CN109359448B - Internet mobile terminal safety office system - Google Patents
Internet mobile terminal safety office system Download PDFInfo
- Publication number
- CN109359448B CN109359448B CN201811203514.1A CN201811203514A CN109359448B CN 109359448 B CN109359448 B CN 109359448B CN 201811203514 A CN201811203514 A CN 201811203514A CN 109359448 B CN109359448 B CN 109359448B
- Authority
- CN
- China
- Prior art keywords
- account
- information
- controller
- identity
- real
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/316—User authentication by observing the pattern of computer usage, e.g. typical user behaviour
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- General Health & Medical Sciences (AREA)
- Social Psychology (AREA)
- Health & Medical Sciences (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Telephonic Communication Services (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses an internet mobile terminal safety office system which comprises an administrator terminal, a controller, an identity library, a deep verification module, a data interaction terminal and a plurality of mobile terminals, wherein the administrator terminal is connected with the controller through a network; the mobile terminal is a portable mobile terminal carried by a worker; the mobile terminal comprises a mode switching unit, a sub-controller, a living unit and an office module, wherein the office module comprises an auxiliary processing unit, a display unit, a data input module, a code scanning identification unit and a data monitoring terminal; the mode switching unit is used for the user to select to switch between the office mode and the life mode according to personal needs; according to the invention, through the mode switching unit arranged on the mobile terminal, a user can switch between the living unit and the office module at will, and the data interaction terminal can cut off the connection between the auxiliary processing units when entering the living mode, and at the moment, no information can be transmitted to the controller, so that the office information is prevented from being read in the living mode.
Description
Technical Field
The invention belongs to the field of safe office, and relates to an internet mobile terminal, in particular to an internet mobile terminal safe office system.
Background
Mobile office may also be called "3A office", also called mobile OA, i.e. office staff can handle anything related to a business at any time, at any place.
The brand new office mode can enable office staff to get rid of the restriction of time and space. The unit information can smoothly and interactively flow at any time and any place, the work is easier and more effective, and the whole operation is more coordinated. The mobile information software of the mobile phone is utilized to establish an enterprise software application system for interconnection and intercommunication of the mobile phone and the computer, so that the limitation of time and place is eliminated, the personal company management and communication are carried out at any time, the management efficiency is effectively improved, and the benefit increase of the government and the enterprise is promoted.
However, currently, due to the confidential nature of some departments or enterprises, the account number may bring about a little loss to the company when being stolen by a person, and the current authentication simply relying on the password may be a bit deficient; moreover, when people use the mobile office, two devices are usually used, one device is used for office work, and the other device is used for life use, which undoubtedly brings certain trouble to users and is inconvenient to carry; in order to solve the above-mentioned drawbacks, a solution is now provided.
Disclosure of Invention
The invention aims to provide an internet mobile terminal safe office system.
The technical problem to be solved by the invention is as follows:
(1) how to realize life and office on one device at the same time, and the life and the office can be not interfered with each other;
(2) how to collect the input habits of the user;
(3) how to protect the account of the user according to the input habit of the user and prevent the personal account from being stolen so as to cause loss.
The purpose of the invention can be realized by the following technical scheme:
the internet mobile terminal safety office system is characterized by comprising an administrator terminal, a controller, an identity library, a deep verification module, a data interaction terminal and a plurality of mobile terminals;
the mobile terminal is a portable mobile terminal carried by a worker, and can be a mobile phone, but is not limited to the mobile terminal; the mobile terminal comprises a mode switching unit, a sub-controller, a living unit and an office module, wherein the office module comprises an auxiliary processing unit, a display unit, a data input module, a code scanning identification unit and a data monitoring terminal;
the mode switching unit is used for a user to select mutual switching between an office mode and a life mode according to personal needs, when the office mode needs to be entered, the mode switching unit is used for transmitting a switching working state signal to the sub-controller, the sub-controller transmits an permission signal to the data interaction terminal when receiving the switching working state signal transmitted by the mode switching unit, the data interaction terminal automatically enters an permission state when receiving the permission signal transmitted by the sub-controller, and the data interaction terminal performs data exchange only when the data interaction terminal is in the permission state;
the sub-controller transmits a starting signal to the auxiliary processing unit when receiving a switching working state signal transmitted by the mode switching unit, the auxiliary processing unit transmits the starting signal to the display unit after receiving the starting signal transmitted by the sub-controller, and the display unit automatically displays ' system starting and please operate ' word eyes ' after receiving the starting signal transmitted by the auxiliary processing unit;
when the user uses the system for the first time, an account needs to be created, the data input module is used for the user to input account information, the account information comprises an account, an account password and user identity information, and the user identity information is specifically represented by a user name, a position, a corresponding contact way and a home address; the method comprises the following steps that when a user creates an account, a data acquisition step is carried out, the data acquisition step is used for acquiring frequency information of account passwords input by the user, and a data monitoring end is used for monitoring the frequency information of the account passwords input by the user in real time; the specific collection steps are as follows:
the method comprises the following steps: a user inputs account password information through a data input module;
step two: dividing the account password information into single digital sections, marking the account password information as Mi, i is 1.. n, M1 corresponds to the first password of the account password information, and the rest correspond in sequence;
step three: acquiring interval information one by using a data monitoring end in the process of inputting an account password, wherein the interval information is specifically interval time information between the previous bit and the next bit of the input account password, obtaining a plurality of interval information to form an interval information group, and marking the interval information group as Ti, i is 1.. n-1, wherein T1 is the input interval time between M1 and M2, and Tn-1 is the input interval time between Mn-1 and Mn;
step four: acquiring total time information Tz of the process of obtaining the input account password;
step five: repeating the step one to the step four X1 times, wherein X1 is a preset value; obtaining X1 groups of interval information and total time information; calculating the average value of an X1 group interval information group and total time information to obtain an average interval information group and average total time information, calibrating the average interval information group as a reference interval information group Tci, i ═ n-1, and calibrating the average total time information as a reference time limit Tzc;
the data input module is used for transmitting account information to the auxiliary processing unit, the data monitoring terminal is used for transmitting a reference interval information group Tci and a reference time limit Tzc to the auxiliary processing unit, the auxiliary processing unit is used for transmitting the account information, the reference interval information group Tci and the reference time limit Tzc to the controller through the data interaction terminal, the controller is used for transmitting the account information to the administrator terminal, the administrator terminal is used for verifying the account information, the administrator terminal can approve the account information to be added into the identity library and endow corresponding authority information after verifying the identity information, and the authority information is an operation range which can be executed in the operation system by a user corresponding to the account information; the controller is used for receiving the authority information corresponding to the identity information, transmitting the identity information and the corresponding reference interval information group Tci, reference time limit Tzc and the authority information to an identity library, and the identity library receives the identity information transmitted by the controller and the authority information corresponding to the identity information, the reference interval information group Tci and the reference time limit Tzc and stores the identity information, the reference interval information group Tci and the reference time limit Tzc in real time;
when a user needs to work by means of an office module, a related account and a corresponding account password are input through a data input module, and a real-time interval information combination real-time limit when the account password is input is obtained through a data monitoring end, wherein a real-time interval information group is the interval time between the previous bit and the next bit when the password is input, and the real-time limit is the total time for inputting the password; the data input module is used for transmitting the account, the corresponding account password, the real-time interval information combination and the real-time limit to the auxiliary processing unit, the auxiliary processing unit is used for transmitting the account, the corresponding account password, the real-time interval information combination and the real-time limit to the controller through the data interaction terminal, the controller is used for carrying out authentication processing on the account, the corresponding account password, the real-time interval information combination and the real-time limit, and the specific authentication processing steps are as follows:
the method comprises the following steps: acquiring an account input by a user and an account password corresponding to the account;
step two: comparing the account information stored in the identity library with the controller, and automatically generating an error signal and terminating the current step when the same account and account password are not found by comparing the account and account password with the account information in the identity library; when the account and the account password are compared with the identity library correctly, the next operation is carried out;
step three: acquiring a real-time interval information group when a user inputs an account password, and marking the real-time interval information group as Tsi, i.
Step four: acquiring real-time limit of a user when the user inputs an account password, wherein the real-time limit is total time information of the password which is input currently, and the real-time limit is marked as Tzs;
step five: calculating a time limit difference value Q1 by using a formula Q1-Tzs-Tzc; and (3) judging the time limit difference value Q1, wherein the specific judgment process is as follows:
s1: when Q1 is larger than the preset value X2, the identity is judged to need further confirmation and an in-doubt signal is generated at the moment, and the current step is terminated after the in-doubt signal is generated;
s2: when the Q1 is lower than the preset value X2, the current processing step is continued and the next step is carried out;
step six: acquiring a real-time interval information set Tsi, i.. n-1; simultaneously acquiring a reference interval information group Tci, i.. n-1;
step seven: using formulas
Calculating a time offset difference Q2 between the real-time interval information group and the reference interval information group;
step eight: the offset difference Q2 is determined by the following specific steps:
s1: when Q2 is larger than X3, the identity is judged to need further confirmation and an in-doubt signal is generated, and X3 is a preset value;
s2: when Q2 is lower than X3, a pass signal is generated and the authentication processing step is completed;
the controller can judge that the operation habit of user login is different from the initial setting at the moment after generating an in-doubt signal, the identity is possibly in doubt, the controller can transmit a verification signal to a deep verification module after detecting the in-doubt signal, the deep verification module can automatically generate a random two-dimensional code when receiving the verification signal transmitted by the controller, the random two-dimensional code contains a random secret key, the deep verification module is used for returning the random secret key to the controller, and the controller is used for marking the random secret key as a secret key to be verified; the controller is used for transmitting the random two-dimensional code to a mobile terminal bound to a corresponding account through a wireless communication technology, an auxiliary processing unit of the mobile terminal transmits the random two-dimensional code to a code scanning identification unit after receiving the random two-dimensional code, the code scanning identification unit is used for automatically identifying the random two-dimensional code and acquiring a random key, and the code scanning identification unit is used for transmitting the random key to a display unit for real-time display;
the user transmits the random key to the auxiliary processing unit through the random key displayed by the display unit and the data input module, the auxiliary processing unit is used for transmitting the random key to the controller through the data interaction end, the controller compares the random key with the key to be verified and passes the identity verification when the comparison is consistent, and the controller automatically acquires the corresponding authority information in the identity library and gives authority to the user of the account when passing the identity verification.
Further, the controller is further configured to perform a data modification process when the identity authentication is passed, where the specific process is as follows:
the method comprises the following steps: acquiring a real-time interval information set Tsi, i.. n-1; simultaneously acquiring a reference interval information group Tci, i ═ n-1 of a corresponding account from an identity library; calculating to obtain an average value of the Tsi and the Tci, and calibrating the average value to be an updated reference interval information group;
step two: transmitting the updated reference interval information group into an identity base and re-calibrating the updated reference interval information group as a new reference interval information group Tci, i.. n-1 to replace the original reference interval information group;
step three: acquiring a real-time limit Tzs and acquiring a reference time limit Tzc of a corresponding account in an identity library; calculating to obtain an average value of Tzs and Tzc and calibrating the average value as an updating reference time limit;
step four: the updated reference time limit is transmitted to the identity base and is re-calibrated to be a new reference time limit Tzc, replacing the original reference time limit.
Further, when a living mode needs to be entered, the mode switching unit is used for transmitting a living state switching signal to the sub-controller, and the sub-controller drives and controls the living unit to be started when receiving the living state switching signal transmitted by the mode switching unit;
the sub-controller transmits a closing signal to the data interaction end when receiving the switching living state signal transmitted by the mode switching unit, and the data interaction end refuses to receive any signal transmitted by the auxiliary processing unit when receiving the closing signal transmitted by the sub-controller.
The invention has the beneficial effects that:
(1) according to the invention, through the mode switching unit arranged on the mobile terminal, a user can switch between the living unit and the office module at will, and the data interaction terminal can cut off the connection between the auxiliary processing units when entering the living mode, and at the moment, no information can be transmitted to the controller, so that the office information is prevented from being read in the living mode;
(2) according to the invention, through the data monitoring terminal, when a user creates an account and inputs a password, the time information and the corresponding interval information of the input password are collected and marked as the operation habit of the user, and the operation habit of the user is continuously corrected along with the subsequent password input time and the corresponding interval information, so that the most correct user habit is obtained;
(3) according to the method and the device, the real-time operation habit of the subsequent user is acquired and compared with the original operation habit when the user logs in, if the operation habit is inconsistent, the deep verification module is used for deep verification, information leakage caused by embezzlement of the user identity is avoided, and further operation can be performed only after the deep verification is completed.
Drawings
In order to facilitate understanding for those skilled in the art, the present invention will be further described with reference to the accompanying drawings.
FIG. 1 is a block diagram of the system of the present invention.
Detailed Description
As shown in fig. 1, the internet mobile terminal security office system includes an administrator terminal, a controller, an identity library, a deep verification module, a data interaction terminal and a plurality of mobile terminals;
the mobile terminal is a portable mobile terminal carried by a worker, and can be a mobile phone, but is not limited to the mobile terminal; the mobile terminal comprises a mode switching unit, a sub-controller, a living unit and an office module, wherein the office module comprises an auxiliary processing unit, a display unit, a data input module, a code scanning identification unit and a data monitoring terminal;
the mode switching unit is used for a user to select mutual switching between an office mode and a life mode according to personal needs, when the office mode needs to be entered, the mode switching unit is used for transmitting a switching working state signal to the sub-controller, the sub-controller transmits an permission signal to the data interaction terminal when receiving the switching working state signal transmitted by the mode switching unit, the data interaction terminal automatically enters an permission state when receiving the permission signal transmitted by the sub-controller, and the data interaction terminal performs data exchange only when the data interaction terminal is in the permission state;
the sub-controller transmits a starting signal to the auxiliary processing unit when receiving a switching working state signal transmitted by the mode switching unit, the auxiliary processing unit transmits the starting signal to the display unit after receiving the starting signal transmitted by the sub-controller, and the display unit automatically displays ' system starting and please operate ' word eyes ' after receiving the starting signal transmitted by the auxiliary processing unit;
when the user uses the system for the first time, an account needs to be created, the data input module is used for the user to input account information, the account information comprises an account, an account password and user identity information, and the user identity information is specifically represented by a user name, a position, a corresponding contact way and a home address; the method comprises the following steps that when a user creates an account, a data acquisition step is carried out, the data acquisition step is used for acquiring frequency information of account passwords input by the user, and a data monitoring end is used for monitoring the frequency information of the account passwords input by the user in real time; the specific collection steps are as follows:
the method comprises the following steps: a user inputs account password information through a data input module;
step two: dividing the account password information into single digital sections, marking the account password information as Mi, i is 1.. n, M1 corresponds to the first password of the account password information, and the rest correspond in sequence;
step three: acquiring interval information one by using a data monitoring end in the process of inputting an account password, wherein the interval information is specifically interval time information between the previous bit and the next bit of the input account password, obtaining a plurality of interval information to form an interval information group, and marking the interval information group as Ti, i is 1.. n-1, wherein T1 is the input interval time between M1 and M2, and Tn-1 is the input interval time between Mn-1 and Mn;
step four: acquiring total time information Tz of the process of obtaining the input account password;
step five: repeating the step one to the step four X1 times, wherein X1 is a preset value; obtaining X1 groups of interval information and total time information; calculating the average value of an X1 group interval information group and total time information to obtain an average interval information group and average total time information, calibrating the average interval information group as a reference interval information group Tci, i ═ n-1, and calibrating the average total time information as a reference time limit Tzc;
the data input module is used for transmitting account information to the auxiliary processing unit, the data monitoring terminal is used for transmitting a reference interval information group Tci and a reference time limit Tzc to the auxiliary processing unit, the auxiliary processing unit is used for transmitting the account information, the reference interval information group Tci and the reference time limit Tzc to the controller through the data interaction terminal, the controller is used for transmitting the account information to the administrator terminal, the administrator terminal is used for verifying the account information, the administrator terminal can approve the account information to be added into the identity library and endow corresponding authority information after verifying the identity information, and the authority information is an operation range which can be executed in the operation system by a user corresponding to the account information; the controller is used for receiving the authority information corresponding to the identity information, transmitting the identity information and the corresponding reference interval information group Tci, reference time limit Tzc and the authority information to an identity library, and the identity library receives the identity information transmitted by the controller and the authority information corresponding to the identity information, the reference interval information group Tci and the reference time limit Tzc and stores the identity information, the reference interval information group Tci and the reference time limit Tzc in real time;
when a user needs to work by means of an office module, a related account and a corresponding account password are input through a data input module, and a real-time interval information combination real-time limit when the account password is input is obtained through a data monitoring end, wherein a real-time interval information group is the interval time between the previous bit and the next bit when the password is input, and the real-time limit is the total time for inputting the password; the data input module is used for transmitting the account, the corresponding account password, the real-time interval information combination and the real-time limit to the auxiliary processing unit, the auxiliary processing unit is used for transmitting the account, the corresponding account password, the real-time interval information combination and the real-time limit to the controller through the data interaction terminal, the controller is used for carrying out authentication processing on the account, the corresponding account password, the real-time interval information combination and the real-time limit, and the specific authentication processing steps are as follows:
the method comprises the following steps: acquiring an account input by a user and an account password corresponding to the account;
step two: comparing the account information stored in the identity library with the controller, and automatically generating an error signal and terminating the current step when the same account and account password are not found by comparing the account and account password with the account information in the identity library; when the account and the account password are compared with the identity library correctly, the next operation is carried out;
step three: acquiring a real-time interval information group when a user inputs an account password, and marking the real-time interval information group as Tsi, i.
Step four: acquiring real-time limit of a user when the user inputs an account password, wherein the real-time limit is total time information of the password which is input currently, and the real-time limit is marked as Tzs;
step five: calculating a time limit difference value Q1 by using a formula Q1-Tzs-Tzc; and (3) judging the time limit difference value Q1, wherein the specific judgment process is as follows:
s1: when Q1 is larger than the preset value X2, the identity is judged to need further confirmation and an in-doubt signal is generated at the moment, and the current step is terminated after the in-doubt signal is generated;
s2: when the Q1 is lower than the preset value X2, the current processing step is continued and the next step is carried out;
step six: acquiring a real-time interval information set Tsi, i.. n-1; simultaneously acquiring a reference interval information group Tci, i.. n-1;
step seven: using formulas
Calculating a time offset difference Q2 between the real-time interval information group and the reference interval information group;
step eight: the offset difference Q2 is determined by the following specific steps:
s1: when Q2 is larger than X3, the identity is judged to need further confirmation and an in-doubt signal is generated, and X3 is a preset value;
s2: when Q2 is lower than X3, a pass signal is generated and the authentication processing step is completed;
the controller can judge that the operation habit of user login is different from the initial setting at the moment after generating an in-doubt signal, the identity is possibly in doubt, the controller can transmit a verification signal to a deep verification module after detecting the in-doubt signal, the deep verification module can automatically generate a random two-dimensional code when receiving the verification signal transmitted by the controller, the random two-dimensional code contains a random secret key, the deep verification module is used for returning the random secret key to the controller, and the controller is used for marking the random secret key as a secret key to be verified; the controller is used for transmitting the random two-dimensional code to a mobile terminal bound to a corresponding account through a wireless communication technology, an auxiliary processing unit of the mobile terminal transmits the random two-dimensional code to a code scanning identification unit after receiving the random two-dimensional code, the code scanning identification unit is used for automatically identifying the random two-dimensional code and acquiring a random key, and the code scanning identification unit is used for transmitting the random key to a display unit for real-time display;
the user transmits the random key to the auxiliary processing unit through the random key displayed by the display unit and the data input module, the auxiliary processing unit is used for transmitting the random key to the controller through the data interaction end, the controller compares the random key with the key to be verified and passes the identity verification when the comparison is consistent, and the controller automatically acquires the corresponding authority information in the identity library and gives authority to the user of the account when passing the identity verification.
The controller is further configured to perform a data modification process when the identity authentication is passed, where the specific process is as follows:
the method comprises the following steps: acquiring a real-time interval information set Tsi, i.. n-1; simultaneously acquiring a reference interval information group Tci, i ═ n-1 of a corresponding account from an identity library; calculating to obtain an average value of the Tsi and the Tci, and calibrating the average value to be an updated reference interval information group;
step two: transmitting the updated reference interval information group into an identity base and re-calibrating the updated reference interval information group as a new reference interval information group Tci, i.. n-1 to replace the original reference interval information group;
step three: acquiring a real-time limit Tzs and acquiring a reference time limit Tzc of a corresponding account in an identity library; calculating to obtain an average value of Tzs and Tzc and calibrating the average value as an updating reference time limit;
step four: the updated reference time limit is transmitted to the identity base and is re-calibrated to be a new reference time limit Tzc, replacing the original reference time limit.
When a living mode needs to be entered, the mode switching unit is used for transmitting a living state switching signal to the sub-controller, and the sub-controller drives and controls the living unit to start when receiving the living state switching signal transmitted by the mode switching unit;
the sub-controller transmits a closing signal to the data interaction end when receiving the switching living state signal transmitted by the mode switching unit, and the data interaction end refuses to receive any signal transmitted by the auxiliary processing unit when receiving the closing signal transmitted by the sub-controller.
When the internet mobile terminal security office system works, firstly, a required mode is selected through a mode switching unit of the mobile terminal, when the work is required, the mode is automatically switched to the office mode, the office module is used for related work, when the account is started to be created, an operation habit acquisition step is completed through a data monitoring terminal, and time interval information when a user operates and inputs a password is acquired and serves as a personal mark of the user; after the account is created, the personal operation habit of the user is approved by the data monitoring terminal when the user logs in, if the personal operation habit is different from the operation habit acquired in advance, the identity of the user is further verified by the deep verification module, and the user is allowed to execute corresponding operation after the verification is passed; thereby ensuring the security of the user account;
the invention has the following beneficial effects:
(1) according to the invention, through the mode switching unit arranged on the mobile terminal, a user can switch between the living unit and the office module at will, and the data interaction terminal can cut off the connection between the auxiliary processing units when entering the living mode, and at the moment, no information can be transmitted to the controller, so that the office information is prevented from being read in the living mode;
(2) according to the invention, through the data monitoring terminal, when a user creates an account and inputs a password, the time information and the corresponding interval information of the input password are collected and marked as the operation habit of the user, and the operation habit of the user is continuously corrected along with the subsequent password input time and the corresponding interval information, so that the most correct user habit is obtained;
(3) according to the method and the device, the real-time operation habit of the subsequent user is acquired and compared with the original operation habit when the user logs in, if the operation habit is inconsistent, the deep verification module is used for deep verification, information leakage caused by embezzlement of the user identity is avoided, and further operation can be performed only after the deep verification is completed.
The foregoing is merely exemplary and illustrative of the present invention and various modifications, additions and substitutions may be made by those skilled in the art to the specific embodiments described without departing from the scope of the invention as defined in the following claims.
Claims (3)
1. The internet mobile terminal safety office system is characterized by comprising an administrator terminal, a controller, an identity library, a deep verification module, a data interaction terminal and a plurality of mobile terminals;
the mobile terminal is a portable mobile terminal carried by a worker; the mobile terminal comprises a mode switching unit, a sub-controller, a living unit and an office module, wherein the office module comprises an auxiliary processing unit, a display unit, a data input module, a code scanning identification unit and a data monitoring terminal;
the mode switching unit is used for a user to select mutual switching between an office mode and a life mode according to personal needs, when the office mode needs to be entered, the mode switching unit is used for transmitting a switching working state signal to the sub-controller, the sub-controller transmits an permission signal to the data interaction terminal when receiving the switching working state signal transmitted by the mode switching unit, the data interaction terminal automatically enters an permission state when receiving the permission signal transmitted by the sub-controller, and the data interaction terminal performs data exchange only when the data interaction terminal is in the permission state;
the sub-controller transmits a starting signal to the auxiliary processing unit when receiving a switching working state signal transmitted by the mode switching unit, the auxiliary processing unit transmits the starting signal to the display unit after receiving the starting signal transmitted by the sub-controller, and the display unit automatically displays ' system starting and please operate ' word eyes ' after receiving the starting signal transmitted by the auxiliary processing unit;
when the user uses the system for the first time, an account needs to be created, the data input module is used for the user to input account information, the account information comprises an account, an account password and user identity information, and the user identity information is specifically represented by a user name, a position, a corresponding contact way and a home address; the method comprises the following steps that when a user creates an account, a data acquisition step is carried out, the data acquisition step is used for acquiring frequency information of account passwords input by the user, and a data monitoring end is used for monitoring the frequency information of the account passwords input by the user in real time; the specific collection steps are as follows:
the method comprises the following steps: a user inputs account password information through a data input module;
step two: dividing the account password information into single digital sections, marking the account password information as Mi, i is 1.. n, M1 corresponds to the first password of the account password information, and the rest correspond in sequence;
step three: acquiring interval information one by using a data monitoring end in the process of inputting an account password, wherein the interval information is specifically interval time information between the previous bit and the next bit of the input account password, obtaining a plurality of interval information to form an interval information group, and marking the interval information group as Ti, i is 1.. n-1, wherein T1 is the input interval time between M1 and M2, and Tn-1 is the input interval time between Mn-1 and Mn;
step four: acquiring total time information Tz of the process of obtaining the input account password;
step five: repeating the step one to the step four X1 times, wherein X1 is a preset value; obtaining X1 groups of interval information and total time information; calculating the average value of an X1 group interval information group and total time information to obtain an average interval information group and average total time information, calibrating the average interval information group as a reference interval information group Tci, i ═ n-1, and calibrating the average total time information as a reference time limit Tzc;
the data input module is used for transmitting account information to the auxiliary processing unit, the data monitoring terminal is used for transmitting a reference interval information group Tci and a reference time limit Tzc to the auxiliary processing unit, the auxiliary processing unit is used for transmitting the account information, the reference interval information group Tci and the reference time limit Tzc to the controller through the data interaction terminal, the controller is used for transmitting the account information to the administrator terminal, the administrator terminal is used for verifying the account information, the administrator terminal can approve the account information to be added into the identity library and endow corresponding authority information after verifying the identity information, and the authority information is an operation range which can be executed in the operation system by a user corresponding to the account information; the controller is used for receiving the authority information corresponding to the identity information, transmitting the identity information and the corresponding reference interval information group Tci, reference time limit Tzc and the authority information to an identity library, and the identity library receives the identity information transmitted by the controller and the authority information corresponding to the identity information, the reference interval information group Tci and the reference time limit Tzc and stores the identity information, the reference interval information group Tci and the reference time limit Tzc in real time;
when a user needs to work by means of an office module, a related account and a corresponding account password are input through a data input module, and a real-time interval information group and a real-time limit when the account password is input are obtained through a data monitoring end, wherein the real-time interval information group is the interval time between the previous bit and the next bit when the password is input, and the real-time limit is the total time for inputting the password; the data input module is used for transmitting the account, the corresponding account password, the real-time interval information group and the real-time limit to the auxiliary processing unit, the auxiliary processing unit is used for transmitting the account, the corresponding account password, the real-time interval information group and the real-time limit to the controller through the data interaction terminal, the controller is used for carrying out authentication processing on the account, the corresponding account password, the real-time interval information group and the real-time limit, and the specific authentication processing steps are as follows:
the method comprises the following steps: acquiring an account input by a user and an account password corresponding to the account;
step two: comparing the account information stored in the identity library with the controller, and automatically generating an error signal and terminating the current step when the same account and account password are not found by comparing the account and account password with the account information in the identity library; when the account and the account password are compared with the identity library correctly, the next operation is carried out;
step three: acquiring a real-time interval information group when a user inputs an account password, and marking the real-time interval information group as Tsi, i.
Step four: acquiring real-time limit of a user when the user inputs an account password, wherein the real-time limit is total time information of the password which is input currently, and the real-time limit is marked as Tzs;
step five: calculating a time limit difference value Q1 by using a formula Q1-Tzs-Tzc; and (3) judging the time limit difference value Q1, wherein the specific judgment process is as follows:
s1: when Q1 is larger than the preset value X2, the identity is judged to need further confirmation and an in-doubt signal is generated at the moment, and the current step is terminated after the in-doubt signal is generated;
s2: when the Q1 is lower than the preset value X2, the current processing step is continued and the next step is carried out;
step six: acquiring a real-time interval information set Tsi, i.. n-1; simultaneously acquiring a reference interval information group Tci, i.. n-1;
step seven: using formulas
Calculating a time offset difference Q2 between the real-time interval information group and the reference interval information group;
step eight: the offset difference Q2 is determined by the following specific steps:
s1: when Q2 is larger than X3, the identity is judged to need further confirmation and an in-doubt signal is generated, and X3 is a preset value;
s2: when Q2 is lower than X3, a pass signal is generated and the authentication processing step is completed;
the controller can judge that the operation habit of user login is different from the initial setting at the moment after generating an in-doubt signal, the identity is possibly in doubt, the controller can transmit a verification signal to a deep verification module after detecting the in-doubt signal, the deep verification module can automatically generate a random two-dimensional code when receiving the verification signal transmitted by the controller, the random two-dimensional code contains a random secret key, the deep verification module is used for returning the random secret key to the controller, and the controller is used for marking the random secret key as a secret key to be verified; the controller is used for transmitting the random two-dimensional code to a mobile terminal bound to a corresponding account through a wireless communication technology, an auxiliary processing unit of the mobile terminal transmits the random two-dimensional code to a code scanning identification unit after receiving the random two-dimensional code, the code scanning identification unit is used for automatically identifying the random two-dimensional code and acquiring a random key, and the code scanning identification unit is used for transmitting the random key to a display unit for real-time display;
the user obtains a random key through the display unit and transmits the random key to the auxiliary processing unit through the data input module, the auxiliary processing unit is used for transmitting the random key to the controller through the data interaction end, the controller compares the random key with a key to be verified and passes identity verification when the random key is consistent with the key to be verified, and the controller automatically obtains corresponding authority information in the identity library and gives authority to the user of the account when passing the identity verification.
2. The internet mobile terminal secure office system of claim 1, wherein the controller is further configured to perform a data modification process when the identity authentication is passed, the specific process being as follows:
the method comprises the following steps: acquiring a real-time interval information set Tsi, i.. n-1; simultaneously acquiring a reference interval information group Tci, i ═ n-1 of a corresponding account from an identity library; calculating to obtain an average value of the Tsi and the Tci, and calibrating the average value to be an updated reference interval information group;
step two: transmitting the updated reference interval information group into an identity base and re-calibrating the updated reference interval information group as a new reference interval information group Tci, i.. n-1 to replace the original reference interval information group;
step three: acquiring a real-time limit Tzs and acquiring a reference time limit Tzc of a corresponding account in an identity library; calculating to obtain an average value of Tzs and Tzc and calibrating the average value as an updating reference time limit;
step four: the updated reference time limit is transmitted to the identity base and is re-calibrated to be a new reference time limit Tzc, replacing the original reference time limit.
3. The internet mobile terminal security office system of claim 1, wherein when a life mode needs to be entered, the mode switching unit is configured to transmit a life state switching signal to the sub-controller, and the sub-controller drives and controls the life unit to be started when receiving the life state switching signal transmitted by the mode switching unit;
the sub-controller transmits a closing signal to the data interaction end when receiving the switching living state signal transmitted by the mode switching unit, and the data interaction end refuses to receive any signal transmitted by the auxiliary processing unit when receiving the closing signal transmitted by the sub-controller.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811203514.1A CN109359448B (en) | 2018-10-16 | 2018-10-16 | Internet mobile terminal safety office system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811203514.1A CN109359448B (en) | 2018-10-16 | 2018-10-16 | Internet mobile terminal safety office system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN109359448A CN109359448A (en) | 2019-02-19 |
| CN109359448B true CN109359448B (en) | 2021-05-07 |
Family
ID=65349276
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811203514.1A Active CN109359448B (en) | 2018-10-16 | 2018-10-16 | Internet mobile terminal safety office system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109359448B (en) |
Families Citing this family (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110855660B (en) * | 2019-11-08 | 2021-10-01 | 珠海市鸿瑞信息技术股份有限公司 | Power industry network management system based on virtual link |
| CN110830480B (en) * | 2019-11-13 | 2022-04-15 | 国网山西省电力公司信息通信分公司 | Power distribution terminal safety access system based on electric power thing networking |
| CN111464509B (en) * | 2020-03-18 | 2022-02-01 | 珠海市鸿瑞信息技术股份有限公司 | Network security isolation system for double-processing system |
| CN111475472B (en) * | 2020-04-14 | 2021-05-04 | 上海月新生科信息科技有限公司 | Automatic preprocessing method for single particle analysis data of cryoelectron microscope |
| CN111428220A (en) * | 2020-05-07 | 2020-07-17 | 与众科技(天津)有限公司 | Mobile terminal office system based on remote collaboration platform |
Citations (15)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101572660A (en) * | 2008-04-30 | 2009-11-04 | 北京明朝万达科技有限公司 | Comprehensive control method for preventing leakage of data |
| CN103023652A (en) * | 2012-12-07 | 2013-04-03 | 康佳集团股份有限公司 | Status identification method and system through bar code based on mobile terminal |
| KR101338869B1 (en) * | 2011-07-25 | 2013-12-06 | 주식회사 데이터코어시스템즈 | Remote Mobile office system and operating method of the same |
| CN103455752A (en) * | 2013-09-10 | 2013-12-18 | 百度在线网络技术(北京)有限公司 | Password setting method, password verification method, device and system using methods |
| CN104283679A (en) * | 2013-07-05 | 2015-01-14 | 中国电信股份有限公司 | Method and system for conducting safety certification by input rhythms |
| CN104318136A (en) * | 2014-09-29 | 2015-01-28 | 同济大学 | Modeling and analysis system for user keyboard key pressing activity mode and identity identification method thereof |
| CN104469767A (en) * | 2014-10-28 | 2015-03-25 | 杭州电子科技大学 | Implementation method for integrated security protection subsystem of mobile office system |
| CN104618333A (en) * | 2014-12-30 | 2015-05-13 | 北京工业大学 | Mobile terminal safety office system |
| CN105282088A (en) * | 2014-05-28 | 2016-01-27 | 腾讯科技(深圳)有限公司 | Method and system for controlling verification server and method and system for controlling verification |
| CN105844144A (en) * | 2016-03-23 | 2016-08-10 | 惠州Tcl移动通信有限公司 | Touch screen based mobile terminal input detection method and system |
| CN105975848A (en) * | 2016-04-29 | 2016-09-28 | 努比亚技术有限公司 | Password unlocking method and apparatus |
| CN106488007A (en) * | 2016-09-12 | 2017-03-08 | 努比亚技术有限公司 | A kind of auth method and terminal |
| CN106685940A (en) * | 2016-12-19 | 2017-05-17 | 浙江宇视科技有限公司 | Password processing method and server |
| CN206849097U (en) * | 2017-03-13 | 2018-01-05 | 北京思路创新科技有限公司 | A kind of mobile office system |
| CN108055238A (en) * | 2017-11-10 | 2018-05-18 | 平安普惠企业管理有限公司 | A kind of account verification method and system |
-
2018
- 2018-10-16 CN CN201811203514.1A patent/CN109359448B/en active Active
Patent Citations (15)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101572660A (en) * | 2008-04-30 | 2009-11-04 | 北京明朝万达科技有限公司 | Comprehensive control method for preventing leakage of data |
| KR101338869B1 (en) * | 2011-07-25 | 2013-12-06 | 주식회사 데이터코어시스템즈 | Remote Mobile office system and operating method of the same |
| CN103023652A (en) * | 2012-12-07 | 2013-04-03 | 康佳集团股份有限公司 | Status identification method and system through bar code based on mobile terminal |
| CN104283679A (en) * | 2013-07-05 | 2015-01-14 | 中国电信股份有限公司 | Method and system for conducting safety certification by input rhythms |
| CN103455752A (en) * | 2013-09-10 | 2013-12-18 | 百度在线网络技术(北京)有限公司 | Password setting method, password verification method, device and system using methods |
| CN105282088A (en) * | 2014-05-28 | 2016-01-27 | 腾讯科技(深圳)有限公司 | Method and system for controlling verification server and method and system for controlling verification |
| CN104318136A (en) * | 2014-09-29 | 2015-01-28 | 同济大学 | Modeling and analysis system for user keyboard key pressing activity mode and identity identification method thereof |
| CN104469767A (en) * | 2014-10-28 | 2015-03-25 | 杭州电子科技大学 | Implementation method for integrated security protection subsystem of mobile office system |
| CN104618333A (en) * | 2014-12-30 | 2015-05-13 | 北京工业大学 | Mobile terminal safety office system |
| CN105844144A (en) * | 2016-03-23 | 2016-08-10 | 惠州Tcl移动通信有限公司 | Touch screen based mobile terminal input detection method and system |
| CN105975848A (en) * | 2016-04-29 | 2016-09-28 | 努比亚技术有限公司 | Password unlocking method and apparatus |
| CN106488007A (en) * | 2016-09-12 | 2017-03-08 | 努比亚技术有限公司 | A kind of auth method and terminal |
| CN106685940A (en) * | 2016-12-19 | 2017-05-17 | 浙江宇视科技有限公司 | Password processing method and server |
| CN206849097U (en) * | 2017-03-13 | 2018-01-05 | 北京思路创新科技有限公司 | A kind of mobile office system |
| CN108055238A (en) * | 2017-11-10 | 2018-05-18 | 平安普惠企业管理有限公司 | A kind of account verification method and system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN109359448A (en) | 2019-02-19 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109359448B (en) | Internet mobile terminal safety office system | |
| CN102262793B (en) | Entrance guard control method and entrance guard control system | |
| CN100380267C (en) | Method, arrangement and apparatus for authentication through communications network | |
| CN100536388C (en) | Apparatus, system, and method for authorized remote access to a target system | |
| US9548984B2 (en) | Authorizing a user by means of a portable communications terminal | |
| US11403380B2 (en) | Method for managing fingerprint and system thereof | |
| US20080120698A1 (en) | Systems and methods for authenticating a device | |
| CN105303670A (en) | Access control management method, device and system | |
| CN103077356A (en) | Protecting and tracking method for primary information of mobile terminal based on user behavior pattern | |
| CN103929748A (en) | Internet of things wireless terminal, configuration method thereof and wireless network access point | |
| CN101815091A (en) | Cipher providing equipment, cipher authentication system and cipher authentication method | |
| Kuo et al. | Low-cost manufacturing, usability, and security: An analysis of bluetooth simple pairing and wi-fi protected setup | |
| JP4698481B2 (en) | Worker management method, information processing apparatus, worker terminal, and program used therefor | |
| CN112734248A (en) | Real estate intelligent management system | |
| EP1868125A1 (en) | Method for identifying a user of a computer system | |
| CN103001970B (en) | Safety authentication method and safety authentication system | |
| JP2017063480A (en) | Authentication system keeping confidentiality of secret data | |
| CN108710793A (en) | A kind of computer network means of defence and system | |
| Karim et al. | Choosing the right MFA method for online systems: A comparative analysis | |
| CN109495500A (en) | A kind of double factor authentication method based on smart phone | |
| CN201717885U (en) | Code providing equipment and code identification system | |
| CN106686196A (en) | Personal mobile phone safety management method | |
| CN206563996U (en) | A kind of intelligent network access control system control panel | |
| CN106485100A (en) | A kind of method of internet computer software lock and its service system | |
| CN106250773A (en) | The operational approach of a kind of terminal, system and terminal |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20210420 Address after: Room 101, building 19, Tianan headquarters center, 555 Panyu Avenue North, Donghuan street, Panyu District, Guangzhou, Guangdong 511400 Applicant after: GUANGZHOU YIDEJIA NETWORK TECHNOLOGY Co.,Ltd. Address before: 310000 506, 5 floor, 9 building, 972 Moganshan Road, Gongshu District, Hangzhou, Zhejiang. Applicant before: HANGZHOU HONGSHENG INFORMATION TECHNOLOGY Co.,Ltd. |
|
| TA01 | Transfer of patent application right | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |