CN110516427A - Auth method, device, storage medium and the computer equipment of terminal user - Google Patents
Auth method, device, storage medium and the computer equipment of terminal user Download PDFInfo
- Publication number
- CN110516427A CN110516427A CN201910810586.0A CN201910810586A CN110516427A CN 110516427 A CN110516427 A CN 110516427A CN 201910810586 A CN201910810586 A CN 201910810586A CN 110516427 A CN110516427 A CN 110516427A
- Authority
- CN
- China
- Prior art keywords
- user
- terminal
- sim card
- information
- account
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/32—User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/34—User authentication involving the use of external additional devices, e.g. dongles or smart cards
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/45—Structures or tools for the administration of authentication
- G06F21/46—Structures or tools for the administration of authentication by designing passwords or checking the strength of passwords
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Telephonic Communication Services (AREA)
Abstract
Present invention discloses the auth method of terminal user, device, storage medium and computer equipments, wherein, the auth method of terminal user, terminal has corresponding SIM card, comprising: obtains the current SIM card that the account key information of user's input, the biological information of user and the terminal are carried respectively;Whether the current SIM card for judging that the account key information of user's input, the biological information of user and the terminal are carried respectively matches with pre-stored information;According to judging result, the legitimacy of subscriber authentication is determined.Pass through account, the correctness of password of verifying user's input;By adding bio-identification link, judge to input whether the operation of account number cipher is to operate in person;Whether effective by the current SIM card for judging that user uses account whether authorized and terminal is carried, above step is all linked with one another, to improve the reliability of subscriber authentication.
Description
Technical field
The present invention relates to smart machine field, especially relate to the auth method of terminal user a kind of, device,
Storage medium and computer equipment.
Background technique
With the development of mobile communication technology, intelligent terminal such as mobile phone have goed deep into the study and work of people.Intelligence is eventually
User identity, the method for above-mentioned verifying user identity are mainly verified in a manner of account number cipher and user biological characteristic information etc. in end
There are different drawbacks.Identifying the method for user identity by account number cipher, there are account number ciphers to be stolen by other people;Pass through user
The method that biometric feature verifies user, since the prior art is not mature enough, the biometric feature of user exists counterfeit
A possibility that.Therefore, how to improve the reliability of existing terminal user ID verifying, it appears very necessary.
Summary of the invention
The main object of the present invention is to provide the auth method of terminal user a kind of, it is intended to solve to improve existing terminal
The problem of authentication reliability of user.
The present invention proposes the auth method of terminal user a kind of, and terminal has corresponding SIM card, this method comprises:
Working as the account key information of user's input, the biological information of user and terminal carrying is obtained respectively
Preceding SIM card;
Working as the account key information of user's input, the biological information of user and terminal carrying is judged respectively
Whether preceding SIM card matches with pre-stored information;
According to judging result, the legitimacy of subscriber authentication is determined.
Preferably, the account key information for judging user's input respectively, the biological information of user and described
The step of whether current SIM card that terminal is carried matches with pre-stored information, comprising:
Judge user input account key information whether with the information matches that are pre-stored in database;
If so, obtaining the biological information of the user, judge whether the biological information meets default want
It asks;
If so, obtaining the corresponding id information of each SIM card institute that the terminal is carried, the first ID set is generated;
Acquisition is pre-stored in the 2nd ID set corresponding with the terminal in the database, and the 2nd ID set is comprising eventually
Hold the id information of each SIM card associated by legitimate user;
Judge the 2nd ID set whether be the first ID set subset;
If so, judging whether the first SIM card in the subset is effective respectively, wherein first SIM card is institute
State all SIM cards corresponding with id information in the 2nd ID set in terminal;
If being effectively to determine the account key information of user's input, the biological information of user and the end
The current SIM card that end is carried matches with pre-stored information.
Preferably, first SIM card judged in the subset respectively whether effective step, comprising:
Obtain the corresponding id information of each first SIM card in the subset;
The corresponding id information of each first SIM card is encrypted respectively by the first Encryption Algorithm, generates the first number
Train value;
For each first SIM card, by first SIM card by its corresponding described first ordered series of numbers value to preset shape
Formula is sent to server, wherein whether the server is used to verify the current SIM card that the terminal is carried effective;
The server is obtained for the second ordered series of numbers value of the corresponding telephone number feedback of first SIM card;
Judge whether the first ordered series of numbers value and the second ordered series of numbers value are identical;
If so, determining that first SIM card in the subset is effective.
Preferably, the account key information includes password and account, the account key information of the judgement user input
Whether be pre-stored in database information matches the step of, comprising:
Computations are carried out to the password that the user inputs by the second Encryption Algorithm, generate third ordered series of numbers value;
According to the account that the user inputs, the 4th ordered series of numbers value of the corresponding account is obtained from database,
In, the corresponding relationship of account Yu the 4th ordered series of numbers value is prestored in the database;
Judge the third ordered series of numbers value whether with it is described 4th number hash value matches;
If so, determining the account key information of user's input and the information matches being pre-stored in the database, if not
Then mismatch.
Preferably, the biological information for obtaining user, judges whether the biological information meets default want
The step of asking, comprising:
The biological information for obtaining user, pre-processes the biological information, determines the corresponding biology
The user account of characteristic information;
According to the corresponding relationship of the user account of the biological information prestored in the database and ordered series of numbers value, acquisition pair
Answer the 5th ordered series of numbers value of the biological information;
Judge the 5th ordered series of numbers value whether with the third number hash value matches;
If so, determining that the biological information meets preset requirement, if otherwise not meeting preset requirement.
Preferably, described according to judging result, after the step of determining the legitimacy of subscriber authentication, comprising:
According to the subscriber authentication as a result, the terminal operating environment of configuration corresponding authority.
Preferably, it is described according to the subscriber authentication as a result, configuration corresponding authority terminal operating environment the step of,
Include:
Safety status classification is carried out to all application programs prestored in the terminal respectively, forms different safety class pair
The application list answered;
According to the quantity accounting for passing through verification step accounting whole verification step in verification result, the terminal is carried
The running environment of all SIM cards carries out security level assessment respectively;
Obtain the corresponding security level of SIM card of current network connection;
According to the corresponding security level of SIM card that current network connects, match corresponding with the SIM card that current network connects
The consistent the application list of security level.
Present invention also provides the authentication means of terminal user a kind of, the terminal has corresponding SIM card, the dress
It sets and includes:
First obtain module, for obtain respectively user input account key information, user biological information with
And the current SIM card that the terminal is carried;
First judgment module, for judge respectively user input account key information, user biological information with
And whether the current SIM card that the terminal is carried matches with pre-stored information;
Determining module, for determining the legitimacy of subscriber authentication according to judging result.
The present invention also provides a kind of storage mediums, are computer-readable storage medium, are stored thereon with computer journey
Sequence, computer program are performed the auth method for realizing above-mentioned terminal user.
The present invention also provides a kind of computer equipments, which is characterized in that it includes processor, memory and is stored in storage
On device and the computer program that can run on a processor, processor realize above-mentioned terminal user's when executing computer program
Auth method.
Beneficial effects of the present invention: by judge the account of user's input, password whether with the information that is prestored in database
Account, the correctness of password of user's input are verified in matching;By judging whether the biological information of user meets the requirements,
Bio-identification link is added, to judge to input whether the operation of account number cipher is to operate in person;By judging what terminal was carried
Whether current SIM card meets the requirements, and the current SIM card for judging that user uses account whether authorized and terminal is carried is
No effective, above step is all linked with one another, to substantially increase the reliability of subscriber authentication.
Detailed description of the invention
Fig. 1 is the flow diagram of the auth method of the terminal user of one embodiment of the application;
Fig. 2 is the structural schematic diagram of the authentication means of the terminal user of one embodiment of the application;
Fig. 3 is the structural schematic diagram of the authentication means second embodiment of the terminal user of another embodiment of the application;
Fig. 4 is the structural schematic diagram of the configuration module of one embodiment of the application;
Fig. 5 is the structural schematic diagram of the first judgment module of one embodiment of the application;
Fig. 6 is the structural schematic diagram of the third judging submodule of one embodiment of the application;
Fig. 7 is the structural schematic diagram of the second judgment module of one embodiment of the application;
Fig. 8 is the structural schematic diagram of the third judgment module of one embodiment of the application;
Fig. 9 is the structural block diagram of one embodiment of storage medium provided by the present application;
Figure 10 is the structural block diagram of one embodiment of computer equipment provided by the present application.
The embodiments will be further described with reference to the accompanying drawings for the realization, the function and the advantages of the object of the present invention.
Specific embodiment
It should be appreciated that the specific embodiments described herein are merely illustrative of the present invention, it is not intended to limit the present invention.
Referring to Fig.1, the auth method that the present invention provides terminal user a kind of, comprising:
A: obtain what the account key information of user's input, the biological information of user and the terminal were carried respectively
Current SIM card;
B: judge what the account key information of user's input, the biological information of user and the terminal were carried respectively
Whether current SIM card matches with pre-stored information;
C: according to judging result, the legitimacy of subscriber authentication is determined.
What the account key information of user's input, the biological information of user and the terminal of the application was carried works as
Three kinds of data of preceding SIM card can acquire simultaneously, or successively acquire in a different order, be not construed as limiting.The present embodiment
For illustrating realization process in such a way that next coming in order obtain and gradually judge.Above-mentioned step A to C can be refined as walking as follows
It is rapid:
S1: account, the password of user's input are obtained.
In embodiments of the present invention, terminal includes but is not limited to smart phone.When terminal opens subscriber authentication, pop-up
Input frame reminds user to input account, password.Terminal obtains the account and password of user's input.
S2: judge the account of user's input, password whether with the information matches that are pre-stored in database.
Information in database include but is not limited to the account of user, password, user biological information.In the present invention
In embodiment, the account of user's input, password respectively be pre-stored in account in database, password corresponds, and in database
Pre-stored each account, password are also matched with different related informations respectively, and related information includes but is not limited to the life of user
Object characteristic information and rear obtained ordered series of numbers value information etc. is encrypted to password in advance.Pass through the account for inputting user
Family key information and related information carry out matching comparison, it may be verified that user inputs account, the correctness of password.
S3: if so, obtain the biological information of user, judge whether biological information meets first and default want
It asks.
In embodiments of the present invention, terminal obtains the biological information of user, and biological information includes but is not limited to
One of finger print information, facial feature information, iris information and voiceprint are a variety of.The biology that terminal obtains user is special
After reference breath, judge whether biological information meets the first preset requirement.By aforesaid operations, terminal can determine whether input account
Number, the operation of password whether be to operate in person, verifying link is added by biological identification technology, other people is reduced and cracks user's account
Number risk.
S4: if so, whether the current SIM card for judging that terminal is carried meets the second preset requirement.
In embodiments of the present invention, terminal includes but is not limited to the smart phone that can carry multiple SIM card, to have four
For four cards four of SIM card are to smart phone.In embodiments of the present invention, the current SIM card that terminal is carried is as hardware keys
Spoon uses.User also needs to carry out body by four SIM cards after verifying link by the verifying of account key information, bio-identification
Part verifying;Terminal judges whether four SIM cards meet the second preset requirement respectively, default wants if four SIM cards meet second
It asks, then illustrates that the user of current input information is terminal legitimate user.
S5: if so, obtaining the corresponding subscriber identity information of user, and determine subscriber authentication success.
In embodiments of the present invention, after the verifying of above-mentioned link, terminal obtains the corresponding subscriber identity information of user,
Such as address name, and determine subscriber authentication success.By judge the account of user's input, password whether with it is pre- in database
The information matches deposited verify account, the correctness of password of user's input;By judging whether the biological information of user accords with
It closes and requires, add bio-identification link, to judge to input whether the operation of account number cipher is to operate in person;By judging terminal
Whether the current SIM card of carrying meets the requirements, and judges that user is current using whether account authorized and terminal is carried
Whether SIM card is effective, and above step is all linked with one another, to substantially increase the reliability of subscriber authentication.
Further, according to judging result, after the step C for determining the legitimacy of subscriber authentication, comprising:
S6: according to subscriber authentication as a result, the terminal operating environment of configuration corresponding authority.Wherein, running environment includes
Workable software, the hardware resource and file system setting, can called.
Further, it is described according to the subscriber authentication as a result, configuration corresponding authority terminal operating environment step
Rapid S6, comprising:
S60: safety status classification is carried out to all application programs prestored in the terminal respectively, forms different safety etc.
The corresponding the application list of grade;
S61: according to the quantity accounting for passing through verification step accounting whole verification step in verification result, the terminal is taken
The running environment of all SIM cards carried carries out security level assessment respectively;
S62: the corresponding security level of SIM card of current network connection is obtained;
S63: the corresponding security level of SIM card connected according to current network matches the SIM card pair connecting with current network
The consistent the application list of the security level answered.
In embodiments of the present invention, terminal has a virtual platform based on android system, passes through modification
Framework layers of Virtual Realization, android system assembly management, File System Virtual and application process management to
Multiple application spaces are supported on smart phone, and achieve the effect that not interfere with each other.Wherein, different application spaces runs different
The application list, i.e., it is corresponding from different terminal operating environments.For example the highest level of terminal operating environment is level Four,
Corresponding four verification steps, rank are followed successively by password authentification step, fingerprint authentication step, voice print verification step and people from low to high
Face identifies verification step, i.e., the user for all having passed through four verification steps obtains the highest access right of terminal, then can match
The application class table of highest safety coefficient, the application list of highest safety coefficient include software money all in terminal
Source and hardware resource.Three verification steps are only passed through when user is in verifying, not by recognition of face verification step, have then passed through
The quantity accounting of verification step accounting whole verification step is 75%, then can match the Application Column for calling safety coefficient slightly lower
Table, the slightly lower the application list of safety coefficient do not include payment software etc..And so on, all verifying walks verification step accounting
The safety coefficient of the application list that rapid quantity accounting is 50% is lower, does not include being related to user's letter in the application list
Telephone directory book, wechat, QQ of breath etc..The Application Column that the quantity accounting of verification step accounting whole verification step is 0%
The safety coefficient of table is minimum, and network is forbidden connecting, and emergency call interface is only included in the application list, is equivalent to terminal and is in
It is unable to normal operating condition.Skilled person will appreciate that the product of software and hardware combining, the use of hardware resource is by software
What driving was realized.In embodiments of the present invention, authentication of the user A by terminal, the identity information of terminal acquisition user A,
Corresponding running environment is arranged in terminal system, which includes software resource and hardware resource workable for user, such as uses
Software resource workable for the A of family is " wechat ", and terminal system authorizes user's permission of A using terminal loudspeaker in software view,
Therefore after user A is verified by terminal identity, workable hardware resource is loudspeaker, and workable software resource is " wechat "
And file corresponding with user A and system are arranged.In other embodiments of the present invention, user B is tested by the identity of terminal
Card, terminal obtain the identity information of user B, and corresponding running environment is arranged in terminal system, which includes that user can make
Software resource and hardware resource, the software resource as workable for user B are " Alipay ", and terminal system is personally instructed in software layer
Give the permission that user B uses flash lamp.Therefore after user B is verified by terminal identity, workable hardware resource is flash lamp,
Workable software resource is " Alipay " and file corresponding with user B and system setting.Workable for each user
Software resource and hardware resource be it is pre-set, in the case where no system authorization, can not any using terminal hardware
Resource and software resource.That is user A is not available " Alipay " and " flash lamp ", and user B is not available " wechat " and " loudspeaking
Device ".By aforesaid operations, guarantee that by the user verified be by authorized in propria persona behaviour to the access of its terminal resource
Make.
Further, the account key information of user's input, the biological information of user and the end are judged respectively
The step the B whether current SIM card that end is carried matches with pre-stored information, comprising:
S40a: judge user input account key information whether with the information matches that are pre-stored in database;
S40b: if so, obtaining the biological information of the user, it is pre- to judge whether the biological information meets
If it is required that;
S41: if so, obtaining the corresponding id information of each SIM card institute that terminal is carried, the first ID set is generated;
S42: acquisition is pre-stored in the 2nd ID set corresponding with the terminal in the database, the 2nd ID set packet
The id information of each SIM card associated by legitimate user containing terminal;
S43: judge whether the 2nd ID set belongs to the subset of the first ID set;
S44: if so, judging whether the first SIM card in subset is effective respectively, wherein the first SIM card is in terminal
All SIM cards corresponding with id information in the 2nd ID set;
S45: if being effectively to determine the account key information of user's input, the biological information of user and institute
The current SIM card for stating terminal carrying matches with pre-stored information.
In embodiments of the present invention, terminal includes but is not limited to the smart phone that can carry multiple SIM card, wherein intelligence
Mobile phone be by with four SIM cards four card four to smart phone for, for example, smart phone can carry China Mobile's SIM card,
China Unicom SIM card, China Telecom's SIM card and China Railway Telecom's SIM card.Id information includes the ICCID (Integrate of SIM card
Circuit card identity integrated circuit card identification code, abbreviation ICCID), for example terminal reads four SIM cards respectively
ICCID generates the first ID set.Acquisition is pre-stored in database the 2nd ID set corresponding with the terminal, and the 2nd ID set includes
The id information of each SIM card associated by terminal legitimate user.For example, obtaining the legitimate user of the pre-recorded obtained terminal
The SIM card that should be used is China Mobile's SIM card, China Unicom SIM card and China Railway Telecom's SIM card, and above-mentioned three are stuck in
Corresponding ICCID in database, composition the 2nd ID set.Above-mentioned database can be local data base, be also possible to net
Network database.One terminal can have N (N is greater than zero integer) a terminal legitimate user, and each terminal legitimate user is answered
When the SIM card used has multiple, based on corresponding 2nd ID of the generation of each SIM card associated by each terminal legitimate user
Set, thus in database twoth ID corresponding with terminal set can have it is N number of.As long as corresponding with present terminal in database
Meaning one the 2nd ID collection be combined into its first ID set subset, then judge respectively the 2nd ID set in each SIM card whether
Effectively, that is, judge whether China Mobile's SIM card, China Unicom SIM card and China Railway Telecom's SIM card are effective.Above-mentioned effective expression card
In activation available mode.If China Mobile's SIM card, China Unicom SIM card and China Railway Telecom's SIM card are effective, it is determined that eventually
Each SIM card that end is carried meets preset requirement, the account key information of user's input, the biological information of user and described
The current SIM card that terminal is carried matches with pre-stored information.Corresponding with terminal the is pre-stored in database by judgement
Two ID set whether be the first ID set subset, can determine whether each SIM card associated by terminal legitimate user carries
In present terminal, only when the judgment result is yes, the validity of SIM card is just further verified, to prevent other people from distorting terminal
The ICCID of the current SIM card of carrying, cracks user account.It is whether effective by judging current SIM card, to prevent other people logical
The current SIM card that duplication terminal is carried is crossed, to crack user account.
Further, the whether effective step S44 of the first SIM card in subset is judged respectively, comprising:
S441: the corresponding id information of each first SIM card in subset is obtained;
S442: respectively encrypting the corresponding id information of each first SIM card by the first Encryption Algorithm, generates the first number
Train value;
S443: for each first SIM card, by first SIM card by its corresponding described first ordered series of numbers value with
Presets are sent to server, wherein whether the current SIM card that server is used to verify terminal carrying is effective;
S444: server is obtained for the second ordered series of numbers value of the corresponding telephone number feedback of first SIM card;
S445: judge whether the first ordered series of numbers value and the second ordered series of numbers value are identical;
S446: if so, determining that first SIM card in subset is effective.
In embodiments of the present invention, terminal includes but is not limited to smart phone, wherein smart phone is with four SIM
Four cards four of card are to smart phone.Smart phone carry China Mobile's SIM card, China Unicom SIM card, China Telecom's SIM card and
China Railway Telecom's SIM card.By taking China Mobile's SIM card as an example, terminal obtains the corresponding ICCID of China Mobile's SIM card, and moves to China
The ICCID of dynamic SIM card is encrypted by hash algorithm, generates the first ordered series of numbers value.Terminal generates one and carries the first ordered series of numbers value
Local short message, send preset server for local short message.After server receives short message, China Mobile SIM is parsed
Block corresponding isdn telephone number, server finds China Mobile according to the corresponding isdn telephone number of China Mobile's SIM card
The corresponding ordered series of numbers value of corresponding ICCID, the ordered series of numbers value are the second ordered series of numbers value, and are sent out in the form of short message SIM card in the database
Give China Mobile's SIM card corresponding isdn telephone number, i.e., the short message with the second ordered series of numbers value is sent to terminal by server.
Terminal obtains the second ordered series of numbers value from the short message that server is returned, and judges whether the first ordered series of numbers value and the second ordered series of numbers value are identical.
If so, determining that SIM card is effective.The verification mode of China Unicom SIM card, China Telecom's SIM card and China Railway Telecom's SIM card is in
The mobile SIM card verification mode of state is identical, and so it will not be repeated.Since every SIM card has ISDN phone that is corresponding and can not modifying
Number, even if the ICCID for the current SIM card that terminal is carried is replicated by other people, but the SIM card due to duplication is worked as with what terminal was carried
Preceding SIM card isdn telephone number is inconsistent, and ISDN number can not be distorted, other people can not receive service by the SIM card of duplication
Device verifying short message corresponding with the current SIM card that terminal is carried, to substantially increase the reliability that SIM card is effectively verified.
Further, account key information includes password and account, judge user's input account key information whether with
It is pre-stored in the step S2 of the information matches in database, comprising:
S21: computations are carried out to the password that user inputs by the second Encryption Algorithm, generate third ordered series of numbers value;
S22: the account inputted according to user obtains the 4th ordered series of numbers value of corresponding account, wherein database from database
In prestore the corresponding relationship of account Yu the 4th ordered series of numbers value;
S23: judge third ordered series of numbers value whether with the 4th number hash value matches;
S24: if so, determining the account key information of user's input and the information matches being pre-stored in database, if not
Then mismatch.
In embodiments of the present invention, terminal includes but is not limited to smart phone.Terminal judges the account number cipher of user's input
Process it is as follows, intelligent terminal obtains the account of user's input, after password, wherein the form of password can be text or figure
Case;The password of user's input is encrypted by hash algorithm, generates first password ordered series of numbers value, first password ordered series of numbers value is the first number
Train value;The account that terminal is inputted according to user searches corresponding password ordered series of numbers in the database, which is the second password
Ordered series of numbers value, the second password ordered series of numbers value are the second ordered series of numbers value, wherein database includes but is not limited to local data base and cloud service
Device database;Finally, intelligent terminal judges whether the first ordered series of numbers value and the second close ordered series of numbers value are identical, if they are the same, then determine user
Account, password and the information matches being pre-stored in database of input.By aforesaid operations, terminal needs user's input matched
Account, password could pass through next link of progress authentication, the superseded user for attempting to crack other people account number ciphers.In addition,
It is the ordered series of numbers judgement generated using password through hash algorithm that terminal, which judges that user inputs the whether matched process of information, without direct
Judged using password, reduce the exposure of password, effectively prevent the leakage of user password.
Further, the biological information for obtaining user, judges whether biological information meets the first preset requirement
Step S3, comprising:
S31: the biological information of user is obtained;Biological information is pre-processed, the first biological characteristic is generated
Information;
S32: according to the corresponding relationship of the biological information and ordered series of numbers value that prestore in database, corresponding first biology is obtained
5th ordered series of numbers value of characteristic information;
S33: judge the 5th ordered series of numbers value whether with third number hash value matches;
S34: if so, determining that biological information meets the first preset requirement, if otherwise not meeting the first preset requirement.
In embodiments of the present invention, terminal includes but is not limited to smart phone.Terminal notifying user inputs biological characteristic letter
Breath, alerting pattern includes but is not limited to voice and text.Terminal obtains the biological information of user, including but not limited to fingerprint
One of information, facial feature information, iris information and voiceprint are a variety of.Biological information of the terminal to acquisition
It is pre-processed, so that terminal is easier to extract biological information.Above-mentioned preprocessing process includes to biological information
Picture is filtered denoising etc., keeps image apparent.The biological information extracted according to terminal, database find with
The corresponding user account of biological information, terminal obtain the 5th ordered series of numbers value corresponding with the user account from database.
5th ordered series of numbers value is rear obtained secret value to be encrypted to password corresponding to the user account, and the process is made
Encryption Algorithm is in above-mentioned steps S21, used Encryption Algorithm when carrying out computations to the password of user's input.Its
In, database includes but is not limited to local data base or cloud server database.Terminal judges the 5th ordered series of numbers value and third
Whether ordered series of numbers value matches, i.e., terminal judges that the ordered series of numbers value of the password corresponding with user account obtained from server and user are defeated
Whether the corresponding ordered series of numbers value of the password entered is consistent.If the ordered series of numbers value of the password corresponding with user account obtained in server and use
The corresponding ordered series of numbers value of password of family input is consistent, then determines that biological information meets the first preset requirement.By aforesaid operations,
Terminal judges whether user biological characteristic information matches, and is according to user in the corresponding ordered series of numbers value of biological information and database
The comparison of the corresponding ordered series of numbers value of account, and the biological information stored in the biological information and database that nonterminal obtains
Between comparison, reduce biological characteristic expose link, thus reduce user biological characteristic information leakage possibility.
Further, if so, after determining the successful step S5 of subscriber authentication, comprising:
S51: subscriber identity information and corresponding verifying moment of the record when previous verifying;
S52: obtaining the historical record of user's checking identity, and historical record includes the user identity letter verified before previous
Breath and verifying moment;
S53: according to subscriber identity information and corresponding verifying moment and historical record, generating includes subscriber identity information
And the terminal at corresponding verifying moment uses list.
In embodiments of the present invention, terminal includes but is not limited to smart phone.In certain working and learning environment, intelligence
Mobile phone is used as public article by people.Terminal obtains subscriber identity information and verifying moment when previous verifying.Such as user C
On January 1st, 2019 13:00 pass through subscriber authentication.Terminal obtains the historical record of user's checking identity, as user A exists
12:00 on January 1 in 2019 is by authentication, and user B is in 12:30 on January 1st, 2019.Mobile phone is according to as previous verifying user
Identity information and verifying moment and historical record, generate a tool comprising user A, user B, user C and they respectively correspond
Verification time terminal use list.By aforesaid operations, terminal management person can accurately learn the user of using terminal and make
With the time, facilitate management.
Referring to Fig. 2, the present invention also provides the authentication means of terminal user a kind of, comprising:
First acquisition modules A: for obtain respectively user input account key information, user biological information with
And the current SIM card that the terminal is carried;
First judgment module B: for judge respectively user input account key information, user biological information with
And whether the current SIM card that the terminal is carried matches with pre-stored information;
Determining module C: for determining the legitimacy of subscriber authentication according to judging result.
What the account key information of user's input, the biological information of user and the terminal of the application was carried works as
Three kinds of data of preceding SIM card can acquire simultaneously, or successively acquire in a different order, be not construed as limiting.The present embodiment
For illustrating realization process in such a way that next coming in order obtain and gradually judge.
Referring to Fig. 3, above-mentioned modules A to module C can be replaced following multiple modules:
Second obtains module 1, for obtaining account, the password of user's input.
In embodiments of the present invention, terminal includes but is not limited to smart phone.When terminal opens subscriber authentication, pop-up
Input frame reminds user to input account, password.Terminal obtains the account and password of user's input.
Second judgment module 2, for judge user's input key information whether with the information that is pre-stored in database
Match.
Information in database include but is not limited to the account of user, password, user biological information.In the present invention
In embodiment, the account of user's input, password respectively be pre-stored in account in database, password corresponds, and in database
Pre-stored each account, password be also matched with respectively it is different and related information, related information includes but is not limited to user's
Biological information and rear obtained ordered series of numbers value information etc. is encrypted to password in advance.Pass through input user
Account key information carries out matching comparison matching with related information and is associated with.Pass through aforesaid operations, it may be verified that user inputs account, close
The correctness of code.
Third judgment module 3, for if so, obtain user biological information, whether judge biological information
Meet the first preset requirement.
In embodiments of the present invention, terminal obtains the biological information of user, and biological information includes but is not limited to
One of finger print information, facial feature information, iris information and voiceprint are a variety of.The biology that terminal obtains user is special
After reference breath, judge whether biological information meets the first preset requirement.By aforesaid operations, terminal can determine whether input account
Number, the operation of password whether be to operate in person, verifying link is added by biological identification technology, other people is reduced and cracks user's account
Number risk.
4th judgment module 4, for if so, whether the current SIM card for judging that terminal is carried meets the second preset requirement.
In embodiments of the present invention, terminal includes but is not limited to the smart phone that can carry multiple SIM card, with intelligent hand
For machine blocks four to smart phone for four with four SIM cards.In embodiments of the present invention, the current SIM card that terminal is carried
It is used as hardware key.User also needs after verifying link by the verifying of account key information, bio-identification by four
SIM card carries out authentication;Terminal judges whether four SIM cards meet the second preset requirement respectively, if four SIM cards meet
Second preset requirement then illustrates that the user of current input information is terminal legitimate user.
Execution module 5, for if so, obtain the corresponding subscriber identity information of user, and determine subscriber authentication at
Function.
In embodiments of the present invention, after the verifying of above-mentioned link, terminal obtains the corresponding subscriber identity information of user,
Such as address name, and determine subscriber authentication success.By judge the account of user's input, password whether with it is pre- in database
The information matches deposited verify account, the correctness of password of user's input;By judging whether the biological information of user accords with
It closes and requires, add bio-identification link, to judge to input whether the operation of account number cipher is to operate in person;By judging terminal
Whether the current SIM card of carrying meets the requirements, and judges that user is current using whether account authorized and terminal is carried
Whether SIM card is effective, and above step is all linked with one another, to substantially increase the reliability of subscriber authentication.
Further, a kind of authentication means of terminal user further include configuration module 6.
Configuration module 6, for according to subscriber authentication as a result, configuration corresponding authority terminal operating environment.Wherein, it transports
Row environment includes workable software, system setting, the hardware resource and file that can call.
Referring to Fig. 4, configuration module 6 includes:
Submodule 60 is divided, for carrying out safety status classification respectively to all application programs prestored in the terminal,
Form the corresponding the application list of different safety class;
Submodule 61 is assessed, for accounting for according in verification result by the quantity of verification step accounting whole verification step
Than carrying out security level assessment respectively to the running environment for all SIM cards that the terminal is carried;
First acquisition submodule 62, for obtaining the corresponding security level of SIM card of current network connection;
Matched sub-block 63, the corresponding security level of SIM card for being connected according to current network, matching and current network
The consistent the application list of the corresponding security level of the SIM card of connection.
In embodiments of the present invention, terminal has a virtual platform based on android system, passes through modification
Framework layers of Virtual Realization, android system assembly management, File System Virtual and application process management to
Multiple application spaces are supported on smart phone, and achieve the effect that not interfere with each other.Wherein, different application spaces runs different
The application list, i.e., it is corresponding from different terminal operating environments.For example the highest level of terminal operating environment is level Four,
Corresponding four verification steps, rank are followed successively by password authentification step, fingerprint authentication step, voice print verification step and people from low to high
Face identifies verification step, i.e., the user for all having passed through four verification steps obtains the highest access right of terminal, then can match
The application class table of highest safety coefficient, the application list of highest safety coefficient include software money all in terminal
Source and hardware resource.Three verification steps are only passed through when user is in verifying, not by recognition of face verification step, have then passed through
The quantity accounting of verification step accounting whole verification step is 75%, then can match the Application Column for calling safety coefficient slightly lower
Table, the slightly lower the application list of safety coefficient do not include payment software etc..And so on, all verifying walks verification step accounting
The safety coefficient of the application list that rapid quantity accounting is 50% is lower, does not include being related to user's letter in the application list
Telephone directory book, wechat, QQ of breath etc..The Application Column that the quantity accounting of verification step accounting whole verification step is 0%
The safety coefficient of table is minimum, and network is forbidden connecting, and emergency call interface is only included in the application list, is equivalent to terminal and is in
It is unable to normal operating condition.Skilled person will appreciate that the product of software and hardware combining, the use of hardware resource is by software
What driving was realized.In embodiments of the present invention, authentication of the user A by terminal, the identity information of terminal acquisition user A,
Corresponding running environment is arranged in terminal system, which includes software resource and hardware resource workable for user, such as uses
Software resource workable for the A of family is " wechat ", and terminal system authorizes user's permission of A using terminal loudspeaker in software view,
Therefore after user A is verified by terminal identity, workable hardware resource is loudspeaker, and workable software resource is " wechat "
And file corresponding with user A and system are arranged.In other embodiments of the present invention, user B is tested by the identity of terminal
Card, terminal obtain the identity information of user B, and corresponding running environment is arranged in terminal system, which includes that user can make
Software resource and hardware resource, the software resource as workable for user B are " Alipay ", and terminal system is personally instructed in software layer
Give the permission that user B uses flash lamp.Therefore after user B is verified by terminal identity, workable hardware resource is flash lamp,
Workable software resource is " Alipay " and file corresponding with user B and system setting.Workable for each user
Software resource and hardware resource be it is pre-set, in the case where no system authorization, can not any using terminal hardware
Resource and software resource.That is user A is not available " Alipay " and " flash lamp ", and user B is not available " wechat " and " loudspeaking
Device ".By aforesaid operations, guarantee that by the user verified be by authorized in propria persona behaviour to the access of its terminal resource
Make.
Include: referring to Fig. 5, first judgment module B
First judging submodule 40a, for judge user input account key information whether be pre-stored in data
Information matches in library;
Second acquisition submodule 40b, for judging the biology if so, obtain the biological information of the user
Whether characteristic information meets preset requirement;
Third acquisition submodule 41, for if so, obtain the corresponding id information of each SIM card institute that terminal carries,
Generate the first ID set;
4th acquisition submodule 42 is pre-stored in the 2nd ID collection corresponding with the terminal in the database for obtaining
It closes, the id information of the 2nd ID set comprising each SIM card associated by terminal legitimate user;
Second judgment submodule 43, for judging whether the 2nd ID set belongs to the subset of the first ID set;
Third judging submodule 44, for if so, judging whether the first SIM card in subset is effective respectively, wherein
First SIM card is all SIM cards corresponding with id information in the 2nd ID set in terminal;
First decision sub-module 45, if for being the life for effectively determining the account key information, user of user's input
The current SIM card that object characteristic information and the terminal are carried matches with pre-stored information.
In embodiments of the present invention, terminal includes but is not limited to the smart phone that can carry multiple SIM card, wherein intelligence
Mobile phone be by with four SIM cards four card four to smart phone for, for example, smart phone can carry China Mobile's SIM card,
China Unicom SIM card, China Telecom's SIM card and China Railway Telecom's SIM card.Id information includes the ICCID (Integrate of SIM card
Circuit card identity integrated circuit card identification code, abbreviation ICCID), for example terminal reads four SIM cards respectively
ICCID generates the first ID set.Acquisition is pre-stored in database the 2nd ID set corresponding with the terminal, and the 2nd ID set includes
The id information of each SIM card associated by terminal legitimate user.For example, obtaining the legitimate user of the pre-recorded obtained terminal
The SIM card that should be used is China Mobile's SIM card, China Unicom SIM card and China Railway Telecom's SIM card, and above-mentioned three are stuck in
Corresponding ICCID in database, composition the 2nd ID set.Above-mentioned database can be local data base, be also possible to net
Network database.One terminal can have N (N is greater than zero integer) a terminal legitimate user, and each terminal legitimate user is answered
When the SIM card used has multiple, based on corresponding 2nd ID of the generation of each SIM card associated by each terminal legitimate user
Set, thus in database twoth ID corresponding with terminal set can have it is N number of.As long as corresponding with present terminal in database
Meaning one the 2nd ID collection be combined into its first ID set subset, then judge respectively the 2nd ID set in each SIM card whether
Effectively, that is, judge whether China Mobile's SIM card, China Unicom SIM card and China Railway Telecom's SIM card are effective.Above-mentioned effective expression card
In activation available mode.If China Mobile's SIM card, China Unicom SIM card and China Railway Telecom's SIM card are effective, it is determined that eventually
Each SIM card that end is carried meets preset requirement, the account key information of user's input, the biological information of user and described
The current SIM card that terminal is carried matches with pre-stored information.Corresponding with terminal the is pre-stored in database by judgement
Two ID set whether be the first ID set subset, can determine whether each SIM card associated by terminal legitimate user carries
In present terminal, only when the judgment result is yes, the validity of SIM card is just further verified, to prevent other people from distorting terminal
The ICCID of the current SIM card of carrying, cracks user account.It is whether effective by judging current SIM card, to prevent other people logical
The current SIM card that duplication terminal is carried is crossed, to crack user account.
Referring to Fig. 6, third judging submodule 44 includes:
First acquisition unit 441, for obtaining the corresponding id information of each first SIM card in subset respectively;
Encryption unit 442, for being added respectively to the corresponding id information of each first SIM card by the first Encryption Algorithm
It is close, generate the first ordered series of numbers value;
Transmission unit 443, for for each first SIM card, by first SIM card by its corresponding described the
One ordered series of numbers value is sent to server in a preset form, wherein whether the current SIM card that server is used to verify terminal carrying has
Effect;
Second acquisition unit 444, for obtaining server for the of first SIM card corresponding telephone number feedback
Two ordered series of numbers values;
Judging unit 445, for judging whether the first ordered series of numbers value and the second ordered series of numbers value are identical;
Judging unit 446, for if so, determining that first SIM card in subset is effective.
In embodiments of the present invention, terminal includes but is not limited to smart phone, wherein smart phone is with four SIM
Four cards four of card are to smart phone.Smart phone carry China Mobile's SIM card, China Unicom SIM card, China Telecom's SIM card and
China Railway Telecom's SIM card.By taking China Mobile's SIM card as an example, terminal obtains the corresponding ICCID of China Mobile's SIM card, and moves to China
The ICCID of dynamic SIM card is encrypted by hash algorithm, generates the first ordered series of numbers value.Terminal generates one and carries the first ordered series of numbers value
Local short message, send preset server for local short message.After server receives short message, China Mobile SIM is parsed
Block corresponding isdn telephone number, server finds China Mobile according to the corresponding isdn telephone number of China Mobile's SIM card
The corresponding ordered series of numbers value of corresponding ICCID, the ordered series of numbers value are the second ordered series of numbers value, and are sent out in the form of short message SIM card in the database
Give China Mobile's SIM card corresponding isdn telephone number, i.e., the short message with the second ordered series of numbers value is sent to terminal by server.
Terminal obtains the second ordered series of numbers value from the short message that server is returned, and judges whether the first ordered series of numbers value and the second ordered series of numbers value are identical.
If so, determining that SIM card is effective.The verification mode of China Unicom SIM card, China Telecom's SIM card and China Railway Telecom's SIM card is in
The mobile SIM card verification mode of state is identical, and so it will not be repeated.Since every SIM card has ISDN phone that is corresponding and can not modifying
Number, even if the ICCID for the current SIM card that terminal is carried is replicated by other people, but the SIM card due to duplication is worked as with what terminal was carried
Preceding SIM card isdn telephone number is inconsistent, and ISDN number can not be distorted, other people can not receive service by the SIM card of duplication
Device verifying short message corresponding with the current SIM card that terminal is carried, to substantially increase the reliability that SIM card is effectively verified.
Referring to Fig. 7, account key information includes password and account, and the second judgment module 2 includes:
Submodule 21 is encrypted, the password for input by the second Encryption Algorithm to user carries out computations, generation the
Three ordered series of numbers values;
5th acquisition submodule 22, the account for being inputted according to user obtain the 4th of corresponding account from database
Ordered series of numbers value, wherein the corresponding relationship of account Yu the 4th ordered series of numbers value is prestored in database;
4th judging submodule 23, for judge third ordered series of numbers value whether with the 4th number hash value matches;
Second decision sub-module 24, for if so, determining the account key information of user's input and being pre-stored in database
In information matches, if otherwise mismatching.
In embodiments of the present invention, terminal includes but is not limited to smart phone.Terminal judges the account number cipher of user's input
Process it is as follows, intelligent terminal obtains the account of user's input, after password, wherein the form of password can be text or figure
Case;The password of user's input is encrypted by hash algorithm, generates first password ordered series of numbers value, first password ordered series of numbers value is the first number
Train value;The account that terminal is inputted according to user searches corresponding password ordered series of numbers in the database, which is the second password
Ordered series of numbers value, the second password ordered series of numbers value are the second ordered series of numbers value, wherein database includes but is not limited to local data base and cloud service
Device database;Finally, intelligent terminal judges whether the first ordered series of numbers value and the second close ordered series of numbers value are identical, if they are the same, then determine user
Account, password and the information matches being pre-stored in database of input.By aforesaid operations, terminal needs user's input matched
Account, password could pass through next link of progress authentication, the superseded user for attempting to crack other people account passwords.In addition,
It is the ordered series of numbers judgement generated using password through hash algorithm that terminal, which judges that user inputs the whether matched process of information, without direct
Judged using password, reduce the exposure of password, effectively prevent the leakage of user password.
Referring to Fig. 8, third judgment module 3 includes:
6th acquisition submodule 31, for obtaining the biological information of user;Biological information is pre-processed,
Generate the first biological information;
7th acquisition submodule 32, for being closed according to the biological information prestored in database is corresponding with ordered series of numbers value
System obtains the 5th ordered series of numbers value of corresponding first biological information;
5th judging submodule 33, for judge the 5th ordered series of numbers value whether with third number hash value matches;
Third decision sub-module 34, for if so, determining that biological information meets the first preset requirement.
In embodiments of the present invention, terminal includes but is not limited to smart phone.Terminal notifying user inputs biological characteristic letter
Breath, alerting pattern includes but is not limited to voice and text.Terminal obtains the biological information of user, including but not limited to fingerprint
One of information, facial feature information, iris information and voiceprint are a variety of.Biological information of the terminal to acquisition
It is pre-processed, so that terminal is easier to extract biological information.Above-mentioned preprocessing process includes to biological information
Picture is filtered denoising etc., keeps image apparent.The biological information extracted according to terminal, database find with
The corresponding user account of biological information, terminal obtain the 5th ordered series of numbers value corresponding with the user account from database.
5th ordered series of numbers value is rear obtained secret value to be encrypted to password corresponding to the user account, and the process is made
Encryption Algorithm is in above-mentioned steps S21, used Encryption Algorithm when carrying out computations to the password of user's input.Its
In, database includes but is not limited to local data base or cloud server database.Terminal judges the 5th ordered series of numbers value and third
Whether ordered series of numbers value matches, i.e., terminal judges that the ordered series of numbers value of the password corresponding with user account obtained from server and user are defeated
Whether the corresponding ordered series of numbers value of the password entered is consistent.If the ordered series of numbers value of the password corresponding with user account obtained in server and use
The corresponding ordered series of numbers value of password of family input is consistent, then determines that biological information meets the first preset requirement.By aforesaid operations,
Terminal judges whether user biological characteristic information matches, and is according to user in the corresponding ordered series of numbers value of biological information and database
The comparison of the corresponding ordered series of numbers value of account, and the biological information stored in the biological information and database that nonterminal obtains
Between comparison, reduce biological characteristic expose link, thus reduce user biological characteristic information leakage possibility.
Further, a kind of authentication means of terminal user further include logging modle, the second acquisition module and list
Generation module.
Logging modle, for recording the subscriber identity information for working as previous verifying and corresponding verifying moment;
Third obtains module, and for obtaining the historical record of user's checking identity, historical record includes to test before previous
The subscriber identity information of card and verifying moment;
List generation module, for generating packet according to subscriber identity information and corresponding verifying moment and historical record
Terminal containing subscriber identity information and corresponding verifying moment uses list.
In embodiments of the present invention, terminal includes but is not limited to smart phone.In certain working and learning environment, intelligence
Mobile phone is used as public article by people.Terminal obtains subscriber identity information and verifying moment when previous verifying.Such as user C
On January 1st, 2019 13:00 pass through subscriber authentication.Terminal obtains the historical record of user's checking identity, as user A exists
12:00 on January 1 in 2019 is by authentication, and user B is in 12:30 on January 1st, 2019.Mobile phone is according to as previous verifying user
Identity information and verifying moment and historical record, generate a tool comprising user A, user B, user C and they respectively correspond
Verification time terminal use list.By aforesaid operations, terminal management person can accurately learn the user of using terminal and make
With the time, facilitate management.
With reference to Fig. 9, present invention also provides a kind of storage medium 100, computer program is stored in storage medium 100
200, when run on a computer, so that computer executes the authentication side of terminal user described in above embodiments
Method.
With reference to Figure 10, the computer equipment 300 comprising instruction that present invention also provides a kind of, when it is in computer equipment
When being run on 300, so that computer equipment 300 is executed described in above embodiments by its internal processor 400 being arranged
The auth method of terminal user.
It will be understood by those skilled in the art that the authentication means of terminal user of the present invention and above-mentioned involved
For executing one or more equipment in method described herein.These equipment can specially set for required purpose
Meter and manufacture, or also may include the known device in general purpose computer.These equipment have the computer being stored in it
Program or application program, these computer programs are selectively activated or are reconstructed.Such computer program can be stored in
In equipment (for example, computer) readable medium or it is stored in and is suitable for storing e-command and is coupled to any class of bus respectively
In the medium of type, the computer-readable medium includes but is not limited to any kind of disk (including floppy disk, hard disk, CD, CD-
ROM and magneto-optic disk), ROM (Read-Only Memory, read-only memory), RAM (Random Access Memory, at random
Memory), EPROM (Erasable Programmable Read-Only Memory, Erarable Programmable Read only Memory),
(Electrically Erasable Programmable Read-Only Memory, electric erazable programmable is read-only to be deposited EEPROM
Reservoir), flash memory, magnetic card or light card.It is, readable medium includes by equipment (for example, computer) can read
Form storage or transmission information any medium.
The above description is only a preferred embodiment of the present invention, is not intended to limit the scope of the invention, all utilizations
Equivalent structure or equivalent flow shift made by description of the invention and accompanying drawing content is applied directly or indirectly in other correlations
Technical field, be included within the scope of the present invention.
Claims (10)
1. a kind of auth method of terminal user, which is characterized in that the terminal has corresponding SIM card, this method packet
It includes:
The current of the account key information of user's input, the biological information of user and terminal carrying is obtained respectively
SIM card;
It is current to judge that the account key information of user's input, the biological information of user and the terminal are carried respectively
Whether SIM card matches with pre-stored information;
According to judging result, the legitimacy of subscriber authentication is determined.
2. the auth method of terminal user according to claim 1, which is characterized in that described to judge that user is defeated respectively
The current SIM card that the biological information of the account key information, user that enter and the terminal are carried whether with it is pre-stored
The step of information matches, comprising:
Judge user input account key information whether with the information matches that are pre-stored in database;
If so, obtaining the biological information of the user, judge whether the biological information meets preset requirement;
If so, obtaining the corresponding id information of each SIM card institute that the terminal is carried, the first ID set is generated;
Acquisition is pre-stored in the 2nd ID set corresponding with the terminal in the database, and the 2nd ID set is closed comprising terminal
The id information of each SIM card associated by method user;
Judge the 2nd ID set whether be the first ID set subset;
If so, judging whether the first SIM card in the subset is effective respectively, wherein first SIM card is the end
All SIM cards corresponding with id information in the 2nd ID set in end;
If being effectively to determine that the account key information of user's input, the biological information of user and the terminal are taken
The current SIM card of load matches with pre-stored information.
3. the auth method of terminal user according to claim 2, which is characterized in that described to judge the son respectively
The first SIM card in collection whether effective step, comprising:
Obtain the corresponding id information of each first SIM card in the subset;
The corresponding id information of each first SIM card is encrypted respectively by the first Encryption Algorithm, generates the first ordered series of numbers value;
For each first SIM card, its corresponding described first ordered series of numbers value is sent out in a preset form by first SIM card
It send to server, wherein whether the server is used to verify the current SIM card that the terminal is carried effective;
The server is obtained for the second ordered series of numbers value of the corresponding telephone number feedback of first SIM card;
Judge whether the first ordered series of numbers value and the second ordered series of numbers value are identical;
If so, determining that first SIM card in the subset is effective.
4. the auth method of terminal user according to claim 2, which is characterized in that the account key information packet
Include password and account, the account key information for judging user's input whether with the information matches that are pre-stored in database
The step of, comprising:
Computations are carried out to the password that the user inputs by the second Encryption Algorithm, generate third ordered series of numbers value;
According to the account that the user inputs, the 4th ordered series of numbers value of the corresponding account is obtained from database, wherein institute
State the corresponding relationship that account Yu the 4th ordered series of numbers value are prestored in database;
Judge the third ordered series of numbers value whether with it is described 4th number hash value matches;
If so, the account key information of user's input and the information matches being pre-stored in the database are determined, if otherwise not
Matching.
5. the auth method of terminal user according to claim 4, which is characterized in that described to obtain the user's
Biological information judges the step of whether biological information meets preset requirement, comprising:
The biological information for obtaining user, pre-processes the biological information, determines the corresponding biological characteristic
The user account of information;
According to the corresponding relationship of the user account of the biological information prestored in the database and ordered series of numbers value, corresponding institute is obtained
State the 5th ordered series of numbers value of biological information;
Judge the 5th ordered series of numbers value whether with the third number hash value matches;
If so, determining that the biological information meets preset requirement, if otherwise not meeting preset requirement.
6. the auth method of terminal user according to claim 1, which is characterized in that it is described according to judging result,
After the step of determining the legitimacy of subscriber authentication, comprising:
According to the subscriber authentication as a result, the terminal operating environment of configuration corresponding authority.
7. the auth method of terminal user according to claim 6, which is characterized in that described according to user's body
Part verification result, the step of configuring the terminal operating environment of corresponding authority, comprising:
Safety status classification is carried out to all application programs prestored in the terminal respectively, it is corresponding to form different safety class
The application list;
According to the quantity accounting for passing through verification step accounting whole verification step in verification result, own to the terminal carrying
The running environment of SIM card carries out security level assessment respectively;
Obtain the corresponding security level of SIM card of current network connection;
According to the corresponding security level of SIM card that current network connects, safety corresponding with the SIM card that current network connects is matched
The consistent the application list of grade.
8. a kind of authentication means of terminal user, which is characterized in that the terminal has corresponding SIM card, the device packet
It includes:
First obtain module, for obtain respectively user input account key information, user biological information and institute
State the current SIM card of terminal carrying;
First judgment module, for judge respectively user input account key information, user biological information and institute
Whether the current SIM card for stating terminal carrying matches with pre-stored information;
Determining module, for determining the legitimacy of subscriber authentication according to judging result.
9. a kind of storage medium, which is characterized in that it is computer-readable storage medium, is stored thereon with computer program,
The computer program is performed the auth method for realizing terminal user as described in any one of claims 1 to 7.
10. a kind of computer equipment, which is characterized in that it includes processor, memory and is stored on the memory and can
The computer program run on the processor, the processor realize such as claim 1 when executing the computer program
The auth method of~7 described in any item terminal users.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910810586.0A CN110516427B (en) | 2019-08-29 | 2019-08-29 | Terminal user identity authentication method and device, storage medium and computer equipment |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910810586.0A CN110516427B (en) | 2019-08-29 | 2019-08-29 | Terminal user identity authentication method and device, storage medium and computer equipment |
Publications (2)
Publication Number | Publication Date |
---|---|
CN110516427A true CN110516427A (en) | 2019-11-29 |
CN110516427B CN110516427B (en) | 2022-03-11 |
Family
ID=68629345
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201910810586.0A Active CN110516427B (en) | 2019-08-29 | 2019-08-29 | Terminal user identity authentication method and device, storage medium and computer equipment |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN110516427B (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111738734A (en) * | 2020-06-22 | 2020-10-02 | 朱俊达 | Method for transferring and merging account information in block chain |
CN113221128A (en) * | 2020-01-21 | 2021-08-06 | 中国移动通信集团山东有限公司 | Account and password storage method and registration management system |
Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20140199972A1 (en) * | 2013-01-16 | 2014-07-17 | Nec Casio Mobile Communications, Ltd. | Cellular phone paired with wireless communication device via near field communication |
CN105046126A (en) * | 2015-05-21 | 2015-11-11 | 努比亚技术有限公司 | Encryption method and electronic apparatus |
CN106658463A (en) * | 2016-09-30 | 2017-05-10 | 宇龙计算机通信科技(深圳)有限公司 | Operating system login method, device and terminal |
CN106650373A (en) * | 2016-12-15 | 2017-05-10 | 珠海格力电器股份有限公司 | SIM card information protection method and device |
CN107070864A (en) * | 2016-12-30 | 2017-08-18 | 宇龙计算机通信科技(深圳)有限公司 | Safe verification method and system based on fingerprint |
CN107767137A (en) * | 2016-08-23 | 2018-03-06 | 中国移动通信有限公司研究院 | A kind of information processing method, device and terminal |
CN109816392A (en) * | 2019-01-19 | 2019-05-28 | 深圳市沃特沃德股份有限公司 | Intelligent payment method, device, computer equipment and storage medium |
-
2019
- 2019-08-29 CN CN201910810586.0A patent/CN110516427B/en active Active
Patent Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20140199972A1 (en) * | 2013-01-16 | 2014-07-17 | Nec Casio Mobile Communications, Ltd. | Cellular phone paired with wireless communication device via near field communication |
CN105046126A (en) * | 2015-05-21 | 2015-11-11 | 努比亚技术有限公司 | Encryption method and electronic apparatus |
CN107767137A (en) * | 2016-08-23 | 2018-03-06 | 中国移动通信有限公司研究院 | A kind of information processing method, device and terminal |
CN106658463A (en) * | 2016-09-30 | 2017-05-10 | 宇龙计算机通信科技(深圳)有限公司 | Operating system login method, device and terminal |
CN106650373A (en) * | 2016-12-15 | 2017-05-10 | 珠海格力电器股份有限公司 | SIM card information protection method and device |
CN107070864A (en) * | 2016-12-30 | 2017-08-18 | 宇龙计算机通信科技(深圳)有限公司 | Safe verification method and system based on fingerprint |
CN109816392A (en) * | 2019-01-19 | 2019-05-28 | 深圳市沃特沃德股份有限公司 | Intelligent payment method, device, computer equipment and storage medium |
Non-Patent Citations (3)
Title |
---|
JIAN XIAO等: "TrustZone-based Mobile Terminal Security System", 《网页在线公开:HTTPS://IEEEXPLORE.IEEE.ORG/STAMP/STAMP.JSP?TP=&ARNUMBER=8623556》 * |
刘镝等: ""沃互联"统一认证方案研究与应用", 《业务与运营》 * |
童恩等: "软件用户身份识别技术及应用", 《软件用户身份识别技术及应用》 * |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113221128A (en) * | 2020-01-21 | 2021-08-06 | 中国移动通信集团山东有限公司 | Account and password storage method and registration management system |
CN111738734A (en) * | 2020-06-22 | 2020-10-02 | 朱俊达 | Method for transferring and merging account information in block chain |
Also Published As
Publication number | Publication date |
---|---|
CN110516427B (en) | 2022-03-11 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN106797371B (en) | Method and system for user authentication | |
JP5727008B2 (en) | Operating system unlocking method and mobile phone | |
US7930264B2 (en) | Multi-module authentication platform | |
DE69934911T2 (en) | MOBILE PHONE AUTO PC LOGON | |
CN104184705B (en) | Verification method, device, server, subscriber data center and system | |
CN100485702C (en) | Method and apparatus for sequential authentication of user | |
EP2819050B1 (en) | Electronic signature system for an electronic document using a third-party authentication circuit | |
CN109450959A (en) | A kind of multiple-factor identity identifying method based on threat level | |
US20050039056A1 (en) | Method and apparatus for authenticating a user using three party question protocol | |
CN101335619B (en) | Authorized using method of disposal dynamic cipher telephone or short message | |
CN107241317A (en) | The method and subscriber terminal equipment and authentication server of living things feature recognition identity | |
US7263347B2 (en) | Biometric authentication of a wireless device user | |
CN109150541A (en) | A kind of Verification System and its working method | |
JPWO2003069489A1 (en) | Identification method | |
CN107196922A (en) | Identity identifying method, user equipment and server | |
KR20040093055A (en) | User authentication method and user authentication system | |
CN108764891A (en) | Secured mobile payment method, device, terminal device and readable storage medium storing program for executing | |
CN107864144A (en) | Obtain method and device, computer installation and the storage medium of dynamic password | |
CN105868970A (en) | Authentication method and electronic device | |
WO2004114075A2 (en) | Method, system, and apparatus for identification number authentication | |
CN104104671B (en) | Establish the unified dynamic authorization code system of business entity's account | |
CN104820814A (en) | Second-generation ID card anti-counterfeiting verification system | |
CN108512660B (en) | Virtual card verification method | |
US20230208637A1 (en) | Key management method and apparatus | |
CN110516427A (en) | Auth method, device, storage medium and the computer equipment of terminal user |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
TA01 | Transfer of patent application right | ||
TA01 | Transfer of patent application right |
Effective date of registration: 20211130 Address after: 518000 201, No.26, yifenghua Innovation Industrial Park, Xinshi community, Dalang street, Longhua District, Shenzhen City, Guangdong Province Applicant after: Shenzhen waterward Software Technology Co.,Ltd. Address before: 518000 B, 503, 602, digital city building, garden city, 1079 Shekou Road, Shekou, Nanshan District, Shenzhen, Guangdong. Applicant before: SHENZHEN WATER WORLD Co.,Ltd. |
|
GR01 | Patent grant | ||
GR01 | Patent grant |