CN107395634A - A kind of wearable device without password authentication method - Google Patents
A kind of wearable device without password authentication method Download PDFInfo
- Publication number
- CN107395634A CN107395634A CN201710743329.0A CN201710743329A CN107395634A CN 107395634 A CN107395634 A CN 107395634A CN 201710743329 A CN201710743329 A CN 201710743329A CN 107395634 A CN107395634 A CN 107395634A
- Authority
- CN
- China
- Prior art keywords
- authentication
- module
- wearable device
- service end
- information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 61
- 238000013475 authorization Methods 0.000 claims abstract description 117
- 238000012790 confirmation Methods 0.000 claims abstract description 46
- 230000005540 biological transmission Effects 0.000 claims description 7
- 230000027455 binding Effects 0.000 claims description 5
- 238000009739 binding Methods 0.000 claims description 5
- 238000004458 analytical method Methods 0.000 claims description 4
- 239000000203 mixture Substances 0.000 claims description 3
- 238000012544 monitoring process Methods 0.000 abstract 1
- 238000005516 engineering process Methods 0.000 description 6
- 230000006854 communication Effects 0.000 description 4
- 230000008859 change Effects 0.000 description 3
- 238000004891 communication Methods 0.000 description 3
- 238000011160 research Methods 0.000 description 3
- 230000009471 action Effects 0.000 description 2
- 230000008901 benefit Effects 0.000 description 2
- 238000012545 processing Methods 0.000 description 2
- 230000002457 bidirectional effect Effects 0.000 description 1
- 238000004364 calculation method Methods 0.000 description 1
- 238000013480 data collection Methods 0.000 description 1
- 238000013500 data storage Methods 0.000 description 1
- 230000007812 deficiency Effects 0.000 description 1
- 238000011982 device technology Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000009472 formulation Methods 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 230000009545 invasion Effects 0.000 description 1
- 238000007726 management method Methods 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 230000006855 networking Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0815—Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04B—TRANSMISSION
- H04B1/00—Details of transmission systems, not covered by a single one of groups H04B3/00 - H04B13/00; Details of transmission systems not characterised by the medium used for transmission
- H04B1/38—Transceivers, i.e. devices in which transmitter and receiver form a structural unit and in which at least one part is used for functions of transmitting and receiving
- H04B1/3827—Portable transceivers
- H04B1/385—Transceivers carried on the body, e.g. in helmets
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0884—Network architectures or network communication protocols for network security for authentication of entities by delegation of authentication, e.g. a proxy authenticates an entity to be authenticated on behalf of this entity vis-à-vis an authentication entity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/102—Entity profiles
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/50—Network services
- H04L67/55—Push-based network services
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Power Engineering (AREA)
- Computer And Data Communications (AREA)
Abstract
The invention discloses a kind of wearable device without password authentication method, technical scheme be first build by wearable device, Authentication Client and service end form without password authentication system;Device authentication module and authentication information table are installed on wearable device;Authentication module and database are installed in service end;Certification app comprising login module and authorization module is installed on Authentication Client;Device authentication module is read and renewal authentication information table, sends an authentication request to service end;Authentication module is parsed to obtain user account and certification request is sent into Authentication Client to certification request;The login of login module Authentication Client, the state of authorization module monitoring wearable device simultaneously handle certification request, generate Authorization result information;Device authentication module receives and parses through Authorization result information, generates confirmation;Authorization module receives and shows confirmation.Security protection intensity height of the present invention, simple operation, hardware cost are low.
Description
Technical field
The present invention relates to Internet of Things field wearable device (refer to and directly wear, or be incorporated into user clothes or
A kind of portable set of accessory, it can be connected as smart mobile phone, Intelligent bracelet, intelligent watch etc. by wireless network or bluetooth
Connect the equipment for carrying Android system of internet) identity identifying method, especially wearable device is without password authentication method.
Background technology
Intelligent campus project of new generation integrates a variety of answer based on Internet of Things, cloud computing and wearable device technology
With service, the universal information service ring towards scientific research and innovation, education and study, management service and rear service demand is built
Border.Representative of the intelligent watch as wearable device, it is obvious calculating, having in terms of storage, physiologic sensor and network service
Advantage, have become the preferred option of structure Intelligent campus.
Although wearable device has the characteristics of portability and ease for use, in security of system, authentication and privacy
Protection etc. also faces a variety of security threats.These security threats are essentially from four aspects:Operating system, application software,
Network service and data storage.In order to improve the flexibility of system and opening, wearable device uses open operation system mostly
System and third-party application software, cause wearable device easily by illegal invasion, security breaches are also held very much existing for simultaneity factor
Easily utilized by malicious code.Wearable device takes communication mostly, is easily ravesdropping or distorts in communication process.Can
Wearable device is often used for accessing, handle, transmit and storing user profile, but the storage to sensitive data lacks necessary visit
Ask controlling mechanism.
In view of the deficiency of wearable device inherently safe ability, in order to ensure the overall security of Intelligent campus system, is needed
Strengthen the authentication to wearable device.However, traditional authentication mode based on Password Input be not particularly suited for it is wearable
Equipment because most of wearable devices lack suitable input equipment support the quick, reliable of text or numerical data and
The input of safety, sophisticated keypads or keyboard needed for safe, high entropy password are not shown.
The identity identifying technology of wearable device mainly includes 3 classes at present:Password authentication, token authentication and biological identification.
(1) identity identifying method based on account or password:
Password is conventional as one kind and effectively identification authentication mode, user are needed on specific interface, input one
The combination of group numeral and letter, is then sent to server, server again returns to authentication result, realizes certification by network.
Its main advantage is invisible nature, easily access property and the characteristic that can easily issue, change, share or abolish.It is however, big
Quantity research person confirms that the ability that the mode of password authentication tackles observation attack is relatively weak.
However, traditional authentication mode based on password entry is not particularly suited for wearable device, simple password is transmitting
During be easily ravesdropping and crack.
(2) identity identifying method based on token:
Physical key is most ancient token access form, and their major limitations need those privately owned positions of effective key
Access.Although their Floor layer Technologies may be very complicated but are still popular.It is currently based on the authentication of physical token
Research mainly uses wearable device as third party's token.
Identity identifying method Floor layer Technology based on token is relative complex, and amount of calculation is relatively large, unsuitable work
For the identity identifying method of wearable device in itself.
(3) it is based on biometric identity authentication method:
At present, the identity identifying method based on biological characteristic mainly has two classes, and one kind is the body based on user's physiological characteristic
Part certification, another kind of is the authentication based on user behavior feature.In identity identifying method based on user's physiological characteristic often
Identification technology mainly has fingerprint recognition, personal recognition, recognition of face and iris recognition etc..These identification technologies need it
The equipment of his correlation, and with the risk of leakage user privacy information.Therefore, the authentication side based on user's physiological characteristic
Method is not particularly suited for current internet environment.And the identity identifying method based on user behavior feature utilizes human-computer interaction device
User behavior data is acquired, it may not be necessary to extras.It is currently based on grinding for the authentication of user behavior feature
Study carefully more and there is good accuracy rate.But the authentication method data collection cycle based on user behavior feature is long, need
Enough data are wanted just to can ensure that high-accuracy.
By inquiring about the patent delivered both at home and abroad and disclosed document, it is related to without disclosed document with patent for thing
Wearable device under networked environment, realize and can wear by the method combined with backstage cloud service and formulation relevant communication protocol
Wear method of the equipment without password authentication.
The content of the invention
The technical problem to be solved in the present invention is to provide a kind of wearable device without password authentication method, it is based on fixed
Procotol processed realizes, in security protection intensity and simple operation etc., better than the conventional authentication based on account number or password
Method, it is better than the identity identifying method based on token in simple operation, is significantly less than on hardware cost special based on biology
The identity identifying method of sign, and NS software and secure communication protection can be provided for wearable device.
The technical scheme is that:
Android system Booting sequence is improved to wearable device, increases authentication information table and device authentication mould in Android system
Block.Device authentication module is read and renewal authentication information table, sends an authentication request to service end, the mandate that analysis service end returns
Object information, generate confirmation.Authentication module and database are installed, authentication module receives from wearable device in service end
Certification request, certification request is parsed to obtain user account and certification request is sent to what is logged in using this user account
Authentication Client;Device authorization app is installed, device authorization app includes login module and authorization module, stepped on Authentication Client
The login of module authentication client is recorded, authorization module monitors the state of wearable device in real time, and handle that service end sends recognizes
Card request, generate Certificate Authority result and be sent to service end, service end receives Authorization result information, immediately by Authorization result
Information is pushed to wearable device.The device authentication module of wearable device receives and parses through the Authorization result letter of service end transmission
Breath, generate confirmation and will confirm that information is sent to service end.Server side authentication module will confirm that information is pushed to certification visitor
Family end.Authentication Client authorization module receives confirmation, and shows.
The present invention specifically comprises the following steps:
The first step, no password authentication system is built, no password authentication system is by n platforms wearable device, certification
Client and service end composition, n is positive integer.N platforms wearable device is connected by internet with service end, and service end passes through mutual
Networking is connected with n platforms wearable device, Authentication Client.
It is mounted on improving the Android system of Booting sequence on n platform wearable devices.Booting sequence is improved to refer to
Android system application layer replaces original starting up's module using device authentication module, and in local data base increase certification letter
Cease table.Device authentication module is connected with service end by internet, when device authentication module during service end network outage with being responsible for
With service end reconnection, and when being connected with server to service end send certification request;Device authentication module receives from service end
Authorization result information, Authorization result information is parsed, the authentication state code in Authorization result information is obtained, by authentication information
Store in authentication information table, will confirm that information is sent to service end.The certification request includes user account, wearable device
ID, authentication state code, user account refers to the user account with wearable device binding, namely Authentication Client login module is defeated
The user account number entered;Wearable device ID refers to the unique ID of wearable device;Authentication state code digit synbol current authentication shape
Three kinds of the code name character string of state, including request certification, certification success and authentification failure.The Authorization result information and certification request
Structure is identical, and only authentication state code is that S or F corresponds to certification success and failure respectively.The confirmation refers in certification
Increase acknowledgement state code Y, Y expression on the basis of request to confirm successfully.The authentication information table is the data of authentication storage information
Structure, it is made up of 3 user account, wearable device ID, the last authenticated time domains, user account, wearable device ID
Implication it is identical with the user account in certification request, wearable device ID implications;The last authenticated time refers to the last time
Complete the time point of certification.Authentication information table only has a list item, is updated after each certification success.
Service end is any one network web server being published on internet.Authentication module is installed in service end
And database, authentication module receive certification request from wearable device, certification request is parsed to obtain user account and incited somebody to action
Certification request is sent to the Authentication Client logged in using this user account;When the Authorization result letter for receiving Authentication Client return
Parsed to obtain wearable device ID during breath to Authorization result information, and Authorization result information is pushed to currently and server
It is connected and wearable device ID parses obtained wearable device ID wearable device for this, when receives the wearable device
Confirmation is parsed during confirmation to obtain user account, and will confirm that information is pushed to Authentication Client.Certification mould
Block also receives the user account and login password of the transmission of Authentication Client certification APP login modules, and inquires about the user of database
(there is a list item in user message table with receiving with the presence or absence of identical user account and login password combination in information table
User account it is identical with login password), matching result information is then returned into Authentication Client login module.Matching
Object information includes the field of an expression success or failure, successfully points out and demonstrate,proves successfully, unsuccessfully refers to authentification failure.Database
In include user message table, user message table storage user account and login password, entry number are number of users.
Authentication Client is smart mobile phone or computer equipment, at least one.Certification app is installed in Authentication Client,
Certification app includes login module and authorization module.Authentication Client is connected with service end.Login module is connected with authorization module,
Login module judges user account number and login password from keyboard or the user account number and login password of file acquisition outside input
It is whether legal, it is legal, user account is sent to authorization module, otherwise continues from keyboard or file acquisition user account number and steps on
Record password.Authorization module is connected with login module, service end, and authorization module obtains user account number, authorization module from login module
Certification request is received from service end, the mandate for being parsed to certification request and outside input being obtained from keyboard in authorization module refers to
The authentication state code of certification request is updated authorized object information when making, and Authorization result information is returned into service
End, wait and receive confirmation from service end and parse confirmation, and will confirm that information is shown in Authentication Client.
Second step, authentication information table is initialized.Initialize the wearable device just for first time certification, method
It is that the wearable device ID of authentication information table is arranged to the affiliated wearable device ID of the authentication information table, user account number is set
For the user account of wearable device ID bindings, the last authenticated time is defaulted as the wearable device time of making the product.
3rd step, using the authentication that wearable device is completed without password authentication system, method is:
The device authentication module of 3.1n platform wearable devices is authenticated to wearable device parallel using identical method,
I-th wearable device represent with wearable device i, 1≤i≤n, and wearable device i authentication method is:
3.1.1 wearable device i, wearable device i starting device authentication modules are opened.
3.1.2 device authentication module reads the authentication information table in wearable device i, nearest in authentication information table
Authenticated time judges whether device authentication information is expired, and method is:Read wearable device i current time and certification letter
The last authenticated time in table is ceased, whether contrast exceeds the default setting time (default setting 5 days), judges if if
Phase, it is necessary to re-authentication, turns 3.1.3, not out of date if judging without departing from if, turns 3.8.
3.1.3 wearable device i device authentication module judges whether the network between wearable device i and service end leads to
Freely, if network is unobstructed, 3.1.5 is turned;If network is obstructed, turn 3.1.4.
3.1.4 the network setup information that device authentication module inputs from keyboard or file reception user, network settings success
After making network connection unobstructed, turn 3.1.5.
3.1.5 device authentication module is established with service end and communicated to connect, and sends an authentication request to service end.
3.2 server side authentication modules are authenticated to the certification request received from wearable device, and method is:
3.2.1 authentication module parsing certification request, obtains user account and wearable device ID and authentication state code.
3.2.2 Authentication Client (the certification being currently connected with server that authentication module poll is currently connected with service end
Client may be by more, and each user account is corresponding one), inquire about the reception of its login module user account number whether with
3.2.1 the user account obtained is identical, if find an Authentication Client to match (or the Authentication Client to match is only
Or there is one not have), turn 3.2.4;If the Authentication Client not matched, turns 3.2.3.
3.2.3 the Authentication Client to match is established with service end and connected, and its method is:
3.2.3.1 Authentication Client starts certification app.
3.2.3.2 certification app login module obtains the user account and login password of outside input, by user account and
Its legitimacy of password transmission server side authentication module authentication, i.e., own in server side authentication module polls database user information table
The combination of user account and login password, if combining identical group with the user account and login password inputted in the presence of one
Close, then it is legal to be judged as, turns 3.2.3.3, if illegal turn 3.2.3.2.
3.2.3.3 Authentication Client is established with service end and connected.
3.2.4 certification request is sent to the Authentication Client matched by the authentication module of service end.
3.3 Authentication Clients to match are that wearable device is authenticated authorizing, and method is:
3.3.1 the authorization module of Authentication Client receives the certification request sent from server side authentication module.
3.3.2 authorization module parsing certification request, reads authentication state code therein.
3.3.3 authorization module obtains the authorized order of outside input from keyboard, if " yes ", then allows to authorize, by certification
Authentication state code in solicited message is changed to S;If " no ", the authentication state code in certification request information is changed to F.Change and recognized
The certification request information of card conditional code turns into Authorization result information.
3.3.4 Authorization result information is sent to service end by authorization module.
The authentication module of 3.4 service ends receives Authorization result information from Authentication Client, and Authorization result information is carried out
Processing, method are:
3.4.1 authentication module reads the wearable device ID in Authorization result information.
3.4.2 the wearable device that authentication module poll is currently connected with service end, inquire about has phase with what 3.4.1 was obtained
Whether the wearable device with ID is online, if not online, turn 3.4.3, otherwise turns 3.4.4.
3.4.3 server side authentication module directly sends confirmation to Authentication Client, and only confirmation code is N, represents
Confirm failure, turn 3.7 steps.
3.4.4 server side authentication module sends Authorization result information (this Authorization result information to the online wearable device
The Authorization result information that as Authentication Client returns).
The device authentication module of the 3.5 online wearable devices receives Authorization result information, and Authorization result information is entered
Row parses and sends confirmation:
3.5.1 the device authentication module of wearable device receives Authorization result information, and Authorization result information is solved
Analysis, the authentication state code in Authorization result information is read, if authentication state code is S, turns 3.5.2, if authentication state code is F, turned
3.8。
3.5.2 the last authenticated time in authentication information table is updated to current time by device authentication module.
3.5.3 device authentication module sends confirmation to service end, and acknowledgement state code is Y.
Whether the authentication module slave unit authentication module of 3.6 service ends receives confirmation, had according to confirmation inquiry
The Authentication Client to match, it will confirm that information is sent to the Authentication Client to match.Method is:
3.6.1 authentication module reads the user account in confirmation.
Whether the Authentication Client that 3.6.2 authentication module poll is currently connected with service end, inquiry have what is obtained with 3.6.1
User account number matches the Authentication Client (user that user account number and the 3.6.1 that authentication authorization and accounting Type of Client Log-on Module obtains are obtained
Account number is identical), it if finding the Authentication Client to match, will confirm that information is sent to the Authentication Client, turn 3.7.If do not look for
To the Authentication Client to match, then will confirm that information preserve (once Authentication Client that the user account matches and service
Device is pushed to Authentication Client again when connecting), turn 3.6.2 steps.
3.7 Authentication Clients receive and parse through confirmation, and method is:
3.7.1 authorization module receives confirmation, reads acknowledgement state code.
If 3.7.2 acknowledgement state code is Y, authorization module shows the information of " certification success ";If acknowledgement state code is N, award
Power module shows the information of " authentification failure+failure cause ".
3.8 certifications terminate.
Following technique effect can be reached using the present invention:
1. using the present invention without inputting password and account at wearable device end, but pass through Authentication Client mandate
Mode carries out authentication.
2.. wearable set is realized by the way that the authentication of wearable device is acted on behalf of to Authentication Client using the present invention
Certification is asked in standby end automatically when starting, and user only needs to start shooting to wearable device, without operation bidirectional, so that it may realize wearable
The authentication of equipment, great convenience is brought to user.
3. due to the authentication of wearable device is acted on behalf of to Authentication Client, the authentication band to wearable device
Carry out great safety guarantee, it is necessary to user's login authentication client, determined according to the authentication state of oneself bound device
Whether authorize.Therefore other people can not usurp other people wearable device.
Brief description of the drawings
Fig. 1 is the wearable device identity authorization system building-block of logic of first step structure of the present invention;
Fig. 2 is overall flow figure of the present invention;
Fig. 3 is that the 3rd step of the invention uses the flow for authenticating ID that wearable device is carried out without password authentication system
Figure.
Embodiment
Fig. 1 is the wearable device identity authorization system building-block of logic of first step structure of the present invention;Recognize without password identity
Card system is made up of n platforms wearable device, Authentication Client and service end, and n is positive integer.N platform wearable devices pass through interconnection
Net is connected with service end, and service end is connected by internet with n platforms wearable device, Authentication Client.
It is mounted on improving the Android system of Booting sequence on n platform wearable devices.Booting sequence is improved to refer to
Android system application layer replaces original starting up's module using device authentication module, and in local data base increase certification letter
Cease table.Device authentication module is connected with service end by internet, when device authentication module during service end network outage with being responsible for
With service end reconnection, and when being connected with server to service end send certification request;Device authentication module receives from service end
Authorization result information, Authorization result information is parsed, the authentication state code in Authorization result information is obtained, by authentication information
Store in authentication information table, will confirm that information is sent to service end.
Service end is any one network web server being published on internet.Authentication module is installed in service end
And database, authentication module receive certification request from wearable device, certification request is parsed to obtain user account and incited somebody to action
Certification request is sent to the Authentication Client logged in using this user account;When the Authorization result letter for receiving Authentication Client return
Parsed to obtain wearable device ID during breath to Authorization result information, and Authorization result information is pushed to currently and server
It is connected and wearable device ID parses obtained wearable device ID wearable device for this, when receives the wearable device
Confirmation is parsed during confirmation to obtain user account, and will confirm that information is pushed to Authentication Client.Certification mould
Block also receives the user account and login password of the transmission of Authentication Client certification APP login modules, and inquires about the user of database
(there is a list item in user message table with receiving with the presence or absence of identical user account and login password combination in information table
User account it is identical with login password), matching result information is then returned into Authentication Client login module.Data
User message table is included in storehouse, user message table storage user account and login password, entry number are number of users.
Authentication Client is smart mobile phone or computer equipment, at least one.Certification app is installed in Authentication Client,
Certification app includes login module and authorization module.Authentication Client is connected with service end.Login module is connected with authorization module,
Login module judges user account number and login password from keyboard or the user account number and login password of file acquisition outside input
It is whether legal, it is legal, user account is sent to authorization module, otherwise continues from keyboard or file acquisition user account number and steps on
Record password.Authorization module is connected with login module, service end, and authorization module obtains user account number, authorization module from login module
Certification request is received from service end, the mandate for being parsed to certification request and outside input being obtained from keyboard in authorization module refers to
The authentication state code of certification request is updated authorized object information when making, and Authorization result information is returned into service
End, wait and receive confirmation from service end and parse confirmation, and will confirm that information is shown in Authentication Client.
Fig. 2 is overall flow figure of the present invention;The present invention comprises the following steps:
The first step, build no password authentication system as shown in Figure 1.
Second step, authentication information table is initialized.Initialize the wearable device just for first time certification, method
It is that the wearable device ID of authentication information table is arranged to the affiliated wearable device ID of the authentication information table, user account number is set
For the user account of wearable device ID bindings, the last authenticated time is defaulted as the wearable device time of making the product.
3rd step, using the authentication that wearable device is completed without password authentication system, as shown in figure 3, method
It is:
The device authentication module of 3.1n platform wearable devices is authenticated to wearable device parallel using identical method,
I-th wearable device represent with wearable device i, 1≤i≤n, and wearable device i authentication method is:
3.1.1 wearable device i, wearable device i starting device authentication modules are opened.
3.1.2 device authentication module reads the authentication information table in wearable device i, nearest in authentication information table
Authenticated time judges whether device authentication information is expired, and method is:Read wearable device i current time and certification letter
The last authenticated time in table is ceased, whether contrast exceeds the default setting time (default setting 5 days), judges if if
Phase, it is necessary to re-authentication, turns 3.1.3, not out of date if judging without departing from if, turns 3.8.
3.1.3 wearable device i device authentication module judges whether the network between wearable device i and service end leads to
Freely, if network is unobstructed, 3.1.5 is turned;If network is obstructed, turn 3.1.4.
3.1.4 the network setup information that device authentication module inputs from keyboard or file reception user, network settings success
After making network connection unobstructed, turn 3.1.5.
3.1.5 device authentication module is established with service end and communicated to connect, and sends an authentication request to service end.
3.2 server side authentication modules are authenticated to the certification request received from wearable device, and method is:
3.2.1 authentication module parsing certification request, obtains user account and wearable device ID and authentication state code.
3.2.2 Authentication Client (the certification being currently connected with server that authentication module poll is currently connected with service end
Client may be by more, and each user account is corresponding one), inquire about the reception of its login module user account number whether with
3.2.1 the user account obtained is identical, if find an Authentication Client to match (or the Authentication Client to match is only
Or there is one not have), turn 3.2.4;If the Authentication Client not matched, turns 3.2.3.
3.2.3 the Authentication Client to match is established with service end and connected, and its method is:
3.2.3.1 Authentication Client starts certification app.
3.2.3.2 certification app login module obtains the user account and login password of outside input, by user account and
Its legitimacy of password transmission server side authentication module authentication, i.e., own in server side authentication module polls database user information table
The combination of user account and login password, if combining identical group with the user account and login password inputted in the presence of one
Close, then it is legal to be judged as, turns 3.2.3.3, if illegal turn 3.2.3.2.
3.2.3.3 Authentication Client is established with service end and connected.
3.2.4 certification request is sent to the Authentication Client matched by the authentication module of service end.
3.3 Authentication Clients to match are that wearable device is authenticated authorizing, and method is:
3.3.1 the authorization module of Authentication Client receives the certification request sent from server side authentication module.
3.3.2 authorization module parsing certification request, reads authentication state code therein.
3.3.3 authorization module obtains the authorized order of outside input from keyboard, if " yes ", then allows to authorize, by certification
Authentication state code in solicited message is changed to S;If " no ", the authentication state code in certification request information is changed to F.Change and recognized
The certification request information of card conditional code turns into Authorization result information.
3.3.4 Authorization result information is sent to service end by authorization module.
The authentication module of 3.4 service ends receives Authorization result information from Authentication Client, and Authorization result information is carried out
Processing, method are:
3.4.1 authentication module reads the wearable device ID in Authorization result information.
3.4.2 the wearable device that authentication module poll is currently connected with service end, inquire about has phase with what 3.4.1 was obtained
Whether the wearable device with ID is online, if not online, turn 3.4.3, otherwise turns 3.4.4.
3.4.3 server side authentication module directly sends confirmation to Authentication Client, only confirmation code is N, is represented
Confirm failure, turn 3.7 steps.
3.4.4 server side authentication module sends Authorization result information (this Authorization result information to the online wearable device
The Authorization result information that as Authentication Client returns).
The device authentication module of the 3.5 online wearable devices receives Authorization result information, and Authorization result information is entered
Row parses and sends confirmation:
3.5.1 the device authentication module of wearable device receives Authorization result information, and Authorization result information is solved
Analysis, the authentication state code in Authorization result information is read, if authentication state code is S, turns 3.5.2, if authentication state code is F, turned
3.8。
3.5.2 the last authenticated time in authentication information table is updated to current time by device authentication module.
3.5.3 device authentication module sends confirmation to service end, and acknowledgement state code is Y.
Whether the authentication module slave unit authentication module of 3.6 service ends receives confirmation, had according to confirmation inquiry
The Authentication Client to match, it will confirm that information is sent to the Authentication Client to match.Method is:
3.6.1 authentication module reads the user account in confirmation.
Whether the Authentication Client that 3.6.2 authentication module poll is currently connected with service end, inquiry have what is obtained with 3.6.1
User account number matches the Authentication Client (user that user account number and the 3.6.1 that authentication authorization and accounting Type of Client Log-on Module obtains are obtained
Account number is identical), it if finding the Authentication Client to match, will confirm that information is sent to the Authentication Client, turn 3.7.If do not look for
To the Authentication Client to match, then will confirm that information preserve (once Authentication Client that the user account matches and service
Device is pushed to Authentication Client again when connecting), turn 3.6.2 steps.
3.7 Authentication Clients receive and parse through confirmation, and method is:
3.7.1 authorization module receives confirmation, reads acknowledgement state code.
If 3.7.2 acknowledgement state code is Y, authorization module shows the information of " certification success ";If acknowledgement state code is N, award
Power module shows the information of " authentification failure+failure cause ".
3.8 certifications terminate.
Claims (5)
1. a kind of wearable device without password authentication method, it is characterised in that comprise the following steps:
The first step, no password authentication system is built, no password authentication system is by n platforms wearable device, certification client
End and service end composition, n is positive integer;N platforms wearable device is connected by internet with service end, and service end passes through internet
It is connected with n platforms wearable device, Authentication Client;
It is mounted on improving the Android system of Booting sequence on n platform wearable devices, improves Booting sequence and refer in Android
System application layer replaces original starting up's module using device authentication module, and increases authentication information in local data base
Table;Device authentication module is connected with service end by internet, when device authentication module and be responsible for during service end network outage with
Service end reconnection, and send certification request to service end when being connected with server;Device authentication module is received from service end and awarded
Object information is weighed, Authorization result information is parsed, the authentication state code in Authorization result information is obtained, authentication information is deposited
Store up in authentication information table, will confirm that information is sent to service end;The certification request includes user account, wearable device
ID, authentication state code, user account refers to the user account with wearable device binding, namely Authentication Client login module is defeated
The user account number entered;Wearable device ID refers to the unique ID of wearable device;Authentication state code digit synbol current authentication shape
Three kinds of the code name character string of state, including request certification, certification success and authentification failure;The Authorization result information and certification request
Structure is identical, and the authentication state code of Authorization result information corresponds to certification success and failure respectively for S or F;The confirmation
Refer to increases acknowledgement state code Y, Y expression on the basis of certification request confirms successfully;The authentication information table is authentication storage letter
The data structure of breath, it is made up of, user account, can wears 3 user account, wearable device ID, the last authenticated time domains
The implication for wearing device id is identical with the user account in certification request, wearable device ID implications;The last authenticated time refers to
The last time completes the time point of certification;Authentication information table only has a list item, is updated after each certification success;
Service end is any one network web server being published on internet, and authentication module sum is provided with service end
According to storehouse, authentication module receives certification request from wearable device, is parsed to obtain user account to certification request and by certification
Request is sent to the Authentication Client logged in using this user account;When receiving the Authorization result information of Authentication Client return
Authorization result information is parsed to obtain wearable device ID, and Authorization result information is pushed to and is currently connected with server
And wearable device ID parses obtained wearable device ID wearable device for this, when the confirmation for receiving the wearable device
Confirmation is parsed during information to obtain user account, and will confirm that information is pushed to Authentication Client;Authentication module
Receive the user account and login password of the transmission of Authentication Client certification APP login modules, and inquire about the user profile of database
Combined in table with the presence or absence of identical user account and login password, matching result information is then returned into Authentication Client and stepped on
Record module;Field of the matching result packet containing an expression success or failure, successfully points out and demonstrate,proves successfully, unsuccessfully point out card
Failure;User message table is included in database, user message table storage user account and login password, entry number are user
Number;
Authentication Client is smart mobile phone or computer equipment, at least one;Certification app, certification are installed in Authentication Client
App includes login module and authorization module;Authentication Client is connected with service end, and login module is connected with authorization module, logs in
Module judges whether are user account number and login password from keyboard or the user account number and login password of file acquisition outside input
It is legal, it is legal, user account is sent to authorization module, otherwise continues from keyboard or file acquisition user account number and logs in close
Code;Authorization module is connected with login module, service end, and authorization module obtains user account number from login module, and authorization module is from clothes
Business end receives certification request, certification request is parsed and when authorization module obtains the authorized order of outside input from keyboard
The authentication state code of certification request is updated authorized object information, and Authorization result information is returned into service end,
Wait and receive confirmation from service end and parse confirmation, and will confirm that information is shown in Authentication Client;
Second step, the authentication information table of the wearable device of first time certification is initialized, method is by authentication information table
Wearable device ID be arranged to the affiliated wearable device ID of the authentication information table, user account number is arranged to the wearable device
The user account of ID bindings, the wearable device time of making the product is defaulted as by the last authenticated time;
3rd step, using the authentication that wearable device is completed without password authentication system, method is:
The device authentication module of 3.1n platform wearable devices is authenticated to wearable device parallel using identical method, and i-th
Platform wearable device represents with wearable device i, 1≤i≤n, and wearable device i authentication method is:
3.1.1 wearable device i, wearable device i starting device authentication modules are opened;
3.1.2 device authentication module reads the authentication information table in wearable device i, the last time in authentication information table
Authenticated time judges whether device authentication information is expired, if expired, it is necessary to re-authentication, turns 3.1.3, if not out of date, turns 3.8;
3.1.3 wearable device i device authentication module judges whether the network between wearable device i and service end is unobstructed,
If network is unobstructed, turn 3.1.5;If network is obstructed, turn 3.1.4;
3.1.4 the network setup information that device authentication module inputs from keyboard or file reception user, network settings successfully make net
After network connection is unobstructed, turn 3.1.5;
3.1.5 device authentication module is established with service end and communicated to connect, and sends an authentication request to service end;
3.2 server side authentication modules are authenticated to the certification request received from wearable device, and method is:
3.2.1 authentication module parsing certification request, obtains user account and wearable device ID and authentication state code;
3.2.2 the Authentication Client that authentication module poll is currently connected with service end, user's account of its login module reception is inquired about
Number whether with 3.2.1 obtain user account it is identical, if finding an Authentication Client to match, turn 3.2.4;If without phase
The Authentication Client of matching, turns 3.2.3;
3.2.3 the Authentication Client to match is established with service end and connected;
3.2.4 certification request is sent to the Authentication Client matched by the authentication module of service end;
3.3 Authentication Clients to match are that wearable device is authenticated authorizing, by the authentication state in certification request information
Code is changed to S or F, authorized object information, and Authorization result information is sent into service end;
The authentication module of 3.4 service ends receives Authorization result information from Authentication Client, and Authorization result information is handled,
Method is:
3.4.1 authentication module reads the wearable device ID in Authorization result information;
3.4.2 the wearable device that authentication module poll is currently connected with service end, inquire about has identical ID with what 3.4.1 was obtained
Wearable device it is whether online, if not online, turn 3.4.3, otherwise turn 3.4.4;
3.4.3 server side authentication module directly sends confirmation to Authentication Client, confirmation code N, turns 3.7 steps;
3.4.4 server side authentication module sends Authorization result information to the online wearable device;
The device authentication module of the 3.5 online wearable devices receives Authorization result information, and Authorization result information is solved
Analyse and send confirmation and be to service end, method:
3.5.1 the device authentication module of wearable device receives Authorization result information, and Authorization result information is parsed, and reads
The authentication state code in Authorization result information is taken, if authentication state code is S, turns 3.5.2, if authentication state code is F, turns 3.8;
3.5.2 the last authenticated time in authentication information table is updated to current time by device authentication module;
3.5.3 device authentication module sends confirmation to service end, and acknowledgement state code is Y;
The authentication module slave unit authentication module of 3.6 service ends receives confirmation, whether has phase according to confirmation inquiry
The Authentication Client matched somebody with somebody, it will confirm that information is sent to the Authentication Client to match, method is:
3.6.1 authentication module reads the user account in confirmation;
Whether the Authentication Client that 3.6.2 authentication module poll is currently connected with service end, inquiry have the user obtained with 3.6.1
Account number matches Authentication Client, if finding the Authentication Client to match, will confirm that information is sent to the Authentication Client, turns
3.7;It if not finding the Authentication Client to match, will confirm that information preserves, turn 3.6.2 steps;
3.7 Authentication Clients receive and parse through confirmation, and method is:
3.7.1 authorization module receives confirmation, reads acknowledgement state code;
If 3.7.2 acknowledgement state code is Y, authorization module shows the information of " certification success ";If acknowledgement state code is N, mould is authorized
Block shows the information of " authentification failure+failure cause ";
3.8 certifications terminate.
2. a kind of wearable device as claimed in claim 1 without password authentication method, it is characterised in that 3.1.2 walks institute
State and judge that the whether expired method of device authentication information is:In the current time and authentication information table that read wearable device i
Whether the last authenticated time, contrast exceed the default setting time, judge if exceeding it is expired, if judging not without departing from if
It is expired.
3. a kind of wearable device as claimed in claim 1 without password authentication method, it is characterised in that the acquiescence
Setting time is 5 days.
4. a kind of wearable device as claimed in claim 1 without password authentication method, it is characterised in that 3.2.3 steps are recognized
Card client establishes the method connected with service end:
3.2.3.1 Authentication Client starts certification app;
3.2.3.2 certification app login module obtains the user account and login password of outside input, by user account and password
Its legitimacy of transmission server side authentication module authentication, i.e. all users in server side authentication module polls database user information table
The combination of account and login password, if combining identical combination with the user account and login password inputted in the presence of one,
It is legal to be judged as, turns 3.2.3.3, if illegal turn 3.2.3.2;
3.2.3.3 Authentication Client is established with service end and connected.
5. a kind of wearable device as claimed in claim 1 without password authentication method, it is characterised in that described in 3.3 steps
Authentication Client is that the method that wearable device is authenticated authorizing is:
3.3.1 the authorization module of Authentication Client receives the certification request sent from server side authentication module;
3.3.2 authorization module parsing certification request, reads authentication state code therein;
3.3.3 authorization module obtains the authorized order of outside input from keyboard, if " yes ", then allows to authorize, by certification request
Authentication state code in information is changed to S;If " no ", the authentication state code in certification request information is changed to F, has changed certification shape
The certification request information of state code turns into Authorization result information;
3.3.4 Authorization result information is sent to service end by authorization module.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710743329.0A CN107395634B (en) | 2017-08-25 | 2017-08-25 | Password-free identity authentication method of wearable equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710743329.0A CN107395634B (en) | 2017-08-25 | 2017-08-25 | Password-free identity authentication method of wearable equipment |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN107395634A true CN107395634A (en) | 2017-11-24 |
| CN107395634B CN107395634B (en) | 2020-02-11 |
Family
ID=60345762
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201710743329.0A Active CN107395634B (en) | 2017-08-25 | 2017-08-25 | Password-free identity authentication method of wearable equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN107395634B (en) |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108092967A (en) * | 2017-12-12 | 2018-05-29 | 中南大学 | A kind of binding method of intelligence wearable device and LAN |
| CN108416573A (en) * | 2018-03-09 | 2018-08-17 | 忻州师范学院 | A kind of synthesis College Informatization system based on Intelligent Information Processing |
| CN108650261A (en) * | 2018-05-09 | 2018-10-12 | 南京理工大学紫金学院 | Mobile terminal system software method for burn-recording based on remote encryption interaction |
| CN109040013A (en) * | 2018-06-20 | 2018-12-18 | 联想(北京)有限公司 | The authentication method and device of intelligent earphone |
| CN109936522A (en) * | 2017-12-15 | 2019-06-25 | 株式会社日立制作所 | Equipment authentication method and device authentication system |
| CN110442756A (en) * | 2019-06-27 | 2019-11-12 | 平安科技(深圳)有限公司 | Data verification method, device, computer equipment and storage medium |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20090199280A1 (en) * | 2008-02-06 | 2009-08-06 | Canon Kabushiki Kaisha | Authentication server, authentication system and account maintenance method |
| CN102592066A (en) * | 2011-01-14 | 2012-07-18 | 金鹏科技有限公司 | Fingerprint password device adaptive to intelligent device and processing method of the fingerprint password device |
| CN104506360A (en) * | 2014-12-26 | 2015-04-08 | 深圳市彩易生活科技有限公司 | Network access configuration method and system of intelligent equipment and related equipment |
| CN106161359A (en) * | 2015-04-02 | 2016-11-23 | 阿里巴巴集团控股有限公司 | The method and device of certification user, the method and device of registration wearable device |
| CN106911666A (en) * | 2017-01-04 | 2017-06-30 | 青岛海信移动通信技术股份有限公司 | A kind of wearable smart machine and its message treatment method, system |
-
2017
- 2017-08-25 CN CN201710743329.0A patent/CN107395634B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20090199280A1 (en) * | 2008-02-06 | 2009-08-06 | Canon Kabushiki Kaisha | Authentication server, authentication system and account maintenance method |
| CN102592066A (en) * | 2011-01-14 | 2012-07-18 | 金鹏科技有限公司 | Fingerprint password device adaptive to intelligent device and processing method of the fingerprint password device |
| CN104506360A (en) * | 2014-12-26 | 2015-04-08 | 深圳市彩易生活科技有限公司 | Network access configuration method and system of intelligent equipment and related equipment |
| CN106161359A (en) * | 2015-04-02 | 2016-11-23 | 阿里巴巴集团控股有限公司 | The method and device of certification user, the method and device of registration wearable device |
| CN106911666A (en) * | 2017-01-04 | 2017-06-30 | 青岛海信移动通信技术股份有限公司 | A kind of wearable smart machine and its message treatment method, system |
Non-Patent Citations (2)
| Title |
|---|
| 程卫军,艾中良: "《一种基于智能手机的可穿戴设备安全架构》", 《软件》 * |
| 胡建军: "《一种基于ECC的双向认证方案》", 《计算机系统应用》 * |
Cited By (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108092967A (en) * | 2017-12-12 | 2018-05-29 | 中南大学 | A kind of binding method of intelligence wearable device and LAN |
| CN109936522A (en) * | 2017-12-15 | 2019-06-25 | 株式会社日立制作所 | Equipment authentication method and device authentication system |
| CN109936522B (en) * | 2017-12-15 | 2022-03-04 | 株式会社日立制作所 | Equipment authentication method and equipment authentication system |
| CN108416573A (en) * | 2018-03-09 | 2018-08-17 | 忻州师范学院 | A kind of synthesis College Informatization system based on Intelligent Information Processing |
| CN108650261A (en) * | 2018-05-09 | 2018-10-12 | 南京理工大学紫金学院 | Mobile terminal system software method for burn-recording based on remote encryption interaction |
| CN108650261B (en) * | 2018-05-09 | 2021-03-05 | 南京理工大学紫金学院 | Mobile terminal system software burning method based on remote encryption interaction |
| CN109040013A (en) * | 2018-06-20 | 2018-12-18 | 联想(北京)有限公司 | The authentication method and device of intelligent earphone |
| CN109040013B (en) * | 2018-06-20 | 2021-07-16 | 联想(北京)有限公司 | Authentication method and device of intelligent earphone |
| CN110442756A (en) * | 2019-06-27 | 2019-11-12 | 平安科技(深圳)有限公司 | Data verification method, device, computer equipment and storage medium |
| WO2020258655A1 (en) * | 2019-06-27 | 2020-12-30 | 平安科技(深圳)有限公司 | Data verification method and apparatus, and computer device and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN107395634B (en) | 2020-02-11 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN107395634A (en) | A kind of wearable device without password authentication method | |
| US9208305B2 (en) | Method and apparatus for a token | |
| CN205050141U (en) | Electronic equipment | |
| CN100483994C (en) | System, portable device and method for digital authenticating, crypting and signing by generating short-lived encrypted key | |
| CN102714591B (en) | Proximity based biometric identification systems and methods | |
| US20140329497A1 (en) | Smartdevices Enabled Secure Access to Multiple Entities (SESAME) | |
| JP2016536889A (en) | Authentication system, transmitting terminal, receiving terminal, and authority authentication method | |
| WO2008074342A1 (en) | Method and arrangement for secure user authentication based on a biometric data detection device | |
| CN103021045A (en) | Intelligent entrance guard system for mobile terminal user verification | |
| KR20150029679A (en) | Method and device for control of a lock mechanism using a mobile terminal | |
| JP2002511968A (en) | Method, system and apparatus for identifying a person | |
| US20150046699A1 (en) | Method for generating public identity for authenticating an individual carrying an identification object | |
| CN107301702A (en) | Intelligent door lock system based on pattern code and Internet | |
| US20130179944A1 (en) | Personal area network (PAN) ID-authenticating systems, apparatus, method | |
| CN106982221A (en) | A kind of network authentication method, system and intelligent terminal | |
| US20100257366A1 (en) | Method of authenticating a user | |
| CN107911211B (en) | Two-dimensional code authentication system based on quantum communication network | |
| GB2408129A (en) | User authentication via short range communication from a portable device (eg a mobile phone) | |
| CN104135480A (en) | Entrance guard authorization system and entrance guard authorization method | |
| CN108447167A (en) | One kind can call Guest Pass integrated system and its control method | |
| CN101345625B (en) | Remote authentication method based on biological characteristic | |
| US20190028470A1 (en) | Method For Verifying The Identity Of A Person | |
| CN216310790U (en) | Distributed multi-person multi-device login system | |
| JP2002342271A (en) | Method and system for monitoring overlapped log-in in web access | |
| CN112422575A (en) | Control method and system for network access based on remote identity authentication |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| CB03 | Change of inventor or designer information | ||
| CB03 | Change of inventor or designer information |
Inventor after: Li Shaoyong Inventor after: Liu Yaping Inventor after: Hu Jianjun Inventor after: Song Qiang Inventor after: Liao Haining Inventor before: Li Shaoyong Inventor before: Liu Yaping Inventor before: Hu Jianjun Inventor before: Song Qiang Inventor before: Zhang Shuo Inventor before: Liao Haining |