invention patent application deemed withdrawn after publication | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20160210 |