CN109145561B - Authentication method of computer, apparatus thereof and storage medium - Google Patents

Authentication method of computer, apparatus thereof and storage medium Download PDF

Info

Publication number
CN109145561B
CN109145561B CN201810901035.0A CN201810901035A CN109145561B CN 109145561 B CN109145561 B CN 109145561B CN 201810901035 A CN201810901035 A CN 201810901035A CN 109145561 B CN109145561 B CN 109145561B
Authority
CN
China
Prior art keywords
user
computer
terminal
mobile terminal
server
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201810901035.0A
Other languages
Chinese (zh)
Other versions
CN109145561A (en
Inventor
顾宏超
吴同鑫
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Gu Hongchao
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Priority to CN201810901035.0A priority Critical patent/CN109145561B/en
Publication of CN109145561A publication Critical patent/CN109145561A/en
Application granted granted Critical
Publication of CN109145561B publication Critical patent/CN109145561B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints

Abstract

The invention relates to the field of communication, and discloses an authentication method of a computer, equipment and a storage medium thereof. The authentication method of the computer in the invention comprises the following steps: acquiring a first biometric characteristic of a user acquired at a computer; sending the first biological identification feature to the mobile terminal; and if the first terminal ID of the mobile terminal and the first user ID of the user of the mobile terminal which are sent by the mobile terminal are received, sending a first equipment ID, the first terminal ID and the first user ID which identify the computer to a server. The invention can ensure that the user requesting authorization and enjoying the related services of the computer at the physical position is the user himself, thereby effectively avoiding the condition that the user identity or the related computer resources after the mobile terminal is stolen are stolen, and improving the use safety of the shared computer.

Description

Authentication method of computer, apparatus thereof and storage medium
Technical Field
The present invention relates to the field of communications, and in particular, to an authentication method for a computer, an apparatus and a storage medium thereof.
Background
To save costs, more and more entrepreneurs are beginning to prefer to rent shared offices, using shared office supplies, where the use of shared office computers requires extremely high security. For a shared computer, most of the existing authentication modes rely on the mobile internet to perform one-way authentication, the problem that address information is easy to forge exists in compromise, and an attacker can remotely operate the mobile terminal to authorize the terminal needing authentication under the conditions that the mobile terminal is stolen, broken or copied.
Due to the characteristics of the internet, such sending of information in a different place is almost imperceptible, and thus it cannot be determined whether the mobile terminal is in the vicinity of a terminal (i.e., an execution device) that needs to be authorized, and further, whether an authorized user initiates an authentication application is determined.
I.e. it has been proven that it can be forged/hacked at present only by checking the identity information (cell phone SN, cell phone number, authentication function built in the mobile terminal OS, e.g. lock screen password) of the authentication or certification initiator. In such cases where higher security is required, these conventional authentication methods and authentication methods cannot be relied upon.
However, authentication is performed directly by means of a user unique identification code such as biometric features, and the like, which causes a problem that user information must be stored in a concentrated manner. When the related services are oriented to the mass market, a large amount of user information, especially user information which cannot be changed such as biometric features, is stored in a centralized manner, and once the user information is revealed, a great loss is caused to the client. That is, any service that centrally stores user information is high risk. Collecting and transmitting individual biometric characteristic information is a sensitive activity that is highly related to security and law in China and all over the world.
Disclosure of Invention
The invention aims to provide an authentication method of a computer, equipment and a storage medium thereof, which can ensure that a user requesting authorization and enjoying related services of the computer is the user himself at a physical position, effectively avoid the condition that the user identity or related computer resources after a mobile terminal is embezzled, and improve the use safety of the shared computer.
In order to solve the above technical problem, an embodiment of the present invention discloses an authentication method for a computer, including:
acquiring a first biometric characteristic of a user acquired at a computer;
sending a first biometric feature to a mobile terminal for the mobile terminal to match the received first biometric feature with a second biometric feature of a user stored in the mobile terminal;
and if the first terminal ID of the mobile terminal and the first user ID of the user of the mobile terminal which are sent by the mobile terminal are received, sending a first equipment ID, a first terminal ID and a first user ID which identify the computer to the server, so that the server matches the received first equipment ID, the received first terminal ID and the received first user ID with a second equipment ID, a received second terminal ID and a received second user ID which are received from the mobile terminal by the server.
In an example, after sending the first device ID, the first terminal ID, and the first user ID identifying the computer to a server, further comprising:
and if the authorization information which is sent by the server and matched successfully is received, controlling the computer to execute corresponding operation aiming at the user.
In an example, after the method sends the first biometric characteristic to the mobile terminal, the method further includes:
deleting the acquired first biometric characteristic.
In one example, if the device that acquired and obtained the biometric feature is not the same device, the acquisition device that acquired the biometric feature may also delete the acquired biometric feature after transmitting the acquired biometric feature.
In an exemplary embodiment, the device for detecting the first biometric characteristic is arranged or integrated on a computer and/or
The first biometric characteristic and the second biometric characteristic are fingerprints.
The embodiment of the invention also discloses an authentication method of the computer, which comprises the following steps:
the mobile terminal receives a first biological identification characteristic of a user collected at a computer;
the mobile terminal matches the received first biometric characteristic with a second biometric characteristic of the user stored in the mobile terminal;
if the matching is successful, the mobile terminal sends a first terminal ID of the mobile terminal and a first user ID of a user of the mobile terminal to the detection device sending the first biometric characteristic, and
sending a second device ID, a second terminal ID and a second user ID of the identification computer of the receiving self-detection device to the server, so that the server can: and matching the received second equipment ID, the second terminal ID and the second user ID with the first equipment ID, the first terminal ID and the first user ID received by the server from the detection equipment respectively.
In an example, the detection device is included in a computer, and/or
The first biometric characteristic and the second biometric characteristic are fingerprints.
The embodiment of the invention also discloses an authentication method of the computer, which comprises the following steps:
the server receives a second device ID, a second terminal ID and a second user ID from the mobile terminal, and receives a first device ID, a first terminal ID and a first user ID from the detection device;
the server respectively matches the received first equipment ID, the first terminal ID and the first user ID with the second equipment ID, the second terminal ID and the second user ID;
wherein the first biometric characteristic is collected at the computer and sent to the mobile terminal by the detection device, the first device ID is sent to the mobile terminal by the detection device, and
the mobile terminal transmits the second device ID, the second terminal ID, and the second user ID to the server and transmits the first terminal ID and the first user ID to the detection device when the first biometric characteristic matches a second biometric characteristic of the user stored in the mobile terminal.
In an example, after the server matches the received first device ID, first terminal ID and first user ID with the second device ID, second terminal ID and second user ID, respectively, the method further includes:
and the server executes corresponding operation aiming at the computer after the matching is successful.
In an example, after the server matches the received first device ID, first terminal ID and first user ID with the second device ID, second terminal ID and second user ID, respectively, the method further includes:
and after the server is successfully matched, the server sends successfully matched authorization information to the detection equipment, so that the detection equipment controls the computer to execute corresponding operation aiming at the user after receiving the authorization information.
The embodiment of the invention also discloses a detection device, which comprises:
the acquisition unit is used for acquiring a first biological identification characteristic of the user acquired at the computer;
the mobile terminal comprises a first sending unit, a second sending unit and a third sending unit, wherein the first sending unit is used for sending a first biological identification characteristic to the mobile terminal so that the mobile terminal can match the received first biological identification characteristic with a second biological identification characteristic of a user stored in the mobile terminal;
a second sending unit, configured to send, to the server, a first device ID, a first terminal ID, and a first user ID that identify the computer when receiving the first terminal ID of the mobile terminal and the first user ID of the user of the mobile terminal sent by the mobile terminal, so that the server matches the received first device ID, first terminal ID, and first user ID with a second device ID, a second terminal ID, and a second user ID received by the server from the mobile terminal, respectively;
the control unit is used for controlling the computer to execute corresponding operation aiming at the user after receiving the authorization information which is sent by the server and is successfully matched;
and the deleting unit is used for deleting the acquired first biological identification characteristic.
The embodiment of the invention also discloses a mobile terminal, which comprises:
a first receiving unit for receiving a first biometric characteristic of a user collected at a computer;
a first matching unit for matching the received first biometric characteristic with a second biometric characteristic of the user stored in the mobile terminal;
a third transmitting unit for transmitting the first terminal ID of the mobile terminal and the first user ID of the user of the mobile terminal to the detecting device transmitting the first biometric feature after the first matching unit is successfully matched, and
sending a second device ID, a second terminal ID and a second user ID of the identification computer of the receiving self-detection device to the server, so that the server can: and respectively matching the received second equipment ID, the second terminal ID and the second user ID with the first equipment ID, the first terminal ID and the first user ID received by the server from the detection equipment, and sending authorization information successfully matched to the equipment after the matching is successful.
The embodiment of the invention also discloses a server, which comprises:
a second receiving unit configured to receive the second device ID, the second terminal ID, and the second user ID from the mobile terminal, and receive the first device ID, the first terminal ID, and the first user ID from the detection device;
a second matching unit, configured to match the received first device ID, the first terminal ID, and the first user ID with the second device ID, the second terminal ID, and the second user ID, respectively;
the fourth sending unit is used for sending the authorization information which is successfully matched to the detection equipment after the second matching unit is successfully matched, so that the detection equipment controls the computer to execute corresponding operation aiming at the user after receiving the authorization information;
the execution unit is used for executing corresponding operation aiming at the computer after the second matching unit is successfully matched;
wherein the first biometric characteristic is collected at the computer and sent to the mobile terminal by the detection device, the first device ID is sent to the mobile terminal by the detection device, and
the mobile terminal transmits the second device ID, the second terminal ID, and the second user ID to the server and transmits the first terminal ID and the first user ID to the detection device when the first biometric characteristic matches a second biometric characteristic of the user stored in the mobile terminal.
The embodiment of the invention also discloses a device which comprises a memory and a processor, wherein the memory stores computer executable instructions, and the processor is configured to execute the instructions so as to implement the authentication method of the computer disclosed by the embodiment.
Embodiments of the present invention also disclose a non-volatile computer storage medium encoded with a computer program, wherein the computer program comprises instructions that, when executed by one or more computers, cause the one or more computers to perform the computer authentication method disclosed in the above embodiments.
Compared with the prior art, the implementation mode of the invention has the main differences and the effects that:
by matching the immediately acquired biological identification information with the biological identification stored in the mobile terminal of the user, the user can be ensured to request authorization and enjoy the related services of the computer at the physical position when the computer is used, thereby effectively avoiding the condition that the user identity or the related computer resources after the mobile terminal is stolen are stolen, and improving the use safety of the shared computer.
Furthermore, the biometric features of the user are not stored, and the biometric features do not need to be sent remotely, so that the biometric features of the user are prevented from being leaked while the authorization security is ensured.
Drawings
Fig. 1 is a flowchart illustrating an authentication method of a computer according to a first embodiment of the present invention;
FIG. 2 is a flowchart illustrating an authentication method of a computer according to a second embodiment of the present invention;
FIG. 3 is a flowchart illustrating an authentication method of a computer according to a third embodiment of the present invention;
FIG. 4 is a flowchart illustrating an authentication method of a computer according to a fourth embodiment of the present invention;
FIG. 5 is a schematic structural view of a detecting apparatus according to a fifth embodiment of the present invention;
fig. 6 is a schematic configuration diagram of a mobile terminal according to a sixth embodiment of the present invention;
fig. 7 is a schematic configuration diagram of a server according to a seventh embodiment of the present invention.
Detailed Description
In the following description, numerous technical details are set forth in order to provide a better understanding of the present application. However, it will be understood by those skilled in the art that the technical solutions claimed in the present application can be implemented without these technical details and with various changes and modifications based on the following embodiments.
In order to make the objects, technical solutions and advantages of the present invention more apparent, embodiments of the present invention will be described in detail with reference to the accompanying drawings.
It is understood that, in the present invention, the biometric feature refers to a biometric feature capable of uniquely identifying a user, such as a fingerprint, iris, facial feature, voice, etc.
Further, it is understood that in the present invention, the mobile terminal includes, but is not limited to, a smart phone, a tablet computer, and the like. The server may be a remote server or a cloud server. The device ID refers to information capable of uniquely identifying the computer, such as an identification code or number set for the computer, or an IP address, a MAC address, and the like of the computer. The terminal ID of the mobile terminal also refers to information capable of uniquely identifying the mobile terminal, such as a MAC address or an identifier specifically set for the terminal. The user ID refers to identification information that can uniquely indicate the user identity, such as a machine code (SN code) of the user's mobile phone, a mobile phone number, a user name, and the like. It should be noted that the IDs with different transmission sources are differentiated by adding the first or the second ID, for example, the first terminal ID and the second terminal ID are both IDs for identifying the mobile terminal, and only the directly transmitted devices are different, so they are differentiated.
In addition, it can be understood that the authentication object-computer provided by the present invention is a computer in a broad sense, and includes various computer products in public places, such as game machines, jukeboxes, AR (Augmented Reality)/VR (Virtual Reality) devices, public tablet computers, public smart televisions, personal self-service terminals in public places, and the like, in addition to personal computers.
The first embodiment of the invention relates to an authentication method of a computer. Fig. 1 is a flow chart of the authentication method of the computer.
Specifically, as shown in fig. 1, the authentication method of the computer includes the following steps:
in step 101, a first biometric characteristic of a user collected at a computer is acquired.
Thereafter, step 102 is entered.
In step 102, a first biometric characteristic is transmitted to the mobile terminal for the mobile terminal to match the received first biometric characteristic with a second biometric characteristic of the user stored in the mobile terminal.
Thereafter, step 103 is entered.
In step 103, it is determined whether the first terminal ID of the mobile terminal and the first user ID of the user of the mobile terminal sent by the mobile terminal are received within a first predetermined time. That is, the mobile terminal sends the first terminal ID of the mobile terminal and the first user ID of the user of the mobile terminal after successfully matching the first biometric characteristic with the second biometric characteristic stored in the mobile terminal.
If the judgment result is yes, the step 104 is entered; otherwise, the flow is ended.
In step 104, a first device ID, a first terminal ID and a first user ID identifying the computer are sent to the server for the server to match the received first device ID, first terminal ID and first user ID with a second device ID, second terminal ID and second user ID received by the server from the mobile terminal, respectively. Wherein the first device ID is a device ID identifying the computer and the second device ID is a device ID identifying the computer sent to the mobile terminal at or after the first biometric characteristic is sent to the mobile terminal.
Thereafter, step 105 is entered.
In step 105, it is determined whether the authorization information sent by the server and successfully matched is received within a second predetermined time.
If the judgment result is yes, the step 106 is entered; otherwise, the flow is ended.
In step 106, the control computer performs the corresponding operation for the user.
It will be appreciated that in embodiments of the invention, the respective operations performed by the control computer include at least one of:
controlling the computer to allow the user to enter an operating system interface corresponding to the operating authority of the user;
the control computer downloads a file or a database of a corresponding user from the cloud for the user;
controlling the computer to allow a user to access an authorized file or database on the computer;
and controlling the computer to complete the personalized setting of the user interface of the operating system for the user.
The corresponding operations performed by the control computer may also include, but are not limited to, sending an email, prompting messages (if there are other examples, please list as much as possible), and the like. In addition, when the user selects to turn off the computer, the computer can upload local data related to the user to the cloud end and delete the local data, and personal data of the user is cleared, so that personal privacy of the user is protected.
It is to be understood that, in other embodiments of the present invention, after the server successfully matches the first device ID, the first terminal ID, and the first user ID with the second device ID, the second terminal ID, and the second user ID, respectively, the server may also directly control the computer to perform corresponding operations for the user. The method is not limited to only sending the authorization information, and the other equipment controls the computer to execute corresponding operations.
Thereafter, the present flow ends.
In an example, in the step 102 or after the step 102, a second device ID identifying the computer is sent to the mobile terminal.
To prevent the leakage of the biometric features of the user, in an exemplary embodiment, after the step 102, the method further includes:
deleting the acquired first biometric characteristic. If the devices for acquiring and acquiring the biometric features are not the same device, the acquisition device for acquiring the biometric features deletes the acquired biometric features after transmitting the acquired biometric features. Therefore, the biometric identification features of the user are not stored, the biometric identification features do not need to be sent remotely, and the biometric identification features of the user are prevented from being leaked while the authorization security is ensured.
In an example, the device for acquiring the first biometric characteristic is arranged or integrated on a computer. For example, the acquisition device of the first biometric characteristic is mounted or arranged on a switch button of the computer.
In other exemplary embodiments of the present invention, the collecting device may be an external device, and the collected biometric characteristic information may be transmitted to the computer through a wireless or wired connection.
In an example, the first biometric characteristic and the second biometric characteristic are fingerprints.
By matching the immediately acquired biological identification information with the biological identification information stored in the mobile terminal of the user, the user can be ensured to request authorization and enjoy the related services of the computer at the physical position when the computer is used, thereby effectively avoiding the condition that the user identity or the related computer resources after the mobile terminal is stolen are stolen, improving the use safety of the shared computer, simultaneously, the remote sending and the centralized storage of the biological identification characteristics are not needed, and the problem of the leakage of the biological identification characteristics of the user is effectively avoided.
A second embodiment of the present invention relates to an authentication method of a computer. Fig. 2 is a flow chart of the authentication method of the computer.
Specifically, as shown in fig. 2, the authentication method of the computer includes the following steps:
in step 201, the mobile terminal receives a first biometric characteristic of a user collected at a computer. Thereafter, step 202 is entered.
In step 202, the mobile terminal matches the received first biometric characteristic with a second biometric characteristic of the user stored in the mobile terminal.
If the matching is successful, step 203 is entered; otherwise, the flow is ended.
In step 203, the mobile terminal sends a first terminal ID of the mobile terminal and a first user ID of a user of the mobile terminal to the detection device sending the first biometric characteristic, and
sending a second device ID, a second terminal ID and a second user ID of the identification computer of the receiving self-detection device to the server, so that the server can: and matching the received second equipment ID, the second terminal ID and the second user ID with the first equipment ID, the first terminal ID and the first user ID received by the server from the detection equipment respectively.
It can be understood that the server may send authorization information to the detection device after the successful matching, and the detection device may control the computer to execute corresponding operations for the user after receiving the authorization information; after the matching is successful, the server can also directly execute the corresponding operation aiming at the computer.
Thereafter, the present flow ends.
In an exemplary embodiment, the detection device is included in a computer.
In another example, the first biometric characteristic and the second biometric characteristic are fingerprints.
It will be appreciated that in embodiments of the invention, the detection apparatus may be housed or integrated on the computer as part of the computer. For example, integrated with the biometric acquisition device. Or an external device, which communicates with the computer through a wired connection or a wireless communication technology.
By matching the immediately acquired biological identification information with the biological identification information stored in the mobile terminal of the user, the user can be ensured to request authorization and enjoy the related services of the computer at the physical position when the computer is used, thereby effectively avoiding the condition that the user identity or the related computer resources after the mobile terminal is stolen are stolen, improving the use safety of the shared computer, simultaneously, the remote sending and the centralized storage of the biological identification characteristics are not needed, and the problem of the leakage of the biological identification characteristics of the user is effectively avoided.
The third embodiment of the invention relates to an authentication method of a computer. Fig. 3 is a flow chart of the authentication method of the computer.
Specifically, as shown in fig. 3, the authentication method of the computer includes the following steps:
in step 301, the server receives a second device ID, a second terminal ID, and a second user ID from the mobile terminal, and receives a first device ID, a first terminal ID, and a first user ID from the detection device.
Thereafter, step 302 is entered.
In step 302, the server matches the received first device ID, first terminal ID, and first user ID with the second device ID, second terminal ID, and second user ID, respectively.
If the matching is successful, go to step 303; otherwise, the flow is ended.
In step 303, the server sends successfully matched authorization information to the detection device, so that the detection device controls the computer to perform corresponding operations for the user after receiving the authorization information, and/or
The server performs the corresponding operations for the computer.
Thereafter, the present flow ends.
Wherein in the above step, the first biometric characteristic is collected at the computer and transmitted to the mobile terminal by the detection device, the first device ID is transmitted to the mobile terminal by the detection device, and the mobile terminal transmits the second device ID, the second terminal ID, and the second user ID to the server and transmits the first terminal ID and the first user ID to the detection device when the first biometric characteristic matches the second biometric characteristic of the user stored in the mobile terminal.
It will be appreciated that in embodiments of the invention, the respective operations performed by the control computer include at least one of:
controlling the computer to allow the user to enter an operating system interface corresponding to the operating authority of the user;
the control computer downloads a file or a database of a corresponding user from the cloud for the user;
controlling the computer to allow a user to access an authorized file or database on the computer;
and controlling the computer to complete the personalized setting of the user interface of the operating system for the user.
The corresponding operations performed by the control computer may also include, but are not limited to, sending an email, prompting messages (if there are other examples, please list as much as possible), and the like. In addition, when the user selects to turn off the computer, the computer can upload local data related to the user to the cloud end and delete the local data, and personal data of the user is cleared, so that personal privacy of the user is protected.
It is understood that in embodiments of the present invention, the server performs the corresponding operations for the computer including, but not limited to:
the server sends personal files and data of the user to the computer;
the server allows the computer to access a database accessible by the user;
the server controls the computer to enter an operating system corresponding to the operating authority of the user;
the server sends an instruction to the computer to control the computer to complete the personalized setting of the user interface for the user. (if there are other examples, please list as much as possible)
By matching the immediately acquired biological identification information with the biological identification information stored in the mobile terminal of the user, the user can be ensured to request authorization and enjoy the related services of the computer at the physical position when the computer is used, thereby effectively avoiding the condition that the user identity or the related computer resources after the mobile terminal is stolen are stolen, improving the use safety of the shared computer, simultaneously, the remote sending and the centralized storage of the biological identification characteristics are not needed, and the problem of the leakage of the biological identification characteristics of the user is effectively avoided.
The fourth embodiment of the invention relates to an authentication method of a computer. Fig. 4 is a flow chart of the authentication method of the computer.
Specifically, as shown in fig. 4, the authentication method of the computer includes the following steps:
in step 401, the detection device obtains and sends to the mobile terminal a first biometric characteristic of the user collected at the computer and a second device ID identifying the computer.
Thereafter, step 402 is entered.
In step 402, the mobile terminal matches the received first biometric characteristic with a second biometric characteristic of the user stored in the mobile terminal.
Thereafter, step 403 is entered.
In step 403, the mobile terminal determines whether there is a match.
If the matching is successful, go to step 404; otherwise, the flow is ended.
In step 404, the mobile terminal sends a first terminal ID identifying the mobile terminal and a first user ID identifying a user of the mobile terminal to the detection device, and sends a second device ID, a second terminal ID identifying the mobile terminal and a second user ID identifying the user of the mobile terminal to the server.
Thereafter, step 405 is entered.
In step 405, the detection device sends a first device ID identifying the computer, and the received first terminal ID and first user ID to the server.
Thereafter, step 406 is entered.
In step 406, the server matches the received first device ID, first terminal ID, and first user ID with the second device ID, second terminal ID, and second user ID, respectively.
If the matching is successful, go to step 407; otherwise, the flow is ended.
In step 407, the server sends the successfully matched authorization information to the detection device, so that the detection device controls the computer to perform corresponding operations for the user after receiving the authorization information, and/or
The server performs the corresponding operations for the computer.
Thereafter, the present flow ends.
By matching the immediately acquired biological identification information with the biological identification information stored in the mobile terminal of the user, the user can be ensured to request authorization and enjoy the related services of the computer at the physical position when the computer is used, thereby effectively avoiding the condition that the user identity or the related computer resources after the mobile terminal is stolen are stolen, improving the use safety of the shared computer, simultaneously, the remote sending and the centralized storage of the biological identification characteristics are not needed, and the problem of the leakage of the biological identification characteristics of the user is effectively avoided.
A fifth embodiment of the present invention relates to a detection apparatus. Fig. 5 is a schematic structural view of the detection apparatus.
Specifically, as shown in fig. 5, the detection apparatus includes:
the acquisition unit is used for acquiring a first biological identification characteristic of the user acquired at the computer;
the mobile terminal comprises a first sending unit, a second sending unit and a third sending unit, wherein the first sending unit is used for sending a first biological identification characteristic to the mobile terminal so that the mobile terminal can match the received first biological identification characteristic with a second biological identification characteristic of a user stored in the mobile terminal;
a second sending unit, configured to send, to the server, a first device ID, a first terminal ID, and a first user ID that identify the computer when receiving the first terminal ID of the mobile terminal and the first user ID of the user of the mobile terminal sent by the mobile terminal, so that the server matches the received first device ID, first terminal ID, and first user ID with a second device ID, a second terminal ID, and a second user ID received by the server from the mobile terminal, respectively;
the control unit is used for controlling the computer to execute corresponding operation aiming at the user after receiving the authorization information which is sent by the server and is successfully matched;
and the deleting unit is used for deleting the acquired first biological identification characteristic.
The first and fourth embodiments are method embodiments corresponding to the present embodiment, and the present embodiment may be implemented in cooperation with the first or fourth embodiment. The related technical details mentioned in the first and fourth embodiments are still valid in this embodiment, and are not described herein again in order to reduce repetition. Accordingly, the related-art details mentioned in the present embodiment can also be applied to the first embodiment or the fourth embodiment.
A sixth embodiment of the present invention discloses a mobile terminal. Fig. 6 is a schematic structural diagram of the mobile terminal.
Specifically, as shown in fig. 6, the mobile terminal includes:
a first receiving unit for receiving a first biometric characteristic of a user collected at a computer;
a first matching unit for matching the received first biometric characteristic with a second biometric characteristic of the user stored in the mobile terminal;
a third transmitting unit for transmitting the first terminal ID of the mobile terminal and the first user ID of the user of the mobile terminal to the detecting device transmitting the first biometric feature after the first matching unit is successfully matched, and
sending a second device ID, a second terminal ID and a second user ID of the identification computer of the receiving self-detection device to the server, so that the server can: and matching the received second equipment ID, the second terminal ID and the second user ID with the first equipment ID, the first terminal ID and the first user ID received by the server from the detection equipment respectively.
The second and fourth embodiments are method embodiments corresponding to the present embodiment, and the present embodiment may be implemented in cooperation with the second or fourth embodiment. The related technical details mentioned in the second and fourth embodiments are still valid in this embodiment, and are not described herein again in order to reduce repetition. Accordingly, the related-art details mentioned in the present embodiment can also be applied in the second embodiment or the fourth embodiment.
A seventh embodiment of the present invention discloses a server. Fig. 7 is a schematic diagram of the server.
Specifically, as shown in fig. 7, the server includes:
a second receiving unit configured to receive the second device ID, the second terminal ID, and the second user ID from the mobile terminal, and receive the first device ID, the first terminal ID, and the first user ID from the detection device;
a second matching unit, configured to match the received first device ID, the first terminal ID, and the first user ID with the second device ID, the second terminal ID, and the second user ID, respectively;
the fourth sending unit is used for sending the authorization information which is successfully matched to the detection equipment after the second matching unit is successfully matched, so that the detection equipment controls the computer to execute corresponding operation aiming at the user after receiving the authorization information;
the execution unit is used for executing corresponding operation aiming at the computer after the second matching unit is successfully matched;
wherein the first biometric characteristic is collected at the computer and sent to the mobile terminal by the detection device, the first device ID is sent to the mobile terminal by the detection device, and
the mobile terminal transmits the second device ID, the second terminal ID, and the second user ID to the server and transmits the first terminal ID and the first user ID to the detection device when the first biometric characteristic matches a second biometric characteristic of the user stored in the mobile terminal.
The third and fourth embodiments are method embodiments corresponding to the present embodiment, and the present embodiment may be implemented in cooperation with the third or fourth embodiment. The related technical details mentioned in the third and fourth embodiments are still valid in this embodiment, and are not described herein again in order to reduce repetition. Accordingly, the related-art details mentioned in the present embodiment can also be applied to the third embodiment or the fourth embodiment.
An eighth embodiment of the present invention discloses an apparatus. The device comprises a memory storing computer executable instructions and a processor configured to execute the instructions to implement the computer authentication method disclosed in the first to fourth embodiments.
A ninth embodiment of the present invention discloses a non-volatile computer storage medium encoded with a computer program, wherein the computer program includes instructions that, when executed by one or more computers, cause the one or more computers to perform the authentication method to implement the computers disclosed in the first to fourth embodiments.
The method embodiments of the present invention may be implemented in software, hardware, firmware, etc. Whether the present invention is implemented as software, hardware, or firmware, the instruction code may be stored in any type of computer-accessible memory (e.g., permanent or modifiable, volatile or non-volatile, solid or non-solid, fixed or removable media, etc.). Also, the Memory may be, for example, Programmable Array Logic (PAL), Random Access Memory (RAM), Programmable Read Only Memory (PROM), Read-Only Memory (ROM), Electrically Erasable Programmable Read Only Memory (EEPROM), a magnetic disk, an optical disk, a Digital Versatile Disk (DVD), or the like.
It should be noted that, each unit/module mentioned in each device embodiment of the present invention is a logical unit/module, and physically, one logical unit may be one physical unit, or may be a part of one physical unit, or may be implemented by a combination of multiple physical units, and the physical implementation manner of these logical units itself is not the most important, and the combination of the functions implemented by these logical units is the key to solve the technical problem provided by the present invention. Furthermore, the above-mentioned embodiments of the apparatus of the present invention do not introduce elements that are less relevant for solving the technical problems of the present invention in order to highlight the innovative part of the present invention, which does not indicate that there are no other elements in the above-mentioned embodiments of the apparatus.
It is to be noted that in the claims and the description of the present patent, relational terms such as first and second, and the like are used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, the use of the verb "comprise a" to define an element does not exclude the presence of another, same element in a process, method, article, or apparatus that comprises the element.
While the invention has been shown and described with reference to certain preferred embodiments thereof, it will be understood by those skilled in the art that various changes in form and details may be made therein without departing from the spirit and scope of the invention.

Claims (14)

1. A method of authentication in a computer, comprising:
obtaining a first biometric characteristic of a user collected at the computer;
sending the first biometric characteristic to a mobile terminal for the mobile terminal to match the received first biometric characteristic with a second biometric characteristic of the user stored in the mobile terminal;
if the first terminal ID of the mobile terminal and the first user ID of the user of the mobile terminal which are sent by the mobile terminal are received, sending a first equipment ID, the first terminal ID and the first user ID which identify the computer to a server, so that the server can match the received first equipment ID, the received first terminal ID and the received first user ID with a second equipment ID, a received second terminal ID and a received second user ID which are received from the mobile terminal by the server respectively, and the received second equipment ID is sent to the mobile terminal by the computer.
2. The authentication method of a computer according to claim 1, further comprising, after transmitting a first device ID, the first terminal ID, and the first user ID identifying the computer to a server:
and if the authorization information which is sent by the server and matched successfully is received, controlling the computer to execute corresponding operation aiming at the user.
3. The authentication method of the computer according to claim 1 or 2, further comprising, after sending the first biometric characteristic to the mobile terminal:
deleting the acquired first biometric characteristic.
4. Method for authenticating a computer according to claim 3, characterized in that the device for acquiring the first biometric characteristic is arranged or integrated on the computer and/or
The first and second biometric characteristics are fingerprints.
5. A method of authentication in a computer, comprising:
the mobile terminal receives a first biological identification characteristic of the user collected at the computer;
the mobile terminal matches the received first biological identification characteristic with a second biological identification characteristic of the user stored in the mobile terminal;
if the matching is successful, the mobile terminal sends the first terminal ID of the mobile terminal and the first user ID of the user of the mobile terminal to the detection device which sends the first biological identification feature, and
sending a second device ID, a second terminal ID, and a second user ID identifying the computer received from the detection device to a server for the server to: and matching the received second equipment ID, second terminal ID and second user ID with the first equipment ID, first terminal ID and first user ID received by the server from the detection equipment respectively.
6. Method for authenticating a computer according to claim 5, characterized in that the detection device is included in the computer and/or
The first and second biometric characteristics are fingerprints.
7. A method of authentication in a computer, comprising:
the server receives a second device ID, a second terminal ID and a second user ID from the mobile terminal, and receives a first device ID, a first terminal ID and a first user ID from the detection device;
the server respectively matches the received first equipment ID, first terminal ID and first user ID with the second equipment ID, second terminal ID and second user ID;
wherein a first biometric characteristic is collected at the computer and transmitted by the detection device to the mobile terminal, the second device ID is transmitted by the detection device to the mobile terminal, and
the mobile terminal transmits the second device ID, the second terminal ID, and the second user ID to the server, and transmits the first terminal ID and the first user ID to the detection device, when the first biometric characteristic matches a second biometric characteristic of the user stored in the mobile terminal.
8. The authentication method of the computer according to claim 7, wherein after the server matches the received first device ID, first terminal ID and first user ID with the second device ID, second terminal ID and second user ID, respectively, the method further comprises:
and the server executes corresponding operation aiming at the computer after the matching is successful.
9. The authentication method of the computer according to claim 7, wherein after the server matches the received first device ID, first terminal ID and first user ID with the second device ID, second terminal ID and second user ID, respectively, the method further comprises:
and after the server is successfully matched, the server sends successfully matched authorization information to the detection equipment, so that the detection equipment controls the computer to execute corresponding operation aiming at the user after receiving the authorization information.
10. A detection apparatus, comprising:
the acquisition unit is used for acquiring a first biological identification characteristic of the user acquired at the computer;
the first sending unit is used for sending the first biological identification feature to a mobile terminal so that the mobile terminal can match the received first biological identification feature with a second biological identification feature of the user stored in the mobile terminal;
a second sending unit, configured to send, when receiving the first terminal ID of the mobile terminal and the first user ID of the user of the mobile terminal sent by the mobile terminal, a first device ID, the first terminal ID, and the first user ID that identify the computer to a server, so that the server matches the received first device ID, first terminal ID, and first user ID with a second device ID, a second terminal ID, and a second user ID received by the server from the mobile terminal, respectively, and the second device ID is sent to the mobile terminal by the detection device;
the control unit is used for controlling the computer to execute corresponding operation aiming at the user after receiving the authorization information which is sent by the server and is successfully matched;
and the deleting unit is used for deleting the acquired first biological identification characteristic.
11. A mobile terminal, comprising:
a first receiving unit for receiving a first biometric characteristic of a user collected at a computer;
a first matching unit, configured to match the received first biometric characteristic with a second biometric characteristic of the user stored in the mobile terminal;
a third transmitting unit, configured to transmit the first terminal ID of the mobile terminal and the first user ID of the user of the mobile terminal to the detecting device that transmits the first biometric feature after the first matching unit succeeds in matching, and
sending a second device ID, a second terminal ID, and a second user ID identifying the computer received from the detection device to a server for the server to: and respectively matching the received second equipment ID, the second terminal ID and the second user ID with the first equipment ID, the first terminal ID and the first user ID received by the server from the detection equipment, and sending authorization information successfully matched to the equipment after the matching is successful.
12. A server, comprising:
a second receiving unit configured to receive the second device ID, the second terminal ID, and the second user ID from the mobile terminal, and receive the first device ID, the first terminal ID, and the first user ID from the detection device;
a second matching unit, configured to match the received first device ID, first terminal ID, and first user ID with the second device ID, second terminal ID, and second user ID, respectively;
a fourth sending unit, configured to send, after the second matching unit is successfully matched, authorization information that is successfully matched to the detection device, so that the detection device controls a computer to execute a corresponding operation for the user after receiving the authorization information;
the execution unit is used for executing corresponding operation aiming at the computer after the second matching unit is successfully matched;
wherein a first biometric characteristic is collected at the computer and transmitted by the detection device to the mobile terminal, the second device ID is transmitted by the detection device to the mobile terminal, and
the mobile terminal transmits the second device ID, the second terminal ID, and the second user ID to the server, and transmits the first terminal ID and the first user ID to the detection device, when the first biometric characteristic matches a second biometric characteristic of the user stored in the mobile terminal.
13. An authentication device of a computer, comprising a memory storing computer executable instructions and a processor configured to execute the instructions to implement the authentication method of the computer of any one of claims 1 to 9.
14. A non-transitory computer storage medium encoded with a computer program, the computer program comprising instructions that, when executed by one or more computers, cause the one or more computers to perform the method of authentication of the computer of any of claims 1 to 9.
CN201810901035.0A 2018-08-09 2018-08-09 Authentication method of computer, apparatus thereof and storage medium Active CN109145561B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810901035.0A CN109145561B (en) 2018-08-09 2018-08-09 Authentication method of computer, apparatus thereof and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810901035.0A CN109145561B (en) 2018-08-09 2018-08-09 Authentication method of computer, apparatus thereof and storage medium

Publications (2)

Publication Number Publication Date
CN109145561A CN109145561A (en) 2019-01-04
CN109145561B true CN109145561B (en) 2021-10-29

Family

ID=64792466

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810901035.0A Active CN109145561B (en) 2018-08-09 2018-08-09 Authentication method of computer, apparatus thereof and storage medium

Country Status (1)

Country Link
CN (1) CN109145561B (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH10307867A (en) * 1997-05-06 1998-11-17 Midei Shitei:Kk Prepaid type centralized control settlement system and its method
TW200828935A (en) * 2006-10-05 2008-07-01 Ceelox Inc System and method of secure encryption for electronic data transfer
CN101330386A (en) * 2008-05-19 2008-12-24 刘洪利 Authentication system based on biological characteristics and identification authentication method thereof
CN104753953A (en) * 2015-04-13 2015-07-01 成都双奥阳科技有限公司 Access control system

Family Cites Families (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
FR2923057B1 (en) * 2007-10-29 2009-12-25 Henri Bismuth URBAN PUBLIC TRANSPORT SYSTEM
CN101345761A (en) * 2008-08-20 2009-01-14 深圳市同洲电子股份有限公司 Private data transmission method and system
US9165124B1 (en) * 2012-02-01 2015-10-20 Convertro, Inc. Systems and methods for identifying a returning web client
SG11201405287YA (en) * 2012-04-01 2014-09-26 Authentify Inc Secure authentication in a multi-party system
CN104462922A (en) * 2014-12-11 2015-03-25 苏州海博智能系统有限公司 Method for verifying authorization on basis of biological recognition
US10069824B2 (en) * 2015-05-12 2018-09-04 Branch Banking And Trust Company Biometric signature authentication and centralized storage system
CN105608354A (en) * 2015-07-01 2016-05-25 南京酷派软件技术有限公司 Authentication method and system, terminal and server
CN108090974B (en) * 2016-11-22 2021-09-03 深圳市微付充科技有限公司 Gate control method and system
CN106919990A (en) * 2017-02-17 2017-07-04 深圳道尔法科技有限公司 A kind of net about car supervisory systems and monitoring and managing method
CN108230465B (en) * 2018-01-26 2020-05-15 深圳一卡通新技术有限公司 Mobile terminal-based gate quick passing control method

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH10307867A (en) * 1997-05-06 1998-11-17 Midei Shitei:Kk Prepaid type centralized control settlement system and its method
TW200828935A (en) * 2006-10-05 2008-07-01 Ceelox Inc System and method of secure encryption for electronic data transfer
CN101330386A (en) * 2008-05-19 2008-12-24 刘洪利 Authentication system based on biological characteristics and identification authentication method thereof
CN104753953A (en) * 2015-04-13 2015-07-01 成都双奥阳科技有限公司 Access control system

Also Published As

Publication number Publication date
CN109145561A (en) 2019-01-04

Similar Documents

Publication Publication Date Title
CN110121873B (en) Access token management method, terminal and server
CN108768970B (en) Binding method of intelligent equipment, identity authentication platform and storage medium
CN109067881B (en) Remote authorization method, device, equipment and storage medium thereof
CN106960148B (en) Method and device for distributing equipment identifiers
US20170012951A1 (en) Multi-user strong authentication token
US20200067705A1 (en) Methods, apparatuses, and computer program products for frictionless electronic signature management
EP3420677A1 (en) System and method for service assisted mobile pairing of password-less computer login
CN103856472A (en) Account login method and device
US20120192260A1 (en) System and method for user authentication by means of web-enabled personal trusted device
KR101451359B1 (en) User account recovery
WO2016183937A1 (en) Identity authentication method, device and system, and user terminal
WO2015014128A1 (en) Authentication method for wearable device, and wearable device
CN109145628B (en) Data acquisition method and system based on trusted execution environment
WO2017206524A1 (en) Electronic device control method, terminal and control system
CN108989331B (en) Use authentication method of data storage device, device and storage medium thereof
CN107622547A (en) Method, apparatus, storage medium and the computer equipment that terminal is unlocked
CN109561428B (en) Remote authentication method, device, equipment and storage medium thereof
CN113726797A (en) Safe login method, system and account management device
CN109145561B (en) Authentication method of computer, apparatus thereof and storage medium
CN109067880B (en) Remote unlocking method of shared equipment, device, equipment and storage medium thereof
CN109617898B (en) Remote authentication method, device, equipment and storage medium thereof
CN112333214B (en) Safe user authentication method and system for Internet of things equipment management
CN109117617B (en) Remote authentication method of self-service terminal, device, equipment and storage medium thereof
CN109936522B (en) Equipment authentication method and equipment authentication system
CN109547484A (en) Remote authentication method and device thereof, equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
TA01 Transfer of patent application right

Effective date of registration: 20200519

Address after: 201101 401, 39 Lane 3333, Hongxin Road, Minhang District, Shanghai

Applicant after: Gu Hongchao

Address before: 241000 A609, No. 35 Hengshan Road, Wuhu Economic and Technological Development Zone, Wuhu City, Anhui Province

Applicant before: WUHU JIZHI INTELLIGENT TECHNOLOGY Co.,Ltd.

TA01 Transfer of patent application right
GR01 Patent grant
GR01 Patent grant