CN102045165A - Method for implementing database and user information verification by using IC card - Google Patents
Method for implementing database and user information verification by using IC card Download PDFInfo
- Publication number
- CN102045165A CN102045165A CN2009102337485A CN200910233748A CN102045165A CN 102045165 A CN102045165 A CN 102045165A CN 2009102337485 A CN2009102337485 A CN 2009102337485A CN 200910233748 A CN200910233748 A CN 200910233748A CN 102045165 A CN102045165 A CN 102045165A
- Authority
- CN
- China
- Prior art keywords
- card
- password
- user
- database
- authentication
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Abstract
The invention relates to practical application of integrated circuit (IC) card identity authentication technology in the public security and traffic management industry. Information such as user name, password, database address, database user and password and the like is encrypted and stored in an IC card, the system first reads database information in the IC to connect a database when the system is started, and the user name and the password in the IC card are read after the connection is successful and are submitted for identity verification. After the verification is successful, the system can be accessed. The invention discloses a method for implementing database and user information verification by using the IC card.
Description
Technical field
The present invention relates to the practical application of IC-card authenticating identity authentication techniques in public security traffic control industry, by information encryptions such as user name, password, database address, database user and password are stored in the IC-card, the database information that at first reads among the IC in the start-up system system connects database, username and password after the successful connection in reading IC-card is submitted to and is done authentication.System is allowed for access after being proved to be successful.
Background technology
In the information system, authentication means to the user also can be divided into these three kinds substantially, only by proving that a people's identity is referred to as the single-factor authentication meeting of a condition, owing to only use a kind of condition judgment user's identity easily by counterfeit, can prove a people's identity by making up two kinds of different conditions, be referred to as double factor authentication.
Identity identifying technology from the condition that authentication need be verified, can be divided into single-factor authentication and double factor authentication from whether using hardware can be divided into software authentication and hardware identification.From authentication information, can be divided into static authentication and dynamic authentication.The development of identity identifying technology has been experienced from the software authentication to the hardware identification, authenticates to double factor authentication from single-factor, authenticates to the process of dynamic authentication from static state.Identification authentication mode commonly used mainly contains following several in computer and the network system now:
1, usemame/password mode
Usemame/password be the simplest also be the most frequently used identity identifying method, it is based on the checking means of " what you know ".Each user's password is set by this user oneself, has only him just to know by oneself, as long as therefore can correctly input password, computer just thinks that he is exactly this user.Yet in fact, because many users forget Password in order to prevent, often adopt birthday such as own or household, telephone number etc. easily by significant character string that other people guess as password, perhaps password is copied at one and oneself thought safe place, this all exists many potential safety hazards, very easily causes password to reveal.Enable promptly to guarantee that user cipher is not leaked, because password is static data, and in proof procedure, need in calculator memory He in the network, transmit, and the authorization information that each proof procedure uses all is identical, and the trojan horse program or the audiomonitor in the network that are easy to reside in the calculator memory are intercepted and captured.Therefore the usemame/password mode is a kind of is the identification authentication mode that is absolutely unsafe.We can say basically and can say without any fail safe.
2, IC-card authentication
IC-card is a kind of card of built-in integrated circuit, has the data relevant with user identity in the card, and IC-card by special device fabrication, can be thought not reproducible hardware by special manufacturer.IC-card is carried by validated user, IC-card must be inserted specially during login. and the card reader of usefulness reads information wherein, with checking user's identity.The IC-card authentication is based on the means of " what you have ", can be by not counterfeit by the not reproducible user identity that guarantees of IC-card hardware.Yet, still be easy to be truncated to user's authentication information by technology such as internal memory scanning or network monitorings from IC-card because the data that at every turn read are still static.Therefore, still there is basic potential safety hazard in the mode of static checking.
3, dynamic password
The dynamic password technology be a kind of user's of allowing password according to time or the continuous dynamic change of access times, the only expendable technology of each password.It adopts a kind of specialized hardware that is referred to as dynamic token, and built-in power, password generate chip and display screen, and password generates the special cryptographic algorithm of chip operation, generates current password and is presented on the display screen according to current time or access times.Certificate server adopts the identical current valid password of algorithm computation.When using, the user only the current password input client computer that shows on the dynamic token can need be realized the affirmation of identity.Because each password that uses must be produced by dynamic token, has only validated user just to hold this hardware, so need only password authentification by just thinking that this user's identity is reliable.And the each password that uses of user is all inequality, even the hacker has intercepted and captured password one time, also can't utilize this password to come the identity of counterfeit validated user.
The dynamic password technology adopts the method for one-time pad, has guaranteed the fail safe of user identity effectively.If but the time of client hardware and server or number of times can not keep good synchronously, just the problem that validated user can't land may take place.And also need when the user logins to input a lot of irregular password by keyboard at every turn, will redo in case misunderstand or input by mistake, user's use is very inconvenient.
4, biological characteristic authentication
Biological characteristic authentication is meant the technology that adopts everyone unique biological characteristic to come identifying user identity.Common have fingerprint recognition, an iris recognition etc.In theory, biological characteristic authentication is reliable identity authentication mode, because its direct end user's physical features is represented everyone digital identity, different people has the possibility of identical biological characteristic and can ignore, therefore hardly may be by counterfeit.
Biological characteristic authentication is subjected to the influence of biometrics identification technology maturity till now based on biometrics identification technology, adopts biological characteristic authentication also to have bigger limitation.At first, the accuracy of living things feature recognition and stability are still waiting to improve, if particularly user's body is subjected to the influence of sick and wounded or spot, often causes and can't normally discern, the situation that causes validated user to land.Secondly, because research and development drop into big and output is less, the cost of biological characteristic authentication system is very high, only is suitable for very high occasion of some security requirements such as uses such as bank, army at present, also can't accomplish the large tracts of land popularization.
5, USB Key authentication
Identification authentication mode based on USB Key is a kind of convenience that grew up in recent years, safe, economic identity identifying technology, its adopts the combine double strong factor certification mode of one-time pad of software and hardware, has solved the contradiction between fail safe and the ease for use well.USB Key is a kind of hardware device of USB interface, and its built-in single-chip microcomputer or intelligent card chip can be stored user's key or digital certificate, utilizes the authentication of the built-in cryptographic algorithm realization of USB Key to user identity.Mainly contain two kinds of application models based on USB Key identity authorization system: one is based on impact/corresponding certification mode, and two are based on the certification mode of PKI system.
Based on above elaboration, because this project is a Fare Collection System, the professional set-fee in 1 year of general region municipal public security bureau vehicle management institute is generally all at several ten million yuan greatly, the safety of system is even more important, so this project is selected usemame/password authentication techniques and the set of USB Key authentication techniques, the fail safe that has improved system greatly for use.
Summary of the invention
The objective of the invention is to: on the basis of general IC-card authentication pattern, also store the database relevant information among the IC, system can at first connect different databases according to the different IC subscriber card and carry out authentication then, has so both strengthened the flexibility that the fail safe of system has also improved system.The present invention has expanded IC-card authentication pattern.
Embodiment
Embodiment one
Interface system is examined in stake, this system adopts the development mode of C/S, mainly use in each examination hall in this area, because the native system place to use is many, the environment for use complexity so the taking into account system fail safe is determined to adopt the IC-card authentication, considers that the system database password may often need to revise, determine simultaneously the relevant information of database also to be kept in the IC-card, system dynamics obtains the relevant information of database from IC-card when using at every turn.
The process of present embodiment is:
At first when the write operation person's IC-card information of backstage, simultaneously database address, user and password are write into together.
Secondly after client operation person inserted the IC-card login system, the database information that system at first reads among the IC connected database, and the username and password after the successful connection in reading IC-card is submitted to and done authentication.System is allowed for access after being proved to be successful.
Claims (1)
1. on the basis of general IC-card authentication pattern, also store the database relevant information among the IC, system can at first connect different databases according to the different IC subscriber card and carry out authentication then, has so both strengthened the flexibility that the fail safe of system has also improved system.The present invention has expanded IC-card authentication pattern.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2009102337485A CN102045165A (en) | 2009-10-23 | 2009-10-23 | Method for implementing database and user information verification by using IC card |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2009102337485A CN102045165A (en) | 2009-10-23 | 2009-10-23 | Method for implementing database and user information verification by using IC card |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN102045165A true CN102045165A (en) | 2011-05-04 |
Family
ID=43910986
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2009102337485A Pending CN102045165A (en) | 2009-10-23 | 2009-10-23 | Method for implementing database and user information verification by using IC card |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102045165A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103049686A (en) * | 2011-10-11 | 2013-04-17 | 镇江精英软件科技有限公司 | Method for verifying information of database and user through universal serial bus (Usb) key |
| CN104426666A (en) * | 2013-09-06 | 2015-03-18 | 镇江精英软件科技有限公司 | Method for realizing user information verification of management system by IC (integrated circuit) board |
-
2009
- 2009-10-23 CN CN2009102337485A patent/CN102045165A/en active Pending
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103049686A (en) * | 2011-10-11 | 2013-04-17 | 镇江精英软件科技有限公司 | Method for verifying information of database and user through universal serial bus (Usb) key |
| CN104426666A (en) * | 2013-09-06 | 2015-03-18 | 镇江精英软件科技有限公司 | Method for realizing user information verification of management system by IC (integrated circuit) board |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US8799666B2 (en) | Secure user authentication using biometric information | |
| US20030115475A1 (en) | Biometrically enhanced digital certificates and system and method for making and using | |
| CN102456102A (en) | Method for carrying out identity recertification on particular operation of information system by using Usb key technology | |
| TWI770422B (en) | Method and system for operating IoT devices | |
| KR20090051147A (en) | Internet settlement system | |
| US20100135542A1 (en) | System and methods for biometric identification on smart devices using multos | |
| CN111131202A (en) | Identity authentication method and system based on multiple information authentication | |
| CN114556356B (en) | User authentication framework | |
| US20190132312A1 (en) | Universal Identity Validation System and Method | |
| JP5145179B2 (en) | Identity verification system using optical reading code | |
| WO2021244471A1 (en) | Real-name authentication method and device | |
| JP5439306B2 (en) | Authentication system, authentication method, authentication server, authentication program | |
| CN103049686A (en) | Method for verifying information of database and user through universal serial bus (Usb) key | |
| Struif | Use of biometrics for user verification in electronic signature smartcards | |
| CN102045165A (en) | Method for implementing database and user information verification by using IC card | |
| CN102457484A (en) | Method for checking user information by combining user name/password authentication and check code | |
| CA3121338A1 (en) | System and method for identity creation and assertion | |
| KR20030052194A (en) | A system for user verification using biometric information, a method for registering certificates in the system and a user verification method | |
| CN105897708A (en) | Information protection method and mobile terminal | |
| RU2573235C2 (en) | System and method for checking authenticity of identity of person accessing data over computer network | |
| CN108471419A (en) | Certificate sharing method based on trusted identity | |
| CN103840940A (en) | Method for achieving database information authentication through IC | |
| CN112785410A (en) | Relying party risk adjustment indicator systems and methods | |
| CN103840939A (en) | Method for reauthenticating special operation of information system through network card MAC address | |
| KR20130029261A (en) | User authentication system and method using a bio-information |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20110504 |