CN113132106A - User identity recognition system - Google Patents
User identity recognition system Download PDFInfo
- Publication number
- CN113132106A CN113132106A CN201911398337.1A CN201911398337A CN113132106A CN 113132106 A CN113132106 A CN 113132106A CN 201911398337 A CN201911398337 A CN 201911398337A CN 113132106 A CN113132106 A CN 113132106A
- Authority
- CN
- China
- Prior art keywords
- data
- user
- information
- unit
- matching
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3234—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving additional secure or trusted devices, e.g. TPM, smartcard, USB or software token
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0853—Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0861—Network architectures or network communication protocols for network security for authentication of entities using biometrical features, e.g. fingerprint, retina-scan
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3226—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
- H04L9/3231—Biological data, e.g. fingerprint, voice or retina
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Biomedical Technology (AREA)
- General Health & Medical Sciences (AREA)
- Health & Medical Sciences (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Life Sciences & Earth Sciences (AREA)
- Biodiversity & Conservation Biology (AREA)
- Measurement Of The Respiration, Hearing Ability, Form, And Blood Characteristics Of Living Organisms (AREA)
- Collating Specific Patterns (AREA)
Abstract
The invention discloses a user identity recognition system, which comprises: a storage unit for storing user information; the information reading unit is used for reading the user information from the storage unit under the condition that the distance between the storage unit and the information reading unit is smaller than a preset threshold value; the information matching unit is used for matching the user information read from the storage unit with the user information stored in the database to obtain a first matching result; the mobile equipment comprises a feature acquisition module and a data matching module, wherein the feature acquisition module is used for acquiring first biological feature data of a user; the data matching module is used for matching the first biological characteristic data with pre-stored second biological characteristic data to obtain a second matching result; and the control unit is used for identifying the user identity according to the first matching result and the second matching result. According to the embodiment of the invention, the identification of the user identity can be accurately realized.
Description
Technical Field
The invention belongs to the field of identity recognition, and particularly relates to a user identity recognition system.
Background
With the rapid development of internet and mobile informatization, the number of types of networked devices is increasing, and therefore, it is important for users to be able to accurately identify the identity of the users.
Currently, identification of a user identity is achieved through an identity identification system. However, the illegal means used by the lawbreakers nowadays are more and more advanced, and the current identity recognition system often cannot effectively prevent some lawbreakers, and especially the security becomes more important for some key entry and exit places. Therefore, how to accurately identify the user is an urgent problem to be solved.
Disclosure of Invention
The embodiment of the invention provides a user identity recognition system which can accurately recognize the user identity.
In one aspect, an embodiment of the present invention provides a user identity identification system, including:
a storage unit for storing user information;
the information reading unit is used for reading the user information from the storage unit under the condition that the distance between the storage unit and the information reading unit is smaller than a preset threshold value;
the information matching unit is used for matching the user information read from the storage unit with the user information stored in the database to obtain a first matching result;
the mobile equipment comprises a feature acquisition module and a data matching module, wherein the feature acquisition module is used for acquiring first biological feature data of a user; the data matching module is used for matching the first biological characteristic data with pre-stored second biological characteristic data to obtain a second matching result;
and the control unit is used for identifying the user identity according to the first matching result and the second matching result.
The user identity recognition system provided by the embodiment of the invention can connect the user information with the Internet on the basis of the Internet of things, thereby realizing user identity recognition. In addition, the identity recognition is carried out by reading the user information stored in the storage unit and collecting the biological characteristic data of the user. Due to the fact that the user identity is identified through multiple layers of identity identification levels, the user identity can be accurately identified.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings required to be used in the embodiments of the present invention will be briefly described below, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.
Fig. 1 is a schematic structural diagram of a user identification system according to an embodiment of the present invention;
fig. 2 is a schematic structural diagram of a user identification system according to another embodiment of the present invention;
fig. 3 is a schematic structural diagram of a terminal device according to an embodiment of the present invention;
fig. 4 is a schematic structural diagram of a blockchain unit according to an embodiment of the present invention;
fig. 5 is a flowchart illustrating a user identification method according to another embodiment of the present invention.
Detailed Description
Features and exemplary embodiments of various aspects of the present invention will be described in detail below, and in order to make objects, technical solutions and advantages of the present invention more apparent, the present invention will be further described in detail below with reference to the accompanying drawings and specific embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not to be construed as limiting the invention. It will be apparent to one skilled in the art that the present invention may be practiced without some of these specific details. The following description of the embodiments is merely intended to provide a better understanding of the present invention by illustrating examples of the present invention.
It is noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
In order to solve the problem in the prior art, fig. 1 illustrates a schematic structural diagram of a user identification system according to an embodiment of the present invention. The user identification system may be an internet of things-based user identification system. As shown in fig. 1, the user identification system includes a storage unit 101, an information reading unit 102, an information matching unit 103, a mobile device 104, and a control unit 105.
The storage unit 101 is used to store user information. For example, the storage unit 101 may be a user Identity (ID) card with a chip, and the ID card stores user information.
The information reading unit 102 is configured to read the user information from the storage unit 101 in a case where a distance between the storage unit 101 and the information reading unit 102 is smaller than a predetermined threshold value. For example, the information reading unit 102 is an rfid unit, and when the storage unit 101 is close to the rfid unit, the rfid unit reads the user information stored in the storage unit 101.
The information matching unit 103 is configured to match the user information read from the storage unit 101 with the user information stored in the database, so as to obtain a first matching result. If the first matching result is that the user information read from the storage unit 101 is successfully matched with the user information stored in the database, the user identity can be preliminarily identified to be legal. The determination may then be further made in conjunction with the first biometric data collected by the mobile device 104.
After the information reading unit 102 reads the user information, the user information may be sent to the control unit 105, and the control unit 105 sends the user information to the information matching unit 103. Alternatively, after the information reading unit 102 reads the user information, the user information may be directly transmitted to the control unit 105
The mobile device 104 comprises a feature acquisition module and a data matching module, wherein the feature acquisition module is used for acquiring first biological feature data of a user; the data matching module is used for matching the first biological characteristic data with pre-stored second biological characteristic data to obtain a second matching result. The data matching module can calculate similarity of the first biological feature data and the second biological feature data, and if the similarity of the first biological feature data and the second biological feature data is larger than a preset similarity threshold, it is determined that the first biological feature data and the second biological feature data are successfully matched. And if the similarity of the first biological characteristic data and the second biological characteristic data is less than or equal to a preset similarity threshold value, determining that the first biological characteristic data and the second biological characteristic data fail to be matched.
The control unit 105 is configured to identify the user identity according to the first matching result and the second matching result. And if the first matching result and the second matching result are both matching success, identifying that the user identity is legal. And if any one of the first matching result and the second matching result is failed to match, identifying that the user identity is illegal.
For example, the user identification system may be a user identification system for entrance guard. The access control may be a corporate access control or a community access control. The storage unit 101 may be an entrance card, and the information reading unit 102 may be disposed near a door. The user identification system may be a card identification system, such as identifying the identity of a user of a bank card.
In the embodiment of the invention, the user information can be connected with the Internet on the basis of the Internet of things, so that the user identity identification is realized. In addition, identification is performed by reading the user information stored in the storage unit 101 and collecting biometric data of the user. Due to the fact that the user identity identification is carried out through the multiple layers of identity identification checkpoints, the user identity identification can be accurately achieved.
In one or more embodiments of the present invention, optionally, the information reading unit 102 is further configured to read a hardware identifier of the storage unit 101, for example, the hardware identifier is a hardware identifier code.
The user identification system further includes:
and the safety unit is connected with the information reading unit 102 and is used for matching the hardware identifier of the storage unit 101 with the pre-stored hardware identifier so as to record the result that the hardware identifier of the storage unit 101 is not matched with the pre-stored hardware identifier under the condition that the hardware identifier of the storage unit 101 is not matched with the pre-stored hardware identifier. The safety unit can be a safety anti-blocking micro-processing chip.
Alternatively, in the case where the hardware identification of the storage unit 101 does not match the pre-stored hardware identification, the alarm information is output.
In the embodiment of the present invention, the security unit can prevent an illegal user from forging the storage unit 101 storing the user information, thereby preventing the user information read by the information reading unit 102 from being forged by the illegal user.
In one or more embodiments of the invention, optionally, the feature acquisition module includes a face acquisition module, an iris acquisition module and a fingerprint acquisition module;
the first biometric data includes: the face data collected by the face collecting module, the iris data collected by the iris collecting module and the fingerprint data collected by the fingerprint collecting module.
The embodiment of the invention can be used for identifying three groups of systems combining the face data, the fingerprint data and the iris data of the user identity, can carry out multi-layer identification, matching and comparison on the user identity information, and accurately and efficiently identifies the identity information of the user.
In one or more embodiments of the invention, optionally, the mobile device 104 further includes:
the second data processing module is used for cleaning and format conversion of the first biological characteristic data to obtain cleaned first biological characteristic data in a preset format;
the data identification module is connected with the second data processing module and is used for identifying whether the first biological characteristic data in the preset format meets a first preset condition or not;
the data matching module is connected with the data identification module and is used for matching first biological characteristic data which are in a preset format and meet first preset conditions with second biological characteristic data.
Optionally, the cleaning of the first biological characteristic data by the second data processing module includes at least one of: the second data processing module deletes useless data in the first biological characteristic data and fills missing data in the first biological characteristic data. The first predetermined condition may include the absence of distortion of the first biometric data.
In one or more embodiments of the invention, optionally, the mobile device 104 further includes:
the first data processing module is used for carrying out edge extraction and normalization processing on the first biological characteristic data so that the data matching module matches the first biological characteristic data subjected to the edge extraction and normalization processing with the second biological characteristic data.
The first biological characteristic data can be a digital image, and the edge extraction refers to the processing of the image contour in the digital image processing. Normalization is a dimensionless processing means to make the absolute value of the physical system value become some relative value relation.
In one or more embodiments of the invention, optionally, the mobile device 104 further includes:
the feature coding module is used for generating a code of the first biological feature data so that the data matching module matches the first biological feature data with the second biological feature data according to the code of the first biological feature data.
For example, in the case where the first biometric data includes face data, the face attribute in the face data includes a zygomatic bone height and a face area, and therefore, the attribute of the zygomatic bone height in the face data is encoded as 1001, and the attribute of the face area in the face data is encoded as 1002.
In the case where the first biometric data includes iris data, the iris attributes in the iris data include iris size and iris texture, and the iris size attribute in the iris data may be encoded as 2001 and the iris texture attribute in the iris data may be encoded as 2002.
Therefore, by encoding the first biometric data, it is convenient to expand the attributes of the biometric data later.
In one or more embodiments of the present invention, optionally, the user identification system further includes:
a data storage unit 110;
the control unit 105 is further configured to store the user information and the information of the information reading unit 102 that reads the user information in the data storage unit 110 in an associated manner;
the information of information reading unit 102 includes an identification of information reading unit 102 and/or a geographical location of information reading unit 102.
The embodiment of the present invention stores the read user information and the related information of the information reading unit 102 that reads the user information through the data storage unit 110, so as to facilitate management of the user. The information stored by the data storage unit 110 may be utilized for security analysis at a later time.
Data storage unit 110 may include, among other things, mass storage for data or instructions. By way of example, and not limitation, data storage unit 110 may include a Hard Disk Drive (HDD), a floppy Disk Drive, flash memory, an optical Disk, a magneto-optical Disk, magnetic tape, or a Universal Serial Bus (USB) Drive or a combination of two or more of these. Data storage unit 110 may include removable or non-removable (or fixed) media, where appropriate. Where appropriate, the data storage unit 110 may be internal or external to the integrated gateway disaster recovery device. In a particular embodiment, the data storage unit 110 is a non-volatile solid-state memory. In a particular embodiment, the data storage unit 110 includes Read Only Memory (ROM). Where appropriate, the ROM may be mask-programmed ROM, Programmable ROM (PROM), Erasable PROM (EPROM), Electrically Erasable PROM (EEPROM), electrically rewritable ROM (EAROM), or flash memory or a combination of two or more of these.
In one or more embodiments of the present invention, optionally, the user identification system further includes a block chain unit; the block chain unit includes:
the verification node is used for receiving the user information sent by the control unit 105 and verifying whether the user information is tampered in the process of being sent to the verification node from the control unit 105;
and the recording node is used for recording the user information under the condition that the verifying node verifies that the user information is not tampered.
In one or more embodiments of the present invention, optionally, the user identification system further includes:
the user management unit is used for acquiring the time point when the user information is read for the last N times and the geographical position when the user information is read each time; judging whether the storage unit 101 meets the reading abnormal condition or not according to the time point and the geographical position which are read for the last N times; and outputting alarm information of the abnormality of the storage unit 101 when the read abnormality condition is met, wherein N is a positive integer.
In one or more embodiments of the invention, optionally, the exception condition comprises: a first time point and a second time point which are adjacent exist in the time points which are read for the last N times, and the distance between a first geographical position corresponding to the first time point and a second geographical position corresponding to the second time point is larger than a preset distance threshold;
the first geographical position is a geographical position when the user information is read at a first time point, and the second geographical position is a geographical position when the user information is read at a second time point.
For example, the user information is read at a first geographical location at 1:00 pm and then at a second geographical location at 1:02 pm, but the first geographical location and the second geographical location are separated by 4 km, and the user can hardly move 4 km in 2 minutes, so that there is an abnormality in reading the user information, and there is a possibility that the storage unit 101 storing the user information is copied. In this case, warning information of abnormality of the storage unit 101 may be output to realize the warning.
In one or more embodiments of the present invention, optionally, the user identification system further includes:
and a display unit connected to the control unit 105 for displaying the user identity recognized by the control unit 105.
In one or more embodiments of the present invention, optionally, the user identification system further includes:
and the interpreter is connected with the control unit 105 and used for sending the user information read by the information reading unit 102 to the control unit 105 and sending the second matching result obtained by the mobile device 104 to the control unit 105.
Fig. 2 is a schematic structural diagram of a user identification system according to another embodiment of the present invention. As shown in fig. 2, the user identification system includes: an ID card 106, an information reading unit 102, a security unit 107, a mobile device 104, an interpreter 108, a control unit 105, a display unit 109, a data storage unit 110, an information matching unit 103, a block chain unit 111, a user management unit 112, a Physical Markup Language (PML) server 113, a local database 114, and a remote database 115.
The information reading unit 102 reads user information and a hardware identifier of the ID card 106 from the ID card 106.
The security unit 107 is connected to the information reading unit 102, and the security unit 107 matches the hardware identifier of the ID card 106 with the pre-stored hardware identifier in the hardware ID identifier database, so as to record the result that the hardware identifier of the ID card 106 does not match with the pre-stored hardware identifier if the hardware identifier of the ID card 106 does not match with the pre-stored hardware identifier.
The mobile device 104 collects face data, iris data, and fingerprint data of the user and verifies the user's identity.
Specifically, referring to FIG. 3, the mobile device 104 includes a face acquisition module 1041-1, an iris acquisition module 1041-2, and a fingerprint acquisition module 1041-3. The face acquisition module 1041-1 is used for acquiring face data, the iris acquisition module 1041-2 is used for acquiring iris data, and the fingerprint acquisition module 1041-3 is used for acquiring fingerprint data.
The first data processing module 1043 performs edge extraction and normalization processing on the face data, the iris data, and the fingerprint data, respectively.
The feature coding module 1044 generates a code of the face data from the face data, a code of the iris data from the iris data, and a code of the fingerprint data from the fingerprint data.
The second data processing module 1045 respectively cleans and format-converts the face data, iris data and fingerprint data to obtain cleaned face data, iris data and fingerprint data in a predetermined format.
The data recognition module 1046 recognizes the face data, the iris data, and the fingerprint data output by the second data processing module to recognize whether the face data, the iris data, and the fingerprint data meet the usage conditions of the data matching module 1042, for example, recognize whether the face data, the iris data, and the fingerprint data are distorted. When the face data, the iris data, and the fingerprint data are recognized to respectively meet the use conditions of the data matching module 1042, the face data, the iris data, and the fingerprint data are sent to the data matching module 1042.
The data matching module 1042 matches the face data output by the data recognition module with the face data in the matching information database 1047, matches the iris data output by the data recognition module 1046 with the iris data in the matching information database 1047, and matches the fingerprint data output by the data recognition module 1046 with the fingerprint data in the matching information database 1047.
The display module 1048 displays a second matching result, which includes whether the face data is matched, whether the iris data is matched, and whether the fingerprint data is matched.
The above is a description of the terminal device 104, and the following description of the user identification system is continued with reference to fig. 2.
The interpreter 108 in the user identification system is connected to the control unit 105, and the interpreter 108 sends the user information read by the information reading unit 102 to the control unit 105, and sends the second matching result obtained by the mobile device 104 to the control unit 105. The control unit 105 may be a single chip microcomputer, or the control unit 105 may include a Central Processing Unit (CPU), or an Application Specific Integrated Circuit (ASIC), or may be configured as one or more Integrated circuits implementing embodiments of the present invention.
The control unit 105 sends the user information to the information matching unit 103, and the information matching unit 103 matches the user information read from the ID card 106 with the user information stored in the local database 114 to obtain a first matching result.
The control unit 105 identifies the user identity according to the second matching result of the terminal device and the first matching result of the information matching unit 103. If the first matching result is that the user information read from the ID card 106 matches the user information stored in the local database 114, and the second matching result is face data matching, iris data matching, and fingerprint data matching, the user identity is identified as being legal. If the first matching result is that the user information read from the ID card 106 does not match the user information stored in the local database 114, or if any one of the face data, the iris data, and the fingerprint data does not match, the user identity is not recognized.
The display unit 109 is connected to the control unit 105, and the display unit 109 displays whether the identified user identity is legitimate. The display unit 109 can display a selection interface, a worker can select a system flow to enter the alarm system or the positioning system, the positioning system collects face and body related information of a user, performs image processing on the collected information, uploads the processed information to the retrieval system, namely, the searching and querying are performed through a sky-eye system of the Beidou positioning system, tracking and positioning are performed, and dynamic heading of the related identity user is acquired at any time.
The user management unit 112 is used for managing user information and performing anomaly early warning. For example, the user management unit 112 obtains a time point when the user information in the ID card 106 was read last 2 times and a geographical location each time the user information was read; judging whether the ID card 106 meets the reading abnormal condition or not according to the time point and the geographical position read for the last 2 times; in the case where the read abnormality condition is satisfied, alarm information of abnormality of the ID card 106 is output.
The user management unit 112 is connected with the local database 114 in a data information sharing manner, the user management unit 112 is connected with the PML server 113 through the Internet (Internet), the PML server 113 is connected with the remote database 115 in a network manner, and the identified user information is transmitted to the remote database 115 for storage. The PML server 113, the remote database 115 and a plurality of nodes are built to form a centralized distributed storage environment. The plurality of nodes may be a plurality of data storage units 110.
The PML server 113, the remote database 115 and the nodes are built to form a Distributed architecture of a centralized Distributed storage environment based on a Hadoop Distributed File System (HDFS), in order to provide a better data storage function, the centralized Distributed storage environment System is divided into a storage layer, a basic service layer and a reference layer, the storage layer comprises a storage unit, a local File System and self data persistent storage, the basic service layer is divided into a collection analysis part and a search engine part, and the reference layer adopts a modular architecture structure.
Referring to fig. 4, the blockchain unit 111 includes a blockchain network including a verification node and a recording node.
The verification node is used for receiving the user information sent by the control unit 105 and verifying whether the user information is tampered in the process of being sent to the verification node from the control unit 105;
and the recording node is used for recording the user information under the condition that the verifying node verifies that the user information is not tampered.
The block chain network carries out information interaction with an application program, the application program comprises a data receiving unit, the data receiving unit is respectively and electrically connected with a digital identity information comparison unit and a digital data format conversion unit in a bidirectional mode, the data receiving unit is electrically output and connected with a data encryption unit, the block chain network can be interconnected with a network (net), the net comprises a safety engine, and the safety engine can be in information interaction with a plurality of groups of Internet of Things (Internet of Things, IOT) devices. The information of the user and the information of the operator are ensured to be safe and reliable through verification, comparison and recording, and the information leakage is avoided.
The network can realize the Secure Sockets Layer (SSL) connection between the application and the server, and the SSL connection establishment includes the following steps: (1) applying for establishing SSL protocol connection; (2) initializing required information; (3) confirming an encryption algorithm; (4) confirming the application program; (5) data is transmitted/received.
In the embodiment of the invention, the identity information of the user is connected with the Internet on the basis of the Internet of things to inquire and identify the identity information, so that the intelligent identification and management functions are realized, the identification of the identity information is enhanced through the combination of multiple layers of identity identification checkpoints, and the safety is greatly improved. After the identity of a user is identified and collected, according to the identified identity information, the user who timely alarms the identity information or holds the identity information is selected to be positioned and tracked, the position information of the user is convenient to timely obtain, therefore, the related user information is convenient to provide in some special occasions, potential safety hazards which possibly exist are tracked and eliminated, three groups of systems which are mutually combined, namely face data, fingerprint data and iris data, capable of identifying the identity of the user are put into use, the user identity can be subjected to multilayer identification, matching and comparison, the identity of the user is accurately and efficiently identified, and the possibility that a lawbreaker can do hands and feet on the identity is reduced.
The invention provides a flow diagram of a user identity identification method of an embodiment. As shown in fig. 5, the user identification method includes:
In step 203, in the case of the ID card being networked, the use is authorized by means of the distribution mechanism of the block chain. For example, the key is assigned to the ID card by means of an assignment mechanism of the blockchain. To encrypt the user information in the ID card using the assigned key when transmitting the user information in the ID card, and to transmit the encrypted user information.
And step 206, performing face authentication, iris authentication and fingerprint authentication. If any one of the face authentication, the iris authentication and the fingerprint authentication fails, re-authentication is required, i.e., step 204 is performed again.
And step 207, determining that the user identity authentication is passed under the conditions that the face authentication, the iris authentication and the fingerprint authentication are passed and the user information authentication in the ID card is passed.
It is to be understood that the invention is not limited to the specific arrangements and instrumentality described above and shown in the drawings. A detailed description of known methods is omitted herein for the sake of brevity. In the above embodiments, several specific steps are described and shown as examples. However, the method processes of the present invention are not limited to the specific steps described and illustrated, and those skilled in the art can make various changes, modifications and additions or change the order between the steps after comprehending the spirit of the present invention.
The functional blocks shown in the above-described structural block diagrams may be implemented as hardware, software, firmware, or a combination thereof. When implemented in hardware, it may be, for example, an electronic circuit, an Application Specific Integrated Circuit (ASIC), suitable firmware, plug-in, function card, or the like. When implemented in software, the elements of the invention are the programs or code segments used to perform the required tasks. The program or code segments may be stored in a machine-readable medium or transmitted by a data signal carried in a carrier wave over a transmission medium or a communication link. A "machine-readable medium" may include any medium that can store or transfer information. Examples of a machine-readable medium include electronic circuits, semiconductor memory devices, ROM, flash memory, Erasable ROM (EROM), floppy disks, CD-ROMs, optical disks, hard disks, fiber optic media, Radio Frequency (RF) links, and so forth. The code segments may be downloaded via computer networks such as the internet, intranet, etc.
It should also be noted that the exemplary embodiments mentioned in this patent describe some methods or systems based on a series of steps or devices. However, the present invention is not limited to the order of the above-described steps, that is, the steps may be performed in the order mentioned in the embodiments, may be performed in an order different from the order in the embodiments, or may be performed simultaneously.
As described above, only the specific embodiments of the present invention are provided, and it can be clearly understood by those skilled in the art that, for convenience and brevity of description, the specific working processes of the system, the module and the unit described above may refer to the corresponding processes in the foregoing method embodiments, and are not described herein again. It should be understood that the scope of the present invention is not limited thereto, and any person skilled in the art can easily conceive various equivalent modifications or substitutions within the technical scope of the present invention, and these modifications or substitutions should be covered within the scope of the present invention.
Claims (13)
1. A user identification system, comprising:
a storage unit for storing user information;
the information reading unit is used for reading the user information from the storage unit under the condition that the distance between the storage unit and the information reading unit is smaller than a preset threshold value;
the information matching unit is used for matching the user information read from the storage unit with the user information stored in the database to obtain a first matching result;
the mobile equipment comprises a feature acquisition module and a data matching module, wherein the feature acquisition module is used for acquiring first biological feature data of a user; the data matching module is used for matching the first biological characteristic data with pre-stored second biological characteristic data to obtain a second matching result;
and the control unit is used for identifying the user identity according to the first matching result and the second matching result.
2. The user identification system according to claim 1,
the information reading unit is also used for reading the hardware identifier of the storage unit;
the user identification system further includes:
and the safety unit is connected with the information reading unit and is used for matching the hardware identifier of the storage unit with a pre-stored hardware identifier so as to record the result that the hardware identifier of the storage unit is not matched with the pre-stored hardware identifier under the condition that the hardware identifier of the storage unit is not matched with the pre-stored hardware identifier.
3. The system of claim 1, wherein the feature acquisition module comprises a face acquisition module, an iris acquisition module, and a fingerprint acquisition module;
the first biometric data comprises: the face data collected by the face collection module, the iris data collected by the iris collection module and the fingerprint data collected by the fingerprint collection module.
4. The user identification system of claim 1, wherein the mobile device further comprises:
the first data processing module is used for performing edge extraction and normalization processing on the first biological feature data so that the data matching module matches the first biological feature data subjected to the edge extraction and normalization processing with the second biological feature data.
5. The user identification system of claim 1, wherein the mobile device further comprises:
the second data processing module is used for cleaning and format conversion of the first biological characteristic data to obtain the cleaned first biological characteristic data in a preset format;
the data identification module is connected with the second data processing module and is used for identifying whether the first biological characteristic data in the preset format meets a first preset condition or not;
the data matching module is connected with the data identification module and is used for matching the first biological characteristic data which are in the preset format and meet the first preset condition with the second biological characteristic data.
6. The user identification system of claim 1, wherein the mobile device further comprises:
and the feature coding module is used for generating codes of the first biological feature data so that the data matching module matches the first biological feature data with the second biological feature data according to the codes of the first biological feature data.
7. The user identification system according to claim 1, further comprising:
a data storage unit;
the control unit is further configured to store the user information and information of the information reading unit that reads the user information in the data storage unit in an associated manner;
wherein the information of the information reading unit comprises an identification of the information reading unit and/or a geographical position of the information reading unit.
8. The system of claim 1, further comprising a block chain unit; the block chain unit includes:
the verification node is used for receiving the user information sent by the control unit and verifying whether the user information is tampered in the process of being sent to the verification node from the control unit;
and the recording node is used for recording the user information under the condition that the verification node verifies that the user information is not tampered.
9. The user identification system according to claim 1, further comprising:
the user management unit is used for acquiring the time point of the latest N times of reading of the user information and the geographical position of the user information each time of reading; judging whether the storage unit meets a reading abnormal condition or not according to the time point of the latest N times of reading and the geographic position; and outputting the abnormal alarm information of the storage unit under the condition that the read abnormal condition is met, wherein N is a positive integer.
10. The system of claim 9, wherein the exception condition comprises: a first time point and a second time point which are adjacent exist in the time points read for the last N times, and the distance between a first geographical position corresponding to the first time point and a second geographical position corresponding to the second time point is larger than a preset distance threshold value;
the first geographical location is a geographical location of the user information when the user information is read at the first time point, and the second geographical location is a geographical location of the user information when the user information is read at the second time point.
11. The user identification system according to claim 1, further comprising:
and the display unit is connected with the control unit and is used for displaying the user identity identified by the control unit.
12. The user identification system according to claim 1, further comprising:
and the interpreter is connected with the control unit and used for sending the user information read by the information reading unit to the control unit and sending the second matching result obtained by the mobile equipment to the control unit.
13. The user identification system of claim 1, wherein the storage unit comprises an ID card.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911398337.1A CN113132106B (en) | 2019-12-30 | 2019-12-30 | User identity recognition system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911398337.1A CN113132106B (en) | 2019-12-30 | 2019-12-30 | User identity recognition system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN113132106A true CN113132106A (en) | 2021-07-16 |
| CN113132106B CN113132106B (en) | 2023-08-18 |
Family
ID=76768099
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201911398337.1A Active CN113132106B (en) | 2019-12-30 | 2019-12-30 | User identity recognition system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113132106B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117809348A (en) * | 2023-12-26 | 2024-04-02 | 浙江汉邦瑞商信息技术有限公司 | Security face comparison search system |
Citations (14)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101860832A (en) * | 2010-06-22 | 2010-10-13 | 候万春 | Device and method for identifying shared mobile phone number of mobile phone subscriber |
| CN103345601A (en) * | 2013-06-28 | 2013-10-09 | 无锡华御信息技术有限公司 | Identity recording and verification system based on radio frequency |
| CN104240342A (en) * | 2014-08-25 | 2014-12-24 | 中国航天科工集团第四研究院指挥自动化技术研发与应用中心 | Access control method and device |
| CN106716503A (en) * | 2016-12-06 | 2017-05-24 | 深圳前海达闼云端智能科技有限公司 | A safety verification method, device and server |
| CN107682336A (en) * | 2017-09-30 | 2018-02-09 | 北京梆梆安全科技有限公司 | A kind of auth method and device based on geographical position |
| CN207367296U (en) * | 2017-11-17 | 2018-05-15 | 中国华电集团公司福建分公司 | Personnel tracking device based on bio-identification |
| CN108492429A (en) * | 2018-05-23 | 2018-09-04 | 上海弘目智能科技有限公司 | Double mode personal identity authentication process and system |
| CN108711207A (en) * | 2018-05-17 | 2018-10-26 | 立旃(上海)科技有限公司 | Computer room management system based on block chain and method |
| US20180357401A1 (en) * | 2017-06-09 | 2018-12-13 | Alibaba Group Holding Limited | Method and apparatus for security verification based on biometric feature |
| CN109376725A (en) * | 2018-12-21 | 2019-02-22 | 北京无线电计量测试研究所 | A kind of identification check method and apparatus based on iris recognition |
| US20190213311A1 (en) * | 2014-08-28 | 2019-07-11 | Facetec, Inc. | Method to verify identity using a previously collected biometric image/data |
| CN110457878A (en) * | 2019-08-14 | 2019-11-15 | 北京中电普华信息技术有限公司 | A kind of identity identifying method based on block chain, apparatus and system |
| CN110473319A (en) * | 2019-07-30 | 2019-11-19 | 武汉慧联无限科技有限公司 | A kind of door opening method of access control system, device, equipment and readable medium |
| CN209842636U (en) * | 2019-07-30 | 2019-12-24 | 重庆德尔星测控技术有限公司 | Identity recognition system for prisons |
-
2019
- 2019-12-30 CN CN201911398337.1A patent/CN113132106B/en active Active
Patent Citations (14)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101860832A (en) * | 2010-06-22 | 2010-10-13 | 候万春 | Device and method for identifying shared mobile phone number of mobile phone subscriber |
| CN103345601A (en) * | 2013-06-28 | 2013-10-09 | 无锡华御信息技术有限公司 | Identity recording and verification system based on radio frequency |
| CN104240342A (en) * | 2014-08-25 | 2014-12-24 | 中国航天科工集团第四研究院指挥自动化技术研发与应用中心 | Access control method and device |
| US20190213311A1 (en) * | 2014-08-28 | 2019-07-11 | Facetec, Inc. | Method to verify identity using a previously collected biometric image/data |
| CN106716503A (en) * | 2016-12-06 | 2017-05-24 | 深圳前海达闼云端智能科技有限公司 | A safety verification method, device and server |
| US20180357401A1 (en) * | 2017-06-09 | 2018-12-13 | Alibaba Group Holding Limited | Method and apparatus for security verification based on biometric feature |
| CN107682336A (en) * | 2017-09-30 | 2018-02-09 | 北京梆梆安全科技有限公司 | A kind of auth method and device based on geographical position |
| CN207367296U (en) * | 2017-11-17 | 2018-05-15 | 中国华电集团公司福建分公司 | Personnel tracking device based on bio-identification |
| CN108711207A (en) * | 2018-05-17 | 2018-10-26 | 立旃(上海)科技有限公司 | Computer room management system based on block chain and method |
| CN108492429A (en) * | 2018-05-23 | 2018-09-04 | 上海弘目智能科技有限公司 | Double mode personal identity authentication process and system |
| CN109376725A (en) * | 2018-12-21 | 2019-02-22 | 北京无线电计量测试研究所 | A kind of identification check method and apparatus based on iris recognition |
| CN110473319A (en) * | 2019-07-30 | 2019-11-19 | 武汉慧联无限科技有限公司 | A kind of door opening method of access control system, device, equipment and readable medium |
| CN209842636U (en) * | 2019-07-30 | 2019-12-24 | 重庆德尔星测控技术有限公司 | Identity recognition system for prisons |
| CN110457878A (en) * | 2019-08-14 | 2019-11-15 | 北京中电普华信息技术有限公司 | A kind of identity identifying method based on block chain, apparatus and system |
Non-Patent Citations (3)
| Title |
|---|
| XIANG PAN: "Research and Implementation of Access Control System Based on RFID and FNN-Face Recognition", 2012 SECOND INTERNATIONAL CONFERENCE ON INTELLIGENT SYSTEM DESIGN AND ENGINEERING APPLICATION * |
| 金志刚等: "一种高安全的融合指纹识别与NFC技术的门禁系统认证协议", 《南开大学学报(自然科学版)》 * |
| 金志刚等: "一种高安全的融合指纹识别与NFC技术的门禁系统认证协议", 《南开大学学报(自然科学版)》, no. 05, 20 October 2017 (2017-10-20) * |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117809348A (en) * | 2023-12-26 | 2024-04-02 | 浙江汉邦瑞商信息技术有限公司 | Security face comparison search system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN113132106B (en) | 2023-08-18 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US8312521B2 (en) | Biometric authenticaton system and method with vulnerability verification | |
| US11811754B2 (en) | Authenticating devices via tokens and verification computing devices | |
| CN104240342A (en) | Access control method and device | |
| CN110602455B (en) | Video storage system, video processing method, device, equipment and storage medium | |
| EP2084843A2 (en) | Biometric systems | |
| CN109886709B (en) | Intelligent lock management method, system, computer equipment and storage medium | |
| CN105260757A (en) | Ticket checking system combining palm vein authentication and mobile positioning and method | |
| CN111815842A (en) | Health information uplink method and device, storage medium and electronic device | |
| CN111882233A (en) | Storage risk early warning method, system and device based on block chain and storage medium | |
| CN104240014A (en) | Door access control method and door access control platform | |
| US20230004666A1 (en) | Surveillance data filtration techniques | |
| CN110825776B (en) | Air quality detection report processing method and device, computing equipment and storage medium | |
| CN111553689A (en) | Matching correlation method and system based on quadratic hash | |
| CN113132106B (en) | User identity recognition system | |
| CN113572757B (en) | Server access risk monitoring method and device | |
| CN113192241A (en) | Unlocking method, system and device and readable storage medium | |
| CN110222187B (en) | Common activity detection and data sharing method for protecting user privacy | |
| CN115174205B (en) | Network space safety real-time monitoring method, system and computer storage medium | |
| CN115982681A (en) | Computer network identity verification system | |
| CN112669501B (en) | Access control method, device and computer readable storage medium | |
| CN115690969A (en) | Non-contact fingerprint authentication method, terminal, access control equipment and storage medium | |
| US7574608B2 (en) | Security screening of electronic devices by device-reported data | |
| JP2007188375A (en) | Privacy protection type authentication system and device for retrieving id in database | |
| CN111553694A (en) | Distributed storage block chain method and system | |
| CN116166839B (en) | Core drilling process supervision system, method, medium and computer |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |