CN103607389A - Remote wireless identity authentication system - Google Patents
Remote wireless identity authentication system Download PDFInfo
- Publication number
- CN103607389A CN103607389A CN201310583874.XA CN201310583874A CN103607389A CN 103607389 A CN103607389 A CN 103607389A CN 201310583874 A CN201310583874 A CN 201310583874A CN 103607389 A CN103607389 A CN 103607389A
- Authority
- CN
- China
- Prior art keywords
- authentication system
- system client
- wireless authentication
- remote server
- server end
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Collating Specific Patterns (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The invention discloses a remote wireless identity authentication system which comprises a wireless identity authentication system client employing the 3G/4G technology and a remote server end. A user acquires a fingerprint gray scale image on the client through a wireless identity authentication system, and fingerprint characteristics are extracted from the image. Once a server receives the fingerprint characteristics of the user, the received fingerprint characteristics and fingerprint characteristics in a database are contrasted, and a contrast result is fed back to the client timely. Corresponding processing is carried out by the client according to the feed-back result from the server end, and thereby identity information authentication of the user is carried out. The remote wireless identity authentication system has properties of low cost and safe and reliable performance, can establish wide development and application space for the identity authentication technology and the 3G/4G technology, and thereby an ideal solution scheme is provided for various technical problems of identity authentication and information safety in a present society.
Description
Technical field
The present invention relates to a kind of identity authorization system, particularly a kind of long distance wireless identity authorization system.
Background technology
Along with society and economic fast development, interpersonal communication becomes closer with exchanging.Yet most authentication all adopts certificate, magnetic card or password.These modes cannot be avoided forging or be lost, and password is also easy to be stolen or forget, and cause the phenomenon of carrying out criminal activity with various forged identities to emerge in an endless stream.Biological identification technology is fingerprint identification technology particularly, with its advance and reliability, is rapidly developed.
At present, the identity authorization system of relevant biological characteristic adopts PC inline process type more both at home and abroad, physical characteristics collecting system and PC machine, consists of.Although existing system can meet user's needs aspect memory space,, PC machine add the development cost that has increased undoubtedly system.And its volume is larger, the bad adaptability of environment, is unfavorable for developing integration apparatus.In addition, because PC machine system is an open system, reside in that living things feature recognition software on PC machine easily suffers computer virus and from the malicious attack of the illegal invasion of this locality or far-end or distort, so fail safe is lower.
Summary of the invention
The object of the present invention is to provide a kind of with low cost, safe and reliable, can provide desirable solution for various authentications and the information security technology problem that current social faces, a kind of long distance wireless fingerprint ID authentication system based on 3G/4G technology is provided.
A kind of long distance wireless identity authorization system provided by the invention, comprise wireless authentication system client and remote server end, technical scheme is as follows: wireless authentication system client is provided with finger print acquisition module and communication module A, and finger print acquisition module is used for gathering fingerprint gray level image, from gray level image, extracts fingerprint characteristic data
,finger print acquisition module is connected with communication module A, and communication module A sends to remote server end by the request message of fingerprint characteristic data from wireless authentication system client by the mode of radio communication; Remote server end is provided with communication module B and certificate server, communication module B is connected with communication module A by wireless communication mode, for receiving the fingerprint characteristic data that wireless authentication system client sends, certificate server is provided with fingerprint database, communication module B sends to certificate server by the request message of the fingerprint characteristic data receiving, certificate server is compared by the fingerprint characteristic data in database and the fingerprint characteristic data receiving, and the result of comparison is sent back to wireless authentication system client by communication module B.
Further: described remote server end is a server farm, at least a hardware firewall equipment and two-server, consists of, and is divided into certificate server and fingerprint database server, certificate server is for the data processing of fingerprint identifying; Fingerprint database server is used for storing the relevant informations such as finger print data.
Further: the transfer of data between the communication module A of described wireless authentication system client and remote server end communication module B adopts 3G online mode to carry out wireless transmission, and wireless authentication system client is set up OPENSSL coded communication by wireless network and remote server end.
?further: described wireless authentication system client also can be worked under not online pattern, be free of attachment under the pattern of remote server end, wireless authentication system client is connected to and is arranged on local database and completes fingerprint comparison and authentication result feedback.
?further: described from wireless authentication system client, the mode by radio communication sends to the request message of fingerprint characteristic data the process of remote server end from wireless authentication system client, remote server end authenticates wireless authentication system client, wireless authentication system client passes through its hardware encipher key, user account number, user cipher, the information such as user location are pre-stored on remote database server, when wireless authentication system client connects remote server end and the pre-stored information of remote server end compare, request message transmits by the mode of md5 encryption.
Further: the fingerprint characteristic comparing result data message that described wireless authentication system client is regularly deleted the fingerprint characteristic data collecting in certain hour section and obtained from remote server end, reaches after readding and burn technique effect.
Further: described wireless authentication system client, by regularly sending heartbeat instruction to remote server end, allows remote server end confirm that wireless authentication system client is online, and the time interval that regularly sends heartbeat instruction is 5-60 second.
Further: described remote server end can be served confirmation and be checked online wireless authentication system client by heartbeat, and interval 5 minutes is by sending request packet check wireless authentication system client hardware encipher key, user account number, user cipher, user location and software version information, confirm the legitimacy of wireless authentication system client, the request message of illegal wireless authentication system client is done to delete and process, and disconnection is connected with its TCP, in 24 hours, be no longer connected communication with this wireless authentication system client.
Further: the database of described remote server end stores the hardware chip numbering of the wireless authentication system client of authority connection in advance, the hardware encipher key of wireless authentication system client is carried out after legitimacy check, only the wireless authentication system client of the hardware encipher key that list stores in advance to remote server end responds, the request message that other hardware encipher keys are sent, remote server end is directly deleted message afterwards in reception, message is not processed, and TCP connection is not carried out in 24 hours in illegal packet IP address, in corresponding IP address 24 hours, request message is directly deleted.
Further: described remote server end is in the process of authenticate wireless identity authorization system client hardware encryption key checking, by SSH mode, log on wireless authentication system client, the situation whether whether software that detects wireless authentication system client legal, preserve user's identity information privately, illegal and privately preserve subscriber identity information at the wireless authentication system client of this ground to software, remote server end will abandon wireless authentication system client fingerprint recognition request message.
Further: described remote service end is provided with anti-message aggression module, the request message that remote server end sends the wireless authentication system client of the same hardware encipher key by after checking is only processed 30 for one minute, for the request message remote server end that surpasses this standard, carries out discard processing; For the request message of all wireless authentication system clients, the total amount of remote server end processing request message in one second, for being less than or equal to 10000, is carried out discard processing for the request message remote server end that surpasses this standard.
Further: the mode that described wireless authentication system client can also be by wide area network is delivered to the request message of the fingerprint characteristic data of fingerprint characteristic data on remote service end after by fire compartment wall, remote service end carries out legitimacy detection to the request message of fingerprint characteristic data, to detecting the request message of legal fingerprint characteristic data, by certificate server, send to fingerprint database server to identify fingerprint character code again, after fingerprint database server recognition user information, user profile is sent to certificate server, by certificate server, send to wireless authentication system client again.
The beneficial effect that the present invention brings is as follows:
1. wireless authentication system client is communicated by letter and need to be encrypted authentication with remote database server, wireless authentication system client need to be informed remote server end simultaneously, the information such as the hardware encipher key of wireless authentication system, user account number, user cipher, user location, by encrypting and authenticating, improve the fail safe of data transmission procedure, guarantee that individual privacy do not reveal.
2. wireless authentication system client burns technology after adopting and readding, and does not preserve user's identity information in this ground, guarantees the fail safe of user profile.
3. wireless authentication system client is communicated by letter with remote database server and is adopted OPENSSL coded communication mode, guarantees data communications security.
4. wireless authentication system client is communicated by letter and is had heartbeat pattern with remote server end, wireless authentication system client needs regularly to send heartbeat instruction advertisement service end client and exists, regularly transmission heartbeat instruction is the shortest is not less than 5 seconds, no longer than 60 seconds, if the heartbeat instruction that in the stipulated time, service end is not received client, service end thinks that client does not exist, or goes offline, and client again Connection Service end need to authenticate again; By heartbeat service, can improve remote server end operating efficiency, tightening security property.
5. remote server end can be checked online wireless authentication system client, detect in real time the legitimacy of wireless authentication system client, to the processing that can go offline of illegal wireless authentication system client, and stop corresponding wireless authentication system client to be again connected to remote server end by fire compartment wall.
6. the hardware encipher key client that remote service end only exists server list responds, other illegal hardware encipher key packet loss are processed, by fire compartment wall, arranged the shielding of 24 hours is carried out in illegal packet IP address simultaneously, in corresponding IP address 24 hours, request message directly abandons.
7. remote service end is provided with anti-message aggression module, and the request message of a wireless authentication system client is only processed to 30 request messages in one minute.Total request message was processed 10000 request messages in one second, to surpassing the message of attack protection waterline, carried out discard processing.
8. remote server end can log on wireless authentication system client by SSH mode, whether legally detect client software, the identity information of whether privately preserving user is in this ground, illegal and privately preserve subscriber identity information and carry out self-locking and forbid being connected to server in the client of this ground to software.
9. remote database server is a server zone, at least there is a hardware firewall equipment and two-server, a certificate server and a fingerprint database server, wide area network request message is delivered on certificate server after by fire compartment wall, certificate server carries out legitimacy detection to message, to detecting legal message, certificate server sends to fingerprint database server identification fingerprint character code again, after fingerprint database server recognition user information, user profile is sent to certificate server, by certificate server, send to wireless authentication system client again.
10. long distance wireless authentication client can be operated under two kinds of patterns: single cpu mode and wireless online pattern.Under single cpu mode, long distance wireless authentication client is just equivalent to a miniature identity authorization system, the processes such as collection, processing, feature extraction, the data that can complete individually fingerprint image are preserved, the comparison of characteristic value, authentication.
Cost of the present invention is low, dependable performance, can provide desirable solution for various authentications and the information security technology problem that current social faces.
Accompanying drawing explanation
Fig. 1 is overall system block diagram of the present invention.
Fig. 2 is the total figure of wireless authentication system client design of the present invention.
Embodiment
Detailed reference example, has provided the example of these embodiment in the accompanying drawings.In detailed description, some specific detail have been proposed below, to allow those skilled in the art have more thorough understanding to the present invention.Yet those skilled in the art it will be clear that realization of the present invention can not only be limited to these specific details.Other in the situation that, known method, program, components and parts, assembly, circuits and networks are not described in detail, to avoid the correlative detail ambiguous of following examples.
embodiment 1
Fig. 1 is overall system block diagram of the present invention, and Fig. 2 is the total figure of wireless authentication system client design of the present invention.Long distance wireless identity authorization system consists of jointly wireless authentication system client and remote server end.Wireless authentication system client is provided with finger print acquisition module and communication module A, and finger print acquisition module is used for gathering fingerprint gray level image, from gray level image, extracts fingerprint characteristic data
,finger print acquisition module is connected with communication module A, and communication module A sends to remote server end by the request message of fingerprint characteristic data from wireless authentication system client by the mode of radio communication; Described remote server end is a server farm, a hardware firewall equipment, a certificate server, a fingerprint database server, consists of, and certificate server is for the data processing of fingerprint identifying; Fingerprint database server is used for storing the relevant informations such as finger print data.By being arranged on the communication module B of remote server end and the transfer of data between remote server end communication module A, by 3G network, carry out wireless transmission, for receiving the fingerprint characteristic data that wireless authentication system client sends, and set up OPENSSL coded communication, certificate server is provided with fingerprint database, communication module B sends to certificate server by the fingerprint characteristic data of the request message receiving, certificate server is compared by the fingerprint characteristic data in database and the fingerprint characteristic data receiving, and the result of comparison is sent back to wireless authentication system client by communication module B.Wireless authentication system client is made corresponding processing according to returning results of remote server end, completes the identity information authentication to user.
embodiment 2
Fig. 1 is overall system block diagram of the present invention, and long distance wireless identity authorization system consists of jointly wireless authentication system client and remote server end.Wireless authentication system client is provided with finger print acquisition module and communication module A, and finger print acquisition module is used for gathering fingerprint gray level image, from gray level image, extracts fingerprint characteristic data
,finger print acquisition module is connected with communication module A, and communication module A sends to remote server end by the request message of fingerprint characteristic data from wireless authentication system client by the mode of radio communication; Stating remote server end is a server farm, a hardware firewall equipment, a certificate server, two fingerprint database server, consists of, and certificate server is for the data processing of fingerprint identifying; Fingerprint database server is used for storing the relevant informations such as finger print data.Remote server end is provided with communication module B and certificate server, communication module B carries out wireless transmission by the transfer of data between communication module A and remote server end communication module B by 4G network, for receiving the fingerprint characteristic data that wireless authentication system client sends, by being arranged on the communication module B of remote server end and the transfer of data between remote server end communication module A, by 4G network, carry out wireless transmission, for receiving the fingerprint characteristic data that wireless authentication system client sends, and set up OPENSSL coded communication.The mode that wireless authentication system client is communicated by letter by 4G network wireless sends to the request message of fingerprint characteristic data the process of remote server end from wireless authentication system client, remote server end authenticates wireless authentication system client, wireless authentication system client passes through its hardware encipher key, user account number, user cipher, the information such as user location are pre-stored on remote database server, when wireless authentication system client connects remote server end and the pre-stored information of remote server end compare, request message transmits by the mode of md5 encryption.
Certificate server is provided with fingerprint database, communication module B sends to certificate server by the fingerprint characteristic data of the request message receiving, certificate server is compared by the fingerprint characteristic data in database and the fingerprint characteristic data receiving, and the result of comparison is sent back to wireless authentication system client by communication module B.Wireless authentication system client is made corresponding processing according to returning results of remote server end, thereby complete, user's identity information is authenticated.Wireless authentication system client is kept at the data of remote server end feedback in internal memory, and user is after reference service device feedback data, and client is deleted this data in 5 minutes, the feedback data that user does not consult, and client is deleted this data in 2 hours.Do not preserve user's identity information in this ground, guarantee the fail safe of user profile, and reach after readding and burn technique effect.
Wireless authentication system client, by regularly sending heartbeat instruction to remote server end, allows remote server end confirm that wireless authentication system client is online, and the time interval that regularly sends heartbeat instruction is 60 seconds.Remote server end can be served confirmation and be checked online wireless authentication system client by heartbeat, and interval 5 minutes is by sending request packet check wireless authentication system client hardware encipher key, user account number, user cipher, user location and software version information, confirm the legitimacy of wireless authentication system client, the request message of illegal wireless authentication system client is done to delete and process, and disconnect and to be connected with its TCP, in 24 hours, be no longer connected communication with this wireless authentication system client.
The database of remote server end stores the hardware chip numbering of the wireless authentication system client of authority connection in advance, the hardware encipher key of wireless authentication system client is carried out after legitimacy check, only the wireless authentication system client of the hardware encipher key that list stores in advance to remote server end responds, the request message that other hardware encipher keys are sent, remote server end is directly deleted message afterwards in reception, message is not processed, and TCP connection is not carried out in 24 hours in illegal packet IP address, in corresponding IP address 24 hours, request message is directly deleted.
Remote server end is in the process of authenticate wireless identity authorization system client hardware encryption key checking, by SSH mode, log on wireless authentication system client, the situation whether whether software that detects wireless authentication system client legal, preserve user's identity information privately, illegal and privately preserve subscriber identity information at the wireless authentication system client of this ground to software, remote server end will abandon wireless authentication system client fingerprint recognition request message.
Remote service end is also provided with anti-message aggression module, the request message that remote server end sends the wireless authentication system client of the same hardware encipher key by after checking is only processed 30 for one minute, for the request message remote server end that surpasses this standard, carries out discard processing; For the request message of all wireless authentication system clients, the total amount of remote server end processing request message in one second, for being less than or equal to 6000, is carried out discard processing for the request message remote server end that surpasses this standard.
embodiment 3
Fig. 1 is overall system block diagram of the present invention, and long distance wireless identity authorization system consists of jointly wireless authentication system client and remote server end.Wireless authentication system client is provided with finger print acquisition module and communication module A, and finger print acquisition module is used for gathering fingerprint gray level image, from gray level image, extracts fingerprint characteristic data
,finger print acquisition module is connected with communication module A, and communication module A sends to remote server end by the request message of fingerprint characteristic data from wireless authentication system client by the mode of radio communication; Stating remote server end is a server farm, a hardware firewall equipment, two certificate servers, a fingerprint database server, consists of, and certificate server is for the data processing of fingerprint identifying; Fingerprint database server is used for storing the relevant informations such as finger print data.Remote server end is provided with communication module B and certificate server, communication module B carries out wireless transmission by the transfer of data between communication module A and remote server end communication module B by 3G network, for receiving the fingerprint characteristic data that wireless authentication system client sends, by being arranged on the communication module B of remote server end and the transfer of data between remote server end communication module A, by 3G network, carry out wireless transmission, for receiving the fingerprint characteristic data that wireless authentication system client sends, and set up OPENSSL coded communication.Wireless authentication system client sends to the request message of fingerprint characteristic data the process of remote server end from wireless authentication system client by the mode of 3G network radio communication, remote server end authenticates wireless authentication system client, wireless authentication system client passes through its hardware encipher key, user account number, user cipher, the information such as user location are pre-stored on remote database server, when wireless authentication system client connects remote server end and the pre-stored information of remote server end compare, request message transmits by the mode of md5 encryption.
Certificate server is provided with fingerprint database, communication module B sends to certificate server by the fingerprint characteristic data of the request message receiving, certificate server is compared by the fingerprint characteristic data in database and the fingerprint characteristic data receiving, and the result of comparison is sent back to wireless authentication system client by communication module B.Wireless authentication system client is made corresponding processing according to returning results of remote server end, thereby complete, user's identity information is authenticated.Wireless authentication system client is kept at the data of remote server end feedback in internal memory, and user is after reference service device feedback data, and client is deleted this data in 5 minutes, the feedback data that user does not consult, and client is deleted this data in 2 hours.Do not preserve user's identity information in this ground, guarantee the fail safe of user profile, and reach after readding and burn technique effect.
Wireless authentication system client, by regularly sending heartbeat instruction to remote server end, allows remote server end confirm that wireless authentication system client is online, and the time interval that regularly sends heartbeat instruction is 5 seconds.Remote server end can be served confirmation and be checked online wireless authentication system client by heartbeat, and interval 5 minutes is by sending request packet check wireless authentication system client hardware encipher key, user account number, user cipher, user location and software version information, confirm the legitimacy of wireless authentication system client, the request message of illegal wireless authentication system client is done to delete and process, and disconnect and to be connected with its TCP, in 24 hours, be no longer connected communication with this wireless authentication system client.
The database of remote server end stores the hardware chip numbering of the wireless authentication system client of authority connection in advance, the hardware encipher key of wireless authentication system client is carried out after legitimacy check, only the wireless authentication system client of the hardware encipher key that list stores in advance to remote server end responds, the request message that other hardware encipher keys are sent, remote server end is directly deleted message afterwards in reception, message is not processed, and TCP connection is not carried out in 24 hours in illegal packet IP address, in corresponding IP address 24 hours, request message is directly deleted.
Remote server end is in the process of authenticate wireless identity authorization system client hardware encryption key checking, by SSH mode, log on wireless authentication system client, the situation whether whether software that detects wireless authentication system client legal, preserve user's identity information privately, illegal and privately preserve subscriber identity information at the wireless authentication system client of this ground to software, remote server end will abandon wireless authentication system client fingerprint recognition request message.
Remote service end is also provided with anti-message aggression module, the request message that remote server end sends the wireless authentication system client of the same hardware encipher key by after checking is only processed 30 for one minute, for the request message remote server end that surpasses this standard, carries out discard processing; For the request message of all wireless authentication system clients, the total amount of remote server end interior processing request message in one second is 8000, for the request message remote server end that surpasses this standard, carries out discard processing.
embodiment 4
Fig. 1 is overall system block diagram of the present invention, and long distance wireless identity authorization system consists of jointly wireless authentication system client and remote server end.Wireless authentication system client is provided with finger print acquisition module and communication module A, and finger print acquisition module is used for gathering fingerprint gray level image, from gray level image, extracts fingerprint characteristic data
,finger print acquisition module is connected with communication module A, and communication module A sends to remote server end by the request message of fingerprint characteristic data from wireless authentication system client by the mode of radio communication; Stating remote server end is a server farm, a hardware firewall equipment, three certificate servers, three fingerprint database server, consists of, and certificate server is for the data processing of fingerprint identifying; Fingerprint database server is used for storing the relevant informations such as finger print data.Remote server end is provided with communication module B and certificate server, communication module B carries out wireless transmission by the transfer of data between communication module A and remote server end communication module B by 4G network, for receiving the fingerprint characteristic data that wireless authentication system client sends, by being arranged on the communication module B of remote server end and the transfer of data between remote server end communication module A, by 4G network, carry out wireless transmission, for receiving the fingerprint characteristic data that wireless authentication system client sends, and set up OPENSSL coded communication.The mode that wireless authentication system client is communicated by letter by 4G network wireless sends to the request message of fingerprint characteristic data the process of remote server end from wireless authentication system client, remote server end authenticates wireless authentication system client, wireless authentication system client passes through its hardware encipher key, user account number, user cipher, the information such as user location are pre-stored on remote database server, when wireless authentication system client connects remote server end and the pre-stored information of remote server end compare, request message transmits by the mode of md5 encryption.
Certificate server is provided with fingerprint database, communication module B sends to certificate server by the fingerprint characteristic data of the request message receiving, certificate server is compared by the fingerprint characteristic data in database and the fingerprint characteristic data receiving, and the result of comparison is sent back to wireless authentication system client by communication module B.Wireless authentication system client is made corresponding processing according to returning results of remote server end, thereby complete, user's identity information is authenticated.Wireless authentication system client is kept at the data of remote server end feedback in internal memory, and user is after reference service device feedback data, and client is deleted this data in 5 minutes, the feedback data that user does not consult, and client is deleted this data in 2 hours.Do not preserve user's identity information in this ground, guarantee the fail safe of user profile, and reach after readding and burn technique effect.
Wireless authentication system client, by regularly sending heartbeat instruction to remote server end, allows remote server end confirm that wireless authentication system client is online, and the time interval that regularly sends heartbeat instruction is 35 seconds.Remote server end can be served confirmation and be checked online wireless authentication system client by heartbeat, and interval 5 minutes is by sending request packet check wireless authentication system client hardware encipher key, user account number, user cipher, user location and software version information, confirm the legitimacy of wireless authentication system client, the request message of illegal wireless authentication system client is done to delete and process, and disconnect and to be connected with its TCP, in 24 hours, be no longer connected communication with this wireless authentication system client.
The database of remote server end stores the hardware chip numbering of the wireless authentication system client of authority connection in advance, the hardware encipher key of wireless authentication system client is carried out after legitimacy check, only the wireless authentication system client of the hardware encipher key that list stores in advance to remote server end responds, the request message that other hardware encipher keys are sent, remote server end is directly deleted message afterwards in reception, message is not processed, and TCP connection is not carried out in 24 hours in illegal packet IP address, in corresponding IP address 24 hours, request message is directly deleted.
Remote server end is in the process of authenticate wireless identity authorization system client hardware encryption key checking, by SSH mode, log on wireless authentication system client, the situation whether whether software that detects wireless authentication system client legal, preserve user's identity information privately, illegal and privately preserve subscriber identity information at the wireless authentication system client of this ground to software, remote server end will abandon wireless authentication system client fingerprint recognition request message.
Remote service end is also provided with anti-message aggression module, the request message that remote server end sends the wireless authentication system client of the same hardware encipher key by after checking is only processed 30 for one minute, for the request message remote server end that surpasses this standard, carries out discard processing; For the request message of all wireless authentication system clients, the total amount of remote server end interior processing request message in one second is 10000, for the request message remote server end that surpasses this standard, carries out discard processing.
User utilizes wireless authentication system to obtain fingerprint gray level image on wireless authentication system client, then from image, extracts fingerprint characteristic.Wireless authentication system client is communicated by letter with remote database server and is adopted OPENSSL coded communication mode, guarantees data communications security.Server end is once the fingerprint characteristic that receives user, by with database in fingerprint characteristic compare, and result is fed back to client in time.
Fig. 2 is the total figure of wireless authentication system client design of the present invention, and the wireless authentication system client based on 3G technology is mainly comprised of master controller, power module, finger print acquisition module, memory module, communication module and human-computer interaction module.
Above content is in conjunction with concrete preferred implementation further description made for the present invention, can not assert that specific embodiment of the invention is confined to these explanations.For general technical staff of the technical field of the invention, without departing from the inventive concept of the premise, can also make some simple deduction or replace, all should be considered as belonging to protection scope of the present invention.
Claims (12)
1. a long distance wireless identity authorization system, comprise wireless authentication system client and remote server end, it is characterized in that: wireless authentication system client is provided with finger print acquisition module and communication module A, finger print acquisition module is used for gathering fingerprint gray level image, from gray level image, extracts fingerprint characteristic data, finger print acquisition module is connected with communication module A, and communication module A sends to remote server end by the request message of fingerprint characteristic data from wireless authentication system client by the mode of radio communication; Remote server end is provided with communication module B and certificate server, communication module B is connected with communication module A by the mode of radio communication, for receiving the fingerprint characteristic data that wireless authentication system client sends, certificate server is provided with fingerprint database, communication module B sends to certificate server by the request message of the fingerprint characteristic data receiving, certificate server is compared by the fingerprint characteristic data in database and the fingerprint characteristic data receiving, and the result of comparison is sent back to wireless authentication system client by communication module B.
2. long distance wireless identity authorization system as claimed in claim 1, it is characterized in that: described remote server end is a server farm, at least by a hardware firewall equipment and two-server, formed, be divided into certificate server and fingerprint database server, certificate server is for the data processing of fingerprint identifying; Fingerprint database server is used for storing the relevant informations such as finger print data.
3. long distance wireless identity authorization system as claimed in claim 1, it is characterized in that: the transfer of data between the communication module A of described wireless authentication system client and remote server end communication module B adopts 3G online mode to carry out wireless transmission, and wireless authentication system client is set up OPENSSL coded communication by wireless network and remote server end.
4. long distance wireless identity authorization system as claimed in claim 1, it is characterized in that: described wireless authentication system client also can be worked under not online pattern, be free of attachment under the pattern of remote server end, wireless authentication system client is connected to and is arranged on local database and completes fingerprint comparison and authentication result feedback.
5. long distance wireless identity authorization system as claimed in claim 1, it is characterized in that: described from wireless authentication system client, the mode by radio communication sends to the request message of fingerprint characteristic data the process of remote server end from wireless authentication system client, remote server end authenticates wireless authentication system client, wireless authentication system client passes through its hardware encipher key, user account number, user cipher, the information such as user location are pre-stored on remote database server, when wireless authentication system client connects remote server end and the pre-stored information of remote server end compare, request message transmits by the mode of md5 encryption.
6. the long distance wireless identity authorization system as described in claim 1 to 5 any one claim, it is characterized in that: the fingerprint characteristic comparing result data message that wireless authentication system client is regularly deleted the fingerprint characteristic data collecting in certain hour section and obtained from remote server end, reaches after readding and burn technique effect.
7. long distance wireless identity authorization system as claimed in claim 1, it is characterized in that: described wireless authentication system client is by regularly sending heartbeat instruction to remote server end, allow remote server end confirm that wireless authentication system client is online, the time interval that regularly sends heartbeat instruction is 5-60 second.
8. long distance wireless identity authorization system as claimed in claim 7, it is characterized in that: remote server end can be served confirmation and be checked online wireless authentication system client by heartbeat, and interval 5 minutes is by sending request packet check wireless authentication system client hardware encipher key, user account number, user cipher, user location and software version information, confirm the legitimacy of wireless authentication system client, the request message of illegal wireless authentication system client is done to delete and process, and disconnection is connected with its TCP, in 24 hours, be no longer connected communication with this wireless authentication system client.
9. the long distance wireless identity authorization system as described in claim 1 or 8, it is characterized in that: the database of described remote server end stores the hardware chip numbering of the wireless authentication system client of authority connection in advance, the hardware encipher key of wireless authentication system client is carried out after legitimacy check, only the wireless authentication system client of the hardware encipher key that list stores in advance to remote server end responds, the request message that other hardware encipher keys are sent, remote server end is directly deleted message afterwards in reception, message is not processed, and TCP connection is not carried out in 24 hours in illegal packet IP address, in corresponding IP address 24 hours, request message is directly deleted.
10.. long distance wireless identity authorization system as claimed in claim 9, it is characterized in that: described remote server end is in the process of authenticate wireless identity authorization system client hardware encryption key checking, by SSH mode, log on wireless authentication system client, whether the software that detects wireless authentication system client is legal, the situation of whether privately preserving user's identity information, illegal and privately preserve subscriber identity information at the wireless authentication system client of this ground to software, remote server end will abandon wireless authentication system client fingerprint recognition request message.
11. long distance wireless identity authorization systems as described in claim 1 or 10, it is characterized in that: described remote service end is provided with anti-message aggression module, the request message that remote server end sends the wireless authentication system client of the same hardware encipher key by after checking is only processed 30 for one minute, for the request message remote server end that surpasses this standard, carries out discard processing; For the request message of all wireless authentication system clients, the total amount of remote server end processing request message in one second, for being less than or equal to 10000, is carried out discard processing for the request message remote server end that surpasses this standard.
12. long distance wireless identity authorization systems as claimed in claim 11, it is characterized in that: the mode that wireless authentication system client can also be by wide area network is delivered to the request message of the fingerprint characteristic data of fingerprint characteristic data on remote service end after by fire compartment wall, remote service end carries out legitimacy detection to the request message of fingerprint characteristic data, to detecting the request message of legal fingerprint characteristic data, by certificate server, send to fingerprint database server to identify fingerprint character code again, after fingerprint database server recognition user information, user profile is sent to certificate server, by certificate server, send to wireless authentication system client again.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310583874.XA CN103607389A (en) | 2013-11-20 | 2013-11-20 | Remote wireless identity authentication system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310583874.XA CN103607389A (en) | 2013-11-20 | 2013-11-20 | Remote wireless identity authentication system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN103607389A true CN103607389A (en) | 2014-02-26 |
Family
ID=50125589
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201310583874.XA Pending CN103607389A (en) | 2013-11-20 | 2013-11-20 | Remote wireless identity authentication system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103607389A (en) |
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105101187A (en) * | 2015-06-16 | 2015-11-25 | 努比亚技术有限公司 | Method and system for processing encrypted information |
| CN105391747A (en) * | 2014-09-03 | 2016-03-09 | 苏州派尔网络科技有限公司 | Cloud intelligent equipment management method |
| CN106713249A (en) * | 2015-11-18 | 2017-05-24 | 大唐移动通信设备有限公司 | Authentication method and device |
| WO2017147762A1 (en) * | 2016-02-29 | 2017-09-08 | 葛煜浩 | Interactive system and device based on biological characteristic |
| CN107861632A (en) * | 2017-11-23 | 2018-03-30 | 中国电子科技集团公司第二十八研究所 | A kind of networking with backlight function logs in fingerprint recognition key board unit |
| CN108875353A (en) * | 2017-05-15 | 2018-11-23 | 中国移动通信有限公司研究院 | A kind of management method and device of the preset application of terminal |
| CN112241133A (en) * | 2020-10-13 | 2021-01-19 | 江苏亚楠电子科技有限公司 | Remote control method, device and equipment tool kit |
| CN112704267A (en) * | 2020-12-25 | 2021-04-27 | 深圳市基克纳科技有限公司 | Electronic cigarette control method and device and electronic cigarette |
-
2013
- 2013-11-20 CN CN201310583874.XA patent/CN103607389A/en active Pending
Cited By (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105391747A (en) * | 2014-09-03 | 2016-03-09 | 苏州派尔网络科技有限公司 | Cloud intelligent equipment management method |
| CN105101187A (en) * | 2015-06-16 | 2015-11-25 | 努比亚技术有限公司 | Method and system for processing encrypted information |
| CN106713249A (en) * | 2015-11-18 | 2017-05-24 | 大唐移动通信设备有限公司 | Authentication method and device |
| WO2017147762A1 (en) * | 2016-02-29 | 2017-09-08 | 葛煜浩 | Interactive system and device based on biological characteristic |
| CN108875353A (en) * | 2017-05-15 | 2018-11-23 | 中国移动通信有限公司研究院 | A kind of management method and device of the preset application of terminal |
| CN108875353B (en) * | 2017-05-15 | 2020-07-14 | 中国移动通信有限公司研究院 | Method and device for managing preset application of terminal |
| CN107861632A (en) * | 2017-11-23 | 2018-03-30 | 中国电子科技集团公司第二十八研究所 | A kind of networking with backlight function logs in fingerprint recognition key board unit |
| CN112241133A (en) * | 2020-10-13 | 2021-01-19 | 江苏亚楠电子科技有限公司 | Remote control method, device and equipment tool kit |
| CN112241133B (en) * | 2020-10-13 | 2022-07-29 | 江苏亚楠电子科技有限公司 | Remote control method, device and equipment tool kit |
| CN112704267A (en) * | 2020-12-25 | 2021-04-27 | 深圳市基克纳科技有限公司 | Electronic cigarette control method and device and electronic cigarette |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103607389A (en) | Remote wireless identity authentication system | |
| Yuan et al. | A biometric-based user authentication for wireless sensor networks | |
| CN106789015B (en) | Intelligent power distribution network communication safety system | |
| CN108173822A (en) | Intelligent door lock management-control method, intelligent door lock and computer readable storage medium | |
| CN110324287A (en) | Access authentication method, device and server | |
| CN105553666B (en) | Intelligent power terminal safety authentication system and method | |
| CN102377756B (en) | Service access method and system, authentication method and system, client and authentication server | |
| CN106960148A (en) | The distribution method and device of a kind of device identification | |
| CN103517273A (en) | Authentication method, managing platform and Internet-of-Things equipment | |
| CN105099690A (en) | OTP and user behavior-based certification and authorization method in mobile cloud computing environment | |
| Dua et al. | Replay attack prevention in Kerberos authentication protocol using triple password | |
| CN105897424A (en) | Method for enhancing identity authentication | |
| CN107612949B (en) | Wireless intelligent terminal access authentication method and system based on radio frequency fingerprint | |
| CN109379338A (en) | A kind of recognition methods of Web application system SessionID attack | |
| CN104754571A (en) | User authentication realizing method, device and system thereof for multimedia data transmission | |
| GB2469287A (en) | Authentication of a nodes identity using a certificate comparison | |
| US20150328119A1 (en) | Method of treating hair | |
| CN103414562A (en) | Method and device for controlling user right based on URL fingerprint technology | |
| CN110740140A (en) | network information security supervision system based on cloud platform | |
| CN110474921A (en) | A kind of perception layer data fidelity method towards local Internet of Things | |
| WO2014049027A1 (en) | Network security | |
| Akhtar et al. | A systemic security and privacy review: Attacks and prevention mechanisms over IOT layers | |
| CN102833067B (en) | Trilateral authentication method and system and authentication state management method of terminal equipment | |
| CN112311553B (en) | Equipment authentication method based on challenge response | |
| CN103179564B (en) | Based on the network application login method of mobile terminal authentication |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| WD01 | Invention patent application deemed withdrawn after publication | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20140226 |