CN109906452A - Method for authenticating, authentication device and right discriminating system - Google Patents

Method for authenticating, authentication device and right discriminating system Download PDF

Info

Publication number
CN109906452A
CN109906452A CN201780000593.3A CN201780000593A CN109906452A CN 109906452 A CN109906452 A CN 109906452A CN 201780000593 A CN201780000593 A CN 201780000593A CN 109906452 A CN109906452 A CN 109906452A
Authority
CN
China
Prior art keywords
target client
storage
mark
information
biological
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201780000593.3A
Other languages
Chinese (zh)
Other versions
CN109906452B (en
Inventor
唐杰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen Goodix Technology Co Ltd
Original Assignee
Shenzhen Goodix Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Goodix Technology Co Ltd filed Critical Shenzhen Goodix Technology Co Ltd
Priority to PCT/CN2017/091234 priority Critical patent/WO2019000421A1/en
Publication of CN109906452A publication Critical patent/CN109906452A/en
Application granted granted Critical
Publication of CN109906452B publication Critical patent/CN109906452B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints

Abstract

This application provides a kind of method for authenticating, authentication device and right discriminating systems, according to the mark of client device, and the multiple descriptor codes and multiple biological informations of storage, client device is authenticated, to improve the safety to access between electronic equipment.This method comprises: obtaining the mark of target client device;According to the mark of the target client device, multiple biological informations of multiple descriptor codes of storage and storage, the target client device is authenticated, wherein, multiple descriptor codes of storage and multiple biological informations of storage correspond, and each descriptor code of storage is generated according to the mark and biological information of the client device of user.

Description

Method for authenticating, authentication device and right discriminating system Technical field
This application involves field of electronic devices, and more particularly to a kind of method for authenticating, authentication device and right discriminating system.
Background technique
More and more electronic equipments appear in the every aspect of our lives, simultaneously, it can be bound by authorization between electronic equipment and realize data sharing, but, since these electronic equipments are easy the attack by rogue program or hacker, cause leaking data or privacy to be invaded, and further influence the other equipment for authorizing binding with it, seriously affects our life and property safety.
Therefore, the security level for authorizing binding between electronic equipment how is improved, is a urgent problem to be solved.
Summary of the invention
The application provides a kind of method for authenticating, authentication device and right discriminating system, it advances with biological information and equipment identification information and authorization descriptor code is generated by algorithm operation, when needing to authenticate, it combines authorization descriptor code to carry out the access between equipment and authorization binding by device identification, improves equipment access security.
In a first aspect, the embodiment of the present application provides a kind of method for authenticating, comprising:
Obtain the mark of target client device;
According to the mark of the target client device, multiple biological informations of multiple descriptor codes of storage and storage, the target client device is authenticated, wherein, multiple descriptor codes of storage and multiple biological informations of storage correspond, and each descriptor code of storage is generated according to the mark and biological information of the client device of user.
Therefore, in the method for authenticating of the embodiment of the present application, in the biological information for carrying out having comprehensively considered the mark of target client device and the user of target client device in authentication process to target client device, the safety to access between electronic equipment is improved.
Optionally, in a kind of implementation of first aspect, when carrying out failed authentication to the target client device, the method for authenticating further include:
Obtain the biological information of the user of the target client device;
Goal description code is generated according to the biological information of the user of the mark of the target client device and the target client device;
Save the biological information of the goal description code and the user of the target client device.
Optionally, in a kind of implementation of first aspect, which authenticates the target client device, comprising:
According to multiple descriptor codes of the mark of the target client device and storage, multiple biological informations to be detected are generated;
Each biological information to be detected is matched with multiple biological informations of storage respectively;
It is successful to the authentication of the target client device if successful match, if matching is unsuccessful, to the failed authentication of the target client device.
Optionally, in a kind of implementation of first aspect, which authenticates the target client device, comprising:
According to multiple biological informations of the mark of the target client device and storage, multiple descriptor codes to be detected are generated;
Each descriptor code to be detected is matched with multiple descriptor codes of storage respectively;
It is successful to the authentication of the target client device if successful match, if matching is unsuccessful, to the failed authentication of the target client device.
Optionally, in a kind of implementation of first aspect, before the mark of the acquisition target client device, this method further include:
Request message is received from target client device, which includes that the mark of the target client device and the request message are established for request and authorize binding, for request data information and/or for requesting to be controlled;
The mark of the acquisition target client device, comprising:
The mark of the target client device is obtained from the request message.
Optionally, in a kind of implementation of first aspect, which includes at least one of iris information, finger print information, palm print information, acoustic information, DNA information, facial image information.
Second aspect, the embodiment of the present application provide a kind of authentication device, can execute the module or unit of the method in any optional implementation of first aspect or first aspect.
The third aspect, the embodiment of the present application provides a kind of right discriminating system, including controller and collector, the collector is for acquiring biological information, the controller can obtain biological information from the collector, and can execute the module or unit of the method in any optional implementation of first aspect or first aspect.
Fourth aspect provides a kind of computer storage medium, is stored with program code in the computer storage medium, which is used to indicate the instruction for the method that computer executes in any possible implementation of above-mentioned first aspect or first aspect.
5th aspect, provides a kind of computer program product including instruction, when run on a computer, so that computer executes the method in any possible implementation of above-mentioned first aspect or first aspect.
Detailed description of the invention
Fig. 1 is the schematic diagram using the integration module of the method for authenticating of the embodiment of the present application.
Fig. 2 is the schematic flow chart according to a kind of method for authenticating of the embodiment of the present application.
Fig. 3 is the schematic flow chart according to a kind of method for authenticating of another embodiment of the application.
Fig. 4 is the schematic block diagram according to a kind of authentication device of the embodiment of the present application.
Fig. 5 is the schematic block diagram according to a kind of authentication device of another embodiment of the application.
Fig. 6 is the schematic block diagram according to a kind of right discriminating system of the embodiment of the present application.
Specific embodiment
Below in conjunction with attached drawing, the technical solution in the application is described.
Fig. 1 is the schematic diagram using the integration module of the method for authenticating of the embodiment of the present application.As shown in Figure 1, the integration module 100 includes controller 110, collector 120, master control 130, adaptable interface 140 and power supply 150.
It should be understood that, the integration module 100 can integrate on the hardware circuit of target electronic device, each section of the integration module 100 is adapted to by the system layer of target electronic device, cooperation especially between controller 110 and collector 120 needs to carry out from the angle of system software, to realize authorization binding and the access between client device and target electronic device.
It should also be understood that client device when being bound, needs to obtain the authorization binding of target electronic device with target electronic device.Optionally, it is established after binding between client device and target electronic device, the data interaction and control between equipment may be implemented.Optionally, binding is in order to visitor Carry out empowerment management.
Controller 110 is connect by adaptable interface 140 with collector 120, while controller 110 is connected with master control 130, and controller 110 can be the chip and mould group for carrying out network request and response.Controller 110 can obtain biological information from collector 120, and controller 110 can also receive the instruction about authorization binding and access from master control 130.
Collector 120 is connect by adaptable interface 140 with controller 110, collector 120 is connected with master control 130 simultaneously, collector 120 can be the chip and mould group of acquisition biological attribute data, for example, acquisition iris, fingerprint, palmmprint, sound, DNA, face-image etc..Collector 120 can acquire the biological information of user, and receive instruction of the master control 130 about physical characteristics collecting, and collector 120 can realize authorization binding and the access between client device and target electronic device with hop controller 110.
Optionally, collector 120 at this point, controller 110 can be sent to collector 120 instructs the biological information so that collector acquisition user, and can obtain biological information from collector 120 independently of individualism except target electronic device.
Master control 130 is connect with controller 110 and collector 120, and the authorization binding and access, master control 130 that can use between controller 110 and 120 cooperative achievement client device of collector and target electronic device can be the core control circuit logic of target electronic device.
Adaptable interface 140 connects controller 110 and collector 120, realize the communication between controller 110 and collector 120, adaptable interface 140 can be bus interface, such as, Serial Peripheral Interface (SPI) (Serial Peripheral Interface, SPI), twin wire serial bus interface (Inter-Integrated Circuit, I2C).
Power supply 150 can power for master control 130.Optionally, power supply 150 can also power for controller 110 and collector 120.
Optionally, the target electronic device can be the intelligent hardware devices that the families such as IP Camera, security door, router, air-conditioning, refrigerator, air purifier use, be also possible to some such as unmanned planes, remote-controlled robot, intelligent bicycle open air the product for carrying intelligent hardware devices.
Optionally, which can be the terminals such as smart phone, plate, PC.
Optionally, in this application, biological characteristic includes and is not limited to iris, fingerprint, palmmprint, sound, DNA, face-image etc..
Fig. 2 is the schematic flow chart according to a kind of method for authenticating 200 of the embodiment of the present application.As shown in Fig. 2, the target electronic device that the method for authenticating can be needed to access by client device executes, can also be executed by the controller and collector for being integrated in the target electronic device, which includes The following contents.
210, obtain the mark of target client device.
Optionally, when the target client device needs the authorization established between target electronic device binding, needs to obtain the data information of target electronic device, and/or need to control target electronic device, the mark of the target client device is obtained.
Optionally, the mark of the target client device can be the unique identification of the target client device, such as, for the client of android system, it can be according to International Mobile Equipment Identity code (International Mobile Equipment Identity, IMEI)+media access control address (Media Access Control, MAC the uniqueness of client device) is identified, for the client of iOS system, it can be according to unique device identifier (Open Unique Device Identifier, Open UDID) mark client device uniqueness, for the client of WP system, it can be according to adjacent net The uniqueness of network identifier (Adjacent Network Identifier, ANID) mark client device.
220, according to the mark of the target client device, multiple biological informations of multiple descriptor codes of storage and storage, the target client device is authenticated, wherein, multiple descriptor codes of storage and multiple biological informations of storage correspond, and each descriptor code of storage is generated according to the mark and biological information of the client device of user.
Optionally, multiple descriptor codes of storage can first pass through algorithm operation generation in advance.
For example, descriptor code D can be obtained by formula 1,
D=F (C, P) formula 1
Wherein, D is descriptor code, and C is the mark of client device, and P is the biological information of the user of client device.
When being authenticated, the target client device can be authenticated by the following two kinds mode:
Mode one,
According to multiple descriptor codes of the mark of the target client device and storage, multiple biological informations to be detected are generated;
Each biological information to be detected is matched with multiple biological informations of storage respectively;
It is successful to the authentication of the target client device if successful match, if matching is unsuccessful, to the failed authentication of the target client device.
It should be understood that multiple descriptor codes of the storage and multiple biological information to be detected one are a pair of It answers.
It is alternatively possible to multiple biological information to be detected is generated by formula 2,
Wherein, PiIt is i-th of biological information to be detected in multiple biological informations to be detected, DiIt is stored in i-th of descriptor code of target electronic device, C is the mark of the target client device of current accessed.
It should be understood that formula 2 is the inverse operation of formula 1.The mark C and biological information P of target client device generate descriptor code D according to formula 1, and are stored in target electronic device;When C is identical, biological information P is can be generated according to formula 2 in the mark C of the target client device of current accessed and the descriptor code D of storage.
Mode two,
According to multiple biological informations of the mark of the target client device and storage, multiple descriptor codes to be detected are generated;
Each descriptor code to be detected is matched with multiple descriptor codes of storage respectively;
It is successful to the authentication of the target client device if successful match, if matching is unsuccessful, to the failed authentication of the target client device.
It should be understood that multiple biological informations of the storage and multiple descriptor code to be detected correspond.
It is alternatively possible to multiple descriptor code to be detected is generated by formula 3,
Wherein, DiIt is i-th of descriptor code to be detected in multiple descriptor codes to be detected, PiIt is stored in i-th of biological information of target electronic device, C is the mark of the target client device of current accessed.
It should be understood that formula 3 is the inverse operation of formula 1.The mark C and biological information P of target client device generate descriptor code D according to formula 1, and are stored in target electronic device;When C is identical, descriptor code D is can be generated according to formula 3 in the mark C of the target client device of current accessed and the biological information P of storage.
Optionally, in the authentication success to the target client device, which can directly acquire the data information of the target electronic device, and the control to the target electronic device also may be implemented.
Optionally, in the failed authentication to the target client device, the method for authenticating 200 further include:
Obtain the biological information of the user of the target client device;
Goal description code is generated according to the biological information of the user of the mark of the target client device and the target client device;
Save the biological information of the goal description code and the user of the target client device.
It is alternatively possible to generate the goal description code by formula 1.
It should be understood that the successful authentication to the target client device may be implemented in the goal description code according to generation.
Optionally, before the mark for obtaining the target client device, the method for authenticating 200 further include:
Request message is received from target client device, which includes that the mark of the target client device and the request message are established for request and authorize binding, for request data information and/or for requesting to be controlled.It is alternatively possible to directly obtain the mark of the target client device from the request message.
Therefore, in the method for authenticating of the embodiment of the present application, according to the mark of target client device, the multiple descriptor codes and multiple biological informations of storage, target client device is authenticated, the mark and biological information of client device are comprehensively considered in authentication process, to improve the safety to access between electronic equipment.
It is alternatively possible to as one embodiment, method for authenticating 300 as shown in Figure 3.The method for authenticating 300 includes:
310, client device sends bind request to target electronic device.
Optionally, client device can also directly send the request for obtaining the data of the target electronic device to target electronic device, and client device directly can also send the request controlled the target electronic device to target electronic device.
Optionally, which carries the mark of the client device.
320, which receives the bind request.
330, which judges whether the client device is authorisation device.
It is alternatively possible to judge whether client device is authorisation device by the mode one in method for authenticating 200 as shown in Figure 2, it can also judge whether client device is authorisation device by the mode two in method for authenticating 200 as shown in Figure 2.
340, when the target electronic device determines that the client device is authorisation device, receive the request of the client device, and the authorization established between the client device is bound.
350, when the target electronic device determines that the client device is unauthorized device, target electricity Sub- device prompts need to acquire biological information.
Optionally, which can also directly prompt to establish Bind Failed, need to acquire biological information.
360, which prompts user's typing biological information in the target electronic device.
370, which acquires biological information.
Optionally, which can also obtain biological information from some acquisition equipment with acquisition biological information.
380, which does algorithm operation for the mark of collected biological information and the client device, generates authorization descriptor code, and encrypting storing.
It is alternatively possible to generate the authorization descriptor code according to the formula 1 in method for authenticating 200.
Optionally, the authorization descriptor code had not only been saved at this time, but also saved the biological information.
390, which notifies the client device binding success.
Therefore, in the method for authenticating of the embodiment of the present application, according to the mark of client device, the multiple descriptor codes and multiple biological informations of storage, client device is authenticated, the mark and biological information of client device are comprehensively considered in authentication process, to improve the safety to access between electronic equipment.
Fig. 4 is the schematic block diagram according to a kind of authentication device 400 of the embodiment of the present application.As shown in figure 4, the authentication device 400 includes:
Acquiring unit 410, for obtaining the mark of target client device;
Processing unit 420, for multiple biological informations according to the mark of the target client device, multiple descriptor codes of storage and storage, the target client device is authenticated, wherein, multiple descriptor codes of storage and multiple biological informations of storage correspond, and each descriptor code of storage is generated according to the mark and biological information of the client device of user.
Optionally, in failed authentication of the processing unit 420 to the target client device, the authentication device 400 further include: acquisition unit, generation unit and storage unit.
Acquisition unit, the biological information of the user for obtaining the target client device;
Generation unit, for generating goal description code according to the biological information of the mark of the target client device and the user of the target client device;
Storage unit, the biological information of the user for saving the goal description code and the target client device.
Optionally, which is specifically used for:
According to multiple descriptor codes of the mark of the target client device and storage, multiple biological informations to be detected are generated;
Each biological information to be detected is matched with multiple biological informations of storage respectively;
It is successful to the authentication of the target client device if successful match, if matching is unsuccessful, to the failed authentication of the target client device.
Optionally, which is specifically used for:
According to multiple biological informations of the mark of the target client device and storage, multiple descriptor codes to be detected are generated;
Each descriptor code to be detected is matched with multiple descriptor codes of storage respectively;
It is successful to the authentication of the target client device if successful match, if matching is unsuccessful, to the failed authentication of the target client device.
Optionally, before the mark that the acquiring unit 410 obtains the target client device, the authentication device further include:
Receiving unit, for receiving request message from target client device, which includes that the mark of the target client device and the request message are used to request to establish authorization binding, are controlled for request data information and/or for request;
The acquiring unit 410 is specifically used for obtaining the mark of the target client device from the request message.
Optionally, biological information includes at least one of iris information, finger print information, palm print information, acoustic information, DNA information, facial image information.
It should be understood that, according to above and other operation and/or function of each unit in a kind of authentication device 400 of the embodiment of the present application respectively in order to realize the corresponding process of target electronic device in the method for authenticating 200 in Fig. 2 and the method for authenticating in Fig. 3 300, for sake of simplicity, details are not described herein.
Fig. 5 shows a kind of schematic block diagram of authentication device 500 provided by the embodiments of the present application, which includes:
Memory 510, for storing program, which includes code;
Transceiver 520, for being communicated with other equipment;
Processor 530, for executing the program code in memory 510.
Optionally, when each operation that the code is performed, which may be implemented the method for authenticating 200 in Fig. 2, the target electronic device of the method for authenticating 300 in Fig. 3 executes, for sake of simplicity, Details are not described herein.At this point, authentication device 500 can be the target electronic device, it is also possible to be integrated in controller and collector in the target electronic device.Transceiver 520 under the driving of processor 530 for executing specific signal transmitting and receiving.
It should be understood that, in the embodiment of the present application, the processor 530 can be central processing unit (Central Processing Unit, CPU), which can also be other general processors, digital signal processor (DSP), specific integrated circuit (ASIC), ready-made programmable gate array (FPGA) either other programmable logic device, discrete gate or transistor logic, discrete hardware components etc..General processor can be microprocessor or the processor is also possible to any conventional processor etc..
The memory 510 may include read-only memory and random access memory, and provide instruction and data to processor 530.The a part of of memory 510 can also include nonvolatile RAM.For example, memory 510 can be with the information of storage device type.
Transceiver 520, which can be, sends and receives function for realizing signal, such as frequency modulation(PFM) and demodulation function or calls frequency conversion and frequency down-conversion function.
During realization, at least one step of the above method can be completed by the integrated logic circuit of the hardware in processor 530 or the integrated logic circuit can complete at least one step under the order-driven of software form.Therefore, authentication device 500 can be a chip or chipset.
The step of method in conjunction with disclosed in the embodiment of the present application, can be embodied directly in hardware processor and execute completion, or in processor hardware and software module combination execute completion.Software module can be located at random access memory, flash memory, read-only memory, in the storage medium of this fields such as programmable read only memory or electrically erasable programmable memory, register maturation.The step of storage medium is located at memory, and processor 530 reads the information in memory, completes the above method in conjunction with its hardware.To avoid repeating, it is not detailed herein.
Fig. 6 is the schematic block diagram according to a kind of right discriminating system 600 of the embodiment of the present application.As shown in fig. 6, the right discriminating system 600 includes collector 610 and controller 620.
The controller 620, for obtaining the mark of target client device;
The controller 620, it is also used to multiple biological informations of the mark according to the target client device, multiple descriptor codes of storage and storage, the target client device is authenticated, wherein, multiple descriptor codes of storage and multiple biological informations of storage correspond, and each descriptor code of storage is generated according to the mark and biological information of the client device of user.
Optionally, in failed authentication of the controller 620 to the target client device,
The collector 610, the biological information of the user for acquiring the target client device;
The controller 620 is also used to obtain the biological information of the user of the target client device from the collector 610;
The controller 620 is also used to generate goal description code according to the biological information of the user of the mark of the target client device and the target client device;
The controller 620 is also used to save the biological information of the goal description code and the user of the target client device.
Optionally, the controller 620, is also used to:
According to multiple descriptor codes of the mark of the target client device and storage, multiple biological informations to be detected are generated;
Each biological information to be detected is matched with multiple biological informations of storage respectively;
It is successful to the authentication of the target client device if successful match, if matching is unsuccessful, to the failed authentication of the target client device.
Optionally, the controller 620, is also used to:
According to multiple biological informations of the mark of the target client device and storage, multiple descriptor codes to be detected are generated;
Each descriptor code to be detected is matched with multiple descriptor codes of storage respectively;
It is successful to the authentication of the target client device if successful match, if matching is unsuccessful, to the failed authentication of the target client device.
Optionally, before the mark that the controller 620 obtains the target client device,
The controller 620, it is also used to receive request message from target client device, the request message includes that the mark of the target client device and the request message are bound, for requesting to establish to authorize for request data information and/or for requesting to be controlled;
The controller 620 is also used to obtain the mark of the target client device from the request message.
Optionally, biological information includes at least one of iris information, finger print information, palm print information, acoustic information, DNA information, facial image information.
It should be understood that, according to above and other operation and/or function of controller and collector in a kind of right discriminating system 600 of the embodiment of the present application respectively in order to realize the corresponding process of equipment in the method for authenticating 200 in Fig. 2 and the method for authenticating in Fig. 3 300, for sake of simplicity, details are not described herein.
Optionally, which may be implemented the corresponding function such as the authentication device 400 in Fig. 4, and the corresponding function such as the authentication device 500 in Fig. 5 also may be implemented.
In the above-described embodiments, it can be realized wholly or partly by software, hardware, firmware or any combination thereof.When implemented in software, it can entirely or partly realize in the form of a computer program product.The computer program product includes one or more computer instructions.When loading on computers and executing the computer program instructions, entirely or partly generate according to process or function described in the embodiment of the present invention.The computer can be general purpose computer, special purpose computer, computer network or other programmable devices.The computer instruction may be stored in a computer readable storage medium, or it is transmitted from a computer readable storage medium to another computer readable storage medium, for example, the computer instruction can be transmitted from a web-site, computer, server or data center by wired (such as coaxial cable, optical fiber, Digital Subscriber Line (DSL)) or wireless (such as infrared, wireless, microwave etc.) mode to another web-site, computer, server or data center.The computer readable storage medium can be any usable medium that computer can access or include the data storage devices such as one or more usable mediums integrated server, data center.The usable medium can be magnetic medium, (for example, floppy disk, hard disk, tape), optical medium (for example, DVD) or semiconductor medium (such as solid state hard disk Solid State Disk (SSD)) etc..
It should be understood that, in the various embodiments of the application, magnitude of the sequence numbers of the above procedures are not meant that the order of the execution order, and the execution sequence of each process should be determined by its function and internal logic, and the implementation process without coping with the embodiment of the present application constitutes any restriction.
The technical staff of affiliated neck can be understood that for convenience and simplicity of description, system, the specific work process of device and unit of foregoing description can refer to corresponding processes in the foregoing method embodiment, details are not described herein.
It is described above; the only specific embodiment of the application, but the protection scope of the application is not limited thereto, and any technical staff for being familiar with this technology neck is within the technical scope of the present application; it can easily think of the change or the replacement, should all cover within the scope of protection of this application.Therefore, the protection scope of the application should be subject to the scope of protection of the claims.

Claims (18)

  1. A kind of method for authenticating characterized by comprising
    Obtain the mark of target client device;
    According to the mark of the target client device, multiple biological informations of multiple descriptor codes of storage and storage, the target client device is authenticated, wherein, multiple descriptor codes of storage and multiple biological informations of storage correspond, and each descriptor code of storage is generated according to the mark and biological information of the client device of user.
  2. The method according to claim 1, wherein when carrying out failed authentication to the target client device, the method also includes:
    Obtain the biological information of the user of the target client device;
    Goal description code is generated according to the biological information of the user of the mark of the target client device and the target client device;
    Save the biological information of the user of the goal description code and the target client device.
  3. Method according to claim 1 or 2, which is characterized in that it is described according to the mark of the target client device, multiple biological informations of multiple descriptor codes of storage and storage, the target client device is authenticated, comprising:
    According to multiple descriptor codes of the mark of the target client device and storage, multiple biological informations to be detected are generated;
    Each biological information to be detected is matched with multiple biological informations of storage respectively;
    It is successful to the authentication of the target client device if successful match, if matching is unsuccessful, to the failed authentication of the target client device.
  4. Method according to claim 1 or 2, which is characterized in that it is described according to the mark of the target client device, multiple biological informations of multiple descriptor codes of storage and storage, the target client device is authenticated, comprising:
    According to multiple biological informations of the mark of the target client device and storage, multiple descriptor codes to be detected are generated;
    Each descriptor code to be detected is matched with multiple descriptor codes of storage respectively;
    It is successful to the authentication of the target client device if successful match, if matching is unsuccessful, to the failed authentication of the target client device.
  5. According to claim 1 to any method in 4, which is characterized in that in the acquisition Before the mark of target client device, the method also includes:
    Request message is received from target client device, the request message includes that the mark of the target client device and the request message are established for request and authorize binding, for request data information and/or for requesting to be controlled;
    The mark for obtaining target client device, comprising:
    The mark of the target client device is obtained from the request message.
  6. According to claim 1 to any method in 5, which is characterized in that biological information includes at least one of iris information, finger print information, palm print information, acoustic information, DNA information, facial image information.
  7. A kind of authentication device characterized by comprising
    Acquiring unit, for obtaining the mark of target client device;
    Processing unit, for multiple biological informations according to the mark of the target client device, multiple descriptor codes of storage and storage, the target client device is authenticated, wherein, multiple descriptor codes of storage and multiple biological informations of storage correspond, and each descriptor code of storage is generated according to the mark and biological information of the client device of user.
  8. Equipment according to claim 7, which is characterized in that when the processing unit is to the target client device failed authentication, the equipment further include:
    Acquisition unit, the biological information of the user for obtaining the target client device;
    Generation unit, for generating goal description code according to the mark of the target client device and the biological information of the user of the target client device;
    Storage unit, the biological information of the user for saving the goal description code and the target client device.
  9. Equipment according to claim 7 or 8, which is characterized in that the processing unit is specifically used for:
    According to multiple descriptor codes of the mark of the target client device and storage, multiple biological informations to be detected are generated;
    Each biological information to be detected is matched with multiple biological informations of storage respectively;
    It is successful to the authentication of the target client device if successful match, if matching is unsuccessful, to the failed authentication of the target client device.
  10. Equipment according to claim 7 or 8, which is characterized in that the processing unit is specific For:
    According to multiple biological informations of the mark of the target client device and storage, multiple descriptor codes to be detected are generated;
    Each descriptor code to be detected is matched with multiple descriptor codes of storage respectively;
    It is successful to the authentication of the target client device if successful match, if matching is unsuccessful, to the failed authentication of the target client device.
  11. According to the equipment any in claim 7 to 10, which is characterized in that the equipment further include:
    Receiving unit, for receiving request message from target client device, the request message includes that the mark of the target client device and the request message are bound, for requesting to establish to authorize for request data information and/or for requesting to be controlled;
    The acquiring unit is specifically used for obtaining the mark of the target client device from the request message.
  12. According to the equipment any in claim 7 to 11, which is characterized in that biological information includes at least one of iris information, finger print information, palm print information, acoustic information, DNA information, facial image information.
  13. A kind of right discriminating system, which is characterized in that the system comprises collectors and controller, wherein
    The controller, for obtaining the mark of target client device;
    The controller, it is also used to multiple biological informations of the mark according to the target client device, multiple descriptor codes of storage and storage, the target client device is authenticated, wherein, multiple descriptor codes of storage and multiple biological informations of storage correspond, and each descriptor code of storage is generated according to the mark and biological information of the client device of user.
  14. System according to claim 13, which is characterized in that in failed authentication of the controller to the target client device,
    The collector, the biological information of the user for acquiring the target client device;
    The controller is also used to obtain the biological information of the user of the target client device from the collector;
    The controller, the biological information for being also used to the user of the mark and target client device according to the target client device generate goal description code;
    The controller is also used to save the biological information of the user of the goal description code and the target client device.
  15. System described in 3 or 14 according to claim 1, which is characterized in that the controller is also used to:
    According to multiple descriptor codes of the mark of the target client device and storage, multiple biological informations to be detected are generated;
    Each biological information to be detected is matched with multiple biological informations of storage respectively;
    It is successful to the authentication of the target client device if successful match, if matching is unsuccessful, to the failed authentication of the target client device.
  16. System described in 3 or 14 according to claim 1, which is characterized in that the controller is also used to:
    According to multiple biological informations of the mark of the target client device and storage, multiple descriptor codes to be detected are generated;
    Each descriptor code to be detected is matched with multiple descriptor codes of storage respectively;
    It is successful to the authentication of the target client device if successful match, if matching is unsuccessful, to the failed authentication of the target client device.
  17. Any system in 3 to 16 according to claim 1, which is characterized in that before the mark that the controller obtains the target client device,
    The controller, it is also used to receive request message from target client device, the request message includes that the mark of the target client device and the request message are bound, for requesting to establish to authorize for request data information and/or for requesting to be controlled;
    The controller is also used to obtain the mark of the target client device from the request message.
  18. Any system in 3 to 17 according to claim 1, which is characterized in that biological information includes at least one of iris information, finger print information, palm print information, acoustic information, DNA information, facial image information.
CN201780000593.3A 2017-06-30 2017-06-30 Authentication method, authentication equipment and authentication system Active CN109906452B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/CN2017/091234 WO2019000421A1 (en) 2017-06-30 2017-06-30 Authentication method, authentication device and authentication system

Publications (2)

Publication Number Publication Date
CN109906452A true CN109906452A (en) 2019-06-18
CN109906452B CN109906452B (en) 2022-06-14

Family

ID=

Citations (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101174949A (en) * 2006-10-30 2008-05-07 华为技术有限公司 Biological authentication method and system
CN101909277A (en) * 2010-06-07 2010-12-08 中兴通讯股份有限公司 System and method for realizing real-name management and terminals
US20120036013A1 (en) * 2010-08-09 2012-02-09 Brent Lee Neuhaus System and method for determining a consumer's location code from payment transaction data
CN103457951A (en) * 2013-09-02 2013-12-18 小米科技有限责任公司 Method and device for allowing multiple terminals to login to server
CN104268457A (en) * 2014-09-22 2015-01-07 联想(北京)有限公司 Information processing method, electronic device and server
CN104935577A (en) * 2015-04-30 2015-09-23 努比亚技术有限公司 Authentication certification method, intelligent card cloud, APP cloud, apparatus and system
CN204926094U (en) * 2015-08-26 2015-12-30 广州市鑫澳康科技有限公司 System based on authentication is carried out to biological characteristics information
CN105430645A (en) * 2015-10-29 2016-03-23 青岛海尔智能家电科技有限公司 Method of accessing intelligent device to router, intelligent device and router
CN105447928A (en) * 2014-08-29 2016-03-30 青岛海尔智能家电科技有限公司 Entrance guard control method and control system thereof
CN105931053A (en) * 2016-04-29 2016-09-07 乐视控股(北京)有限公司 Authentication method and apparatus, and electronic device
CN106161392A (en) * 2015-04-17 2016-11-23 深圳市腾讯计算机系统有限公司 A kind of auth method and equipment
US20160364729A1 (en) * 2015-06-15 2016-12-15 Tata Consultancy Services Limited Method and system for performing secure banking transactions
CN106612259A (en) * 2015-10-26 2017-05-03 阿里巴巴集团控股有限公司 Identity recognition method and device, service information processing method and device and biological feature information processing method and device
CN106686011A (en) * 2017-03-10 2017-05-17 安康鸿天科技开发有限公司 Multi - field interaction method based on IMS communication and device thereof

Patent Citations (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101174949A (en) * 2006-10-30 2008-05-07 华为技术有限公司 Biological authentication method and system
CN101909277A (en) * 2010-06-07 2010-12-08 中兴通讯股份有限公司 System and method for realizing real-name management and terminals
US20120036013A1 (en) * 2010-08-09 2012-02-09 Brent Lee Neuhaus System and method for determining a consumer's location code from payment transaction data
CN103457951A (en) * 2013-09-02 2013-12-18 小米科技有限责任公司 Method and device for allowing multiple terminals to login to server
CN105447928A (en) * 2014-08-29 2016-03-30 青岛海尔智能家电科技有限公司 Entrance guard control method and control system thereof
CN104268457A (en) * 2014-09-22 2015-01-07 联想(北京)有限公司 Information processing method, electronic device and server
CN106161392A (en) * 2015-04-17 2016-11-23 深圳市腾讯计算机系统有限公司 A kind of auth method and equipment
CN104935577A (en) * 2015-04-30 2015-09-23 努比亚技术有限公司 Authentication certification method, intelligent card cloud, APP cloud, apparatus and system
US20160364729A1 (en) * 2015-06-15 2016-12-15 Tata Consultancy Services Limited Method and system for performing secure banking transactions
CN204926094U (en) * 2015-08-26 2015-12-30 广州市鑫澳康科技有限公司 System based on authentication is carried out to biological characteristics information
CN106612259A (en) * 2015-10-26 2017-05-03 阿里巴巴集团控股有限公司 Identity recognition method and device, service information processing method and device and biological feature information processing method and device
CN105430645A (en) * 2015-10-29 2016-03-23 青岛海尔智能家电科技有限公司 Method of accessing intelligent device to router, intelligent device and router
CN105931053A (en) * 2016-04-29 2016-09-07 乐视控股(北京)有限公司 Authentication method and apparatus, and electronic device
CN106686011A (en) * 2017-03-10 2017-05-17 安康鸿天科技开发有限公司 Multi - field interaction method based on IMS communication and device thereof

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
MOSES OKECHUKWU ONYESOLU 等: "ATM Security Using Fingerprint Biometric Identifier:An Investigative Study", 《(IJACSA) INTERNATIONAL JOURNAL OF ADVANCED COMPUTER SCIENCE AND APPLICATION》 *
汤宁 等: "多模式生物特征识别的身份验证系统", 《计算机工程与设计》 *
陆明星 等: "一种基于指纹生物特征识别系统", 《计算机技术与发展》 *

Also Published As

Publication number Publication date
WO2019000421A1 (en) 2019-01-03

Similar Documents

Publication Publication Date Title
CN107121938B (en) Intelligent household equipment control method, device and system based on identity recognition
US9286455B2 (en) Real identity authentication
US10390222B2 (en) Technologies for touch-free multi-factor authentication
CN103856472B (en) A kind of method and device of Account Logon
EP3975014A1 (en) Technologies for secure storage and use of biometric authentication information
WO2017053656A1 (en) Cumulative authentication for step-up increased authentication factors
WO2018027056A1 (en) System and method for identity authentication
JP2019512976A (en) Identity registration method and device
US20090240907A1 (en) Remote storage access control system
US10938814B2 (en) Unified authentication software development kit
CN103701977A (en) Portable electronic device, communication system and information authentication method
CN103401880A (en) Automatic login industrial control system and control method
US20190116043A1 (en) Control method for enrolling face template data and related product
US9876792B2 (en) Apparatus and method for host abstracted networked authorization
CN110084017A (en) A kind of ID authentication device, system, method, apparatus and storage medium
TW202020706A (en) Multi-functional authentication apparatus and operating method for the same
CN109906452A (en) Method for authenticating, authentication device and right discriminating system
EP3796194A1 (en) Secure element for processing and authenticating digital key and operation method therefor
CN109906452B (en) Authentication method, authentication equipment and authentication system
CN109088731B (en) Internet of things cloud communication method and device
US11017062B2 (en) Method for the secure interaction of a user with a mobile terminal and a further entity
WO2019056971A1 (en) Authentication method and device
CN109450954A (en) Auto communication interface equipment and its authentication method
WO2017121159A1 (en) Authentication method and system for accessing home gateway in wpa /wpa2 authentication mode
JP2019036091A (en) Vehicle security system and vehicle security method

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant