CN103886233B - Method, the apparatus and system of device security are improved by binding hardware - Google Patents
Method, the apparatus and system of device security are improved by binding hardware Download PDFInfo
- Publication number
- CN103886233B CN103886233B CN201410145855.3A CN201410145855A CN103886233B CN 103886233 B CN103886233 B CN 103886233B CN 201410145855 A CN201410145855 A CN 201410145855A CN 103886233 B CN103886233 B CN 103886233B
- Authority
- CN
- China
- Prior art keywords
- hardware
- user
- binding
- equipment
- biological characteristic
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 46
- 230000000052 comparative effect Effects 0.000 claims abstract description 27
- 230000006870 function Effects 0.000 claims description 15
- 230000001755 vocal effect Effects 0.000 claims description 14
- 238000013507 mapping Methods 0.000 claims description 7
- 238000012795 verification Methods 0.000 description 7
- 238000004891 communication Methods 0.000 description 6
- 230000008901 benefit Effects 0.000 description 5
- 230000006399 behavior Effects 0.000 description 3
- 238000010168 coupling process Methods 0.000 description 3
- 238000005859 coupling reaction Methods 0.000 description 3
- 230000009471 action Effects 0.000 description 2
- 230000008878 coupling Effects 0.000 description 2
- 230000003993 interaction Effects 0.000 description 2
- 230000008569 process Effects 0.000 description 2
- 238000012545 processing Methods 0.000 description 2
- 208000002193 Pain Diseases 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 238000012937 correction Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 230000036407 pain Effects 0.000 description 1
- 230000009466 transformation Effects 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/101—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM] by binding digital rights to specific entities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/101—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM] by binding digital rights to specific entities
- G06F21/1015—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM] by binding digital rights to specific entities to users
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/32—User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/34—User authentication involving the use of external additional devices, e.g. dongles or smart cards
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Multimedia (AREA)
- Technology Law (AREA)
- Collating Specific Patterns (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a kind of method that device security is improved by binding hardware, apparatus and system, by the way that user biological feature and external hardware or internal hardware are bound, and using hardware physical features function can not duplication characteristic mode, the security of equipment can be increased substantially, and then ensures the privacy and interests of user.The method that the present invention improves device security by binding hardware includes:Gather the biological characteristic of user and obtain the hardware characteristics of hardware to be bound;The biological characteristic and the hardware characteristics are bound by setting rule;When user enters equipment, the biological characteristic got is compared with hardware characteristics with the biological characteristic that equipment has been stored with hardware characteristics, and obtain comparative result;The equipment is controlled according to the comparative result.
Description
Technical field
The present invention relates to equipment safety field, and in particular to a kind of side that device security is improved by binding hardware
Method, apparatus and system.
Background technology
The safety of present electronic product and communication apparatus is more and more important, and each manufacturer is also taken in equipment safety this part evil spirit
Pains.Using human body biological characteristics, such as fingerprint, vocal print or iris, it is widely used as system access module, such as
Iphone5 newest Apple just make use of fingerprint module to enter system.
The safety of existing electronic product and communication apparatus is main special by numerical ciphers, security hardware or human-body biological
Levy and protected.Numerical ciphers are easy to use, and user only needs to progress and is simply provided and equipment can be encrypted;Hardware security
Equipment, such as U-shield, are the cipher modes for being bound numerical ciphers and hardware, but this is only simple superposition;Human body
Biological characteristic, because the analog signal feature in these simulated worlds of people can be as the unique features for recognizing people, thus gives birth to
Fingerprint, iris, one's voice in speech or the shape of face of thing feature, such as people can be for protecting the exclusive use of user and hidden
It is private.
However, because numerical ciphers are easier to crack, thus the safety of electronic product and communication apparatus can not be ensured;
For security hardware, due to being only numerical ciphers and hardware simple superposition, lost in security hardware or by more
When powerful and expensive hardware device is attacked, just it is easy to be broken;And although biological characteristic has its uniqueness, but it is biological special
Levying to be replicated, such as the duplication of fingerprint, once the biological characteristic of user is replicated, the equipment of user be able to may be invaded,
Data in user equipment, which will expose, to come.Due to the means of communication of present more and more users, shopping tool or payment work
The selections such as tool are associated with communication apparatus, therefore user equipment is invaded and is likely to bring huge loss to user.
The content of the invention
The invention provides a kind of method that device security is improved by binding hardware, apparatus and system, by inciting somebody to action
User biological feature and external hardware or internal hardware are bound, and using hardware physical features function can not duplication characteristic side
Formula, can increase substantially the security of equipment, and then ensure the privacy and interests of user.
The method provided in an embodiment of the present invention that device security is improved by binding hardware, including:
Gather the biological characteristic of user and obtain the hardware characteristics of hardware to be bound;
The biological characteristic and the hardware characteristics are bound by setting rule;
When user enters equipment, the biological characteristic that the biological characteristic got and hardware characteristics and equipment have been stored with
Hardware characteristics compare, and obtain comparative result;
The equipment is controlled according to the comparative result.
Alternatively,
The biological characteristic includes fingerprint characteristic and/or face characteristic and/or iris feature and/or vocal print feature.
Alternatively,
The biological characteristic of the collection user includes:
The fingerprint characteristic of user is gathered by fingerprint module,
And/or
The face characteristic and/or iris feature of user is gathered by camera,
And/or
The vocal print feature of user is gathered by microphone.
Alternatively,
The hardware to be bound includes external hardware or the device interior hardware.
Alternatively,
The hardware to be bound is external hardware;
The corresponding hardware characteristics of the external hardware are hardware data or parameter;
The external hardware is that third party provides or certification.
Alternatively,
Methods described also includes:
User related information data is provided to licensed-in four directions.
Alternatively,
The user related information data is provided and used by the licensed-in fourth direction application or service provider.
Alternatively,
Also include before step provides user related information data to licensed-in four directions:
The user related information data is encrypted.
Alternatively,
The hardware to be bound is device interior hardware;
The corresponding hardware characteristics of the device interior hardware can not copy function for the physics of the internal hardware
(Physically Un-clonable Function, PUF).
Alternatively,
The device interior hardware is the internal memory of equipment.
Alternatively,
The equipment includes:Mobile phone or tablet personal computer.
The device provided in an embodiment of the present invention that device security is improved by binding hardware, including:
Acquisition module is gathered, for gathering the biological characteristic of user and obtaining the hardware characteristics of hardware to be bound;
Binding module, for binding the biological characteristic and the hardware characteristics by setting rule;
Comparison module, for when user enters equipment, the biological characteristic got and hardware characteristics to have been deposited with equipment
The biological characteristic of storage is compared with hardware characteristics, and obtains comparative result;
Control module, for controlling the equipment according to the comparative result.
Alternatively,
The collection acquisition module includes collecting unit and acquiring unit;
The collecting unit is used for the biological characteristic for gathering user;
The acquiring unit is used for the hardware characteristics for obtaining hardware to be bound.
Alternatively,
The collecting unit includes:
Fingerprint module and/or camera and/or microphone, wherein,
The fingerprint module is used for the fingerprint characteristic for gathering user;
The camera is used for the face characteristic and/or iris feature for gathering user;
The microphone is used for the vocal print feature for gathering user.
The system provided in an embodiment of the present invention that device security is improved by binding hardware, including:
At least two devices that device security is improved by binding hardware as described in claim 12 to 14;
User has mutual mapping relations, described device and application or service binding with described device;
Between user described at least two,
Or
Between at least two described devices,
Or
Between user described at least two and at least two described devices,
Or
Realize and tie up by the binding of the mutual mapping relations between one user and at least two described devices
It is fixed.
In the embodiment of the present invention, the biological characteristic of user is gathered first and the hardware characteristics of hardware to be bound are obtained;Then
The biological characteristic and the hardware characteristics are bound by setting rule;Then when user enters equipment, by the life got
Thing feature is compared with hardware characteristics with the biological characteristic that equipment has been stored with hardware characteristics, and obtains comparative result;Finally according to
The comparative result controls the equipment.By way of by user biological feature and the binding of external hardware or internal hardware, this
The method of invention, apparatus and system have advantages below:
1st, using by the binding of the biological characteristic of hardware and user, and hardware physical features function can not duplication characteristic side
Formula, can increase substantially the security of equipment, and then ensure the privacy and interests of user;
2nd, because hardware and the biological characteristic of user are mutually bound, therefore it can conveniently realize that the safety between multi-user is tied up
It is fixed, so as to provide facility for the interaction between multi-user.
Brief description of the drawings
Fig. 1 improves the method first embodiment flow chart of device security for the present invention by binding hardware;
Fig. 2 improves the method second embodiment flow chart of device security for the present invention by binding hardware;
Fig. 3 improves the method 3rd embodiment flow chart of device security for the present invention by binding hardware;
Fig. 4 improves the device embodiment structural representation of device security for the present invention by binding hardware.
Embodiment
The invention provides a kind of method that device security is improved by binding hardware, apparatus and system, by inciting somebody to action
User biological feature and external hardware or internal hardware are bound, and using hardware physical features function can not duplication characteristic side
Formula, can increase substantially the security of equipment, and then ensure the privacy and interests of user.
Referring to Fig. 1, the method first embodiment of device security is improved in the embodiment of the present invention by binding hardware
Including:
101st, gather the biological characteristic of user and obtain the hardware characteristics of hardware to be bound;
Before biological characteristic and hardware binding of the equipment by user, it can first gather the biological characteristic of user and acquisition is treated
Bind the hardware characteristics of hardware.
Above-mentioned biological characteristic can specifically include one kind in fingerprint characteristic, face characteristic, iris feature and vocal print feature
Or it is a variety of, the biological characteristic of above-mentioned collection user can specifically include:By the fingerprint characteristic of fingerprint module collection user, and/
Or the face characteristic and/or iris feature of user are gathered by camera, and/or it is special by the vocal print of microphone collection user
Levy.
Above-mentioned hardware to be bound can include external hardware or device interior hardware, and said external hardware can specifically include
U-shield or draw OK a karaoke club etc. that bank provides, the said equipment internal hardware can specifically include device memory, loudspeaker or CPU etc..
102nd, biological characteristic and hardware characteristics are bound by setting rule;
, can be regular by biology by setting after the biological characteristic for gathering user and the hardware characteristics for obtaining hardware to be bound
Feature is bound with hardware characteristics.
103rd, when user enters equipment, the biology spy that the biological characteristic got and hardware characteristics have been stored with equipment
Levy and compared with hardware characteristics, and obtain comparative result;
By setting rule by after biological characteristic and hardware characteristics binding, if user needs to enter or access equipment, this sets
It is standby the biological characteristic got to be compared with hardware characteristics with the biological characteristic that equipment has been stored with hardware characteristics, and compared
Relatively result.
104th, according to comparative result control device.
If comparative result is the biological characteristic and hardware characteristics that the biological characteristic got has been stored with hardware characteristics and equipment
Match or be consistent, then user can enter equipment, and otherwise equipment can be to field feedback.It is above-mentioned to have to field feedback
Body can include feedback error reason and solution etc..
By the way that user biological feature and external hardware or internal hardware are bound, and using hardware physical features function not
The mode of reproducible characteristic, the method that the embodiment of the present invention improves device security by binding hardware can be increased substantially
The security of equipment, and then ensure the privacy and interests of user.
The method first embodiment that the present invention improves device security by binding hardware is described above, is described below
The second embodiment of the method for device security is improved by binding hardware, referring to Fig. 2, by tying up in the embodiment of the present invention
Determine hardware includes come the second embodiment for the method for improving device security:
201st, gather the biological characteristic of user and obtain the external hardware feature of external hardware to be bound;
Before equipment is by the biological characteristic of user and external hardware binding, it can first gather the biological characteristic of user and obtain
Take the hardware characteristics of external hardware to be bound.
Above-mentioned biological characteristic can specifically include one kind in fingerprint characteristic, face characteristic, iris feature and vocal print feature
Or it is a variety of, the biological characteristic of above-mentioned collection user can specifically include:By the fingerprint characteristic of fingerprint module collection user, and/
Or the face characteristic and/or iris feature of user are gathered by camera, and/or it is special by the vocal print of microphone collection user
Levy.
Said external hardware is that third party provides or certification, and its corresponding external hardware is characterized as hardware data or parameter,
Such as the U-shield or drawing OK a karaoke club that can be provided for bank.
It should be noted that above-mentioned external hardware by equipment use during, may exist collect use
The behavior of family custom used in connection with or application data information, this behavior is general only to be used the publisher for providing the external hardware,
After the biological characteristic of external hardware and user is bound, user can be defined to this behavior, can further protect
The privacy of user.
202nd, biological characteristic and external hardware feature are bound by setting rule;
After the biological characteristic for gathering user and the external hardware feature for obtaining external hardware to be bound, it can be advised by setting
Then biological characteristic and external hardware feature are bound.
Above-mentioned setting rule can be specifically:External hardware feature is done after proper transformation, bound with user biological feature.
203rd, when user enters equipment, the life that the biological characteristic got and external hardware feature have been stored with equipment
Thing feature is compared with external hardware feature, and obtains comparative result;
After biological characteristic and external hardware feature are bound by setting rule, if user needs to enter or access equipment,
Biological characteristic and external hardware feature that the equipment can store the biological characteristic got and external hardware feature with equipment
Compare, and obtain comparative result.
204th, according to comparative result control device;
If biological characteristic and outside that comparative result is the biological characteristic got have been stored with external hardware feature and equipment
Hardware characteristics are matched or are consistent, then user can enter equipment, and otherwise equipment can be to field feedback.It is above-mentioned anti-to user
Feedforward information can specifically include feedback error reason and solution etc..
By the way that user biological feature and external hardware are bound, and using hardware physical features function can not duplication characteristic
Mode, the method that the embodiment of the present invention improves device security by binding external hardware can increase substantially equipment
Security, and then ensure the privacy and interests of user.
205th, user related information data is encrypted;
User related information data can be that device interior is collected or be stored in external hardware, these use
Privacy and safety of the family relevant information data due to being related to user, therefore user related information data is being transmitted or made
With before, user related information data can be encrypted.
206th, user related information data is provided to licensed-in four directions.
User related information data, can be specifically webpage goods browse vestige, location information or the Download History of user
Deng, because these information are the reflections of user's custom and hobby, therefore can be that businessman or application service provider provide guide, thus
These information are to belong to valuable information.Licensed-in four directions, can obtain the user related information money of equipment offer
Expect, then user related information data can be provided and used by four directions to application or service provider, and four directions can be according to the use
Benefit produced by the relevant information data of family is provided to user to be divided into or preferential.
It should be noted that being applied by user related information data through licensed-in fourth direction or service provider's offer
Can occur in encryption channel during use, that is, user equipment is directly over encryption channel to application or serviced
Business provides user related information data, can so ensure that user related information data will not divulge a secret to four directions.
The application process of the embodiment of the present invention is illustrated with an instantiation below:
Equipment in this example is mobile phone, and user biological is characterized as iris feature, and external hardware is the branch that third party provides
Validator is paid, can be realized during above-mentioned payment verification device access mobile phone and exempt from password direct payment.The mobile phone of the present invention is by rainbow
Film feature and payment verification device are bound, and user is in use, by payment verification device is by earphone interface, Micro interfaces or special connects
Mouth access mobile phone, then has mobile phone typing iris feature, after being verified, user, which can realize, exempts from password direct payment.By
Iris feature and payment verification device are bound in mobile phone, so even except obtaining mobile phone and branch simultaneously with other people outdoor
Pay validator and can not also use and exempt from password direct payment function, so as to ensure the account safety of user.In addition payment verification
Device can collect the use information of user during user's use, and above-mentioned use information can be paid including user
Commodity, positional information and browse vestige, these information typically only use for the issuer secret of payment verification device, the present invention
In, user can be provided correlation to licensed-in four directions or the third party for providing payment verification device by way of mandate
Information.It should be noted that user related information can be supplied to service by paid mode or applied by above-mentioned four directions
Developer is used, and paid gained is returned into the user of offer user related information by being divided into or providing preferential mode, on
State service or application developers can directly by encrypted tunnel from user equipment, this example be mobile phone, middle reception user phase
Information is closed, without by four directions, the method can reduce the risk of user related information leakage.
By the way that user biological feature and external hardware are bound, and the user profile that external hardware is collected is permitted or authorized
The mode used, the method that the embodiment of the present invention improves device security by binding external hardware can be increased substantially and set
Standby security, while ensureing the privacy and interests of user, can increase user's by being divided into or providing preferential mode
Income.
The method second embodiment that the present invention improves device security by binding hardware is described above, is described below
The 3rd embodiment of the method for device security is improved by binding hardware, referring to Fig. 3, by tying up in the embodiment of the present invention
Determine hardware includes come the 3rd embodiment for the method for improving device security:
301st, gather the biological characteristic of user and obtain the internal hardware feature of internal hardware to be bound;
Before equipment is by the biological characteristic of user and internal hardware binding, it can first gather the biological characteristic of user and obtain
Take the internal hardware feature of internal hardware to be bound.
Above-mentioned biological characteristic can specifically include one kind in fingerprint characteristic, face characteristic, iris feature and vocal print feature
Or it is a variety of, the biological characteristic of above-mentioned collection user can specifically include:By the fingerprint characteristic of fingerprint module collection user, and/
Or the face characteristic and/or iris feature of user are gathered by camera, and/or it is special by the vocal print of microphone collection user
Levy.
The corresponding internal hardware of device interior hardware is characterized as that the physics of the internal hardware can not copy function
(Physically Un-clonable Function, PUF), the said equipment internal hardware is specifically as follows the internal memory of equipment.
It should be noted that if device interior hardware is the internal memory of equipment, the PUF of internal memory can be obtained in the following way
:Because single internal storage location is under physical boundary conditions(Under the conditions of non-normal use, such as initial phase or processing physics thorn
In the case of swashing), can occur with certain probability 0 or 1 result, but statistically, in being total to for enough internal storage location
Under same boundary condition, consistent characteristic occurs in its result counted, therefore the PUF of internal memory can be obtained with the method, inside
Deposit and randomly select internal storage location, unified result is produced on the internal storage location chosen using error correction
Obtain the PUF of internal memory.
302nd, biological characteristic and internal hardware feature are bound by setting rule;
After the biological characteristic for gathering user and the internal hardware feature for obtaining internal hardware to be bound, it can be advised by setting
Then biological characteristic and internal hardware feature are bound.
303rd, when user enters equipment, the life that the biological characteristic got and internal hardware feature have been stored with equipment
Thing feature is compared with internal hardware feature, and obtains comparative result;
After biological characteristic and internal hardware feature are bound by setting rule, if user needs to enter or access equipment,
Biological characteristic and internal hardware feature that the equipment can store the biological characteristic got and internal hardware feature with equipment
Compare, and obtain comparative result.
304th, according to comparative result control device.
If comparative result is the biological characteristic and hardware characteristics that the biological characteristic got has been stored with hardware characteristics and equipment
Match or be consistent, then user can enter equipment, and otherwise equipment can be to field feedback.It is above-mentioned to have to field feedback
Body can include feedback error reason and solution etc..
The application process of the embodiment of the present invention is illustrated with an instantiation below:
Assuming that in the presence of several by user biological feature and the user equipment of internal hardware feature binding, each user equipment
Between can mutually bind, for the user equipment bound, because itself there is open service or application in each user equipment,
Therefore the binding of service or application can be reached by the binding of user equipment, and services the binding between application due to user
Based on equipment, thus with very high security, and very big facility can be brought to the use of user.
Equipment described in the inventive method can specifically include:Mobile phone or tablet personal computer.
By the way that user biological feature and internal hardware are bound, and utilize the not reproducible of internal hardware physical features function
The mode of characteristic, the method that the embodiment of the present invention improves device security by binding internal hardware can be increased substantially and set
Standby security, and then ensure the privacy and interests of user.
The method 3rd embodiment that the present invention improves device security by binding hardware is described above, is described below
The device embodiment of device security is improved by binding hardware, referring to Fig. 4, by binding hardware in the embodiment of the present invention
Include the device embodiment that improves device security:
Acquisition module 401 is gathered, for gathering the biological characteristic of user and obtaining the hardware characteristics of hardware to be bound;
Binding module 402, for binding biological characteristic and hardware characteristics by setting rule;
Comparison module 403, for when user enters equipment, by the biological characteristic got and hardware characteristics with equipment
The biological characteristic of storage is compared with hardware characteristics, and obtains comparative result;
Control module 404, for according to comparative result control device.
Alternatively,
Gathering acquisition module 401 includes collecting unit 4011 and acquiring unit 4012;
Collecting unit 4011 is used for the biological characteristic for gathering user;
Acquiring unit 4012 is used for the hardware characteristics for obtaining hardware to be bound.
Alternatively,
Collecting unit 4011 includes:
Fingerprint module and/or camera and/or microphone, wherein,
Fingerprint module is used for the fingerprint characteristic for gathering user;
Camera is used for the face characteristic and/or iris feature for gathering user;
Microphone is used for the vocal print feature for gathering user.
In the embodiment of the present invention, collection acquisition module 401 gathers the biological characteristic of user and obtains hardware to be bound first
Hardware characteristics;Then binding module 402 is bound the biological characteristic and the hardware characteristics by setting rule;Then when with
When family enters equipment, the biological characteristic that comparison module 403 has stored the biological characteristic got and hardware characteristics and equipment with
Hardware characteristics compare, and obtain comparative result;Last control module 404 controls the equipment according to the comparative result;Wherein
Gathering acquisition module 401 includes collecting unit 4011 and acquiring unit 4012;Collecting unit 4011 is used for the biology for gathering user
Feature;Acquiring unit 4012 is used for the hardware characteristics for obtaining hardware to be bound.By by user biological feature and external hardware or
The mode of internal hardware binding, methods and apparatus of the present invention has advantages below:
1st, using by the binding of the biological characteristic of hardware and user, and hardware physical features function can not duplication characteristic side
Formula, can increase substantially the security of equipment, and then ensure the privacy and interests of user;
2nd, because hardware and the biological characteristic of user are mutually bound, therefore it can conveniently realize that the safety between multi-user is tied up
It is fixed, so as to provide facility for the interaction between multi-user.
The device embodiment that the present invention improves device security by binding hardware is described above, is described below and passes through
Binding hardware improves equipment safety to improve in the system embodiment of device security, the embodiment of the present invention by binding hardware
The system of property, including:
The device of device security is improved at least two such as the embodiment of the present invention by binding hardware;
User has mutual mapping relations, described device and application or service binding with described device;
Between user described at least two,
Or
Between at least two described devices,
Or
Between user described at least two and at least two described devices,
Or
Realize and tie up by the binding of the mutual mapping relations between one user and at least two described devices
It is fixed.
The system of the embodiment of the present invention also specifically has the embodiment of the present invention due to the device comprising the embodiment of the present invention
The advantage of device, is not repeated here.It should be noted that the major advantage of present system is also resided in:Multiple users it
Between, or can be by the binding of its mutual mapping relations between a user and multiple equipment, or multiple users and multiple equipment
And binding is realized, like this, it can significantly improve and be tied up between the convenience that user uses, such as two equipment
It is fixed, then it is considered that having been tied up between two users when needing to interact between two users corresponding with the equipment
It is fixed, without carrying out extra judgement or binding procedure again.
In several embodiments provided herein, it should be understood that disclosed apparatus and method can be by it
Its mode is realized.For example, device embodiment described above is only schematical, for example, the division of the unit, only
Only a kind of division of logic function, can there is other dividing mode when actually realizing, such as multiple units or component can be tied
Another system is closed or is desirably integrated into, or some features can be ignored, or do not perform.It is another, it is shown or discussed
Coupling each other or direct-coupling or communication connection can be the INDIRECT COUPLINGs or logical of device or unit by some interfaces
Letter connection, can be electrical, machinery or other forms.
The unit illustrated as separating component can be or may not be it is physically separate, it is aobvious as unit
The part shown can be or may not be physical location, you can with positioned at a place, or can also be distributed to multiple
On NE.Some or all of unit therein can be selected to realize the mesh of this embodiment scheme according to the actual needs
's.
In addition, each functional unit in each embodiment of the invention can be integrated in a processing unit, can also
That unit is individually physically present, can also two or more units it is integrated in a unit.Above-mentioned integrated list
Member can both be realized in the form of hardware, it would however also be possible to employ the form of SFU software functional unit is realized.
If the integrated unit is realized using in the form of SFU software functional unit and as independent production marketing or used
When, it can be stored in a computer read/write memory medium.Understood based on such, technical scheme is substantially
The part contributed in other words to prior art or all or part of the technical scheme can be in the form of software products
Embody, the computer software product is stored in a storage medium, including some instructions are to cause a computer
Equipment(Can be personal computer, server, or network equipment etc.)Perform the complete of each embodiment methods described of the invention
Portion or part steps.And foregoing storage medium includes:USB flash disk, mobile hard disk, read-only storage(ROM, Read-Only
Memory), random access memory(RAM, Random Access Memory), magnetic disc or CD etc. are various can store journey
The medium of sequence code.
The foregoing is only a specific embodiment of the invention, but protection scope of the present invention is not limited thereto, any
Those familiar with the art the invention discloses technical scope in, change or replacement can be readily occurred in, should all be contained
Cover within protection scope of the present invention.Therefore, protection scope of the present invention described should be defined by scope of the claims.
Claims (15)
1. a kind of method that device security is improved by binding hardware, it is characterised in that including:
Gather the biological characteristic of user and obtain the hardware characteristics of hardware to be bound;
The biological characteristic and the hardware characteristics are bound by setting rule;
When user enters equipment, the biological characteristic and hardware that the biological characteristic got and hardware characteristics have been stored with equipment
Feature compares, and obtains comparative result;
The equipment is controlled according to the comparative result.
2. the method according to claim 1 that device security is improved by binding hardware, it is characterised in that
The biological characteristic includes fingerprint characteristic and/or face characteristic and/or iris feature and/or vocal print feature.
3. the method according to claim 2 that device security is improved by binding hardware, it is characterised in that described to adopt
The biological characteristic of collection user includes:
The fingerprint characteristic of user is gathered by fingerprint module,
And/or
The face characteristic and/or iris feature of user is gathered by camera,
And/or
The vocal print feature of user is gathered by microphone.
4. the method according to claim 1 that device security is improved by binding hardware, it is characterised in that
The hardware to be bound includes external hardware or the device interior hardware.
5. the method according to claim 4 that device security is improved by binding hardware, it is characterised in that
The hardware to be bound is external hardware;
The corresponding hardware characteristics of the external hardware are hardware data or parameter;
The external hardware is that third party provides or certification.
6. the method according to claim 5 that device security is improved by binding hardware, it is characterised in that the side
Method also includes:
User related information data is provided to licensed-in four directions.
7. the method according to claim 6 that device security is improved by binding hardware, it is characterised in that
The user related information data is provided and used by the licensed-in fourth direction application or service provider.
8. the method according to claim 6 that device security is improved by binding hardware, it is characterised in that in step
Also include before providing user related information data to licensed-in four directions:
The user related information data is encrypted.
9. the method according to claim 4 that device security is improved by binding hardware, it is characterised in that
The hardware to be bound is device interior hardware;
The corresponding hardware characteristics of the device interior hardware can not copy function (Physically for the physics of the internal hardware
Un-clonable Function, PUF).
10. the method according to claim 9 that device security is improved by binding hardware, it is characterised in that
The device interior hardware is the internal memory of equipment.
11. the method according to any one of claim 1 to 10 that device security is improved by binding hardware, it is special
Levy and be, the equipment includes:Mobile phone or tablet personal computer.
12. a kind of device that device security is improved by binding hardware, it is characterised in that including:
Acquisition module is gathered, for gathering the biological characteristic of user and obtaining the hardware characteristics of hardware to be bound;
Binding module, for binding the biological characteristic and the hardware characteristics by setting rule;
Comparison module, for when user enters equipment, the biological characteristic got and hardware characteristics to have been stored with equipment
Biological characteristic is compared with hardware characteristics, and obtains comparative result;
Control module, for controlling the equipment according to the comparative result.
13. the device according to claim 12 that device security is improved by binding hardware, it is characterised in that
The collection acquisition module includes collecting unit and acquiring unit;
The collecting unit is used for the biological characteristic for gathering user;
The acquiring unit is used for the hardware characteristics for obtaining hardware to be bound.
14. the device according to claim 13 that device security is improved by binding hardware, it is characterised in that described
Collecting unit includes:
Fingerprint module and/or camera and/or microphone, wherein,
The fingerprint module is used for the fingerprint characteristic for gathering user;
The camera is used for the face characteristic and/or iris feature for gathering user;
The microphone is used for the vocal print feature for gathering user.
15. a kind of system that device security is improved by binding hardware, it is characterised in that including:
At least two devices that device security is improved by binding hardware as described in claim 12 to 14;
User has mutual mapping relations, described device and application or service binding with described device;
Between user described at least two,
Or
Between at least two described devices,
Or
Between user described at least two and at least two described devices,
Or
Binding is realized by the binding of the mutual mapping relations between one user and at least two described devices.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410145855.3A CN103886233B (en) | 2014-04-11 | 2014-04-11 | Method, the apparatus and system of device security are improved by binding hardware |
| PCT/CN2014/081356 WO2015154341A1 (en) | 2014-04-11 | 2014-07-01 | Method, device and system for improving device security by hardware binding |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410145855.3A CN103886233B (en) | 2014-04-11 | 2014-04-11 | Method, the apparatus and system of device security are improved by binding hardware |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN103886233A CN103886233A (en) | 2014-06-25 |
| CN103886233B true CN103886233B (en) | 2017-08-04 |
Family
ID=50955122
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410145855.3A Active CN103886233B (en) | 2014-04-11 | 2014-04-11 | Method, the apparatus and system of device security are improved by binding hardware |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN103886233B (en) |
| WO (1) | WO2015154341A1 (en) |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103886233B (en) * | 2014-04-11 | 2017-08-04 | 快车科技有限公司 | Method, the apparatus and system of device security are improved by binding hardware |
| CN116244757A (en) * | 2023-03-15 | 2023-06-09 | 武汉天楚云计算有限公司 | Computer equipment monitoring alarm method |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1869999A (en) * | 2006-06-28 | 2006-11-29 | 北京飞天诚信科技有限公司 | Protection method and device for opening computer |
| CN103152157A (en) * | 2013-02-04 | 2013-06-12 | 快车科技有限公司 | Secure encrypted method and relevant device |
Family Cites Families (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP2007108895A (en) * | 2005-10-12 | 2007-04-26 | Dainippon Printing Co Ltd | Atm and biometrics method by atm |
| CN202650013U (en) * | 2012-04-28 | 2013-01-02 | 鹤山世达光电科技有限公司 | Bank USB key-based fingerprint adapter and system |
| CN203311420U (en) * | 2013-04-18 | 2013-11-27 | 杨德贵 | Intelligent control USB key |
| CN103324879B (en) * | 2013-07-05 | 2016-08-10 | 公安部第三研究所 | Mobile device is based on recognition of face and the authentication system of smart card and method |
| CN103886233B (en) * | 2014-04-11 | 2017-08-04 | 快车科技有限公司 | Method, the apparatus and system of device security are improved by binding hardware |
-
2014
- 2014-04-11 CN CN201410145855.3A patent/CN103886233B/en active Active
- 2014-07-01 WO PCT/CN2014/081356 patent/WO2015154341A1/en active Application Filing
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1869999A (en) * | 2006-06-28 | 2006-11-29 | 北京飞天诚信科技有限公司 | Protection method and device for opening computer |
| CN103152157A (en) * | 2013-02-04 | 2013-06-12 | 快车科技有限公司 | Secure encrypted method and relevant device |
Also Published As
| Publication number | Publication date |
|---|---|
| CN103886233A (en) | 2014-06-25 |
| WO2015154341A1 (en) | 2015-10-15 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103873231B (en) | Certificate server, mobile terminal and the method for using it to granting radio frequency card key | |
| CN103679457B (en) | Method of payment, the paying server and payment system for performing the method for payment | |
| CN102638447B (en) | Method and device for system login based on autonomously generated password of user | |
| CN104915832B (en) | Mobile payment, verification method and its device and system | |
| US8838988B2 (en) | Verification of transactional integrity | |
| CN104123506B (en) | Data access method, device, data encryption, storage and access method, device | |
| CN104200363B (en) | A kind of method of payment of the electronic purse system based on encrypting fingerprint | |
| CN109558340B (en) | Secure solid-state disk encryption system and method based on trusted authentication | |
| JP2019527950A (en) | Communication device, point-of-sale terminal, payment device, and method | |
| JP2000222362A (en) | Method and device for realizing multiple security check point | |
| US8312288B2 (en) | Secure PIN character retrieval and setting using PIN offset masking | |
| CN104794388B (en) | application program access protection method and application program access protection device | |
| CN103812649B (en) | Method and system for safety access control of machine-card interface, and handset terminal | |
| WO2011060115A1 (en) | One time pin generation | |
| AU2010289507A1 (en) | A personalized multifunctional access device possessing an individualized form of authenticating and controlling data exchange | |
| CN106663161A (en) | Secure host interactions | |
| CN105814590A (en) | Person-to-person payments using electronic devices | |
| Dmitrienko et al. | Secure free-floating car sharing for offline cars | |
| CN106462706A (en) | A method and apparatus for providing client-side score-based authentication | |
| CN104850764B (en) | A kind of method for protecting software and system based on smart card | |
| CN107769928A (en) | A kind of terminal and computer-readable recording medium | |
| CN107122977A (en) | A kind of payment system based on bio-identification | |
| CN107612683A (en) | A kind of encipher-decipher method, device, system, equipment and storage medium | |
| CN104346550B (en) | A kind of information processing method and a kind of electronic equipment | |
| CN111242611A (en) | Method and system for recovering digital wallet key |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |