CN104299133B - Online mobile-payment system and authentic authentication method based on body-sensing net - Google Patents

Online mobile-payment system and authentic authentication method based on body-sensing net Download PDF

Info

Publication number
CN104299133B
CN104299133B CN201410565015.2A CN201410565015A CN104299133B CN 104299133 B CN104299133 B CN 104299133B CN 201410565015 A CN201410565015 A CN 201410565015A CN 104299133 B CN104299133 B CN 104299133B
Authority
CN
China
Prior art keywords
node
user
sensing
idn
key
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CN201410565015.2A
Other languages
Chinese (zh)
Other versions
CN104299133A (en
Inventor
赵华伟
徐如志
田茂圣
彭云
姜林枫
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
SHANDONG SUNDATA MANAGEMENT SOFTWARE ENGINEERING Co Ltd
Qilu University of Technology
Original Assignee
SHANDONG SUNDATA MANAGEMENT SOFTWARE ENGINEERING Co Ltd
Qilu University of Technology
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by SHANDONG SUNDATA MANAGEMENT SOFTWARE ENGINEERING Co Ltd, Qilu University of Technology filed Critical SHANDONG SUNDATA MANAGEMENT SOFTWARE ENGINEERING Co Ltd
Priority to CN201410565015.2A priority Critical patent/CN104299133B/en
Publication of CN104299133A publication Critical patent/CN104299133A/en
Application granted granted Critical
Publication of CN104299133B publication Critical patent/CN104299133B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/322Aspects of commerce using mobile devices [M-devices]
    • G06Q20/3227Aspects of commerce using mobile devices [M-devices] using secure elements embedded in M-devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3829Payment protocols; Details thereof insuring higher security of transaction involving key management
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4014Identity check for transactions
    • G06Q20/40145Biometric identity checks

Landscapes

  • Business, Economics & Management (AREA)
  • Engineering & Computer Science (AREA)
  • Accounting & Taxation (AREA)
  • Physics & Mathematics (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Finance (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The online mobile-payment system based on body-sensing net of the present invention, including medical centre, e-business certification center, intelligent terminal, aggregation node, wearing node and implantation node, online mobile payment of the e-business certification center to user are authenticated.The authentic authentication method of the present invention, registration phase includes:A) medical centres are registered;B) e-business certification centers are registered;C) produces key information;D) codings and decile;E) builds multinomial;Authentication phase is logical to be included:1) initiates transaction;2) trade confirmations;3) measures physiological signal;4) productive sets;5) is produced and is sent message;6) subscriber authentications;7) reconstructs multinomial;8) is constructedAnd judge;9) legitimacy verifies.The online mobile-payment system and method for the present invention, may negotiate the key with uniqueness by the same physiological signal of user, have effectively achieved the certification of online mobile payment, it is ensured that the security of payment.

Description

Online mobile-payment system and authentic authentication method based on body-sensing net
Technical field
The present invention relates to a kind of online mobile-payment system and authentic authentication method based on body-sensing net, in particular, More particularly to a kind of physiological parameter of utilization user negotiates the online mobile-payment system based on body-sensing net of key and credible Authentication method.
Background technology
With smart mobile phone, the popularization of the Intelligent mobile equipment such as tablet personal computer, Mobile Online is paid with it quickly, easily Feature is widely used in e-commerce field, and has gradually occupied the dominant position of e-commerce transaction.However, Due to Intelligent mobile equipment inherently the characteristics of, cause this on-line payment mode to there is huge security risk:(1) Current most commercial Intelligent mobile equipments are in view of ease of use issues, the untrusted location without built in(Such as digital certificate Safety device), which results in many APP in Intelligent mobile equipment and insincere, there is malice and steal user's letter The behavior of breath.The APP of malice is even capable of the input behavior of monitoring users, so that the account and password of user is obtained, to user Fund security cause great threat.(2) Intelligent mobile equipment has portability feature, and this causes user to be difficult to receive by outer Put safety means(Such as external password input apparatus)Method to strengthen Intelligent mobile equipment security.(3) some are legal There is safety precaution phenomenon not in place in on-line payment APP, cause the on-line payment of user to there is huge potential safety hazard.Such as, Many on-line payment APP ensure payment safety by short message verification code not by cipher protocol, but wooden horse APP can monitor the payment verification code of bank, and be sent on the phone number that opponent specifies, so that opponent is bypassed in payment The Verification System of the heart, completes to brush the robber of user credit card..
The content of the invention
There is provided a kind of online mobile payment system based on body-sensing net in order to overcome the shortcoming of above-mentioned technical problem by the present invention System and authentic authentication method.
The online mobile-payment system based on body-sensing net of the present invention, including medical centre, e-business certification center, intelligence Energy terminal and aggregation node, wearing node and the implantation node being arranged on user's body, wearing node and implantation node point The body surface and internal, the physiological signal for gathering user of user are not arranged at;Aggregation node, wearing node and implantation node shape Into body area network;It is characterized in that:At least two nodes gather same physiological signal in wearing node and implantation node;Convergence section Point is by wireless network and medical centre telecommunication and realizes registration, passes through wearing node and implantation node gathers the life of user Signal is managed, is communicated by bluetooth module with intelligent terminal;Intelligent terminal passes through wireless network and e-business certification center Communication, to realize online mobile payment;E-business certification center is according to simultaneously " two sensing nodes are believed the same physiology of user Number two groups of acquired data of collection have great similarity " it is authenticated come the online mobile payment to user.
Realization is provided with the online mobile-payment system based on body-sensing net of the present invention, the aggregation node to save with wearing Point and the implantation node IEEE802.15.6 modules communicated, the SIM card communication module that is communicated with medical centre and with intelligent end The bluetooth module of end communication;Wireless network and intelligent terminal and e-business certification that the aggregation node communicates with medical centre The wireless network of center to center communications is 4G, 3G or GPRS cordless communication network.
Display screen, confirmation are provided with the online mobile-payment system based on body-sensing net of the present invention, the aggregation node Key and cancel key.
The authentic authentication method of the online mobile-payment system based on body-sensing net of the present invention, it is particular in that:Bag Include registration phase and authentication phase;
The registration phase is realized by following steps:
A) medical centres are registered, during user's application body area network, medical centreGive first in body area network for certification A key built in the sensing node of the identical signal of two collectionsWith the ID card No. of userIf, two sensing nodes Respectively node, node, medical centre, which is recorded, includes identification card number, user name, nodeMark, section PointMarkAnd keyUser profile inside;B) e-business certification centers are registered, user to e-business certification CenterDuring registration, complete to register by following steps:B-1) sends request, e-business certification centerCarried according to user The identification card number of confession, to medical centreSend the request for extracting corresponding key information;B-2) generations key is concurrent Send, medical centreReceive e-business certification centerRequest after, first produce a random number, then pass through Hash functions are calculated:, whereinThe link of message is represented, key information is producedAnd by its Send to e-business certification center;E-business certification centerAcquisition includes identification card number, user name、 NodeMark, nodeMarkAnd keyUser profile inside;C) is verified and is produced key information, medical treatment CenterWillThe aggregation node in body area network is sent to, aggregation node is wide in the range of body area network Broadcast;Work as sensor nodeAnd sensor nodeReceiveAfterwards, preset key is utilizedCheckingLegitimacy, produced if legal;d).Encode and decile, Sensor nodeWithItself is calculated firstBinary form is encoded to, and willBinary form be divided into + 1 section, if binary-codedDuan Wei,,Binary form be, then;E) builds multinomial, sensor nodeWithOne is constructed respectivelyRank multinomial,=++…+, whereinRepresentDecimal form;The registration phase of user is completed;
The authentication phase is completed by following steps:
1), which is set up, connects and initiates transaction, and user is using on intelligent terminalWhen buying commodity, selected commodity are simultaneously Click on after " payment " button,The aggregation node that bluetooth module finds body area network is opened, both sides are set up after connection,Will Dealing moneyIt is sent to aggregation node;2) trade confirmations, aggregation node shows that screen display transaction acceptance is arrived at it first The amount of money, when user does not think the amount of money not pair, then press cancel key, now aggregation node toReturn the letter Cancelled Transaction Breath;After user thinks that dealing money is correct, then acknowledgement key is pressed, then aggregation node sends the sensing node required in body area networkWithSubmit the instruction of authentication data;3) measures physiological signal, sensing nodeWithReceive after instruction, measurement respectively is used The same physiological signal at family, if nodeWithGatherGroup physiological signal, it is respectively: ,,…,With ,,…,;4) is according to physiological signal and multinomial productive set, sensing nodeAccording to multinomialMeter Calculate set=, wherein , 1≤;NodeRandomly generate simultaneouslyIndividual point set=, Wherein , , 1≤,For coefficient;Then nodeWillWithAfter random mixing, productive set=;Sensing nodeProductive set after the same method;5) is produced and is sent message, sensing node Produce message=, wherein Expression is usedIt is rightCarry out symmetric cryptography,Represent sensing nodeFresh number;Equally, sensing nodeProduce message=, whereinExpression is usedIt is rightCarry out symmetric cryptography,Represent sensing nodeFresh number;Sensing nodeWithRespectively will by aggregation nodeIt is sent to intelligent terminal,Again will by intelligent terminalWithSend to e-business certification center;6) subscriber authentications, e-business certification centerReceiveWithAfterwards, first withFrom information table Retrieval, has been checked whetherRecord, and whether have in the recordWithTwo values, if it is not, returning to mistake extremely Intelligent terminal, if so, then performing step 7);7), which is extracted, gathers and reconstructs multinomial, e-business certification centerFirst UtilizeCorresponding key, fromIn decryptWith, Ran HoucongWithIt is middle to extract Set, work as setIn the point set number that includes reachWhen, e-business certification CenterSet is utilized according to Lagrange's interpolationReconstruct multinomial;If=++…+, whereinRepresent binary systemDecimal form;8) is constructedAnd judge, by multinomialBinary system system Number、…、Constituted after being arranged in orderBinary form, be then translated into again metric;Judge weight NeotectonicsStored with itWhether, if equally, performing step 9);If different, show to receive MessageIt is incorrect or do not come to registered users;9) legitimacy verifies, e-business certification centerUtilizeCheckingWithIn check codeWithIt is It is no legal, if legal, certification success, e-business certification centerIt can be incited somebody to action from the account of userThe amount of money of quantity Transfer accounts to businessman;If it fails, then Fail Transaction.
In the authentic authentication method of the online mobile-payment system based on body-sensing net of the present invention, step d)It is divided into During+1 section, if can not decile,Binary-coded afterbody filling 1, untilIt can be divided into+ 1 section; Step 9) in the sensing node that is gatheredWithPhysiological signalDigit be 13 bits, 1≤;Step 7) In it is constructedSet belongs to characteristics of human body's physiological signal, can be used as the evidence merchandised.
The authentic authentication method of the online mobile-payment system based on body-sensing net of the present invention, sensing nodeWithAdopted The user's physiological signal integrated is body temperature, blood pressure, blood glucose, capacity of blood vessel variable signal PPG or ECG signal ECG.
The beneficial effects of the invention are as follows:The present invention online mobile-payment system and method, by human body set with The aggregation node of intelligent terminal communication, the wearing node and implantation node for being provided on human body physiological signal collection, convergence Node constitutes body-sensing net with wearing node and implantation node, by wearing node and implantation node to the same physiological signal of human body Collection, the key with uniqueness can be negotiated, the certification of online mobile payment is have effectively achieved, it is ensured that payment Security.
The online mobile-payment system of the present invention and the advantage of method are embodied in:
(1)User need not remember any password, eliminate the trouble that user safeguards password;
(2)Without any external password input apparatus, it is user-friendly;
(3)Authentication information space is big, and opponent is difficult to carry out exhaustive guessing attack;
(4)Authentication information randomness is good, and each authentication information is different, even if being installed in intelligent mobile terminal equipment There is the malice APP of eavesdropping cellphone information, nor affect on the security of certification.
Brief description of the drawings
Fig. 1 is the schematic diagram of the online mobile-payment system based on body-sensing net of the present invention;
Fig. 2 is the display screen and the structural representation of button of aggregation node in the present invention;
Fig. 3 is the flow chart of registration phase in online mobile-payment system authentic authentication method of the invention;
Fig. 4 is the flow chart of authentication phase in online mobile-payment system authentic authentication method of the invention.
In figure:1 intelligent terminal, 2 aggregation nodes, 3 wearing nodes, 4 implantation nodes, 5 medical centres, 6 e-business certification Center.
Embodiment
The invention will be further described with embodiment below in conjunction with the accompanying drawings.
As shown in figure 1, giving the schematic diagram of the online mobile-payment system based on body-sensing net of the present invention, it includes doctor Treatment center 5, e-business certification center 6, intelligent terminal 1, aggregation node 2, wearing node 3 and implantation node 4, shown remittance Poly- node 2 has computing, storage and communication function, and it includes IEEE802.15.6 modules, SIM card communication module and bluetooth mould Block.Shown wearing node and implantation node 4 is respectively arranged at user's body surface and internal, and realization is adopted to user's physiological signal Collection, aggregation node 2, wearing node 3 and implantation node 4 form body area network by MANET.Display is provided with aggregation node 2 Screen, acknowledgement key and cancel key, display screen are used to show dealing money, and acknowledgement key and cancel key are used for the confirmation and cancellation merchandised.
Aggregation node 2 is communicated by IEEE802.15.6 modules with wearing node 3 and implantation node 4, realizes physiology Signal acquisition and the broadcast of order.Aggregation node 2 is by SIM card communication module through in 4G, 3G or GPRS wireless network and medical treatment The heart 5 is communicated, and registration is realized in medical centre 5.Aggregation node 2 is communicated by bluetooth module with intelligent terminal 1, is realized and is converged Data transfer on poly- node 2 and intelligent terminal 1 between APP.Intelligent terminal 1 passes through 4G, 3G or GPRS wireless network and electronics Business confirming center 6 is communicated, and realizes transmission of transaction data and certification.During mobile payment certification, wearing node 3 The same physiological signal of user is acquired simultaneously with implantation node 4, the great similarity of the same physiological signal of user is utilized Trade confirmation key is negotiated, the confidentiality of transaction is not only ensured, opponent is difficult to implement attack to transaction, can also preserve user Physiological parameter be used as transaction voucher.
The authentic authentication method of the online mobile-payment system based on body-sensing net of the present invention, including registration phase and certification Stage;
The registration phase is realized by following steps:
A) medical centres are registered, during user's application body area network, medical centreGive first in body area network for certification A key built in the sensing node of the identical signal of two collectionsWith the ID card No. of userIf, two sensing sections Point is respectively node, node, medical centre, which is recorded, includes identification card number, user name, nodeMark、 NodeMarkAnd keyUser profile inside;
Sensing nodeWithThe user's physiological signal gathered can be body temperature, blood pressure, blood glucose, PPG or ECG.
The user profile that medical centre is recorded is:
B) e-business certification centers are registered, user to e-business certification centerIt is complete by following steps during registration Into registration:
B-1) sends request, e-business certification centerThe identification card number provided according to user, into medical treatment The heartSend the request for extracting corresponding key information;
B-2) produces key and sent, medical centreReceive e-business certification centerRequest after, first Produce a random number, then calculated by Hash functions:, whereinRepresent message Link, produces key informationAnd send it to e-business certification center;E-business certification centerObtain bag Include identification card number, user name, nodeMark, nodeMarkAnd keyUser profile inside;
The user profile that e-business certification center is recorded is:
C) is verified and is produced key information, medical centreWillIt is sent in body area network Aggregation node, aggregation node is broadcasted in the range of body area network;Work as sensor nodeAnd sensor nodeReceiveAfterwards, preset key is utilizedCheckingLegitimacy, produced if legal
d).Encode and decile, sensor nodeWithItself is calculated firstBinary form is encoded to, and WillBinary form be divided into+ 1 section, if binary-codedDuan Wei,,Binary form be, then
In the step,It is divided intoDuring+1 section, if can not decile,Binary-coded afterbody Filling 1, untilIt can be divided into+ 1 section;
E) builds multinomial, sensor nodeWithOne is constructed respectivelyRank multinomial,=++…+, whereinRepresentDecimal form;The registration phase of user is completed;
The authentication phase is completed by following steps:
1), which is set up, connects and initiates transaction, and user is using on intelligent terminalWhen buying commodity, commodity and point are selected Hit after " payment " button,The aggregation node that bluetooth module finds body area network is opened, both sides are set up after connection,It will hand over The easy amount of moneyIt is sent to aggregation node;
2) trade confirmations, aggregation node shows the amount of money that screen display transaction acceptance is arrived at it first, when user thinks gold Volume not pair when, then press cancel key, now aggregation node toReturn the information Cancelled Transaction;When user thinks trade gold After volume is correct, then acknowledgement key is pressed, then aggregation node sends the sensing node required in body area networkWithSubmit authentication data Instruction;
3) measures physiological signal, sensing nodeWithReceive after instruction, the same physiological signal of user measured respectively, If nodeWithGatherGroup physiological signal, it is respectively: ,,…,With ,,…,
In the step, the sensing node gatheredWithPhysiological signalDigit be 13 bits, 1≤
4) is according to physiological signal and multinomial productive set, sensing nodeAccording to multinomialSet of computations=, wherein , 1≤;NodeRandomly generate simultaneouslyIndividual point set=, wherein , , 1≤,For coefficient;Then nodeWillWithAfter random mixing, productive set=;Sensing nodeProductive set after the same method
For setIn element for, it isRank multinomialUpper a series of point, its horizontal sits is saved for sensing PointThe physiological signal value gathered;Point setIn point do not existRank multinomialOn, it isNeighbouring point, WillMix productive setIt is transmitted as message, valid data is mixed with invalid data, expanded The quantity of point set, effectively can prevent opponent from disturbing;
5) is produced and is sent message, sensing nodeProduce message= , whereinExpression is usedIt is rightCarry out symmetric cryptography,Represent sensing NodeFresh number;Equally, sensing nodeProduce message= , whereinExpression is usedIt is rightCarry out symmetric cryptography,Represent sensing node's Fresh number;Sensing nodeWithRespectively will by aggregation nodeIt is sent to intelligent terminal,Pass through again Intelligent terminal willWithSend to e-business certification center
6) subscriber authentications, e-business certification centerReceiveWithAfterwards, first withFrom information Retrieve, checked whether in tableRecord, and whether have in the recordWithTwo values, if it is not, returning wrong By mistake to intelligent terminal, if so, then performing step 7);
7), which is extracted, gathers and reconstructs multinomial, e-business certification centerFirst withCorresponding key, FromIn decryptWith, Ran HoucongWithIt is middle to extract set, Work as setIn the point set number that includes reachWhen, e-business certification centerCollection is utilized according to Lagrange's interpolation CloseReconstruct multinomial;If=++…+, whereinRepresent binary systemTen enter Form processed;
In setBuilding process in,In point satisfaction belong to point setRequirement, and abscissa be equal to sensing save PointThe physiological signal value gathered, due toWithInclude sensing node respectivelyThe same all one's life being used for gathered Signal is managed, with great similarity, it is easy to obtain the set for meeting and requiring
It is constructed in the stepSet belongs to characteristics of human body's physiological signal, can be used as the evidence merchandised.
8) is constructedAnd judge, by multinomialBinary coefficient、…、Constituted after being arranged in orderBinary form, be then translated into again metric;Judge what is reconfiguredStored with itWhether Equally, if equally, performing step 9);If different, show the message receivedIt is incorrect or be not Come to registered users;
9) legitimacy verifies, e-business certification centerUtilizeCheckingWithIn check codeWithIt is whether legal, if closing Method, then certification success, e-business certification centerIt can be incited somebody to action from the account of userThe amount of money of quantity is transferred accounts to businessman;Such as It is really unsuccessful, then Fail Transaction.
The safety analysis of the online mobile-payment system and authentic authentication method based on body-sensing net of the present invention is as follows:
1. due toIt is placed on the biosensor node implanted(Wearing node and implantation node)On, therefore enemy Hand is difficult to obtain.Further, since=, thereforeIn certification as an ecommerce The heart, can not also obtain the master key of biosensor node, thereforeIt can also be used for by physiology sensing node in body area network The secure communication in portion.
2. WithInWithEqual quiltsEncryption, therefore opponent can not construct setTo reconstruct multinomial.Simultaneously asWithIn information by high randomness physiological signal and stochastic set produce, whenNWhen=10,WithReach 130 bits so that opponent is difficult to carry out exhaustive attack, it is impossible to guess correct PPG signals.In addition, in order to enter One step is strengthenedSecurity, Ke YirangWithConsult, to regularly replace
3. because the authentication information transmitted every time by mobile phone A PP includes fresh numberWith, therefore, even if opponent By wirelessly intercepting or mobile phone malice APP is obtainedWith, can not also implement Replay Attack.
4. although the communication between mobile phone A PP and aggregation node can not be protected, present invention employs user's confirmation Mechanism, only when user confirms that the payment that is shown on mobile phone A PP is consistent with the payment shown on aggregation node, Just press button and be traded certification.

Claims (3)

1. a kind of authentic authentication method of the online mobile-payment system based on body-sensing net, the online mobile payment based on body-sensing net System includes medical centre (5), e-business certification center (6), intelligent terminal (1) and the convergence being arranged on user's body Node (2), wearing node (3) and implantation node (4), wearing node and implantation node are respectively arranged at the body surface and body of user It is interior, the physiological signal for gathering user;Aggregation node, wearing node and implantation node formation body-sensing net;Wearing node and plant At least two nodes gather same physiological signal in ingress;Aggregation node passes through wireless network and medical centre telecommunication And registration is realized, the physiological signal of user is gathered by wearing node and implantation node, is entered by bluetooth module with intelligent terminal Row communication;Intelligent terminal is communicated by wireless network with e-business certification center, to realize online mobile payment;Ecommerce Authentication center is according to " two sensing nodes have very big phase to two groups of data acquired in the same physiological signal collection of user simultaneously Like property " it is authenticated come the online mobile payment to user;
The IEEE802.15.6 moulds realized and communicated with wearing node (3) and implantation node (4) are provided with the aggregation node (2) Block, the SIM card communication module communicated with medical centre (5) and the bluetooth module communicated with intelligent terminal (1);The convergence section The wireless network that the wireless network that is communicated with medical centre of point and intelligent terminal communicate with e-business certification center be 4G, 3G or GPRS cordless communication networks;
Display screen, acknowledgement key and cancel key are provided with the aggregation node (2);
It is characterized in that:Authentic authentication method includes registration phase and authentication phase;
The registration phase is realized by following steps:
A) medical centres are registered, during user's application body-sensing net, medical centre MCAdopted first to be used for certification in body-sensing net two Collect a key K built in the sensing node of identical signalmWith the ID card No. IDN of user, if two sensing nodes are respectively Node A, node B, medical centre record include identification card number IDN, user name Name, node A marks IDA, Node B identity IDBWith Key KmUser profile inside;
B) e-business certification centers are registered, user to e-business certification center FCDuring registration, complete to note by following steps Volume:
B-1) sends request, e-business certification center FCThe identification card number IDN provided according to user, to medical centre MCSend Extract the request of corresponding key information;
B-2) produces key and sent, medical centre MCReceive e-business certification center FCRequest after, one is produced first Individual random number Rm, then calculated by Hash functions:Kf=Hash (Km||IDN||Rm), wherein | | represent the link of message, production Raw key information KfAnd send it to e-business certification center FC;E-business certification center FCAcquisition includes identification card number IDN, user name Name, node A marks IDA, Node B identity IDBWith key KfUser profile inside;
C) is verified and is produced key information, medical centre MCBy Rm||Hash(Km||Rm) aggregation node in body-sensing net is sent to, Aggregation node is broadcasted in the range of body-sensing net;When sensor node A and sensor node B receive Rm||Hash(Km||Rm) after, profit With preset key KmVerify Hash (Km||Rm) legitimacy, K is produced if legalf=Hash (Km||IDN||Rm);
d).KfEncode and decile, sensor node A and B are first by the K of itself calculatingfIt is encoded to binary form, and by Kf's Binary form is divided into v+1 sections, if binary-coded i-th section is ci, 0≤i≤v, KfBinary form be (Kf)2, then (Kf)2=cv||cv-1||...||c0
E) builds multinomial, and sensor node A and B construct a v rank multinomial p (x), p (x)=(c respectivelyv)10xv+ (cv-1)10xv-1+...+(c0)10, wherein (ci)10Represent ciDecimal form;The registration phase of user is completed;
The authentication phase is completed by following steps:
1), which is set up, connects and initiates transaction, and when user buys commodity using the APP on intelligent terminal, selected commodity simultaneously click on " branch Pay " after button, APP opens the aggregation node that bluetooth module finds body-sensing net, and both sides are set up after connection, and APP sends out dealing money M Give aggregation node;
2) trade confirmations, aggregation node shows the amount of money that screen display transaction acceptance is arrived at it first, when user thinks the amount of money not Pair when, then press cancel key, now aggregation node returns the information that Cancels Transaction to APP;When user thinks that dealing money is correct Afterwards, then acknowledgement key is pressed, then aggregation node sends the instruction that the sensing node A and B required in body-sensing net submits authentication data;
3) measures physiological signal, and sensing node A and B are received after instruction, and the same physiological signal of user is measured respectively, if section Point A and B gather N group physiological signals, and it is respectively:With
4) is according to physiological signal and multinomial productive set, and sensing node A is according to multinomial p (x) set of computationsWherein1≤i≤N;Node A randomly generates U point set simultaneouslyWherein1≤j≤U, c ' are coefficient;Then node A is by PAAnd CAAfter random mixing, productive set RA=mix (PA,CA);Sensing node B productive set R after the same methodB
5) is produced and is sent message, and sensing node A produces message VA=IDA,IDN,NA,M,E(Kf,RA),MAC(Kf,IDA||IDN ||NA||M||RA), wherein E (Kf,RA) represent to use KfTo RACarry out symmetric cryptography, NARepresent sensing node A fresh number;Together Sample, sensing node B produces message VB=IDB,IDN,NB,M,E(Kf,RB),MAC(Kf,IDB||IDN||NB||M||RB), wherein E (Kf,RB) represent to use KfTo RBCarry out symmetric cryptography, NBRepresent sensing node B fresh number;Sensing node A and B passes through convergence Node is respectively by VA、VBIt is sent to the APP of intelligent terminal, APP is again by intelligent terminal by VAAnd VBSend to e-business certification Center FC
6) subscriber authentications, e-business certification center FCReceive VAAnd VBAfterwards, examined first with IDN from information table Rope, has checked whether whether there is ID in IDN records, and the recordAAnd IDBTwo values, if it is not, returning to mistake to intelligence Terminal, if so, then performing step 7);
7), which is extracted, gathers and reconstructs multinomial, e-business certification center FCFirst with the corresponding key K of IDNf, from E (Kf, RA)、E(Kf,RB) in decrypt RAAnd RB, then from RAAnd RBMiddle extraction set Q=(b, c) | (b, c) ∈ RA,b∈FB, work as collection When the point set number included in conjunction Q reaches v+1, e-business certification center FCSet Q weights are utilized according to Lagrange's interpolation Structure multinomial p ' (x);If p ' (x)=(c 'v)10xv+(c′v-1)10xv-1+...+(c′0)10, wherein (c 'i)10Represent binary system c 'i Decimal form;
8) constructs K 'fAnd judge, by multinomial p ' (x) binary coefficient c 'v、c′v-1、...、c′0K ' is constituted after being arranged in orderf Binary form, metric K ' is then translated into againf;Judge the K ' reconfiguredfThe K stored with itfWhether one Sample, if equally, performing step 9);If different, show the message V receivedA、VBIt is incorrect or be not from Registered users;
9) legitimacy verifies, e-business certification center FCUtilize KfVerify VAAnd VBIn check code MAC (Kf,IDA||IDN|| NA||M||RA) and MAC (Kf,IDB||IDN||NB||M||RB) whether legal, if legal, certification success, ecommerce is recognized Card center FCThe amount of money of M number can be transferred accounts to businessman from the account of user;If it fails, then Fail Transaction.
2. the authentic authentication method of the online mobile-payment system according to claim 1 based on body-sensing net, its feature exists In:K in step d)fBe divided into during v+1 sections, if can not decile, in KfBinary-coded afterbody filling 1, until KfV+1 sections can be divided into;Step 3) in the sensing node A and B physiological signal that is gatheredDigit be 13 ratios Spy, 1≤i≤N;Step 7) in constructed Q set belong to characteristics of human body's physiological signal, the evidence merchandised can be used as.
3. the authentic authentication method of the online mobile-payment system according to claim 1 or 2 based on body-sensing net, its feature It is:User's physiological signal that sensing node A and B are gathered be body temperature, blood pressure, blood glucose, capacity of blood vessel variable signal PPG or ECG signal ECG.
CN201410565015.2A 2014-10-22 2014-10-22 Online mobile-payment system and authentic authentication method based on body-sensing net Expired - Fee Related CN104299133B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201410565015.2A CN104299133B (en) 2014-10-22 2014-10-22 Online mobile-payment system and authentic authentication method based on body-sensing net

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201410565015.2A CN104299133B (en) 2014-10-22 2014-10-22 Online mobile-payment system and authentic authentication method based on body-sensing net

Publications (2)

Publication Number Publication Date
CN104299133A CN104299133A (en) 2015-01-21
CN104299133B true CN104299133B (en) 2017-10-24

Family

ID=52318854

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201410565015.2A Expired - Fee Related CN104299133B (en) 2014-10-22 2014-10-22 Online mobile-payment system and authentic authentication method based on body-sensing net

Country Status (1)

Country Link
CN (1) CN104299133B (en)

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106156558A (en) * 2015-04-14 2016-11-23 广州杰赛科技股份有限公司 A kind of automated periodic authentication method
US10853516B2 (en) 2015-12-09 2020-12-01 Intel Corporation Methods and apparatus using human electrocardiogram to protect electronic data
CN105653839B (en) * 2015-12-18 2018-08-31 宁波大学 Near-field communication portable medical service system
US10667690B2 (en) * 2016-04-02 2020-06-02 Intel Corporation Compressive sensing sparse sampling photoplethysmogram (PPG) measurement
CN107528691A (en) * 2016-06-21 2017-12-29 中兴通讯股份有限公司 Communication security control method and wearable device

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102057386A (en) * 2008-06-06 2011-05-11 电子湾有限公司 Trusted service manager (TSM) architectures and methods
CN202694458U (en) * 2012-08-14 2013-01-23 山东财经大学 Online payment system based on mobile intelligent communication equipment
CN103761647A (en) * 2014-01-24 2014-04-30 金硕澳门离岸商业服务有限公司 Electronic payment system and electronic payment method

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20140138271A (en) * 2012-03-15 2014-12-03 미코 코포레이션 A biometric authentication system
US20140279528A1 (en) * 2013-03-15 2014-09-18 Motorola Mobility Llc Wearable Authentication Device

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102057386A (en) * 2008-06-06 2011-05-11 电子湾有限公司 Trusted service manager (TSM) architectures and methods
CN202694458U (en) * 2012-08-14 2013-01-23 山东财经大学 Online payment system based on mobile intelligent communication equipment
CN103761647A (en) * 2014-01-24 2014-04-30 金硕澳门离岸商业服务有限公司 Electronic payment system and electronic payment method

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
基于指纹认证的移动支付系统设计与实现;王银;《中国优秀硕士学位论文全文数据库 信息科技辑(月刊)》;20120315(第03期);第I136-480页 *
躯感网信息安全传输机制的研究与实现;黄太波;《中国优秀硕士学位论文数据库 信息科技辑(月刊)》;20130815(第08期);第I136-144页 *
面向体域网的轻量型组密钥管理协议;刘炳;《中国优秀硕士学位论文全文数据库 信息科技辑(月刊)》;20120615(第06期);第I136-174页 *

Also Published As

Publication number Publication date
CN104299133A (en) 2015-01-21

Similar Documents

Publication Publication Date Title
CN104299133B (en) Online mobile-payment system and authentic authentication method based on body-sensing net
Aghili et al. LACO: Lightweight three-factor authentication, access control and ownership transfer scheme for e-health systems in IoT
Sun et al. Security and privacy for the internet of medical things enabled healthcare systems: A survey
CN102165458B (en) Authenticating a device and a user
CN205050141U (en) Electronic equipment
Rostami et al. Balancing security and utility in medical devices?
CN107358039A (en) Health account information sharing system and method for chronic diseases management
CN104253818B (en) Server, terminal authentication method and server, terminal
Yao et al. A biometric key establishment protocol for body area networks
CN106713327A (en) Authentication method and system of verification code security reinforcement
CN105052072A (en) Remote authentication and transaction signatures
CN106027250B (en) A kind of ID card information safe transmission method and system
CN206601734U (en) Transaction data processing terminal and system based on coded image
CN103729764A (en) Data transmission method and system based on biological characteristics
CN113727296B (en) Anonymous privacy protection authentication protocol method based on wireless sensor system in intelligent medical treatment
CN109961276A (en) Digital cash wallet, method of commerce, transaction system and computer storage medium
CN106982221A (en) A kind of network authentication method, system and intelligent terminal
US10958646B2 (en) Biometric authentication with body communication network
CN105991654A (en) Authorization authentication method, device and system
CN107360158A (en) A kind of medical client access authority control method and system
Shamshad et al. An identity-based authentication protocol for the telecare medical information system (TMIS) using a physically unclonable function
Butt et al. Cogent and energy efficient authentication protocol for wsn in iot
Chen et al. An efficient mutual authentication and key agreement scheme without password for wireless sensor networks
CN108566385A (en) The mutual authentication method of efficient secret protection based on cloud
CN107911211A (en) Quick Response Code Verification System based on quantum communication network

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20171024

Termination date: 20181022