CN104917722B - The method, apparatus and system of authentication - Google Patents
The method, apparatus and system of authentication Download PDFInfo
- Publication number
- CN104917722B CN104917722B CN201410086606.1A CN201410086606A CN104917722B CN 104917722 B CN104917722 B CN 104917722B CN 201410086606 A CN201410086606 A CN 201410086606A CN 104917722 B CN104917722 B CN 104917722B
- Authority
- CN
- China
- Prior art keywords
- keyword
- character
- verified
- client
- label
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Landscapes
- Mobile Radio Communication Systems (AREA)
- Collating Specific Patterns (AREA)
Abstract
The present embodiment provides a kind of method, apparatus of authentication and systems, are related to Internet technical field, to solve the problems, such as that picture selective type identifying code expends data traffic and invents.The method comprise the steps that pulling width verifying picture from authentication code database, verifying picture binding has label keyword corresponding with verifying image content and character option set;Verifying picture and character option set are sent to client;The keyword to be verified that client is sent is received, at least one character that keyword to be verified is selected in character option set by user forms;It is whether identical as label keyword to compare keyword to be verified;If keyword to be verified is identical as label keyword, client identity is notified to be proved to be successful, otherwise notifies client identity authentication failed.Present invention is mainly applied in the authentication process itself of mobile client.
Description
Technical field
The present invention relates to Internet technical field more particularly to the method, apparatus and system of a kind of authentication.
Background technique
It is computer or the public full auto-programs of the mankind that identifying code, which is a kind of differentiation operation object, is chiefly used in account and steps on
During record, shopping at network, forum post.Since verification process needs the participation of human thinking activities, the appearance of identifying code can
To prevent specific calculation program from carrying out Brute Force to user password, it is capable of the personal information of effective protection user.
Traditional identifying code is usually to show a string of characters to user in the form of picture, is shown by user according to picture
Content typing character in input frame.This mode is only required to user and executes input operation, the think of being related to the character seen
Dimension activity is relatively simple, is easy to be imitated by computer learning.
For the complexity for improving human thinking activities in verification process, a kind of picture selective type verifying is had also appeared at present
Code, this identifying code by several pictures and one as verify the crucial phrase of foundation at.When carrying out authentication, Yong Hugen
Picture corresponding with the keyword is selected to be clicked in several pictures according to the meaning expressed by keyword, for example, when key
When word is " mobile phone ", user needs to select picture of mobile telephone to click in the picture of various electric appliances.Due to keyword and picture
Between matching need based on people's lives common sense (including to article cognition and classification experience) complete, involved in think
Dimension activity is increasingly complex, and computer can not learn to imitate this thought process easily, therefore picture selective type identifying code can be more
Add and effectively user identity (people or machine) is verified.
Although picture selective type identifying code can effectively verify user identity, lacked however, there are also some
Fall into: client needs to pull pictorial information from network side when authentication, and the data volume of usual pictorial information is significantly larger than text
The data volume of information, and the picture number that picture selective type identifying code is related to is more, thus authentication can expend it is more
Data traffic, for mobile client, the traffic overhead of such degree is that user can not be received.In addition, mistake
Big volume of transmitted data can also extend the load time of the verifying page, influence the normal use of user.
Summary of the invention
The embodiment of the present invention provides the method, apparatus and system of a kind of authentication, can guarantee identifying code verifying effect
Under the premise of fruit, solve the problems, such as that picture selective type identifying code expends data traffic.
On the one hand, the embodiment of the invention provides a kind of methods of authentication, comprising:
Width verifying picture is pulled from authentication code database, the verifying picture binding has and the verifying image content
Corresponding label keyword and character option set, wherein the character option set includes to form the label keyword
All standard characters and at least one interference character different from the standard character;
The verifying picture and the character option set are sent to client;
The keyword to be verified that the client is sent is received, the keyword to be verified is by user in the character option
At least one character composition selected in set;
It compares the keyword to be verified and whether the label keyword is identical;
If the keyword to be verified is identical as the label keyword, the client identity is notified to be proved to be successful,
Otherwise the client identity authentication failed is notified.
On the other hand, the embodiment of the invention provides a kind of devices of authentication, comprising:
Data pull unit, for pulling width verifying picture from authentication code database, the verifying picture binding has
Label keyword corresponding with the verifying image content and character option set, wherein the character option set includes group
At all standard characters of the label keyword and at least one interference character different from the standard character;
Data transmission unit, for sending the verifying picture that the data pull unit pulls and described to client
Character option set;
Data receipt unit, the keyword to be verified sent for receiving the client, the keyword to be verified by
At least one character composition that user selects in the character option set;
Result verification unit, for comparing the received keyword to be verified of the data receipt unit and the data
Whether identical pull the label keyword that unit pulls;
The data transmission unit is also used to compare the keyword to be verified and the mark when the result verification unit
When label keyword is identical, the client identity is notified to be proved to be successful, when the result verification unit compares the pass to be verified
When keyword and the label keyword difference, the client identity authentication failed is notified.
The third aspect, the embodiment of the invention provides a kind of systems of authentication, and the system comprises network-side services
Device and client have data interaction relationship between the network side server and the client;Wherein,
The network side server, for pulling width verifying picture from authentication code database, the verifying picture is tied up
Surely there are label keyword corresponding with the verifying image content and character option set, and send the proof diagram to client
Piece and the character option set, wherein the character option set includes to form all standard words of the label keyword
Symbol and at least one interference character different from the standard character;
The client, the verifying picture and the character option collection sent for showing the network side server
It closes, receives user according to the keyword to be verified of the character option Resource selection, wherein the keyword to be verified is by user
At least one character composition selected in the character option set;
The network side server is also used to receive the keyword to be verified that the client is sent, compare it is described to
It verifies keyword and whether the label keyword is identical, if the keyword to be verified is identical as the label keyword,
It notifies the client identity to be proved to be successful, otherwise notifies the client identity authentication failed.
The method, apparatus and system of authentication provided in an embodiment of the present invention can be obtained at random by network side server
It takes a width to verify picture, and label keyword corresponding with the verifying image content and includes label keyword criteria character
And the character option set of interference character, and the verifying picture and character option set are sent to client progress identity and tested
Card.User chooses one or more from character option set when carrying out authentication, according to the understanding to verifying image content
Character forms keyword to be verified.In the keyword to be verified for receiving client and reporting, network side server compares to be verified
Whether keyword and the label keyword are identical, if the two is identical, client identity are notified to be proved to be successful, if the two is not
Together, then client identity authentication failed is notified.Since verification process pertains only to the transmission of a width picture, and the word of character types
It is smaller to accord with data volume shared by option set, thus with the picture selective type identifying code scheme phase of transmitting several pictures in the prior art
Than the data traffic of client especially mobile client can be greatlyd save.Simultaneously as verification process also relates to user
Cognition to verifying image content and the matching with verifying keyword, therefore can equally guarantee identifying code verification the verifying results.
Detailed description of the invention
In order to more clearly explain the embodiment of the invention or the technical proposal in the existing technology, to embodiment or will show below
There is attached drawing needed in technical description to be briefly described, it should be apparent that, the accompanying drawings in the following description is only this
Some embodiments of invention for those of ordinary skill in the art without creative efforts, can be with
It obtains other drawings based on these drawings.
Fig. 1 is the method flow diagram of authentication in the embodiment of the present invention;
Fig. 2 is the schematic diagram of authentication process itself in the embodiment of the present invention;
Fig. 3 is the schematic diagram of authentication process itself in the prior art;
Fig. 4 is the method flow diagram of another authentication in the embodiment of the present invention;
Fig. 5 is the structural schematic diagram of the device of authentication in the embodiment of the present invention;
Fig. 6 is the structural schematic diagram of the device of another authentication in the embodiment of the present invention;
Fig. 7 is the system architecture schematic diagram of authentication in the embodiment of the present invention.
Specific embodiment
Below in conjunction with the attached drawing in the present embodiment, the technical solution in the present embodiment is clearly and completely described,
Obviously, described embodiments are only a part of the embodiments of the present invention, instead of all the embodiments.Based in the present invention
Embodiment, every other embodiment obtained by those of ordinary skill in the art without making creative efforts, all
Belong to the scope of protection of the invention.
For the data traffic expense saved in authentication process itself, while guaranteeing the verification the verifying results of identifying code, the present embodiment
A kind of method of authentication is provided, this method is mainly used in network side server, to realize a kind of more saving number
According to the authentication scheme of flow, as shown in Figure 1, this method comprises:
101, width verifying picture is pulled from authentication code database.
When user logs in personal account or posts in forum, need to carry out authentication.Client passes through specific
Uniform resource locator (Uniform/Universal Resource Locator, abbreviation URL) is pulled from network side server
The identifying code page.
Network side server pulls a width proof diagram after receiving the checking request of client from authentication code database
Piece.The verifying picture for being largely used to authentication is prestored in authentication code database, these pictures can be artificial screening and obtain
, it is also possible to automatically obtain by specific program.Each width verifying picture, which is all bound, has label corresponding with its content to close
Keyword and character option set, such as the label keyword of auto graph binding is " automobile ", the label of computer picture binding closes
Keyword is " computer " etc..The character option set is gone out by network operator's artificial screening, or by specific program Automatic sieve
The character set for selecting and going out inputs the alternative characters foundation of answer during authentication as user.In general, character selects
There are incidence relation between item set and label keyword, this incidence relation is in particular in terms of two: first, character choosing
It must include all standard characters of composition label keyword in item set, such as label keyword " mobile phone ", word
It needs in symbol option set comprising " hand " and " machine " two characters;Second, in addition to it must include all standard characters, character option
In set must also include at least one interference character different from standard character, such as label keyword " mobile phone " and
It says, needs to interfere character comprising " electricity ", " depending on ", " exhaling ", " crying " etc. in character option set.
In the present embodiment, different verifying pictures binds different label keyword and character option set, in other words,
Every width verifying picture is all corresponded with a label keyword, and is corresponded with a character option set, is corresponded to and is closed
System can manually be established by network operator, or be based on a large amount of user data learning training by specific program and obtained.
102, verifying picture and character option set are sent to client.
After obtaining binding and having the verifying picture of label keyword and character option set, network side server is by proof diagram
Piece and character option set are sent to client and carry out authentication, and corresponding label keyword is then as verifying according to caching
In network side server.
Client shows the identifying code page pulled, and in identifying code page after the response for obtaining network side server
The verifying picture and character option set that network side server is sent are shown in face.User's content according to expressed by verifying picture
In character option Resource selection one or more character, the keyword to be verified as authentication answer is formed, by client
Network side server is sent to be verified.
103, the keyword to be verified that client is sent is received.
Network side server receives keyword to be verified be made of user's selection, as subsequent authentication object, executes
Step 104.
104, it is whether identical that keyword and label keyword to be verified are compared.
Network side server by obtained in the keyword to be verified received and step 101 and cache, as verifying according to
According to label keyword be compared, if keyword to be verified is identical as label keyword, show subscriber authentication success,
Execute step 105;If keyword to be verified is different from label keyword, shows that subscriber authentication fails, execute step
106。
If 105, keyword to be verified is identical as label keyword, client identity is notified to be proved to be successful.
When comparison result is that keyword to be verified is identical as label keyword, network side server notifies client identity
It is proved to be successful, client can continue subsequent relevant operation, such as pull the individual subscriber homepage page, post.
If 106, keyword to be verified is different from label keyword, client identity authentication failed is notified.
When comparison result is keyword to be verified and label keyword difference, network side server notifies client identity
Authentication failed, client can terminate the page request operation (such as log in personal homepage) of user, or can also again to
Network side server request carries out authentication.
In the following, being carried out in conjunction with the implementation of above-mentioned steps 101 to step 106 to a kind of application scenarios of the present embodiment
It introduces:
User's registration website members, after having filled in personal information, client is pulled to network side server request and is tested
Demonstrate,prove interface.Network side server obtains verifying picture as shown in Figure 2 from authentication code database, obtains together with the verifying picture
Also label keyword " mobile phone " and the character option set taken, the verifying picture and character option that network side server will acquire
Set is sent to client and is shown, the label keyword that will acquire is cached in local.
The verifying interface that user is shown by client successively selection " hand " and " machine " two in character option set
Character, the character and user that client is selected according to user select be sequentially generated keyword to be verified " mobile phone " of character to send
To network side server.The label keyword of keyword to be verified " mobile phone " and caching that network side server sends client
" mobile phone " is compared, and both judges identical, and notice client identity is proved to be successful, and complete subsequent personal information submit,
The registration steps such as audit;If the keyword to be verified that user selects is " pager " or " television set ", network side server is sentenced
Breaking, it is not identical as label keyword " mobile phone ", notifies client identity authentication failed, and client is waited to request to pull again
Verifying interface re-starts authentication.
Existing picture click verification mode as shown in figure 3, client receive that network side issues several are irrelevant
Picture and a model answer " mobile phone " as picture selection gist.User is found out according to the prompt of model answer and point
The picture for indicating mobile phone is hit, authentication is completed.
Can be seen that existing authentication mode by the comparison of Fig. 2 and Fig. 3 needs client to receive several figures
Piece can expend more data traffic, and client only needs to receive width verifying picture and data volume phase in the present embodiment
To negligible character option set, the data traffic expense of client can be greatly reduced compared with prior art.
Simultaneously as verification process also needs the corresponding relationship that user is artificially established according to existence general knowledge between picture and " answer ",
Therefore the method for authentication provided in this embodiment can achieve verification the verifying results same as the prior art.Further, since testing
The picture number that card process is related to greatly reduces, therefore can also reduce in authentication code database in terms of existing technologies
Data storage capacity reduces the complexity of picture classification, reduces the cost of labor of identifying code data maintenance.
Further, based on the comparison to Fig. 2 and Fig. 3 to the safety of the present embodiment and identifying code in the prior art into
Row comparative analysis.In the present embodiment, if carrying out Brute Force to identifying code by specific program, success is disposably cracked
Probability beWherein m is the character quantity in character option set, and n is the character quantity of label keyword.And existing skill
Specific program disposably cracks successful probability to identifying code and is in artWherein m is alternative picture number, and n is to need
The picture number (usually 1) of selection.The method that can be seen that authentication provided in this embodiment by above-mentioned comparison, by
In being related to putting in order between character, thus compared with the prior art for can substantially reduce and successfully crack the general of identifying code
Rate improves the difficulty of Brute Force.In the prior art, if by increasing alternative picture number or selecting the side of picture number
Formula reduction cracks probability, then can sharply increase the data traffic expense of client, and in the present embodiment, increase character option collection
Influence of the character quantity of conjunction or label keyword to client data traffic overhead is very little, but cracks probability in reduction
Effect on be then much better than the prior art.
Further, it as the refinement to method shown in Fig. 1 and further expands, the present embodiment additionally provides a kind of identity
The method of verifying, as shown in figure 4, this method comprises:
401, label keyword and character option set are established for verifying picture.
Before authenticating phase, network side server establishes authentication code database, and in authentication code database
Each width verifying picture establishes label keyword and character option set.
When establishing label keyword and character option set, for avoid verifying picture and label keyword (and character select
Set) between obscure, can for every width verify picture establish one-to-one label keyword and character option set.Institute
Meaning, which corresponds, refers to the corresponding label keyword of width verifying picture and character option set, the label of difference verifying picture
Keyword (or character option set) is different.For example, auto graph corresponding label keyword " automobile " and comprising with vapour
The character option set of vehicle relevant character, and picture of mobile telephone corresponding label keyword " mobile phone " rather than label keyword " automobile ",
Corresponding character option set includes character relevant to mobile phone, does not include character relevant to automobile.
Further, it is contemplated that user group has the difference in cognition and statement level to identical things in practical application
It is different, to avoid the influence caused by authentication procedures of this species diversity, in a kind of preferred embodiment of the present embodiment, network side clothes
Business device can also verify picture for each width and establish two or more corresponding label keywords, these label keywords are being stated
It is upper different, but both for the description of same thing.Such as picture of mobile telephone, can for it establishes " mobile phone ",
The different label keyword such as " communication apparatus ", " terminal ", " user equipment " can build tablet computer picture then for it
The different label keyword such as vertical " computer ", " tablet computer " " palm PC " even " ipad ", to adapt to different use as far as possible
The statement at family is accustomed to, and form of presentation is avoided to have differences the erroneous effects to verification result.
From establish unlike multiple label keywords, when establishing character option set, still for every width verify picture build
A character option set is found, but all standard words of at least two label keywords of composition should be included in the character option set
Symbol.It should include word in character option set such as " mobile phone ", " communication apparatus ", " terminal " three label keywords
Accord with " hand ", " machine ", " logical ", " news ", " setting ", " standby ", " end " and " end " these standard characters.
402, a unique signature mark is generated for verifying picture.
In practical application, network side server often carries out identity simultaneously to multiple client on synchronization and tests
Card can be verified in the present embodiment when establishing authentication code database for each width to distinguish to different verification process
Picture distributes a signature mark, to distinguish in subsequent verification process to different identifying objects.Network side clothes
Business device can be identified distribution as distribution foundation using the sequencing for generating verifying picture, can also be by pre-defined algorithm
Verifying picture generates one at random and identifies different signature mark, the present embodiment not generation to signature mark with other signatures
Mode is defined.
It should be noted that above-mentioned steps 401 and step 402 be establish verify picture after execute the step of,
Step executes sequence in no particular order, can also be executed simultaneously.
403, width verifying picture is pulled from authentication code database.
The implementation of this step is identical as the implementation of Fig. 1 step 101, and details are not described herein again.In addition, and step
Unlike 101, network side server is in addition to pulling verifying picture, label keyword and character option set, it is also necessary to pull
It is identified with the signature of verifying picture binding.
In a kind of preferred embodiment of the present embodiment, interference element can also be added by verifying in picture, to prevent specific journey
Sequence identifies image content by picture recognition means.Wherein, interference element include but is not limited to be noise, interfering line,
Picture rotation, picture distortion.
404, the verifying picture and character option set of binding signature mark are sent to client.
Verifying picture is being sent to client and when character option set, network side server will be bound with verifying picture
Signature mark is sent to client together, to use when subsequent comparison keyword to be verified.
405, the keyword to be verified and signature mark that client is sent are received.
It is similar with Fig. 1 step 103 after user selects character to form keyword to be verified in character option set,
Keyword to be verified is reported to network side server by client.In addition, the also step reported together with keyword to be verified
The signature mark that network side server issues in 404.
406, according to the label keyword of signature identifier lookup and verifying picture binding.
Before keyword to be verified is compared, network side server is firstly the need of finding as comparing foundation
Label keyword.And search label keyword foundation then be sent in advance client and by client in step 405
The signature mark reported.Network side server is according to the signature identifier lookup and obtains the corresponding label keyword for verifying picture.
407, it is whether identical that keyword and label keyword to be verified are compared.
As previously mentioned, verifying picture can correspond to a label keyword, multiple label keywords can also be corresponded to, for
The alignments of different corresponding relationships, keyword to be verified are had nothing in common with each other, specific:
1) the corresponding label keyword of verifying picture
Keyword to be verified is compared with the label keyword for network side server, if the two is identical, executes
Step 408, if the two is different, 409 are thened follow the steps.
2) verifying picture corresponds to multiple label keywords
Keyword to be verified is compared network side server respectively with multiple label keywords, if key to be verified
Word is identical as some label keyword in multiple label keywords, thens follow the steps 408, if keyword to be verified with it is multiple
All label keywords in label keyword are all different, and then follow the steps 409.
If 408, keyword to be verified is identical as label keyword, client identity is notified to be proved to be successful.
If 409, keyword to be verified is different from label keyword, client identity authentication failed is notified.
The implementation of step 408 and step 409 is identical as the implementation of step 105 and step 106 in Fig. 1 respectively,
Details are not described herein again.
Further, it is contemplated that lead between the error-critical word and correct label keyword that user selects in practical application
It is commonly present association (such as when label keyword is " mobile phone ", the keyword to be verified that user selects may be " making a phone call "),
Therefore in another preferred embodiment of the present embodiment, the keyword of these mistakes can also be added to character as distracter
In option set, to enhance the fascination of interference character.Specifically, network side server can be after step 409, to mistake
Keyword to be verified parsed, using character therein as interference character be added in character option set, next time
When carrying out authentication using the verifying picture, the character option set for being supplied to client is after adding new interference character
Character option set.
It should be noted that when modifying character option set according to error-critical word and avoid being added in character option set
Some characters, such as when there is interference character " electricity " and " brain " in former character option set, network side server should not just be incited somebody to action
Character " electricity " in error-critical word is then added in character option set.
It further, is the statement habit for catering to most users, in the last one preferred embodiment of the present embodiment,
Network side server can also modify to label keyword according to the error-critical word that user selects.Specifically, in step
After 409, network side server carries out statistics screening to the error-critical word of certain sample space, if most users (example
User such as 80%) it is " ipad " to the keyword to be verified of tablet computer picture selection rather than is label keyword " plate electricity
The label keyword of the corresponding proof diagram piece can be revised as " ipad " by " tablet computer " by brain ", network side server, thus
Avoid the influence caused by verification result due to label keyword excessively minority.
Further, as the realization to method shown in above-mentioned Fig. 1 or Fig. 4, the present embodiment additionally provides a kind of identity and tests
The device of card, the device are located at network side, can be placed in inside network side server, can also be placed in outside network side server
Data interaction is simultaneously realized by special interface and network side server in portion.As shown in figure 5, the device includes: data pull unit
51, data transmission unit 52, data receipt unit 53 and result verification unit 54, wherein
Data pull unit 51, for pulled from authentication code database a width verifying picture, verifying picture binding have with
Verify the corresponding label keyword of image content and character option set, wherein character option set includes that composition label is crucial
All standard characters of word and at least one interference character different from standard character;
Data transmission unit 52, for sending the verifying picture and character option that data pull unit 51 pulls to client
Set;
Data receipt unit 53, for receiving the keyword to be verified of client transmission, keyword to be verified is existed by user
At least one character composition selected in character option set;
Result verification unit 54, for the received keyword to be verified of comparison data receiving unit 53 and data pull unit
Whether the 51 label keywords that pull are identical;
Data transmission unit 52 is also used to when to compare keyword to be verified identical as label keyword for result verification unit 54
When, notice client identity is proved to be successful, when result verification unit 54 compares keyword to be verified and label keyword difference,
Notify client identity authentication failed.
Further, as shown in fig. 6, the device further include:
First mapping establish unit 61, for data pull unit 51 pulled from authentication code database verifying picture it
Before, it is that every width verifying picture establishes one-to-one label keyword and character option set in authentication code database.
Further, as shown in fig. 6, the device further include:
Second mapping establish unit 62, for data pull unit 51 pulled from authentication code database verifying picture it
Before, it is that every width verifying picture establishes at least two different label keywords and a corresponding character in authentication code database
Option set, wherein at least two label keywords are the different expression to same width verifying image content, character option set
All standard characters comprising forming at least two label keywords.
Further, result verification unit 54 is used for when the corresponding at least two label keyword of verifying picture, will be to be tested
Card keyword is compared respectively at least two label keywords;
Data transmission unit 52 is used for when some label in keyword to be verified and at least two label keywords is crucial
When word is identical, notice client identity is proved to be successful, all marks in keyword to be verified and at least two label keywords
When label keyword is all different, client identity authentication failed is notified.
Further, as shown in fig. 6, the device further include:
Identification generation unit 63, for sending verifying picture and character option set to client in data transmission unit 52
Before, a unique signature mark is generated for verifying picture;
Data transmission unit 52 is used to for the signature mark that identification generation unit 63 generates being sent to verifying picture binding
Client.
Further, as shown in fig. 6, the device further include: data searching unit 64;
Data receipt unit 53 is used to receive the keyword to be verified and signature mark of client transmission;
Data searching unit 64, for result verification unit 54 compare keyword to be verified and label keyword whether phase
With before, according to the label keyword of the received signature identifier lookup of data receipt unit 53 and verifying image content binding.
Further, as shown in fig. 6, the device further include:
Data unit 65, for working as, result verification unit 54 compares keyword to be verified and label keyword is not identical
When, after data transmission unit 52 notifies client identity authentication failed, using the character in keyword to be verified as interference
Character is added in character option set.
Further, as shown in fig. 6, the device further include:
Data processing unit 66, for sending verifying picture and character option set to client in data transmission unit 52
Before, interference element is added for the verifying picture that data pull unit 51 pulls, interference element includes: noise, interfering line, picture
Rotation, picture distortion.
The device of authentication provided in an embodiment of the present invention can be obtained at random a width proof diagram by network side server
Piece, and corresponding with verifying image content label keyword and include label keyword criteria character and interference character
Character option set, and the verifying picture and character option set are sent to client and carry out authentication.User is carrying out
It is to be verified from the one or more characters compositions of character option set selection according to the understanding to verifying image content when authentication
Keyword.In the keyword to be verified for receiving client and reporting, network side server compares keyword and the label to be verified
Whether keyword is identical, if the two is identical, client identity is notified to be proved to be successful, if the two is different, notifies client
Hold authentication failure.Since verification process pertains only to the transmission of a width picture, and the character option set institute of character types
Account for that data volume is smaller, therefore compared with the picture selective type identifying code scheme for transmitting several pictures in the prior art, it can be significantly
Save the data traffic of client especially mobile client.Simultaneously as verification process also relates to user to verifying picture
The cognition of content and matching with verifying keyword, therefore can equally guarantee identifying code verification the verifying results.
Further, as the realization to method shown in above-mentioned Fig. 1 or Fig. 4, the present embodiment additionally provides a kind of identity and tests
The system of card, as shown in fig. 7, the system is made of network side server 71 and client 72, network side server 71 includes such as
Fig. 5 or device shown in fig. 6.Wherein,
Network side server 71, for pulled from authentication code database a width verifying picture, verifying picture binding have with
The corresponding label keyword of image content and character option set are verified, and sends verifying picture and character option to client 72
Set, wherein character option set includes all standard characters and at least one and standard character of composition label keyword
Different interference characters;
Client 72 receives user for showing the verifying picture and character option set of the transmission of network side server 71
According to the keyword to be verified of character option Resource selection, wherein keyword to be verified is selected in character option set by user
At least one character composition selected;
Network side server 71 be also used to receive client 72 transmission keyword to be verified, compare keyword to be verified with
Whether label keyword is identical, if keyword to be verified is identical as label keyword, notifies 72 authentication of client success,
Otherwise notice 72 authentication of client failure.
The system of authentication provided in an embodiment of the present invention can be obtained at random a width proof diagram by network side server
Piece, and corresponding with verifying image content label keyword and include label keyword criteria character and interference character
Character option set, and the verifying picture and character option set are sent to client and carry out authentication.User is carrying out
It is to be verified from the one or more characters compositions of character option set selection according to the understanding to verifying image content when authentication
Keyword.In the keyword to be verified for receiving client and reporting, network side server compares keyword and the label to be verified
Whether keyword is identical, if the two is identical, client identity is notified to be proved to be successful, if the two is different, notifies client
Hold authentication failure.Since verification process pertains only to the transmission of a width picture, and the character option set institute of character types
Account for that data volume is smaller, therefore compared with the picture selective type identifying code scheme for transmitting several pictures in the prior art, it can be significantly
Save the data traffic of client especially mobile client.Simultaneously as verification process also relates to user to verifying picture
The cognition of content and matching with verifying keyword, therefore can equally guarantee identifying code verification the verifying results.
Through the above description of the embodiments, it is apparent to those skilled in the art that the present invention can borrow
Help software that the mode of required common hardware is added to realize, naturally it is also possible to which the former is more preferably by hardware, but in many cases
Embodiment.Based on this understanding, the portion that technical solution of the present invention substantially in other words contributes to the prior art
Dividing can be embodied in the form of software products, which stores in a readable storage medium, such as count
The floppy disk of calculation machine, hard disk or CD etc., including some instructions are used so that computer equipment (it can be personal computer,
Server or the network equipment etc.) execute method described in each embodiment of the present invention.
The above description is merely a specific embodiment, but scope of protection of the present invention is not limited thereto, any
Those familiar with the art in the technical scope disclosed by the present invention, can easily think of the change or the replacement, and should all contain
Lid is within protection scope of the present invention.Therefore, the protection scope of the present invention shall be subject to the protection scope of the claims.
Claims (15)
1. a kind of method of authentication characterized by comprising
Width verifying picture is pulled from authentication code database, the verifying picture binding has corresponding with the verifying image content
Label keyword and character option set, wherein the verifying picture includes image corresponding with the label keyword,
The character option set includes all standard characters and at least one and the standard word for forming the label keyword
Accord with different interference characters;
The verifying picture and the character option set are sent to client;
The keyword to be verified that the client is sent is received, the keyword to be verified is by user in the character option set
At least one character of middle selection forms;
When the corresponding at least two label keyword of the verifying picture, by the keyword to be verified and at least two mark
Label keyword is compared respectively;
If the keyword to be verified is identical as some label keyword in at least two labels keyword, institute is notified
Client identity is stated to be proved to be successful;
If the keyword to be verified is all different with all label keywords in at least two labels keyword, lead to
Know the client identity authentication failed.
2. the method according to claim 1, wherein pulling the proof diagram from the authentication code database
Before piece, the method further includes:
It is that every width verifying picture establishes one-to-one label keyword and character option set in the authentication code database.
3. the method according to claim 1, wherein pulled from authentication code database the verifying picture it
Before, the method further includes:
It is that every width verifying picture establishes at least two different label keywords and a correspondence in the authentication code database
Character option set, wherein at least two labels keyword be to same width verifying image content different expression, institute
Stating character option set includes all standard characters for forming at least two labels keyword.
4. the method according to claim 1, wherein described to the client transmission verifying picture and described
Before character option set, the method further includes:
A unique signature mark is generated for the verifying picture;
It is described to send the verifying picture and the character option set to client, comprising:
Signature mark and verifying picture binding are sent to the client.
5. according to the method described in claim 4, it is characterized in that, the key to be verified for receiving the client and sending
Word, comprising:
Receive the keyword to be verified and signature mark that the client is sent;
Before whether the comparison keyword to be verified and the label keyword are identical, the method is further wrapped
It includes:
According to the label keyword of the signature identifier lookup and the verifying picture binding.
6. the method according to claim 1, wherein if the keyword to be verified and the label keyword not
It is identical, then it is described notify the client identity authentication failed after, the method further includes:
It is added to the character in the keyword to be verified as interference character in the character option set.
7. the method according to claim 1, wherein described to the client transmission verifying picture and described
Before character option set, the method further includes:
Interference element is added for the verifying picture, the interference element includes: noise, interfering line, picture rotation, picture torsion
It is bent.
8. a kind of device of authentication characterized by comprising
Data pull unit, for pulling width verifying picture from authentication code database, the verifying picture binding has and institute
State the corresponding label keyword of verifying image content and character option set, wherein the verifying picture includes and the mark
Sign the corresponding image of keyword, the character option set includes all standard characters and extremely for forming the label keyword
A few interference character different from the standard character;
Data transmission unit, for sending the verifying picture and the character that the data pull unit pulls to client
Option set;
Data receipt unit, the keyword to be verified sent for receiving the client, the keyword to be verified is by user
At least one character composition selected in the character option set;
Result verification unit is used for when the corresponding at least two label keyword of the verifying picture, by the key to be verified
Word is compared respectively at least two labels keyword;
The data transmission unit is also used to when some in the keyword to be verified and at least two labels keyword
When label keyword is identical, the client identity is notified to be proved to be successful, when the keyword to be verified and described at least two
When all label keywords in label keyword are all different, the client identity authentication failed is notified.
9. device according to claim 8, which is characterized in that described device further include:
Unit is established in first mapping, for pulling the proof diagram from the authentication code database in the data pull unit
It is that every width verifying picture establishes one-to-one label keyword and character option collection in the authentication code database before piece
It closes.
10. device according to claim 8, which is characterized in that described device further include:
Unit is established in second mapping, for pulling the proof diagram from the authentication code database in the data pull unit
It is that every width verifying picture establishes at least two different label keywords and one right in the authentication code database before piece
The character option set answered, wherein at least two labels keyword is the different expression to same width verifying image content,
The character option set includes all standard characters for forming at least two labels keyword.
11. device according to claim 8, which is characterized in that described device further include:
Identification generation unit, for sending the verifying picture and the character option to client in the data transmission unit
Before set, a unique signature mark is generated for the verifying picture;
The data transmission unit is used to identify the signature that the identification generation unit generates and tie up with the verifying picture
Surely it is sent to the client.
12. device according to claim 11, which is characterized in that described device further include: data searching unit;
The data receipt unit is used to receive the keyword to be verified that the client is sent and signature mark;
The data searching unit, for comparing the keyword to be verified and label key in the result verification unit
Before whether word is identical, tied up according to the received signature identifier lookup of the data receipt unit with the verifying image content
The fixed label keyword.
13. device according to claim 8, which is characterized in that described device further include:
Data unit, for comparing the keyword to be verified and the label keyword not when the result verification unit
It, will be in the keyword to be verified after the data transmission unit notifies the client identity authentication failed when identical
Character as interference character be added in the character option set.
14. device according to claim 8, which is characterized in that described device further include:
Data processing unit, for sending the verifying picture and the character option to client in the data transmission unit
Before set, interference element is added for the verifying picture that the data pull unit pulls, the interference element includes: to make an uproar
Point, interfering line, picture rotation, picture distortion.
15. a kind of system of authentication, which is characterized in that the system comprises network side server and client, the net
Network side server includes the authentication means as described in claim 8 to 14;Wherein,
The network side server, for pulling width verifying picture from authentication code database, the verifying picture binding has
Label keyword corresponding with the verifying image content and character option set, and to client send the verifying picture and
The character option set, wherein the verifying picture includes image corresponding with the label keyword, the character choosing
Set is comprising forming all standard characters of the label keyword and at least one is different from the standard character dry
Disturb character;
The client, for showing the verifying picture and the character option set that the network side server is sent,
User is received according to the keyword to be verified of the character option Resource selection, wherein the keyword to be verified is existed by user
At least one character composition selected in the character option set;
The network side server is also used to receive the keyword to be verified that the client is sent, when the verifying picture
When corresponding at least two label keyword, the keyword to be verified and at least two labels keyword are compared respectively
It is right, if the keyword to be verified is identical as some label keyword in at least two labels keyword, notify institute
Client identity is stated to be proved to be successful;If all labels in the keyword to be verified and at least two labels keyword close
Keyword is all different, then notifies the client identity authentication failed.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201410086606.1A CN104917722B (en) | 2014-03-11 | 2014-03-11 | The method, apparatus and system of authentication |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201410086606.1A CN104917722B (en) | 2014-03-11 | 2014-03-11 | The method, apparatus and system of authentication |
Publications (2)
Publication Number | Publication Date |
---|---|
CN104917722A CN104917722A (en) | 2015-09-16 |
CN104917722B true CN104917722B (en) | 2019-07-12 |
Family
ID=54086435
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201410086606.1A Active CN104917722B (en) | 2014-03-11 | 2014-03-11 | The method, apparatus and system of authentication |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN104917722B (en) |
Families Citing this family (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105491010A (en) * | 2015-11-19 | 2016-04-13 | 上海携程商务有限公司 | Cross validation method and system for verification codes |
CN106209810A (en) * | 2016-07-03 | 2016-12-07 | 韦建峰 | A kind of verification method and generating means |
CN106355073A (en) * | 2016-08-26 | 2017-01-25 | 上海铁壳网络科技有限公司 | A proof technique of and man-machine and proving system |
CN106485261B (en) * | 2016-09-08 | 2020-06-02 | 北京小米移动软件有限公司 | Image recognition method and device |
CN106485114B (en) * | 2016-11-10 | 2019-12-31 | 北京像素软件科技股份有限公司 | Data verification method and device |
CN108512850A (en) * | 2018-04-02 | 2018-09-07 | 广东能龙教育股份有限公司 | Processing method of intelligent verification code based on question and answer questions |
CN110895602B (en) * | 2018-09-13 | 2021-12-14 | 中移(杭州)信息技术有限公司 | Identity authentication method and device, electronic equipment and storage medium |
CN111291352B (en) * | 2018-12-10 | 2024-02-02 | 北京京东尚科信息技术有限公司 | Label data generation method and device |
CN114978742B (en) * | 2022-06-08 | 2024-04-23 | 中国电信股份有限公司 | Verification information generation method, verification method and device |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101976430A (en) * | 2010-10-29 | 2011-02-16 | 赵俊平 | Method for generating picture verification codes and system thereof |
CN103188263A (en) * | 2013-03-22 | 2013-07-03 | 百度在线网络技术(北京)有限公司 | Verification method, system and device |
CN103400107A (en) * | 2013-07-05 | 2013-11-20 | 百度在线网络技术(北京)有限公司 | Method and device for generating dynamic verification code picture, and verification method and device |
CN103455965A (en) * | 2012-05-30 | 2013-12-18 | 北京小米科技有限责任公司 | Verification image based verification method, device and server |
Family Cites Families (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1871602A (en) * | 2003-10-20 | 2006-11-29 | 罗吉加利斯公司 | Method, system, apparatus, and machine-readable medium for use in connection with a server that uses images or audio for initiating remote function calls |
US20120180115A1 (en) * | 2011-01-07 | 2012-07-12 | John Maitland | Method and system for verifying a user for an online service |
CN103428163A (en) * | 2012-05-15 | 2013-12-04 | 上海博路信息技术有限公司 | Verification code based on image content |
-
2014
- 2014-03-11 CN CN201410086606.1A patent/CN104917722B/en active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101976430A (en) * | 2010-10-29 | 2011-02-16 | 赵俊平 | Method for generating picture verification codes and system thereof |
CN103455965A (en) * | 2012-05-30 | 2013-12-18 | 北京小米科技有限责任公司 | Verification image based verification method, device and server |
CN103188263A (en) * | 2013-03-22 | 2013-07-03 | 百度在线网络技术(北京)有限公司 | Verification method, system and device |
CN103400107A (en) * | 2013-07-05 | 2013-11-20 | 百度在线网络技术(北京)有限公司 | Method and device for generating dynamic verification code picture, and verification method and device |
Also Published As
Publication number | Publication date |
---|---|
CN104917722A (en) | 2015-09-16 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN104917722B (en) | The method, apparatus and system of authentication | |
CN105337949B (en) | A kind of SSO authentication method, web server, authentication center and token verify center | |
CN106209763B (en) | A kind of login method and system | |
CN104580264B (en) | Login method, entering device and login and Accreditation System | |
US9979721B2 (en) | Method, server, client and system for verifying verification codes | |
CN108011863B (en) | Method and device for identifying brute force cracking | |
CN101771676B (en) | Setting and authentication method for cross-domain authorization and relevant device and system | |
CN103841111B (en) | A kind of method for preventing Data duplication from submitting and server | |
CN106789855A (en) | The method and device of user login validation | |
CN105847245A (en) | Electronic mail box login authentication method and device | |
CN104657653B (en) | The verification method and checking device of image authentication code | |
CN105162604B (en) | A kind of verification method, server and system based on characteristic image identification | |
CN104580376B (en) | The methods, devices and systems connected between terminal are established in a local network | |
CN106385403B (en) | A kind of the user account register method and relevant device of self-help print equipment | |
CN104184709A (en) | Verification method, device, server, service data center and system | |
CN104796408B (en) | Single-point live login method and single-point live login device | |
CN107832941A (en) | Order processing method and device | |
CN113988314A (en) | Cluster federal learning method and system for selecting client | |
CN104836777B (en) | Identity verification method and system | |
CN106470200A (en) | A kind of auth method and relevant apparatus | |
CN103561063B (en) | A kind of method of Register top box and terminal | |
CN110233850A (en) | Register method, application server, user terminal and system based on alliance's chain | |
CN107517180A (en) | Login method and device | |
CN108123806A (en) | The generation method of question-type picture validation code | |
CN106878298A (en) | The integrated approach of a kind of authenticating device and website, system and device |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |