CN116756715A - Work number management method and device - Google Patents
Work number management method and device Download PDFInfo
- Publication number
- CN116756715A CN116756715A CN202310678297.6A CN202310678297A CN116756715A CN 116756715 A CN116756715 A CN 116756715A CN 202310678297 A CN202310678297 A CN 202310678297A CN 116756715 A CN116756715 A CN 116756715A
- Authority
- CN
- China
- Prior art keywords
- user
- target
- login
- job number
- log information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000007726 management method Methods 0.000 title claims abstract description 61
- 238000000034 method Methods 0.000 claims abstract description 54
- 238000012795 verification Methods 0.000 claims abstract description 38
- 238000001514 detection method Methods 0.000 claims description 51
- 230000001815 facial effect Effects 0.000 claims description 36
- 230000003993 interaction Effects 0.000 claims description 27
- 230000004044 response Effects 0.000 claims description 16
- 238000004891 communication Methods 0.000 claims description 11
- 230000009471 action Effects 0.000 claims description 9
- 238000004590 computer program Methods 0.000 claims description 8
- 230000002452 interceptive effect Effects 0.000 claims description 8
- 238000012545 processing Methods 0.000 claims description 7
- 230000008569 process Effects 0.000 abstract description 13
- 230000015654 memory Effects 0.000 description 16
- 238000013523 data management Methods 0.000 description 13
- 238000012544 monitoring process Methods 0.000 description 7
- 238000010586 diagram Methods 0.000 description 6
- 238000005516 engineering process Methods 0.000 description 6
- 230000006870 function Effects 0.000 description 4
- 230000002159 abnormal effect Effects 0.000 description 3
- 230000032683 aging Effects 0.000 description 3
- 230000008878 coupling Effects 0.000 description 3
- 238000010168 coupling process Methods 0.000 description 3
- 238000005859 coupling reaction Methods 0.000 description 3
- 238000013475 authorization Methods 0.000 description 2
- 238000013461 design Methods 0.000 description 2
- 230000008014 freezing Effects 0.000 description 2
- 238000007710 freezing Methods 0.000 description 2
- 238000012015 optical character recognition Methods 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- 238000010257 thawing Methods 0.000 description 2
- 230000005856 abnormality Effects 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 238000013500 data storage Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000005538 encapsulation Methods 0.000 description 1
- 238000000802 evaporation-induced self-assembly Methods 0.000 description 1
- 238000012423 maintenance Methods 0.000 description 1
- 239000013307 optical fiber Substances 0.000 description 1
- 230000008520 organization Effects 0.000 description 1
- 238000004091 panning Methods 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
- 239000007787 solid Substances 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/32—User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06V—IMAGE OR VIDEO RECOGNITION OR UNDERSTANDING
- G06V10/00—Arrangements for image or video recognition or understanding
- G06V10/70—Arrangements for image or video recognition or understanding using pattern recognition or machine learning
- G06V10/74—Image or video pattern matching; Proximity measures in feature spaces
- G06V10/761—Proximity, similarity or dissimilarity measures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06V—IMAGE OR VIDEO RECOGNITION OR UNDERSTANDING
- G06V40/00—Recognition of biometric, human-related or animal-related patterns in image or video data
- G06V40/10—Human or animal bodies, e.g. vehicle occupants or pedestrians; Body parts, e.g. hands
- G06V40/16—Human faces, e.g. facial parts, sketches or expressions
- G06V40/172—Classification, e.g. identification
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06V—IMAGE OR VIDEO RECOGNITION OR UNDERSTANDING
- G06V40/00—Recognition of biometric, human-related or animal-related patterns in image or video data
- G06V40/40—Spoof detection, e.g. liveness detection
- G06V40/45—Detection of the body part being alive
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Multimedia (AREA)
- General Health & Medical Sciences (AREA)
- Computer Security & Cryptography (AREA)
- Human Computer Interaction (AREA)
- Software Systems (AREA)
- Computer Vision & Pattern Recognition (AREA)
- Health & Medical Sciences (AREA)
- Artificial Intelligence (AREA)
- Databases & Information Systems (AREA)
- Evolutionary Computation (AREA)
- Computing Systems (AREA)
- Medical Informatics (AREA)
- General Engineering & Computer Science (AREA)
- Oral & Maxillofacial Surgery (AREA)
- Computer Hardware Design (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The application provides a job number management method and device, relates to the technical field of computers, and can effectively ensure the safety of service data. The method comprises the following steps: and responding to the login state of the target work number, acquiring target log information, if the target log information meets the preset user verification condition, authenticating the identity of the user of the target work number, and if the user of the target work number is inconsistent with the application user of the target work number, setting the target work number to be in a non-login state. The embodiment of the application is used in the process of job number management.
Description
Technical Field
The present application relates to the field of computer technologies, and in particular, to a method and apparatus for job number management.
Background
The job number is a character combination with a certain coding rule which is compiled by a company for the convenience of personnel management. Business personnel can use the own work number to log in the work number system to check business data or perform business operation. In order to ensure the security of the service data, although the security protection can be performed by means of storage media, encryption protection, access control and the like, a great security risk still exists.
Therefore, how to ensure the security of service data is a problem to be solved.
Disclosure of Invention
The application provides a job number management method and device, which can effectively ensure the safety of service data.
In order to achieve the above purpose, the application adopts the following technical scheme:
in a first aspect, the present application provides a job number management method, the method comprising:
responding to the login state of the target work number, and acquiring target log information; the target log information comprises log information from the login time to the current time of the target job number; the login time is the time of logging in the target work number;
if the target log information meets the preset user verification condition, carrying out identity authentication on the user of the target job number; the user is a user currently using the target job number;
if the using user of the target work number is inconsistent with the applying user of the target work number, setting the target work number to be in a non-login state; the application user is the user who applies for creating the target job number.
Based on the technical scheme, the job number management method provided by the embodiment of the application can be used for responding to the fact that the target job number is in a login state to acquire target log information, if the target log information meets the preset user verification condition, identity authentication is carried out on a user of the target job number, and if the user of the target job number is inconsistent with an application user of the target job number, the target job number is set to be in a non-login state. By the method, the safety of service data can be effectively ensured.
Optionally, the preset user authentication condition includes any one of the following conditions:
the login time length contained in the target log information reaches a preset time length threshold value;
the target log information comprises an update record aiming at the first type of information; the first type of information is user identification information or sensitive data;
the login time contained in the target log information is within a preset time range;
the business operation authority contained in the target log information is outside the business operation authority corresponding to the target job number.
Optionally, identity authentication is performed on the user of the target job number by the following method:
collecting an image to be authenticated containing facial features of a user;
acquiring a pre-stored standard image containing facial features of an application user;
determining the image similarity between the image to be authenticated and the standard image;
if the image similarity is larger than a preset image similarity threshold, indicating that the using user is consistent with the applying user;
if the image similarity is smaller than the image similarity threshold, the using user is inconsistent with the applying user.
Optionally, before the target log information is acquired, in response to the target job number being in the login state, the method further includes:
Responding to login operation aiming at a target work number, and performing living body detection on a login user of the target work number to obtain a living body detection result; the login user is a user with a login target work number;
and if the living body detection result is that the living body detection result is passed, setting the target work number to be in a login state.
Optionally, performing living body detection on the login user with the target job number to obtain a living body detection result, including:
sending an interaction indication; the interaction indication comprises a facial interaction action for indicating the login user to interact;
receiving interactive feedback; the interaction feedback comprises facial features of the login user and interaction actions of the login user;
determining feature similarity between facial features of a login user and facial features of an application user of a target job number;
and determining a living body detection result according to the feature similarity, the preset first similarity threshold and the preset second similarity threshold.
Optionally, in response to a login operation for the target job number, performing a living body detection on a login user of the target job number, including:
responding to a login operation aiming at a target work number, and determining the work number state of the target work number;
if the job number state of the target job number is a non-frozen state, performing living detection on a login user of the target job number.
In a second aspect, the present application provides a job number management apparatus comprising:
the acquisition unit is used for responding to the login state of the target work number and acquiring target log information; the target log information comprises log information from the login time to the current time of the target job number; the login time is the time of logging in the target work number;
the authentication unit is used for authenticating the identity of the user with the target job number if the target log information meets the preset user authentication condition; the user is a user currently using the target job number;
the processing unit is used for setting the target work number to be in a non-login state if the using user of the target work number is inconsistent with the applying user of the target work number; the application user is the user who applies for creating the target job number.
Optionally, the preset user authentication condition includes any one of the following conditions:
the login time length contained in the target log information reaches a preset time length threshold value;
the target log information comprises an update record aiming at the first type of information; the first type of information is user identification information or sensitive data;
the login time contained in the target log information is within a preset time range;
the business operation authority contained in the target log information is outside the business operation authority corresponding to the target job number.
Optionally, identity authentication is performed on the user of the target job number by the following method:
collecting an image to be authenticated containing facial features of a user;
acquiring a pre-stored standard image containing facial features of an application user;
determining the image similarity between the image to be authenticated and the standard image;
if the image similarity is larger than a preset image similarity threshold, indicating that the using user is consistent with the applying user;
if the image similarity is smaller than the image similarity threshold, the using user is inconsistent with the applying user.
Optionally, before the obtaining unit, the apparatus further includes:
the detection unit is used for responding to the login operation aiming at the target work number, and performing living detection on the login user of the target work number to obtain a living detection result; the login user is a user with a login target work number;
and the setting unit is used for setting the target work number to be in a login state if the living body detection result is passed.
In a third aspect, the present application provides a job number management apparatus, the apparatus comprising: a processor and a communication interface; the communication interface is coupled to a processor for running a computer program or instructions to implement the job number management method as described in any one of the possible implementations of the first aspect and the first aspect.
In a fourth aspect, the present application provides a computer readable storage medium having instructions stored therein which, when run on a target terminal, cause the target terminal to perform a job number management method as described in any one of the possible implementations of the first aspect and the first aspect.
In a fifth aspect, embodiments of the present application provide a computer program product comprising instructions which, when run on a job management apparatus, cause the job management apparatus to perform the method of job management as described in any one of the possible implementations of the first aspect and the first aspect.
In a sixth aspect, embodiments of the present application provide a chip comprising a processor and a communication interface, the communication interface and the processor being coupled, the processor being for running a computer program or instructions to implement the job number management method as described in any one of the possible implementations of the first aspect and the first aspect.
Specifically, the chip provided in the embodiment of the application further includes a memory, which is used for storing a computer program or instructions.
Drawings
FIG. 1 is a system architecture diagram of a job number management method according to an embodiment of the present application;
FIG. 2 is a schematic flow chart of a job number management method according to an embodiment of the present application;
FIG. 3 is a schematic flow chart of living body detection according to an embodiment of the present application;
FIG. 4 is a schematic flow chart of job number creation according to an embodiment of the present application
Fig. 5 is a schematic structural diagram of a job number management device according to an embodiment of the present application;
fig. 6 is a schematic structural diagram of a job number management device according to an embodiment of the present application.
Detailed Description
The following describes a job number management method and device provided by the embodiment of the application in detail with reference to the accompanying drawings.
The term "and/or" is herein merely an association relationship describing an associated object, meaning that there may be three relationships, e.g., a and/or B, may represent: a exists alone, A and B exist together, and B exists alone.
The terms "first" and "second" and the like in the description and in the drawings are used for distinguishing between different objects or between different processes of the same object and not for describing a particular order of objects.
Furthermore, references to the terms "comprising" and "having" and any variations thereof in the description of the present application are intended to cover a non-exclusive inclusion. For example, a process, method, system, article, or apparatus that comprises a list of steps or elements is not limited to only those listed but may optionally include other steps or elements not listed or inherent to such process, method, article, or apparatus.
It should be noted that, in the embodiments of the present application, words such as "exemplary" or "such as" are used to mean serving as an example, instance, or illustration. Any embodiment or design described herein as "exemplary" or "e.g." in an embodiment should not be taken as preferred or advantageous over other embodiments or designs. Rather, the use of words such as "exemplary" or "such as" is intended to present related concepts in a concrete fashion.
The work number is a character combination with a certain coding rule, which is compiled by a company for personnel management, is used for logging in the user name of each system, and can also be used for system authentication scenes such as access control, monitoring, attendance checking and the like, including application system work numbers, system operation and maintenance work numbers (including work numbers of databases, network equipment and the like) and the like. Business personnel can use the own work number to log in the work number system to check business data or perform business operation. In order to ensure the security of the service data, although the security protection can be performed by means of storage media, encryption protection, access control and the like, a great security risk still exists.
Specifically, when the service data cannot be stolen through paths such as a storage medium, a password and enumeration attack, the service data can be stolen through a normal data access path, specifically, after a service personnel applies for a work number, the work number of the service personnel can be borrowed for a third party user, and the third party user can steal the corresponding service data through the borrowed work number, so that the safety coefficient of the service data is greatly reduced.
Therefore, how to effectively ensure the security of the service data is a problem to be solved.
In order to solve the technical problem, according to the job number management method provided by the embodiment of the application, the target log information can be acquired in response to the fact that the target job number is in a login state, if the target log information meets the preset user verification condition, identity authentication is performed on a user of the target job number, and if the user of the target job number is inconsistent with an application user of the target job number, the target job number is set to be in a non-login state. By the method, the safety of service data can be effectively ensured.
Fig. 1 is a system architecture diagram of a job number management method according to an embodiment of the present application, where, as shown in fig. 1, the system architecture diagram may include: an application layer 101, a traffic layer 102 and a data layer 103.
The application layer 101 may include a user authentication module and a terminal management module, where the user authentication module may perform identity authentication on a user to be authenticated, and the user authentication module may include authentication and real-name authentication, where the user to be authenticated may perform identity authentication through the authentication and the real-name authentication. Specifically, the application layer 101 can realize the functions of authentication access, real name login access, mission synchronization access, real name status callback and the like through the secondary encapsulation of the capability open platform. The terminal management module may include a user login terminal and a user authentication terminal. The user login terminal may include a mobile terminal and HTML5 (Hyper Text Markup Language ); the user authentication terminal includes a mobile terminal, HTML5, and a PC (Personal Computer ) terminal.
The business layer 102 is configured to implement each business operation, and the business layer 102 may include a job number management module, a job number convergence module, a liveness experience verification module, a job number storage module, and a job number monitoring module. The work number management module can comprise business operations such as work number creation, work number change, work number freezing and the like; the job number convergence module can comprise job number synchronization, job number issuing and other business operations; the living experience authentication module can comprise business operations such as account password authentication, mobile phone authentication code authentication, face authentication, configuration login and the like; the job number storage module can comprise job number data storage, system authority storage, system log storage, organization architecture storage and other business operations; the job number monitoring module can comprise business operations such as user transfer job monitoring, user departure job monitoring, abnormal login monitoring and the like.
The data layer 103 may perform data management on each service data, for example, log information (including a system log, a login log, and an operation log) and job number data. The data layer 103 may include a user information management module, a job number data management module, a user authentication information management module, and a database.
The user information management module can send a work number creation instruction, a work number query instruction and a work number update instruction to the work number data management module. The job number data management module can create a job number for a corresponding user after receiving the job number creation instruction sent by the user information management module; the job number data management module can acquire the job number data of the corresponding user and send the job number data to the user information management module after receiving the job number query instruction sent by the user information management module. The job number data management module can update the job number data of the corresponding user after receiving the job number update instruction sent by the user information management module.
Optionally, the job number data management module may further generate corresponding log information (including a system log, a login log and an operation log) according to the received creation instruction, the job number query instruction and the job number update instruction, and after generating the corresponding log information, the job number data management module may store the log information in the database.
Optionally, after the job number data management module creates a job number for the corresponding user, the created job number can be sent to the job number real name system platform, the job number real name system platform can perform real name authentication on the created job number and the corresponding user, and after the job number real name system platform completes the real name authentication, the real name authentication information can be sent to the job number data management module.
Optionally, after performing real-name authentication on the created work number and the corresponding user, the work number real-name system platform may further send real-name authentication information corresponding to the work number to the user authentication information management module, where the user authentication information management module may store the real-name authentication information corresponding to the work number and the work number in the database.
Optionally, the job number data management module may further send the created job number and corresponding user identification information to the user authentication information management module, where the user authentication information management module may continue to store the received job number and corresponding user identification information correspondingly.
Optionally, the user authentication information management module may perform identity authentication on the user to be authenticated, specifically, the user authentication information management module may send a query instruction (for example, a job number query instruction for querying job number data) and a verification instruction (for example, an account verification instruction for verifying an account and a password) to the job number data management module, perform identity authentication on the user to be authenticated according to the job number data or the account password returned by the job number data management module, generate corresponding log information (including a login log and an operation log), and after generating the log information, the user authentication information management module may store the log information into the database.
Fig. 2 is a flowchart of a job number management method according to an embodiment of the present application, as shown in fig. 2, where the method includes:
step S201, responding to the login state of the target job number, and acquiring target log information;
the target log information comprises log information from the login time to the current time of the target job number; the login time is the time of logging in the target work number; illustratively, assume that the time to log in to the target job number is 10:00, the current time is 11:00, the target log information includes 10:00 to 11: log information between 00.
In an alternative embodiment, before executing step S201, the living body detection is performed on the logged-in user of the target job number in response to the login operation for the target job number, so as to obtain a living body detection result; and if the living body detection result is that the living body detection result is passed, setting the target work number to be in a login state. The login user is a user with a login target work number; and the application user is a user applying for creating the target job number.
Specifically, the living body detection of the login user may be performed with reference to the method shown in fig. 3, and as shown in fig. 3, the method includes:
step S301, in response to a login operation for the target job number, determines a job number status of the target job number.
The job number state of the target job number may be a frozen state or a non-frozen state. The frozen state indicates that the target work number is in an abnormal state and can not be logged in; the non-frozen state indicates that the target work number is in a normal state and can be logged in.
Specifically, the login user may input a user account to be logged in at the user terminal, click a login control, and the user terminal determines a job number state of a target job number corresponding to the user account in response to a login operation of the user with respect to the user account.
In the embodiment of the application, the user account to be logged in can include the target work number and the password, can also include the target work number and the mobile phone verification code, and can also include the mobile phone number and the mobile phone verification code corresponding to the target work number, and the embodiment of the application is not limited to this.
In an alternative embodiment, the user account may be verified in response to a login operation for the user account, and if the verification is passed, the job number state of the target job number corresponding to the user account is determined; if the verification is not passed, acquiring the login times of the target work number corresponding to the user account within the preset login time, and if the login times of the target work number within the preset time reach a preset login time threshold, displaying login failure information and setting the work number state of the target work number to be a frozen state; if the login times of the target work number in the preset time period do not reach the preset login times threshold value, displaying a login interface so that the user inputs the user account again and performs login operation.
In the embodiment of the present application, the preset login duration may be 5 minutes or 3 minutes, which is not limited in the embodiment of the present application.
In the embodiment of the present application, the preset login frequency threshold may be 3 times or 5 times, which is not limited in the embodiment of the present application.
For example, in one embodiment, assuming that the preset login duration may be 5 minutes, the preset login number threshold may be 3 times, and the user account is the target job number+password. The login user can input a target work number and a password corresponding to the target work number in a login interface, the user terminal responds to the login operation of the login user for the target work number, the target work number and the password input by the login user can be verified, and if the verification is passed, the work number state of the target work number is determined; if the verification is not passed, acquiring the login times of the target work number in the last 5 minutes, if the login times of the target work number in the preset time period are more than or equal to 3 times, displaying login failure information, and setting the work number state of the target work number as a frozen state; if the login times of the target work number in the preset time period are less than 3 times, displaying a login interface so that the user inputs the target work number again and the password corresponding to the target work number, and performing login operation.
In an alternative embodiment, when logging in the target job number for the first time, the terminal type of the user terminal may be determined first in response to a login operation for the target job number, and then a corresponding login procedure is performed according to different terminal types. The terminal category of the user terminal may include a PC terminal and a mobile terminal (e.g., a mobile phone terminal).
In some embodiments, if the terminal type of the user terminal is a PC terminal, the PC terminal may generate a two-dimensional code carrying authentication identification information (e.g. token) according to the job information of the target job, after generating the two-dimensional code, the login user may scan the two-dimensional code through the mobile terminal and perform authorization operation, and the PC terminal determines the job status of the target job in response to the authorization operation of the login user.
In the embodiment of the present application, the aging of the two-dimensional code may be set, for example, the aging of the two-dimensional code may be set to 3 seconds, or the aging of the two-dimensional code may be set to 5 seconds, which is not limited in the embodiment of the present application.
In other embodiments, if the terminal class of the user terminal is a mobile terminal, the mobile terminal may directly determine the job number status of the target job number.
Step S302, whether the work number state of the target work number is a frozen state; if yes, go to step S303; if not, step S304 is performed.
Step S303, displaying the job number freezing information.
Step S304, sending an interaction instruction.
Wherein the interaction indication comprises a facial interaction action indicating interaction by the logged-in user.
In the embodiment of the present application, the facial interaction may include any one or more of nodding, panning, smiling, lip movement, turning, and the like, which is not limited in the embodiment of the present application.
Step S305, receiving interactive feedback.
The interaction feedback comprises facial features of the login user and interaction actions of the login user.
In an alternative embodiment, the user terminal may start the image acquisition device while sending the interaction instruction, and the login user may complete the corresponding interaction according to the facial interaction included in the interaction instruction, and the image acquisition device may acquire the interaction of the user by using a picture or a video, and send the interaction to the user terminal.
Step S306, determining facial features of the application user of the target job number.
Specifically, a pre-stored photo containing the face information of the application user of the target job number may be acquired, and after the photo containing the face information of the application user of the target job number is acquired, the face feature of the application user may be determined from the photo by an image processing technology.
In embodiments of the present application, the image processing techniques may include, but are not limited to, OCR (Optical Character Recognition ) techniques, which are not limited in this regard.
Step S307, determining a feature similarity between the facial features of the login user and the facial features of the application user.
After determining the feature similarity between the facial features of the logged-in user and the facial features of the applied user in step S307, the living body detection result may be determined according to the feature similarity, the preset first similarity threshold value and the preset second similarity threshold value, and the specific steps may be referred to in steps S308 to S317 described below.
Step S308, whether the feature similarity is larger than or equal to a preset first similarity threshold; if yes, go to step S313; if not, step S309 is performed.
In the embodiment of the present application, the preset first similarity threshold may be 66% or 80%, which is not limited in the present application.
Step S309, whether the feature similarity is greater than or equal to a preset second similarity threshold; if yes, go to step S310; if not, step S316 is performed.
Wherein the second similarity threshold is less than the first similarity threshold.
In the embodiment of the present application, the preset second similarity threshold may be 33% or 40%, which is not limited in the present application.
Step S310, whether the living body detection times reach a preset time threshold value or not; if yes, go to step S311; if not, step S304 is performed.
In the embodiment of the present application, the preset frequency threshold may be 3 times or 5 times, which is not limited in the embodiment of the present application.
Through the technical scheme, a certain fault tolerance opportunity can be ensured in the living body detection process, namely login failure caused by failure of one-time detection can be avoided, and the experience of a user can be improved on the basis of ensuring the safety of service data.
Step S311, verification code verification is carried out, and verification code verification results are obtained.
Specifically, after the number of living body detection reaches a preset number threshold, a verification code can be sent to the user terminal, the login user can input the verification code into the user terminal, and the user terminal responds to the input operation of the login user for the verification code to verify the verification code, so that a verification result of the verification code is obtained.
Through the technical scheme, when the living body detection is between the first similarity threshold value and the second similarity threshold value for a plurality of times, the login user can be verified in a mobile phone verification code mode, and the experience of the user can be further improved on the basis of ensuring the safety of service data.
Step S312, verifying whether the verification result is passed or not by the verification code; if yes, go to step S313; if not, step S316 is performed.
Step S313, whether the interaction action of the login user is matched with the facial interaction action contained in the interaction instruction; if yes, go to step S314; if not, executing step S316;
step S314 of setting the living body detection result to pass;
step S315, the target job number is set to a login state.
Step S316, the living body detection result is set to not pass.
Step S317, displaying login failure information.
By the method, the login user and the application user of the target job number can be audited in the login process of the target job number, and the login user and the application user are ensured to be the same user, so that the safety of service data can be effectively ensured.
In an alternative embodiment, before performing the living body detection method shown in fig. 3, a target job number may also be created, and a specific creation procedure may refer to the method shown in fig. 4, and as shown in fig. 4, the method includes:
step S401, a job number application form is displayed in response to the creation flow of the application user for the job number.
The job number application form can contain post information, application authority information, user information, responsibility bearing information and the like of an application user. The user information may include a user ID (Identity) and a user phone number, etc.
Step S402, receiving submitting operation of an application user for a job number application form, and acquiring post information of the application user.
Step S403, determining the user permission corresponding to the post information of the application user.
Step S404, whether the user authority corresponding to the post information of the application user is consistent with the application authority information contained in the job number application form or not; if yes, go to step S405; if not, step S406 is performed.
Step S405, creating and displaying a target job number.
Step S406, displaying the work number creation failure information.
In an alternative embodiment, the steps S401 to S404 may be performed off-line, that is, the application user interacts with the administrator, and creates the target job number for the application user after confirming the information.
Through the technical scheme, the responsibility binding can be carried out on the target work number and the application user, the responsibility center of the application user is improved, the phenomenon of unclear responsibility during subsequent problem discovery is avoided, and further the safety of service data is ensured.
After the creation of the target job number is completed by the method shown in fig. 4, the login user can use the target job number to log in, the specific login process can refer to the method shown in fig. 3, and after the login is successful (i.e. the target job number is in a login state), the user terminal can obtain the target log information.
Step S202, if the target log information meets the preset user verification condition, identity authentication is carried out on the user with the target job number.
Wherein the user is the user currently using the target job number.
Specifically, after the target log information is obtained in step S201, the target log information may be sent to the job number auditing module, and the job number auditing module may determine, according to the content included in the target log information, whether the target log information meets a preset user authentication condition, and if the target log information meets the preset user authentication condition, perform identity authentication on the user using the target job number.
In an alternative embodiment, the preset user authentication condition includes any one of the following conditions:
the login time length contained in the target log information reaches a preset time length threshold value;
the target log information comprises an update record aiming at the first type of information; the first type of information is user identification information or sensitive data;
the login time contained in the target log information is within a preset time range;
the business operation authority contained in the target log information is outside the business operation authority corresponding to the target job number.
In an embodiment, it is assumed that the preset user verification condition is that the login time length contained in the target log information reaches a preset time length threshold, the preset time length threshold is 30 minutes, and the login time length contained in the target log information is 40 minutes, that is, the target log information meets the preset user verification condition, so that identity authentication can be performed on the user using the target job number.
In another embodiment, it is assumed that the preset user verification condition is that the target log information includes an update record for the first type of information, and the obtained target log information includes an update record for the user identification information, that is, the target log information satisfies the preset user verification condition, so that identity authentication can be performed on the user using the target job number.
In another embodiment, it is assumed that the preset user authentication condition is that the login time is within a preset time range; the preset time range is 21:00-5:00, the login time included in the acquired target log information is 21:30, namely the target log information meets the preset user verification condition, so that identity authentication can be performed on the user with the target job number.
In another embodiment, it is assumed that the preset user verification condition is that the service operation authority included in the target log information is outside the user authority of the post information corresponding to the target job number; the service operation permission contained in the target log information is assumed to be the post information for modifying the target work number, and the service operation permission of the post information corresponding to the target work number does not contain the service operation permission for modifying the post information, namely the target log information meets the preset user verification condition, so that identity authentication can be performed on a user using the target work number.
In the embodiment of the application, the sensitive data can comprise data such as job number data, monetary value data and the like.
In an alternative embodiment, the identity of the user of the target job number is authenticated by: collecting an image to be authenticated containing facial features of a user; acquiring a pre-stored standard image containing facial features of an application user; determining the image similarity between the image to be authenticated and the standard image; if the similarity is greater than a preset image similarity threshold, indicating that the user is consistent with the application user; if the similarity is smaller than the image similarity threshold, the using user is inconsistent with the applying user.
In the embodiment of the present application, the preset image similarity threshold may be 60% or 80%, which is not limited in the embodiment of the present application.
In the embodiment of the application, the image to be authenticated containing the facial features of the user is acquired by the image acquisition device without displaying an image acquisition frame. By the method, the user can be prevented from authenticating by using the image containing the facial features of the user when seeing the image acquisition frame, so that the safety of service data can be further ensured.
In an alternative embodiment, when the identity of the user with the target job number is authenticated, a living body verification manner may be adopted, and the specific living body verification process may refer to the processes from step S304 to step S316, which are not described herein.
Through the scheme, the abnormal monitoring can be carried out on the work number use record, the phenomenon of work number use abnormality is ensured to be found in time, the phenomenon of work number borrowing is avoided, and further the safety of service data is ensured.
In step S203, if the user of the target job number is inconsistent with the user applying for the target job number, the target job number is set to a non-login state.
The application user is a user applying for creating a target job number.
Specifically, after the identity of the user of the target job number is authenticated in step S202, if the user of the target job number is consistent with the user applying for the target job number, the login state of the target job number is maintained; if the using user of the target job number is inconsistent with the applying user of the target job number, setting the target job number to be in a non-login state.
Through the technical scheme, after the target work number is in a login state, the user using the target work number and the application user using the target work number can be compared, whether the user using the target work number and the application user using the target work number are the same person or not is confirmed, the work number borrowing phenomenon is effectively avoided, and further the beneficial effect of effectively guaranteeing the safety of service data is achieved.
In an alternative embodiment, the user terminal may also respond to the post adjustment operation of any user to update the user authority corresponding to the post information of the user.
In an alternative embodiment, the user terminal may further set the job status of the job corresponding to the user to a frozen state or increase the job identifier of the job corresponding to the user to a value of the blacklist of jobs in response to the off-job operation of any user.
By the method, after the user leaves the job, the job number corresponding to the user is not used by other users, so that the risk that the other users acquire the service data by using the job number of the user leaving the job is avoided, and the safety of the service data can be effectively ensured.
In an alternative embodiment, iris recognition technology or fingerprint recognition technology may also be used when user identity authentication is performed during a user login process or a user use process. Accordingly, on the basis of adopting the iris recognition technology, iris samples of users need to be collected and stored in advance so as to be compared later. Based on the adoption of the fingerprint identification technology, fingerprint samples of users need to be collected and stored in advance so as to be compared later.
In an alternative embodiment, if the job number status of the target job number is in a frozen state, the user may trigger a job number thawing operation through the user terminal, and the user terminal responds to the job number thawing operation of the user for the target job number, and performs user living detection or identity authentication on the user, and after the living detection result or the identity authentication result passes, the job number status of the target job number is set to be in a non-frozen state.
Fig. 5 is a schematic structural diagram of a job number management device according to an embodiment of the present application, as shown in fig. 5, where the device includes:
an obtaining unit 501, configured to obtain target log information in response to a target job number being in a login state; the target log information comprises log information from login time to current time of the target job number; the login time is the time of logging in the target work number;
an authentication unit 502, configured to authenticate an identity of a user using the target job number if the target log information meets a preset user verification condition; the user is the user currently using the target job number;
a processing unit 503, configured to set the target job number to a non-login state if the user of the target job number is inconsistent with the user applying for the target job number; the application user is a user applying for creating the target job number.
Optionally, the preset user authentication condition includes any one of the following conditions:
the login time length contained in the target log information reaches a preset time length threshold;
the target log information comprises an update record aiming at first-class information; the first type of information is user identification information or sensitive data;
the login time contained in the target log information is within a preset time range;
the business operation authority contained in the target log information is outside the business operation authority corresponding to the target job number.
Optionally, identity authentication is performed on the user of the target job number by the following method:
collecting an image to be authenticated containing facial features of the user;
acquiring a pre-stored standard image containing facial features of the applying user;
determining the image similarity between the image to be authenticated and the standard image;
if the image similarity is larger than a preset image similarity threshold, indicating that the using user is consistent with the applying user;
and if the image similarity is smaller than the image similarity threshold, indicating that the using user is inconsistent with the applying user.
Optionally, before the obtaining unit 501, the apparatus further includes:
the detection unit is used for responding to login operation aiming at a target work number, and performing living body detection on a login user of the target work number to obtain a living body detection result; the login user is a user logging in the target work number;
and the setting unit is used for setting the target work number to be in a login state if the living body detection result is passing.
Optionally, the detection unit is specifically configured to:
sending an interaction indication; the interaction indication comprises a facial interaction action indicating the login user to interact;
receiving interactive feedback; the interactive feedback comprises facial features of the login user and interactive actions of the login user;
determining the feature similarity between the facial features of the login user and the facial features of the application user of the target job number;
and determining the living body detection result according to the feature similarity, a preset first similarity threshold and a preset second similarity threshold.
Optionally, the detection unit is specifically configured to:
determining a job number state of a target job number in response to a login operation for the target job number;
and if the work number state of the target work number is a non-frozen state, performing living body detection on the login user of the target work number.
Fig. 6 shows a further possible construction of the job number management device according to the above embodiment. The job number management device includes: a processor 601 and a communication interface 602. The processor 601 is configured to control and manage actions of the job number management device, and the communication interface 602 is configured to support communication between the job number management device and other network entities. The job number management device may further comprise a memory 603 and a bus 604, the memory 603 for storing program codes and data of the job number management device.
Wherein the memory 603 may be a memory in a job number management device or the like, which may include a volatile memory such as a random access memory; the memory may also include non-volatile memory, such as read-only memory, flash memory, hard disk or solid state disk; the memory may also comprise a combination of the above types of memories.
The processor 601 may be implemented or executed with the various exemplary logic blocks, modules and circuits described in connection with this disclosure. The processor may be a central processing unit, a general purpose processor, a digital signal processor, an application specific integrated circuit, a field programmable gate array or other programmable logic device, a transistor logic device, a hardware component, or any combination thereof. Which may implement or perform the various exemplary logic blocks, modules and circuits described in connection with this disclosure. The processor may also be a combination that performs the function of a computation, e.g., a combination comprising one or more microprocessors, a combination of a DSP and a microprocessor, etc.
Bus 604 may be an extended industry standard architecture (Extended Industry Standard Architecture, EISA) bus or the like. The bus 604 may be divided into an address bus, a data bus, a control bus, and the like. For ease of illustration, only one thick line is shown in fig. 6, but not only one bus or one type of bus.
From the foregoing description of the embodiments, it will be apparent to those skilled in the art that, for convenience and brevity of description, only the above-described division of functional modules is illustrated, and in practical application, the above-described functional allocation may be implemented by different functional modules according to needs, i.e. the internal structure of the apparatus is divided into different functional modules to implement all or part of the functions described above. The specific working processes of the above-described systems, devices and units may refer to the corresponding processes in the foregoing method embodiments, which are not described herein.
Embodiments of the present application provide a computer program product comprising instructions which, when run on a computer, cause the computer to perform the job number management method of the above method embodiments.
The embodiment of the application also provides a computer readable storage medium, wherein the computer readable storage medium stores instructions which, when run on a computer, cause the computer to execute the job number management method in the method flow shown in the method embodiment.
The computer readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or a combination of any of the foregoing. More specific examples (a non-exhaustive list) of the computer-readable storage medium would include the following: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a random access Memory (Random Access Memory, RAM), a Read-Only Memory (ROM), an erasable programmable Read-Only Memory (Erasable Programmable Read Only Memory, EPROM), a register, a hard disk, an optical fiber, a portable compact disc Read-Only Memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing, or any other form of computer readable storage medium known in the art. An exemplary storage medium is coupled to the processor such the processor can read information from, and write information to, the storage medium. In the alternative, the storage medium may be integral to the processor. The processor and the storage medium may reside in an application specific integrated circuit (Application Specific Integrated Circuit, ASIC). In embodiments of the present application, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device.
Embodiments of the present application provide a computer program product comprising instructions which, when executed on a computer, cause the computer to perform the job number management method of the embodiments of the present application.
Since the job number management apparatus, the computer readable storage medium, and the computer program product in the embodiments of the present application can be applied to the above-mentioned method, the technical effects obtained by the method can also refer to the above-mentioned method embodiments, and the embodiments of the present application are not described herein again.
In the several embodiments provided by the present application, it should be understood that the disclosed systems, devices, and methods may be implemented in other manners. For example, the above-described apparatus embodiments are merely illustrative, and for example, the division of the units is merely a logical function division, and there may be additional divisions when actually implemented, for example, multiple units or components may be combined or integrated into another system, or some features may be omitted or not performed. Alternatively, the coupling or direct coupling or communication connection shown or discussed with each other may be through some interface, indirect coupling or communication connection of devices or units, electrical, mechanical, or other form.
The units described as separate units may or may not be physically separate, and units shown as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution of this embodiment.
In addition, each functional unit in the embodiments of the present application may be integrated in one processing unit, or each unit may exist alone physically, or two or more units may be integrated in one unit.
The present application is not limited to the above embodiments, and any changes or substitutions within the technical scope of the present application should be covered by the scope of the present application. Therefore, the protection scope of the present application should be subject to the protection scope of the claims.
Claims (12)
1. A job number management method, the method comprising:
responding to the login state of the target work number, and acquiring target log information; the target log information comprises log information from login time to current time of the target job number; the login time is the time of logging in the target work number;
If the target log information meets the preset user verification condition, carrying out identity authentication on the user of the target job number; the user is the user currently using the target job number;
if the using user of the target work number is inconsistent with the applying user of the target work number, setting the target work number to be in a non-login state; the application user is a user applying for creating the target job number.
2. The method of claim 1, wherein the preset user authentication conditions include any one of the following conditions:
the login time length contained in the target log information reaches a preset time length threshold;
the target log information comprises an update record aiming at first-class information; the first type of information is user identification information or sensitive data;
the login time contained in the target log information is within a preset time range;
the business operation authority contained in the target log information is outside the business operation authority corresponding to the target job number.
3. The method of claim 1, wherein the user of the target job number is authenticated by:
Collecting an image to be authenticated containing facial features of the user;
acquiring a pre-stored standard image containing facial features of the applying user;
determining the image similarity between the image to be authenticated and the standard image;
if the image similarity is larger than a preset image similarity threshold, indicating that the using user is consistent with the applying user;
and if the image similarity is smaller than the image similarity threshold, indicating that the using user is inconsistent with the applying user.
4. The method of claim 1, wherein prior to obtaining the target log information in response to the target job number being in a log-in state, the method further comprises:
responding to login operation aiming at a target work number, and performing living body detection on a login user of the target work number to obtain a living body detection result; the login user is a user logging in the target work number;
and if the living body detection result is that the living body detection result is passed, setting the target work number to be in a login state.
5. The method of claim 4, wherein the performing the living detection on the logged-in user of the target job number to obtain a living detection result comprises:
Sending an interaction indication; the interaction indication comprises a facial interaction action indicating the login user to interact;
receiving interactive feedback; the interactive feedback comprises facial features of the login user and interactive actions of the login user;
determining the feature similarity between the facial features of the login user and the facial features of the application user of the target job number;
and determining the living body detection result according to the feature similarity, a preset first similarity threshold and a preset second similarity threshold.
6. The method of claim 4, wherein the performing the living detection of the logged-in user of the target job number in response to the login operation for the target job number comprises:
determining a job number state of a target job number in response to a login operation for the target job number;
and if the work number state of the target work number is a non-frozen state, performing living body detection on the login user of the target work number.
7. A job number management device, the device comprising:
the acquisition unit is used for responding to the login state of the target work number and acquiring target log information; the target log information comprises log information from login time to current time of the target job number; the login time is the time of logging in the target work number;
The authentication unit is used for authenticating the identity of the user with the target work number if the target log information meets the preset user authentication condition; the user is the user currently using the target job number;
the processing unit is used for setting the target work number to be in a non-login state if the using user of the target work number is inconsistent with the applying user of the target work number; the application user is a user applying for creating the target job number.
8. The apparatus of claim 7, wherein the preset user authentication condition comprises any one of the following conditions:
the login time length contained in the target log information reaches a preset time length threshold;
the target log information comprises an update record aiming at first-class information; the first type of information is user identification information or sensitive data;
the login time contained in the target log information is within a preset time range;
the business operation authority contained in the target log information is outside the business operation authority corresponding to the target job number.
9. The apparatus of claim 7, wherein the user of the target job number is authenticated by:
Collecting an image to be authenticated containing facial features of the user;
acquiring a pre-stored standard image containing facial features of the applying user;
determining the image similarity between the image to be authenticated and the standard image;
if the image similarity is larger than a preset image similarity threshold, indicating that the using user is consistent with the applying user;
and if the image similarity is smaller than the image similarity threshold, indicating that the using user is inconsistent with the applying user.
10. The apparatus of claim 7, wherein prior to the acquiring unit, the apparatus further comprises:
the detection unit is used for responding to login operation aiming at a target work number, and performing living body detection on a login user of the target work number to obtain a living body detection result; the login user is a user logging in the target work number;
and the setting unit is used for setting the target work number to be in a login state if the living body detection result is passing.
11. A job number management apparatus, comprising: a processor and a communication interface; the communication interface being coupled to the processor for running a computer program or instructions to implement the job number management method according to any one of claims 1-6.
12. A computer readable storage medium having instructions stored therein, wherein when executed by a computer, the computer performs the job number management method of any one of the preceding claims 1-6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310678297.6A CN116756715A (en) | 2023-06-08 | 2023-06-08 | Work number management method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310678297.6A CN116756715A (en) | 2023-06-08 | 2023-06-08 | Work number management method and device |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN116756715A true CN116756715A (en) | 2023-09-15 |
Family
ID=87958218
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202310678297.6A Pending CN116756715A (en) | 2023-06-08 | 2023-06-08 | Work number management method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN116756715A (en) |
-
2023
- 2023-06-08 CN CN202310678297.6A patent/CN116756715A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| KR20130019003A (en) | Systems and methods for accessing a tamperproof storage device in a wireless communication device using biometric data | |
| JP2010518493A (en) | Method and system for dynamically controlling access to a network | |
| CN106462674A (en) | Resource access control using validation token | |
| CN109784031B (en) | Account identity verification processing method and device | |
| CN103647646A (en) | Non-repudiation for digital content delivery | |
| US11924201B1 (en) | Authentication for application downloads | |
| CN110691085B (en) | Login method, login device, password management system and computer readable medium | |
| CN112182519A (en) | Computer storage system security access method and access system | |
| WO2020181809A1 (en) | Data processing method and system based on interface checking, and computer device | |
| CN111274046A (en) | Service call validity detection method and device, computer equipment and computer storage medium | |
| CN105447927A (en) | A control method for opening access control electric locks, access controllers and an access control system | |
| CN110838195A (en) | Method for authorizing others to unlock | |
| CN103971039B (en) | Access control system and method with GPS location verification | |
| CN109033784A (en) | Identity identifying method and device in a communication network | |
| CN110930161A (en) | Method for determining operation time of business operation and self-service business operation equipment | |
| CN114244568A (en) | Security access control method, device and equipment based on terminal access behavior | |
| CN109876451A (en) | The login method and equipment of game APP | |
| CN112966249A (en) | Multi-user account switching method and device, computer equipment and medium | |
| US11409856B2 (en) | Video-based authentication | |
| US11080379B2 (en) | User authentication | |
| US11163862B2 (en) | Authentication of users based on snapshots thereof taken in corresponding acquisition conditions | |
| CN105871840A (en) | Certificate management method and system | |
| CN116756715A (en) | Work number management method and device | |
| CN109885994A (en) | A kind of offline identity authorization system, equipment and computer readable storage medium | |
| CN109885993A (en) | A kind of identity authorization system, equipment and computer readable storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |