CN109688157B - User identity information protection system based on network - Google Patents
User identity information protection system based on network Download PDFInfo
- Publication number
- CN109688157B CN109688157B CN201910029384.2A CN201910029384A CN109688157B CN 109688157 B CN109688157 B CN 109688157B CN 201910029384 A CN201910029384 A CN 201910029384A CN 109688157 B CN109688157 B CN 109688157B
- Authority
- CN
- China
- Prior art keywords
- network
- user
- management platform
- service provider
- network identity
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
- 238000012795 verification Methods 0.000 claims abstract description 4
- 238000000034 method Methods 0.000 claims description 6
- 238000012790 confirmation Methods 0.000 claims description 5
- 238000004891 communication Methods 0.000 claims description 3
- 230000003993 interaction Effects 0.000 claims description 3
- 230000000875 corresponding effect Effects 0.000 description 2
- 230000007774 longterm Effects 0.000 description 2
- 230000006855 networking Effects 0.000 description 2
- 206010063385 Intellectualisation Diseases 0.000 description 1
- 230000002596 correlated effect Effects 0.000 description 1
- 230000004069 differentiation Effects 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 230000005021 gait Effects 0.000 description 1
- 238000002955 isolation Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000008569 process Effects 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/50—Network services
- H04L67/53—Network services using third party service providers
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The user identity information protection system based on the network is characterized in that a user uploads identity information to a network identity management platform, and the network identity management platform generates a parent network identity card on the basis of confirming that all information is real and effective; when a user registers an account, a network service provider submits a network identity card verification application to a network identity management platform, the network identity management platform generates a unique offspring network identity card through a parent network identity card provided by the user, and transmits the offspring network identity card to the network service provider. The invention isolates the relevance of user information among different service providers by providing different network identity cards for each network service provider, and reduces the problem that a network operator analyzes the privacy of a user by collecting a plurality of user information of the same person in a plurality of different service types; by using the network identity card on line, the key information for determining the identity is hidden so as to isolate the online and offline contact, and the loss caused by the leakage of the network information is reduced.
Description
Technical Field
The present invention relates to the field of network information security.
Background
With the continuous progress of networking, intellectualization and informatization, the internet provides more and more services for people, and meanwhile, more and more privacy information is authorized to a network service provider, such as names, addresses, mobile phone numbers, bank card numbers and the like, so that the identity information of people in real life can be determined, and the security of the network information becomes more and more important.
More and more network services and network experiences generate massive data which seems to be unimportant, but the network service providers have deeper understanding of the needs of users through collection and arrangement of a large amount of related data and analysis and processing of the data. The network service provider provides continuously optimized services for different users according to the above and pushes related information, which improves the user experience to a certain extent, but also reflects from another side that the network service provider influences our decision.
The popularization of network terminal equipment improves the utilization rate of a network, a large number of network services rapidly enter various aspects of our lives, the value of network information gets more and more attention, and network hackers attack important network servers to obtain information resources in the network servers. Information leakage brings heavy attacks to the whole network industry and brings great negative effects to the life of users.
Disclosure of Invention
The invention provides a user identity information protection system based on a network, aiming at solving the problems of low security and easy leakage of user privacy information.
The technical scheme adopted by the invention for realizing the purpose is as follows: the user identity information protection system based on the network is characterized in that a user uploads identity information to a network identity management platform, the network identity management platform confirms the user identity information, and a long-term effective and unique parent network identity card which does not contain user information is generated on the basis of confirming that all information is real and effective; when a user registers an account, a network identity card verification application needs to be provided for a network service provider, the network service provider submits the application to a network identity management platform, the network identity management platform generates a unique child network identity card which is specific to the network service provider and does not contain user information through a parent network identity card provided by the user, and transmits the child network identity card to the network service provider for identity confirmation; different filial generation network identity cards are different from each other, and the network identity card management platform uniformly manages the filial generation identity cards generated under each parent identity card; the user selects products or services at the network service provider through the network, the network service provider provides the filial generation network identity cards and the request for the user to the network identity management platform, and the interaction between the network service provider and the user is realized through the network identity management platform.
When the network service provider needs to contact the user, the network service provider sends a request for contacting the user and the filial generation network identity cards of the user to the network identity management platform, the network identity management platform judges the requirement of the network service provider, the network identity management platform contacts the user under the condition that the requirement is reasonable, and the user and the network service provider are in contact communication through the network identity management platform.
When the user needs to pay, the network service provider sends a payment request and the filial generation network identity card of the user to the network identity management platform, the network identity management platform judges the request of the network service provider, the network identity management platform contacts the user under the condition that the requirement is confirmed to be reasonable, if the user confirms the payment, the payment is sent to the network identity management platform, and the network identity management platform transfers the payment to the network service provider.
When a network service provider needs a user address, the network service provider sends the address requirement and a filial generation network identity card of the user to a network identity management platform, the network identity management platform judges the requirement of the network service provider, the network identity management platform contacts the user under the condition that the requirement is reasonable, after the user confirms an express operation company, the network identity management platform generates a two-dimensional code and gives the two-dimensional code to the network service provider, and address information corresponding to the two-dimensional code is given to the express company.
According to the user identity information protection system based on the network, disclosed by the invention, different network identity cards are provided for each network service provider, the association degree of user information between different service providers is isolated, and the privacy of a user is analyzed by collecting a plurality of user information of the same person in a plurality of different service types by a network operator; by using the network identity card on line, the key information for determining the identity is hidden so as to isolate the online and offline contact, and the loss caused by the leakage of the network information is reduced.
Drawings
Fig. 1 is an overall flow chart of the network-based user identity information protection system of the invention.
Fig. 2 is a flow chart of the network service provider contact application of the network-based user identity information protection system of the present invention.
Fig. 3 is a flow chart of the network service provider payment application of the network-based user identity information protection system of the present invention.
FIG. 4 is a flow chart of the network service provider address application of the network-based user identity information protection system of the present invention.
Detailed Description
The process of the user identity information protection system based on the network is shown in fig. 1, a user uploads identity information to a network identity management platform, the network identity management platform performs unique confirmation on the identity information, and a long-term effective unique parent network identity card is generated on the basis of confirming that all information is real and effective, and the parent network identity card can only provide identity confirmation for the user and the network identity management platform, and is called as the parent network identity card for short. When a user registers an account, a network identity card verification application needs to be provided for a network service provider, the network service provider submits the application to a network identity card management platform, and the platform generates a unique offspring network identity card through a parent network identity card provided by the user and transmits the offspring network identity card to the network service provider for identity confirmation. Different filial generation network identity cards are different from each other, and the network identity card management platform can uniformly manage the filial generation identity cards under each parent identity card. By the method, different network service providers can obtain the network identification cards of the users, but the network identification cards of different children are independent from each other, so that the association of the user data information among the different internet service providers is isolated. The user selects products or services at the network service provider through the network, the network service provider provides the filial generation network identity card and the request for the user (such as a contact user request, a payment request and an address providing request) to the network identity management platform, and the transaction between the network service provider and the user is realized through the network identity management platform.
The network identity card only plays a role in identification differentiation, is used for management of a network identity card management platform, and does not contain any user information. Only when the user uses the network identity card to violate the law can the relevant department obtain the real identity information of the user in reality from the network identity card management platform according to the relevant law. Other network service providers can only obtain the network identity cards of the descendants and cannot obtain the real identity information of the users in reality. Therefore, the online user information and the offline identity information can be isolated, and the real identity information of the user cannot be determined through the online information.
Network service providers extend offline while providing online services, and many services require contact means (mobile phone numbers, landline numbers, and the like), payment means (bank card numbers, student card numbers, and the like), and contact addresses (home addresses, work addresses, and the like) of users. Since these information (secondary identity information) can be directly related to the identity of the user, and the true identity of the user can be inferred through these information, these information must be protected, and the service provider needs to use these information to perform the next service, so that the service provider is only given the right to use these data, but not the right to own these information, and the isolation of the information is realized through the unified management of the network identity card platform.
As shown in fig. 2, the network service provider sends a request for contacting the user and the child network identity card of the user to the network identity management platform, the management platform judges the requirement of the network service provider, and then confirms that the requirement is reasonable, the network identity card management platform contacts the user, the user can contact and communicate through the platform, the network service provider does not obtain the contact information of the user, and the communication operator does not obtain the network information of the user.
As shown in fig. 3, the network service provider sends the request for payment and the network identity card of the child of the user to the network identity management platform, the management platform judges the request of the network service provider, and then confirms that the request is reasonable, the network identity card management platform contacts the user, if the user confirms payment, the user forwards the payment to the network identity management platform, the network identity card management platform forwards the money to the network service provider, the network service provider cannot obtain the payment information of the user, and the bank cannot obtain the online information of the user.
As shown in fig. 4, the network service provider sends the requirement of the address and the child network identification card of the user to the network identification management platform, the management platform judges the requirement of the network service provider, and contacts the user by the network identification card management platform under the condition that the requirement is reasonable, if the user confirms the express operation company, the platform generates a two-dimensional code and delivers the two-dimensional code to the network service provider, and the address information corresponding to the two-dimensional code is delivered to the express company. The network service provider can not obtain the address information of the user, and the express can not obtain the network information of the user.
On the basis of the technical scheme, the sub-network identity card can be added into identity authentication in real life, identity authentication is carried out through networking of a security system, interaction among interpersonal people is improved, face recognition and gait recognition can be added into the security system, the sub-network identity cards are correlated, and the efficiency and accuracy of security identity authentication are improved.
While the invention has been described with reference to exemplary embodiments, it will be understood by those skilled in the art that various changes may be made and equivalents may be substituted for elements thereof without departing from the spirit and scope of the invention. In addition, many modifications may be made to adapt a particular situation or material to the teachings of the invention without departing from the essential scope thereof. Therefore, it is intended that the invention not be limited to the particular embodiment disclosed, but that the invention will include all embodiments falling within the scope of the appended claims.
Claims (4)
1. The user identity information protection method based on the network is characterized in that: the user uploads the identity information to a network identity management platform, the network identity management platform confirms the identity information of the user, and a unique parent network identity card which does not contain the user information is generated on the basis of confirming that all information is real and effective; when a user registers an account, a network identity card verification application needs to be provided for a network service provider, the network service provider submits the application to a network identity management platform, the network identity management platform generates a unique child network identity card which is specific to the network service provider and does not contain user information through a parent network identity card provided by the user, and transmits the child network identity card to the network service provider for identity confirmation; different filial generation network identity cards are different from each other, and the network identity card management platform uniformly manages the filial generation network identity cards generated under each parent identity card; the user selects products or services at the network service provider through the network, the network service provider provides the filial generation network identity cards and the request for the user to the network identity management platform, and the interaction between the network service provider and the user is realized through the network identity management platform.
2. The network-based user identity information protection method according to claim 1, wherein: when the network service provider needs to contact the user, the network service provider sends a request for contacting the user and the filial generation network identity cards of the user to the network identity management platform, the network identity management platform judges the requirement of the network service provider, the network identity management platform contacts the user under the condition that the requirement is reasonable, and the user and the network service provider are in contact communication through the network identity management platform.
3. The network-based user identity information protection method according to claim 1, wherein: when the user needs to pay, the network service provider sends a payment request and the filial generation network identity card of the user to the network identity management platform, the network identity management platform judges the request of the network service provider, the network identity management platform contacts the user under the condition that the requirement is confirmed to be reasonable, if the user confirms the payment, the payment is sent to the network identity management platform, and the network identity management platform transfers the payment to the network service provider.
4. The network-based user identity information protection method according to claim 1, wherein: when a network service provider needs a user address, the network service provider sends the address requirement and a filial generation network identity card of the user to a network identity management platform, the network identity management platform judges the requirement of the network service provider, the network identity management platform contacts the user under the condition that the requirement is reasonable, after the user confirms an express operation company, the network identity management platform generates a two-dimensional code and delivers the two-dimensional code to the network service provider, and address information corresponding to the two-dimensional code is delivered to the express company.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910029384.2A CN109688157B (en) | 2019-01-13 | 2019-01-13 | User identity information protection system based on network |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910029384.2A CN109688157B (en) | 2019-01-13 | 2019-01-13 | User identity information protection system based on network |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN109688157A CN109688157A (en) | 2019-04-26 |
| CN109688157B true CN109688157B (en) | 2021-04-09 |
Family
ID=66192179
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910029384.2A Expired - Fee Related CN109688157B (en) | 2019-01-13 | 2019-01-13 | User identity information protection system based on network |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109688157B (en) |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110933030A (en) * | 2019-10-24 | 2020-03-27 | 北京智慧中网科技有限公司 | Network identity card with high safety performance and no duplication |
| CN111194068A (en) * | 2019-12-12 | 2020-05-22 | 西安冉科信息技术有限公司 | Mobile network data information management method |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2018026979A1 (en) * | 2016-08-03 | 2018-02-08 | Collateral Opportunities, Llc | Method and system for electronic identity & licensure verification |
| CN107835176A (en) * | 2017-11-10 | 2018-03-23 | 中汇通联科技有限公司 | A kind of network authentication method and platform based on eID |
| CN108093000A (en) * | 2018-02-08 | 2018-05-29 | 山东合天智汇信息技术有限公司 | A kind of information query method based on eID authentications, apparatus and system |
| CN108769020A (en) * | 2018-05-29 | 2018-11-06 | 东北大学 | A kind of the identity attribute proof system and method for secret protection |
| CN108881106A (en) * | 2017-05-08 | 2018-11-23 | 金联汇通信息技术有限公司 | The system and method for network electronic authentication |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US10127378B2 (en) * | 2014-10-01 | 2018-11-13 | Kalman Csaba Toth | Systems and methods for registering and acquiring E-credentials using proof-of-existence and digital seals |
-
2019
- 2019-01-13 CN CN201910029384.2A patent/CN109688157B/en not_active Expired - Fee Related
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2018026979A1 (en) * | 2016-08-03 | 2018-02-08 | Collateral Opportunities, Llc | Method and system for electronic identity & licensure verification |
| CN108881106A (en) * | 2017-05-08 | 2018-11-23 | 金联汇通信息技术有限公司 | The system and method for network electronic authentication |
| CN107835176A (en) * | 2017-11-10 | 2018-03-23 | 中汇通联科技有限公司 | A kind of network authentication method and platform based on eID |
| CN108093000A (en) * | 2018-02-08 | 2018-05-29 | 山东合天智汇信息技术有限公司 | A kind of information query method based on eID authentications, apparatus and system |
| CN108769020A (en) * | 2018-05-29 | 2018-11-06 | 东北大学 | A kind of the identity attribute proof system and method for secret protection |
Non-Patent Citations (2)
| Title |
|---|
| "我国启动虚拟身份管理";李新玲;《万方》;20141128;全文 * |
| "超混沌加密的网络身份证及其认证系统";李雄军;《万方》;20040909;全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN109688157A (en) | 2019-04-26 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108496382B (en) | Secure information transmission system and method for personal identity authentication | |
| US20200334673A1 (en) | Processing electronic tokens | |
| CN105791255B (en) | Computer risk identification method and system based on account clustering | |
| EP3438902A1 (en) | System for issuing public certificate on basis of block chain, and method for issuing public certificate on basis of block chain by using same | |
| CN102271035B (en) | Password transmission method and device | |
| CN104202162B (en) | A kind of system logged in based on mobile phone and login method | |
| US20120084203A1 (en) | System and method for secure transactions using device-related fingerprints | |
| CN103049851A (en) | Transaction data-based anti-fraud monitoring method and device | |
| CN102197407A (en) | System and method of secure payment transactions | |
| CN109688157B (en) | User identity information protection system based on network | |
| CN103905194A (en) | Identity traceability authentication method and system | |
| TWI839875B (en) | Payment method, user terminal, device, equipment, system and medium | |
| CN113569263A (en) | Secure processing method and device for cross-private-domain data and electronic equipment | |
| CN108961034A (en) | System and method, storage medium based on user behavior certification | |
| CN103714454A (en) | Queuing and payment system | |
| CN104618322A (en) | Data processing method and device based on instant communication tool | |
| CN106572053B (en) | Method and apparatus for security monitoring of social communication applications | |
| CN111404965B (en) | Method for realizing mobile terminal application safety verification | |
| CN117151736A (en) | Anti-electricity fraud management early warning method and system | |
| KR101008834B1 (en) | Mobile Communication Service System that SIM is Produced and Controlled by Remoteness And Service Method thereof | |
| CN115767538A (en) | Information verification method, information processing method, device and equipment | |
| CN115358849A (en) | Service handling method, device, equipment and medium based on network points | |
| Lee et al. | Exploratory simulation models for fraudulent detection in Bitcoin system | |
| CN110098931A (en) | Data transmission method based on trusted " government and enterprises' connection connects " platform | |
| WO2014035515A1 (en) | Methods and systems for managing communication streams |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20210409 |