CN108076024A - Data safe processing systems, devices and methods - Google Patents
Data safe processing systems, devices and methods Download PDFInfo
- Publication number
- CN108076024A CN108076024A CN201611025830.5A CN201611025830A CN108076024A CN 108076024 A CN108076024 A CN 108076024A CN 201611025830 A CN201611025830 A CN 201611025830A CN 108076024 A CN108076024 A CN 108076024A
- Authority
- CN
- China
- Prior art keywords
- user
- data
- log
- message
- processing
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000012545 processing Methods 0.000 title claims abstract description 98
- 238000000034 method Methods 0.000 title claims abstract description 24
- 238000012795 verification Methods 0.000 claims abstract description 28
- 238000003672 processing method Methods 0.000 claims description 13
- 230000008569 process Effects 0.000 claims description 9
- 238000000605 extraction Methods 0.000 claims description 8
- 230000015654 memory Effects 0.000 claims description 7
- 239000000203 mixture Substances 0.000 claims description 2
- 230000004071 biological effect Effects 0.000 abstract description 3
- 238000010586 diagram Methods 0.000 description 9
- 238000012552 review Methods 0.000 description 5
- 238000004891 communication Methods 0.000 description 4
- 230000006870 function Effects 0.000 description 4
- 239000000284 extract Substances 0.000 description 3
- 238000012986 modification Methods 0.000 description 3
- 230000004048 modification Effects 0.000 description 3
- PEDCQBHIVMGVHV-UHFFFAOYSA-N Glycerine Chemical compound OCC(O)CO PEDCQBHIVMGVHV-UHFFFAOYSA-N 0.000 description 2
- 238000013528 artificial neural network Methods 0.000 description 2
- 238000012550 audit Methods 0.000 description 2
- 238000004590 computer program Methods 0.000 description 2
- 235000013399 edible fruits Nutrition 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 241001269238 Data Species 0.000 description 1
- 230000009471 action Effects 0.000 description 1
- 230000008901 benefit Effects 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 238000007596 consolidation process Methods 0.000 description 1
- 238000013523 data management Methods 0.000 description 1
- 230000007812 deficiency Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 230000010365 information processing Effects 0.000 description 1
- 238000007726 management method Methods 0.000 description 1
- 238000010295 mobile communication Methods 0.000 description 1
- 239000013307 optical fiber Substances 0.000 description 1
- 238000011002 quantification Methods 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
- 230000001960 triggered effect Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0815—Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
-
- G—PHYSICS
- G10—MUSICAL INSTRUMENTS; ACOUSTICS
- G10L—SPEECH ANALYSIS TECHNIQUES OR SPEECH SYNTHESIS; SPEECH RECOGNITION; SPEECH OR VOICE PROCESSING TECHNIQUES; SPEECH OR AUDIO CODING OR DECODING
- G10L15/00—Speech recognition
- G10L15/26—Speech to text systems
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0861—Network architectures or network communication protocols for network security for authentication of entities using biometrical features, e.g. fingerprint, retina-scan
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/50—Network services
- H04L67/55—Push-based network services
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Health & Medical Sciences (AREA)
- Computational Linguistics (AREA)
- Audiology, Speech & Language Pathology (AREA)
- Human Computer Interaction (AREA)
- Physics & Mathematics (AREA)
- Acoustics & Sound (AREA)
- Multimedia (AREA)
- Biomedical Technology (AREA)
- General Health & Medical Sciences (AREA)
- Telephonic Communication Services (AREA)
Abstract
The invention discloses a kind of data safe processing systems, devices and methods, wherein, the system comprises:Log-on message authentication module for verifying log-on message input by user, tentatively confirms the legitimacy of the user identity;Sound identification module for passing through the voice messaging for identifying user, determines that the user handles the legitimacy of the data of corresponding authority;Data-pushing module, for when the data of user processing corresponding authority are legal, pending data to be pushed to user;And data processing module, for providing processing interface to the user, receive, record and preserve handling result data of the user to pending data.The present invention utilizes the biological property of people, by the verification again of voice, so as to be accurately determined personnel's legitimacy of processing data, ensures to implement the processing of data by the people with appropriate permission in data processing.
Description
Technical field
The present invention relates to technical field of information processing, specifically, are related to a kind of data safe processing system, device and side
Method.
Background technology
Enterprise, public institution work management flow in, it is special to complete or reach some in a certain project or a certain flow
, it is necessary to which the project or flow are audited or examined when determining the stage, determine whether qualified or whether can carry out next
A flow.For example, in financial system, it is necessary to which related personnel is examined when charge accounting list is generated, can incite somebody to action afterwards
The advice of settlement that examination & approval pass through is pushed to cashier and pays the bill.
The processing procedure of above-mentioned flow is rational in itself, but due to current distributed working environment, not sometimes
It can ensure that the people for performing examination & approval is legal copending person, so can cause unnecessary economic loss there are some risks.
For example, some similar processing methods are at present:Approver logs in built-in system, and the built-in system, which obtains, to be used
The log-on message at family in the case where the user login information is legal, that is, when having the permission of examination & approval, is sent by webpage
Http request obtains the data for needing to audit, and is pushed to the user (i.e. approver), so as to fulfill review operations.
With the development of mobile communication technology, approver can also realize review operation in mobile terminal.Specifically, in movement
The application docked with built-in system is installed, approver can log in built-in system in the application of mobile terminal, and system obtains in terminal
To after legal user login information, by sending http request, the data for needing to audit are obtained, and is pushed to mobile terminal and answers
With so as to fulfill review operations.
However said program can not reliably ensure the security that user uses.For example, in terms of safety guarantee, it is
System only determines the legitimacy of user by the log-on message of user, when account number and the password leakage of user or in login status
In the problem of leaving system, all may causing to perform review operations by other people.When using mobile terminal, hand can be used when logging in
Machine identifying code if there is logging in others' account, and can see the mobile phone identifying code, remain able to smooth login system, pretend to be
Approver is operated.
It can be seen that, it is necessary to preferably safety measure ensures data processing security.
The content of the invention
The technical problem to be solved in the present invention is, in view of the deficiencies of the prior art, provides a kind of data safe processing system
System, apparatus and method, for ensureing to implement the processing of data by the people with appropriate permission in data processing.
In order to solve the above-mentioned technical problem, according to an aspect of the present invention, at the present invention provides a kind of data safety
Reason system, wherein, including:
Log-on message authentication module for verifying log-on message input by user, tentatively confirms the conjunction of the user identity
Method;
Sound identification module for passing through the voice messaging for identifying user, determines that the user handles the number of corresponding authority
According to legitimacy;
Data-pushing module, for when the data of user processing corresponding authority are legal, pending data to be pushed
To user;With
Data processing module for providing processing interface to the user, is received, recorded and preserve user to pending number
According to handling result data.
Preferably, the sound identification module includes:
Phonetic feature storehouse, the verification for the sample voice characteristic information for storing user and for obtaining user speech information
Data;
Voice messaging acquiring unit, for according to preset rules, corresponding verification number to be obtained from the phonetic feature storehouse
According to and form identifying code and be pushed to user, gather voice messaging of the user based on the identifying code;
Voice characteristics information extraction unit, for being extracted from the voice messaging based on the identifying code collected
Go out voice characteristics information;With
Voice recognition unit is tested for comparing described in voice characteristics information and user correspondence based on the identifying code
The similarity of the sample voice characteristic information of code is demonstrate,proved, so that it is determined that the user handles the legitimacy of the data of corresponding authority.
Preferably, the identifying code includes:Any combination of number, letter, isolated word or word or more type.
Preferably, the data-pushing module includes:
Request transmitting unit, for sending the data processing request based on the user right;With
For being based on the data processing request, pending data is pushed to the user for request processing module.
Preferably, the log-on message authentication module includes:
Login page push unit, for inputting the page of log-on message to user's push request;With
Comparing unit, for comparing the use of this log-on message got from the login page and storage inside
The log-on message at family, so as to tentatively confirm whether the user identity is legal.
In order to solve the above-mentioned technical problem, according to another aspect of the present invention, the present invention provides a kind of data safeties
Processing method, wherein, comprise the following steps:
Receive and process the log-on message of user, the legitimacy of preliminary identification user identity;
The voice messaging of user is obtained, by identifying the voice messaging of user, determines that the user handles corresponding authority
The legitimacy of data;
When the data that the user handles corresponding authority are legal, pending data is pushed to user;
Processing interface is provided to the user, receives, record and preserve handling result data of the user to pending data.
Preferably, the voice messaging for obtaining user by identifying the voice messaging of user, determines user's processing
The step of legitimacy of the data of corresponding authority, specifically includes:
Provide a user speech identifying code;
Gather voice messaging of the user based on the identifying code;
Voice characteristics information is extracted from the voice messaging based on the identifying code;
Compare the sample voice characteristic information of voice characteristics information and the corresponding identifying code based on the identifying code
Similarity, if the similarity is greater than or equal to predetermined threshold, it is determined that the data that the user handles corresponding authority are legal,
If the similarity is less than the predetermined threshold, it is determined that the data that the user handles corresponding authority are illegal.
Preferably, the user handle corresponding authority data it is legal when, by pending data be pushed to user it
Before, send the data processing request based on the user right;
It is described pending data is pushed to user to be specially:Based on the data processing request, pushed to the user
Pending data.
Preferably, the step of log-on message for receiving and processing user, the legitimacy of preliminary identification user identity, has
Body includes:
To the page of user's push request input log-on message;
Obtain this log-on message input by user;
Compare the log-on message of the user of this described log-on message and storage inside, if described this logs in letter
Breath is consistent with the log-on message of the user of storage inside, it is determined that the user identity is legal;If this described login
The log-on message of the user of information and storage inside is inconsistent, and the user identity is illegal.
In order to solve the above-mentioned technical problem, according to an aspect of the present invention, at the present invention provides a kind of data safety
Device is managed, including memory and processor, wherein, the memory for storing data, information and instruction, hold by the processor
Row described instruction, is used to implement following steps:
Receive and process the log-on message of user, the legitimacy of preliminary identification user identity;
The voice messaging of user is obtained, by identifying the voice messaging of user, determines that the user handles corresponding authority
The legitimacy of data;
When the data that the user handles corresponding authority are legal, data processing request is sent, and receives and pushes treat
Handle data;
Processing interface is provided to the user, receives, record and preserve handling result data of the user to pending data.
The present invention utilizes the biological property of people, passes through the personnel of the secondary verification, accurately verification processing data of voice
Legitimacy, ensure in data processing, by with appropriate permission people implement specific data processing.
Description of the drawings
By referring to the following drawings description of this invention, the above and other purposes of the present invention, feature and advantage will
It is apparent, in the accompanying drawings:
Fig. 1 is the functional block diagram of data safe processing system of the present invention;
Fig. 2 is the functional block diagram of one embodiment of data safe processing system of the present invention;
Fig. 3 is the flow chart of data safety processing method of the present invention;
Fig. 4 is the flow chart of preliminary identification user identity in the method for the invention;
Fig. 5 is the flow chart of speech verification user identity in the method for the invention;
Fig. 6 is financial system principle schematic diagram in another embodiment;
Fig. 7 is the functional block diagram of the data safe processing system of another embodiment;
Fig. 8 is speech identifying code contrast schematic diagram of the present invention;
Fig. 9 is the flow chart of the data safety processing method of the embodiment;With
Figure 10 is the principle schematic diagram of Computer program product of the present invention.
Specific embodiment
Below based on embodiment, present invention is described, but the present invention is not restricted to these embodiments.Under
Text to the present invention datail description in, it is detailed to describe some specific detail sections.Do not have for a person skilled in the art
The description of these detail sections can also understand the present invention completely.In order to avoid obscuring the essence of the present invention, well known method, mistake
Journey, flow do not describe in detail.In addition attached drawing is not necessarily drawn to scale.
As shown in Figure 1, the principle assumption diagram for data safe processing system of the present invention.Data peace of the present invention
Full processing system includes:Log-on message authentication module 1, sound identification module 2, data-pushing module 3 and data processing module 4.
The log-on message authentication module 1 tentatively confirms the legitimacy of the user identity for verifying log-on message input by user.
The sound identification module 2 is used for the voice messaging by identifying user, determines that the user handles the data of corresponding authority
Legitimacy;The data-pushing module 3 is used to, when the data that the user handles corresponding authority are legal, pending data be pushed away
Give user;The data processing module 4 is used to provide processing interface to the user, receives, records and preserve user and treats
Handle the handling result data of data.
The present invention utilizes the biological property of people, by the secondary verification of voice, so as to be accurately determined processing number
According to personnel's legitimacy, ensure in data processing, by with appropriate permission people implement data processing.
Specifically, please refer to Fig.2, be the functional block diagram of one embodiment of data safe processing system.In the embodiment
In, the log-on message authentication module 1 includes login page push unit 11, log-on message receiving unit 12 and comparing unit
13.The login page push unit 11 is used for the page to user's push request input log-on message, such as common user
The window of account number and password is inputted, user can input oneself account number and password.Usually, some data can be handled
Personnel have corresponding permission, and with corresponding account number and password.When user will handle some data, it is necessary to log in this and be
System when logging in the system, inputs account number and password, its identity is verified by system first.Log-on message receiving unit
12 receive this log-on message input by user, and send it to the comparing unit 13.Comparing unit 13 compares from described
This log-on message and the log-on message of the user of storage inside that login page is got, if the two is consistent, are tested
Card passes through, and triggers sound identification module 2 to carry out further authentication.If the two is inconsistent.It can require user
Re-enter information, if be repeated several times verification still cannot by either exiting the system or recording this event, and
Alarm etc. is sent to related system.
After log-on message authentication module 1 verifies that current user identities are legal, the sound identification module 2 is triggered, into one
Step demonstrate,proves the identity of user.Wherein, the sound identification module 2 includes:Phonetic feature storehouse 21, voice messaging acquiring unit 22,
Voice characteristics information extraction unit 23 and voice recognition unit 24.Wherein, the phonetic feature storehouse 21 stores the sample language of user
Sound characteristic information and the verification data for obtaining user speech information.The verification data stored in the phonetic feature storehouse 21 can
Think digital 0-9, English alphabet a-z, isolated word, such as " day ", " moon " word or word, such as " sun " " moon " is " brave
Dare " " strong " etc., above-mentioned data can also be combined.When distributing account number for the user, it is necessary to be tested described in user's typing
Demonstrate,prove the voice of data.Voice characteristics information extraction unit 23 extracts its voice spy from the voice messaging of user's typing
Sign, and save as sample voice characteristic information, comparison basis when system uses as speech recognition.
Specifically, a voice messaging is considered as an information flow, and which includes many characteristic informations, such as sound
Ripple fluctuating range, in short-term short time frame zero-crossing rate, frame average energy, the in short-term characteristic parameters such as auto-correlation coefficient.Voice messaging can be with
The data group being divided into units of frame, in each frame characteristic parameter exist in the form of vector, therefore, it is possible to by one
Voice messaging is considered as a vector sequence.So sub-frame processing is carried out to the information flow first when extracting characteristic information, for example,
The duration of each frame is set to 20-30ms.It then, will be every from the vector sequence according to the feature to be extracted in extraction algorithm
The characteristic information carried in frame, which pulls out, to be come, and carries out quantification treatment, finally can be by number so as to obtain digitized characteristic information
The characteristic information of word is used for identifying comparing or being stored as predetermined file to be used as sample.
Voice messaging acquiring unit 22 obtains corresponding verification data group according to preset rules from the phonetic feature storehouse
User is pushed into identifying code, gathers voice messaging of the user based on the identifying code.For example, the data for being pushed to user are six
The random number in position, such as 0-1-5-6-8-3, alternatively, being pushed to the data of user as six bit digitals and the random combine of letter, such as
A-2-9-c-x-0 etc..After verifying data-pushings to user these, it is desirable that user is clearly bright to read out, when user reads aloud
What is provided is digital or alphabetical when verifying character, and the voice of typing user obtains the voice messaging based on identifying code.Phonetic feature
Information extraction unit 23 extracts voice characteristics information from the voice messaging based on the identifying code collected;Voice
Recognition unit 24 compares voice characteristics information based on the identifying code and the user corresponds to the sample voice of the identifying code
The similarity of characteristic information, so that it is determined that the user handles the legitimacy of the data of corresponding authority.
Wherein, voice recognition unit 24 corresponds to institute in voice characteristics information of the comparison based on the identifying code and the user
When stating the similarity of sample voice characteristic information of identifying code, build first it is a set of based on DNN (Deep Neural Network,
Deep neural network) algorithm GPU (Graphics Processing Unit, graphics processor) cluster parallel computing frame,
By DTW (Dynamic Time Warping, dynamic time consolidation) isolated word recognition algorithm cycle criterion six based on described
The voice characteristics information of identifying code and the user correspond to the similarity of the sample voice characteristic information of the identifying code, when similar
Degree is when reach a certain critical value, i.e., more than or equal to a default threshold value when, then it is assumed that identifying code voice described in typing
The validated user stored in the user of information and system is a people, thus is verified.Otherwise, verification is not by Bu Huixiang
The user pushes pending data, and the user cannot handle these pending datas.
When speech verification by after, trigger 3 propelling data of data-pushing module.Specifically, the data-pushing mould
Block 3 includes:Request transmitting unit 31 and request processing module 32, request transmitting unit 31 send the number based on the user right
It is asked according to processing.In general, user is in PC ends or mobile terminal login system, and system is mostly distributed frame, pending data
On the database of system or some node, thus, pending data is, it is necessary to send request in order to obtain, in system please
After processing module 32 is asked to receive the data processing request, PC ends where to the user or mobile terminal push pending number
According to.
The data processing module 4 provides processing interface to the user.The processing interface that different systems provides is different,
Even if identical system, PC ends interface and interface of mobile terminal may also have subtle difference.User can be in this interface
Handle pending data.Data processing module 4 is received, recorded and preserves handling result data of the user to pending data.
Above-described data safe processing system using verification process twice, carries out the user for performing data processing
Authentication so as to overcome the problem of performing data processing operation by unauthorized person, ensure that by competent person to handle it
Data in permission.
As shown in figure 3, the flow chart for data safety processing method of the present invention.The present invention provides a kind of data peaces
Full processing method, wherein, comprise the following steps:
Step S1 receives and processes the log-on message of user, the legitimacy of preliminary identification user identity.
Step S2 obtains the voice messaging of user, carries out speech recognition, i.e., the voice messaging of the user and voice is special
The sample voice of the user is compared in sign storehouse.
Step S3, judge whether by speech recognition, that is, to judge the user's voice messaging collected whether with voice
Whether the similarity of the sample voice of the user has reached the threshold value set in feature database, if reached, illustrates to pass through
Speech recognition, the data that the user handles corresponding authority are legal;If being not reaching to the threshold value of setting, recognition failures, weight
New return to step S2, reacquires the voice messaging of user, re-starts speech recognition.
Pending data when the data that the user handles corresponding authority are legal, is pushed to user by step S4.
Step S5 provides processing interface to the user, receives, records and preserve processing knot of the user to pending data
Fruit data.
Specifically, as shown in figure 4, in step sl, the log-on message for receiving and processing user, preliminary identification user
The step of legitimacy of identity, specifically includes:
Step S11, to the page of user's push request input log-on message.Such as, including user account number input box and
Password Input frame, user is by inputting its legal account number and password come login system.
Step S12 obtains this log-on message input by user, such as account number and password.
The log-on message of the user of step S13, this relatively more described log-on message and storage inside.
Step S14 judges whether this described log-on message is consistent with the log-on message of the user of storage inside;Such as
The log-on message of the user of this log-on message described in fruit and storage inside is inconsistent, and the user identity is illegal, then
Perform step S15;If this log-on message is consistent with the log-on message of the user of storage inside, illustrate the user
Identity is legal, enters step S2 (corresponding flow 2) at this time to continue the verification to user's progress next step.
Step S15, judges whether log-on message number input by user reaches the number of setting, if reached, turns to
Step S16, if being not reaching to setting number, return to step S11 inputs log-on message to user's push request again
The page.
Step S16, log off login page, prompts login failed for user.
As shown in figure 5, be the flow 2 in data safety processing method of the present invention, corresponding to the step S2 in Fig. 3,
That is, the described voice messaging for obtaining user by identifying the voice messaging of user, determines that the user handles the number of corresponding authority
According to legitimacy the step of specifically include:
Step S21, provides a user speech identifying code.Specifically, according to preset rules, obtained from the phonetic feature storehouse
Corresponding verification data is taken to form identifying code and be pushed to user.The preset rules can include for example, the position of identifying code
The type of number, such as 6 and each data, such as:Number, letter, isolated word or word etc..It is carried when by the identifying code
After supplying user, user need to read the identifying code according to prompting.
Step S22 gathers voice messaging of the user based on the identifying code.
Step S23 extracts voice characteristics information from the voice messaging based on the identifying code.Extracting method with
The extracting method of the characteristic information of sample voice is identical, and this will not be repeated here.
Step S24 compares the sample voice spy of voice characteristics information and the corresponding identifying code based on the identifying code
The similarity of reference breath.For example, the GPU cluster parallel computation frame based on DNN algorithms, is followed by DTW isolated word recognition algorithms
Ring judges that each voice characteristics information based on the identifying code and the user correspond to the sample voice spy of the identifying code
The similarity of reference breath.
Step S25, judges whether the similarity is greater than or equal to predetermined threshold, if greater than or equal to predetermined threshold,
Then determine that the user can legally handle the data of corresponding authority, turn to the step S4 in Fig. 3;If the similarity is small
In the predetermined threshold, it is determined that the data that the user handles corresponding authority are illegal, turn to step S26.Wherein, it is described
The deviation between characteristic information may be employed to state in similarity, the predetermined threshold, that is, deviation threshold value, if verification
The deviation that the voice characteristics information and the user of code are corresponded between the sample voice characteristic information of the identifying code is less than institute
Deviation threshold value is stated, it may be considered that the two is identical, it is the voice that same human hair goes out, otherwise, then it is assumed that be not that same human hair goes out
Voice.
If it is a variety of to handle obtained characteristic information, the process of the comparison and judgement is corresponded to repeatedly, i.e., by more
A characteristic information judges, adds the accuracy rate of identification.
Step S26, judges whether the phonetic entry number of user has reached the number of setting, if having reached time of setting
Number, then turn to step S27, if it is not, return to step S21, provides a user a new identifying code again.
Step S27, prompts user speech recognition failures, and user cannot carry out data processing.
In step s 4, before pending data is pushed to user, send at the data based on the user right
Reason request;Based on the data processing request, pending data is pushed to the user.
By the above method, before user carries out data processing, the verification of account number and password is first carried out, then carries out language
Sound is verified, so as to ensure that the processing that data are carried out by competent person, ensure that the safety of data processing.
The data handling system and method are described in detail with reference to embodiments.
In general, it is distributed system that related data or data management system for being used in enterprises and institutions etc. are mostly, some are also
Special server is needed to support.Such as financial system, as shown in fig. 6, including each application terminal 100A, 100B, 100C,
100D etc. and server-side 100S, wherein, application terminal can be PC ends, or mobile terminal, each application terminal can be with
Identical or different application is run, server-side provides the support of data, algorithm or control etc. for these application terminals.
For example, user A generates charge accounting list, it is necessary to by receiving and paying out B in application terminal 100B roots in the 100A of application terminal
It pays the bill according to charge accounting list.Usually, it is necessary to by related personnel C in application terminal 100C to application before cashier's B payments
The charge accounting list of terminal 100A generations is examined, and after examination & approval pass through, charge accounting list is sent to by application terminal 100C
Application terminal 100B is stored in database, while notifies application terminal 100B that can carry out payment operation.Cashier B is received
After charge accounting list by examination & approval or notice that application terminal 100C is sent, paid the bill according to the charge accounting list examined.
As shown in fig. 7, the data handling system includes user and server-side 100S.In the financial system A, except
Outside other related professional modules, further include:Log-on message authentication module 100, sound identification module 200, data-pushing module
300 and data processing module 400.Wherein, the log-on message authentication module 100 is located on user terminal, including login page
Push unit 101, log-on message receiving unit 102 and comparing unit 103.
That is, application terminal 100C includes data safe processing device, including:Log-on message authentication module 100, language
Voice messaging collecting unit 2022 and data processing module 400 in sound identification module 200.Wherein, log-on message authentication module
100th, the function of the voice messaging collecting unit 2022 in sound identification module 200 and data processing module 400 is by application terminal
Memory and processor in 100C are completed jointly, and for storing data, information and instruction, the processor is used to hold memory
Row described instruction, as can realize following steps:
Receive and process the log-on message of user, the legitimacy of preliminary identification user identity;
The voice messaging of user is obtained, by identifying the voice messaging of user, determines that the user handles corresponding authority
The legitimacy of data;
When the data that the user handles corresponding authority are legal, data processing request is sent, and receives and pushes treat
Handle data;
Processing interface is provided to the user, receives, record and preserve handling result data of the user to pending data.
As shown in figure 9, it is the secure data process flow figure based on system described in Fig. 7.It is as follows:
Step S100, login page push unit 101 input the page of log-on message to user's push request.User is at this
The page inputs log-on message, including account number and password.
Step S101, log-on message receiving unit 102 receive log-on message input by user, and send it to comparison list
Member 103.
The login letter of the user of step S102, this relatively more described log-on message of comparing unit 103 and storage inside
Breath.If the log-on message of the user of this described log-on message and storage inside is inconsistent, the user identity does not conform to
Method sends to the login page push unit 101 and instructs, defeated to login page push unit 101 again user's push request
Enter the page of log-on message;If this log-on message is consistent with the log-on message of the user of storage inside, illustrate institute
It is legal to state user identity, the comparing unit 103 sends to the sound identification module 200 and instructs, and carries out speech verification.
The sound identification module 200 includes carrying positioned at the phonetic feature storehouse 201 of server end 100S, voice characteristics information
Unit 203 and voice recognition unit 204 are taken, wherein, voice messaging acquiring unit 202 includes the speech verification positioned at server end
Code push unit 2021 and the voice messaging collecting unit 2022 positioned at user terminal.
Step S103, speech identifying code push unit 2021 obtains verification data from the phonetic feature storehouse 201, according to pre-
If rule composition identifying code is pushed to user;In the present embodiment, the Digital verification code that there are six for one, such as 2-6-8-2-
1-5。
Step S104, in user according to the identifying code, when sending corresponding voice, voice messaging collecting unit 2022 is adopted
Collect the voice of user, the voice messaging collecting unit 2022 generally includes the microphone circuit of PC or mobile terminal.Voice is believed
The user speech information collected is sent to voice characteristics information extraction unit 203 by breath collecting unit 2022.
Step S105, voice characteristics information extraction unit 203 carry one by one according to relevant algorithm from user speech information
Take out the phonetic feature of each identifying code.
Step S106, the phonetic feature of 204 successive appraximation each identifying code of voice recognition unit in phonetic feature storehouse
Obtain the similarity of corresponding user's sample voice data.Specifically, as shown in figure 8, according to identifying code, obtained from sample every
Then the sample voice feature of one identifying code calculates the similarity of the two.For example, the user of contrast verification code first " 2 "
The phonetic feature that scene is recorded corresponds to the sample voice feature of " 2 " of the user with phonetic feature storehouse, calculates the similar of the two
Degree, due to the physical condition of user, sound not necessarily all the time is all identical, but the sound characteristic that same person is sent exists
Be under normal circumstances it is identical, thus, the present invention be provided with a similarity threshold, when the similarity be greater than or equal to threshold value
When, then it is assumed that the user of the recording sample voice in the user and system of live recorded speech is same person, it is determined that current
User is validated user, can carry out the examination & approval of charge accounting list.If the similarity is less than the threshold value, in order to ensure
It will not cause validated user that can not carry out because of error caused by the variation (the noise change of voice as caused by flu) of user's noise
Operation can carry out the speech verification again of reasonable amount when similarity is less than threshold value.If still cannot by speech verification,
It is not validated user then to think the user, it is impossible to carry out the examination & approval of advice of settlement.
Step S107, in speech verification by rear, the transmission of request transmitting unit 301 in data-pushing module 300 is based on
The data processing request of the user right.
Step S108, after the requesting processing 302 receives the request, user is pushed to by pending data.It is described
Requesting processing 302 can be the control module of the financial system or the module for storing pending batch data etc..If the use
Family terminal 100C is PC, then is pushed to the PC;If the currently used user terminal 100C of user is mobile phone, the hand is pushed to
Machine.
Data processing module 400 in step S109, user terminal 100C provides processing interface to the user, at this point,
User can transfer the statement of account by the interface, and complete review operations.The data processing module 400 is received, recorded simultaneously
Preserve handling result data of the user to pending data.Which modification has such as been made, which mark etc. marked.
As shown in Figure 10, it is provided by the present invention for realizing that data pacify processing method entirely, the computer program of system produces
The principle schematic diagram of product.The application terminal 10A of the present invention includes signal bearing medium 100A.Signal bearing medium 100A is
Carrier is instructed, one or more instruction set can be included, as the data safe processing instruction 101A in the present embodiment is with other
Function module of uniting instruction 102A when data safe processing instruction 101A is performed by such as processor, can complete above-described embodiment
Described in function.For example, data safe processing instruction 101A is executed to accomplish following function:
To the page of user's push request input log-on message;
Log-on message input by user is received, compares the login of the user of this described log-on message and storage inside
Information.If the log-on message of the user of this described log-on message and storage inside is inconsistent, the user identity is not
Legal, user's push request inputs the page of log-on message again;If the user of this log-on message and storage inside
Log-on message it is consistent, then illustrate that the user identity is legal, related letter sent to the sound identification module of server end
Breath;
The speech identifying code that server end is sent is received, and gathers user speech;
The pending data of server end push is received, processing interface is provided to the user, receives, records and preserve use
Family is to the handling result data of pending data.
At some in the specific implementation, signal bearing medium 100A can include recordable media 103A, such as, but not limited to
Various internal memorys, external storage card.Signal bearing medium 100A can also include communication media 104A, such as, but not limited to
Number and/or analogue communication medium (for example, optical fiber cable, waveguide, wired communications links, wireless communication link etc.).
The foregoing is merely preferred embodiments, are not intended to limit the invention, to those skilled in the art, this hair
It is bright to have various modifications and changes.All any modification, equivalent replacement, improvement within spirit and principles of the present invention
Deng should all be included in the protection scope of the present invention.
Claims (11)
1. a kind of data safe processing system, wherein, including:
Log-on message authentication module for verifying log-on message input by user, tentatively confirms the legitimacy of the user identity;
Sound identification module for passing through the voice messaging for identifying user, determines that the user handles the data of corresponding authority
Legitimacy;
Data-pushing module, for when the data of user processing corresponding authority are legal, pending data to be pushed to use
Family;With
Data processing module for providing processing interface to the user, is received, recorded and preserve user to pending data
Handling result data.
2. data safe processing system as described in claim 1, wherein, the sound identification module includes:
Phonetic feature storehouse, the verification number for the sample voice characteristic information for storing user and for obtaining user speech information
According to;
Voice messaging acquiring unit, for according to preset rules, corresponding verification data to be obtained from the phonetic feature storehouse simultaneously
Composition identifying code is pushed to user, gathers voice messaging of the user based on the identifying code;
Voice characteristics information extraction unit, for extracting language from the voice messaging based on the identifying code collected
Sound characteristic information;With
Voice recognition unit corresponds to the identifying code for voice characteristics information of the comparison based on the identifying code and the user
Sample voice characteristic information similarity, so that it is determined that the user handle corresponding authority data legitimacy.
3. data safe processing system as claimed in claim 2, wherein, the identifying code includes:Digital, alphabetical, isolated
Any combination of word or word or more type.
4. data safe processing system as described in claim 1, wherein, the data-pushing module includes:
Request transmitting unit, for sending the data processing request based on the user right;With
For being based on the data processing request, pending data is pushed to the user for request processing module.
5. data safe processing system as described in claim 1, wherein, the log-on message authentication module includes:
Login page push unit, for inputting the page of log-on message to user's push request;With
Comparing unit, for comparing the user's of this log-on message got from the login page and storage inside
Log-on message, so as to tentatively confirm whether the user identity is legal.
6. a kind of data safety processing method, wherein, comprise the following steps:
Receive and process the log-on message of user, the legitimacy of preliminary identification user identity;
The voice messaging of user is obtained, by identifying the voice messaging of user, determines that the user handles the data of corresponding authority
Legitimacy;
When the data that the user handles corresponding authority are legal, pending data is pushed to user;
Processing interface is provided to the user, receives, record and preserve handling result data of the user to pending data.
7. data safety processing method as claimed in claim 6, wherein, the voice messaging for obtaining user passes through identification
The voice messaging of user determines that the step of user handles the legitimacy of the data of corresponding authority specifically includes:
Provide a user speech identifying code;
Gather voice messaging of the user based on the identifying code;
Voice characteristics information is extracted from the voice messaging based on the identifying code;
Compare the similar of the sample voice characteristic information of voice characteristics information and the corresponding identifying code based on the identifying code
Degree, if the similarity is greater than or equal to predetermined threshold, it is determined that the data that the user handles corresponding authority are legal, if
The similarity is less than the predetermined threshold, it is determined that the data that the user handles corresponding authority are illegal.
8. data safety processing method as claimed in claim 7, wherein, the identifying code includes:Digital, alphabetical, isolated
Word or word, or more any type of combination.
9. data safety processing method as claimed in claim 7, wherein, the data that corresponding authority is handled in the user are legal
When, before pending data is pushed to user, send the data processing request based on the user right;
It is described pending data is pushed to user to be specially:Based on the data processing request, pushed to the user and wait to locate
Manage data.
10. data safety processing method as claimed in claim 7, wherein, the log-on message for receiving and processing user, just
The step of legitimacy of step card user identity, specifically includes:
To the page of user's push request input log-on message;
Obtain this log-on message input by user;
Compare the log-on message of the user of this described log-on message and storage inside, if this described log-on message and
The log-on message of the user of storage inside is consistent, it is determined that the user identity is legal;If this described log-on message
Inconsistent with the log-on message of the user of storage inside, the user identity is illegal.
11. a kind of data safe processing device, including memory and processor, wherein, the memory is used to store data, letter
Breath and instruction, the processor perform described instruction, are used to implement following steps:
Receive and process the log-on message of user, the legitimacy of preliminary identification user identity;
The voice messaging of user is obtained, by identifying the voice messaging of user, determines that the user handles the data of corresponding authority
Legitimacy;
When the data that the user handles corresponding authority are legal, data processing request is sent, and receives the pending of push
Data;
Processing interface is provided to the user, receives, record and preserve handling result data of the user to pending data.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201611025830.5A CN108076024A (en) | 2016-11-16 | 2016-11-16 | Data safe processing systems, devices and methods |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201611025830.5A CN108076024A (en) | 2016-11-16 | 2016-11-16 | Data safe processing systems, devices and methods |
Publications (1)
Publication Number | Publication Date |
---|---|
CN108076024A true CN108076024A (en) | 2018-05-25 |
Family
ID=62160901
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201611025830.5A Pending CN108076024A (en) | 2016-11-16 | 2016-11-16 | Data safe processing systems, devices and methods |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN108076024A (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112086099A (en) * | 2019-06-14 | 2020-12-15 | 上海观轶教育科技有限公司 | Student-leaving teaching guidance management system and method |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103326989A (en) * | 2012-03-19 | 2013-09-25 | 上海博路信息技术有限公司 | Identifying code based on voice recognition |
US20140109203A1 (en) * | 2000-09-05 | 2014-04-17 | Strikeforce Technologies, Inc. | Multichannel device utilizing a centralized out-of-band authentication system (cobas) |
CN104902031A (en) * | 2015-07-03 | 2015-09-09 | 成都怡云科技有限公司 | Enterprise intelligent cloud system based on virtual desktop |
CN105162757A (en) * | 2015-07-03 | 2015-12-16 | 成都怡云科技有限公司 | External network log-in method for multi-authentication government virtual office platform |
-
2016
- 2016-11-16 CN CN201611025830.5A patent/CN108076024A/en active Pending
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20140109203A1 (en) * | 2000-09-05 | 2014-04-17 | Strikeforce Technologies, Inc. | Multichannel device utilizing a centralized out-of-band authentication system (cobas) |
CN103326989A (en) * | 2012-03-19 | 2013-09-25 | 上海博路信息技术有限公司 | Identifying code based on voice recognition |
CN104902031A (en) * | 2015-07-03 | 2015-09-09 | 成都怡云科技有限公司 | Enterprise intelligent cloud system based on virtual desktop |
CN105162757A (en) * | 2015-07-03 | 2015-12-16 | 成都怡云科技有限公司 | External network log-in method for multi-authentication government virtual office platform |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112086099A (en) * | 2019-06-14 | 2020-12-15 | 上海观轶教育科技有限公司 | Student-leaving teaching guidance management system and method |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US10056084B2 (en) | Tamper-resistant element for use in speaker recognition | |
CN100485702C (en) | Method and apparatus for sequential authentication of user | |
CN106961418A (en) | Identity identifying method and identity authorization system | |
CN105337928B (en) | Method for identifying ID, safety protection problem generation method and device | |
CN108429619A (en) | Identity identifying method and system | |
CN107872436A (en) | A kind of account recognition methods, apparatus and system | |
CN110598982B (en) | Active wind control method and system based on intelligent interaction | |
CN109753783A (en) | A kind of single-point logging method based on machine learning, device and computer readable storage medium | |
CN112187702A (en) | Method and device for verifying client | |
CN106878275A (en) | Auth method and device and server | |
CN106130739A (en) | Application program login process method and device | |
CN106973043A (en) | A kind of password validation system and method for password authentication | |
CN104935548A (en) | Identity verification method, device and system based on intelligent tattooing equipment | |
CN107742068A (en) | A kind of implicit identity authorization system of the multi-source of smart machine and method | |
JP2022517042A (en) | Preventing erroneous copies of data records from being sent to distributed ledger systems | |
CN108076024A (en) | Data safe processing systems, devices and methods | |
CN107590374A (en) | Control method, intelligent terminal and the storage device of voice assistant authority | |
CN112201254A (en) | Non-sensitive voice authentication method, device, equipment and storage medium | |
CN104009963B (en) | The security authentication mechanism of remote password | |
CN108763352A (en) | Interview questioning method, device and electronic equipment | |
CN107276962A (en) | A kind of dynamic password voice Verification System and method with reference to any gesture | |
Kumar et al. | A smart mobile authentication technique using user centric attributes classifications | |
Ogala et al. | Detecting Telecoms Fraud in a Cloud-Base Environment by Analyzing the Content of a Phone Conversation | |
Aithal | Implementation of Voice Biometric System in the Banking Sector | |
CN117909912B (en) | Detection method and system for two-stage abnormal user behavior analysis |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20180525 |