Summary of the invention
The technical problem that the present invention will solve is to provide a kind of intelligent cipher management system, can be safer, convenient, efficient, cheap and the cipher protection function of the realization account of hommization.
For solving the problems of the technologies described above, the invention provides following technical scheme:
A kind of intelligent cipher management system comprises:
Subscriber authentication module is used to verify that the user imports the validity of account information;
The prompt generation module; But be used for confirming account that the user imports and generate the prompt of computing when effective at random when said subscriber authentication module; For user's input and the corresponding encrypted message of said prompt; Wherein, said encrypted message is that the user uses the algorithm that presets said prompt to be carried out the result who obtains after the computing; And
Password authentication module is used for the encrypted message and the said system of user's input are compared to confirm whether checking is successful according to the acquired information calculated result.
Preferably, said password authentication module can comprise:
Search the unit, be used to search the algorithm that said user presets;
Extraction unit is used to extract all relevant prompts;
Arithmetic element is used to use said algorithm that said prompt is carried out computing;
Comparing unit is used for the encrypted message of said arithmetic element calculated result and user's input is compared.
Further, said password authentication module can also comprise:
Decoding unit is used for searching the algorithm that the unit finds and decoding said.
Further, said password authentication module can also comprise:
Counting unit is used for when the comparison result of said comparing unit when being incorrect the number of times of the password authentification that adds up;
Lock cell is used for when number of times that said counting unit adds up reaches threshold value, locking said account.
Preferably, said system also comprises:
Password setting/modified module provides the prompt and the algorithm of all computings but be used for confirming account that the user imports when said subscriber authentication module when effective, for user's setting/modification algorithm and carry out password test.
Further, said algorithm can be the algorithm after handling through reversible encryption.
Preferably, said system also comprises:
The login authentication module, be used for when said subscriber authentication module confirms that account that the user imports is effective and client with after server successfully is connected, said user is carried out session authentication, and then is that said user opens corresponding authority automatically.
Preferably, but the prompt of the computing that said prompt generation module generates at random comprises: numeral or letter or date or time or figure or sound, or numeral, letter, date, time, figure, reach the combination in any between the sound.
Preferably, the algorithm that said user presets comprises the mathematical operation rule, and/or the logical operation rule.
Preferably, but the display mode of the prompt of the computing that said prompt generation module generates at random comprise: character types and/or picture/mb-type and/or video type and/or sound-type.
Compared with prior art, intelligent cipher management system provided by the invention has plurality of advantages such as safe, that use is extensive, with low cost.Particularly; At first; The dynamic cipher verification technology is considered to can the most effectively solve one of identification authentication mode of user at present, can effectively take precautions against multiple network problems such as hacker's wooden horse theft user account password, false website, avoids user's the property or the loss of data.The present invention is owing to adopted the design principle of dynamic password, and comparing with conventional cipher more is difficult to crack, writes down and follows the tracks of, and therefore has higher fail safe.Secondly, technical scheme provided by the invention can enlarge the scope of application of electronic account and other accounts, and service condition and environment for use are had no restriction.The user can be relievedly worry with the account of oneself and password being spied on and monitoring by the people.In addition, the present invention needs extra expenditures such as token, SMS, client software unlike conventional dynamic password that kind, therefore can reduce the cost of Password Management greatly.Simultaneously, the present invention provides a strong basis for the development of password related industry, and the work that delayed to carry out owing to reasons such as safety, cost, actual effects in the past will be readily solved along with the appearance of intelligent cipher.
Below in conjunction with accompanying drawing and specific embodiment technical scheme of the present invention is carried out detailed explanation, so that characteristic of the present invention and advantage are more obvious.
Below will provide detailed explanation to embodiments of the invention.Although the present invention will combine some embodiments to set forth and explain, it should be noted that the present invention not merely is confined to these execution modes.On the contrary, the modification that the present invention is carried out perhaps is equal to replacement, all should be encompassed in the middle of the claim scope of the present invention.
In addition, for better explanation the present invention, provided numerous details in the embodiment hereinafter.It will be understood by those skilled in the art that does not have these details, and the present invention can implement equally.
Following explanation done herein in the technical term of hereinafter using:
Algorithm is meant human with computer can be understood and the normal operation method of use.
Reversible encryption is to change original information data with certain special algorithm, even make undelegated user obtain information encrypted, but the method (key) because of not knowing to decipher, still can't understand the content of information.The user only knows that key could reduce original information data.
To set forth in detail concrete realization of the present invention through a plurality of embodiment below.
The framework sketch map of the intelligent cipher management system that provides for the embodiment of the invention shown in Figure 1.Wherein, said intelligent cipher management system comprises: subscriber authentication module 110, prompt generation module 120 and password authentication module 130.Wherein, said subscriber authentication module 110 checking users import the validity of account information.When said subscriber authentication module 110 confirms that the account of users' input is effective; But said prompt generation module 120 generates the prompt of computing at random; For user's input and the corresponding encrypted message of said prompt; Wherein, said encrypted message is that the user uses the algorithm that presets said prompt to be carried out the result who obtains after the computing.In one embodiment; But the prompt of the computing that said prompt generation module 120 generates at random comprises: numeral or letter or date or time or figure or sound, or numeral, letter, date, time, figure, reach the combination in any between the sound.In addition, but the display mode of the prompt of the computing that said prompt generation module generates at random comprise: character types and/or picture/mb-type and/or video type and/or sound-type.In another embodiment, the algorithm that said user presets comprises the mathematical operation rule, and/or the logical operation rule.Said password authentication module 130 is compared the encrypted message and the said system of user's input to confirm whether checking is successful according to the acquired information calculated result.
Another framework sketch map of the intelligent cipher management system that provides for the embodiment of the invention shown in Figure 2.Wherein, said intelligent cipher management system promptly outside subscriber authentication module 110, prompt generation module 120, the password authentication module 130, also comprises: password setting/modified module 140, and login authentication module 150 except comprising structure as shown in Figure 1.Wherein, said subscriber authentication module 110, prompt generation module 120, and the function of password authentication module 130 and Fig. 1 in identical, so locate to repeat no more.But said password setting/modified module 140 is used for confirming the account of users' input when said subscriber authentication module 110 prompt and the algorithm of all computings is provided when effective, for user's setting/modification algorithm and carry out password test.Wherein, said algorithm can be the algorithm after handling through reversible encryption.Said login authentication module 150 is used for when said subscriber authentication module 110 confirms that the account of users' input is effective, and client is carried out session authentication to said user, and then be the corresponding authority of the automatic unlatching of said user with after server successfully is connected.
The password authentication module structural representation of the intelligent cipher management system that provides for the embodiment of the invention shown in Figure 3.Wherein, said password authentication module comprises: search unit 301, extraction unit 302, arithmetic element 303 and comparing unit 304.Wherein, the said unit 301 of searching is used to search the algorithm that said user presets; Said extraction unit 302 is used to extract all relevant prompts; Said arithmetic element 303 is used to use saidly searches the algorithm that unit 301 finds the prompt that said extraction unit 302 extracts is carried out computing; And operation result offered said comparing unit 304, by said comparing unit 304 encrypted message of said arithmetic element 303 calculated result and user's input is compared.Shown in the frame of broken lines of Fig. 3, in another embodiment, said password authentication module can further include for another example: decoding unit 304, it is used for searching the algorithm that unit 301 finds and decoding said.In another embodiment, said password authentication module can further include: counting unit 306 and lock cell 307.Wherein, said counting unit 306 is used for when the comparison result of said comparing unit 304 when being incorrect, the number of times of the password authentification that adds up; When the number of times that adds up when said counting unit 306 reached threshold value, said lock cell 307 was used to lock said account.
The realization flow figure of the intelligent cipher management system that provides for the embodiment of the invention shown in Figure 4.Wherein mainly be concrete function and the realization that specifies its each functional module that comprises from intelligent cipher management system side.Concrete implementation procedure specifies as follows:
In step 401, need to judge whether encryption lock, then connect the encrypted code lock if desired, if encryption lock is incorrect, then show to connect prompting; If encryption lock is correct, then change step 402 over to.Here need to prove that this step is an optional step, if the user will advise using encryption lock for the security ststem of strengthening client.If system needs the user to use encryption lock, then the user is must be connected to encryption lock on the computer of client when remote server connects.If encryption lock connects correctly then continues step 402, otherwise being connected of client and remote server will be refused/cancelled in system.
In step 402, start client and be connected with the long-range of remote server.
In step 403, judge whether success of long-range connection, if success then change step 404 over to, otherwise timing in one embodiment, surpasses 120 seconds when the time of accumulative total, then shows the prompting that can't connect, otherwise continue the judgement of step 403.Here need to prove; Because intelligent cipher adopts client to intercom mutually with the remote server end and realizes; So client must guarantee real-time man-to-man the connection with the remote server end; If client and server end are owing to the disconnection of long-time (acquiescence is more than 120 seconds) appears in the reason of network, system will point out the user to obtain with remote server to be connected.The reason that appearance can't be connected to server has a lot, but the relevant suggestion that solves can be pointed out by system, such as the inspection network whether connect unobstructed, whether be a plurality of IP, encryption lock whether correct, connect whether overtime etc.
In step 404, launch SESSION (session), launch digital certificate and launch login daily record etc.Here need to prove that SESSION mechanism is a kind of mechanism of server end, server uses a kind of structure that is similar to hash table to come preservation information.When program need be created a SESSION for the request of certain client; Server at first checks whether comprised a SESSION sign (being called SESSION_ID) in the request of this client, and if comprised a SESSION_ID before would explaining for this reason client created SESSION.SESSION is powerful guarantee, especially some session variables help of too busy to get away SESSION especially that realizes client and server end continuous communiction, so SESSION promptly opens in system in that time that client and server are set up communication.
In addition, digital certificate is to guarantee the subscription client login and carry out the data information transfer safety operation and be used for the disk tools of authentication.Through issuing the identity audit of the strictness before the digital certificate; Guarantee the holder's of digital certificate legal capacity; Thereby the holder of digital certificate to digital certificate contract, order, bidding documents, etc. the signature done in electronic document or the system bear legal liabilities, guarantee the legal force of electronic operation.Digital certificate is used for the mutual confirmation of enterprise identity authentication, data transmission security guarantee and business operation, has the legal effect of digital signature, to ensure networking user's information security and intelligent cipher management system safety.
In addition, the main effect of login daily record is to be used for the recording user relevant information in when login, and these information comprise time that the user logins, IP address, prompt, password, errors number, relaying time, disengaging time etc.The intelligent cipher management system will regularly be carried out back-up processing to these daily records, reduces server expenses on the one hand, on the one hand as carrying out safety backup.
In step 405, the client and server end begins communication.
In step 406, judge whether this user logined, if do not login, then change step 407 over to, otherwise judge whether that success withdraws from, if then get into step 407, otherwise go to step 415.Here need to prove that the intelligent cipher management system can at first be carried out this user's SESSION checking being connected once more of client and server.If this user's SESSION state is for logining, intelligent cipher will be opened this user's corresponding authority automatically.Otherwise intelligent cipher will be opened the account input page.The account input page is generally as shown in Figure 7.The account inputting interface can be used for importing the title of account.
In step 407, the explicit user login interface, the user is according to the prompting input account information at interface.
In step 408, system judges according to the information of user input whether this user exists, if existence then continue step 409, otherwise would change step 416 over to.Here need to prove the user authentication technology that the intelligent cipher management system adopts client to combine with server.At first can verify the account of user's input, if illegal will not the submission in client.After account was submitted to server, server can carry out corresponding safe handling to account and inject so that prevent script.Intelligent cipher will be opened database and inquire about this user subsequently, if this user does not exist system will point out the user---and " this user does not exist ".If there is this user in the database, the intelligent cipher management system will get into password input flow process automatically.
In step 409, generate SESSION prompt at random.Prompt is the key of intelligent cipher at random, because the user need carry out mental arithmetic to the known algorithm of these prompt utilizations.Because the prompt at random after landing is all inequality at every turn, so each calculated result is also all different.The intelligent cipher management system realizes so-called dynamic password through the mode that prompt at random adds user's mental arithmetic.Moreover, for the purpose of more safely, the intelligent cipher management system can also be the form and the regularly renewal (giving tacit consent to 10 minutes) of prompt generation picture at random.
In step 410, the display password inputting interface supplies the user to calculate correct password at heart according to prompt and the algorithm that presets, and input.Interface for password input is as shown in Figure 6, can find out that itself and traditional password input frame are different, many two row prompts above the password input frame of intelligent cipher management system.This two row prompt is that the intelligent cipher management system generates at server end at random.Prompt at random among Fig. 5 has two row, but also is digital.The kind of prompt has much at random in fact, can be numeral, letter, figure, sound and the time and date of multirow.
In step 411, whether the password of system judges input is legal, do not import once more if conform to rule prompting user, if legal then continue step 412.
In step 412, system searches the algorithm that this user presets automatically.
In step 413, the algorithm result of calculation that system's utilization is found.
In step 414, system compares the password of automatic result calculated and user's input.
In step 415, if the server end result calculated equates that with the password of client input just expression is logined successfully, otherwise prompting user cipher mistake and misregistration number of times, and return step 410, let the user re-enter correct password.In one embodiment, when count value surpasses threshold value, for example threshold value is 3, then locks this user's account.The method that locks an account can have a variety of, and modal is definite time limit release (being that account is locked automatic unlocking after a period of time).But the intelligent cipher management system is also recommended other a kind of release mode, i.e. twice unlock password method.In other words as long as the correct password of the double input of user just can automatic unlocking.
In step 416,, then register new user if the user does not exist.
In step 417, system shows new user's register interface.
In step 418, the system prompt user is provided with user name.
In step 419, the system prompt user is provided with the algorithm of password.
In step 420, whether the systems inspection password compliant, if meet then continue step 421, resets otherwise get back to step 417 prompting user.
In step 421, system adds new user.
In step 422, the algorithm that system is provided with the user is carried out reversible encryption and is handled.
In step 423, system adds the algorithm of password.
In step 424, the algorithm that the storage user of system is provided with.
In addition, can also in step 425, get into other management functions.
In step 426, explicit user can be revised password.
In step 427, the user imports password under the prompting of system.
In step 428, system verifies the password of user's input.
In step 429, system's display password is revised the interface.
In step 430, the user is provided with the algorithm of new password.
In step 431, system carries out password test.
In step 432, encrypt the algorithm of new password.
In step 433, the algorithm of system update password goes to step 424 then.
Intelligent cipher management system use flow chart for providing shown in Figure 5 according to the embodiment of the invention.Wherein mainly specify the realization of intelligent cipher function from user side.Concrete use specifies as follows:
In step 501, the user imports account information;
In step 502, its legitimacy is judged according to the accounts information of user input by system, if legal then continue step 503, otherwise point out illegal account, return step 501 prompting user and re-enter account information;
In step 503, the system queries account;
In step 504, system judges whether the account exist, if account does not exist, then returns step 501 prompting user and re-enters account information; If account exists, then continue step 505;
In step 505, but the prompt of the automated randomized generation computing of system;
In step 506, the user inputs corresponding password according to prompt;
In step 507, whether the password of system judges input is correct, if correctly then verify successfully, otherwise points out user cipher mistake and misregistration number of times, and returns step 506, lets the user re-enter password.When the number of times of misregistration surpasses three times, lock this user's account.
Intelligent cipher management system master interface sketch map for providing shown in Figure 6 according to the embodiment of the invention.It is the display interface of password setting module in the system, can comprise 8 parts: account importation 1, prompt part 2, mathematical computations part 3, logical operation part 4, system are provided with part 5, part 6, computing display part 7 and slave part are selected in answer.Wherein, slave part is optional part, in Fig. 6, does not show.Be that example is introduced password setting module function commonly used in detail below with Fig. 3.
Account importation 1 is used for being provided with the title of account, all can need new account of input when general new user registers, and also can reset password (promptly revising password) if the account has logined.The title of account can be identical in theory, but the present invention does not advise in the table of a database of the common existence of identical user name.If each user is unique, the intelligent cipher management system can be pointed out the user when user's name is conflicting so---" this user is occupied, please change a user name and register again! ".Also have three buttons on the next door of account input frame, expansion/folding, remarks and help.Launch/folding button can let the password setting interface become to simplify or abundant; The remarks button can be imported the remark information that the user provides, and these remark informations are very useful in the password that catches fire, and can certainly not fill in; Help button mainly is to help the user that password is set better.
Prompt part 2, the prompt that two line of numbers are arranged as shown in Figure 6, in fact the prompt here not only can be I than numeral, but also can be other numerals, letter, figure, sound and time and date.
Mathematical computations part 3, similar with a small-sized electronic calculator, top button comprises:
---Arabic numerals 1; ---Arabic numerals 2; ---Arabic numerals 3; ---Arabic numerals 4; ---Arabic numerals 5; ---Arabic numerals 6; ---Arabic numerals 7; ---Arabic numerals 8; ---Arabic numerals 9; ---Arabic numerals 0; [(]---left bracket; [)]---right parenthesis; [+]---plus sige; [-]---minus sign; [*]---multiplication sign; [÷]---the division sign; [rounding]---the result rounds; [surplus removing]---the result gets surplus; [.]---decimal point; [^]---cloud operator etc.
Logical operation part 4 is the spitting image of the logic connective of program language, and it is exactly a logical operator in fact, and the button above it comprises:
[＞]---greater-than sign, [＜]---is less than, [>=]---more than or equal to, [≤]---smaller or equal to, [≠]---be not equal to, [=]---equal, [if] if---logic determines (being equivalent to if), [so]---logic determines (is equivalent to true) so, [otherwise]---logic determines otherwise (being equivalent to else), [and]---logical AND is judged, [perhaps]---logic OR is judged, [ends]---logic determines end (being equivalent to end).
System is provided with part 5, generally is a drop-down list box, through drop-down list box the employed system of current algorithm can be set.System commonly used has 8 systems, the decimal system and hexadecimal.Select hexadecimal mathematics calculating section with corresponding launching [a], [b], [c], [d], [e], [f] hexadecimal button, select octal system mathematics calculating section corresponding button of closing other system banks.System is provided with [.] of drop-down list box front---decimal point button with [^]---power button, and [result's reservation] button of back all belongs to the mathematical computations part.The result keeps drop-down list generally to be had: before the decimal point, behind the decimal point and three kinds of options of integer.Acquiescence is that the result is kept the numeral on preceding first the promptly individual position of decimal point.
Part 6 is selected in answer, is used for being provided with a certain position password.Because the embodiment of the invention is advised the corresponding answer of each calculating process, answer selects part normally to realize through radio button.Radio button [answer 1], [answer 2], [answer 3], [answer 4], [answer 5], [answer 6] etc. are used for being provided with the calculating process of answer 1, answer 2, answer 3, answer 4, answer 5, answer 6 respectively.The calculating process of each answer all can be presented in the multiline text frame, and the multiline text frame is shown in mark 7 parts among Fig. 6.
Computing display part 7 is meant to the set calculating process of current answer.The main effect of computing display part is to belong to the algorithm that is provided with in order to let the user be expressly understood more and to remember oneself.
In addition, slave part can also be arranged, why in Fig. 6, not marking is because slave part can have a lot, such as: identifying code, identifying code is prepared in order to prevent malicious registration, when mouse can become greatly through out-of-date identifying code, is convenient to the user and confirms.When click did not see, system can refresh identifying code, did not refresh identifying code if do not click, and identifying code also can periodic refreshing, and the main purpose of doing like this is for system safety.The acquiescence refresh time is 20 minutes.Safety code is used for being provided with the user's security question and answer, is convenient to the user and gives the intelligent cipher of oneself in the future for change.Cancel button, reform button and reset button all for ease the user calculating process is set and designs.Click store button, system will carry out simulation test to all answers, if not through soon not submitting to, if through submitting to.
Intelligent cipher management system interface for password input sketch map for providing shown in Figure 8 according to the embodiment of the invention.After the user inputs the password (also being appreciated that the answer into prompt) after the mental arithmetic, click [confirming] button in the interface for password input.
Various aspects during intelligent cipher management system provided by the invention can be used in people's life, for example web account, bank account, certificate, commodity etc.Below, the brief account concrete application of intelligent cipher management system in above industry once.
Instance one: WEB account
User A has an E-mail address.The account name of E-mail address is admingmail.com, and user A is provided with an algorithm account: on each prompt, all add 1, and keep preceding 1 of decimal point.After the network address of user A login http://www.gmail.com, in the login panel, import admingmail.com in the user name text box, click [confirming] button.The intelligent cipher management system has generated a string prompt 1,2,3,4,5,6 at random.After user A sees prompt, on each prompt, all add 1, and keep preceding 1 of decimal point, the result after the mental arithmetic is 2,3,4,5,6,7.Then, user A is 234567 input password boxs and click [login] button.Like this, user A has just accomplished the application of a WEB account.The Web account comprises: website members, E-mail address, game player etc.
Instance two: bank account
User B has a credit card.The account of credit card is 121212121210006, and user B is provided with an algorithm for this card: on each prompt, all add 2, and keep preceding 1 of decimal point.After user B used the POS to swipe the card, the intelligent cipher management system had generated a string prompt 1,2,3,4,5,6 at random.After user B sees prompt, on each prompt, all add 2, and keep preceding 1 of decimal point, the result after the mental arithmetic is 3,4,5,6,7,8.User B imports 345678 these several numerals successively and clicks [confirming] button then.Like this, user B has just accomplished the application of a credit card.Bank account comprises: credit card, bank card, bankbook etc.
Instance three: checking certificate
User C has a degree's diploma.Certificate be encoded to 0001, user C is provided with an algorithm for this identity card: on each prompt, all add and multiply by 2, and keep preceding 1 of decimal point.After user C used the POS to swipe the card or imports the certificate coding, the intelligent cipher system had generated a string prompt 1,2,3,4,5,6 at random.After user C sees prompt, on each prompt, all multiply by 2, and keep preceding 1 of decimal point, the result after the mental arithmetic is 2,4,6,8,0,2.User C imports 246802 these several numerals successively and clicks [checking] button then.User C has just accomplished the application of a degree's diploma like this.Certificate comprises: identity card, degree's diploma, passport, driving license etc.
Instance four: checking commodity
The A of businessman is a producer, produces computer, and the A of businessman is provided with the algorithm of commodity checking at 315 centers: prompt multiply by 3, and keeps the decimal point front three.And according to this algorithm each computer is all sticked these labels, database of record simultaneously.The computer that user D has bought; Scrape antifalsification label then off, login 315 websites, input anti-fake code 123369 (this coding comprises two parts---prompt part and answer part); The intelligent cipher management system resolves into two parts to anti-fake code automatically: prompt and password; System all multiply by 3 to 123, and keeps the decimal point front three, and the result is 369.Work as product obsolescence, and anti-fake code was when using several times (acquiescence once), the intelligent cipher management system will be pointed out user D relevant information, and delete this anti-fake code.
In sum, from above-mentioned each embodiment, can find out,, increase the difficulty that cracks of intelligent cipher when having increased the possibility of computing because intelligent cipher management system of the present invention can provide diversified prompt.Because more available prompt operation method be also just many more, operation method is many more, and the difficulty of password cracking is also just high more.
In addition, intelligent cipher management system of the present invention has adopted following several method to increase safeness of Data Bank: server end adopts fire compartment wall and viral wooden horse scanning technique to increase the fail safe of server.Database adopts the software and hardware way of combining to increase the safety in utilization of data.Submit to the character string of coming to adopt the method for carrying out the escape processing to prevent that script from injecting to client.Adopt the way of submeter mapping to increase safeness of Data Bank to subscriber's meter and operation method table.Content in the operation method table is carried out reversible encryption to be handled.And adopt multi-course concurrency to handle, improve the operation efficiency of server and database.
In addition, intelligent cipher management system of the present invention adopts the mode of communication one to one, improves the fail safe that client is communicated by letter with server end.What is called just is meant that one to one client is communicated by letter without other servers or equipment with server end.When the discovering server client ip address is unusual, will forbid some authority of user and make friendly prompting so that help legal users to solve potential safety hazard.One-to-one communication can solve imitative user's problem effectively.
Have, the powerful part of intelligent cipher management system just is again, validated user has used algorithm that one or two people can't get a glimpse of that prompt is at random carried out computing, and submits to server to operation result as password.So though algorithm is all still the same because each different calculated result of prompt at random is also inequality, thereby realize the dynamic password of one-time pad.
The application of intelligent cipher management system of the present invention can have a variety of, and for example PC, mobile phone, phone, letter etc. are almost contained all communications fields.
Preceding text embodiment and accompanying drawing are merely embodiment commonly used of the present invention.Obviously, under the prerequisite of the present invention's spirit that does not break away from claims and defined and invention scope, can have and variously augment, revise and replace.It should be appreciated by those skilled in the art that the present invention can change not deviating under the prerequisite of inventing criterion aspect form, structure, layout, ratio, material, element, assembly and other according to concrete environment and job requirement to some extent in practical application.Therefore, embodiment disclosed here only is illustrative rather than definitive thereof, and scope of the present invention is defined by accompanying claims and legal equivalents thereof, and the description before being not limited thereto.