CN104219626B - A kind of identity authentication method and device - Google Patents

A kind of identity authentication method and device Download PDF

Info

Publication number
CN104219626B
CN104219626B CN201410422915.1A CN201410422915A CN104219626B CN 104219626 B CN104219626 B CN 104219626B CN 201410422915 A CN201410422915 A CN 201410422915A CN 104219626 B CN104219626 B CN 104219626B
Authority
CN
China
Prior art keywords
mark
card
user
terminal
key
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201410422915.1A
Other languages
Chinese (zh)
Other versions
CN104219626A (en
Inventor
邓中亮
蒋卓勤
林文亮
李宁
韩可
段锦锦
侯云龙
张璘
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
BEIJING LEFU TECHNOLOGY Co Ltd
Beijing University of Posts and Telecommunications
Original Assignee
BEIJING LEFU TECHNOLOGY Co Ltd
Beijing University of Posts and Telecommunications
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by BEIJING LEFU TECHNOLOGY Co Ltd, Beijing University of Posts and Telecommunications filed Critical BEIJING LEFU TECHNOLOGY Co Ltd
Priority to CN201410422915.1A priority Critical patent/CN104219626B/en
Publication of CN104219626A publication Critical patent/CN104219626A/en
Application granted granted Critical
Publication of CN104219626B publication Critical patent/CN104219626B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Landscapes

  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The invention discloses a kind of identity authentication method and device, belong to field of locating technology.Method includes:Obtain user's mark of user and the locator card of positioning security card identifies;It is identical to judge that user's mark identifies whether with the user stored, the locator card that locator card is identified and stored identifies whether identical;If user's mark is identical with the user's mark stored and locator card mark is identical with the locator card mark stored, random number is generated, and sends random number and gives positioning safety card;The second key that positioning security card is sent is received, and is identified according to the locator card of positioning security card and obtains the 3rd key;4th key is generated according to random number and the 3rd key, judges whether the second key and the 4th key are identical;If the second key and the 4th key are identical, certification passes through.Device includes:First acquisition module, the first judge module, the first sending module, the first receiving module, the second judge module and authentication module.The present invention can improve the accuracy of certification.

Description

A kind of identity authentication method and device
Technical field
The present invention relates to field of locating technology, more particularly to a kind of identity authentication method and device.
Background technology
At present, satellite positioning tech is arranged to a service by common carrier, only customizes the end of satellite fix service End can just be positioned by satellite-signal to the position of terminal, and not customizing the terminal of satellite fix service cannot pass through Satellite-signal positions to the position of terminal.Therefore, when terminal is serviced using satellite fix, server is needed to user's Identity is authenticated to judge whether the user customizes satellite fix service.
A kind of identity authentication method, Ke Yiwei are provided in the prior art:Terminal sends the locator card of positioning security card Identify to server;Server judges that the locator card is identified whether in presence service list, and the service list is used to store fixed The locator card mark of the positioning security card of positioning service processed;If in locator card mark presence service list, authentication is led to Cross;If locator card mark is not present in service list, authentication does not pass through.
During the present invention is realized, inventor has found that prior art at least has problems with:
Authentication is only carried out to user according to locator card mark in the prior art, when other-end replicates the locator card mark Corresponding to knowledge during positioning security card, the other-end can also be serviced using satellite fix, so as to cause authentication inaccurate.
The content of the invention
In order to solve the problem of the prior art, the invention provides a kind of identity authentication method and device.Technical side Case is as follows:
On the one hand, the present invention provides a kind of identity authentication method, and methods described includes:
Obtain user's mark of user and the locator card of positioning security card identifies;
It is identical to judge that user's mark identifies whether with the user stored, and the locator card is identified and stored Locator card identify whether it is identical;
If the user identifies identical with the user's mark stored and described locator card mark and the positioning stored Card mark is identical, generates random number, and sends the random number to the positioning security card, makes the positioning security card according to institute The first key stated random number and stored generates the second key;
Second key that the positioning security card is sent is received, and is identified according to the locator card of the positioning security card Obtain the 3rd key;
4th key is generated according to the random number and the 3rd key, judges second key and described 4th close Whether key is identical;
If second key is identical with the 4th key, certification passes through.
Preferably, methods described also includes:
If user mark and the user's mark stored differ, obtain terminal enters network No. and the terminal Terminal iidentification;
Transmitter net certification request to server, the machine net certification request carry described in enter network No. and the terminal mark Know, make to enter network No. described in the server judgement and the corresponding relation of the terminal iidentification whether there is in the first list of bindings, First list of bindings is used for the corresponding relation for entering network No. and the terminal iidentification of terminal for storing the terminal bound;
Receive the server determine it is described enter network No. and the terminal iidentification corresponding relation the first binding be present The machine net certification sent when in list passes through response;
According to the machine net certification by passing through in response to determining that going out to the terminating machine net certification.
Preferably, methods described also includes:
Transmitter card number certification request gives the server, and the machine card number certification request carries the terminal iidentification, institute State locator card mark and the user mark, make the server judge the terminal iidentification, the locator card identify and it is described The corresponding relation of user's mark whether there is in the second list of bindings, and second list of bindings is used to store the terminal bound Terminal iidentification, positioning security card locator card mark and user user mark corresponding relation;
Receive the server and determining that the terminal iidentification, the locator card identify and user mark has institute State the machine card number certification occurred when in the second list of bindings and pass through response;
According to the machine card number certification by recognizing in response to determining that going out the terminal, the positioning security card and the user Card passes through.
Preferably, methods described also includes:
Store user's mark of the user and the locator card of the positioning security card identifies;
The first key is generated, and sends the first key to the positioning security card.
Preferably, methods described also includes:
The first bind request is sent to server, the first bind request carried terminal enters network No. and the terminal Terminal iidentification, make the server by it is described enter network No. and the terminal iidentification corresponding relation be stored in the first list of bindings In;
The second bind request is sent to the server, second bind request carry the terminal terminal iidentification, The locator card mark of the positioning security card and the user of the user identify, and make the server by the terminal iidentification, institute State locator card mark and user mark is stored in the second list of bindings.
On the other hand, the invention provides a kind of device of authentication, described device to include:
First acquisition module, the user for obtaining user identifies and the locator card of positioning security card identifies;
First judge module, for judge user mark and the user stored identify whether it is identical and described The locator card that locator card is identified and stored identifies whether identical;
First sending module, if identical with the user's mark stored for user mark and described locator card mark Know, generation random number identical with the locator card mark stored, and send the random number to the positioning security card, make described Positioning security card generates the second key according to the random number and the first key stored;
First receiving module, second key sent for receiving the positioning security card, and according to the positioning The locator card mark of safety card obtains the 3rd key;
Second judge module, for generating the 4th key according to the random number and the 3rd key, judge described the Whether two keys and the 4th key are identical;
Authentication module, if identical with the 4th key for second key, certification passes through.
Preferably, described device also includes:
Second acquisition module, if the user's mark for identifying and having stored for the user differs, obtain terminal Enter network No. and the terminal iidentification of the terminal;
Second sending module, for transmitter net certification request to server, the machine net certification request carry described in enter Network No. and the terminal iidentification, make to enter network No. described in the server judgement and the corresponding relation of the terminal iidentification whether there is In first list of bindings, what first list of bindings was used to storing the terminal bound enters network No. and the terminal iidentification of terminal Corresponding relation;
Second receiving module, for receive the server determine it is described enter network No. and the terminal iidentification correspondence The machine net certification sent when in the first list of bindings be present and pass through response in relation;
First determining module, for according to the machine net certification by leading in response to determining that going out to the terminating machine net certification Cross.
Preferably, described device also includes:
3rd sending module, the server is given for transmitter card number certification request, the machine card number certification request is taken With the terminal iidentification, locator card mark and user mark, the server is set to judge the terminal iidentification, described Locator card identifies and the corresponding relation of user mark whether there is in the second list of bindings, and second list of bindings is used for Store the corresponding relation of user's mark of the terminal iidentification for the terminal bound, the locator card mark of positioning security card and user;
3rd receiving module, for receive the server determine the terminal iidentification, the locator card mark and The machine card number certification occurred when in second list of bindings be present and pass through response in user's mark;
Second determining module, for being passed through according to the machine card number certification in response to determining that going out to the terminal, the positioning Safety card and the user authentication pass through.
Preferably, described device also includes:
Memory module, the user for storing the user identifies and the locator card of the positioning security card identifies;
Generation module, for generating the first key, and the first key is sent to the positioning security card.
Preferably, described device also includes:
4th sending module, for sending the first bind request to server, the first bind request carried terminal Enter network No. and the terminal iidentification of the terminal, make the server by it is described enter network No. and the terminal iidentification corresponding relation deposit Storage is in the first list of bindings;
5th sending module, institute is carried to the server, second bind request for sending the second bind request User's mark of the terminal iidentification of terminal, the locator card mark of the positioning security card and the user is stated, makes the server The terminal iidentification, locator card mark and user mark are stored in the second list of bindings.
In the present invention, if user's mark is identical with the user's mark stored and locator card mark is determined with what is stored Position card mark is identical, generates random number, and sends random number and give positioning safety card, makes positioning security card according to random number and has deposited The first key of storage generates the second key;The second key that positioning security card is sent is received, and according to the positioning of positioning security card Card mark obtains the 3rd key;4th key is generated according to random number and the 3rd key, judges that the second key and the 4th key are It is no identical;If the second key and the 4th key are identical, certification passes through.As long as so as to terminal or any appearance of positioning security card Piracy by certification, can not improve the accuracy of certification.
Brief description of the drawings
Fig. 1 is a kind of identity authentication method flow chart that the embodiment of the present invention 1 provides;
Fig. 2 is a kind of identity authentication method flow chart that the embodiment of the present invention 2 provides;
Fig. 3 is a kind of apparatus structure schematic diagram for authentication that the embodiment of the present invention 3 provides.
Embodiment
To make the object, technical solutions and advantages of the present invention clearer, below in conjunction with accompanying drawing to embodiment party of the present invention Formula is described in further detail.
Embodiment 1
The embodiments of the invention provide a kind of identity authentication method, referring to Fig. 1, wherein, this method includes:
Step 101:Obtain user's mark of user and the locator card of positioning security card identifies;
Step 102:It is identical to judge that user's mark identifies whether with the user stored, and locator card is identified and stored Locator card identify whether it is identical;
Step 103:If user identifies and locator card identical with the user's mark stored mark and the positioning stored Card mark is identical, generates random number, and sends random number and give positioning safety card, makes positioning security card according to random number and has stored First key generate the second key;
Step 104:The second key that positioning security card is sent is received, and is identified and obtained according to the locator card of positioning security card 3rd key;
Step 105:4th key is generated according to random number and the 3rd key, judge the second key and the 4th key whether phase Together;
Step 106:If the second key and the 4th key are identical, certification passes through.
Preferably, method also includes:
If user's mark that user identifies and stored differs, obtain terminal enters network No. and the terminal mark of terminal Know;
Transmitter net certification request is carried into network No. and terminal iidentification to server, machine net certification request, sentences server The corresponding relation for breaking network No. and terminal iidentification whether there is in the first list of bindings, and the first list of bindings, which is used to store, has bound Terminal the corresponding relation for entering network No. and the terminal iidentification of terminal;
The reception server is sent when the corresponding relation for determining network No. and terminal iidentification is present in the first list of bindings Machine net certification pass through response;
According to the certification of machine net by passing through in response to determining that going out to terminating machine net certification.
Preferably, method also includes:
Transmitter card number certification request is to server, machine card number certification request carried terminal mark, locator card mark and use Family identifies, and server is judged that the corresponding relation of terminal iidentification, locator card mark and user's mark arranges with the presence or absence of the second binding In table, the second list of bindings is used to store the terminal iidentification for the terminal bound, the locator card mark of positioning security card and user User mark corresponding relation;
The reception server is sent out when determining that terminal iidentification, locator card mark and user's mark are present in the second list of bindings Raw machine card number certification passes through response;
According to the certification of machine card number by passing through in response to determining that going out to terminal, positioning security card and user authentication.
Preferably, method also includes:
Store user's mark of user and the locator card of positioning security card identifies;
First key is generated, and sends first key and gives positioning safety card.
Preferably, method also includes:
Send the first bind request and enter network No. and the terminal mark of terminal to server, the first bind request carried terminal Know, make server that the corresponding relation for entering network No. and terminal iidentification is stored in the first list of bindings;
The second bind request is sent to server, the terminal iidentification of the second bind request carried terminal, positioning security card Locator card identifies and the user of user identifies, and makes server that terminal iidentification, locator card mark and user's mark are stored in into second In list of bindings.
In the present invention, if user's mark is identical with the user's mark stored and locator card mark is determined with what is stored Position card mark is identical, generates random number, and sends random number and give positioning safety card, makes positioning security card according to random number and has deposited The first key of storage generates the second key;The second key that positioning security card is sent is received, and according to the positioning of positioning security card Card mark obtains the 3rd key;4th key is generated according to random number and the 3rd key, judges that the second key and the 4th key are It is no identical;If the second key and the 4th key are identical, certification passes through.As long as so as to terminal or any appearance of positioning security card Piracy by certification, can not improve the accuracy of certification.
Embodiment 2
The embodiments of the invention provide a kind of identity authentication method, referring to Fig. 2, wherein, this method includes:
Step 201:Obtain user's mark of user and the locator card of positioning security card identifies;
Before terminal carries out positioning service, terminal obtains user's mark of user and the locator card of positioning security card identifies, Determine whether the user with positioning service authorizes terminal, operator authorizes and map according to user's mark and locator card mark Authorize.
Wherein, positioning security card is used to store location data;Terminal is any terminal with positioning function, as terminal is Mobile phone or tablet personal computer with positioning function etc.;User's mark can be phone number of terminal etc.;Locator card mark can Think GUID (Globally Unique Identifier GUIDs) of positioning security card etc..
Step 202:It is identical to judge that user's mark identifies whether with the user stored, and locator card is identified and stored Locator card identify whether it is identical;
Before this step, terminal will store the user's mark bound and locator card identifies, and in this step, judges to use Family identifies and the user that has stored identify whether it is identical, and locator card mark and the locator card that has stored identify whether it is identical, If user's mark is identical with the user's mark stored and locator card mark is identical with the locator card mark stored, step is performed Rapid 203;The locator card mark that if user's mark that user identifies and stored is differed or locator card is identified and stored Differ, perform step 206.
Step 203:Random number is generated, and sends random number and gives positioning safety card;
Terminal generates random number at random, and is identified according to the locator card of positioning security card and send random number to positioning security Card;The random number that positioning security card receiving terminal is sent, and obtain the first key that has stored, according to random number and store First key generates the second key, sends the second key to terminal, performs step 204.
Before this step, after positioning security card and terminal binding, terminal sends first key and gives positioning safety card; The first key that positioning security card receiving terminal is sent, and store first key.
Step 204:The second key that positioning security card is sent is received, and is identified and obtained according to the locator card of positioning security card 3rd key;
Before this step, after terminal is bound with positioning security card, terminal generates the 3rd key according to terminal iidentification, deposits Store up the locator card mark of positioning security card and the corresponding relation of the 3rd key.Accordingly, according to the locator card mark of positioning security card Knowing the 3rd key of acquisition can be:Identified according to the locator card of positioning security card, from locator card mark and the correspondence of the 3rd key The 3rd key is obtained in relation.
Step 205:4th key is generated according to random number and the 3rd key, judge the second key and the 4th key whether phase Together, it is if identical, perform step 206;If not by performing step 207;
4th key is generated according to random number and the 3rd key, judges whether the second key and the 4th key are identical, if It is identical, determine that terminal and positioning security card have been completed to bind, also authentication authorization and accounting is by performing step 206;If the second key and 4th key differs, and determines that terminal and positioning security card are not completed to bind, also authentication authorization and accounting not by, perform step 207, Carry out machine net certification and machine card number certification.
Step 206:Determine authentication by terminating.
Step 207:Obtain terminal enters network No. and the terminal iidentification of terminal, and transmitter net certification request, should to server Machine net certification request is carried into network No. and terminal iidentification;
When terminal networks, terminal obtains terminal and uniquely enters network No., and is stored into network No., in this step, obtains Storage enters network No..Terminal transmitter net certification request is carried into network No. and terminal iidentification to server, the machine net certification request; The machine net certification request that server receiving terminal is sent, and obtained in slave net certification request into network No. and terminal iidentification, judge The corresponding relation for entering network No. and terminal iidentification whether there is in the first list of bindings, and the first list of bindings is used to store what is bound The corresponding relation for entering network No. and the terminal iidentification of terminal of terminal;If there is in the first list of bindings, transmitter net certification is led to Cross and respond to terminal, perform step 208.If there is no in the first list of bindings, the certification of transmitter net is not by responding to end End.
Further, terminal receive server transmission the certification of machine net not by response after, terminate.
Before this step, what terminal obtained terminal enters network No. and the terminal iidentification of terminal, send the first bind request to Server, the first bind request carried terminal enter network No. and the terminal iidentification of terminal.The first of server receiving terminal transmission Bind request, terminal is obtained from the first bind request enters network No. and the terminal iidentification of terminal, and by terminal enter network No. and The corresponding relation of the terminal iidentification of terminal is stored in the first list of bindings.
The terminal iidentification of terminal can be IMEI (the International Mobile Equipment of terminal Identity, mobile device international identity code) etc..
Step 208:The reception server is determining the first list of bindings be present into the corresponding relation of network No. and terminal iidentification The machine net certification sent when middle is by response, and according to the certification of machine net by passing through in response to determining that going out to terminating machine net certification;
Terminal determines to the certification of machine net that by rear execution step 208 is authenticated to machine card number.
Step 209:Transmitter card number certification request is to server, machine card number certification request carried terminal mark, positioning Card mark and user's mark;
Specifically, terminal obtains user's mark of the terminal iidentification of terminal, the locator card mark of positioning security card and user, Transmitter card number certification request is to server, machine card number certification request carried terminal mark, locator card mark and user's mark; The machine card number certification request that server receiving terminal is sent, terminal iidentification, locator card mark are obtained from the machine card number certification request Know and user identifies, and judge the corresponding relation of terminal iidentification, locator card mark and user's mark with the presence or absence of the second binding row In table, the second list of bindings is used to store the terminal iidentification for the terminal bound, the locator card mark of positioning security card and user User mark corresponding relation;If there is in the second list of bindings, the certification of transmitter card number is performed by responding to terminal Step 209.If there is no in the second list of bindings, the certification of transmitter card number is not by responding to terminal.
Further, terminal receive server transmission the certification of machine card number not by response after, terminate.
Before this step, terminal obtains the terminal iidentification of terminal, the locator card mark of positioning security card and the use of user Family identifies, and sends the second bind request to server, and the terminal iidentification of the first bind request carried terminal, positioning security card are determined The user of position card mark and user identify.The second bind request that server receiving terminal is sent, is obtained from the second bind request Take user's mark of the terminal iidentification of terminal, the locator card mark of positioning security card and user, and by the terminal iidentification of terminal, fixed The corresponding relation that the locator card mark of position safety card and the user of user identify is stored in the second list of bindings.
Further, terminal can also obtain the encryption key of positioning security card, pass through the encryption keys positioning The locator card mark of safety card, the terminal iidentification of the second bind request carried terminal, the locator card of the positioning security card of encryption The user of mark and user identify.After server receives the second bind request, terminal is obtained from second bind request Terminal iidentification, the locator card mark of positioning security card and user's mark of user of encryption, and decruption key is obtained, pass through decryption The locator card of the positioning security card of the secret key decryption encryption identifies to obtain the locator card mark of positioning security card.
Step 210:The reception server is determining terminal iidentification, locator card mark and user's mark in the presence of the second binding row The machine card number certification occurred when in table by response, and according to machine card number authentication response determine to terminal, positioning security card and User authentication passes through;
By rear, terminal realizes terminal by following steps 210 and step 211 for terminal-pair machine net certification and machine card number certification It is associated with positioning security card.
Step 211:Store user's mark of user and the locator card of positioning security card identifies;
To the certification of terminating machine net and the certification of machine card number by rear, user's mark and the positioning of positioning security card of user are stored Card mark, to determine whether terminal changes user's mark and positioning security card according to according to user's mark and locator card mark.
It should be noted that the association certification of machine card is two-way, positioning security card also uses above flow certification terminal.
Further, after user's mark of terminal storage user and the locator card of positioning security card identify, terminal is sent The locator card of positioning security card is identified to server;The locator card mark for the positioning security card that server receiving terminal is sent, and Judge whether the positioning security card customizes positioning service, so as to realize the continuity of checking positioning security card.
It should be noted that only legal terminal, positioning security card and user's mark could obtain positioning service Access right, namely terminal authentication can use positioning service by rear, and method provided by the invention can recognize that pirate whole End, pirate positioning security card and user's mark.
Step 212:First key is generated, and sends first key and gives positioning safety card.
After terminal associates with positioning security card, first key is generated, first key is sent and gives positioning safety card, depending on Position safety card can be according to first key and the key of generating random number second.
In the present invention, if user's mark is identical with the user's mark stored and locator card mark is determined with what is stored Position card mark is identical, generates random number, and sends random number and give positioning safety card, makes positioning security card according to random number and has deposited The first key of storage generates the second key;The second key that positioning security card is sent is received, and according to the positioning of positioning security card Card mark obtains the 3rd key;4th key is generated according to random number and the 3rd key, judges that the second key and the 4th key are It is no identical;If the second key and the 4th key are identical, certification passes through.As long as so as to terminal or any appearance of positioning security card Piracy by certification, can not improve the accuracy of certification.
Embodiment 3
The embodiments of the invention provide a kind of device of authentication, referring to Fig. 3, wherein, the device includes:
On the other hand, the invention provides a kind of device of authentication, device to include:
First acquisition module 301, the user for obtaining user identifies and the locator card of positioning security card identifies;
First judge module 302, for judging user's mark and the user that has stored identifies whether identical, and locator card Mark and the locator card stored identify whether identical;
First sending module 303, if for user's mark and locator card identical with the user's mark stored identify with Stored locator card mark it is identical, generate random number, and send random number to positioning safety card, make positioning security card according to Machine number and the first key stored generate the second key;
First receiving module 304, for receiving the second key of positioning security card transmission, and determined according to positioning security card Position card mark obtains the 3rd key;
Second judge module 305, for generating the 4th key according to random number and the 3rd key, judge the second key and the Whether four keys are identical;
Authentication module 306, if identical for the second key and the 4th key, certification passes through.
Preferably, device also includes:
Second acquisition module, if the user's mark for identifying and having stored for user differs, obtain the networking of terminal Number and terminal terminal iidentification;
Second sending module, carried for transmitter net certification request to server, machine net certification request into network No. and end End mark, server is set to judge that the corresponding relation of network No. and terminal iidentification whether there is in the first list of bindings, the first binding List is used for the corresponding relation for entering network No. and the terminal iidentification of terminal for storing the terminal bound;
Second receiving module, determining there is first into the corresponding relation of network No. and terminal iidentification for the reception server The machine net certification sent when in list of bindings passes through response;
First determining module, for according to the certification of machine net by passing through in response to determining that going out to terminating machine net certification.
Preferably, device also includes:
3rd sending module, for transmitter card number certification request to server, machine card number certification request carried terminal mark Knowledge, locator card mark and user's mark, server is set to judge that the corresponding relation of terminal iidentification, locator card mark and user's mark is No to exist in the second list of bindings, the second list of bindings is used to storing the terminal iidentification of terminal bound, positioning security card The corresponding relation that locator card identifies and the user of user identifies;
3rd receiving module, terminal iidentification, locator card mark and user's mark presence are being determined for the reception server The machine card number certification occurred when in the second list of bindings passes through response;
Second determining module, for being passed through according to the certification of machine card number in response to determining that going out to terminal, positioning security card and user Certification passes through.
Preferably, device also includes:
Memory module, the user for storing user identifies and the locator card of positioning security card identifies;
Generation module, for generating first key, and send first key and give positioning safety card.
Preferably, device also includes:
4th sending module, for sending the first bind request to server, the networking of the first bind request carried terminal Number and terminal terminal iidentification, make server that the corresponding relation for entering network No. and terminal iidentification is stored in the first list of bindings;
5th sending module, for sending the second bind request to server, the terminal of the second bind request carried terminal User's mark of mark, the locator card mark of positioning security card and user, makes server that terminal iidentification, locator card are identified and used Family mark is stored in the second list of bindings.
In the present invention, if user's mark is identical with the user's mark stored and locator card mark is determined with what is stored Position card mark is identical, generates random number, and sends random number and give positioning safety card, makes positioning security card according to random number and has deposited The first key of storage generates the second key;The second key that positioning security card is sent is received, and according to the positioning of positioning security card Card mark obtains the 3rd key;4th key is generated according to random number and the 3rd key, judges that the second key and the 4th key are It is no identical;If the second key and the 4th key are identical, certification passes through.As long as so as to terminal or any appearance of positioning security card Piracy by certification, can not improve the accuracy of certification.
It should be noted that:The device for the authentication that above-described embodiment provides is in authentication, only with above-mentioned each work( Can module division progress for example, in practical application, can be as needed and by above-mentioned function distribution by different functions Module is completed, i.e., the internal structure of device is divided into different functional modules, described above all or part of to complete Function.In addition, the device for the authentication that above-described embodiment provides belongs to same design with identity authentication method embodiment, its Specific implementation process refers to embodiment of the method, repeats no more here.
One of ordinary skill in the art will appreciate that hardware can be passed through by realizing all or part of step of above-described embodiment To complete, by program the hardware of correlation can also be instructed to complete, described program can be stored in a kind of computer-readable In storage medium, storage medium mentioned above can be read-only storage, disk or CD etc..
The foregoing is only presently preferred embodiments of the present invention, be not intended to limit the invention, it is all the present invention spirit and Within principle, any modification, equivalent substitution and improvements made etc., it should be included in the scope of the protection.

Claims (8)

1. a kind of identity authentication method, it is characterised in that methods described includes:
Obtain user's mark of user and the locator card of positioning security card identifies;
It is identical to judge that user's mark identifies whether with the user stored, and locator card mark is determined with what is stored Position card identifies whether identical;
If the user identifies identical with the user's mark stored and described locator card mark and the locator card mark stored It is sensible same, generate random number, and send the random number to the positioning security card, make the positioning security card according to Machine number and the first key stored generate the second key;Receive second key that the positioning security card is sent, and root The 3rd key is obtained according to the locator card mark of the positioning security card;According to the random number and the 3rd key generation the 4th Key, judge whether second key and the 4th key are identical;If second key and the 4th key phase Together, certification passes through;
If user's mark and the user's mark stored differ, the terminal for entering network No. and the terminal of terminal is obtained Mark;Transmitter net certification request to server, the machine net certification request carry described in enter network No. and the terminal iidentification, make The server enters network No. and the corresponding relation of the terminal iidentification whether there is in the first list of bindings described in judging, and described the One list of bindings is used for the corresponding relation for entering network No. and the terminal iidentification of terminal for storing the terminal bound;Receive the service The machine net that device is sent when the corresponding relation for entering network No. and the terminal iidentification described in determining is present in the first list of bindings is recognized Card passes through response;According to the machine net certification by passing through in response to determining that going out to the terminating machine net certification.
2. the method as described in claim 1, it is characterised in that methods described also includes:
Transmitter card number certification request gives the server, and the machine card number certification request carries the terminal iidentification, described fixed Position card mark and user mark, the server is set to judge the terminal iidentification, locator card mark and the user The corresponding relation of mark whether there is in the second list of bindings, and second list of bindings is used for the end for storing the terminal bound The corresponding relation of user's mark of end mark, the locator card mark of positioning security card and user;
Receive the server and determining that the terminal iidentification, locator card mark and user mark have described the The machine card number certification occurred when in two list of bindings passes through response;
According to the machine card number certification by leading in response to determining that going out to the terminal, the positioning security card and the user authentication Cross.
3. method as claimed in claim 2, it is characterised in that methods described also includes:
Store user's mark of the user and the locator card of the positioning security card identifies;
The first key is generated, and sends the first key to the positioning security card.
4. the method as described in claim 1, it is characterised in that methods described also includes:
The first bind request is sent to server, the terminal for entering network No. and the terminal of the first bind request carried terminal Mark, make the server by it is described enter network No. and the terminal iidentification corresponding relation be stored in the first list of bindings;
The second bind request is sent to the server, second bind request carries the terminal iidentification, described of the terminal The locator card mark of positioning security card and the user of the user identify, and make the server by the terminal iidentification, described fixed Position card mark and user mark are stored in the second list of bindings.
5. a kind of device of authentication, it is characterised in that described device includes:
First acquisition module, the user for obtaining user identifies and the locator card of positioning security card identifies;
First judge module, for judging user mark and the user stored identifies whether identical, and the positioning Card mark and the locator card stored identify whether identical;
First sending module, and if the locator card identical with the user's mark stored for user mark identify with The locator card mark stored is identical, generates random number, and sends the random number to the positioning security card, makes the positioning Safety card generates the second key according to the random number and the first key stored;
First receiving module, second key sent for receiving the positioning security card, and according to the positioning security The locator card mark of card obtains the 3rd key;
Second judge module, for generating the 4th key according to the random number and the 3rd key, judge that described second is close Whether key and the 4th key are identical;
Authentication module, if identical with the 4th key for second key, certification passes through;
Second acquisition module, if the user's mark for identifying and having stored for the user differs, obtain the networking of terminal Number and the terminal terminal iidentification;
Second sending module, for transmitter net certification request to server, the machine net certification request carry described in enter network No. With the terminal iidentification, make to enter network No. described in the server judgement and the corresponding relation of the terminal iidentification whether there is first In list of bindings, first list of bindings is used for the correspondence for entering network No. and the terminal iidentification of terminal for storing the terminal bound Relation;
Second receiving module, for receive the server determine it is described enter network No. and the terminal iidentification corresponding relation The machine net certification sent during in the presence of in the first list of bindings passes through response;
First determining module, for according to the machine net certification by passing through in response to determining that going out to the terminating machine net certification.
6. device as claimed in claim 5, it is characterised in that described device also includes:
3rd sending module, the server is given for transmitter card number certification request, the machine card number certification request carries institute Terminal iidentification, locator card mark and user mark are stated, the server is judged the terminal iidentification, the positioning The corresponding relation of card mark and user mark whether there is in the second list of bindings, and second list of bindings is used to store The corresponding relation of user's mark of the terminal iidentification for the terminal bound, the locator card mark of positioning security card and user;
3rd receiving module, for receive the server determine the terminal iidentification, the locator card mark and it is described The machine card number certification occurred when in second list of bindings be present and pass through response in user's mark;
Second determining module, for being passed through according to the machine card number certification in response to determining that going out to the terminal, the positioning security Card and the user authentication pass through.
7. device as claimed in claim 6, it is characterised in that described device also includes:
Memory module, the user for storing the user identifies and the locator card of the positioning security card identifies;
Generation module, for generating the first key, and the first key is sent to the positioning security card.
8. device as claimed in claim 5, it is characterised in that described device also includes:
4th sending module, for sending the first bind request to server, the networking of the first bind request carried terminal Number and the terminal terminal iidentification, make the server by it is described enter network No. and the terminal iidentification corresponding relation be stored in In first list of bindings;
5th sending module, the end is carried to the server, second bind request for sending the second bind request User's mark of the terminal iidentification at end, the locator card mark of the positioning security card and the user, makes the server by institute Terminal iidentification, locator card mark and user mark is stated to be stored in the second list of bindings.
CN201410422915.1A 2014-08-25 2014-08-25 A kind of identity authentication method and device Active CN104219626B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201410422915.1A CN104219626B (en) 2014-08-25 2014-08-25 A kind of identity authentication method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201410422915.1A CN104219626B (en) 2014-08-25 2014-08-25 A kind of identity authentication method and device

Publications (2)

Publication Number Publication Date
CN104219626A CN104219626A (en) 2014-12-17
CN104219626B true CN104219626B (en) 2017-11-21

Family

ID=52100693

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201410422915.1A Active CN104219626B (en) 2014-08-25 2014-08-25 A kind of identity authentication method and device

Country Status (1)

Country Link
CN (1) CN104219626B (en)

Families Citing this family (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110417797B (en) 2015-04-02 2021-07-30 创新先进技术有限公司 Method and device for authenticating user
CN106162630B (en) * 2016-06-21 2023-03-10 贵州电网有限责任公司电力调度控制中心 Encryption protection method for terminal equipment
CN108694333B (en) * 2017-04-07 2021-11-19 华为技术有限公司 User information processing method and device
CN112260995B (en) * 2018-03-31 2022-05-24 华为云计算技术有限公司 Access authentication method, device and server
CN109447203A (en) * 2018-11-07 2019-03-08 广州凯晟信息科技有限公司 Two dimensional code encryption and decryption method, device, Cloud Server and system
CN113327371B (en) * 2021-05-21 2022-08-05 福建星云电子股份有限公司 Card swiping authentication method and system for charging pile

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1478196A2 (en) * 2003-05-12 2004-11-17 Vodafone Group PLC Module and method for detecting at least one event in a cellular mobile telephony subscriber equipment, a computer program to carry out the method and a card and terminal with the module.
CN102137396A (en) * 2010-11-12 2011-07-27 华为终端有限公司 Terminal, card and method and system for checking machine and card
CN102833068A (en) * 2011-06-15 2012-12-19 中兴通讯股份有限公司 Method for bidirectional authentication of terminal and smart card, protocol and smart card
CN102984689A (en) * 2012-11-21 2013-03-20 东莞宇龙通信科技有限公司 System and method for verifying mobile terminal

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1478196A2 (en) * 2003-05-12 2004-11-17 Vodafone Group PLC Module and method for detecting at least one event in a cellular mobile telephony subscriber equipment, a computer program to carry out the method and a card and terminal with the module.
CN102137396A (en) * 2010-11-12 2011-07-27 华为终端有限公司 Terminal, card and method and system for checking machine and card
CN102833068A (en) * 2011-06-15 2012-12-19 中兴通讯股份有限公司 Method for bidirectional authentication of terminal and smart card, protocol and smart card
CN102984689A (en) * 2012-11-21 2013-03-20 东莞宇龙通信科技有限公司 System and method for verifying mobile terminal

Also Published As

Publication number Publication date
CN104219626A (en) 2014-12-17

Similar Documents

Publication Publication Date Title
CN104219626B (en) A kind of identity authentication method and device
CN103873454B (en) Authentication method and equipment
CN102682506B (en) Intelligent Bluetooth door access control method and device based on symmetric cryptographic technique
CN106790156B (en) Intelligent device binding method and device
CN106503589A (en) The method of calibration of block chain Transaction Information correctness, apparatus and system
CN105184931A (en) Bluetooth-based unlocking method, system and hand-held terminal and Bluetooth-based electronic lock
CN105262773B (en) A kind of verification method and device of Internet of things system
JP2018501567A (en) Device verification method and equipment
CN108023874A (en) Calibration equipment, method and the computer-readable recording medium of single-sign-on
CN103856640A (en) Method and system for processing user resource information
CN103188221A (en) Application login method, application login device and mobile terminal
CN106161032A (en) A kind of identity authentication method and device
WO2015003503A1 (en) Network device, terminal device and information security improving method
CN106817346A (en) Data transmission method and device and electronic equipment
CN106327637A (en) Bluetooth door opening system based on community management and method
CN104410622A (en) Safety authentication method, client side and system for logging in Web system
CN102571355B (en) Method and device for importing secret key without landing
CN104573493B (en) A kind of method for protecting software and system
CN108270561A (en) Data transmission method for uplink and device, the generation method of cipher key index and device
CN105392137A (en) Household WIFI embezzlement preventing method, wireless router and terminal equipment
CN105791246A (en) Information verification method, device and system
CN108121904B (en) Unlocking method, device, electronic equipment and server
CN104796262B (en) Data ciphering method and terminal system
CN114040411B (en) Equipment binding method and device, electronic equipment and storage medium
CN111327561B (en) Authentication method, system, authentication server, and computer-readable storage medium

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant