CN106339619A - Information security management method and device thereof - Google Patents
Information security management method and device thereof Download PDFInfo
- Publication number
- CN106339619A CN106339619A CN201610729473.4A CN201610729473A CN106339619A CN 106339619 A CN106339619 A CN 106339619A CN 201610729473 A CN201610729473 A CN 201610729473A CN 106339619 A CN106339619 A CN 106339619A
- Authority
- CN
- China
- Prior art keywords
- iris
- storing unit
- capturing device
- key storing
- key
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000007726 management method Methods 0.000 title claims abstract description 16
- 238000013500 data storage Methods 0.000 claims abstract description 22
- 210000000352 storage cell Anatomy 0.000 claims description 15
- 238000000034 method Methods 0.000 claims description 12
- 210000004027 cell Anatomy 0.000 claims description 8
- 210000001508 eye Anatomy 0.000 claims description 7
- 230000013011 mating Effects 0.000 claims description 4
- 238000004364 calculation method Methods 0.000 claims 1
- 230000008878 coupling Effects 0.000 claims 1
- 238000010168 coupling process Methods 0.000 claims 1
- 238000005859 coupling reaction Methods 0.000 claims 1
- 210000000554 iris Anatomy 0.000 abstract 7
- 241000700605 Viruses Species 0.000 description 2
- 230000006378 damage Effects 0.000 description 2
- 230000037361 pathway Effects 0.000 description 2
- 230000001960 triggered effect Effects 0.000 description 2
- 230000005540 biological transmission Effects 0.000 description 1
- 210000005252 bulbus oculi Anatomy 0.000 description 1
- 230000007812 deficiency Effects 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000012423 maintenance Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000004088 simulation Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/32—User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/78—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Collating Specific Patterns (AREA)
- Storage Device Security (AREA)
- Lock And Its Accessories (AREA)
Abstract
The invention provides an information security management method and a device thereof, and belongs to the field of information security. The information security management device comprises an iris collector, a switch, a one-time channel, a key storage unit and a data storage unit, wherein the iris collector is used for collecting eye irises, generating a characteristic value, and transmitting the characteristic value to the key storage unit; the switch is used for starting a registration mode of the key storage unit; the one-time channel is used for transmitting a switch signal and transmitting the switch signal to the key storage unit; the key storage unit is used for receiving the switch signal to start the registration mode, receiving an iris registration characteristic value emitted by the iris collector to finish registration, and receiving the iris characteristic value emitted by the iris collector for matching, and performing the startup and the closing of access permission of the data storage unit; the data storage unit is used for storing data which needs to be stored by a user.
Description
Technical field
The present invention relates to information security field, it is specifically to be related to information security management method and its device.
Background technology
At present, with the convenient practicality of smart mobile phone, demonstration the features such as powerful, mobile phone is also gradually in various users
In colony, popularization is come, and thus causes a series of mobile phone safe problem.Mobile phone safe is primarily referred to as being linked up using mobile phone
During produced information security, this category information may reveal in the case of intentionally or accidentally, once just revealing
Cellie can be caused damage.Therefore, numerous terminal business, software business man etc. propose the solution of mobile phone message security in succession
Scheme.
A solution relatively conventional at present is, is the information setting cryptoguard of need for confidentiality in mobile phone, and
Go to hide this password entrance using a switch;When this switch is in opening, show password entrance, now, user
Password can be inputted and carry out checking of security information;When this switch is closed, this password entrance is hidden, from
And above-mentioned security information cannot be viewed.
But, such scheme has a problem that it is simply that how this switch is hidden, if this switch can not be hidden
Hide, then illegal person still can be decoded to this switch to be intercepted password thus stealing information.Therefore, the reliability of the program
Relatively low, the information in mobile phone still suffers from the risk revealed.
Content of the invention
The deficiency existing for above-mentioned prior art, the present invention provides information security management method and its device.
The present invention solves the above problems by the following technical programs:
Information security management method, wherein, comprises the following steps:
Step 1: user sends registration signal by disposable passage to key storing unit using switch;
Step 2: after described key storing unit receives described registration signal, open own key stored memory;
Step 3: iris capturing device will carry out iris capturing, described iris capturing device handle as the eyes of key to user
The iris feature value of collection passes to described key storing unit;
Step 4: after described key storing unit receives the incoming iris feature value of described iris capturing device, described key is deposited
Storage unit is stored in described key storage internal memory iris feature value;
Step 5: trigger described disposable passage certainly after iris feature value completes registration when described key storing unit receives
Dynamic circuit breaker expense is ruined;
Step 6: when user needs to access data storage cell data, iris are gathered by described iris capturing device
Characteristic value, described iris capturing device passes to described key storing unit collection iris feature value;
Step 7: described key storing unit receives the incoming iris feature value of described iris capturing device and described key storage
The key storage internal memory log-on data of unit is mated, and after the match is successful, user enters line number to described data storage cell
According to access;Unsuccessful when mating, user cannot access data storage cell data.
In such scheme, the process that preferably described in step 3, iris capturing device gathers iris is: described iris
Collector passes through laser scanning eyes 3-9 time, and the data of each scanning collection is calculated corresponding characteristic value, from owning of generating
Described characteristic value in a characteristic value is selected by analogue method, this characteristic value be exactly as described iris capturing device gather eye
The characteristic value of eyeball iris simultaneously passes to described key storing unit.
In such scheme, preferably analogue method is: identical characteristic in characteristic value is contrasted one by one, and leads to
The optimal solution principle crossing algorithm draws a characteristic value.
In such scheme, the process that preferably step 5 triggers that described disposable passage disconnects destruction automatically is: described close
Key memory cell produces a pulse signal after completing registration, and the triggering that pulse signal sends on disposable passage is opened
Close, described pulse signal triggers described trigger switch and closes the passage on described disposable passage.
Information security management device, deposits including iris capturing device, switch, disposable passage, key storing unit data
Storage unit;
The output end of described iris capturing device is connected with described key storing unit;For gathering iris and generating spy
Value indicative, passes to key storing unit characteristic value;
The output end of described switch is connected with described disposable passage;For opening the registration mode of key storing unit;
Described disposable passage is connected with described key storing unit;For transmitting switch signal, and switching signal is passed
To key storing unit;
Described key storing unit is connected with described data storage cell, opens registration mode for receiving switching signal,
Receive the incoming iris registration feature value of iris capturing device to complete to register;The iris feature value incoming for receiving iris capturing device
Mated, and the opening and closing of complete paired data memory unit access authority;
Described data storage cell is connected with described key storing unit, needs the data of storage for storing user.
Advantages of the present invention with effect is:
1st, the present invention is used iris as key, ensures that the uniqueness of key, iris be also not easy imitated, from
Ensure that the security of data;
2nd, the disposable passage in the present invention has just carried out certainly destroying after the registration is finished, closing passage, thus effectively
Prevent illegal person to start with from initial switch to be cracked, from the security improving data;
3rd, further, the switch closing on disposable passage is a kind of pathway closure of the physical layer on hardware, destroys
Person cannot be cracked using software or virus etc.;
4th, need in the present invention to enter by the key authentication of key storing unit when accessing data storage cell data
One step ground is it is ensured that the security of userspersonal information.
Brief description
Fig. 1 is the structured flowchart of apparatus of the present invention.
Specific embodiment
The invention will be further described with reference to embodiments.
Information security management method, wherein, comprises the following steps:
Step 1: user sends registration signal by disposable passage to key storing unit by using registration switch.Its
In, registration switch is a software switch on mobile phone, is connected to hardware corridor disposable between software switch and key storing unit
Passage, disposable passage is used for being communicated with key storing unit for registration switch, is a special hardware corridor.Once
Property passage on be additionally provided with trigger switch, disposable passage can be carried out closing and blocks after being triggered by trigger switch, relatively user
For trigger switch close after just cannot be carried out opening, only just can be opened by hardware maintenance by equipment manufacturer.
Step 2: after key storing unit receives registration signal, open own key stored memory.Key storing unit bag
Key storage internal memory, cipher key match device and switch are included, key storage internal memory is specially with the initial key of storage registration, key
Orchestration is used for receiving the key in the external world and being mated with the initial key in key storage internal memory.Wherein, switch is extraneous visit
Ask the valve of data storage cell, only switch just can conduct interviews after opening.
Step 3: iris capturing device will carry out iris capturing as the eyes of key to user, and iris capturing device is collection
Iris feature value pass to key storing unit.The process that iris capturing device gathers iris is: iris capturing device passes through to swash
Optical scanning eyes 3-9 time, calculate corresponding characteristic value the data of each scanning collection, logical from all of characteristic value generating
Cross analogue method and select a characteristic value, this characteristic value is exactly to gather the characteristic value of iris as iris capturing device and pass to
Key storing unit.Analogue method is to be contrasted identical characteristic in characteristic value one by one, and by algorithm
Excellent solution principle draws a characteristic value.Wherein, analogue method already belongs to a kind of common optimum resolving Algorithm of those skilled in the art, so
Here is no longer explained in detail.The Stability and veracity of login key can be improved by Multiple-Scan very well.
Step 4: after key storing unit receives the incoming iris feature value of iris capturing device, key storing unit is iris
Characteristic value is stored in key storage internal memory, completes to register.The iris feature value conduct that the first time that key storing unit receives receives
The data storage of the key stored memory in key storing unit, is also the key of registration, as the standard value mating contrast backward.
Step 5: trigger disposable passage after key storing unit reception iris feature value completes registration and automatically disconnect pin
Ruin.Key storage internal memory in key storing unit can produce signal pulse after receiving data storage, and signal pulse is transferred to
On disposable passage.Key storing unit produces a pulse signal after completing registration, and pulse signal sends disposable passage to
On a trigger switch on, pulse signal trigger trigger switch close disposable passage on passage.On disposable passage
Switch closing is a kind of pathway closure of the physical layer on hardware, and saboteur cannot be cracked using software or virus etc..
Step 6: when user needs to access data storage cell data, iris feature is gathered by iris capturing device
Value, iris capturing device passes to key storing unit collection iris feature value.After user completes registration, need to data storage
Cell data carries out data and can access, and only just can be conducted interviews by key authentication.Iris capturing device collection iris are special
Value indicative is the equal of input key, because everyone iris is unique, so that key is unique, and destroys
Person cannot be with machine simulation.
Step 7: the key that key storing unit receives iris capturing device incoming iris feature value and key storing unit is deposited
Storage internal memory log-on data is mated.After the match is successful, the switch in key storing unit is opened, and user can deposit to data
Storage unit carries out data access.Unsuccessful when mating, the switch in key storing unit does not operate, and user cannot access data
Memory cell data.
Information security management device, as shown in figure 1, include iris capturing device, switch, disposable passage, key storage list
First data memory cell.
The output end of iris capturing device is connected with key storing unit, and it is manually defeated that Password Input area quite at ordinary times is carried out
Enter password.Switch is connected with key storing unit through disposable passage.Data storage cell is connected with key storing unit.
Iris capturing device is used for gathering iris and generating characteristic value, and characteristic value is passed to key storing unit.Switch
For opening the registration mode of key storing unit, switch is a software switch on user instrument.Disposable passage is used for
Transmitting switch signal, and switching signal is passed to key storing unit, disposable passage is a hardware corridor, disposable passage
On be additionally provided with trigger switch, after trigger switch is triggered, whole passage will be blocked it is impossible to carry out data transmission.Key
Memory cell is used for receiving switching signal unlatching registration mode, receives the incoming iris registration feature value of iris capturing device and completes to note
Volume;Mated for receiving the incoming iris feature value of iris capturing device, and complete paired data memory unit access authority
Open and close.Key storing unit includes key storage internal memory, cipher key match device and switch, and key storage internal memory is specially used
In storage registration initial key, cipher key match device be used for receive the external world key and with key storage internal memory in initial key
Mated.Wherein, switch is the extraneous valve accessing data storage cell, and only switch just can conduct interviews after opening.Number
It is used for storing the data that user needs to store according to memory cell, can be typically mobile phone EMS memory, storage card or hard disk etc..
Below the appropriate embodiment of the invention is illustrated, but the present invention is not limited to implement
Example, those of ordinary skill in the art can also make a variety of equivalent changes without prejudice on the premise of the invention spirit
Type or replacement, these equivalent modifications or replacement are all contained in scope of the present application.
Claims (5)
1. information security management method it is characterised in that: comprise the following steps:
Step 1: user sends registration signal by disposable passage to key storing unit using switch;
Step 2: after described key storing unit receives described registration signal, open own key stored memory;
Step 3: iris capturing device will carry out iris capturing as the eyes of key to user, and described iris capturing device is collection
Iris feature value pass to described key storing unit;
Step 4: after described key storing unit receives the incoming iris feature value of described iris capturing device, described key storage list
Unit is stored in described key storage internal memory iris feature value;
Step 5: trigger described disposable passage from dynamic circuit breaker when described key storing unit receives after iris feature value completes registration
Expense is ruined;
Step 6: when user needs to access data storage cell data, iris feature is gathered by described iris capturing device
Value, described iris capturing device passes to described key storing unit collection iris feature value;
Step 7: described key storing unit receives the incoming iris feature value of described iris capturing device, and by described iris feature
Value is mated with the key storage internal memory log-on data of described key storing unit, and after the match is successful, user is to described number
Carry out data access according to memory cell;Unsuccessful when mating, user cannot access data storage cell data.
2. information security management method according to claim 1 it is characterised in that: iris capturing device described in step 3 is adopted
The process of collection iris is: described iris capturing device passes through laser scanning eyes 3-9 time, the data calculation of each scanning collection
Go out corresponding characteristic value, from all of described characteristic value generating, one characteristic value, this characteristic value are selected by analogue method
The characteristic value of iris will be gathered as described iris capturing device and pass to described key storing unit.
3. information security management method according to claim 2 it is characterised in that: described analogue method is by phase in characteristic value
Same characteristic is contrasted one by one, and draws a characteristic value by the optimal solution principle of algorithm.
4. information security management method according to claim 1 it is characterised in that: step 5 triggers described disposable passage
Automatically disconnecting the process destroyed is that described key storing unit produces a pulse signal, described pulse signal after completing registration
Send a trigger switch on described disposable passage to, described pulse signal triggers described in described trigger switch closing once
Passage on property passage.
5. the information security management device of the information security management method described in a kind of any one for claim 1-4, its
It is characterised by: include iris capturing device, switch, disposable passage, key storing unit data memory cell;
The output end of described iris capturing device is connected with described key storing unit;For gathering iris and generating feature
Value, passes to key storing unit characteristic value;
The output end of described switch is connected with described disposable passage;For opening the registration mode of key storing unit;
Described disposable passage is connected with described key storing unit;For transmitting switch signal, and switching signal is passed to close
Key memory cell;
Described key storing unit is connected with described data storage cell;Open registration mode for receiving switching signal, receive
The incoming iris registration feature value of iris capturing device completes to register;Carry out for receiving the incoming iris feature value of iris capturing device
Coupling, and the opening and closing of complete paired data memory unit access authority;
Described data storage cell and described key storing unit;Need the data of storage for storing user.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610729473.4A CN106339619B (en) | 2016-08-26 | 2016-08-26 | Information security management method and its device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610729473.4A CN106339619B (en) | 2016-08-26 | 2016-08-26 | Information security management method and its device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN106339619A true CN106339619A (en) | 2017-01-18 |
| CN106339619B CN106339619B (en) | 2019-01-18 |
Family
ID=57822177
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201610729473.4A Active CN106339619B (en) | 2016-08-26 | 2016-08-26 | Information security management method and its device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN106339619B (en) |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN200976141Y (en) * | 2006-10-23 | 2007-11-14 | 北京飞天诚信科技有限公司 | Plug-and-play intelligent cipher key device |
| CN101493866A (en) * | 2008-01-23 | 2009-07-29 | 杨筑平 | Controlled storage apparatus and access operation software |
-
2016
- 2016-08-26 CN CN201610729473.4A patent/CN106339619B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN200976141Y (en) * | 2006-10-23 | 2007-11-14 | 北京飞天诚信科技有限公司 | Plug-and-play intelligent cipher key device |
| CN101493866A (en) * | 2008-01-23 | 2009-07-29 | 杨筑平 | Controlled storage apparatus and access operation software |
Also Published As
| Publication number | Publication date |
|---|---|
| CN106339619B (en) | 2019-01-18 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN105471826B (en) | Ciphertext data query method, apparatus and cryptogram search server | |
| CN109040139A (en) | A kind of identity authorization system and method based on block chain and intelligent contract | |
| Coisel et al. | Untangling RFID privacy models | |
| Ahvanooey et al. | Modern authentication schemes in smartphones and IoT devices: An empirical survey | |
| CN104700015B (en) | Based on the dynamic password formation method of iris information | |
| CN102316112A (en) | Password authentication method in network application and system | |
| WO2018133675A1 (en) | Key update method, device and system | |
| CN111131202A (en) | Identity authentication method and system based on multiple information authentication | |
| FR2973909A1 (en) | METHOD FOR ACCESSING A PROTECTED RESOURCE OF A SECURE PERSONAL DEVICE | |
| CN112260820A (en) | Mobile payment password keyboard based on key splitting protection in Android system and implementation method thereof | |
| CN106815906A (en) | A kind of intelligent entrance guard management method and system based on optic communication | |
| CN102663863B (en) | Financial POS system capable of resisting channel Trojan attack and anti-attack realization method thereof | |
| CN101345625B (en) | Remote authentication method based on biological characteristic | |
| CN110519222A (en) | Outer net access identity authentication method and system based on disposable asymmetric key pair and key card | |
| Sansanwal et al. | Security Attacks in Cloud Computing: A Systematic Review | |
| CN109961542A (en) | A kind of entrance guard device, verifying device, verifying system and its verification method | |
| CN106815907A (en) | A kind of method and intelligent access control system based on picture password management intelligent entrance guard | |
| CN107046524A (en) | It is a kind of based on ultrasonic wave use intelligent entrance guard method and system | |
| CN106339619B (en) | Information security management method and its device | |
| CN107249006A (en) | The authentication method and device of password use environment | |
| CN106710033A (en) | Door control opening method and device | |
| Deswarte et al. | A Proposal for a Privacy-preserving National Identity Card. | |
| CN107969005A (en) | A kind of access authentication method, device, equipment and system | |
| CN107948140A (en) | The method of calibration and system of portable set | |
| CN106027465A (en) | Method for processing identity card authentication information processing request |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20181129 Address after: Room 1301, Building 430-1, Xujiahui Road, Huangpu District, Shanghai 200025 Applicant after: Shanghai Hengnengtai Enterprise Management Co., Ltd. Address before: 510000 No. 4 Lane seven, Luogang District, Guangzhou, Guangdong. Applicant before: He Ying |
|
| TA01 | Transfer of patent application right | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |