CN105871913A - Identity authentication method and system - Google Patents
Identity authentication method and system Download PDFInfo
- Publication number
- CN105871913A CN105871913A CN201610390243.XA CN201610390243A CN105871913A CN 105871913 A CN105871913 A CN 105871913A CN 201610390243 A CN201610390243 A CN 201610390243A CN 105871913 A CN105871913 A CN 105871913A
- Authority
- CN
- China
- Prior art keywords
- authentication
- identity
- service
- module
- authorization system
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 58
- 238000013475 authorization Methods 0.000 claims description 79
- 230000009471 action Effects 0.000 claims description 21
- 230000005540 biological transmission Effects 0.000 claims description 10
- 230000009897 systematic effect Effects 0.000 claims description 2
- 238000004883 computer application Methods 0.000 abstract 1
- 238000002955 isolation Methods 0.000 abstract 1
- 230000008569 process Effects 0.000 description 16
- 238000004891 communication Methods 0.000 description 10
- 238000005516 engineering process Methods 0.000 description 8
- 230000015654 memory Effects 0.000 description 8
- 230000006870 function Effects 0.000 description 7
- 238000007726 management method Methods 0.000 description 6
- 238000010586 diagram Methods 0.000 description 5
- 238000012795 verification Methods 0.000 description 5
- 230000008859 change Effects 0.000 description 4
- 230000003287 optical effect Effects 0.000 description 4
- 230000005236 sound signal Effects 0.000 description 3
- 230000001133 acceleration Effects 0.000 description 2
- 230000000712 assembly Effects 0.000 description 2
- 238000000429 assembly Methods 0.000 description 2
- 230000008901 benefit Effects 0.000 description 2
- 238000004590 computer program Methods 0.000 description 2
- 230000002093 peripheral effect Effects 0.000 description 2
- 238000012545 processing Methods 0.000 description 2
- KLDZYURQCUYZBL-UHFFFAOYSA-N 2-[3-[(2-hydroxyphenyl)methylideneamino]propyliminomethyl]phenol Chemical compound OC1=CC=CC=C1C=NCCCN=CC1=CC=CC=C1O KLDZYURQCUYZBL-UHFFFAOYSA-N 0.000 description 1
- 101100264195 Caenorhabditis elegans app-1 gene Proteins 0.000 description 1
- 206010048669 Terminal state Diseases 0.000 description 1
- 230000006399 behavior Effects 0.000 description 1
- 238000005352 clarification Methods 0.000 description 1
- 239000000470 constituent Substances 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 238000013500 data storage Methods 0.000 description 1
- 201000001098 delayed sleep phase syndrome Diseases 0.000 description 1
- 208000033921 delayed sleep phase type circadian rhythm sleep disease Diseases 0.000 description 1
- 238000012217 deletion Methods 0.000 description 1
- 230000037430 deletion Effects 0.000 description 1
- 238000001514 detection method Methods 0.000 description 1
- 238000012850 discrimination method Methods 0.000 description 1
- 230000005611 electricity Effects 0.000 description 1
- 238000003384 imaging method Methods 0.000 description 1
- 239000004973 liquid crystal related substance Substances 0.000 description 1
- 230000004807 localization Effects 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 230000002085 persistent effect Effects 0.000 description 1
- 239000012925 reference material Substances 0.000 description 1
- 230000008439 repair process Effects 0.000 description 1
- 238000012163 sequencing technique Methods 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
- 238000005728 strengthening Methods 0.000 description 1
- 230000003319 supportive effect Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0861—Network architectures or network communication protocols for network security for authentication of entities using biometrical features, e.g. fingerprint, retina-scan
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Health & Medical Sciences (AREA)
- Biomedical Technology (AREA)
- General Health & Medical Sciences (AREA)
- Telephonic Communication Services (AREA)
Abstract
The application discloses an identity authentication method and system, and belongs to the technical field of computer application. The method comprises the following steps: starting identity authentication system service on a system service layer of a terminal operating system; the identity authentication system service receives an identity authentication request sent by a local application, wherein the identity authentication request comprises an authentication mode and an operation type; the identity authentication system service calls a corresponding identity authentication module according to the authentication mode of the identity authentication request; and finishing corresponding identity authentication operation in the identity authentication module according to the operation type. The method realizes the isolation and effective connection of the identity authentication request and the specific realization by establishing the identity authentication system service on a system service layer and converting the identity authentication request of the third-party application into the call of the specific authentication module.
Description
Technical field
The present invention relates to Computer Applied Technology, in particular to a kind of identity identifying method and
System.
Background technology
Along with the continuous progress of technology, the identification authentication mode of Mobile operating system gets more and more, removes
Outside traditional cipher authentication mode, the most a lot of biometric discrimination methods, such as finger print identifying, iris
Certification, face's certification, voiceprint etc..
Implementing of existing authentication operation is integrated in identity authentication service software, if being
Newly-increased a kind of authentication mode in system, from SDK (Software Development Kit, software development
Bag) layer to system services layer, need amendment identity authentication service software, add in software this
The program code that authentication mode is supported, then recompilates identity authentication service software, needs amendment
Code more.Meanwhile, if application directly invokes these authentication modes, identity data is carried out
Gather, store and ratio peering, potential safety hazard can be brought to system.
Additionally, implementing with identity authentication service software of authentication operation is to separate in prior art
, it is not specified by unified interface between the two, if newly-increased authentication mode, both needs to repair
Change and compile.Furthermore, different authentication mode implement difference, external interface is the most inconsistent.
Accordingly, it would be desirable to a kind of new identity identifying method and system.
It is only used for strengthening background of this disclosure in information above-mentioned disclosed in described background section
Understanding, therefore it can include not constituting prior art known to persons of ordinary skill in the art
Information.
Summary of the invention
The present invention provides a kind of identity identifying method and system, it is possible to the identity of third-party application recognized
Card request is converted into calls concrete authentication module.
Other characteristics of the present invention and advantage will be apparent from by detailed description below, or part
Ground acquistion by the practice of the present invention.
According to an aspect of the present invention, it is provided that a kind of identity identifying method, including: grasp in terminal
The system services layer making system starts identity authorization system service;Described identity authorization system service connects
Receiving the ID authentication request of locally applied transmission, wherein said ID authentication request includes authentication mode
And action type;Described identity authorization system service is according to the authentication mode of described ID authentication request
Call corresponding authentication module;In described authentication module complete according to described action type
Corresponding authentication is become to operate.
According to an embodiment of the present invention, also include: described identity authorization system service is described
The SDK of terminal operating system provides unified external identity authentication service interface to described application;
Described application call corresponding identity authentication service interface completes corresponding authentication operation.
According to an embodiment of the present invention, wherein said identity authentication service interface includes: obtain
The authentication mode of described identity authorization system service support, open in described authentication mode any one
Kind, close in described authentication mode any one, add identity information, delete identity information,
Carry out authentication, obtain the authentication state of described identity authorization system service, obtain described identity
The maximum reattempt times of Verification System service, obtain in current erroneous number of times all or part of.
According to an embodiment of the present invention, also include: in described identity authorization system service with each
One group of internal authentication service Provider Interface is defined between authentication module;Each authentication mould
Block is according to the definition of described authentication service Provider Interface, it is achieved concrete authentication function.
According to an embodiment of the present invention, described authentication service Provider Interface includes starting certification
Affairs, terminate certification affairs, carry out authentication, amendment authentication data, delete authentication data,
Add authentication data operation in some or all of.
According to an embodiment of the present invention, also include: according to described authentication service Provider Interface
In definition, new authentication module realizes corresponding authentication operation;By described new body
Part authentication module is placed under the path that described identity authorization system service is specified, it is achieved add in systems
Add the authentication mode that this new authentication module is corresponding.
According to an embodiment of the present invention, the identity that this is new is added in wherein said realization in systems
The authentication mode that authentication module is corresponding includes: be dynamic by the authentication module compiling link that this is new
Storehouse or the form of plug-in unit;Leave this new authentication module after compiling link in described identity
Under the system path that Verification System service is specified;During os starting, start described authentication
System service, loads this new authentication module, it is achieved the certification behaviour of this corresponding authentication mode
Make.
According to an embodiment of the present invention, also include: when certain authentication mode deleted by needs,
Delete the authentication module that this authentication mode is corresponding.
According to an embodiment of the present invention, the corresponding authentication mould of one of which authentication mode
Block.
According to an embodiment of the present invention, described authentication module includes cipher authentication, fingerprint
Any one or its combination in any in certification, iris authentication, face's certification, voiceprint.
According to an embodiment of the present invention, also include: described identity authorization system service is initially
During change, load authentication module present in described terminal operating system.
According to a further aspect in the invention, it is provided that a kind of identity authorization system, including: start mould
Block, it starts identity authorization system service for the system services layer in terminal operating system;Receive
Module, its authentication receiving locally applied transmission for described identity authorization system service is asked
Asking, wherein said ID authentication request includes authentication mode and action type;Calling module, it is used
Call accordingly according to the authentication mode of described ID authentication request in described identity authorization system service
Authentication module;Authentication module, it is used in described authentication module according to described
Action type completes corresponding authentication operation.
According to an embodiment of the present invention, wherein said identity authorization system service includes system
The external identity authentication service interface of unification that provides of application layer and be positioned at described authentication
The one group of internal authentication service supplier defined between system service and each authentication module connects
Mouthful.
In accordance with a further aspect of the present invention, it is provided that a kind of mobile terminal, including processor;With
Memorizer in storage processor executable;Wherein, described processor is configured to: at end
The system services layer of end operating system starts identity authorization system service;Described identity authorization system takes
Business receives the ID authentication request of locally applied transmission, and wherein said ID authentication request includes certification
Mode and action type;Described identity authorization system service is according to the certification of described ID authentication request
Mode calls corresponding authentication module;According to described operation class in described authentication module
Type completes corresponding authentication operation.
Identity identifying method according to the present invention and system, by the identity created at system services layer
Verification System services, the ID authentication request sent by the third-party application of the application layer of operating system
It is converted into and concrete authentication module is called, implementing of authentication has been placed on system service
Layer, it is ensured that the safety of the collection of identity data, storage and comparison.
It addition, according to some embodiments, identity identifying method and the system of the present invention are wrapped the most further
Include external identity authentication service interface and one group of internal recognizing that described system services layer provides
Card Service Provider Interface, provides unified identity authentication service interface to application, and unified management is each
Authentication module.
It should be appreciated that it is only exemplary that above general description and details hereinafter describe,
The present invention can not be limited.
Accompanying drawing explanation
Its example embodiment is described in detail by referring to accompanying drawing, above and other target of the present invention,
Feature and advantage will become apparent from.
Fig. 1 is the flow chart according to a kind of identity identifying method shown in an illustrative embodiments.
Fig. 2 is the flow process according to the another kind of identity identifying method shown in an illustrative embodiments
Figure.
Fig. 3 is the flow process according to the another kind of identity identifying method shown in an illustrative embodiments
Figure.
Fig. 4 is the block diagram according to a kind of identity authorization system shown in an illustrative embodiments.
Fig. 5 is the block diagram according to the another kind of identity authorization system shown in an illustrative embodiments.
Detailed description of the invention
It is described more fully with example embodiment referring now to accompanying drawing.But, example embodiment
Can implement in a variety of forms, and be not understood as limited to example set forth herein;On the contrary, carry
Make the present invention will more fully and completely for these embodiments, and by the structure of example embodiment
Think to convey to those skilled in the art all sidedly.Accompanying drawing is only the schematic illustrations of the present invention, and
Not necessarily is drawn to scale.Reference identical in figure represents same or similar part, because of
And repetition thereof will be omitted.
Additionally, described feature, structure or characteristic can be combined in one in any suitable manner
In individual or more embodiment.In the following description, it is provided that many details thus be given right
Fully understanding of embodiments of the present invention.It will be appreciated, however, by one skilled in the art that it is permissible
Put into practice technical scheme and omit in described specific detail one or more or permissible
Use other method, constituent element, device, step etc..In other cases, be not shown in detail or
Describe known features, method, device, realize or operate avoiding a presumptuous guest usurps the role of the host and make this
Bright each side thickens.
Fig. 1 is the flow chart according to a kind of identity identifying method shown in an illustrative embodiments.
As it is shown in figure 1, in step S110, the system services layer in terminal operating system starts identity
Verification System services.
In exemplary embodiment, also include: described identity authorization system service is at described terminal operation
The SDK of system provides unified external identity authentication service interface to described application;Described application
Call corresponding identity authentication service interface and complete corresponding authentication operation.
In exemplary embodiment, wherein said identity authentication service interface includes: obtain described identity
The authentication mode of Verification System service support, open in described authentication mode any one, close
In described authentication mode any one, add identity information, delete identity information, carry out identity
Certification, obtain the authentication state of described identity authorization system service, obtain described identity authorization system
The maximum reattempt times of service, obtain in current erroneous number of times all or part of.
In step S120, described identity authorization system service receives the authentication of locally applied transmission
Request, wherein said ID authentication request includes authentication mode and action type.
In step S130, described identity authorization system service is according to the certification of described ID authentication request
Mode calls corresponding authentication module.
In exemplary embodiment, also include: in described identity authorization system service and each authentication
One group of internal authentication service Provider Interface is defined between module;Each authentication module is according to institute
State the definition of authentication service Provider Interface, it is achieved concrete authentication function.
In exemplary embodiment, described authentication service Provider Interface includes starting certification affairs, knot
Restraint certification affairs, carry out authentication, amendment authentication data, deletion authentication data, interpolation certification
Some or all of in data manipulation.
In exemplary embodiment, also include: described identity authorization system service, when initializing, adds
Carry authentication module present in described terminal operating system.
In step S140, complete accordingly according to described action type in described authentication module
Authentication operates.
In exemplary embodiment, described authentication module includes cipher authentication, finger print identifying, rainbow
Any one or its combination in any in film certification, face's certification, voiceprint.
Fig. 2 is the flow process according to the another kind of identity identifying method shown in an illustrative embodiments
Figure.
As in figure 2 it is shown, in this inventive embodiments, say as a example by realizing iris authentication
Bright.
In step S210, third-party application (abbreviation of App, Application application program) is adjusted
Use identity authentication service interface, send ID authentication request.
Here local App is the party in request of identity authentication service, described identity authentication service interface
It is described identity authorization system service external API (Application that application layer is provided
Programming Interface, application programming interface) interface, calls these when locally applied
Identity authentication service API can complete authentication operation, and without being concerned about the concrete of authentication
Realize.Described identity authentication service API can be as a part for operating system SDK, it is provided that giving should
Use developer.
Such as, App calls the certification API in this identity authentication service interface, when calling, needs to pass
Entering the parameter of necessity, as authentication mode is defined to iris authentication, action type is for carrying out authentication.
In step S220, by this identity authentication service interface, this ID authentication request is sent extremely
Identity authorization system services.
Such as, this certification API Calls identity authorization system services, described in the application of application layer
ID authentication request sends this identity authorization system service to system services layer.
In step S230, after this identity authorization system service receives this ID authentication request, call rainbow
Film authentication module, sends this ID authentication request to this iris authentication module.
Described identity authorization system service is the provider of identity authentication service.This service can be along with being
System starting up and start, reside in the most always system background run.
Each authentication module is implementing of various authentication mode, and such as, iris authentication module is rainbow
Implementing of film authentication mode, described identity authorization system service can add when self initializes
Authentication module present in loading system.
The authentication mode that described identity authorization system service is specified according to this certification API is with to be carried out
Action type, calls the iris authentication module being positioned at system services layer.
In step S240, in this iris authentication module, complete implementing of iris authentication.
Described iris authentication module completes the collection of iris data, ratio peering, and access authentication
Result returns to identity authorization system service.Described authentication result can be current authentication pass through,
Current authentication is unsuccessfully etc..
In step S250, corresponding authentication result is back to this authentication by this iris authentication module
System service.
In step S260, this authentication result is back to this authentication by this identity authorization system service
Service interface.
This authentication result is returned to this certification API by this identity authorization system service further.
In step S270, by calling this identity authentication service interface, this authentication result is back to
This third-party application.
This authentication result is returned to corresponding App by this certification API, informs that its this certification is passed through
Or failure.
The flow process being by authentication that above step describes, other authentication operation, as
Add/delete/amendment identification authentication data, such as password, iris data and finger print data etc., its stream
Journey is basically identical with above-mentioned steps, simply calls the correspondence in authentication interface in step S210
API。
Fig. 3 is the flow process according to the another kind of identity identifying method shown in an illustrative embodiments
Figure.
As it is shown on figure 3, in step S310, according to the definition in authentication service Provider Interface,
New authentication module realizes the most concrete authentication operation.
In exemplary embodiment, between described identity authorization system service and each authentication module,
Define one group of authentication service Provider Interface, be the internal interface of identity authentication service, be used for advising
Model and each authentication service module unified, identity authentication service, by this interface, calls authentication service
Module, thus realize concrete authentication operation.
These interfaces include but not limited to following functions: start certification affairs, terminate certification affairs,
Carry out authentication, amendment authentication data, delete authentication data, interpolation authentication data etc..Respectively recognize
Card module is in strict accordance with the definition of described authentication service Provider Interface, it is achieved concrete authentication function.
If the newly added a kind of authentication mode of system, only need to determining according to described authentication service Provider Interface
Justice realizes its function, is placed under the path that identity authorization system service is specified.
During os starting, identity authorization system service can be started, in identity authorization system service
In initialization procedure, can be to all authentication moulds present in loading system successively under specified path
Block.
In step S320, the shape that authentication module compiling link be dynamic base or plug-in unit new by this
Formula.
In step S330 in, the authentication module after compiling link is left identity authorization system clothes
Under the system path that business is specified.
In step S340, during os starting, start identity authorization system service, load this new
Authentication module.
When service startup next time of described identity authorization system, this authentication being newly added can be loaded
Module, such that it is able to realize the authentication operation of this corresponding authentication mode.
Similarly, when certain authentication mode deleted by needs, it is only necessary to delete corresponding authentication
Module.
Following for present system embodiment, may be used for performing the inventive method embodiment.For
The details not disclosed in apparatus of the present invention embodiment, refer to the inventive method embodiment.
Fig. 4 is the block diagram according to a kind of identity authorization system shown in an illustrative embodiments.
As shown in Figure 4, this system includes: start module 410, and it is in terminal operating system
System services layer starts identity authorization system service;Receiver module 420, it is used for described authentication
System service receives the ID authentication request of locally applied transmission, wherein said ID authentication request bag
Include authentication mode and action type;Calling module 430, it services root for described identity authorization system
Corresponding authentication module is called according to the authentication mode of described ID authentication request;Authentication mould
Block 440, it is for completing corresponding identity according to described action type in described authentication module
Authentication operation.
In exemplary embodiment, wherein said identity authorization system service includes systematic difference layer
The external identity authentication service interface of unification that theres is provided and be positioned at described identity authorization system service
And the one group of internal authentication service Provider Interface defined between each authentication module.
Fig. 5 is the block diagram according to the another kind of identity authorization system shown in an illustrative embodiments.
Such as Fig. 5, this system includes: the App of application layer (can include multiple App, such as,
App1, App2, App3 are until AppN) 510;The identity authentication service API 520 of SDK;
The identity authorization system service 530 of system services layer, it is right that described identity authorization system service 530 includes
Interior authentication service Provider Interface 540, described identity authorization system service 530 is recognized by calling this
Card Service Provider Interface 540, can call corresponding authentication module, this authentication module
Cipher authentication module 550, fingerprint authentication module 560, iris authentication module 570, face can be included
Portion's authentication module 580, other authentication modes 590.
The application of application layer is the operation write with Java language program on a virtual machine.Such as,
E-mail client, SMS short message program, calendar, map, browser, contact management's journey
Sequence, etc..
SDK be typically all some software engineers for specific software kit, software frame, hardware put down
The set of developing instrument when platform, operating system etc. set up application software.It can be simply certain
Individual programming language provides some files of application programming interfaces API, it is also possible to include can be with
The complicated hardware of certain embedded system communication.General instrument includes for debugging and other use
The utility on way.SDK also often include code sample, supportive technical notes or other
For basic reference material clarification doubtful point support document.
The embodiment of the present invention proposes a kind of ID authentication mechanism supporting multiple authentication mode, this machine
Implementing of authentication is placed on system services layer by system, it is ensured that the collection of identity data, storage
Safety with comparison;This identity authorization system service definition authentication service Provider Interface, is used for
Different authentication mode unified managements is got up;Meanwhile, the locally applied offer to application layer is unified
Identity authentication service interface, convenient application uses identity authorization system service.The present invention can be real
Now the request of authentication and implementing is kept apart, and effectively couple together;By different bodies
Part authentication mode unified management is got up;Unified identity authentication service interface is provided to application.
Present invention also offers a kind of mobile terminal, described mobile terminal includes: processor;For
The memorizer of storage processor executable.
Described processor can be configured to: the system services layer in terminal operating system starts identity to be recognized
Card system service;Described identity authorization system service receives the authentication of locally applied transmission please
Asking, wherein said ID authentication request includes authentication mode and action type;Described authentication system
System service calls corresponding authentication module according to the authentication mode of described ID authentication request;?
Described authentication module completes corresponding authentication operation according to described action type.
Such as, mobile terminal can be smart mobile phone, computer, digital broadcast terminal, and message is received
The equipment of sending out, game console, tablet device, armarium, body-building equipment, personal digital assistant
Deng.
Mobile terminal can include following one or more assembly: processes assembly, memorizer, power supply
Assembly, multimedia groupware, audio-frequency assembly, the interface of input/output (I/O), sensor cluster,
And communications component.
Process assembly and generally control the integrated operation of mobile terminal, such as with display, data communication,
The operation that camera operation and record operation are associated.Process assembly and can include one or more process
Device performs instruction, to complete all or part of step of above-mentioned method.Additionally, process assembly
One or more module can be included, it is simple to process between assembly and other assemblies is mutual.Example
As, process assembly and can include multi-media module, to facilitate multimedia groupware and to process between assembly
Mutual.
Memorizer is configured to store various types of data to support the operation at equipment.These numbers
According to example include any application program for operating on mobile terminals or the instruction of method, disappear
Breath, picture, video etc..Memorizer can be set by any kind of volatibility or non-volatile memories
Standby or combinations thereof realizes, and such as static RAM (SRAM), electric erasable can
Program read-only memory (EEPROM), Erasable Programmable Read Only Memory EPROM (EPROM),
Programmable read only memory (PROM), read only memory (ROM), magnetic memory, quick flashing
Memorizer, disk or CD.
The various assemblies that power supply module is mobile terminal provide electric power.Power supply module can include power supply
Management system, one or more power supplys, and other with for mobile terminal generate, manage and distribute electricity
The assembly that power is associated.
One output interface of offer that multimedia groupware is included between described mobile terminal and user
Screen.In certain embodiments, screen can include liquid crystal display (LCD) and touch panel
(TP).If screen includes that touch panel, screen may be implemented as touch screen, to receive
From the input signal of user.Touch panel include one or more touch sensor with sensing touch,
Slide and the gesture on touch panel.Described touch sensor can not only sense touch or slide dynamic
The border made, but also detect the persistent period relevant to described touch or slide and pressure.
In certain embodiments, multimedia groupware includes a front-facing camera and/or post-positioned pick-up head.When
Equipment is in operator scheme, during such as screening-mode or video mode, and front-facing camera and/or rearmounted take the photograph
As head can receive the multi-medium data of outside.Each front-facing camera and post-positioned pick-up head can be
One fixing optical lens system or there is focal length and optical zoom ability.
Audio-frequency assembly is configured to output and/or input audio signal.Such as, audio-frequency assembly includes one
Individual mike (MIC), when mobile terminal is in operator scheme, such as call model, logging mode
During with speech recognition mode, mike is configured to receive external audio signal.The audio frequency received
Signal can be further stored at memorizer or send via communications component.In some embodiments
In, audio-frequency assembly also includes a speaker, is used for exporting audio signal.
I/O interface provides interface, above-mentioned peripheral interface for processing between assembly and peripheral interface module
Module can be keyboard, puts striking wheel, button etc..These buttons may include but be not limited to: homepage is pressed
Button, volume button, start button and locking press button.
Sensor cluster includes one or more sensor, for providing various aspects for mobile terminal
State estimation.Such as, what sensor cluster can detect equipment opens/closed mode, assembly
Relative localization, the most described assembly is display and the keypad of mobile terminal, sensor cluster
Mobile terminal or the position change of one assembly of mobile terminal, user and mobile terminal can also be detected
The presence or absence of contact, the temperature of mobile terminal orientation or acceleration/deceleration and mobile terminal becomes
Change.Sensor cluster can include proximity transducer, is configured to do not having any physics to connect
The existence of object near detection when touching.Sensor cluster can also include optical sensor, such as CMOS
Or ccd image sensor, for using in imaging applications.In certain embodiments, this sensing
Device assembly can also include acceleration transducer, gyro sensor, Magnetic Sensor, pressure sensing
Device or temperature sensor.
Communications component is configured to facilitate wired or wireless mode between mobile terminal and other equipment
Communication.Mobile terminal can access wireless network based on communication standard, such as WiFi, 2G or
3G, or combinations thereof.In one exemplary embodiment, communications component connects via broadcast channel
Receive the broadcast singal from external broadcasting management system or broadcast related information.An exemplary reality
Executing in example, described communications component also includes near-field communication (NFC) module, to promote junction service.
Such as, can be based on RF identification (RFID) technology in NFC module, Infrared Data Association (IrDA)
Technology, ultra broadband (UWB) technology, bluetooth (BT) technology and other technologies realize.
In exemplary embodiment, mobile terminal can be by one or more application specific integrated circuits
(ASIC), digital signal processor (DSP), digital signal processing appts (DSPD), can
Programmed logic device (PLD), field programmable gate array (FPGA), controller, microcontroller
Device, microprocessor or other electronic components realize, and are used for performing said method.
In exemplary embodiment, additionally provide a kind of non-transitory computer-readable including instruction and deposit
Storage media, such as, include the memorizer of instruction, and above-mentioned instruction can be performed by the processor of mobile terminal
To complete said method.Such as, described non-transitory computer-readable recording medium can be
ROM, random access memory (RAM), CD-ROM, tape, floppy disk and optical data storage
Equipment etc..
A kind of non-transitory computer-readable recording medium, when the instruction in described storage medium is by moving
When the processor of dynamic terminal performs so that mobile terminal is able to carry out a kind of identity identifying method, institute
The method of stating includes:
System services layer in terminal operating system starts identity authorization system service;Described identity is recognized
Card system service receives the ID authentication request of locally applied transmission, wherein said ID authentication request
Including authentication mode and action type;Described identity authorization system service please according to described authentication
The authentication mode asked calls corresponding authentication module;According to institute in described authentication module
State action type and complete corresponding authentication operation.
It will be clearly understood that present disclosure describe how to be formed and use particular example, but this
Bright principle is not limited to any details of these examples.On the contrary, based on present disclosure
Teaching, these principles can be applied to numerous other embodiments.
Identity identifying method disclosed in this invention and system, create special identity authorization system clothes
Business, is converted into the ID authentication request of application and calls concrete authentication module;For application
Layer provides unified identity authentication service interface, and these interfaces cover the various operations of authentication;
Define unified authentication service Provider Interface.The present invention implementing authentication operation and identity
Authentication service separates, and specifies unified interface authentication authorization and accounting Service Provider Interface between,
So, increase or to delete a kind of authentication mode the most more flexible, it is simple to develop and manage.
It will be appreciated by those skilled in the art that all or part of step realizing above-mentioned embodiment is by reality
Now for the computer program performed by CPU.When this computer program is performed by CPU, perform
The above-mentioned functions that the said method that the present invention provides is limited.Described program can be stored in one
In computer-readable recording medium, this storage medium can be read only memory, disk or CD
Deng.
Further, it should be noted that above-mentioned accompanying drawing is only according to exemplary embodiment of the invention
The schematically illustrating rather than limit purpose of process included by method.It can be readily appreciated that it is above-mentioned attached
Process shown in figure is not intended that or limits these time sequencings processed.It addition, be also easy to reason
Solving, these process can such as either synchronously or asynchronously perform in multiple modules.
It should be noted that the block diagram shown in above-mentioned accompanying drawing is functional entity, it is not necessary to must be with
The most independent entity is corresponding.Software form can be used real to realize these functions
Body, or in one or more hardware modules or integrated circuit, realize these functional entitys, or not
With network and/or processor device and/or microcontroller device realize these functional entitys.
Through the above description of the embodiments, those skilled in the art is it can be readily appreciated that retouch here
The example embodiment stated can be realized by software, it is also possible to combines necessary hardware by software
Mode realize.Therefore, the technical scheme according to embodiment of the present invention can be with software product
Form embody, it is (permissible that this software product can be stored in a non-volatile memory medium
Be CD-ROM, USB flash disk, portable hard drive etc.) in or network on, including some instructions so that one
Platform calculates equipment (can be personal computer, server, mobile terminal or the network equipment etc.)
Perform the method according to embodiment of the present invention.
More than it is particularly shown and described the illustrative embodiments of the present invention.It is understood that
It is to the invention is not restricted to detailed construction described herein, set-up mode or implementation method;On the contrary,
The invention is intended to contain the various amendments comprised in the spirit and scope of the appended claims and equivalence
Arrange.
Claims (12)
1. an identity identifying method, it is characterised in that including:
System services layer in terminal operating system starts identity authorization system service;
Described identity authorization system service receives the ID authentication request of locally applied transmission, Qi Zhongsuo
State ID authentication request and include authentication mode and action type;
Described identity authorization system service is called according to the authentication mode of described ID authentication request accordingly
Authentication module;
Corresponding authentication behaviour is completed according to described action type in described authentication module
Make.
Method the most according to claim 1, it is characterised in that also include:
Described application is provided by described identity authorization system service at the SDK of described terminal operating system
Unified external identity authentication service interface;
Described application call corresponding identity authentication service interface completes corresponding authentication operation.
Method the most according to claim 2, it is characterised in that wherein said authentication takes
Business interface includes: obtains and recognizes described in the authentication mode of described identity authorization system service support, unlatching
In card mode any one, close in described authentication mode any one, add identity information,
Delete identity information, carry out authentication, obtain described identity authorization system service authentication state,
Obtain the service of described identity authorization system maximum reattempt times, obtain in current erroneous number of times complete
Portion or part.
Method the most according to claim 1, it is characterised in that also include:
One group of internal recognizing is defined between described identity authorization system service and each authentication module
Card Service Provider Interface;
Each authentication module is according to the definition of described authentication service Provider Interface, it is achieved concrete
Authentication function.
Method the most according to claim 4, it is characterised in that described authentication service supplier
Interface include starting certification affairs, terminate certification affairs, carry out authentication, amendment authentication data,
Delete authentication data, add authentication data operation in some or all of.
Method the most according to claim 5, it is characterised in that also include:
According to the definition in described authentication service Provider Interface, real in new authentication module
Now corresponding authentication operation;
Described new authentication module is placed on the path that described identity authorization system service is specified
Under, it is achieved add the authentication mode that this new authentication module is corresponding in systems.
Method the most according to claim 6, it is characterised in that wherein said realization is in system
Authentication mode corresponding to this new authentication module of middle interpolation includes:
The form that authentication module compiling link be dynamic base or plug-in unit new by this;
Leave this new authentication module after compiling link in described identity authorization system service
Under the system path specified;
During os starting, start described identity authorization system service, load this new identity and recognize
Card module, it is achieved the authentication operation of this corresponding authentication mode.
Method the most according to claim 5, it is characterised in that also include: when needs are deleted
During certain authentication mode, delete the authentication module that this authentication mode is corresponding.
Method the most according to claim 1, it is characterised in that also include: described identity is recognized
Card system service, when initializing, loads authentication module present in described terminal operating system.
10. an identity authorization system, it is characterised in that including:
Starting module, it starts identity authorization system for the system services layer in terminal operating system
Service;
Receiver module, it receives the identity of locally applied transmission for described identity authorization system service
Certification is asked, and wherein said ID authentication request includes authentication mode and action type;
Calling module, it is used for described identity authorization system service according to described ID authentication request
Authentication mode calls corresponding authentication module;
Authentication module, it is for complete according to described action type in described authentication module
Corresponding authentication is become to operate.
11. systems according to claim 10, it is characterised in that wherein said authentication
System service include to systematic difference layer provide unification external identity authentication service interface with
And define between described identity authorization system service and each authentication module one group is internal
Authentication service Provider Interface.
12. 1 kinds of mobile terminals, it is characterised in that including:
Processor;
For storing the memorizer of processor executable;
Wherein, described processor is configured to:
System services layer in terminal operating system starts identity authorization system service;
Described identity authorization system service receives the ID authentication request of locally applied transmission, Qi Zhongsuo
State ID authentication request and include authentication mode and action type;
Described identity authorization system service is called according to the authentication mode of described ID authentication request accordingly
Authentication module;
Corresponding authentication behaviour is completed according to described action type in described authentication module
Make.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610390243.XA CN105871913A (en) | 2016-06-02 | 2016-06-02 | Identity authentication method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610390243.XA CN105871913A (en) | 2016-06-02 | 2016-06-02 | Identity authentication method and system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN105871913A true CN105871913A (en) | 2016-08-17 |
Family
ID=56676579
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201610390243.XA Pending CN105871913A (en) | 2016-06-02 | 2016-06-02 | Identity authentication method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105871913A (en) |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106657112A (en) * | 2016-12-30 | 2017-05-10 | 曙光信息产业(北京)有限公司 | Authentication method and apparatus |
| CN107392451A (en) * | 2017-07-11 | 2017-11-24 | 重庆卡西匚匚科技有限公司 | A kind of risk control system |
| CN109145572A (en) * | 2018-06-29 | 2019-01-04 | 东软集团股份有限公司 | User authen method, device and storage medium and electronic equipment |
| CN111031013A (en) * | 2019-11-26 | 2020-04-17 | 南京领行科技股份有限公司 | Application authentication mode determination method, electronic device and storage medium |
| CN111277554A (en) * | 2018-12-05 | 2020-06-12 | 阿里巴巴集团控股有限公司 | Authentication method, device, system and storage medium |
| CN113285808A (en) * | 2021-05-18 | 2021-08-20 | 挂号网(杭州)科技有限公司 | Identity information verification method, device, equipment and storage medium |
| CN117271027A (en) * | 2018-01-29 | 2023-12-22 | 华为技术有限公司 | Authentication window display method and device |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101002170A (en) * | 2004-05-28 | 2007-07-18 | 诺基亚公司 | System and method for implementing a general application program interface |
| CN101169812A (en) * | 2006-10-25 | 2008-04-30 | 知网生物识别科技股份有限公司 | Viewfinder executive system multiple factor identification system and login method |
-
2016
- 2016-06-02 CN CN201610390243.XA patent/CN105871913A/en active Pending
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101002170A (en) * | 2004-05-28 | 2007-07-18 | 诺基亚公司 | System and method for implementing a general application program interface |
| CN101169812A (en) * | 2006-10-25 | 2008-04-30 | 知网生物识别科技股份有限公司 | Viewfinder executive system multiple factor identification system and login method |
Non-Patent Citations (1)
| Title |
|---|
| 戴书文: ""Prolog远程谓语动词调用的研究与实现"", 《中国优秀博硕士学位论文全文数据库(硕士)信息科技辑(月刊) 2006年第11期》 * |
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106657112A (en) * | 2016-12-30 | 2017-05-10 | 曙光信息产业(北京)有限公司 | Authentication method and apparatus |
| CN107392451A (en) * | 2017-07-11 | 2017-11-24 | 重庆卡西匚匚科技有限公司 | A kind of risk control system |
| CN117271027A (en) * | 2018-01-29 | 2023-12-22 | 华为技术有限公司 | Authentication window display method and device |
| CN109145572A (en) * | 2018-06-29 | 2019-01-04 | 东软集团股份有限公司 | User authen method, device and storage medium and electronic equipment |
| CN111277554A (en) * | 2018-12-05 | 2020-06-12 | 阿里巴巴集团控股有限公司 | Authentication method, device, system and storage medium |
| CN111031013A (en) * | 2019-11-26 | 2020-04-17 | 南京领行科技股份有限公司 | Application authentication mode determination method, electronic device and storage medium |
| CN113285808A (en) * | 2021-05-18 | 2021-08-20 | 挂号网(杭州)科技有限公司 | Identity information verification method, device, equipment and storage medium |
| CN113285808B (en) * | 2021-05-18 | 2024-03-26 | 挂号网(杭州)科技有限公司 | Identity information verification method, device, equipment and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN105871913A (en) | Identity authentication method and system | |
| CN104468329B (en) | Member adding method and device based on instant messaging | |
| CN104283876A (en) | Operation authorization method and device | |
| CN104484200A (en) | Method and device for updating firmware | |
| CN106126685B (en) | Page loading method and device | |
| CN104794382A (en) | Application starting method and device | |
| CN105631254B (en) | Unlocking method and tripper | |
| CN106204046A (en) | The method and device that order pays | |
| CN103916468B (en) | Method for upgrading system, terminal, server and upgrade-system | |
| CN110209385A (en) | Establishment of item method and device | |
| CN105049219B (en) | Flow booking method and system, mobile terminal and server | |
| CN107729000A (en) | Application program installation kit generation method and device | |
| CN104010094A (en) | Information sending method and device in voice services | |
| CN105094830A (en) | Method and device for executing target functions | |
| CN106600768A (en) | Intelligent door lock authentication method, device and terminal | |
| CN104714826A (en) | Application theme loading method and device | |
| CN106060027A (en) | Methods, devices, equipment and systems for verification based on verification codes | |
| CN107622189A (en) | Optimize the method and apparatus of unlocked by fingerprint | |
| CN105183571A (en) | Function calling method and device | |
| CN107395624A (en) | Information processing method and device | |
| CN105260201B (en) | Using installation method, device and smart machine | |
| CN106293717A (en) | The processing method of the setting of terminal, device and terminal | |
| CN106775410A (en) | Application program launching method, device and terminal | |
| CN106133736B (en) | Fingerprint authentication method and device | |
| CN106267820A (en) | Control the method for reality-virtualizing game, device and terminal |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20160817 |