CN104751044A - Dynamic password identity authentication system and method - Google Patents
Dynamic password identity authentication system and method Download PDFInfo
- Publication number
- CN104751044A CN104751044A CN201310754487.8A CN201310754487A CN104751044A CN 104751044 A CN104751044 A CN 104751044A CN 201310754487 A CN201310754487 A CN 201310754487A CN 104751044 A CN104751044 A CN 104751044A
- Authority
- CN
- China
- Prior art keywords
- dynamic password
- intelligent electronic
- electronic device
- identification module
- module
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Landscapes
- Storage Device Security (AREA)
Abstract
The invention provides a dynamic password identity authentication system and method. The system comprises an authentication storage card and intelligent electronic equipment, wherein an ID number and an encrypted area are disposed in the authentication storage card, and dynamic passwords are stored in the encrypted area; the intelligent electronic equipment comprises a sensing module, an identification module and a control module. The method includes: the sensing module senses whether the authentication storage card is inserted into the intelligent electronic equipment or not in real time; the identification module reads the ID number and the dynamic passwords and compares the ID number and the dynamic passwords with the information of the intelligent electronic equipment to obtain a comparison result; the control module grants or takes away use permission according to the comparison result. The dynamic password identity authentication system and method has the advantages that the use permission is granted or taken away by sensing the authentication storage card in real time and comparing the dynamic passwords, and use safety is guaranteed.
Description
[technical field]
The present invention relates to a kind of dynamic password identification authenticating system and method, particularly a kind of effective ensure use security and dynamic password identification authenticating system easy to use and method.
[background technology]
Authentication is the important component part of information security system, and it is the first gate of protection information security of system.Its task is legitimacy and the authenticity of checking information system Subscriber Identity, and by the authority access system resources that system is authorized, unauthorized access person is kept outside of the door.
Identity identifying technology is divided into: conventional pass word code authenticates, dynamic password (dynamic password) certification, biotechnology (fingerprint, iris, face etc.) certification, digital certificate (CA) certification etc. of being provided by third party.Wherein conventional pass word code authenticates is the early stage authentication product of computer system, because of static characteristics and the reusability of its pass word, exist and easily steal, easily guess, easily to crack etc. safety defect, be a kind of weak identity authorization system, safe class can only be used for and require lower infosystem.Dynamic password authentication, biotechnology certification and digital certificate authentication are strong identity authentication systems, can be used for the safety certification of the important information systems such as government, finance, enterprise.But the major defect of biotechnology is exactly higher to equipment requirement, can not popularize.The major defect of digital certificate is installed more difficult exactly.The application of digital certificate, need through processes such as the off-line examination & verification of CA authentication center and online granting, download onlines, and for being unfamiliar with the people of internet, this serial procedures is too loaded down with trivial details.
Dynamic password (Dynamic Password) also claims one-time password (One-time Password).Dynamic password is the password of variation, and it is change that its variation derives from the operational factor producing password.The generation factor of dynamic password generally all adopts two operational factor (two factor): one is the private cipher key of user.It is the identification code of representative of consumer identity, is changeless.Its two, be variation the factor.Change the continuous change of the factor just, just create the dynamic password of constantly variation.Such as, No. 200710195855.4th, China's Mainland patented claim discloses a kind of dynamic password identity authentication method and system, comprising: during authentication, and dynamic password identification authenticating system prompting user inputs dynamic password; Terminal utilizes built-in symmetric cryptographic algorithm to calculate and produces dynamic password; The dynamic password that terminal produces is sent to dynamic password identification authenticating system; Dynamic password identification authenticating system according to identical algorithms at local computing dynamic password; The dynamic password send client and the dynamic password of local computing compare, if unanimously, then by certification, if inconsistent, then refuse this certification.
But the dynamic password identity authentication method that No. 200710195855.4th, China's Mainland patented claim and system are not real-time authentication, the security used effectively cannot be ensured; Separately, the operation inputting dynamic password is needed in verification process, comparatively inconvenience.
[summary of the invention]
Fundamental purpose of the present invention be to provide a kind of effective ensure to use security and dynamic password identification authenticating system easy to use and method.
The invention provides a kind of dynamic password identification authenticating system, it comprises:
Authentication store card, it is provided with one No. ID and is provided with an encrypted area, and described encrypted area stores dynamic password;
Intelligent electronic device, it comprises:
Detecting module, whether it is inserted with authentication store card on detecting real-time intelligent electronic device;
Identification module, it connects detecting module, and described identification module for reading No. ID, dynamic password comparing with the information of intelligent electronic device, and then obtains comparative result;
Control module, its linkage identification module, and described control module is opened according to comparative result or is closed rights of using.
Especially, described encrypted area stores the term of validity, and described identification module for reading the term of validity and comparing with the current time of intelligent electronic device, and then obtains comparative result.
The present invention also provides a kind of dynamic password identity authentication method, and its dynamic password identification authenticating system by claim 1 carries out certification; And described dynamic password identity authentication method comprises the following steps:
Steps A: whether detecting real-time module detecting intelligent electronic device is inserted with authentication store card;
Step B: when detecting module detect intelligent electronic device is inserted with authentication store card time, read No. ID by identification module;
Step C: identification module compare No. ID whether consistent with the information of intelligent electronic device;
Step D: when identification module compare No. ID consistent with the information of intelligent electronic device time, read dynamic password by identification module;
Step e: whether identification module compares dynamic password consistent with the information of intelligent electronic device;
Step F: when identification module compare dynamic password consistent with the information of intelligent electronic device time, open rights of using by control module;
Step G: when the information that identification module compares dynamic password and intelligent electronic device is inconsistent, close rights of using by control module.
Especially, when identification module compare No. ID, the information of dynamic password and intelligent electronic device inconsistent time, close rights of using by control module.
Especially, step F specifically comprises:
Step F 1: when identification module compare dynamic password consistent with the information of intelligent electronic device time, read the term of validity by identification module;
Step F 2: whether identification module compares the term of validity consistent with the current time of intelligent electronic device;
Step F 3: when identification module compare the term of validity consistent with the current time of intelligent electronic device time, open rights of using by control module;
Step F 4: when the current time that identification module compares the term of validity and intelligent electronic device is inconsistent, close rights of using by control module.
Compared with prior art, dynamic password identification authenticating system of the present invention and method by detecting real-time authentication store card and compare dynamic password with open or close rights of using, when authentication store card insert and dynamic password consistent time, just can open rights of using; And when authentication store card does not insert or dynamic password is inconsistent, rights of using just can be closed, ensure that the security of use.Separately, authentication store card only need insert by verification process, and does not need the operation inputting dynamic password, more for convenience.
[accompanying drawing explanation]
Fig. 1 is the functional-block diagram of dynamic password identification authenticating system of the present invention.
Fig. 2 is the process flow diagram of dynamic password identity authentication method of the present invention.
[embodiment]
Refer to shown in Fig. 1, the invention provides a kind of dynamic password identification authenticating system, it comprises:
Authentication store card 10, it is provided with one No. ID and is provided with an encrypted area 11, and described encrypted area 11 stores dynamic password; In the present embodiment, described encrypted area 11 also stores the term of validity, and dynamic password uses effectively in the term of validity, just loses efficacy after exceeding the term of validity; Encrypted area 11 obtains after formaing also again subregion, only has keeper to have permission the information (presetting No. ID, authentication store card and default dynamic password) of information and the intelligent electronic device 20 storing encrypted area 11; Keeper utilizes cryptographic algorithm to generate dynamic password and is stored to encrypted area 11 with on intelligent electronic device 20 simultaneously.
Intelligent electronic device 20, it comprises:
Detecting module 21, it can arrange the time interval of detecting real-time as required for whether detecting real-time intelligent electronic device 20 is inserted with authentication store card 10;
Identification module 22, it connects detecting module 21, and described identification module 22 for reading No. ID, dynamic password comparing with the information of intelligent electronic device 20, and then obtains comparative result; In the present embodiment, described identification module 22 for reading the term of validity and comparing with the current time of intelligent electronic device 20, and then obtains comparative result;
Control module 23, its linkage identification module 22, and described control module 23 is opened according to comparative result or is closed rights of using.
Refer to shown in Fig. 2, the present invention also provides a kind of dynamic password identity authentication method, and its dynamic password identification authenticating system by Fig. 1 carries out certification; Described dynamic password identity authentication method comprises the following steps:
Step 300: whether detecting module 21 detecting real-time intelligent electronic device 20 is inserted with authentication store card 10; When detecting module 21 detect intelligent electronic device 20 is inserted with authentication store card 10 time, perform step 310; When detecting module 21 do not detect intelligent electronic device 20 is inserted with authentication store card 10 time, continue to perform step 300;
Step 310: read No. ID by identification module 22;
Step 320: identification module 22 compare No. ID whether consistent with the information of intelligent electronic device 20; When identification module 22 compare No. ID consistent with the information of intelligent electronic device 20 time, perform step 330; When identification module 22 compare No. ID inconsistent with the information of intelligent electronic device 20 time, perform step 380;
Step 330: read dynamic password by identification module 22;
Step 340: whether identification module 22 compares dynamic password consistent with the information of intelligent electronic device 20; When identification module 22 compare dynamic password consistent with the information of intelligent electronic device 20 time; Perform step 350; When the information that identification module 22 compares dynamic password and intelligent electronic device is inconsistent, perform step 380;
Step 350: read the term of validity by identification module 22;
Step 360: whether identification module 22 compares the term of validity consistent with the current time of intelligent electronic device 20; When identification module 22 compare the term of validity consistent with the current time of intelligent electronic device 20 time; Perform step 370; When the current time that identification module 22 compares the term of validity and intelligent electronic device 20 is inconsistent, perform step 380; The reading of the term of validity with compare the security that can further ensure use, but and be not used to limit the scope of the claims of the present invention;
Step 370: open rights of using by control module 23;
Step 380: close rights of using by control module 23.
Dynamic password identification authenticating system of the present invention and method by detecting real-time authentication store card 10 and compare dynamic password with open or close rights of using, when authentication store card 10 inserts intelligent electronic device 20 and dynamic password is consistent, just can open rights of using; And when authentication store card 10 does not insert intelligent electronic device 20 or dynamic password is inconsistent, rights of using just can be closed, ensure that the security of use.Separately, authentication store card 10 only need be inserted intelligent electronic device 20 by verification process, and does not need the operation inputting dynamic password, more for convenience.
The above; be only the specific embodiment of the present invention, but protection scope of the present invention is not limited thereto, is anyly familiar with those skilled in the art in the technical scope that the present invention discloses; change can be expected easily or replace, all should be encompassed within protection scope of the present invention.Therefore, protection scope of the present invention should be as the criterion with the protection domain of claim.
Claims (5)
1. a dynamic password identification authenticating system, is characterized in that comprising:
Authentication store card, it is provided with one No. ID and is provided with an encrypted area, and described encrypted area stores dynamic password;
Intelligent electronic device, it comprises:
Detecting module, whether it is inserted with authentication store card on detecting real-time intelligent electronic device;
Identification module, it connects detecting module, and described identification module for reading No. ID, dynamic password comparing with the information of intelligent electronic device, and then obtains comparative result;
Control module, its linkage identification module, and described control module is opened according to comparative result or is closed rights of using.
2. dynamic password identification authenticating system according to claim 1, is characterized in that: described encrypted area stores the term of validity, and described identification module for reading the term of validity and comparing with the current time of intelligent electronic device, and then obtains comparative result.
3. a dynamic password identity authentication method, its dynamic password identification authenticating system by claim 1 carries out certification; It is characterized in that described dynamic password identity authentication method comprises the following steps:
Steps A: whether detecting real-time module detecting intelligent electronic device is inserted with authentication store card;
Step B: when detecting module detect intelligent electronic device is inserted with authentication store card time, read No. ID by identification module;
Step C: identification module compare No. ID whether consistent with the information of intelligent electronic device;
Step D: when identification module compare No. ID consistent with the information of intelligent electronic device time, read dynamic password by identification module;
Step e: whether identification module compares dynamic password consistent with the information of intelligent electronic device;
Step F: when identification module compare dynamic password consistent with the information of intelligent electronic device time, open rights of using by control module;
Step G: when the information that identification module compares dynamic password and intelligent electronic device is inconsistent, close rights of using by control module.
4. dynamic password identity authentication method according to claim 3, is characterized in that: when identification module compare No. ID, the information of dynamic password and intelligent electronic device inconsistent time, close rights of using by control module.
5. dynamic password identity authentication method according to claim 4, is characterized in that: step F specifically comprises:
Step F 1: when identification module compare dynamic password consistent with the information of intelligent electronic device time, read the term of validity by identification module;
Step F 2: whether identification module compares the term of validity consistent with the current time of intelligent electronic device;
Step F 3: when identification module compare the term of validity consistent with the current time of intelligent electronic device time, open rights of using by control module;
Step F 4: when the current time that identification module compares the term of validity and intelligent electronic device is inconsistent, close rights of using by control module.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310754487.8A CN104751044A (en) | 2013-12-31 | 2013-12-31 | Dynamic password identity authentication system and method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310754487.8A CN104751044A (en) | 2013-12-31 | 2013-12-31 | Dynamic password identity authentication system and method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN104751044A true CN104751044A (en) | 2015-07-01 |
Family
ID=53590716
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201310754487.8A Pending CN104751044A (en) | 2013-12-31 | 2013-12-31 | Dynamic password identity authentication system and method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104751044A (en) |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101163014A (en) * | 2007-11-30 | 2008-04-16 | 中国电信股份有限公司 | Dynamic password identification authenticating system and method |
| CN101211386A (en) * | 2006-12-30 | 2008-07-02 | 赵志勇 | Protection mode switch method and protection system |
| CN102456102A (en) * | 2010-10-26 | 2012-05-16 | 镇江精英软件科技有限公司 | Method for carrying out identity recertification on particular operation of information system by using Usb key technology |
-
2013
- 2013-12-31 CN CN201310754487.8A patent/CN104751044A/en active Pending
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101211386A (en) * | 2006-12-30 | 2008-07-02 | 赵志勇 | Protection mode switch method and protection system |
| CN101163014A (en) * | 2007-11-30 | 2008-04-16 | 中国电信股份有限公司 | Dynamic password identification authenticating system and method |
| CN102456102A (en) * | 2010-10-26 | 2012-05-16 | 镇江精英软件科技有限公司 | Method for carrying out identity recertification on particular operation of information system by using Usb key technology |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US7131009B2 (en) | Multiple factor-based user identification and authentication | |
| AU2010224455B2 (en) | Biometric key | |
| US20140189807A1 (en) | Methods, systems and apparatus to facilitate client-based authentication | |
| CN105243314B (en) | A kind of security system and its application method based on USB key | |
| CN108600213B (en) | Composite identity authentication method and composite identity authentication system applying same | |
| KR101724401B1 (en) | Certification System for Using Biometrics and Certification Method for Using Key Sharing and Recording medium Storing a Program to Implement the Method | |
| WO2008024559A2 (en) | Method and apparatus for authenticating applications to secure services | |
| US9280650B2 (en) | Authenticate a fingerprint image | |
| CN106033625B (en) | Lockset, mobile terminal, lockset control method and Lock control system | |
| CN108900296B (en) | Secret key storage method based on biological feature identification | |
| CN102456102A (en) | Method for carrying out identity recertification on particular operation of information system by using Usb key technology | |
| US9411949B2 (en) | Encrypted image with matryoshka structure and mutual agreement authentication system and method using the same | |
| Stokkenes et al. | Biometric authentication protocols on smartphones: An overview | |
| CN106921489A (en) | A kind of data ciphering method and device | |
| CN105608775A (en) | Authentication method, terminal, access control card and SAM card | |
| CN108460872A (en) | The control method and device of smart lock | |
| CN112735005A (en) | Access control card, authorization and verification method thereof, terminal subsystem and access control system | |
| CN104751044A (en) | Dynamic password identity authentication system and method | |
| KR101624394B1 (en) | Device for authenticating password and operating method thereof | |
| CN112712623A (en) | Access control system and processing method thereof and terminal subsystem | |
| Lee et al. | A study on a secure USB mechanism that prevents the exposure of authentication information for smart human care services | |
| CN111526010A (en) | Key escrow method suitable for user identity authentication | |
| CN107332989B (en) | Data protection system and data protection method of mobile terminal | |
| KR101669770B1 (en) | Device for authenticating password and operating method thereof | |
| CN106357606A (en) | Authentication method, authentication device and terminal |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20150701 |
|
| WD01 | Invention patent application deemed withdrawn after publication |