CN104917722B - The method, apparatus and system of authentication - Google Patents

The method, apparatus and system of authentication Download PDF

Info

Publication number
CN104917722B
CN104917722B CN201410086606.1A CN201410086606A CN104917722B CN 104917722 B CN104917722 B CN 104917722B CN 201410086606 A CN201410086606 A CN 201410086606A CN 104917722 B CN104917722 B CN 104917722B
Authority
CN
China
Prior art keywords
keyword
character
verified
client
label
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201410086606.1A
Other languages
Chinese (zh)
Other versions
CN104917722A (en
Inventor
王玉叶
刘金星
张彦玲
孙淑芹
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Tencent Technology Shenzhen Co Ltd
Original Assignee
Tencent Technology Shenzhen Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Tencent Technology Shenzhen Co Ltd filed Critical Tencent Technology Shenzhen Co Ltd
Priority to CN201410086606.1A priority Critical patent/CN104917722B/en
Publication of CN104917722A publication Critical patent/CN104917722A/en
Application granted granted Critical
Publication of CN104917722B publication Critical patent/CN104917722B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Landscapes

  • Mobile Radio Communication Systems (AREA)
  • Collating Specific Patterns (AREA)

Abstract

The present embodiment provides a kind of method, apparatus of authentication and systems, are related to Internet technical field, to solve the problems, such as that picture selective type identifying code expends data traffic and invents.The method comprise the steps that pulling width verifying picture from authentication code database, verifying picture binding has label keyword corresponding with verifying image content and character option set;Verifying picture and character option set are sent to client;The keyword to be verified that client is sent is received, at least one character that keyword to be verified is selected in character option set by user forms;It is whether identical as label keyword to compare keyword to be verified;If keyword to be verified is identical as label keyword, client identity is notified to be proved to be successful, otherwise notifies client identity authentication failed.Present invention is mainly applied in the authentication process itself of mobile client.

Description

The method, apparatus and system of authentication
Technical field
The present invention relates to Internet technical field more particularly to the method, apparatus and system of a kind of authentication.
Background technique
It is computer or the public full auto-programs of the mankind that identifying code, which is a kind of differentiation operation object, is chiefly used in account and steps on During record, shopping at network, forum post.Since verification process needs the participation of human thinking activities, the appearance of identifying code can To prevent specific calculation program from carrying out Brute Force to user password, it is capable of the personal information of effective protection user.
Traditional identifying code is usually to show a string of characters to user in the form of picture, is shown by user according to picture Content typing character in input frame.This mode is only required to user and executes input operation, the think of being related to the character seen Dimension activity is relatively simple, is easy to be imitated by computer learning.
For the complexity for improving human thinking activities in verification process, a kind of picture selective type verifying is had also appeared at present Code, this identifying code by several pictures and one as verify the crucial phrase of foundation at.When carrying out authentication, Yong Hugen Picture corresponding with the keyword is selected to be clicked in several pictures according to the meaning expressed by keyword, for example, when key When word is " mobile phone ", user needs to select picture of mobile telephone to click in the picture of various electric appliances.Due to keyword and picture Between matching need based on people's lives common sense (including to article cognition and classification experience) complete, involved in think Dimension activity is increasingly complex, and computer can not learn to imitate this thought process easily, therefore picture selective type identifying code can be more Add and effectively user identity (people or machine) is verified.
Although picture selective type identifying code can effectively verify user identity, lacked however, there are also some Fall into: client needs to pull pictorial information from network side when authentication, and the data volume of usual pictorial information is significantly larger than text The data volume of information, and the picture number that picture selective type identifying code is related to is more, thus authentication can expend it is more Data traffic, for mobile client, the traffic overhead of such degree is that user can not be received.In addition, mistake Big volume of transmitted data can also extend the load time of the verifying page, influence the normal use of user.
Summary of the invention
The embodiment of the present invention provides the method, apparatus and system of a kind of authentication, can guarantee identifying code verifying effect Under the premise of fruit, solve the problems, such as that picture selective type identifying code expends data traffic.
On the one hand, the embodiment of the invention provides a kind of methods of authentication, comprising:
Width verifying picture is pulled from authentication code database, the verifying picture binding has and the verifying image content Corresponding label keyword and character option set, wherein the character option set includes to form the label keyword All standard characters and at least one interference character different from the standard character;
The verifying picture and the character option set are sent to client;
The keyword to be verified that the client is sent is received, the keyword to be verified is by user in the character option At least one character composition selected in set;
It compares the keyword to be verified and whether the label keyword is identical;
If the keyword to be verified is identical as the label keyword, the client identity is notified to be proved to be successful, Otherwise the client identity authentication failed is notified.
On the other hand, the embodiment of the invention provides a kind of devices of authentication, comprising:
Data pull unit, for pulling width verifying picture from authentication code database, the verifying picture binding has Label keyword corresponding with the verifying image content and character option set, wherein the character option set includes group At all standard characters of the label keyword and at least one interference character different from the standard character;
Data transmission unit, for sending the verifying picture that the data pull unit pulls and described to client Character option set;
Data receipt unit, the keyword to be verified sent for receiving the client, the keyword to be verified by At least one character composition that user selects in the character option set;
Result verification unit, for comparing the received keyword to be verified of the data receipt unit and the data Whether identical pull the label keyword that unit pulls;
The data transmission unit is also used to compare the keyword to be verified and the mark when the result verification unit When label keyword is identical, the client identity is notified to be proved to be successful, when the result verification unit compares the pass to be verified When keyword and the label keyword difference, the client identity authentication failed is notified.
The third aspect, the embodiment of the invention provides a kind of systems of authentication, and the system comprises network-side services Device and client have data interaction relationship between the network side server and the client;Wherein,
The network side server, for pulling width verifying picture from authentication code database, the verifying picture is tied up Surely there are label keyword corresponding with the verifying image content and character option set, and send the proof diagram to client Piece and the character option set, wherein the character option set includes to form all standard words of the label keyword Symbol and at least one interference character different from the standard character;
The client, the verifying picture and the character option collection sent for showing the network side server It closes, receives user according to the keyword to be verified of the character option Resource selection, wherein the keyword to be verified is by user At least one character composition selected in the character option set;
The network side server is also used to receive the keyword to be verified that the client is sent, compare it is described to It verifies keyword and whether the label keyword is identical, if the keyword to be verified is identical as the label keyword, It notifies the client identity to be proved to be successful, otherwise notifies the client identity authentication failed.
The method, apparatus and system of authentication provided in an embodiment of the present invention can be obtained at random by network side server It takes a width to verify picture, and label keyword corresponding with the verifying image content and includes label keyword criteria character And the character option set of interference character, and the verifying picture and character option set are sent to client progress identity and tested Card.User chooses one or more from character option set when carrying out authentication, according to the understanding to verifying image content Character forms keyword to be verified.In the keyword to be verified for receiving client and reporting, network side server compares to be verified Whether keyword and the label keyword are identical, if the two is identical, client identity are notified to be proved to be successful, if the two is not Together, then client identity authentication failed is notified.Since verification process pertains only to the transmission of a width picture, and the word of character types It is smaller to accord with data volume shared by option set, thus with the picture selective type identifying code scheme phase of transmitting several pictures in the prior art Than the data traffic of client especially mobile client can be greatlyd save.Simultaneously as verification process also relates to user Cognition to verifying image content and the matching with verifying keyword, therefore can equally guarantee identifying code verification the verifying results.
Detailed description of the invention
In order to more clearly explain the embodiment of the invention or the technical proposal in the existing technology, to embodiment or will show below There is attached drawing needed in technical description to be briefly described, it should be apparent that, the accompanying drawings in the following description is only this Some embodiments of invention for those of ordinary skill in the art without creative efforts, can be with It obtains other drawings based on these drawings.
Fig. 1 is the method flow diagram of authentication in the embodiment of the present invention;
Fig. 2 is the schematic diagram of authentication process itself in the embodiment of the present invention;
Fig. 3 is the schematic diagram of authentication process itself in the prior art;
Fig. 4 is the method flow diagram of another authentication in the embodiment of the present invention;
Fig. 5 is the structural schematic diagram of the device of authentication in the embodiment of the present invention;
Fig. 6 is the structural schematic diagram of the device of another authentication in the embodiment of the present invention;
Fig. 7 is the system architecture schematic diagram of authentication in the embodiment of the present invention.
Specific embodiment
Below in conjunction with the attached drawing in the present embodiment, the technical solution in the present embodiment is clearly and completely described, Obviously, described embodiments are only a part of the embodiments of the present invention, instead of all the embodiments.Based in the present invention Embodiment, every other embodiment obtained by those of ordinary skill in the art without making creative efforts, all Belong to the scope of protection of the invention.
For the data traffic expense saved in authentication process itself, while guaranteeing the verification the verifying results of identifying code, the present embodiment A kind of method of authentication is provided, this method is mainly used in network side server, to realize a kind of more saving number According to the authentication scheme of flow, as shown in Figure 1, this method comprises:
101, width verifying picture is pulled from authentication code database.
When user logs in personal account or posts in forum, need to carry out authentication.Client passes through specific Uniform resource locator (Uniform/Universal Resource Locator, abbreviation URL) is pulled from network side server The identifying code page.
Network side server pulls a width proof diagram after receiving the checking request of client from authentication code database Piece.The verifying picture for being largely used to authentication is prestored in authentication code database, these pictures can be artificial screening and obtain , it is also possible to automatically obtain by specific program.Each width verifying picture, which is all bound, has label corresponding with its content to close Keyword and character option set, such as the label keyword of auto graph binding is " automobile ", the label of computer picture binding closes Keyword is " computer " etc..The character option set is gone out by network operator's artificial screening, or by specific program Automatic sieve The character set for selecting and going out inputs the alternative characters foundation of answer during authentication as user.In general, character selects There are incidence relation between item set and label keyword, this incidence relation is in particular in terms of two: first, character choosing It must include all standard characters of composition label keyword in item set, such as label keyword " mobile phone ", word It needs in symbol option set comprising " hand " and " machine " two characters;Second, in addition to it must include all standard characters, character option In set must also include at least one interference character different from standard character, such as label keyword " mobile phone " and It says, needs to interfere character comprising " electricity ", " depending on ", " exhaling ", " crying " etc. in character option set.
In the present embodiment, different verifying pictures binds different label keyword and character option set, in other words, Every width verifying picture is all corresponded with a label keyword, and is corresponded with a character option set, is corresponded to and is closed System can manually be established by network operator, or be based on a large amount of user data learning training by specific program and obtained.
102, verifying picture and character option set are sent to client.
After obtaining binding and having the verifying picture of label keyword and character option set, network side server is by proof diagram Piece and character option set are sent to client and carry out authentication, and corresponding label keyword is then as verifying according to caching In network side server.
Client shows the identifying code page pulled, and in identifying code page after the response for obtaining network side server The verifying picture and character option set that network side server is sent are shown in face.User's content according to expressed by verifying picture In character option Resource selection one or more character, the keyword to be verified as authentication answer is formed, by client Network side server is sent to be verified.
103, the keyword to be verified that client is sent is received.
Network side server receives keyword to be verified be made of user's selection, as subsequent authentication object, executes Step 104.
104, it is whether identical that keyword and label keyword to be verified are compared.
Network side server by obtained in the keyword to be verified received and step 101 and cache, as verifying according to According to label keyword be compared, if keyword to be verified is identical as label keyword, show subscriber authentication success, Execute step 105;If keyword to be verified is different from label keyword, shows that subscriber authentication fails, execute step 106。
If 105, keyword to be verified is identical as label keyword, client identity is notified to be proved to be successful.
When comparison result is that keyword to be verified is identical as label keyword, network side server notifies client identity It is proved to be successful, client can continue subsequent relevant operation, such as pull the individual subscriber homepage page, post.
If 106, keyword to be verified is different from label keyword, client identity authentication failed is notified.
When comparison result is keyword to be verified and label keyword difference, network side server notifies client identity Authentication failed, client can terminate the page request operation (such as log in personal homepage) of user, or can also again to Network side server request carries out authentication.
In the following, being carried out in conjunction with the implementation of above-mentioned steps 101 to step 106 to a kind of application scenarios of the present embodiment It introduces:
User's registration website members, after having filled in personal information, client is pulled to network side server request and is tested Demonstrate,prove interface.Network side server obtains verifying picture as shown in Figure 2 from authentication code database, obtains together with the verifying picture Also label keyword " mobile phone " and the character option set taken, the verifying picture and character option that network side server will acquire Set is sent to client and is shown, the label keyword that will acquire is cached in local.
The verifying interface that user is shown by client successively selection " hand " and " machine " two in character option set Character, the character and user that client is selected according to user select be sequentially generated keyword to be verified " mobile phone " of character to send To network side server.The label keyword of keyword to be verified " mobile phone " and caching that network side server sends client " mobile phone " is compared, and both judges identical, and notice client identity is proved to be successful, and complete subsequent personal information submit, The registration steps such as audit;If the keyword to be verified that user selects is " pager " or " television set ", network side server is sentenced Breaking, it is not identical as label keyword " mobile phone ", notifies client identity authentication failed, and client is waited to request to pull again Verifying interface re-starts authentication.
Existing picture click verification mode as shown in figure 3, client receive that network side issues several are irrelevant Picture and a model answer " mobile phone " as picture selection gist.User is found out according to the prompt of model answer and point The picture for indicating mobile phone is hit, authentication is completed.
Can be seen that existing authentication mode by the comparison of Fig. 2 and Fig. 3 needs client to receive several figures Piece can expend more data traffic, and client only needs to receive width verifying picture and data volume phase in the present embodiment To negligible character option set, the data traffic expense of client can be greatly reduced compared with prior art. Simultaneously as verification process also needs the corresponding relationship that user is artificially established according to existence general knowledge between picture and " answer ", Therefore the method for authentication provided in this embodiment can achieve verification the verifying results same as the prior art.Further, since testing The picture number that card process is related to greatly reduces, therefore can also reduce in authentication code database in terms of existing technologies Data storage capacity reduces the complexity of picture classification, reduces the cost of labor of identifying code data maintenance.
Further, based on the comparison to Fig. 2 and Fig. 3 to the safety of the present embodiment and identifying code in the prior art into Row comparative analysis.In the present embodiment, if carrying out Brute Force to identifying code by specific program, success is disposably cracked Probability beWherein m is the character quantity in character option set, and n is the character quantity of label keyword.And existing skill Specific program disposably cracks successful probability to identifying code and is in artWherein m is alternative picture number, and n is to need The picture number (usually 1) of selection.The method that can be seen that authentication provided in this embodiment by above-mentioned comparison, by In being related to putting in order between character, thus compared with the prior art for can substantially reduce and successfully crack the general of identifying code Rate improves the difficulty of Brute Force.In the prior art, if by increasing alternative picture number or selecting the side of picture number Formula reduction cracks probability, then can sharply increase the data traffic expense of client, and in the present embodiment, increase character option collection Influence of the character quantity of conjunction or label keyword to client data traffic overhead is very little, but cracks probability in reduction Effect on be then much better than the prior art.
Further, it as the refinement to method shown in Fig. 1 and further expands, the present embodiment additionally provides a kind of identity The method of verifying, as shown in figure 4, this method comprises:
401, label keyword and character option set are established for verifying picture.
Before authenticating phase, network side server establishes authentication code database, and in authentication code database Each width verifying picture establishes label keyword and character option set.
When establishing label keyword and character option set, for avoid verifying picture and label keyword (and character select Set) between obscure, can for every width verify picture establish one-to-one label keyword and character option set.Institute Meaning, which corresponds, refers to the corresponding label keyword of width verifying picture and character option set, the label of difference verifying picture Keyword (or character option set) is different.For example, auto graph corresponding label keyword " automobile " and comprising with vapour The character option set of vehicle relevant character, and picture of mobile telephone corresponding label keyword " mobile phone " rather than label keyword " automobile ", Corresponding character option set includes character relevant to mobile phone, does not include character relevant to automobile.
Further, it is contemplated that user group has the difference in cognition and statement level to identical things in practical application It is different, to avoid the influence caused by authentication procedures of this species diversity, in a kind of preferred embodiment of the present embodiment, network side clothes Business device can also verify picture for each width and establish two or more corresponding label keywords, these label keywords are being stated It is upper different, but both for the description of same thing.Such as picture of mobile telephone, can for it establishes " mobile phone ", The different label keyword such as " communication apparatus ", " terminal ", " user equipment " can build tablet computer picture then for it The different label keyword such as vertical " computer ", " tablet computer " " palm PC " even " ipad ", to adapt to different use as far as possible The statement at family is accustomed to, and form of presentation is avoided to have differences the erroneous effects to verification result.
From establish unlike multiple label keywords, when establishing character option set, still for every width verify picture build A character option set is found, but all standard words of at least two label keywords of composition should be included in the character option set Symbol.It should include word in character option set such as " mobile phone ", " communication apparatus ", " terminal " three label keywords Accord with " hand ", " machine ", " logical ", " news ", " setting ", " standby ", " end " and " end " these standard characters.
402, a unique signature mark is generated for verifying picture.
In practical application, network side server often carries out identity simultaneously to multiple client on synchronization and tests Card can be verified in the present embodiment when establishing authentication code database for each width to distinguish to different verification process Picture distributes a signature mark, to distinguish in subsequent verification process to different identifying objects.Network side clothes Business device can be identified distribution as distribution foundation using the sequencing for generating verifying picture, can also be by pre-defined algorithm Verifying picture generates one at random and identifies different signature mark, the present embodiment not generation to signature mark with other signatures Mode is defined.
It should be noted that above-mentioned steps 401 and step 402 be establish verify picture after execute the step of, Step executes sequence in no particular order, can also be executed simultaneously.
403, width verifying picture is pulled from authentication code database.
The implementation of this step is identical as the implementation of Fig. 1 step 101, and details are not described herein again.In addition, and step Unlike 101, network side server is in addition to pulling verifying picture, label keyword and character option set, it is also necessary to pull It is identified with the signature of verifying picture binding.
In a kind of preferred embodiment of the present embodiment, interference element can also be added by verifying in picture, to prevent specific journey Sequence identifies image content by picture recognition means.Wherein, interference element include but is not limited to be noise, interfering line, Picture rotation, picture distortion.
404, the verifying picture and character option set of binding signature mark are sent to client.
Verifying picture is being sent to client and when character option set, network side server will be bound with verifying picture Signature mark is sent to client together, to use when subsequent comparison keyword to be verified.
405, the keyword to be verified and signature mark that client is sent are received.
It is similar with Fig. 1 step 103 after user selects character to form keyword to be verified in character option set, Keyword to be verified is reported to network side server by client.In addition, the also step reported together with keyword to be verified The signature mark that network side server issues in 404.
406, according to the label keyword of signature identifier lookup and verifying picture binding.
Before keyword to be verified is compared, network side server is firstly the need of finding as comparing foundation Label keyword.And search label keyword foundation then be sent in advance client and by client in step 405 The signature mark reported.Network side server is according to the signature identifier lookup and obtains the corresponding label keyword for verifying picture.
407, it is whether identical that keyword and label keyword to be verified are compared.
As previously mentioned, verifying picture can correspond to a label keyword, multiple label keywords can also be corresponded to, for The alignments of different corresponding relationships, keyword to be verified are had nothing in common with each other, specific:
1) the corresponding label keyword of verifying picture
Keyword to be verified is compared with the label keyword for network side server, if the two is identical, executes Step 408, if the two is different, 409 are thened follow the steps.
2) verifying picture corresponds to multiple label keywords
Keyword to be verified is compared network side server respectively with multiple label keywords, if key to be verified Word is identical as some label keyword in multiple label keywords, thens follow the steps 408, if keyword to be verified with it is multiple All label keywords in label keyword are all different, and then follow the steps 409.
If 408, keyword to be verified is identical as label keyword, client identity is notified to be proved to be successful.
If 409, keyword to be verified is different from label keyword, client identity authentication failed is notified.
The implementation of step 408 and step 409 is identical as the implementation of step 105 and step 106 in Fig. 1 respectively, Details are not described herein again.
Further, it is contemplated that lead between the error-critical word and correct label keyword that user selects in practical application It is commonly present association (such as when label keyword is " mobile phone ", the keyword to be verified that user selects may be " making a phone call "), Therefore in another preferred embodiment of the present embodiment, the keyword of these mistakes can also be added to character as distracter In option set, to enhance the fascination of interference character.Specifically, network side server can be after step 409, to mistake Keyword to be verified parsed, using character therein as interference character be added in character option set, next time When carrying out authentication using the verifying picture, the character option set for being supplied to client is after adding new interference character Character option set.
It should be noted that when modifying character option set according to error-critical word and avoid being added in character option set Some characters, such as when there is interference character " electricity " and " brain " in former character option set, network side server should not just be incited somebody to action Character " electricity " in error-critical word is then added in character option set.
It further, is the statement habit for catering to most users, in the last one preferred embodiment of the present embodiment, Network side server can also modify to label keyword according to the error-critical word that user selects.Specifically, in step After 409, network side server carries out statistics screening to the error-critical word of certain sample space, if most users (example User such as 80%) it is " ipad " to the keyword to be verified of tablet computer picture selection rather than is label keyword " plate electricity The label keyword of the corresponding proof diagram piece can be revised as " ipad " by " tablet computer " by brain ", network side server, thus Avoid the influence caused by verification result due to label keyword excessively minority.
Further, as the realization to method shown in above-mentioned Fig. 1 or Fig. 4, the present embodiment additionally provides a kind of identity and tests The device of card, the device are located at network side, can be placed in inside network side server, can also be placed in outside network side server Data interaction is simultaneously realized by special interface and network side server in portion.As shown in figure 5, the device includes: data pull unit 51, data transmission unit 52, data receipt unit 53 and result verification unit 54, wherein
Data pull unit 51, for pulled from authentication code database a width verifying picture, verifying picture binding have with Verify the corresponding label keyword of image content and character option set, wherein character option set includes that composition label is crucial All standard characters of word and at least one interference character different from standard character;
Data transmission unit 52, for sending the verifying picture and character option that data pull unit 51 pulls to client Set;
Data receipt unit 53, for receiving the keyword to be verified of client transmission, keyword to be verified is existed by user At least one character composition selected in character option set;
Result verification unit 54, for the received keyword to be verified of comparison data receiving unit 53 and data pull unit Whether the 51 label keywords that pull are identical;
Data transmission unit 52 is also used to when to compare keyword to be verified identical as label keyword for result verification unit 54 When, notice client identity is proved to be successful, when result verification unit 54 compares keyword to be verified and label keyword difference, Notify client identity authentication failed.
Further, as shown in fig. 6, the device further include:
First mapping establish unit 61, for data pull unit 51 pulled from authentication code database verifying picture it Before, it is that every width verifying picture establishes one-to-one label keyword and character option set in authentication code database.
Further, as shown in fig. 6, the device further include:
Second mapping establish unit 62, for data pull unit 51 pulled from authentication code database verifying picture it Before, it is that every width verifying picture establishes at least two different label keywords and a corresponding character in authentication code database Option set, wherein at least two label keywords are the different expression to same width verifying image content, character option set All standard characters comprising forming at least two label keywords.
Further, result verification unit 54 is used for when the corresponding at least two label keyword of verifying picture, will be to be tested Card keyword is compared respectively at least two label keywords;
Data transmission unit 52 is used for when some label in keyword to be verified and at least two label keywords is crucial When word is identical, notice client identity is proved to be successful, all marks in keyword to be verified and at least two label keywords When label keyword is all different, client identity authentication failed is notified.
Further, as shown in fig. 6, the device further include:
Identification generation unit 63, for sending verifying picture and character option set to client in data transmission unit 52 Before, a unique signature mark is generated for verifying picture;
Data transmission unit 52 is used to for the signature mark that identification generation unit 63 generates being sent to verifying picture binding Client.
Further, as shown in fig. 6, the device further include: data searching unit 64;
Data receipt unit 53 is used to receive the keyword to be verified and signature mark of client transmission;
Data searching unit 64, for result verification unit 54 compare keyword to be verified and label keyword whether phase With before, according to the label keyword of the received signature identifier lookup of data receipt unit 53 and verifying image content binding.
Further, as shown in fig. 6, the device further include:
Data unit 65, for working as, result verification unit 54 compares keyword to be verified and label keyword is not identical When, after data transmission unit 52 notifies client identity authentication failed, using the character in keyword to be verified as interference Character is added in character option set.
Further, as shown in fig. 6, the device further include:
Data processing unit 66, for sending verifying picture and character option set to client in data transmission unit 52 Before, interference element is added for the verifying picture that data pull unit 51 pulls, interference element includes: noise, interfering line, picture Rotation, picture distortion.
The device of authentication provided in an embodiment of the present invention can be obtained at random a width proof diagram by network side server Piece, and corresponding with verifying image content label keyword and include label keyword criteria character and interference character Character option set, and the verifying picture and character option set are sent to client and carry out authentication.User is carrying out It is to be verified from the one or more characters compositions of character option set selection according to the understanding to verifying image content when authentication Keyword.In the keyword to be verified for receiving client and reporting, network side server compares keyword and the label to be verified Whether keyword is identical, if the two is identical, client identity is notified to be proved to be successful, if the two is different, notifies client Hold authentication failure.Since verification process pertains only to the transmission of a width picture, and the character option set institute of character types Account for that data volume is smaller, therefore compared with the picture selective type identifying code scheme for transmitting several pictures in the prior art, it can be significantly Save the data traffic of client especially mobile client.Simultaneously as verification process also relates to user to verifying picture The cognition of content and matching with verifying keyword, therefore can equally guarantee identifying code verification the verifying results.
Further, as the realization to method shown in above-mentioned Fig. 1 or Fig. 4, the present embodiment additionally provides a kind of identity and tests The system of card, as shown in fig. 7, the system is made of network side server 71 and client 72, network side server 71 includes such as Fig. 5 or device shown in fig. 6.Wherein,
Network side server 71, for pulled from authentication code database a width verifying picture, verifying picture binding have with The corresponding label keyword of image content and character option set are verified, and sends verifying picture and character option to client 72 Set, wherein character option set includes all standard characters and at least one and standard character of composition label keyword Different interference characters;
Client 72 receives user for showing the verifying picture and character option set of the transmission of network side server 71 According to the keyword to be verified of character option Resource selection, wherein keyword to be verified is selected in character option set by user At least one character composition selected;
Network side server 71 be also used to receive client 72 transmission keyword to be verified, compare keyword to be verified with Whether label keyword is identical, if keyword to be verified is identical as label keyword, notifies 72 authentication of client success, Otherwise notice 72 authentication of client failure.
The system of authentication provided in an embodiment of the present invention can be obtained at random a width proof diagram by network side server Piece, and corresponding with verifying image content label keyword and include label keyword criteria character and interference character Character option set, and the verifying picture and character option set are sent to client and carry out authentication.User is carrying out It is to be verified from the one or more characters compositions of character option set selection according to the understanding to verifying image content when authentication Keyword.In the keyword to be verified for receiving client and reporting, network side server compares keyword and the label to be verified Whether keyword is identical, if the two is identical, client identity is notified to be proved to be successful, if the two is different, notifies client Hold authentication failure.Since verification process pertains only to the transmission of a width picture, and the character option set institute of character types Account for that data volume is smaller, therefore compared with the picture selective type identifying code scheme for transmitting several pictures in the prior art, it can be significantly Save the data traffic of client especially mobile client.Simultaneously as verification process also relates to user to verifying picture The cognition of content and matching with verifying keyword, therefore can equally guarantee identifying code verification the verifying results.
Through the above description of the embodiments, it is apparent to those skilled in the art that the present invention can borrow Help software that the mode of required common hardware is added to realize, naturally it is also possible to which the former is more preferably by hardware, but in many cases Embodiment.Based on this understanding, the portion that technical solution of the present invention substantially in other words contributes to the prior art Dividing can be embodied in the form of software products, which stores in a readable storage medium, such as count The floppy disk of calculation machine, hard disk or CD etc., including some instructions are used so that computer equipment (it can be personal computer, Server or the network equipment etc.) execute method described in each embodiment of the present invention.
The above description is merely a specific embodiment, but scope of protection of the present invention is not limited thereto, any Those familiar with the art in the technical scope disclosed by the present invention, can easily think of the change or the replacement, and should all contain Lid is within protection scope of the present invention.Therefore, the protection scope of the present invention shall be subject to the protection scope of the claims.

Claims (15)

1. a kind of method of authentication characterized by comprising
Width verifying picture is pulled from authentication code database, the verifying picture binding has corresponding with the verifying image content Label keyword and character option set, wherein the verifying picture includes image corresponding with the label keyword, The character option set includes all standard characters and at least one and the standard word for forming the label keyword Accord with different interference characters;
The verifying picture and the character option set are sent to client;
The keyword to be verified that the client is sent is received, the keyword to be verified is by user in the character option set At least one character of middle selection forms;
When the corresponding at least two label keyword of the verifying picture, by the keyword to be verified and at least two mark Label keyword is compared respectively;
If the keyword to be verified is identical as some label keyword in at least two labels keyword, institute is notified Client identity is stated to be proved to be successful;
If the keyword to be verified is all different with all label keywords in at least two labels keyword, lead to Know the client identity authentication failed.
2. the method according to claim 1, wherein pulling the proof diagram from the authentication code database Before piece, the method further includes:
It is that every width verifying picture establishes one-to-one label keyword and character option set in the authentication code database.
3. the method according to claim 1, wherein pulled from authentication code database the verifying picture it Before, the method further includes:
It is that every width verifying picture establishes at least two different label keywords and a correspondence in the authentication code database Character option set, wherein at least two labels keyword be to same width verifying image content different expression, institute Stating character option set includes all standard characters for forming at least two labels keyword.
4. the method according to claim 1, wherein described to the client transmission verifying picture and described Before character option set, the method further includes:
A unique signature mark is generated for the verifying picture;
It is described to send the verifying picture and the character option set to client, comprising:
Signature mark and verifying picture binding are sent to the client.
5. according to the method described in claim 4, it is characterized in that, the key to be verified for receiving the client and sending Word, comprising:
Receive the keyword to be verified and signature mark that the client is sent;
Before whether the comparison keyword to be verified and the label keyword are identical, the method is further wrapped It includes:
According to the label keyword of the signature identifier lookup and the verifying picture binding.
6. the method according to claim 1, wherein if the keyword to be verified and the label keyword not It is identical, then it is described notify the client identity authentication failed after, the method further includes:
It is added to the character in the keyword to be verified as interference character in the character option set.
7. the method according to claim 1, wherein described to the client transmission verifying picture and described Before character option set, the method further includes:
Interference element is added for the verifying picture, the interference element includes: noise, interfering line, picture rotation, picture torsion It is bent.
8. a kind of device of authentication characterized by comprising
Data pull unit, for pulling width verifying picture from authentication code database, the verifying picture binding has and institute State the corresponding label keyword of verifying image content and character option set, wherein the verifying picture includes and the mark Sign the corresponding image of keyword, the character option set includes all standard characters and extremely for forming the label keyword A few interference character different from the standard character;
Data transmission unit, for sending the verifying picture and the character that the data pull unit pulls to client Option set;
Data receipt unit, the keyword to be verified sent for receiving the client, the keyword to be verified is by user At least one character composition selected in the character option set;
Result verification unit is used for when the corresponding at least two label keyword of the verifying picture, by the key to be verified Word is compared respectively at least two labels keyword;
The data transmission unit is also used to when some in the keyword to be verified and at least two labels keyword When label keyword is identical, the client identity is notified to be proved to be successful, when the keyword to be verified and described at least two When all label keywords in label keyword are all different, the client identity authentication failed is notified.
9. device according to claim 8, which is characterized in that described device further include:
Unit is established in first mapping, for pulling the proof diagram from the authentication code database in the data pull unit It is that every width verifying picture establishes one-to-one label keyword and character option collection in the authentication code database before piece It closes.
10. device according to claim 8, which is characterized in that described device further include:
Unit is established in second mapping, for pulling the proof diagram from the authentication code database in the data pull unit It is that every width verifying picture establishes at least two different label keywords and one right in the authentication code database before piece The character option set answered, wherein at least two labels keyword is the different expression to same width verifying image content, The character option set includes all standard characters for forming at least two labels keyword.
11. device according to claim 8, which is characterized in that described device further include:
Identification generation unit, for sending the verifying picture and the character option to client in the data transmission unit Before set, a unique signature mark is generated for the verifying picture;
The data transmission unit is used to identify the signature that the identification generation unit generates and tie up with the verifying picture Surely it is sent to the client.
12. device according to claim 11, which is characterized in that described device further include: data searching unit;
The data receipt unit is used to receive the keyword to be verified that the client is sent and signature mark;
The data searching unit, for comparing the keyword to be verified and label key in the result verification unit Before whether word is identical, tied up according to the received signature identifier lookup of the data receipt unit with the verifying image content The fixed label keyword.
13. device according to claim 8, which is characterized in that described device further include:
Data unit, for comparing the keyword to be verified and the label keyword not when the result verification unit It, will be in the keyword to be verified after the data transmission unit notifies the client identity authentication failed when identical Character as interference character be added in the character option set.
14. device according to claim 8, which is characterized in that described device further include:
Data processing unit, for sending the verifying picture and the character option to client in the data transmission unit Before set, interference element is added for the verifying picture that the data pull unit pulls, the interference element includes: to make an uproar Point, interfering line, picture rotation, picture distortion.
15. a kind of system of authentication, which is characterized in that the system comprises network side server and client, the net Network side server includes the authentication means as described in claim 8 to 14;Wherein,
The network side server, for pulling width verifying picture from authentication code database, the verifying picture binding has Label keyword corresponding with the verifying image content and character option set, and to client send the verifying picture and The character option set, wherein the verifying picture includes image corresponding with the label keyword, the character choosing Set is comprising forming all standard characters of the label keyword and at least one is different from the standard character dry Disturb character;
The client, for showing the verifying picture and the character option set that the network side server is sent, User is received according to the keyword to be verified of the character option Resource selection, wherein the keyword to be verified is existed by user At least one character composition selected in the character option set;
The network side server is also used to receive the keyword to be verified that the client is sent, when the verifying picture When corresponding at least two label keyword, the keyword to be verified and at least two labels keyword are compared respectively It is right, if the keyword to be verified is identical as some label keyword in at least two labels keyword, notify institute Client identity is stated to be proved to be successful;If all labels in the keyword to be verified and at least two labels keyword close Keyword is all different, then notifies the client identity authentication failed.
CN201410086606.1A 2014-03-11 2014-03-11 The method, apparatus and system of authentication Active CN104917722B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201410086606.1A CN104917722B (en) 2014-03-11 2014-03-11 The method, apparatus and system of authentication

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201410086606.1A CN104917722B (en) 2014-03-11 2014-03-11 The method, apparatus and system of authentication

Publications (2)

Publication Number Publication Date
CN104917722A CN104917722A (en) 2015-09-16
CN104917722B true CN104917722B (en) 2019-07-12

Family

ID=54086435

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201410086606.1A Active CN104917722B (en) 2014-03-11 2014-03-11 The method, apparatus and system of authentication

Country Status (1)

Country Link
CN (1) CN104917722B (en)

Families Citing this family (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105491010A (en) * 2015-11-19 2016-04-13 上海携程商务有限公司 Cross validation method and system for verification codes
CN106209810A (en) * 2016-07-03 2016-12-07 韦建峰 A kind of verification method and generating means
CN106355073A (en) * 2016-08-26 2017-01-25 上海铁壳网络科技有限公司 A proof technique of and man-machine and proving system
CN106485261B (en) * 2016-09-08 2020-06-02 北京小米移动软件有限公司 Image recognition method and device
CN106485114B (en) * 2016-11-10 2019-12-31 北京像素软件科技股份有限公司 Data verification method and device
CN108512850A (en) * 2018-04-02 2018-09-07 广东能龙教育股份有限公司 Processing method of intelligent verification code based on question and answer questions
CN110895602B (en) * 2018-09-13 2021-12-14 中移(杭州)信息技术有限公司 Identity authentication method and device, electronic equipment and storage medium
CN111291352B (en) * 2018-12-10 2024-02-02 北京京东尚科信息技术有限公司 Label data generation method and device
CN114978742B (en) * 2022-06-08 2024-04-23 中国电信股份有限公司 Verification information generation method, verification method and device

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101976430A (en) * 2010-10-29 2011-02-16 赵俊平 Method for generating picture verification codes and system thereof
CN103188263A (en) * 2013-03-22 2013-07-03 百度在线网络技术(北京)有限公司 Verification method, system and device
CN103400107A (en) * 2013-07-05 2013-11-20 百度在线网络技术(北京)有限公司 Method and device for generating dynamic verification code picture, and verification method and device
CN103455965A (en) * 2012-05-30 2013-12-18 北京小米科技有限责任公司 Verification image based verification method, device and server

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1871602A (en) * 2003-10-20 2006-11-29 罗吉加利斯公司 Method, system, apparatus, and machine-readable medium for use in connection with a server that uses images or audio for initiating remote function calls
US20120180115A1 (en) * 2011-01-07 2012-07-12 John Maitland Method and system for verifying a user for an online service
CN103428163A (en) * 2012-05-15 2013-12-04 上海博路信息技术有限公司 Verification code based on image content

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101976430A (en) * 2010-10-29 2011-02-16 赵俊平 Method for generating picture verification codes and system thereof
CN103455965A (en) * 2012-05-30 2013-12-18 北京小米科技有限责任公司 Verification image based verification method, device and server
CN103188263A (en) * 2013-03-22 2013-07-03 百度在线网络技术(北京)有限公司 Verification method, system and device
CN103400107A (en) * 2013-07-05 2013-11-20 百度在线网络技术(北京)有限公司 Method and device for generating dynamic verification code picture, and verification method and device

Also Published As

Publication number Publication date
CN104917722A (en) 2015-09-16

Similar Documents

Publication Publication Date Title
CN104917722B (en) The method, apparatus and system of authentication
CN105337949B (en) A kind of SSO authentication method, web server, authentication center and token verify center
CN106209763B (en) A kind of login method and system
CN104580264B (en) Login method, entering device and login and Accreditation System
US9979721B2 (en) Method, server, client and system for verifying verification codes
CN108011863B (en) Method and device for identifying brute force cracking
CN101771676B (en) Setting and authentication method for cross-domain authorization and relevant device and system
CN103841111B (en) A kind of method for preventing Data duplication from submitting and server
CN106789855A (en) The method and device of user login validation
CN105847245A (en) Electronic mail box login authentication method and device
CN104657653B (en) The verification method and checking device of image authentication code
CN105162604B (en) A kind of verification method, server and system based on characteristic image identification
CN104580376B (en) The methods, devices and systems connected between terminal are established in a local network
CN106385403B (en) A kind of the user account register method and relevant device of self-help print equipment
CN104184709A (en) Verification method, device, server, service data center and system
CN104796408B (en) Single-point live login method and single-point live login device
CN107832941A (en) Order processing method and device
CN113988314A (en) Cluster federal learning method and system for selecting client
CN104836777B (en) Identity verification method and system
CN106470200A (en) A kind of auth method and relevant apparatus
CN103561063B (en) A kind of method of Register top box and terminal
CN110233850A (en) Register method, application server, user terminal and system based on alliance's chain
CN107517180A (en) Login method and device
CN108123806A (en) The generation method of question-type picture validation code
CN106878298A (en) The integrated approach of a kind of authenticating device and website, system and device

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant