CN106850667A - It is a kind of to continue certification security protection system and its method - Google Patents
It is a kind of to continue certification security protection system and its method Download PDFInfo
- Publication number
- CN106850667A CN106850667A CN201710122165.XA CN201710122165A CN106850667A CN 106850667 A CN106850667 A CN 106850667A CN 201710122165 A CN201710122165 A CN 201710122165A CN 106850667 A CN106850667 A CN 106850667A
- Authority
- CN
- China
- Prior art keywords
- face
- user
- certification
- client
- subsystem
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0815—Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0861—Network architectures or network communication protocols for network security for authentication of entities using biometrical features, e.g. fingerprint, retina-scan
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3226—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
- H04L9/3231—Biological data, e.g. fingerprint, voice or retina
Abstract
Continue certification security protection system and its method the present invention relates to a kind of, obtain subsystem, recognition of face subsystem, face in real time including facial image to continue recognition subsystem and continue authority executive subsystem, user carries out face login authentication process by facial image real-time acquisition system and face identification system.Face continues recognition subsystem and is automatically continued for user's face Real time identification certification in setting time interval;If face authentication success, continue the right to use that authority executive subsystem distributes client to user;If face authentication fails, and unsuccessfully exceedes predetermined time interval, then persistently authority executive subsystem does not distribute the right to use of client to user, and user can not normally use client.Face continues recognition subsystem and is automatically continued for user's face Real time identification certification in setting time interval.The present invention is capable of the security of sustainable protection client data, is with a wide range of applications.
Description
Technical field
The present invention relates to technical fields such as information security and security protections, more particularly to it is a kind of continue certification security protection system and
Its method.
Background technology
With the development of computer network and the communication technology, the network information security, intellectual property protection and authentication etc.
Problem turns into an important and urgent research topic.In the prior art, common data security protecting technology is mainly and passes through
Password and external key(Such as:USB flash disk, softdog etc.)Enciphering/deciphering is carried out to electronic information data.In the protection mechanism using password
In, the secrecy effect to data is limited, and the probability that the password for being used is cracked is very high, and is not easy to memory;Using outer
It is that external key replaces cipher memory as identity documents by the use of material object, although be difficult to crack in putting the protection mechanism of key,
Without memory, but once the external key is lost or is stolen, user will seem at a loss what to do, once while authority quilt
It is granted by, is difficult to be cancelled or interrupt during the use of system or software, once ciphertext is decrypted, is difficult to allow in plain text
Revert to ciphertext.
In order to solve the problems, such as above two protection mechanism, prior art is also provided one kind and is carried out using face characteristic
The scheme of data protection.Because face characteristic information has uniqueness, without deliberately carrying, will not lose, it is difficult to forge and steal
The advantages of taking, the program is deposited in a computer by by the template data of password and face characteristic, when user uses the meter
When calculation machine carries out data enciphering/deciphering, the legitimacy of user can be checked by using the face characteristic of person, so as to reach number
According to the purpose of protection.Identity identifying method based on face recognition technology, overcomes the disadvantage that traditional identity identifying method is present
End, possesses security higher, reliability and validity, is increasingly valued by people, and it is raw to progress into society
Every field living.
But, the current identity identifying method based on face recognition technology is normally only applied to user's registration and user steps on
In the record stage, disposable mode is taken to carry out user identity identification and certification, as the certification after User logs in but without reference to giving
Network hacker leaves opportunity, and very big hidden danger is brought to the data information security of user.Prior art has much room for improvement and carries
It is high.
The content of the invention
The technical problems to be solved by the invention are, there is provided a kind of to continue certification security protection system and its method, hold
The safety of continuation of insurance shield user terminal, resource and information, improves the security of client terminal, resource and data.
The present invention is achieved in that offer is a kind of and continues certification security protection system, installs on the client, including people
Face image obtains subsystem, recognition of face subsystem, face and continues recognition subsystem and continue authority executive subsystem in real time, tool
Body includes following content:
User carries out face login authentication process by the facial image real-time acquisition system and face identification system;If stepped on
Record authentication result is that successfully, the face continues Verification System and really starts, and user obtains the right to use of client protected object
Or control, and perform the lasting recognition subsystem of face;It is failure if logged on authentication result, then repeats face login and recognize
Card process.
The lasting recognition subsystem of the face is automatically continued for user's face in setting time interval to be known in real time
Not certification;It is described to continue the visitor that authority executive subsystem distributes certain period of time to user if face authentication result is successfully
The right to use of family end protected object, protected object can be used normally;If face authentication result is failure, and is unsuccessfully surpassed
Cross predetermined time interval, then it is described to continue the use that authority executive subsystem was not assigned to and cancelled the protected object of user
Power, the right to use of user customer protected object is temporarily interrupted, and user can not normally using protected in client
Object;In this process, the lasting certification of face is not interrupted, and also in being continued for, distribution and/or cancellation authority are to quilt
The state of the object of protection is directly affected without any.
Wherein, the lasting recognition subsystem of the face is automatically continued for user's face reality in setting time interval
When recognize certification, no matter certification success or authentification failure, certification is all underway.
Further, the certification security protection system that continues also includes that face learns and training subsystem, the face
Study and training subsystem are that, by the face video and/or facial image and/or face photograph of user, collection uses client
The facial image raw information of user, and the required training material of user's human face recognition model training is produced on this basis,
By training program, the face characteristic of user is extracted, form the human face recognition model of user, so that face continues recognition subsystem
Carry out face and persistently recognize certification.
Further, the facial image is obtained subsystem and is obtained in real time by the picture pick-up device installed in client in real time
The face video of user, provides for user's face registration, the login authentication of user's face and user's face continue recognition subsystem
Suitable facial image;The recognition of face subsystem obtains the face of the user of subsystem acquisition in real time from facial image automatically
The facial image that is best suitable for is captured in video and is identified, known to provide facial image in user's registration and User logs in stage
Not certification, and feed back and display recognition result.
Further, the face continues recognition subsystem also includes that the Face datection of completion real-time continuous, key point are fixed
Position, facial image pretreatment, recognition of face and certification, the function course of face tracking, also including providing use for safety officer
The operate interface of family management, log audit and security parameter configuration;The face continues recognition subsystem using acquisition in real time
User's facial image carry out identifying user and whether watching client end interface still to leave unused client.
Further, the authority executive subsystem that continues includes that completing real-time continuous authority performs and access control function
Process, also including providing the operate interface that resource is configured using management, log audit and security parameter for safety officer;
The authority executive subsystem that continues continues the identification authentication result of recognition subsystem in time to client user according to face
Access right is reallocated.
Further, it is described to client user's access right carry out reallocation include face authentication successfully authority distribution with
And face authentication failure authority distribution;It is described to continue authority executive subsystem according to face authentication result in success authority and failure
Seamless automatic switchover in the two states of authority, protected object will not occur to malfunction and/or exit because of this switching
Problem.The reallocation that carried out to client user's access right for continuing authority executive subsystem includes whether that limitation user visits
Client, resource, software and information are asked, and whether is limited using client access server and its service and software and data
Base resource.
Further, it is described to client user's access right carry out reallocation content including but not limited to keyboard cannot/
Can use, screen display mess code/correct, software/service cannot/can use, sensitive information encryption and decryption failure/success, plus
Ciphertext part/directories/files system/Fixed disk/mobile hard disk/cannot/can use, firewall rule open/close, USB/
Wifi/ network interface cards cannot/can using and printer print incorrect/correct.
The present invention is achieved in that and also provide a kind of lasting certification safety protecting method, including facial image is obtained in real time
Take method, face identification method, face to continue recognition methods and continue authority execution method, specifically include following steps:
Step one, user carries out face login authentication by the facial image real time acquiring method and face identification method
Journey;It is that successfully, the face continues Verification System and really starts, and user obtains client protected object if logged on authentication result
The right to use or control, and enter next step;It is failure if logged on authentication result, then repeats face login authentication
Process.
Step 2, client continues recognition methods and constantly enters in setting time interval, automatically using the face
Row user's face Real time identification certification;If face authentication result is successfully, method is performed to user according to the authority that continues
The right to use of client protected object is distributed, protected object can be used normally;If face authentication result is failure, and
Failure exceedes predetermined time interval, then described to continue the use that authority performs the protected object for being not assigned to and cancelling user
Power, the right to use of user customer is temporarily interrupted, and user can not normally use the protected object of client;In this mistake
Cheng Zhong, face continues certification not to interrupt, and also in being continued for, distribution and/or cancellation authority are to protected object
State is directly affected without any.Wherein, the lasting recognition methods of the face is automatically continued in setting time interval
User's face Real time identification certification, no matter certification succeeds or authentification failure, and certification is all underway.
Further, the certification safety protecting method that continues also includes face study and training method, the face
Practise and training method includes that, by the face video and/or facial image and/or face photograph of user, collection is used using client
The facial image raw information at family, and the required training material of user's human face recognition model training is produced on this basis, lead to
Training program is crossed, the face characteristic of user is extracted, the human face recognition model of user is formed, carried out so that face continues recognition methods
Face persistently recognizes certification.
Further, the face continue recognition methods using in real time acquisition user's facial image come identifying user whether
Watch client end interface and still leave unused client;The authority that continues performs method according to the lasting side of identification of face
The identification authentication result of method is reallocated and/or is adjusted to client user's access right in time.The authority that continues is held
The reassignment method that carried out to client user's access right of row method includes whether that restricting user access client is protected right
The method of elephant, and whether limit the method using client access server, database resource and its service.
Further, it is described to client user's access right carry out reallocation include face authentication successfully authority distribution with
And face authentication failure authority distribution;The lasting authority execution method is according to face authentication result is in success authority and unsuccessfully weighs
Seamless automatic switchover in the two states of limit, protected system, subsystem and/or related software, hardware will not be because of this
Switch and error occurs and/or problem is exited, system, subsystem and related software, hardware error are not caused and/or is exited.
Further, it is described to client user's access right carry out reallocation content including but not limited to keyboard cannot/
Can use, screen display mess code/correct, software/service cannot/can use, sensitive information encryption and decryption failure/success, plus
Ciphertext part/directories/files system/Fixed disk/mobile hard disk/cannot/can use, firewall rule open/close, USB/
Wifi/ network interface cards cannot/can using and printer print incorrect/correct.
The present invention is achieved in that and also provides a kind of application for continuing certification security protection system as the aforementioned, and this is held
Continuous certification security protection system promotes the use of the occasion of other lasting authentications and rights management, and these applications are included but not
It is limited to bluetooth equipment, point-to-point Wifi equipment, point-to-point sound device, NFC device, IC-card equipment, fingerprint equipment and the 3rd
Square network continues authentication service to replace face function in systems.
Compared with prior art, lasting certification security protection system and its method of the invention, real-time by facial image
Obtain subsystem, recognition of face subsystem, face to continue recognition subsystem and continue authority executive subsystem, provide clients with
Continue identity identifying and authenticating, no matter user is not use client the short time, or temporarily away from client, as long as user does not exist
Before client, the present invention can carry out authority distribution to client-side information and data at once, to client resource and information
Protected, other people cannot know the interface information and internal data of client.Before only waiting user to come back to client,
And recognition subsystem Real time identification is continued by face arrive, the authority of client seamless switching immediately, user normally uses client,
So as to the security of sustainable protection client data.
Brief description of the drawings
Fig. 1 is the principle schematic for continuing the preferred embodiment of certification security protection system one of the invention.
Specific embodiment
In order that the technical problems to be solved by the invention, technical scheme and beneficial effect become more apparent, below tie
Drawings and Examples are closed, the present invention will be described in further detail.It should be appreciated that specific embodiment described herein is only
It is used to explain the present invention, is not intended to limit the present invention.
Refer to shown in Fig. 1, it is of the invention to continue certification security protection system preferred embodiment.The lasting certification is anti-safely
Protecting system is installed on the client, including facial image to obtain subsystem S10, recognition of face subsystem S30, face in real time lasting
Recognition subsystem S50, lasting authority executive subsystem S70 and face study and training subsystem S20, specifically include in following
Hold:
User carries out face login authentication process by the facial image real-time acquisition system and face identification system;If stepped on
Record authentication result S40 is that successfully, user obtains the right to use or control of client protected object, then perform face and persistently know
Small pin for the case system S50;It is failure if logged on authentication result S40, then repeats face login authentication process.
It is real-time that the lasting recognition subsystem S50 of the face is automatically continued for user's face in setting time interval
Identification certification;If face authentication result S60 is successfully, the authority executive subsystem S70 that continues distributes client to user
The right to use of protected object, the right to use of user customer continues to continue, and does not influence user normally to use;If face is recognized
Card result S60 is failure, and unsuccessfully exceedes predetermined time interval, then described to continue authority executive subsystem S70 not to user
Distribution and the right to use of cancellation pause client, the right to use of user customer are interrupted, and user can not normally use client
Hold protected object.Wherein, the lasting recognition subsystem S50 of the face is automatically continued in setting time interval
User's face Real time identification certification.
The facial image obtains subsystem S10 by the picture pick-up device user in real installed in client in real time
Face video, provides suitable for user's face registration, the login authentication of user's face and user's face continue recognition subsystem S50
Facial image.The recognition of face subsystem S30 obtains the people of the user of subsystem S10 acquisitions in real time from facial image automatically
The facial image that is best suitable for is captured in face video and is identified, to provide facial image in user's registration and User logs in stage
Identification certification, and feed back and display recognition result.
The face continues recognition subsystem S50 also to be included completing the Face datection of real-time continuous, crucial point location, face
Image preprocessing, recognition of face and certification, the function course of face tracking, also including for safety officer provide user management,
Log audit and the operate interface of security parameter configuration.The face continues recognition subsystem S50 using the use for obtaining in real time
Whether family facial image carrys out identifying user is watching client end interface is still left unused client.Face persistently recognizes son
System S50 in setting time interval repeatedly, constantly automatic, be automatically performed user's face Real time identification certification.This sets
Fixed time interval user can arbitrarily be set with situation in client.Setting time interval is usually set to 1 second ~ 10 minutes.
The lasting authority executive subsystem S70 is timely according to the identification authentication result that face continues recognition subsystem S50
Ground is reallocated to client user's access right, and client resource and information are protected, and is continued for client is provided
Property ground security protection.Continue recognition subsystem S50 in face and predetermined time interval is unsuccessfully exceeded to user's face identification
Afterwards, client automatic and the lasting authority executive subsystem S70 of execution, protect to client data.The regulation when
Between interval user can arbitrarily be set in client with situation.The predetermined time interval is usually set to 3 seconds ~ 5 minutes.The regulation
Time interval it is slightly more longer than the setting time interval that above-mentioned face continues recognition subsystem S50 automatics.
It is described reallocation is carried out to client user's access right to include that face authentication successfully recognize by authority distribution and face
Card failure authority distribution;The lasting authority executive subsystem S70 is according to face authentication result S60 is in success authority and unsuccessfully weighs
Seamless automatic switchover in the two states of limit.By protection client resource according to real-time authentication result can in two states nothing
Seaming and cutting are changed, and situation about using is not led to not.Protected system, subsystem and/or related software, hardware will not be because of this
Switch and error occurs and/or problem is exited, system, subsystem and related software, hardware error are not caused and/or is exited.
The authority executive subsystem S70 that continues includes completing the mistake of the execution of real-time continuous authority and access control function
Journey, also including providing the operate interface that resource is configured using management, log audit and security parameter for safety officer.It is described
Continue reallocation is carried out to client user's access right including whether restricting user access client for authority executive subsystem S70
End resource and information, and whether limit using client access server and database resource.
It is described to client user's access right carry out reallocation content including but not limited to keyboard cannot/can use,
Screen display mess code/correct, software/service cannot/can use, sensitive information encryption and decryption failure/success, encryption file/mesh
Record/file system/Fixed disk/mobile hard disk/cannot/can use, firewall rule open/close, USB/Wifi/ network interface cards
Cannot/can print incorrect/correct using with printer, these authorities are we term it protected object.If face is recognized
Card result S60 is that successfully then user's access right can be used including keyboard, screen display is correct, software can be used, sensitive
The success of information encryption and decryption, encryption file/directory can be used, USB/Wifi/ network interface cards can be used and printer printing is correct, etc.
Deng.If face authentication result S60 is failure, user's access right cannot be used including keyboard, screen display mess code, software
Cannot use, sensitive information encryption and decryption fails, file/directory cannot be used, USB/Wifi/ network interface cards cannot be used, printed for encryption
Machine prints incorrect, etc..
The face study and training subsystem S20 are by the face video and/or facial image and/or face of user
Photograph, collects using the facial image raw information of client user, and produces user's human face recognition model instruction on this basis
Training material required for practicing, by training program, extracts the face characteristic of user, forms the human face recognition model of user, with
The lasting recognition subsystem S50 of person who happens to be on hand for an errand's face carries out face and persistently recognizes certification.User is carried out under various use states in client
Face characteristic obtains and the user's face characteristic information for getting is stored in database.
The present invention also provides a kind of lasting certification safety protecting method, including facial image real time acquiring method, face are known
Other method, face continue recognition methods, continue authority execution method and face study and training method, specifically include following step
Suddenly:
Step one, user carries out face login authentication by the facial image real time acquiring method and face identification method
Journey;It is that successfully, user obtains the right to use or control of client, then into next step if logged on authentication result S40;Such as
Fruit login authentication result S40 is failure, then repeat face login authentication process.
Step 2, client continues recognition methods and constantly enters in setting time interval, automatically using the face
Row user's face Real time identification certification;If face authentication result S60 is successfully, method is performed to use according to the authority that continues
The right to use of client protected object is distributed at family, and protected object can use normally, the right to use of user customer after
Renew continuous, do not influence user normally to use;If face authentication result S60 is failure, and unsuccessfully exceedes predetermined time interval,
Then the authority that continues performs method, does not reallocate, cancels and suspend the use for being granted to subscription client protected object
Power, the right to use of user customer is interrupted, and user can not normally use the protected object of client.In this process
In, face continues certification not to interrupt, also in being continued for.Wherein, the lasting recognition methods of the face is automatically setting
Fix time and user's face Real time identification certification is continued in being spaced, no matter certification succeeds or authentification failure, and certification all exists
In carrying out, distribution and/or cancellation authority are directly affected to the state of protected object without any.
The facial image real time acquiring method is included by the picture pick-up device user in real installed in client
Face video, suitable people is provided for user's face registration, the login authentication of user's face and user's face continue recognition methods
The process of face image.
The face identification method includes that the face of the automatic user for obtaining subsystem S10 acquisitions in real time from facial image is regarded
The facial image that is best suitable for is captured in frequency and is identified, recognized to provide facial image in user's registration and User logs in stage
Certification, and feed back and show the process of recognition result.
It is real-time including being automatically continued for user's face in setting time interval that the face continues recognition methods
Identification certification, is still left not using the real-time user's facial image for obtaining come whether identifying user is watching client end interface
Use client.
The authority execution method that continues includes that system is right in time according to the identification authentication result that face continues recognition methods
Client user's access right carries out reassignment method, and client resource and information are protected, and continues for client is provided
Property ground security protection.
The face study and training method are included by the face video and/or facial image and/or face phase of user
Piece, collects using the facial image raw information of client user, and produces the training of user's human face recognition model on this basis
Required training material, by training program, extracts the face characteristic of user, forms the human face recognition model of user, so as to
The lasting recognition methods of face carries out face and persistently recognizes certification.
The face continues whether recognition methods is being watched using the real-time user's facial image for obtaining come identifying user
Client end interface still leaves unused client;The authority that continues performs the identification that method continues recognition methods according to face
Authentication result is reallocated to client user's access right in time.The authority that continues performs using client for method
Whether family access right carries out the method that reassignment method includes whether restricting user access client resource and information, and limit
System is using client access server and the method for database resource.
It is described reallocation is carried out to client user's access right to include that face authentication successfully recognize by authority distribution and face
Card failure authority distribution;The authority that continues performs method according to face authentication result S60 in success authority and the authority that fails
Seamless automatic switchover in two states.
It is described to client user's access right carry out reallocation content including but not limited to keyboard cannot/can use,
Screen display mess code/correct, software/service cannot/can use, sensitive information encryption and decryption failure/success, encryption file/mesh
Record/file system/Fixed disk/mobile hard disk/cannot/can use, firewall rule open/close, USB/Wifi/ network interface cards
Cannot/can print incorrect/correct using with printer.
The present invention also provides a kind of popularization and application for continuing certification security protection system as the aforementioned, the lasting certification safety
Guard system promotes the use of the occasion of other lasting authentications and rights management, and these applications include but is not limited to use bluetooth
Equipment, point-to-point Wifi equipment, point-to-point sound device, NFC device, IC-card equipment, fingerprint equipment and third party's network continue
Authentication service replaces face function in systems.The present invention has a good application prospect.
Presently preferred embodiments of the present invention is the foregoing is only, is not intended to limit the invention, it is all in essence of the invention
Any modification, equivalent and improvement made within god and principle etc., should be included within the scope of the present invention.
Claims (13)
1. it is a kind of to continue certification security protection system, install on the client, it is characterised in that obtained in real time including facial image
Subsystem, recognition of face subsystem, face continue recognition subsystem and continue authority executive subsystem, specifically include in following
Hold:
User carries out face login authentication process by the facial image real-time acquisition system and face identification system;If stepped on
Record authentication result is that successfully, the face continues Verification System and really starts, and user obtains the right to use of client protected object
Or control, and perform the lasting recognition subsystem of face;It is failure if logged on authentication result, then repeats face automatically and step on
Record verification process;
The lasting recognition subsystem of the face is automatically continued for user's face Real time identification in setting time interval to be recognized
Card;It is described to continue the client that authority executive subsystem distributes certain period of time to user if face authentication result is successfully
The right to use of protected object, protected object can be used normally;If face authentication result is failure, and unsuccessfully exceedes rule
Fixed time interval, then it is described to continue the right to use that authority executive subsystem was not assigned to and cancelled the protected object of user,
User can not normally use protected object in client;In this process, the lasting certification of face is not interrupted, and is also being held
Carry out continuously in, distribution and/or cancellation authority are directly affected to the state of protected object without any;
Wherein, the face continues recognition subsystem and is automatically continued for user's face and knows in real time in setting time interval
Not certification, no matter certification succeeds or authentification failure, and certification is all underway.
2. certification security protection system is continued as claimed in claim 1, it is characterised in that described to continue certification security protection system
System also includes that face learns and training subsystem, face study and training subsystem be by the face video of user and/
Or facial image and/or face photograph, collect using the facial image raw information of client user, and produce on this basis
Training material required for the training of user's human face recognition model, by training program, extracts the face characteristic of user, forms user
Human face recognition model, carry out face and persistently recognize certification so that face continues recognition subsystem.
3. certification security protection system is continued as claimed in claim 1, it is characterised in that the facial image obtains son in real time
The face video that system passes through the picture pick-up device user in real installed in client, is user's face registration, user's face
Login authentication and user's face continue recognition subsystem and provide suitable facial image;The recognition of face subsystem it is automatic from
Facial image to obtain and capture the facial image that is best suitable in the face video of the user of subsystem acquisition and be identified in real time, is
Facial image identification certification is provided in user's registration and User logs in stage, and is fed back and display recognition result.
4. certification security protection system is continued as claimed in claim 1, it is characterised in that the face continues recognition subsystem
Also include completing the Face datection of real-time continuous, crucial point location, facial image pretreatment, recognition of face and certification, face with
The function course of track, the operation also including providing the configuration of user management, log audit and security parameter for safety officer connects
Mouthful;The face continues whether recognition subsystem watches client using the real-time user's facial image for obtaining come identifying user
Still unused client is left in end interface.
5. certification security protection system is continued as claimed in claim 4, it is characterised in that described to continue authority executive subsystem
Process including completing the execution of real-time continuous authority and access control function, also including using pipe for safety officer provides resource
The operate interface of reason, log audit and security parameter configuration;The authority executive subsystem that continues persistently is recognized according to face
The identification authentication result of subsystem is reallocated to client user's access right in time.
6. certification security protection system is continued as claimed in claim 5, it is characterised in that described to client user's right to use
Limit carries out reallocation includes face authentication success authority distribution and face authentication failure authority distribution;The authority that continues is performed
Subsystem is protected right according to the seamless automatic switchover in the two states of success authority and failure authority of face authentication result
As that will not occur to malfunction and/or exit problem because of this switching.
7. certification security protection system is continued as claimed in claim 6, it is characterised in that described to client user's right to use
Limit carry out reallocation content including but not limited to keyboard cannot/can use, screen display mess code/correct, software/service without
Method/can use, sensitive information encryption and decryption failure/success, encryption file/directory/file system/Fixed disk/mobile hard disk/
Cannot/can use, firewall rule is opened/closed, USB/Wifi/ network interface cards cannot/can use and printer is printed not just
Really/correct.
8. it is a kind of to continue certification safety protecting method, it is characterised in that including facial image real time acquiring method, recognition of face side
Method, face continue recognition methods and continue authority execution method, specifically include following steps:
Step one, user carries out face login authentication by the facial image real time acquiring method and face identification method
Journey;It is that successfully, the face continues Verification System and really starts, and user obtains client protected object if logged on authentication result
The right to use or control, and enter next step;It is failure if logged on authentication result, then repeats face login authentication
Process;
Step 2, client continues recognition methods and is continued for using in setting time interval, automatically using the face
Family face Real time identification certification;If face authentication result is successfully, distributed to user according to the authority execution method that continues
The right to use of client protected object, protected object can be used normally;If face authentication result is failure, and failure
It is more than predetermined time interval, then described to continue the use that authority execution method was not assigned to and cancelled the protected object of user
Power, user can not normally use the protected object of client;In this process, the lasting certification of face is not interrupted, and is also existed
In being continued for, distribution and/or cancellation authority are directly affected to the state of protected object without any;
Wherein, the lasting recognition methods of the face is automatically continued for user's face Real time identification in setting time interval
Certification, no matter certification succeeds or authentification failure, and certification is all underway.
9. certification safety protecting method is continued as claimed in claim 8, it is characterised in that described to continue certification security protection side
Method also includes face study and training method, face study and training method include by the face video of user and/or
Facial image and/or face photograph, collect using the facial image raw information of client user, and produce use on this basis
Training material required for the human face recognition model training of family, by training program, extracts the face characteristic of user, forms user's
Human face recognition model, certification is persistently recognized so that the lasting recognition methods of face carries out face.
10. face as claimed in claim 8 continues the means of defence of certification safety, it is characterised in that the face is persistently known
Other method is not made using the real-time user's facial image for obtaining come whether identifying user is being watched client end interface and still left
Use client;The authority that continues performs identification authentication result of the method according to the lasting recognition methods of face in time to client
User's access right is reallocated and/or is adjusted.
11. faces as claimed in claim 10 continue the means of defence of certification safety, it is characterised in that described that client is used
Family access right carries out reallocation includes face authentication success authority distribution and face authentication failure authority distribution;It is described lasting
Authority performs method according to the seamless automatic switchover in the two states of success authority and failure authority of face authentication result, is protected
The object of shield will not occur to malfunction and/or exit problem because of this switching.
12. face as described in right wants 11 continues the means of defence of certification safety, it is characterised in that described to client user
Access right carry out reallocation content including but not limited to keyboard cannot// correct, software/clothes can be used, screen display mess code
Business cannot/can use, sensitive information encryption and decryption failure/success, encryption file/directory/file system/Fixed disk/movement
Hard disk/cannot/can use, firewall rule open/close, USB/Wifi/ network interface cards cannot/can use and printer printing
It is incorrect/correct.
The application of the lasting certification security protection system in a kind of 13. 1-7 such as claim as described in any one, its feature exists
In the lasting certification security protection system promotes the use of the occasion of other lasting authentications and rights management, these applications
Including but not limited to set with bluetooth equipment, point-to-point Wifi equipment, point-to-point sound device, NFC device, IC-card equipment, fingerprint
Standby and third party's network continues authentication service and replaces face function in systems.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710122165.XA CN106850667A (en) | 2017-03-03 | 2017-03-03 | It is a kind of to continue certification security protection system and its method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710122165.XA CN106850667A (en) | 2017-03-03 | 2017-03-03 | It is a kind of to continue certification security protection system and its method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN106850667A true CN106850667A (en) | 2017-06-13 |
Family
ID=59137883
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201710122165.XA Pending CN106850667A (en) | 2017-03-03 | 2017-03-03 | It is a kind of to continue certification security protection system and its method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN106850667A (en) |
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107992336A (en) * | 2017-11-28 | 2018-05-04 | 深圳市筑泰防务智能科技有限公司 | A kind of dual system switching method of enterprises mobile terminal |
| CN108038363A (en) * | 2017-12-05 | 2018-05-15 | 吕庆祥 | Improve the method and device of Terminal security |
| CN110427788A (en) * | 2019-06-18 | 2019-11-08 | 特斯联(北京)科技有限公司 | Display control method, device, equipment and the storage medium of data |
| CN110730169A (en) * | 2019-09-29 | 2020-01-24 | 北京东软望海科技有限公司 | Processing method, device and system for guaranteeing account security |
| CN111046361A (en) * | 2019-11-20 | 2020-04-21 | 深圳安泰创新科技股份有限公司 | Online diagnosis and treatment identity confirmation method, terminal and computer readable storage medium |
| CN112307452A (en) * | 2019-08-01 | 2021-02-02 | 银河水滴科技(北京)有限公司 | Application program operation control method and device and computer readable storage medium |
| CN112507308A (en) * | 2020-10-20 | 2021-03-16 | 麒麟软件有限公司 | Identity recognition and authentication method |
| WO2021092769A1 (en) * | 2019-11-12 | 2021-05-20 | 深圳市欢太科技有限公司 | Security protection method and device, mobile terminal, and storage medium |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102902880A (en) * | 2012-08-29 | 2013-01-30 | 四三九九网络股份有限公司 | Anti-addict system and anti-addict method of game |
| CN103778360A (en) * | 2012-10-26 | 2014-05-07 | 华为技术有限公司 | Face unlocking method and device based on motion analysis |
| CN104102868A (en) * | 2014-07-31 | 2014-10-15 | 中山市品汇创新专利技术开发有限公司 | Multi-modal USB key authentication method based on face recognition technology |
| CN104143083A (en) * | 2014-07-11 | 2014-11-12 | 北京神州智联科技有限公司 | Face recognition system based on process management |
| CN105139311A (en) * | 2015-07-31 | 2015-12-09 | 谭瑞玲 | Intelligent terminal based English teaching system |
| CN105528578A (en) * | 2015-12-04 | 2016-04-27 | 国家电网公司 | Online training monitoring method based on sound image process tracking |
-
2017
- 2017-03-03 CN CN201710122165.XA patent/CN106850667A/en active Pending
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102902880A (en) * | 2012-08-29 | 2013-01-30 | 四三九九网络股份有限公司 | Anti-addict system and anti-addict method of game |
| CN103778360A (en) * | 2012-10-26 | 2014-05-07 | 华为技术有限公司 | Face unlocking method and device based on motion analysis |
| CN104143083A (en) * | 2014-07-11 | 2014-11-12 | 北京神州智联科技有限公司 | Face recognition system based on process management |
| CN104102868A (en) * | 2014-07-31 | 2014-10-15 | 中山市品汇创新专利技术开发有限公司 | Multi-modal USB key authentication method based on face recognition technology |
| CN105139311A (en) * | 2015-07-31 | 2015-12-09 | 谭瑞玲 | Intelligent terminal based English teaching system |
| CN105528578A (en) * | 2015-12-04 | 2016-04-27 | 国家电网公司 | Online training monitoring method based on sound image process tracking |
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107992336A (en) * | 2017-11-28 | 2018-05-04 | 深圳市筑泰防务智能科技有限公司 | A kind of dual system switching method of enterprises mobile terminal |
| CN108038363A (en) * | 2017-12-05 | 2018-05-15 | 吕庆祥 | Improve the method and device of Terminal security |
| CN110427788A (en) * | 2019-06-18 | 2019-11-08 | 特斯联(北京)科技有限公司 | Display control method, device, equipment and the storage medium of data |
| CN112307452A (en) * | 2019-08-01 | 2021-02-02 | 银河水滴科技(北京)有限公司 | Application program operation control method and device and computer readable storage medium |
| CN110730169A (en) * | 2019-09-29 | 2020-01-24 | 北京东软望海科技有限公司 | Processing method, device and system for guaranteeing account security |
| WO2021092769A1 (en) * | 2019-11-12 | 2021-05-20 | 深圳市欢太科技有限公司 | Security protection method and device, mobile terminal, and storage medium |
| CN111046361A (en) * | 2019-11-20 | 2020-04-21 | 深圳安泰创新科技股份有限公司 | Online diagnosis and treatment identity confirmation method, terminal and computer readable storage medium |
| CN112507308A (en) * | 2020-10-20 | 2021-03-16 | 麒麟软件有限公司 | Identity recognition and authentication method |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN106850667A (en) | It is a kind of to continue certification security protection system and its method | |
| KR101680525B1 (en) | app forgery detection, 2-channel certification agency system and method thereof | |
| US9301140B1 (en) | Behavioral authentication system using a secure element, a behaviometric server and cryptographic servers to authenticate users | |
| US9189612B2 (en) | Biometric verification with improved privacy and network performance in client-server networks | |
| US8799670B2 (en) | Biometric authentication method, computer program, authentication server, corresponding terminal and portable object | |
| CN105429761B (en) | A kind of key generation method and device | |
| US20150358317A1 (en) | Behavioral Authentication System using a biometric fingerprint sensor and User Behavior for Authentication | |
| CN110086608A (en) | User authen method, device, computer equipment and computer readable storage medium | |
| JP5167835B2 (en) | User authentication system, method, program, and medium | |
| CN101174948A (en) | Network login system and method with face authentication | |
| CN109334283B (en) | Anti-counterfeiting method and device for seal and intelligent seal | |
| EA036443B1 (en) | System and method for communicating credentials | |
| US20010048359A1 (en) | Restriction method for utilization of computer file with use of biometrical information, method of logging in computer system and recording medium | |
| CN108768991B (en) | Real person authentication method and system | |
| CN102609656A (en) | USB (universal serial bus) key safety enhancing method and USB key safety enhancing system based on image identification | |
| CN111131202A (en) | Identity authentication method and system based on multiple information authentication | |
| US11444784B2 (en) | System and method for generation and verification of a subject's identity based on the subject's association with an organization | |
| CN110402440A (en) | Segment key Verification System | |
| JP4135151B2 (en) | Method and system for single sign-on using RFID | |
| Gentles et al. | Application of biometrics in mobile voting | |
| CN104811312A (en) | Terminal course identity authentication method based on center authorization | |
| CN112329004A (en) | Method and device for face recognition and face password | |
| CN110995661A (en) | Network card platform | |
| CN111181895A (en) | Identity authentication method | |
| US20230394179A1 (en) | Information processing apparatus, information processing method, and non-transitory computer-readable storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| CB02 | Change of applicant information |
Address after: 310053 Room B2090, 2nd floor, 368 Liuhe Road, Binjiang District, Hangzhou City, Zhejiang Province Applicant after: Zhejiang Zhibei Information Technology Co., Ltd. Address before: 310053 Room B2090, 2nd floor, 368 Liuhe Road, Binjiang District, Hangzhou City, Zhejiang Province Applicant before: Hangzhou wisdom Mdt InfoTech Ltd |
|
| CB02 | Change of applicant information | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20170613 |
|
| RJ01 | Rejection of invention patent application after publication |