CN109801008A - The method and system of authentication - Google Patents
The method and system of authentication Download PDFInfo
- Publication number
- CN109801008A CN109801008A CN201810996260.7A CN201810996260A CN109801008A CN 109801008 A CN109801008 A CN 109801008A CN 201810996260 A CN201810996260 A CN 201810996260A CN 109801008 A CN109801008 A CN 109801008A
- Authority
- CN
- China
- Prior art keywords
- identity
- information
- group
- resource
- authentication
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 73
- 238000004891 communication Methods 0.000 claims description 21
- 230000006399 behavior Effects 0.000 claims description 8
- 230000003542 behavioural effect Effects 0.000 claims description 7
- 238000004590 computer program Methods 0.000 claims description 7
- 230000005021 gait Effects 0.000 claims description 7
- 210000001747 pupil Anatomy 0.000 claims description 7
- 210000003462 vein Anatomy 0.000 claims description 6
- 108090000623 proteins and genes Proteins 0.000 claims 2
- 238000012795 verification Methods 0.000 abstract description 7
- 238000013475 authorization Methods 0.000 description 27
- 230000008569 process Effects 0.000 description 6
- 238000007792 addition Methods 0.000 description 5
- 230000009286 beneficial effect Effects 0.000 description 4
- 238000011161 development Methods 0.000 description 4
- 238000005516 engineering process Methods 0.000 description 4
- 230000006870 function Effects 0.000 description 4
- 238000012217 deletion Methods 0.000 description 3
- 230000037430 deletion Effects 0.000 description 3
- 238000013461 design Methods 0.000 description 3
- 238000013507 mapping Methods 0.000 description 3
- 238000007639 printing Methods 0.000 description 3
- 230000008901 benefit Effects 0.000 description 2
- 230000008859 change Effects 0.000 description 2
- 230000000694 effects Effects 0.000 description 2
- 230000006698 induction Effects 0.000 description 2
- 238000009434 installation Methods 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 230000006855 networking Effects 0.000 description 2
- 102000040350 B family Human genes 0.000 description 1
- 108091072128 B family Proteins 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 230000005611 electricity Effects 0.000 description 1
- 210000003128 head Anatomy 0.000 description 1
- 210000003205 muscle Anatomy 0.000 description 1
- 238000010606 normalization Methods 0.000 description 1
- 230000001151 other effect Effects 0.000 description 1
- 230000009897 systematic effect Effects 0.000 description 1
- 238000012360 testing method Methods 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
Abstract
The present invention relates to the methods of authentication, comprising: obtains resource, there are corresponding relationships with identity for the resource;The identity includes at least one first identity group, can store the first identity group and/or be associated with other people the first identity groups;The first identity group includes at least one first identity;First identity, there are corresponding relationships with the provider of mark;Receive the second identity;Second identity the first identity matching corresponding with the resource, the present invention can effectively increase the user experience and efficiency of authentication, ensure that subscriber authentication can be authorized independently, ensure the safety of article, it also can guarantee the safety of identity information simultaneously, the present invention can be compatible with any environment, the particularity verification method of any industry, objective such as express delivery is withheld, deliver system of real name policy implement etc., it can also be merged simultaneously with existing auth method, it supports one another, it can be applied to any environment, any industry, the specification that can be used as authentication is applied and is popularized, the system that the present invention also proposes authentication.
Description
Technical field
The present invention relates to information security field more particularly to the method and systems of authentication.
Background technique
With the development of science and technology, along with the increasingly raising of people's living standard, the consumption demand of people is also worn from having enough
It is warm, extended to deeper time, the safety of information is one of them;Environment also strengthens attention to this demand and protects
Shield, either legislation of the macro environment to personal information protection to the development of microcosmic industry personal information protection technology, then arrive electricity
What sub- identity card, bio-identification, barcode scanning certification, privacy face were singly applied popularizes, and will be obvious that this consumption demand is to comply with section
The progress of skill, the trend in epoch;All trades and professions have formulated the industry rule of oneself thus thus, such as the electronic identity of the Ministry of Public Security
Card, the identification of the bio-identification of network giant, two dimensional code etc., but above-mentioned industry rule can not be applied to any industry, arbitrarily
Environment forms unified standard, such as dispenses the authentication of the article of industry signed for, be related to varying environment, such as courier, fastly
It passs cabinet, express delivery vehicle, unmanned plane, robot, withhold a little;It is related to different industries, such as express delivery, logistics, take-away;It is related to different passes
System, such as one-one relationship, the corresponding article of a such as pickup people, many-one relationship, such as a pickup people correspond to multiple articles,
Many-to-many relationship, such as situation of 11.11 campus article floor file, multiple pickup people correspond to multiple articles, and the body that article is signed for
Part verifying also signs for withholding in mode with tradition and conflicts.
As can be seen that existing authentication at least has following defects that
First: the authentication information that the information due to sending article with charge free stores is only for I, and pickup authentication is only limitted to me, this
Phenomenon certainly will limit the behavior withheld, so that tradition is signed for the convenience withheld in mode and flexibly destroyed, exacerbate significantly
The inconvenience of consignee;
Second: varying environment have it is different sign for mode, as express delivery cabinet can realize that biometric information authentication, withholding a little can be achieved signs
Word certification, courier can realize authentication, and express delivery vehicle can realize barcode scanning and identifying code verifying etc., and verification method does not have system
One property, does not have normalization, and personal information security is difficult to ensure that article is difficult to ensure safely, is difficult to put to the proof after being falsely taken;
Third: different industries have it is different sign for mode, as logistic industry have it is above-mentioned it is a variety of sign for mode, and taking out is dispatching
Small brother is signed for by the operation realization of client, is further confirmed that after signing for by user, since the link of not authentication makes
Obtain aforesaid operations signs for power not in user hand, there is the risk signed for;
4th: the timeliness of different relationships is different, one-to-one timeliness highest, one-to-many timeliness secondly, multi-to-multi timeliness
Minimum and single along with privacy face universal, the increase of number of articles, can further increase the difficulty that user searches, efficiency
It is difficult to ensure.
Summary of the invention
In view of the above problems, the method that the present invention proposes authentication, can effectively increase the user experience of authentication
And efficiency, it is ensured that subscriber authentication can be authorized independently, ensure the safety of article, while also can guarantee the safety of identity information,
The present invention can be compatible with the particularity verification method of any environment, any industry, as express delivery it is objective withhold, system of real name of delivering policy
It implements, while can also be merged with existing auth method, supported one another, can be applied to any environment, any row
Industry, the specification that can be used as authentication are applied and are popularized, the system that the present invention also proposes authentication.
The invention proposes a kind of methods for authentication, comprising:
Resource is obtained, there are corresponding relationships with identity for the resource;
The identity includes at least one first identity group, can store the first identity group and/or be associated with other people
First identity group;
The first identity group includes at least one first identity;
First identity, there are corresponding relationships with the provider of mark;
Receive the second identity;
Second identity the first identity matching corresponding with the resource.
The invention also provides a kind of systems for authentication, comprising:
For obtaining resource devices, there are corresponding relationships with identity for the resource;
For handling the identity device, includes at least one first identity group, the first identity group can be stored
And/or it is associated with other people the first identity groups;
It include at least one first identity for storing the first identity group device;
For storing the first identity device, there are corresponding relationships with the provider of mark;
For receiving the second identity device;
For second identity the first identity coalignment corresponding with the resource.
The invention also provides a kind of computer readable storage mediums, are stored thereon with computer program, which is characterized in that
The computer program realizes method described in any of the above embodiments when being executed by processor.
The invention also provides a kind of devices of authentication, including memory and processor, deposit on the memory
Contain computer program, which is characterized in that the computer program realizes method described in any of the above embodiments when being executed by processor.
The beneficial effects of the present invention are propose a kind of compatible any environment, the identity of any industry particularity is tested
Card method, can effectively improve the efficiency of authentication, the safety of the experience of user, article safety and identity information.
The beneficial effects of the present invention are the above-mentioned any environment of compatibility, the method for any industry particularity can be with existing body
Part verification method is merged, and is supported one another, therefore propose a kind of auth method of common-mode, can be applied to appoint
Meaning environment, any industry, the specification that can be used as authentication are applied and are popularized.
Detailed description of the invention
The features and advantages of the present invention will be more clearly understood by referring to the accompanying drawings, and attached drawing is schematically without that should manage
Solution is carries out any restrictions to the present invention, in the accompanying drawings:
Fig. 1 shows the step flow chart of the method for the authentication in the embodiment of the present invention;
Fig. 2 shows the authorization flow figures of the method for the authentication in the embodiment of the present invention;
Fig. 3 shows the flow chart that the corresponding relationship of the method for the authentication in the embodiment of the present invention is rebuild;
Fig. 4 shows the identifying procedure figure of the method for the authentication in the embodiment of the present invention;
Fig. 5 shows the flow chart that another corresponding relationship of the method for the authentication in the embodiment of the present invention is rebuild;
Fig. 6 shows another identifying procedure figure of the method for the authentication in the embodiment of the present invention;
Fig. 7 shows another identifying procedure figure of the method for the authentication in the embodiment of the present invention.
Specific embodiment
The embodiment of the present invention is explained in further detail below in conjunction with attached drawing, it is to be understood that this place
The specific embodiment of description is only used for explaining related invention, rather than the restriction to the invention, based on the embodiments of the present invention, this
Field those of ordinary skill every other embodiment obtained, shall fall within the protection scope of the present invention, further need exist for illustrating
, part relevant to invention is illustrated only for ease of description, in attached drawing.
It should be noted that in the absence of conflict, the feature in embodiment and embodiment in the present invention can phase
Mutually combination, the present invention will be described in detail below with reference to the accompanying drawings and embodiments.
One of core of the invention thought is, proposes a kind of compatible any environment, the body of any industry particularity
Part verification method, can effectively improve the efficiency of authentication, the safety of the experience of user, article safety and identity information.
One of core of the invention thought is, the above-mentioned any environment of compatibility, the method for any industry particularity, can with it is existing
There is auth method to be merged, support one another, therefore propose a kind of auth method of common-mode, can apply
In any environment, any industry, the specification that can be used as authentication is applied and is popularized.
One of core of the invention thought is that identification authorization is the mapping based on actual life identification authorization behavior.With
The identity map of family A is the identity of A, and the identity map of user B is the identity of B, and user A default user B is instead of A's
Behavior is mapped as identification authorization.
The present invention be based on the patent No. 2014107904295 authorization invention, further with regard to the authentication of close limit into
Row effect is expanded and industry extends, and fully considers that the particularity of industry designs;The patent No. 2014107904295
Authorization invention, is that the Mapping Design for sending process with charge free based on end in actual life forms, is just different sends object with charge free in simple terms
Product have uniqueness, each article posts waybill, and wherein waybill is divided into 2 parts, plaintext address information and with close
The pattern of literary form marks implicit information, includes uniqueness odd numbers, personal information, identity in pattern label, due to list
Number uniqueness make pattern label also have uniqueness, and include pattern label waybill be to be affixed on the article of uniqueness,
There are corresponding relationships with article for it, therefore the odd numbers can correspond to the article;Express company can be according to plaintext address information pair
The article is sorted, transfer, and the end person of sending with charge free can be sent with charge free according to plaintext address information, for common one-to-one
Relationship, i.e., the described corresponding consignee of article, many-to-one relationship, i.e., multiple corresponding consignees of the article can
Correct-distribute is carried out according to address, any problem, but multi-to-multi is all not present, i.e., multiple laying for goods are in ground, and multiple consignees are simultaneously
Inquiry, the cost of realization is very high, can not apply, and delivery industry must satisfy all corresponding relationships, can just apply, because
The face of this existing express delivery is single, is all to carry out half with the form of * * * * to hide, i.e. the other mark of reserve part boundary between muscles outlook, and user is allowed to look into
Look for cargo;And authorization invention is really not so, due to not having to show personal information in plain text, causes between article and consignee
Matching relationship disappears, so that the relationship of multi-to-multi, can not apply, it is therefore necessary to reconstruct between specific article and consignee
With relationship, it could really be promoted and applied;Authorization invention, be using uniqueness odd numbers as intermediate bridge because
With personal information there are corresponding relationship when the odd numbers generates, there are corresponding relationships with the article again for the odd numbers, therefore
When courier's scanning pattern marks, server can parse pattern and mark corresponding information, and uniqueness odd numbers is sent to upload
Telephone number in equipment and corresponding personal information, courier write on the uniqueness odd numbers on article, and consignee is according to receipts
The uniqueness odd numbers arrived eventually finds article by the uniqueness odd numbers.The application value of certain this situation is not high,
Because of the mail items of express delivery, daily trading volume is all quite surprising, and 11.11 may reach billions of, really gives consignee
It if courier's odd numbers, can not promote, practicability will give a discount significantly, therefore the applicant of the authorization invention, be utilized fast
The device numbering of the person's of passing uploading device, also has uniqueness, under the number, it is assumed that courier sends 200 packages with charge free, it is only necessary to
The different coding of 1-200 can indicate, therefore upload the information of pattern label simultaneously in scanning, and server also receives scanning device
Device numbering, and its uniqueness coding is given, so that device numbering and the combination of coding and uniqueness odd numbers form corresponding pass
System, and by encoder feedback to consignee and courier, courier need to only write the serial number of 1-200 on article, and such as 20 one
Group sequentially puts and can solve the above problems, and courier can find corresponding odd numbers according to the combination of device numbering and coding
The corresponding telephone number of personal information is corresponded to, dial-up operation is executed and contacts consignee, while it is corresponding also to find corresponding odd numbers
Identity waits consignee to find article and carries out authentication, the side such as biological information, two dimensional code, identifying code is utilized when verifying
Formula realizes server Objective corroboration;When being returned goods certainly based on consignee, the principle of consignor and consignee's role exchange, pattern mark
Symmetrical consignor's information, i.e. uniqueness odd numbers, personal information, identity are equally implied in note, therefore system of real name political affairs of delivering
The practicable of plan also can be used the authorization invention to realize.
The present invention be based on the patent No. 2014107904295 authorization invention, further with regard to the authentication of close limit into
Row effect is expanded and industry extends, and fully considers that the particularity of industry designs, therefore Fig. 3 is combined to carry out example narration
When, it will do it reference;It can be seen that the matching relationship of this reconstruct, either one-to-one corresponding relationship or multipair
One corresponding relationship, also or the corresponding relationship of multi-to-multi, ultrahigh in efficiency, user search the timeliness of article not because disappearing in plain text
Mark and increase, this form makes the search efficiency between user and article be only limitted to constant relationship on the contrary, derivative zero, i.e.,
User searches timeliness and does not increase because of the increase of number of articles, is that the article amount of sending with charge free is bigger instead, advantage is more obvious.
The embodiment of the present invention is explained in further detail below in conjunction with attached drawing.
Fig. 1 show the step flow chart of the method for the authentication in the embodiment of the present invention.
As shown in Figure 1, the method for the authentication includes the following steps:
S1 obtains resource, and there are corresponding relationships with identity for the resource;
Resource is obtained, there are corresponding relationships with identity for the resource, it is characterised in that the resource includes to include natural money
Source and social resources are any one of various social materialss summations members;
S2, the identity include at least one first identity group, can store the first identity group and/or association
Other people the first identity groups;
The identity includes at least one first identity group, can store the first identity group and/or be associated with other people
First identity group, it is characterised in that the storage can be operated arbitrarily;The association can limit operation;
S3, the first identity group include at least one first identity;
The first identity group includes at least one first identity, it is characterised in that the first identity group is
Provider's presence pair of the set of first identity described in the provider of the mark, the first identity group and mark
It should be related to;
S4, first identity, there are corresponding relationships with the provider of mark;
There are corresponding relationships by the provider of first identity and mark, it is characterised in that first identity is institute
The identity information that the provider of mark reserves is stated, biological information, graphical information, digital information, certificate information, account letter are included
One of breath, communication information, facility information are a variety of, and corresponding classification is gathered to described in the first identity group;
The wherein biological information includes face, fingerprint, pupil, iris, palmmprint, vein, base comprising the intrinsic physiological characteristic of human body
Cause also includes behavioural characteristic, includes person's handwriting, sound, gait;The graphical information, comprising one-dimension code, two dimensional code, multidimensional code and
Has the figure of uniqueness, the digital information includes identifying code, digital code, password;The certificate information, comprising identity card,
Passport, officer's identity card, campus card;The account information includes network account, bank account;The communication information includes mobile phone
Number;The facility information, the information comprising mobile device, communication equipment, personal device;
S5 receives the second identity;
Receive the second identity, it is characterised in that second identity is authenticating party identity information to be verified, includes
One of biological information, graphical information, digital information, certificate information, account information, communication information, facility information are a variety of;
The wherein biological information includes face, fingerprint, pupil, iris, palmmprint, vein, base comprising the intrinsic physiological characteristic of human body
Cause also includes behavioural characteristic, includes person's handwriting, sound, gait;The graphical information, comprising one-dimension code, two dimensional code, multidimensional code and
Has the figure of uniqueness, the digital information includes identifying code, digital code, password;The certificate information, comprising identity card,
Passport, officer's identity card, campus card;The account information includes network account, bank account;The communication information includes mobile phone
Number;The facility information, the information comprising mobile device, communication equipment, personal device;
S6, second identity the first identity matching corresponding with the resource;
Second identity the first identity matching corresponding with the resource, it is characterised in that matching can be fed back
As a result.
Fig. 2 shows the authorization flow figures of the method for the authentication in the embodiment of the present invention.
As shown in Fig. 2, user A possesses identity corresponding with A by taking user A as an example, illustrated with client, but
Without being limited thereto, if user A is by client, when uploading identification card number progress real-name authentication, server automatically generates and identity card
Number corresponding information is denoted as the identity of A as the identity, and in the corresponding memory space of the identity,
It generates a first identity group corresponding with identification card number to be stored, is denoted as the first identity group of A, can store
The first identity of A, and addition identification card number is defaulted as the first identity in the first identity group;It needs
Illustrate, the identity includes identification card number, but is not restricted to identification card number, other can indicate people's unique identities
Any cost can act as identity;Therefore there are corresponding relationships, the identity of A to generate A for the identity of user A and A
The first identity group, prestore identification card number in the first identity group of A;Certain user A can be uploaded not by client
It include biological information, graphical information, digital information, certificate information, account information, communication when the first identity of generic A
Information, facility information etc., server can be according to the clients of user A as resource, by the first identity mark of the different classes of A
Know and sort out into the first identity group of A, there are corresponding relationships with user A for the first identity of A, can be to verify A
Identity;It should be strongly noted that having the first identity group of storage attribute, the first identity therein can be arbitrarily operated
Mark, comprising addition, deletion, modifies, checks and is associated with and cancel association.
The above method is the method that the first identity of user A prestores, the first identity pre-storage method and use of user B
Family A is equivalent, and after user A sends identification authorization to user B, the first identity group of B can close automatically under user's B identity
It is coupled to the identity of A, i.e. the identity of user A at this time, stores the first identity group of A and is associated with the first of B
Identity group;It should be strongly noted that association and non-memory, the association can't cause to reveal to the information of party B-subscriber,
Server can carry out limitation operation to the correlation behavior, user A haves no right to check, without weight update, have no right to increase, have no right to delete association
User B the first identity group in the first identity, and have no right for the first identity group of B to be associated with and give other use
Family prevents associated transitivity;Similarly, if the first identity group of user X is associated in user B, when user's A identification authorization
User B is given, due to that can not transmit the first identity of user X, the identity of user A only stores user A and associated
The first identity group of user B;And user B carries out any operation to the first identity in the first identity group of B
Result can be reflected in the association immediately, influence user B verifying user A and correspond to the behavior of article, i.e., this association, which has, is
When synchronism, if user A cancels this identification authorization, without obtaining the agreement of user B, server cancels A identity automatically
With being associated with for the first identity group of B, if user B cancels this identification authorization, without obtaining the agreement of user A, server
Automatic cancellation A identity is associated with the first identity group of B;It should be strongly noted that the use of user's A identification authorization
Family B, the user X of user's B identification authorization, is not necessarily to be construed that and only limits a people, correctly understands it is that user B and user X can refer to
One group of generation, any one people or more people in a circle, i.e. user A can the multiple and different user B of identification authorization simultaneously, often
A different user B has the first different identity group independent association user A, multiple and different user B can be to the article of A
Authentication is carried out, i.e., this association has diversity;It should be strongly noted that the biological information, includes face, pupil
Hole, iris, palmmprint, fingerprint and other, but above- mentioned information are not limited to, with the development of science and technology, the intrinsic biology of any human body
Information, all biological informations that can indicate people's unique identities, all in other reference ranges;The biological information, such as
Person's handwriting, sound, gait and other, but above- mentioned information are not limited to, with the development of science and technology, any human body behavioural characteristic, all
The biological information of people's unique identities can be indicated, all in other reference ranges;It should be noted that: the equipment
Information can be verified, such as NFC, bluetooth by contact, the forms such as infrared, but be not limited to the way of contact of above-mentioned form into
Row verifying;It should be noted that the first identity in the first identity group, comprising biological information, graphical information,
Digital information, certificate information, account information, communication information, facility information etc., in addition to biological information has high safety,
All more or less all there is security risk in other modes, to improve safety, when authentication can take one or more
Combination is verified;It should be noted that: be associated in identity the first identity group relationship be using
Relationship, the association, limitation operation for can not additions and deletions look into and change, independent, but can cancel association can also limit its verifying
Range, if range is package verifying perhaps door lock verifying verifying that perhaps vehicle open-authentication or household electrical appliance use, or
The verifying of other ranges of person, verifying range can be one kind, be also possible to the combination of a variety of ranges;It should be noted that:
Storage permission is not limited to any operation, can additions and deletions look into and change and be associated with multiple users, act on any verifying range;It needs especially to say
Bright: correlation form described in the first identity group can be specific form, and such as associated is specific biology letter
Breath, graphical information, digital information, certificate information, account information, communication information, facility information etc. can also be abstract associations
Form is the corresponding interface of the first identity group such as associated.
Due to the particularity of delivery industry, the diversity of environment, the complexity of relationship, so that the complexity of its authentication
It is more much higher than other industry, therefore the existing particularity with regard to express delivery authentication is illustrated, then other industry is generally used
Generality is illustrated, and is finally summarized as the auth method of common-mode, can be applied to any environment, any industry,
The specification that can be used as authentication is applied and is popularized.
The environment of delivery industry is divided into: courier withholds a little;Classification foundation, people is wherein;Classification reason, the behaviour of people
Make that there is uncertainty, the process of authentication is difficult to ensure.
Fig. 3 shows the flow chart that the corresponding relationship of the method for the authentication in the embodiment of the present invention is rebuild.
By taking courier as an example, as shown in figure 3, courier scans article by device, odd numbers, personal information, identity are obtained
Mark, wherein described device, the article, the odd numbers all have uniqueness, are all the resources;The odd numbers and the object
There are corresponding relationship, the odd numbers and the personal information, there are corresponding relationship, the odd numbers and the identity between product
There are corresponding relationships;Server will be sent at user A comprising the prompting including the odd numbers, and feed back to the courier,
The courier writes on the odd numbers on the article in the form of plaintext, and the user A and the article are formed pair at this time
It should be related to;When the user A can not get article, the user A can notify the user B of its identification authorization on behalf of getting,
And inform the prompting including its described odd numbers, therefore the user B and the article form corresponding relationship, certainly this corresponding pass
System is the authorization invention based on the patent No. 2014107904295, has high efficiency.
Fig. 4 shows the identifying procedure figure of the method for the authentication in the embodiment of the present invention.
In the above process, the user A and the user B form corresponding relationship with the article, are referred to as authenticating
Side, such as Fig. 4, after authenticating party finds the article by the odd numbers, the courier executes the authentication of the article
Operation, which carries out corresponding verifying in a device with the odd numbers, and the authenticating party uploads the second identity, by institute
Odd numbers and the identity are stated there are corresponding relationship, the identity is closed with the first identity group there are corresponding
System, the first identity group and the first identifier there are corresponding relationship, therefore second identity can with it is described
Corresponding first identity of odd numbers is matched, and matching result is fed back to the courier, and courier passes through feedback letter
Breath, decides whether to give odd numbers described in user corresponding cargo, being proved to be successful service provider can be in the form of the medium such as short message, network
Prompting user A article signed for, whom authenticating party when signing for is, what which kind of mode carried out signs for, effective guarantee article peace
Accomplish informed real name allograph under the premise of complete.
Withholding a little to send with charge free in end only needs to carry out role exchange and can be solved perfectly to withhold the lack of standard of an authentication,
Receiver's role exchange a little is withheld into courier, and end is shipped to the courier for withholding receiver in a little, at this time role
It mutually is changed to transporter, the exchange of certain this role is on condition that the people that distributes withheld a little possesses the corresponding device of end courier
And/or the device of installation corresponding function client, the principle of authentication are same as above.
Fig. 5 shows the flow chart that another corresponding relationship of the method for the authentication in the embodiment of the present invention is rebuild.
If Fig. 5 such as wherein includes the device numbering of device, when the dress since device equally includes the characteristic of uniqueness
After setting scanning article, device obtains and stores the odd numbers of the article, and addition difference tail number automatically, so that described device is set
Combination and the odd numbers of the standby number with the difference tail number form one-to-one corresponding relationship, i.e. described device and the odd numbers
Corresponding relationship is formed, the odd numbers and the identity form corresponding relationship, therefore described device and the identity shape
At corresponding relationship, described device is also resource;Similarly, after described device scans multiple and different articles, described device
Device numbering forms one-to-one corresponding relationship from the combination of multiple and different difference tail numbers and the multiple different odd numbers, i.e.,
At this time as the keyword in search, the device numbering is the device numbering with what multiple and different odd numbers were formed
One-to-many corresponding relationship;Special emphasis is the difference tail number, and only characteristic with uniqueness is under described device
Can, the difference tail number can be device and be arranged automatically, is also possible to the state that described device inquires its sub-device, finds and meet
The sub-device of conditions dictate, according to the number of sub-device, be arranged to sub-device number there are the difference tails of corresponding relationship
Number, if device is express delivery cabinet, sub-device is cabinet door, and state is that cabinet door is empty;Exemplary deformation is carried out, device scans the object
Product can call the corresponding device information of described device, and described device information is corresponding with the article by described device
The corresponding relationship of relationship, the article and personal information is transmitted, and final realize will pass comprising the information of described device information
User A is passed, if user A can not be got, the information comprising described device information can be passed to the user B of identification authorization
Place, therefore user A and described device form corresponding relationship, user B and described device form corresponding relationship, by user A and user B
It is referred to as authenticating party;It should be strongly noted that the information comprising described device information, it can be according to described device information searching
The information such as corresponding geographical location, corresponding express company, can be corresponding as described device information using this information
Detail information is sent to the authenticating party.
Fig. 6 shows another identifying procedure figure of the method for the authentication in the embodiment of the present invention.
As Fig. 6 passes through the dress when authenticating party is come at corresponding device by the information comprising device information
It sets and directly uploads the second identity, described device can inquire it automatically and store corresponding multiple odd numbers, and according to the institute of upload
The type for stating the second identity inquires the first identity of the correspondence classification in the odd numbers in the first identity group,
And match second identity with first identity of corresponding types, the result of successful match can be fed back
To the odd numbers, such as the result is that A odd numbers successful match, B odd numbers successful match, and then the result is fed back into described device,
Described device can be found according to the prompt odd numbers there are the described device of corresponding relationship and it is described difference tail number combination,
Corresponding article A, article B are eventually found, result is acted on into corresponding article, that is, gives the article A and article of authenticating party
B, prompting user A article of the service provider in the form of short message, network etc. are signed for, whom authenticating party when signing for is, which kind of mode
What is carried out signs for, and accomplishes informed real name allograph under the premise of effective guarantee article safety.
The method of above-mentioned authentication is aided with the operation of authenticating party pickup before device, is exactly that the pickup identity of express delivery cabinet is tested
Card, it is beneficial to be, it not only may be implemented to sign for by the real name of representative of biological information, also be able to achieve using biological information as representative
Real name withhold, protect user information, protect article safety under the premise of accomplish know in allograph, can by the right of privacy, label authorization,
Power is withheld, right to know is signed for and all returns to consumer, simultaneously because the inquiry of the second identity is only limitted to described device, and
Non- entire server, therefore can greatly improve verification efficiency.
The environment of delivery industry can be divided into again: express delivery cabinet, express delivery vehicle, unmanned plane, robot;Classification foundation, people is not at it
In;Classification reason, machine have standard process;By the unmanned transmission device participated in such as robot, unmanned vehicle, unmanned plane, all may be used
Regard fixed and/or moveable express delivery cabinet, therefore the authentication mode of above-mentioned express delivery cabinet as, other groups can be generally applicable to
Send device.
Therefore the method and system of the authentication, is applicable to any environment, the pickup authentication of any industry.
The method and system of the authentication is equally applicable to any environment, the outbox authentication of any industry.
The authentication of outbox, only by taking express delivery cabinet and courier as an example, due to express delivery cabinet carry out the device of authentication with
The device of device and/or installation corresponding function client that courier utilizes has the identity property of verifying, therefore no longer carries out area
Point;When user A will post resource A to user B, corresponding information can be inputted by user's A client and generate order, order packet
Address containing plaintext and pattern mark, and include personal information, user A and the user B of user A and user B in the pattern label
Identity and uniqueness odd numbers;The order can match and/or incude and/or/scanning by way of export to printing and set
It is standby upper;When the face list systematic function in user's A selection device, described device opens pairing and/or induction and/or/scanning mould
Formula, user can transmit order information by forms such as barcode scanning, bluetooth, NFC, and described device receives the order information, by it
It is transmitted on printing device, generates order;It needs to be emphasized that the mode of the pairing and/or induction and/or/scanning,
Comprising forms such as barcode scanning, bluetooth, NFC, generating order can show in paper form, and can show in the form of hardware, all belong to
In one kind of resource;User A binds corresponding order and article to be sent, selects the operation of outbox, and device is opened identity and tested
Card, authentication process itself are equal to pickup authentication process itself, repeat no more.When environment is express delivery cabinet, it is proved to be successful rear express delivery
Cabinet opens the cabinet door in vacancy, and user A places article wherein, closes cabinet door;When environment is courier, courier receives user A
The article of offer, is transported through.
It is of the invention beneficial to one of be, the authentication of delivery can effectively take into account personal information protection and system of real name
Policy is implemented, and real name generation hair may be implemented, and this real name generation hair function can be compatible with the particularity of existing on-line shop's delivery.
It can be seen that the method and system of the authentication, is equally applicable to the identity of any environment in delivery industry
Verifying.
The essence of above-mentioned authentication, be in identity-based mark the first identity group for storing be associated with other people the
The difference of one identity group permission and generate substantive variation, the mapping of legal sense is exactly article proprietary and uses
The difference of power, owner can license power people carry out using, the right to use cannot punish, cannot enjoy, and right to use people,
There is independent ownership, other users, which cannot be modified, to be forcibly occupied, this behavior licensing identity and being verified, can be effective
The safety for ensureing article, improves the experience of user, improves the efficiency of authentication, while can also be effectively protected right to use people's
Information security, this special auth method are equally applicable to any industry, and any environment is all based on incidence relation
It is verified, the generality with special verification method, such as following car networking, automobile carries out testing for biological information by networking
Card, being verified can open the door and start vehicle, as the storage side of identity, can identity license to other people, can be allowed after authorization
Other people use vehicle, if cancelling this authorization, other people can not reuse the vehicle, are capable of the safety of effective support vehicles;
Such as the Household door lock in Internet of Things, as the storage side of identity, can identity license to other people, other people can be allowed to enter after authorization
Room, if cancelling this authorization, other people can not enter back into room, can effectively improve the convenience of user;Due to length
Limited, examples detailed above is not listed one by one, but knowable, the method for the authentication, can be applied to any environment, any row
Industry can be compatible with authentication under any scene, be able to satisfy the particularity demand of subscriber authentication;It should be strongly noted that
The ownership, that is, the first identity group stored, is not limited to one, when ownership shares, the first identity mark of storage
Knowledge group can be any number of.
Meets the needs of above-mentioned particularity, principle is identity, is associated at least one other people the first identity group.
Fig. 7 shows another identifying procedure figure of the method for the authentication in the embodiment of the present invention.
It should be noted that the identifying procedure have generality, it is representative, thus only with regard to several typical examples into
Row explanation.
Using identity card as the authentication of foundation: the head portrait of authenticating party is the second identity, and identity card is resource, identity
Simultaneously and identity, the collection of cleartext information is combined into the first identity group to card on identity card, the first identity such as name,
Gender, address, identification card number, certificate photo etc.;When making identity card, the provider of the first identity and mark is formed pair
It should be related to;When inquiring identity such as traffic police, authenticating party uploads the face of authenticating party by submitting identity card, and traffic police passes through viewing
The corresponding various information aggregates of identity card, find certificate photo, by the comparison of the face and identity card certificate photo, to judge to recognize
Whether the identity of card side is corresponding with identity card.
The authentication of identity card: identity card is authenticating party, and identity card is also simultaneously resource, and identity card chip is identity mark
Know, be also the first identity group, wherein including specific first identity, such as name, gender, address, identification card number, card
Part according to etc., the cleartext information on identity card is the second identity, and the provider of above-mentioned first identity and mark is formed pair
It should be related to;When inquiring the true and false of identity card such as traffic police, reads equipment and matched with the chip information in identity card, by chip
In information exported in a manner of printing or screen is shown, traffic police passes through the cleartext information of identity card and output information
Comparison, to judge the true and false of identity card, needing to illustrate is: authenticating party not only can be people, can also be object, provider
It not only can be people, can also be object.
Biological information authentication: the people of the biological information of offer is authenticating party, and the biological information provided is the second identity
Mark, acquisition equipment is resource, and the ID for acquiring equipment is identity, the first identity group of storage inside user, the
It include the first identity in one identity group;By taking iphone mobile phone as an example, iphone mobile phone is resource, and Apple Id is body
Part mark, touch-control Id and password in being provided with are exactly the first identity group, wherein including first identity such as fingerprint, face
The donor of mark, above-mentioned first identity and mark forms corresponding relationship, and such as in the second identity provided and mobile phone the
One identity successful match can then feed back unlock, payment and other effects.
The method of above-mentioned authentication is well-known technique, and principle is: the identity stores at least one
First identity group;
When the two is combined to form unified specification, principle is: the identity, includes at least one first body
Part mark group, can store the first identity group and/or be associated with other people the first identity groups;
It can be seen that the method and system of the authentication, is suitable for above-mentioned any environment, needs body in above-mentioned any industry
The place of part verifying, therefore its specification that can be used as authentication is applied and is popularized.
Although the embodiments of the invention are described in conjunction with the attached drawings, but those skilled in the art can not depart from this hair
Various modifications and variations are made in the case where bright spirit and scope, such modifications and variations are each fallen within by appended claims
Within limited range.
Claims (16)
1. a kind of method for authentication, comprising:
Resource is obtained, there are corresponding relationships with identity for the resource;
The identity includes at least one first identity group, can store the first identity group and/or be associated with other people
First identity group;
The first identity group includes at least one first identity;
First identity, there are corresponding relationships with the provider of mark;
Receive the second identity;
Second identity the first identity matching corresponding with the resource.
2. according to the method described in claim 1, further include:
Obtain resource, there are corresponding relationships with identity for the resource, it is characterised in that the resource include natural resources with
Social resources are any one of various social materialss summations members.
3. according to the method described in claim 1, further include:
The identity includes at least one first identity group, can store the first identity group and/or be associated with other people
First identity group, it is characterised in that the storage can be operated arbitrarily;The association can limit operation.
4. according to the method described in claim 1, further include:
The first identity group includes at least one first identity, it is characterised in that the first identity group is
Provider's presence pair of the set of first identity described in the provider of the mark, the first identity group and mark
It should be related to.
5. according to the method described in claim 1, further include:
There are corresponding relationships by the provider of first identity and mark, it is characterised in that first identity is institute
The identity information that the provider of mark reserves is stated, biological information, graphical information, digital information, certificate information, account letter are included
One of breath, communication information, facility information are a variety of, and corresponding classification is gathered to described in the first identity group;
The wherein biological information includes face, fingerprint, pupil, iris, palmmprint, vein, base comprising the intrinsic physiological characteristic of human body
Cause also includes behavioural characteristic, includes person's handwriting, sound, gait;The graphical information, comprising one-dimension code, two dimensional code, multidimensional code and
Has the figure of uniqueness, the digital information includes identifying code, digital code, password;The certificate information, comprising identity card,
Passport, officer's identity card, campus card;The account information includes network account, bank account;The communication information includes mobile phone
Number;The facility information, the information comprising mobile device, communication equipment, personal device.
6. according to the method described in claim 1, further include:
Receive the second identity, it is characterised in that second identity is authenticating party identity information to be verified, includes
One of biological information, graphical information, digital information, certificate information, account information, communication information, facility information are a variety of;
The wherein biological information includes face, fingerprint, pupil, iris, palmmprint, vein, base comprising the intrinsic physiological characteristic of human body
Cause also includes behavioural characteristic, includes person's handwriting, sound, gait;The graphical information, comprising one-dimension code, two dimensional code, multidimensional code and
Has the figure of uniqueness, the digital information includes identifying code, digital code, password;The certificate information, comprising identity card,
Passport, officer's identity card, campus card;The account information includes network account, bank account;The communication information includes mobile phone
Number;The facility information, the information comprising mobile device, communication equipment, personal device.
7. according to the method described in claim 1, further include:
Second identity the first identity matching corresponding with the resource, it is characterised in that matching can be fed back
As a result.
8. a kind of computer readable storage medium, is stored thereon with computer program, which is characterized in that the computer program is located
Reason device realizes method of any of claims 1-7 when executing.
9. a kind of device for authentication, including memory and processor, are stored with computer journey on the memory
Sequence, which is characterized in that the computer program realizes method of any of claims 1-7 when being executed by processor.
10. a kind of system for authentication, comprising:
For obtaining resource devices, there are corresponding relationships with identity for the resource;
For handling the identity device, includes at least one first identity group, the first identity group can be stored
And/or it is associated with other people the first identity groups;
It include at least one first identity for storing the first identity group device;
For storing the first identity device, there are corresponding relationships with the provider of mark;
For receiving the second identity device;
For second identity the first identity coalignment corresponding with the resource.
11. system according to claim 10, further includes:
For obtaining resource devices, there are corresponding relationships with identity for the resource, it is characterised in that the resource includes certainly
Right resource and social resources, are any one of various social materialss summations members.
12. system according to claim 10, further includes:
For handling the identity device, includes at least one first identity group, the first identity group can be stored
And/or it is associated with other people the first identity groups, it is characterised in that the storage can be operated arbitrarily;The association can limit behaviour
Make.
13. system according to claim 10, further includes:
It include at least one first identity for storing the first identity group device, it is characterised in that described the
One identity group is the set of the first identity described in the provider of the mark, the first identity group and mark
Provider there are corresponding relationships.
14. system according to claim 10, further includes:
For storing the first identity device, there are corresponding relationships with the provider of mark, it is characterised in that described
One identity is identified as the identity information that the provider of the mark reserves, and includes biological information, graphical information, digital information, card
One of part information, account information, communication information, facility information are a variety of, and correspond to and sort out to first identity
Gather described in group;The wherein biological information, comprising the intrinsic physiological characteristic of human body, comprising face, fingerprint, pupil, iris,
Palmmprint, vein, gene also include behavioural characteristic, include person's handwriting, sound, gait;The graphical information includes one-dimension code, two dimension
Code, multidimensional code and the figure for having uniqueness, the digital information include identifying code, digital code, password;The certificate information,
Include identity card, passport, officer's identity card, campus card;The account information includes network account, bank account;The communication letter
Breath includes cell-phone number;The facility information, the information comprising mobile device, communication equipment, personal device.
15. system according to claim 10, further includes:
For receiving the second identity device, it is characterised in that second identity is authenticating party identity letter to be verified
Breath includes one of biological information, graphical information, digital information, certificate information, account information, communication information, facility information
Or it is a variety of;The wherein biological information, comprising the intrinsic physiological characteristic of human body, comprising face, fingerprint, pupil, iris, palmmprint,
Vein, gene also include behavioural characteristic, include person's handwriting, sound, gait;The graphical information, comprising one-dimension code, two dimensional code, more
Dimension code and the figure for having uniqueness, the digital information include identifying code, digital code, password;The certificate information includes
Identity card, passport, officer's identity card, campus card;The account information includes network account, bank account;The communication information, packet
Containing cell-phone number;The facility information, the information comprising mobile device, communication equipment, personal device.
16. system according to claim 10, further includes:
For second identity the first identity coalignment corresponding with the resource, it is characterised in that can
Feed back matching result.
Applications Claiming Priority (4)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2018106348806 | 2018-06-15 | ||
| CN201810634880 | 2018-06-15 | ||
| CN201810944186 | 2018-08-18 | ||
| CN2018109441864 | 2018-08-18 |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN109801008A true CN109801008A (en) | 2019-05-24 |
Family
ID=66556242
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201810996260.7A Pending CN109801008A (en) | 2018-06-15 | 2018-08-29 | The method and system of authentication |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109801008A (en) |
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110378093A (en) * | 2019-07-29 | 2019-10-25 | 重庆动美网络科技有限公司 | Management system based on face recognition technology |
| CN110941814A (en) * | 2019-11-28 | 2020-03-31 | 武汉极意网络科技有限公司 | Behavior verification compatible method, device, storage medium and apparatus |
| CN111062654A (en) * | 2019-11-27 | 2020-04-24 | 坎德拉(深圳)科技创新有限公司 | Method for taking delivered parts |
| CN111784263A (en) * | 2020-07-28 | 2020-10-16 | 支付宝(杭州)信息技术有限公司 | Authorization processing method and device and logistics object processing method and device |
| CN111967274A (en) * | 2020-08-25 | 2020-11-20 | 文思海辉智科科技有限公司 | Label conversion processing method and device, electronic equipment and readable storage medium |
| CN112084811A (en) * | 2019-06-12 | 2020-12-15 | 杭州海康威视数字技术股份有限公司 | Identity information determining method and device and storage medium |
| CN112464198A (en) * | 2019-07-18 | 2021-03-09 | 创新先进技术有限公司 | Identity recognition preprocessing and identity recognition method and system |
| CN113177850A (en) * | 2021-04-15 | 2021-07-27 | 国任财产保险股份有限公司 | Method and device for multi-party identity authentication of insurance |
-
2018
- 2018-08-29 CN CN201810996260.7A patent/CN109801008A/en active Pending
Cited By (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112084811A (en) * | 2019-06-12 | 2020-12-15 | 杭州海康威视数字技术股份有限公司 | Identity information determining method and device and storage medium |
| CN112084811B (en) * | 2019-06-12 | 2023-08-11 | 杭州海康威视数字技术股份有限公司 | Identity information determining method, device and storage medium |
| CN112464198A (en) * | 2019-07-18 | 2021-03-09 | 创新先进技术有限公司 | Identity recognition preprocessing and identity recognition method and system |
| CN110378093A (en) * | 2019-07-29 | 2019-10-25 | 重庆动美网络科技有限公司 | Management system based on face recognition technology |
| CN111062654A (en) * | 2019-11-27 | 2020-04-24 | 坎德拉(深圳)科技创新有限公司 | Method for taking delivered parts |
| CN111062654B (en) * | 2019-11-27 | 2023-12-29 | 坎德拉(深圳)科技创新有限公司 | Delivery piece taking method |
| CN110941814A (en) * | 2019-11-28 | 2020-03-31 | 武汉极意网络科技有限公司 | Behavior verification compatible method, device, storage medium and apparatus |
| CN110941814B (en) * | 2019-11-28 | 2022-04-01 | 武汉极意网络科技有限公司 | Behavior verification compatible method, device, storage medium and apparatus |
| CN111784263A (en) * | 2020-07-28 | 2020-10-16 | 支付宝(杭州)信息技术有限公司 | Authorization processing method and device and logistics object processing method and device |
| CN111967274A (en) * | 2020-08-25 | 2020-11-20 | 文思海辉智科科技有限公司 | Label conversion processing method and device, electronic equipment and readable storage medium |
| CN113177850A (en) * | 2021-04-15 | 2021-07-27 | 国任财产保险股份有限公司 | Method and device for multi-party identity authentication of insurance |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109801008A (en) | The method and system of authentication | |
| US11405781B2 (en) | System and method for mobile identity protection for online user authentication | |
| US7290035B2 (en) | Email sender verification system | |
| US7519558B2 (en) | Biometrically enabled private secure information repository | |
| CN103413384B (en) | Electronic cabinet cell shared system and method | |
| CN108496382A (en) | Security information transmitting system and method for personal identification | |
| CN106027243A (en) | Electronic certificate generation method and system, client, cloud platform, and authorization end | |
| CN109446259A (en) | Data processing method and device, processor and storage medium | |
| CN110348243A (en) | The method and system of online shopping and/or express delivery secret protection | |
| CN106897850A (en) | System of real name commodities-circulation information management and system | |
| CN205015906U (en) | Anti -fake verification system of electron certificate | |
| CN108625723A (en) | Method and system for controlling the physical object to be shared by several potential users | |
| CN107330104A (en) | A kind of utilization communication network verifies the method and system of user real identification | |
| CN106034303A (en) | Information anti-faking method, information identification method, information anti-faking device and information identification device | |
| CN106330977A (en) | Fingerprint authentication method and related equipment | |
| CN109389720A (en) | Intelligent door lock permission processing method and processing device | |
| Asadpour et al. | Presenting a new method of authentication for the internet of things based on RFID | |
| US20140245412A1 (en) | Linking credentials in a trust mechanism | |
| DE102013105727A1 (en) | Method for deactivating a security system | |
| JP2012158468A (en) | Internet using home delivery authentication system | |
| CN109493855A (en) | Speech-sound intelligent locks method and system | |
| US20240096151A1 (en) | Mutable, configurable device | |
| CN108990043A (en) | A kind of remote unlocking method and its intelligent door lock based on core network communications | |
| CN103279853B (en) | A kind of SCM Based logistics picking terminal | |
| CN109658104A (en) | The system and method for assets consistency confirmation on a kind of chain |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20190524 |
|
| WD01 | Invention patent application deemed withdrawn after publication |