CN102904885B - Compound authentication method of multi-identity authentication information feature - Google Patents

Compound authentication method of multi-identity authentication information feature Download PDF

Info

Publication number
CN102904885B
CN102904885B CN201210363891.8A CN201210363891A CN102904885B CN 102904885 B CN102904885 B CN 102904885B CN 201210363891 A CN201210363891 A CN 201210363891A CN 102904885 B CN102904885 B CN 102904885B
Authority
CN
China
Prior art keywords
authentication
authentication information
result
information
matrix
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CN201210363891.8A
Other languages
Chinese (zh)
Other versions
CN102904885A (en
Inventor
刘经纬
王普
杨蕾
李会民
张春晓
杨建栋
赵辉
常鹏
贾之阳
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing University of Technology
Original Assignee
Beijing University of Technology
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing University of Technology filed Critical Beijing University of Technology
Priority to CN201210363891.8A priority Critical patent/CN102904885B/en
Publication of CN102904885A publication Critical patent/CN102904885A/en
Application granted granted Critical
Publication of CN102904885B publication Critical patent/CN102904885B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Landscapes

  • Collating Specific Patterns (AREA)

Abstract

The invention provides a multi-identity authentication compounding method which can be applied to the fields of identity authentication, office automation and the like. The method specifically comprises the following steps of: collecting identity authentication information of a legal authentication object, computing and saving an feature information matrix, collecting the identity authentication information of an unknown object J to be authenticated, computing single identity authentication probability of the unknown object J to be authenticated, judging single identity authentication information feature, computing compound judgment volume of multi-identity authentication information feature, and carrying out compound judging on the multi-identity authentication information feature. According to the multi-identity authentication compounding method, the problems of the limited precision and the limited application range of a single identity authentication method can be solved, the large-range arrangement problem in the application process and a large amount of workloads brought by professional official transaction flow can be solved, and the technical effects that the single authentication accuracy rate is improved and the applicability of the single identity authentication is extended are achieved.

Description

Many authentication information feature compound authentication method
Technical field
The present invention proposes a kind of network service platform method based on many authentications composite algorism and the system that have employed the method, can be applicable to the field such as authentication, office automation.
Background technology
At present, in actual production life, identity authorization system mainly adopts the mode of single capacity certification, and more typical way is:
1. a lot of individual online payment system adopts special USB authority memory, is commonly called as the equipment of excellent shield.The program needs user when using at every turn, operates in the computer operated by all being inserted by excellent shield.Authentication committed step is: the certificate file in this excellent shield and the authentication document of far-end bank server end mate, and determine the result of authentication;
2. a lot of unit adopts fingerprint identification device, carries out authentication, system of such as registering.The program often needs all people of registering to carry out fingerprint collecting work to unified machine of registering.Authentication committed step is: the fingerprint feature information stored in the current finger print information of dispersion user and centralized fingerprint collecting equipment mates, and determines the result of authentication;
3. a lot of unit adopts and prints paper document, and the mode of multiple departments signature carries out the validity certification of business, such as file countersign system.The program need business personnel for relatively-stationary service needed certification key link print specification documents, and hold the document to relevant departments please be correlated with leader according to operation flow rule priority carry out signature confirmation.Certification committed step is that current signatory approves the signature of shareholder.
The mode of classical single capacity certification has problems and is: what single capacity certification existence was higher is imitated the possibility stolen, single method cannot conveniently be tackled to be needed in diversified application, and for the identity authorization system of complexity, different business often needs the identification authentication mode of the best most convenient adopted different.
System of such as registering is low than payment system for the requirement of reliability, the requirement of its convenience and pocket wants high than payment system, excellent shield mode then requires the necessary carried terminal equipment of user, and the terminal equipment of system of fingerprints is then the natural finger carried of user.Again such as: the system of registering of single office is applicable to concentrating deployment formula scheme, and the application of conutersigning system is applicable to adopting dispersion deployment formula scheme.
Summary of the invention
The problem that the present invention mainly solves:
In some office application, due to feature and the security requirement of the frequency of business, when a certain identity identifying method cannot complete authentication very accurately, then multiple identity identifying method can be adopted to carry out combined identity certification.Many authentications need independent identity identifying method to be organized together the demand that just can complete application by a kind of rule (algorithm).The present invention, just for the problems referred to above and present situation, proposes a kind of new method and system.
The present invention proposes a kind of network service platform method based on many authentications composite algorism, can be applicable to the field such as authentication, office automation.Mainly solve following problem: first, many authentications composite algorism is by the method compound of multiple authentication, and authentication result is unreliable in some applications to overcome single capacity authentication method, inconvenient problem with use in different application; Secondly, solve identity authorization system to dispose and widespread adoption problem; Finally, when the method is applied to Field of Office Automation, solve the hard work amount problems such as the management of a large amount of papery office document and artificial file countersign.
The technical scheme that the present invention takes:
To achieve these goals, solve the problem, this invention takes following technical scheme:
One, method:
1. more than authentication information feature compound authentication method, produces by 1.1 and preserves characteristic information storehouse and the compound of authentication information more than 1.2 certification two parts are formed;
1.1 produce and preserve characteristic information matrix, have following performing step successively:
Step 1.1.1 gathers the authentication information I of legitimate authentication object mn:
Wherein, I mnrepresent the individual known legitimate authentication object C of M mn number of authentication information, m is 1 to the positive integer of M, and n is the positive integer of 1 to N; Each known authentication object C mthere is N kind authentication information;
Wherein, C mrepresent the individual known legal authentication object of M, the J corresponded represents the object to be certified of some the unknowns; The method target is whether identify object J to be certified be M known authentication object C min one, and J is C min which;
Step 1.1.2 calculates and preserves characteristic information matrix I f:
For m authentication object C mn kind authentication information I m1, I m2..., I mN, carry out characteristic information calculating, obtain characteristic information matrix I f;
Characteristic information matrix I falso can be I m1, I m2..., I mN, also can be by I m1, I m2..., I mNthe characteristic information Tw calculated by mode identification method also can be the combination of above-mentioned two kinds of characteristic informations;
The certification of the compound of authentication information more than 1.2, has following performing step successively:
Step 1.2.1 gathers the authentication information J of unknown object J to be certified n:
J represents the object to be certified of some the unknowns, J nrepresent N number of authentication information of J, n is the positive integer of 1 to N;
Step 1.2.2 calculates single authentication probability P of object J to be certified n:
Definition P n: establish in the authentication of N kind, the result of often kind of certification is all probable value P nform, n is 1 to the positive integer of N, i.e. P 1, P 2..., P n; P nspan be integer in 0 to 1 closed interval or decimal, P nin larger expression n-th, the accuracy rate of authentication is higher;
Treat the N kind authentication information J of authentication object J ncarry out single authentication, obtain single authentication probability P n; The result Tout=(Mout, Pout) calculated has two information, and one is most probable classification situation in classification Mout, Mout intermediate scheme recognition result, if Mout is not J, then this recognition result is the probability of J is P n=0, if Mout is J, then this recognition result is the probability of J is P n=Pout;
The mono-authentication information feature of step 1.2.3 judges:
Definition PMIN n: single authentication information feature approval probability lower limit, n is the positive integer of 1 to N, represents n-th kind of authentication acceptable lower limit probability; PMIN nspan be integer in 0 to 1 closed interval or decimal;
If there is P nmeet P nbe less than PMIN n, then authentication failure, jumps to step 3.2.6 authentication failure, i.e. Y=0;
If any P nall meet P nbe more than or equal to PMIN n, then algorithm continues;
Step 1.2.4 calculates many authentication information feature compound decision content y:
The accuracy rate Y of many authentication information feature compound authentication method result is by the result P of multiple unmarried part identifying algorithm 1, P 2..., P ncalculated by many authentications composite algorism, i.e. Y=F (P 1, P 2..., P n);
The computing formula of many authentication information feature compound decision content y is:
y=W 1x P 1+W 2x P 2+…+W Nx P N
Wherein, W nfor weight coefficient, represent the influence degree of various identity authentication result to the result Y of many authentications composite algorism, n is the positive integer of 1 to N, W nspan be integer in 0 to 1 closed interval or decimal, and W 1+ W 1+ ... + W n=100%;
Step 1.2.5 many authentication information feature compound judges:
Definition PMIN: many authentication information feature compound approval probability lower limit, represents the lower limit probability of acceptable many authentications composite computing result, PMIN nspan be integer in 0 to 1 closed interval or decimal;
If y is less than PMIN, then authentication failure, jumps to step 1.2.6 authentication and does not pass through;
If y is more than or equal to PMIN, then authentication is passed through;
The accuracy rate Y=y of many authentication information feature compound authentication method result; Method terminates;
Step 1.2.6 authentication is not passed through, and method terminates;
Described authentication information is password or password or seal or smart card or signature or person's handwriting or E-token dynamic password card or excellent shield or short message password or Quick Response Code or fingerprint or palmmprint or sound or retina or DNA or face.
The method of carrying out characteristic information calculating described in step 1.1.2 have employed neural network BP training algorithm, is specially,
The input matrix of train samples is known each authentication object C mx authentication information I mX, the objective matrix of train samples to be T01, T01 be by matrix T=(1,2 ..., M) be normalized the result of calculating, the difference between adjacent two numerical value of T01 is T01diff;
Neural net adopts Self-adaptation Wavelet Neural Network, training algorithm adopts Self-adaptation Wavelet Neural Network training algorithm, the result calculated is weight matrix WIJ, WJK and change of scale parameter matrix A, B, be kept in characteristic information matrix T w, i.e. Tw=(WIJ, WJK, A, B, T01diff).
4. treat the N kind authentication information J of authentication object J ncarry out the method that single authentication adopts and have employed neural net forward calculation algorithm, be specially,
The a certain item authentication information J being input as unknown object J to be certified of neural net forward calculation x;
The weight matrix of neural net forward calculation and change of scale parameter matrix are characteristic information matrix T w;
The algorithm that neural net forward calculation calculates adopts Self-adaptation Wavelet Neural Network forward calculation algorithm, and result is numerical value y01;
Compared by y01 and T01, find the element t01 of immediate y01 in T01 matrix, it is t01 that the element namely in T01 matrix and y01 do minimum that of poor result;
T01 is carried out renormalization calculating, obtains Mout and represent the immediate classification number of result of calculation;
Calculate the probability that classification results Mout is corresponding, Pout=|t01-y01|/T01diff, wherein T01diff represents the difference between adjacent two numerical value of T01;
Therefore available result is Tout=(Mout, Pout);
The described method of carrying out characteristic information calculating can also adopt feature extracting method or template matching method or discriminant function method or statistical classification or Bayes Method or clustering methodology or fuzzy classifier method or neural net method or support vector machine method.
The described N kind authentication information J treating authentication object J ncarry out method that single authentication adopts and can also adopt feature extracting method or template matching method or discriminant function method or statistical classification or Bayes Method or clustering methodology or fuzzy classifier method or neural net method or support vector machine method.
Two, system:
Based on the network service system of many authentications, be made up of multiple user terminal (100), a real-time authentication center (200), a Certificate Authority center (300) and characteristic information storage medium (0) four part;
User terminal (100) is made up of the fingerprint recognition pick-up transducers (102) of user terminal main frame (101), user terminal and the excellent shield authenticating device (103) of user terminal; Fingerprint collecting transducer (102) is connected with user terminal main frame (101), fingerprint collecting transducer (102) gathers finger print information to be identified and sends user terminal main frame (101) to, excellent shield authenticating device (103) is connected with user terminal main frame (101), and excellent shield authenticating device (103) sends the excellent shield private key information (1103) of the user terminal preserved in characteristic information storage medium (0) to user terminal main frame (101);
Real-time authentication center (200) is made up of real-time authentication central server (201), real-time authentication center (200) with the annexation of user terminal (100) is: user terminal main frame (101) to be connect with real-time authentication central server (201) by network and is connected, the excellent shield private key information (1103) of the finger print information to be identified collected and user terminal is sent to real-time authentication central server (201) by user terminal main frame (101), real-time authentication central server (201) is calculated by the excellent shield private key information (1103) of many authentications complex method to the finger print information to be identified received and user terminal, and identity authentication result (2900) is sent to user terminal main frame (101), user terminal main frame (101) shows the identity authentication result received,
Certificate Authority center (300) is by Certificate Authority central host (301), the fingerprint collecting transducer (302) at Certificate Authority center and excellent shield authenticating device (303) composition at Certificate Authority center, Certificate Authority center fingerprint recognition pick-up transducers (302) gathers known legal user fingerprints information and sends Certificate Authority central host (301) to, Certificate Authority central host (301) calculates the known legal user fingerprints information received, obtain the fingerprint identity validation information of known legal user, and calculated characteristics information, stored in the fingerprint identity validation information database (3312) of Certificate Authority central host (301), fingerprint identity validation information database (3312) will be used for real-time authentication center (200) and identify in object identity to be certified and use, Certificate Authority central host (301) stochastic generation excellent shield authentication information PKI and private key, and by the excellent shield authentication information database (3313) of PKI stored in Certificate Authority central host (301), private key is deposited in characteristic information storage medium (0) by the excellent shield authenticating device (303) at Certificate Authority center, above-mentioned PKI, private key, excellent shield authentication information database (3313) will be used for real-time authentication center (200) and identify in object identity to be certified and use, real-time authentication central server (201) is connected with Certificate Authority central host (301) by network, and Certificate Authority central host (301) timing is to real-time authentication central server (201) one-way synchronization fingerprint identity validation information database (3312) and excellent shield authentication information database (3313).
Innovative point of the present invention is:
First, multiple single capacity identifying algorithm carries out comprehensively, having played the feature of often kind of single capacity identifying algorithm, having improved the quality of overall certification by many authentications composite algorism; Next, the network service platform method of many authentications composite algorism abandons traditional centralized identity authentication system deployment scheme, adopts collecting and distributing type deployment scheme, disposes and apply better convenience with extensive.
Advantage compared with prior art of the present invention:
Multiple authentication algorithm is integrated by many authentications composite algorism that the present invention proposes, and achieves many authentications compound, solves and overcome the single capacity authentication method insecure problem of authentication result in some cases; Secondly, the network service platform method of many authentications composite algorism abandons traditional centralized identity authentication system deployment scheme, adopt collecting and distributing type deployment scheme, solve and solve centralized identity authentication system deployment scheme inconvenient user's frequent routine use problem, and the system solved based on the network service platform method of many authentications composite algorism is applied in a large amount of papery offices existed in Field of Office Automation, runs label and wait hard work problem.
Accompanying drawing explanation
Accompanying drawing 1 system annexation block diagram
Accompanying drawing 2 method flow diagram
Embodiment
The present embodiment is described in detail below in conjunction with accompanying drawing 1.
The present embodiment is after detailed description system hardware annexation and implementation process, the specific implementation process of network service platform method when applying of many authentications composite algorism that the present invention proposes is described, to deepen the understanding of reader to content of the present invention by practice.
One, Hardware Design:
Based on the network service system of many authentications, be made up of multiple user terminal (100), a real-time authentication center (200), a Certificate Authority center (300) and characteristic information storage medium (0) four part, authentication center (300) have employed many authentications composite algorism.
Each user terminal (100) is made up of the fingerprint recognition pick-up transducers (102) of user terminal main frame (101), user terminal, the excellent shield authenticating device (103) of user terminal.User terminal main frame (101) adopts PC computer and notebook computer, fingerprint Identification sensor (102) adopts the USB fingerprint Identification sensor product of Lenovo company, and excellent shield authenticating device (103) adopts the excellent shield product of USB of EDI company.
The real-time authentication central server (201) at real-time authentication center (200) and the Certificate Authority central host (301) of Certificate Authority center (300) all adopt IBM x3650 server.
Fingerprint Identification sensor (102) is connected with user terminal main frame (101), the finger print information to be identified (1001) of user gathers and sends user terminal main frame (101) to by fingerprint Identification sensor (102), excellent shield authenticating device (103) is connected with user terminal main frame (101), and excellent shield authenticating device (103) sends the excellent shield private key information (1103) of the user terminal preserved in characteristic information storage medium (0) to user terminal main frame (101);
A real-time authentication center (200) is made up of real-time authentication central server (201), multiple user terminal (100) to be connect with real-time authentication central server (201) by wide area network and is connected, the authentication information to be identified gathered from user is sent to real-time authentication central server (201) by user terminal (100), real-time authentication central server (201) is calculated the authentication information to be identified gathered from user by many authentications composite algorism, identity authentication result is sent to user terminal (100), user terminal is according to the identity authentication result received, take corresponding process,
Certificate Authority center (300) is by Certificate Authority central host (301), the fingerprint collecting transducer (302) at Certificate Authority center and excellent shield authenticating device (303) composition at Certificate Authority center, Certificate Authority center fingerprint recognition pick-up transducers (302) gathers known legal user fingerprints information and sends Certificate Authority central host (301) to, Certificate Authority central host (301) calculates the known legal user fingerprints information received, obtain the fingerprint identity validation information of known legal user, and calculated characteristics information, stored in the fingerprint identity validation information database (3312) of Certificate Authority central host (301), fingerprint identity validation information database (3312) identifies in object identity to be certified for real-time authentication center (200) and uses, Certificate Authority central host (301) stochastic generation excellent shield authentication information PKI and private key, and by the excellent shield authentication information database (3313) of PKI stored in Certificate Authority central host (301), private key is deposited in characteristic information storage medium (0) by the excellent shield authenticating device (303) at Certificate Authority center, above-mentioned PKI, private key, excellent shield authentication information database (3313) will be used for real-time authentication center (200) and identify in object identity to be certified and use, real-time authentication central server (201) is connected with Certificate Authority central host (301) by network, and Certificate Authority central host (301) timing is to real-time authentication central server (201) one-way synchronization fingerprint identity validation information database (3312) and excellent shield authentication information database (3313),
Certificate Authority center (300) is with the difference at real-time authentication center (200): Certificate Authority center (300) are the management organizations of authentication information, and real-time authentication center (200) are actuators;
Two, system cloud gray model embodiment:
The running of system is made up of the generation of authentication information, checking two processes of authentication information;
The generation of process 2.1 authentication information:
The Certificate Authority central host (301) at process 2.1.1 Certificate Authority center (300) registers a user A for new user, and A is original positive integer in other user registration courses in system, then new user is user A;
The fingerprint collecting transducer (302) at process 2.1.2 Certificate Authority center gathers the fingerprint of user A, the finger print information (3302) at the Certificate Authority center gathered is sent to Certificate Authority center (301), Certificate Authority center (301) adopts classical algorithm for recognizing fingerprint, calculate user A fingerprint identity validation information and by it stored in fingerprint identity validation information database (3312);
The Certificate Authority central host (301) at process 2.1.3 Certificate Authority center (300) adopt classical key schedule for user A generates excellent shield authentication information PKI and private key, and by PKI stored in excellent shield authentication information database (3313), private key is passed through the excellent shield authenticating device (303) at Certificate Authority center stored in the characteristic information storage medium (0) of user A;
The Certificate Authority central host (301) at process 2.1.4 Certificate Authority center (300) is regularly to real-time authentication central server (201) unidirectional renewal fingerprint identity validation information database (3312) and the excellent shield authentication information database (3313) of real-time authentication center (200);
The checking of process 2.2 authentication information:
Process 2.2.1 user terminal (100) is received user X and is initiated ID authentication request: the finger print information of the user terminal of fingerprint collecting transducer (102) the collection user X of user terminal submits to user terminal main frame (101), and by the excellent shield authenticating device (103) of user terminal, the excellent shield private key information (1103) of user terminal in characteristic information storage medium (0) is submitted to user terminal main frame (101);
Process 2.2.2 user terminal main frame (101) sends the finger print information of user terminal and the excellent shield private key information (1103) of user terminal of user A submission to real-time authentication server (201);
Process 2.2.3 real-time authentication server (201) is input with the excellent shield private key information (1103) of the finger print information of user terminal and user terminal, adopts many authentication information compound authentication calculations to go out identity authentication result (2900);
Identity authentication result (2900) is submitted to user terminal main frame (101) by process 2.2.4 Certificate Authority central server (201), user terminal main frame (101) display result;
Three, the calculation process of many authentications composite algorism:
Many authentication information feature compound authentication method produces by 3.1 and preserves characteristic information storehouse and the compound of authentication information more than 3.2 certification two parts are formed;
3.1 produce and preserve characteristic information matrix, successively by following performing step:
Step 3.1.1 gathers the authentication information I of legitimate authentication object mn:
Have 10 known legitimate authentication objects in the present embodiment, each object has 2 authentication information, i.e. M=10, N=2; Two kinds of identity identifying methods are respectively finger print identifying and digital certificate authentication;
Wherein, I mnrepresent the individual known legitimate authentication object C of M mn number of authentication information, m is 1 to the positive integer of M, and n is the positive integer of 1 to N; Each known authentication object C mthere is N kind authentication information; C mrepresent the individual known legal authentication object of M, the J corresponded represents the object to be certified of some the unknowns; The method target is whether identify object J to be certified be M known authentication object C min one, and J is C min which;
The authentication information I of finger print identifying 11, I 21..., I 101computational methods as follows: (1) is for C 1, C 2, C 10fingerprint sensor obtain the gray level image that fingerprint image is 30x50, the interval of each pixel is 0-255.(2) image of whole 30x50 is divided into the image of 15 10x10, then the value that the value of the pixel of 100 in the image of each 10x10 is averaged calculates, obtain 15 mean values, the image by 30x50 converts the gray level image in order to 3x5 to.(3) again by 15 gray-scale pixels o'clock with 127 for threshold values, be less than or equal to 127 represent with 0, be more than or equal to 128 represent with 1, changed into the bianry image into 3x5.These 15 value composition of vector are C 1characteristic value.
The authentication information I of digital certificate authentication 12, I 22, I 102then by by 32 positive integers immediately, by the result obtained after AES, 3DES twice computations.
Step 3.1.2 calculates and preserves characteristic information matrix I f:
Characteristic information matrix I in the present embodiment fby the authentication information I of digital certificate authentication 12, I 22, I 102with the authentication information I of finger print identifying m1, I m2..., I mNthe characteristic information matrix T w calculated by mode identification method is dimerous;
The authentication information I of finger print identifying m1, I m2..., I mNthe calculating of characteristic information matrix T w adopts Self-adaptation Wavelet Neural Network;
The input matrix of train samples is 10 known authentication object C 1, C 2, C 10the 1st authentication information I 11, I 21..., I 101, the objective matrix of train samples to be T01, T01 be by constant matrices T=(1,2 ..., M) be normalized the result of calculating, the difference between adjacent two numerical value of T01 is T01diff;
I.e. T 01=(0.1,0.2 ..., 1), T01diff=0.1;
Neural net adopts Self-adaptation Wavelet Neural Network, training algorithm adopts Self-adaptation Wavelet Neural Network training algorithm, the result calculated is weight matrix WIJ, WJK and change of scale parameter matrix A, B, be kept in characteristic information matrix T w, i.e. Tw=(WIJ, WJK, A, B, T01diff).
Characteristic information matrix I fbe kept at and retain in Certificate Authority center (300), be namely saved in real-time authentication center (200); Simultaneously, for object to be certified, himself also can retain information to be certified, and namely finger print information is kept on object to be verified finger, and digital certificate authentication information (private key information) is kept at the characteristic information storage medium (0) that object to be verified is held;
The certification of the compound of authentication information more than 3.2, has following performing step successively:
Step 3.2.1 gathers the authentication information J of unknown object J to be certified n:
J represents the object to be certified of some the unknowns, J nrepresent N number of authentication information of J, Jn is the positive integer of 1 to N;
Step 3.2.2 calculates single authentication probability P of object J to be certified n:
Definition P n: establish in the authentication of N kind, the result of often kind of certification is all probable value P nform, n is 1 to the positive integer of N, i.e. P 1, P 2..., P n; P nspan be integer in 0 to 1 closed interval or decimal, P nin larger expression n-th, the accuracy rate of authentication is higher;
In the present embodiment, the result for digital certificate authentication can directly be passed through comparison, and the calculating for fingerprint verification method authentication result then adopts the process of neural net forward calculation as follows:
The a certain item authentication information J being input as unknown object J to be certified of neural net forward calculation x; In like manner J xfor fingerprint sensor obtain fingerprint image be 30x50 gray level image through averaging and after binary conversion treatment containing the vector of 15 elements;
Because the weight matrix and the change of scale parameter matrix that remain neural net forward calculation in system are characteristic information matrix T w=(WIJ, WJK, A, B, T01diff);
The algorithm of neural net forward calculation adopts Self-adaptation Wavelet Neural Network forward calculation algorithm, and result is numerical value y01; Compared by y01 and T01, find the element t01 of immediate y01 in T01 matrix, it is t01 that the element namely in T01 matrix and y01 do minimum that of poor result; T01 is carried out renormalization calculating, obtains Mout and represent the immediate classification number of result of calculation; Calculate the probability that classification results Mout is corresponding, Pout=|t01-y01|/T01diff, wherein T01diff represents the difference between adjacent two numerical value of T01; Therefore available result is Tout=(Mout, Pout);
Treat the N kind authentication information J of authentication object J ncarry out single authentication, obtain single authentication probability P n; The result Tout=(Mout, Pout) calculated has two information, and one is most probable classification situation in classification Mout, Mout intermediate scheme recognition result, if Mout is not J, then this recognition result is the probability of J is P n=0, if Mout is J, then this recognition result is the probability of J is P n=Pout;
Such as in certain object J verification process to be certified to the unknown, what obtain finger print identifying result by neural net forward calculation is categorized as C 1, its probability is P1=0.9723, and the result of digital certificate authentication is also C 1, its probability is P2=0.939;
The mono-authentication information feature of step 3.2.3 judges:
Definition PMIN n: single authentication information feature approval probability lower limit, n is the positive integer of 1 to N, represents n-th kind of authentication acceptable lower limit probability; PMIN nspan be integer in 0 to 1 closed interval or decimal;
In the present embodiment, single approval probability lower limit PMINn, i.e. PMIN1=0.9, a PMIN2=0.9 are inputted for often kind of authentication; Input weights W n, i.e. W1=0.5, W2=0.5, meet W1+W2=100%; Input compound approval probability lower limit PMIN=0.95.
If there is P nmeet P nbe less than PMIN n, then authentication failure, algorithm terminates, i.e. Y=0;
If any P nall meet P nbe more than or equal to PMIN n, then algorithm continues;
Such as, in the present embodiment situation, because P1=0.9723>0.9=PMIN1, and P2=0.939>0.9=PMIN2, so algorithm continues, carry out many authentications compound and judge.
Step 3.2.4 calculates many authentication information feature compound decision content y:
The accuracy rate Y of many authentication information feature compound authentication method result is by the result P of multiple unmarried part identifying algorithm 1, P 2..., P ncalculated by many authentications composite algorism, i.e. Y=F (P 1, P 2..., P n);
The computing formula of many authentication information feature compound decision content y is:
y=W 1x P 1+W 2x P 2+…+W Nx P N
Wherein, W nfor weight coefficient, represent the influence degree of various identity authentication result to the result Y of many authentications composite algorism, n is the positive integer of 1 to N, W nspan be integer in 0 to 1 closed interval or decimal, and W 1+ W 1+ ... + W n=100%;
Such as, in the present embodiment situation, calculates many authentications compound decision variable y,
y=W1×P1+W2×P2
=0.5x 0.9723+0.5x 0.939
=0.9556
Step 3.2.5 many authentication information feature compound judges:
Definition PMIN: many authentication information feature compound approval probability lower limit, represents the lower limit probability of acceptable many authentications composite computing result, PMIN nspan be integer in 0 to 1 closed interval or decimal;
If y is less than PMIN, then authentication failure, jumps to step 1.2.6 authentication and does not pass through;
If y is more than or equal to PMIN, then authentication is passed through;
The accuracy rate Y=y of many authentication information feature compound authentication method result; Method terminates;
Such as, in the present embodiment situation, because y=0.9556>0.95=PMIN, so authentication success, classification results is C 1.

Claims (6)

1. more than authentication information feature compound authentication method, is characterized in that: produce by 1.1 and preserve characteristic information storehouse and the compound of authentication information more than 1.2 certification two parts are formed;
1.1 produce and preserve characteristic information matrix, have following performing step successively:
Step 1.1.1 gathers the authentication information I of legitimate authentication object mn:
Wherein, I mnrepresent the individual known legitimate authentication object C of M mn number of authentication information, m is 1 to the positive integer of M, and n is the positive integer of 1 to N; Each known authentication object C mthere is N kind authentication information;
Wherein, C mrepresent the individual known legal authentication object of M, the J corresponded represents the object to be certified of some the unknowns; The method target is whether identify object J to be certified be M known authentication object C min one, and J is C min which;
Step 1.1.2 calculates and preserves characteristic information matrix I f:
For m authentication object C mn kind authentication information I m1, I m2..., I mN, carry out characteristic information calculating, obtain characteristic information matrix I f;
Characteristic information matrix I fi m1, I m2..., I mN, or by I m1, I m2..., I mNthe characteristic information Tw calculated by mode identification method, or the combination of above-mentioned two kinds of characteristic informations;
The certification of the compound of authentication information more than 1.2, has following performing step successively:
Step 1.2.1 gathers the authentication information J of unknown object J to be certified n:
J represents the object to be certified of some the unknowns, J nrepresent N number of authentication information of J, n is the positive integer of 1 to N;
Step 1.2.2 calculates single authentication probability P of object J to be certified n:
Definition P n: establish in the authentication of N kind, the result of often kind of certification is all probable value P nform, n is 1 to the positive integer of N, i.e. P 1, P 2..., P n; P nspan be integer in 0 to 1 closed interval or decimal, P nthe accuracy rate of larger expression n-th kind of authentication is higher;
Treat the N kind authentication information J of authentication object J ncarry out single authentication, obtain single authentication probability P n; The result Tout=(Mout, Pout) calculated has two information, and one is most probable classification situation in classification Mout, Mout intermediate scheme recognition result, if Mout is not J, then this recognition result is the probability of J is P n=0, if Mout is J, then this recognition result is the probability of J is P n=Pout;
The mono-authentication information feature of step 1.2.3 judges:
Definition PMIN n: single authentication information feature approval probability lower limit, n is the positive integer of 1 to N, represents n-th kind of authentication acceptable lower limit probability; PMIN nspan be integer in 0 to 1 closed interval or decimal;
If there is P nmeet P nbe less than PMIN n, then authentication failure, jumps to step 1.2.6 authentication failure, i.e. Y=0;
If any P nall meet P nbe more than or equal to PMIN n, then algorithm continues;
Step 1.2.4 calculates many authentication information feature compound decision content y:
The accuracy rate Y of many authentication information feature compound authentication method result is by the result P of multiple unmarried part identifying algorithm 1, P 2..., P ncalculated by many authentications composite algorism, i.e. Y=F (P 1, P 2..., P n);
The computing formula of many authentication information feature compound decision content y is:
y=W 1x P 1+W 2x P 2+…+W Nx P N
Wherein, W nfor weight coefficient, represent the influence degree of various identity authentication result to the result Y of many authentications composite algorism, n is the positive integer of 1 to N, W nspan be integer in 0 to 1 closed interval or decimal, and W 1+ W 1+ ... + W n=100%;
Step 1.2.5 many authentication information feature compound judges:
Definition PMIN: many authentication information feature compound approval probability lower limit, represents the lower limit probability of acceptable many authentications composite computing result, PMIN nspan be integer in 0 to 1 closed interval or decimal;
If y is less than PMIN, then authentication failure, jumps to step 1.2.6 authentication and does not pass through;
If y is more than or equal to PMIN, then authentication is passed through;
The accuracy rate Y=y of many authentication information feature compound authentication method result; Method terminates;
Step 1.2.6 authentication is not passed through, and method terminates.
2. according to the many authentication information feature compound authentication method described in claim 1, it is characterized in that: described authentication information is password or password or seal or smart card or signature or person's handwriting or E-token dynamic password card or excellent shield or short message password or Quick Response Code or fingerprint or palmmprint or sound or retina or DNA or face.
3., according to the many authentication information feature compound authentication method described in claim 1, it is characterized in that: the mode identification method described in step 1.1.2 have employed neural network BP training algorithm, is specially,
The input matrix of train samples is known each authentication object C mx authentication information I mX, the objective matrix of train samples to be T01, T01 be by matrix T=(1,2 ..., M) be normalized the result of calculating, the difference between adjacent two numerical value of T01 is T01diff;
Neural net adopts Self-adaptation Wavelet Neural Network, training algorithm adopts Self-adaptation Wavelet Neural Network training algorithm, the result calculated is weight matrix WIJ, WJK and change of scale parameter matrix A, B, be kept in characteristic information matrix T w, i.e. Tw=(WIJ, WJK, A, B, T01diff).
4. the N kind authentication information J of authentication object J is treated according to claim 3 ncarry out the method that single authentication adopts, it is characterized in that: have employed neural net forward calculation algorithm, be specially,
The a certain item authentication information J being input as unknown object J to be certified of neural net forward calculation x;
The weight matrix of neural net forward calculation and change of scale parameter matrix are characteristic information matrix T w;
The algorithm of neural net forward calculation adopts Self-adaptation Wavelet Neural Network forward calculation algorithm, and result is numerical value y01;
Compared by y01 and T01, find the element t01 of immediate y01 in T01 matrix, it is t01 that the element namely in T01 matrix and y01 do minimum that of poor result;
T01 is carried out renormalization calculating, obtains Mout and represent the immediate classification number of result of calculation;
Calculate the probability that classification results Mout is corresponding, Pout=|t01-y01|/T01diff, wherein T01diff represents the difference between adjacent two numerical value of T01;
Therefore available result is Tout=(Mout, Pout).
5. many authentication information feature compound authentication method according to claim 1, is characterized in that: the described method of carrying out characteristic information calculating can also adopt feature extracting method or template matching method or discriminant function method or statistical classification or Bayes Method or clustering methodology or fuzzy classifier method or neural net method or support vector machine method.
6. many authentication information feature compound authentication method according to claim 1, is characterized in that: the described N kind authentication information Jn treating authentication object J carries out method that single authentication adopts can also adopt feature extracting method or template matching method or discriminant function method or statistical classification or Bayes Method or clustering methodology or fuzzy classifier method or neural net method or support vector machine method.
CN201210363891.8A 2012-09-26 2012-09-26 Compound authentication method of multi-identity authentication information feature Expired - Fee Related CN102904885B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201210363891.8A CN102904885B (en) 2012-09-26 2012-09-26 Compound authentication method of multi-identity authentication information feature

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201210363891.8A CN102904885B (en) 2012-09-26 2012-09-26 Compound authentication method of multi-identity authentication information feature

Publications (2)

Publication Number Publication Date
CN102904885A CN102904885A (en) 2013-01-30
CN102904885B true CN102904885B (en) 2015-04-29

Family

ID=47576921

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201210363891.8A Expired - Fee Related CN102904885B (en) 2012-09-26 2012-09-26 Compound authentication method of multi-identity authentication information feature

Country Status (1)

Country Link
CN (1) CN102904885B (en)

Families Citing this family (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103227721B (en) * 2013-03-28 2015-11-18 金硕澳门离岸商业服务有限公司 Start the system and method for application
CN105765904B (en) * 2013-10-28 2020-02-07 宝利实业有限公司 Information bearing device and authentication device comprising the same
CN104055521B (en) * 2014-06-05 2017-10-27 胡宝华 Method for identifying ID, identifying system and health instrument
CN105279814A (en) * 2014-07-24 2016-01-27 中兴通讯股份有限公司 Driving recording treatment method and driving recording treatment system
CN110781469B (en) * 2014-08-07 2021-01-01 创新先进技术有限公司 Identity authentication method and device
CN105528702A (en) * 2014-09-30 2016-04-27 陈启洲 Digital dynamic trackless security identity authentication method
WO2016117500A1 (en) 2015-01-19 2016-07-28 日本電気株式会社 Authentication apparatus, method, system and program, and server apparatus
CN105631272B (en) * 2016-02-02 2018-05-11 云南大学 A kind of identity identifying method of multiple security
CN106330863B (en) * 2016-08-11 2020-05-19 武汉益模科技股份有限公司 Management method and system for realizing instant online countersigning of multi-party conference
CN108123926A (en) * 2016-11-30 2018-06-05 阿里巴巴集团控股有限公司 Identity identifying method and device and computing device
CN108243145B (en) * 2016-12-23 2019-04-26 中科星图股份有限公司 A kind of multi-source identity identifying method
CN107483433A (en) * 2017-08-10 2017-12-15 山东渔翁信息技术股份有限公司 A kind of method and system of authentication
CN110264597B (en) * 2019-06-13 2021-04-09 北京深思数盾科技股份有限公司 Intelligent lock and unlocking method thereof
CN110489749B (en) * 2019-08-07 2021-05-18 北京航空航天大学 Business process optimization method of intelligent office automation system
CN112738045A (en) * 2020-12-23 2021-04-30 中科三清科技有限公司 Multi-source fusion identity authentication system and method
CN112822007B (en) * 2020-12-29 2023-11-03 中国农业银行股份有限公司 User authentication method, device and equipment

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN201489537U (en) * 2009-05-25 2010-05-26 北京森博克智能科技有限公司 Multi-mode identity authentication equipment with iris recognition and USB Key function
CN101986597A (en) * 2010-10-20 2011-03-16 杭州晟元芯片技术有限公司 Identity authentication system with biological characteristic recognition function and authentication method thereof

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN201489537U (en) * 2009-05-25 2010-05-26 北京森博克智能科技有限公司 Multi-mode identity authentication equipment with iris recognition and USB Key function
CN101986597A (en) * 2010-10-20 2011-03-16 杭州晟元芯片技术有限公司 Identity authentication system with biological characteristic recognition function and authentication method thereof

Also Published As

Publication number Publication date
CN102904885A (en) 2013-01-30

Similar Documents

Publication Publication Date Title
CN102904885B (en) Compound authentication method of multi-identity authentication information feature
US11790068B2 (en) System and method for user enrollment in a secure biometric verification system
Karnan et al. Biometric personal authentication using keystroke dynamics: A review
El-Abed et al. RHU Keystroke: A mobile-based benchmark for keystroke dynamics systems
Tanwar et al. Online signature-based biometric recognition
CN105224849A (en) A kind of multi-biological characteristic merges authentication identifying method and device
CN105069622A (en) Face identification payment system facing mobile terminal and face identification payment method facing mobile terminal
US11120116B2 (en) Electronic signature authentication system
Verma et al. A Hybrid Privacy Preserving Scheme Using Finger Print Detection in Cloud Environment.
US20190257033A1 (en) System and method for a financial transaction system having a secure biometric verification system
Marcialis et al. Fusion of multiple fingerprint matchers by single-layer perceptron with class-separation loss function
US11269983B2 (en) Thermally enriched multi-modal and multi-channel biometric authentication
Yang et al. Online handwritten signature verification based on the most stable feature and partition
CN105099700A (en) Authentication method, authentication server, and system
Sharma et al. Encryption of text using fingerprints as input to various algorithms
Putz-Leszczyńska Signature verification: A comprehensive study of the hidden signature method
WO2019026415A1 (en) Signature verification system
Ali Analyzing mobile banking security using biometric authentication
Trevathan et al. Online payments using handwritten signature verification
Kumari et al. OPTIMIZED DELBPA ALGORITHM FOR BINARY PATTERN BIOMETRIC KEY AUTHENTICATION IN CLOUD DATA PRODUCTION.
Pandiaraja et al. An Overview of Joint Biometric Identification for Secure Online Voting with Blockchain Technology
CN117952621A (en) Secure payment method and system based on signature recognition
TWM592563U (en) Identity verification system
CN117172899A (en) Transaction processing method, equipment and storage medium for banking outlets
Olatubosun et al. BIOMETRIC SMART CARD POPULATION CENSUS AND NATIONAL POPULATION REGISTER.

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20150429

Termination date: 20190926

CF01 Termination of patent right due to non-payment of annual fee