CN110717157A - User authentication method, device, computer equipment and storage medium - Google Patents

User authentication method, device, computer equipment and storage medium Download PDF

Info

Publication number
CN110717157A
CN110717157A CN201910844500.6A CN201910844500A CN110717157A CN 110717157 A CN110717157 A CN 110717157A CN 201910844500 A CN201910844500 A CN 201910844500A CN 110717157 A CN110717157 A CN 110717157A
Authority
CN
China
Prior art keywords
user
adaptive
preset
verification
authentication
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201910844500.6A
Other languages
Chinese (zh)
Other versions
CN110717157B (en
Inventor
袁彪
张要伟
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Ping An Technology Shenzhen Co Ltd
Original Assignee
Ping An Technology Shenzhen Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ping An Technology Shenzhen Co Ltd filed Critical Ping An Technology Shenzhen Co Ltd
Priority to CN201910844500.6A priority Critical patent/CN110717157B/en
Publication of CN110717157A publication Critical patent/CN110717157A/en
Application granted granted Critical
Publication of CN110717157B publication Critical patent/CN110717157B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/90Details of database functions independent of the retrieved data types
    • G06F16/901Indexing; Data structures therefor; Storage structures
    • G06F16/9014Indexing; Data structures therefor; Storage structures hash tables
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/90Details of database functions independent of the retrieved data types
    • G06F16/903Querying
    • G06F16/90335Query processing
    • G06F16/90344Query processing by using string matching techniques
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F18/00Pattern recognition
    • G06F18/20Analysing
    • G06F18/22Matching criteria, e.g. proximity measures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/33User authentication using certificates
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/36User authentication by graphic or iconic representation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Data Mining & Analysis (AREA)
  • Databases & Information Systems (AREA)
  • Software Systems (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Life Sciences & Earth Sciences (AREA)
  • Computational Linguistics (AREA)
  • Artificial Intelligence (AREA)
  • Bioinformatics & Cheminformatics (AREA)
  • Bioinformatics & Computational Biology (AREA)
  • Computer Vision & Pattern Recognition (AREA)
  • Evolutionary Biology (AREA)
  • Evolutionary Computation (AREA)
  • Collating Specific Patterns (AREA)

Abstract

The application discloses a user authentication method, a user authentication device, computer equipment and a storage medium, wherein the method comprises the following steps: receiving an adaptive verification request sent by a user side, wherein the adaptive verification request carries a request number and a signature pattern; acquiring a history record of the user side accessing the verification server; if the user side does not perform adaptive verification within the preset time, performing adaptive verification on the user side to obtain an adaptive verification result; if the adaptive verification result is that the verification is passed, calling a pre-stored virtual three-dimensional seal, acquiring an appointed projection direction according to a preset projection direction calculation method, and projecting the virtual three-dimensional seal from the appointed projection direction so as to obtain a plane projection image; and if the plane projection image is the same as the signature pattern, judging that the user authentication of the user side is passed. Therefore, the efficiency, the accuracy and the safety of user verification are improved.

Description

User authentication method, device, computer equipment and storage medium
Technical Field
The present application relates to the field of computers, and in particular, to a user authentication method, apparatus, computer device, and storage medium.
Background
User authentication refers to authentication of adaptability and identity of a user, wherein adaptive authentication refers to authentication of whether the user is suitable for an operation to be performed, for example, authentication of authority of the user. When the traditional technology carries out the adaptability verification, the traditional technology controls through a floor result state machine, for example, if one service process has 3 processes, the first process must be executed successfully to execute the second process, the second process must be executed successfully to execute the third process, and the third process is executed successfully to calculate that the service process is successful. Before the processing of these 3 processes, the database must be queried to obtain data that needs to be verified when the current process is to be executed, such as a user ID, a service ID, a process ID, success or failure of the previous process, and other relevant information. Therefore, the conventional technique relies heavily on data pre-stored in the database when performing the adaptive verification, so that a large amount of computing resources and communication resources are required, and when the database is stressed, the efficiency of the flow processing is seriously affected. In addition, in the conventional technology, when performing authentication, the authentication may be performed in a manner of a stamp pattern obtained by stamping a physical stamp, but such a stamp image is easily inverted from the front shape and pattern of the physical stamp, thereby causing forgery and lowering security.
Disclosure of Invention
The present application mainly aims to provide a user authentication method, apparatus, computer device and storage medium, aiming to improve the efficiency, accuracy and security of user authentication.
In order to achieve the above object, the present application provides a user authentication method, applied to an authentication server, including:
receiving an adaptive verification request sent by a user side, wherein the adaptive verification request carries a request number and a signature pattern;
acquiring a history record of the user side accessing the verification server, and judging whether the user side performs adaptive verification within preset time according to the history record;
if the user side does not carry out the adaptive verification within the preset time, carrying out the adaptive verification on the user side according to a preset adaptive verification scheme so as to obtain an adaptive verification result, wherein the adaptive verification scheme at least comprises the verification of the request number;
judging whether the adaptive verification result is verified;
if the adaptive verification result is that the verification is passed, calling a pre-stored virtual three-dimensional seal, acquiring an appointed projection direction according to a preset projection direction calculation method, and projecting the virtual three-dimensional seal from the appointed projection direction so as to obtain a plane projection image;
judging whether the plane projection image is the same as the signature pattern or not;
and if the plane projection image is the same as the signature pattern, judging that the user authentication of the user side is passed.
Further, the receiving an adaptive verification request sent by a user side, where the adaptive verification request carries a request number and a signature pattern, includes:
acquiring a digital certificate sent by the user side, and extracting a character string with a specified digit number from the digital certificate to be used as a user number of the user side;
acquiring an original number by adopting a preset character string connection operation method, wherein the original number is composed of a timestamp, a random number, partial characters in a user number and characters corresponding to a previous process processing result;
according to the formula: the authentication number is md (original number + user number), and the authentication number is obtained by calculation, wherein md refers to a preset hash value calculation method, and operator + is a character string directly connected operator;
according to the formula: generating a request number which is the original number and n-bit characters before the authentication number, wherein an operator + is a character string directly connected operator, and n is an integer greater than or equal to 1;
and sending the request number to the user side.
Further, the step of acquiring a history record of the user accessing the authentication server and determining whether the user performs adaptive authentication within a predetermined time according to the history record includes:
acquiring a history record of the user accessing the verification server, and calculating the data size in the history record within the preset time;
judging whether the data size in the preset time is larger than a preset data size or not;
and if the data size within the preset time is larger than the preset data size, judging that the user side carries out adaptive verification within the preset time.
Further, the adaptive verification request carries a user number, and the adaptive verification is performed on the user side according to a preset adaptive verification scheme, so as to obtain an adaptive verification result, where the adaptive verification scheme at least includes a step of verifying the request number, and includes:
analyzing the request number according to a preset request number format to obtain a first character string and a second character string, wherein the second character string has n-bit characters;
the formula is adopted: calculating to obtain the hash value which is md (a first character string and a user number), wherein md refers to a preset hash value calculation method, and an operator + is a character string directly connected operator;
judging whether the first n-bit character of the hash value is the same as the second character string;
if the first n-bit characters of the hash value are the same as the second character string, calculating the similarity value between the user number and the first character string by using a preset similarity calculation method;
if the similarity value is larger than a preset similarity threshold value, extracting a front k-bit character from the first character string, and mapping the front k-bit character into request time data according to a preset time mapping method;
judging whether the absolute value of the time difference between the request time data and the current time point is greater than a preset effective time value or not;
and if the absolute value of the time difference between the request time data and the current time point is not greater than the preset effective time value, outputting an adaptive verification result of which the adaptive verification is passed.
Further, the step of calculating the similarity value between the user number and the first character string by using a preset similarity calculation method includes:
according to a preset sequence relation of a next character to a previous character, mapping the user number and the sequence relation of the previous character and the next character in the first character string into high-dimensional vectors (A1, A2, A3 … and Am) and (B1, B2, B3 … and Bo), wherein A1 is B1 is 0, A2, A3 … and Am are sequence relations of a second character of the user number to the previous character, sequence relation … of a third character of the user number to the previous character and sequence relation of an m character of the user number to the previous character; b2, B3 … and Bo are the sequence relation of the second character of the first character string to the previous character, the sequence relation of the third character of the first character string to the previous character …, the sequence relation of the o-th character of the first character string to the previous character, the user number has m characters in total, the first character string has o characters in total, wherein o is larger than m;
splitting the high-dimensional vectors (B1, B2, B3 …, Bo) into a plurality of m-dimensional vectors (B1, B2, B3 …, Bm), (B2, B3, B4 …, B (m +1)) …, (B (o-m +1), B (o-m +2) …, Bo);
and respectively calculating the distances between the high-dimensional vectors (A1, A2, A3 … and Am) and the m-dimensional vectors by adopting a preset cosine distance algorithm so as to obtain a plurality of distance values, and recording the maximum numerical value in the distance values as the similarity value of the user number and the first character string.
Further, if the adaptive verification result is that the verification is passed, the step of calling a pre-stored virtual stereo seal, obtaining an appointed projection direction according to a preset projection direction calculation method, and projecting the virtual stereo seal from the appointed projection direction to obtain a planar projection image includes:
if the adaptability verification result is that the verification is passed, calling a pre-stored virtual three-dimensional seal;
acquiring current time, and acquiring a specified coordinate point corresponding to the current time according to a corresponding relation between preset time and a space coordinate point by taking the front center of the virtual three-dimensional seal as an origin;
and recording the direction of the designated coordinate point pointing to the origin as a designated projection direction, and projecting the virtual three-dimensional seal from the designated projection direction to obtain a plane projection image.
Further, the step of obtaining the current time, taking the front center of the virtual three-dimensional seal as an origin, and obtaining an appointed coordinate point corresponding to the current time according to a corresponding relationship between a preset time and a spatial coordinate point includes:
taking the center of the front face of the virtual three-dimensional seal as an origin, taking a connecting line between the origin and a preset point in the front face as an x-axis, taking a straight line which is perpendicular to the x-axis and passes through the origin in the front face as a y-axis, and taking a perpendicular line which passes through the origin in the front face as a z-axis, thereby establishing a three-dimensional rectangular coordinate system;
obtaining the current time, and according to a formula:
x is k1 × M + a 1; k2 × D + a 2; and z is k3 × T + a3, and a specified coordinate point (x, y, z) is obtained, wherein the current time is the T-th hour on day D in month M of the current year, wherein k1, k2, k3, a1, a2, and a3 are all preset parameters.
The application provides a user authentication device, is applied to authentication server, includes:
the adaptive verification request receiving unit is used for receiving an adaptive verification request sent by a user side, wherein the adaptive verification request carries a request number and a signature pattern;
the history record acquisition unit is used for acquiring the history record of the user terminal accessing the verification server and judging whether the user terminal performs adaptive verification within preset time according to the history record;
an adaptive verification result obtaining unit, configured to perform adaptive verification on the user side according to a preset adaptive verification scheme if the user side has not performed adaptive verification within a predetermined time, so as to obtain an adaptive verification result, where the adaptive verification scheme at least includes verifying the request number;
an adaptive verification result judging unit, configured to judge whether the adaptive verification result is a verification pass;
the plane projection image acquisition unit is used for calling a pre-stored virtual stereo seal if the adaptive verification result is that the verification is passed, acquiring a specified projection direction according to a preset projection direction calculation method, and projecting the virtual stereo seal from the specified projection direction so as to obtain a plane projection image;
the plane projection image judging unit is used for judging whether the plane projection image is the same as the signature pattern or not;
and the user authentication passing judgment unit is used for judging that the user of the user side passes authentication if the plane projection image is the same as the signature pattern.
The present application provides a computer device comprising a memory storing a computer program and a processor implementing the steps of any of the above methods when the processor executes the computer program.
The present application provides a computer-readable storage medium having stored thereon a computer program which, when being executed by a processor, carries out the steps of the method of any of the above.
The user authentication method, the user authentication device, the computer equipment and the storage medium receive an adaptive authentication request sent by a user side, wherein the adaptive authentication request carries a request number and a signature pattern; acquiring a history record of the user side accessing the verification server; if the user side does not perform adaptive verification within the preset time, performing adaptive verification on the user side to obtain an adaptive verification result; if the adaptive verification result is that the verification is passed, calling a pre-stored virtual three-dimensional seal, acquiring an appointed projection direction according to a preset projection direction calculation method, and projecting the virtual three-dimensional seal from the appointed projection direction so as to obtain a plane projection image; and if the plane projection image is the same as the signature pattern, judging that the user authentication of the user side is passed. Therefore, the efficiency, the accuracy and the safety of user verification are improved.
Drawings
Fig. 1 is a schematic flowchart of a user authentication method according to an embodiment of the present application;
FIG. 2 is a block diagram illustrating a user authentication device according to an embodiment of the present application;
fig. 3 is a block diagram illustrating a structure of a computer device according to an embodiment of the present application.
The implementation, functional features and advantages of the objectives of the present application will be further explained with reference to the accompanying drawings.
Detailed Description
In order to make the objects, technical solutions and advantages of the present application more apparent, the present application is described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the present application and are not intended to limit the present application.
Referring to fig. 1, an embodiment of the present application provides a user authentication method, which is applied to an authentication server, and includes:
s1, receiving an adaptive verification request sent by a user side, wherein the adaptive verification request carries a request number and a signature pattern;
s2, acquiring a history record of the user side accessing the verification server, and judging whether the user side performs adaptive verification within a preset time according to the history record;
s3, if the user side has not been adaptively verified within the preset time, adaptively verifying the user side according to a preset adaptive verification scheme to obtain an adaptive verification result, wherein the adaptive verification scheme at least comprises verifying the request number;
s4, judging whether the adaptability verification result is verified;
s5, if the adaptability verification result is that the verification is passed, calling a pre-stored virtual stereo seal, obtaining a specified projection direction according to a preset projection direction calculation method, and projecting the virtual stereo seal from the specified projection direction to obtain a plane projection image;
s6, judging whether the plane projection image is the same as the signature pattern or not;
and S7, if the plane projection image is the same as the signature pattern, judging that the user authentication of the user side is passed.
As described in step S1, an adaptive authentication request sent by the user end is received, where the adaptive authentication request carries a request number and a signature pattern. The request number adopted by the application is used for carrying out adaptive verification on the user side subsequently. The request number of the present application may be any number, for example: the request number is an original number + n-bit characters before an authentication number, wherein the original number is composed of a timestamp, a random number, a part of characters in a user number and characters corresponding to a previous process processing result, the user number can extract a character string with a specified bit number from the digital certificate as the user number of the user side, and the authentication number is md (the original number + the user number + a preset secret key), wherein md refers to a preset hash value calculation method, and an operator + is a character string directly connected with an operator. Therefore, the request number adopted by the application contains a huge amount of information, so that the database can be separated when the adaptability verification is carried out, the resource waste is reduced, and the efficiency is improved. The signature pattern is used for identity authentication, and the signature image is a plane projection image obtained by projecting a pre-stored virtual three-dimensional seal. The virtual three-dimensional seal may be obtained in any manner, for example, by a preset 3D modeling method, which is not described herein again. The user number may be generated by a user side, or may be generated by a server, preferably by the server.
As described in step S2, the history of the access of the user terminal to the authentication server is obtained, and whether the user terminal has performed adaptive authentication within a predetermined time is determined according to the history. The method for determining whether the user side performs adaptive verification within a predetermined time includes: acquiring a history record of the user accessing the verification server, and calculating the data size in the history record within the preset time; judging whether the data size in the preset time is larger than a preset data size or not; and if the data size within the preset time is larger than the preset data size, judging that the user side carries out adaptive verification within the preset time.
As described in step S3, if the user side has not performed adaptive verification within the predetermined time, the user side performs adaptive verification according to a preset adaptive verification scheme, so as to obtain an adaptive verification result, where the adaptive verification scheme at least includes verifying the request number. The request number adopted by the method comprises a huge amount of information, so that the user side can be adaptively verified only by adopting the request number for verification. Specifically, the adaptive verification process includes, for example, parsing the request number to obtain information including a timestamp, a random number, a partial character in the user number, a previous process processing result, and determining whether the adaptive verification of the user passes or not according to the information.
As described in step S4, it is determined whether the adaptive verification result is verified. As previously described, adaptive verification results have been obtained, where the adaptive verification results include a pass or a fail. Only when the adaptive verification result is that the verification is passed, further identity verification is necessary.
As described in the step S5, if the adaptive verification result is that the verification is passed, the pre-stored virtual stereo seal is retrieved, an assigned projection direction is obtained according to a preset projection direction calculation method, and the virtual stereo seal is projected from the assigned projection direction, so as to obtain a planar projection image. The virtual three-dimensional seal may be obtained in any manner, for example, by a preset 3D modeling method, which is not described herein again. The virtual three-dimensional seal is projected by the appointed projection direction, so that a plane projection image is obtained for identity verification, and the risk of the front shape and the pattern of the seal is avoided being reversely pushed out. Because the projection results of the pre-stored virtual three-dimensional seal in different projection directions are different, the virtual three-dimensional seal cannot be obtained if only a few plane projection images are reversely pushed, and the safety of the virtual three-dimensional seal is ensured. And the plane projection image is related to the virtual three-dimensional seal, so that the requirement of identity authentication can be met.
As described in step S6, it is determined whether the planar projection image and the signature pattern are the same. If the plane projection image is the same as the signature pattern, the identity of the user side is judged to be true, namely the identity authentication is passed (because the same signature pattern is difficult to find on the premise of no virtual three-dimensional seal).
As described in step S7, if the planar projection image is the same as the signature pattern, it is determined that the user authentication at the user side is passed. Due to the uniqueness and the characteristic of difficult counterfeiting of the virtual three-dimensional seal, the server pre-storing the virtual three-dimensional seal can accurately and reliably verify the identity only by the user side capable of providing the signature image. Accordingly, the user authentication of the user side is judged to be passed due to the fact that the identity authentication is passed and the adaptive authentication is passed.
In one embodiment, before the step S1 of receiving the adaptive authentication request sent by the user end, where the adaptive authentication request carries a request number and a signature pattern, the method includes:
s01, acquiring the digital certificate sent by the user terminal, and extracting a character string with a specified digit number from the digital certificate as the user number of the user terminal;
s02, acquiring an original number by adopting a preset character string connection operation method, wherein the original number is composed of a timestamp, a random number, a part of characters in a user number and characters corresponding to a previous process processing result;
s03, according to the formula: the authentication number is md (original number + user number), and the authentication number is obtained by calculation, wherein md refers to a preset hash value calculation method, and operator + is a character string directly connected operator;
s04, according to the formula: generating a request number which is the original number and n-bit characters before the authentication number, wherein an operator + is a character string directly connected operator, and n is an integer greater than or equal to 1;
and S05, sending the request number to the user terminal.
As described above, generation and transmission of the request number to the user side are achieved. Specifically, the method comprises the steps of extracting a character string with a specified digit number from a digital certificate as a user number of a user side by acquiring the digital certificate sent by the user side; acquiring an original number by adopting a preset character string connection operation method, wherein the original number is composed of a timestamp, a random number, partial characters in a user number and characters corresponding to a previous process processing result; according to the formula: the authentication number is md (original number + user number), and the authentication number is obtained by calculation, wherein md refers to a preset hash value calculation method, and operator + is a character string directly connected operator; according to the formula: and generating the request number by the way that the request number is the original number plus n characters before the authentication number, wherein an operator + is a character string directly connected operator, and n is an integer which is more than or equal to 1. The request number thus integrates a large amount of information, including, for example, digital certificates, user numbers, time stamps, random numbers, results of previous process flows, etc., and also integrates a verification algorithm, such as a hash value calculation method. The hash value calculation method may be any algorithm, such as MD5 algorithm. And then the request number is sent to the user side, so that the user side can utilize the request number to carry a large amount of information when the user side needs to carry out an adaptive verification request. The preset character string connection operation method is to directly connect a plurality of character strings to obtain a new character string.
In one embodiment, the step S2 of obtaining a history of the user accessing the authentication server, and determining whether the user has performed adaptive authentication within a predetermined time according to the history includes:
s201, acquiring a history record of the user side accessing the verification server, and calculating the data size in the history record within the preset time;
s202, judging whether the size of the data in the preset time is larger than the preset data size;
and S203, if the data size in the preset time is larger than the preset data size, judging that the user side carries out adaptive verification in the preset time.
As described above, it is realized to determine whether the user side has performed the adaptive authentication within the predetermined time according to the history. Acquiring a history record of the user accessing the verification server, and calculating the data size in the history record within the preset time; judging whether the data size in the preset time is larger than a preset data size or not; and if the data size within the preset time is larger than the preset data size, judging the mode that the user side carries out the adaptive verification within the preset time, and judging whether the adaptive verification is carried out. Specifically, if the user side performs adaptive verification within a predetermined time, there is a corresponding record in the history, and the data size of the recorded content is inevitably larger than that of the recorded content which is not subjected to adaptive verification, so that the user side performs fuzzy judgment by comparing the data sizes to determine that the user side performs adaptive verification within the predetermined time. Compared with the traditional technology that data records are screened one by one from historical records, the method and the device have the advantages that the consumed computing resources and the completion speed are improved.
In one embodiment, the adaptive authentication request carries a user number, and the adaptive authentication is performed on the user side according to a preset adaptive authentication scheme to obtain an adaptive authentication result, where the adaptive authentication scheme at least includes a step S3 of authenticating the request number, and includes:
s301, analyzing the request number according to a preset request number format to obtain a first character string and a second character string, wherein the second character string has n-bit characters;
s302, adopting a formula: calculating to obtain the hash value which is md (a first character string and a user number), wherein md refers to a preset hash value calculation method, and an operator + is a character string directly connected operator;
s303, judging whether the first n-bit character of the hash value is the same as the second character string;
s304, if the first n-bit characters of the hash value are the same as the second character string, calculating the similarity value between the user number and the first character string by using a preset similarity calculation method;
s305, if the similarity value is larger than a preset similarity threshold, extracting a front k-bit character from the first character string, and mapping the front k-bit character into request time data according to a preset time mapping method;
s306, judging whether the absolute value of the time difference between the request time data and the current time point is larger than a preset effective time value or not;
and S307, if the absolute value of the time difference between the request time data and the current time point is not greater than a preset effective time value, outputting an adaptive verification result of which the adaptive verification is passed.
As described above, the adaptive verification of the user side is achieved according to the preset adaptive verification scheme, so that an adaptive verification result is obtained. The request number of the present application may be any number, for example: the request number is an original number + n-bit characters before an authentication number, wherein the original number is composed of a timestamp, a random number, a part of characters in a user number and characters corresponding to a previous process processing result, the user number can extract a character string with a specified bit number from the digital certificate as the user number of the user side, the authentication number is md (the original number + the user number), wherein md refers to a preset hash value calculation method, and an operator + is a character string direct connection operator. Accordingly, if the first character string and the second character string obtained by analysis are respectively equivalent to the first n characters of the original number and the authentication number, the adaptive verification request of the request is possible. And judging whether the first character string and the second character string are equivalent to the mode of n characters before the original number and the authentication number, wherein the formula is adopted in the application: calculating the hash value which is md (the first character string and the user number); if the first n-bit characters of the hash value are the same as the second character string, calculating the similarity value between the user number and the first character string by using a preset similarity calculation method; and if the similarity value is larger than a preset similarity threshold value, indicating that the first character string and the second character string are respectively equivalent to the first n-bit characters of the original number and the authentication number. In consideration of timeliness, the front k-bit character is extracted from the first character string, and is mapped into request time data according to a preset time mapping method; and if the absolute value of the time difference between the request time data and the current time point is not greater than the preset effective time value, outputting the mode of the adaptive verification result which passes the adaptive verification to ensure the validity of the data. The first k-bit character extracted from the first character string is substantially the time stamp of the request number when the request number is generated (because the first character string and the second character string are respectively equivalent to the first n-bit characters of the original number and the authentication number), and accordingly, the time difference between the current time and the time when the request number is generated can be calculated, and whether the request has timeliness or not is judged.
In one embodiment, the step S304 of calculating the similarity value between the user number and the first character string by using a preset similarity calculation method includes:
s3041, according to a preset sequential relationship between a next character and a previous character, mapping the user number and the sequential relationship between the previous character and the next character in the first character string to high-dimensional vectors (a1, a2, A3 …, Am) and (B1, B2, B3 …, Bo), where a1 ═ B1 ═ 0, a2, A3 …, Am are respectively the sequential relationship between the second character of the user number and the previous character, the sequential relationship … between the third character of the user number and the previous character, and the sequential relationship between the mth character of the user number and the previous character; b2, B3 … and Bo are the sequence relation of the second character of the first character string to the previous character, the sequence relation of the third character of the first character string to the previous character …, the sequence relation of the o-th character of the first character string to the previous character, the user number has m characters in total, the first character string has o characters in total, wherein o is larger than m;
s3042, splitting the high-dimensional vectors (B1, B2, B3 … and Bo) into a plurality of m-dimensional vectors (B1, B2, B3 …, Bm), (B2, B3, B4 …, B (m +1)) …, (B (o-m +1), B (o-m +2) … and Bo);
s3043, respectively calculating the distances between the high-dimensional vectors (A1, A2, A3 … and Am) and the m-dimensional vectors by adopting a preset cosine distance algorithm so as to obtain a plurality of distance values, and recording the maximum numerical value in the distance values as the similarity value between the user number and the first character string.
As described above, it is realized that the similarity value of the user number and the first character string is calculated by a preset similarity calculation method. The preset order relationship of the next character relative to the previous character refers to the influence relationship of the previous character on the next character, in this example, the character string abd is mapped to a vector (0,1,2), where 0 is a default value, 1 refers to the order relationship between the character a and the character b (1 order difference between a and b), and 2 refers to the order relationship between the character b and the character d (2 order difference between b and d). Accordingly, the user number and the preceding and following character order relationship in the first character string are mapped to high-dimensional vectors (a1, a2, A3 …, Am) and (B1, B2, B3 …, Bo), respectively. Splitting the high-dimensional vectors (B1, B2, B3 … and Bo) into a plurality of m-dimensional vectors (B1, B2, B3 …, Bm), (B2, B3, B4 …, B (m +1)) …, (B (o-m +1), B (o-m +2) … and Bo); and respectively calculating the distances between the high-dimensional vectors (A1, A2, A3 … and Am) and the m-dimensional vectors by adopting a cosine distance algorithm so as to obtain a plurality of distance values, and recording the maximum value in the distance values as the similarity value of the user number and the first character string. Wherein the similarity value is between 0 and 1, indicating the most similar when 1 and the least similar when 0.
In an embodiment, the step S5, where, if the adaptive verification result is that the verification is passed, the method includes the steps of calling a pre-stored virtual stereo seal, obtaining an assigned projection direction according to a preset projection direction calculation method, and projecting the virtual stereo seal from the assigned projection direction, so as to obtain a planar projection image, including:
s501, if the adaptability verification result is that the verification is passed, calling a pre-stored virtual three-dimensional seal;
s502, acquiring current time, and acquiring a specified coordinate point corresponding to the current time according to a corresponding relation between preset time and a space coordinate point by taking the front center of the virtual three-dimensional seal as an origin;
s503, recording the direction of the designated coordinate point pointing to the origin as a designated projection direction, and projecting the virtual three-dimensional seal from the designated projection direction to obtain a plane projection image.
As described above, the virtual three-dimensional seal is projected from the designated projection direction, so that a planar projection image is obtained. The method comprises the steps of acquiring a designated coordinate point corresponding to the current time according to the corresponding relation between the preset time and the space coordinate point, marking the direction of the designated coordinate point pointing to the original point as a designated projection direction, and projecting the virtual three-dimensional seal from the designated projection direction, thereby obtaining a planar projection image, combining the planar projection image with the current time, i.e. the plane projection image can reflect the current time, thereby on one hand, ensuring the security of the signature (the plane projection images at different times, therefore, the reverse push of the plane projection image or the virtual three-dimensional seal is impossible), meanwhile, signature time information is additionally provided (the designated projection direction can be obtained through the plane projection image and a virtual three-dimensional seal owned by a user, and then signature time is obtained), and the information utilization rate is improved. The front surface of the virtual three-dimensional seal may be any surface preset by the virtual three-dimensional seal, and is preferably a surface of the virtual three-dimensional seal having a specific pattern, where the specific pattern is, for example, the same as a signature of an entity seal or a positive text corresponding to the signature of the entity seal (the signature of the entity seal is a negative text).
In one embodiment, the step S502 of obtaining the current time and obtaining a designated coordinate point corresponding to the current time according to a preset corresponding relationship between the time and a spatial coordinate point with a front center of the virtual three-dimensional seal as an origin includes:
s5021, taking the center of the front face of the virtual three-dimensional seal as an origin, taking a connecting line between the origin and a preset point in the front face as an x axis, taking a straight line which is perpendicular to the x axis and passes through the origin in the front face as a y axis, and taking a perpendicular line which passes through the origin in the front face as a z axis, so that a three-dimensional rectangular coordinate system is established;
s5022, obtaining the current time, and according to a formula:
x is k1 × M + a 1; k2 × D + a 2; and z is k3 × T + a3, and a specified coordinate point (x, y, z) is obtained, wherein the current time is the T-th hour on day D in month M of the current year, wherein k1, k2, k3, a1, a2, and a3 are all preset parameters.
As described above, it is realized that the specified coordinate point corresponding to the current time is acquired according to the preset correspondence relationship between the time and the spatial coordinate point. The application decomposes the current time into the Tth hour in the Dth day in the Mth month of the current year, and utilizes the formula x as k1 xM + a1 according to the Mth month, the Dth day and the Tth hour; k2 × D + a 2; and (3) acquiring a specified coordinate point (x, y, z) by k3 × T + a3, thereby further ensuring the security of the signature. And since the x-axis, the y-axis and the z-axis are respectively related to the month, the day and the hour, namely the plane projection image is related to the month, the day and the hour, one or more of the month, the day and the hour can be rapidly deduced by using the plane projection image.
The user authentication method receives an adaptive authentication request sent by a user side, wherein the adaptive authentication request carries a request number and a signature pattern; acquiring a history record of the user side accessing the verification server; if the user side does not perform adaptive verification within the preset time, performing adaptive verification on the user side to obtain an adaptive verification result; if the adaptive verification result is that the verification is passed, calling a pre-stored virtual three-dimensional seal, acquiring an appointed projection direction according to a preset projection direction calculation method, and projecting the virtual three-dimensional seal from the appointed projection direction so as to obtain a plane projection image; and if the plane projection image is the same as the signature pattern, judging that the user authentication of the user side is passed. Therefore, the efficiency, the accuracy and the safety of user verification are improved.
Referring to fig. 2, an embodiment of the present application provides a user authentication apparatus, including:
an adaptive verification request receiving unit 10, configured to receive an adaptive verification request sent by a user side, where the adaptive verification request carries a request number and a signature pattern;
a history record obtaining unit 20, configured to obtain a history record of the user accessing the authentication server, and determine whether the user has performed adaptive authentication within a predetermined time according to the history record;
an adaptive verification result obtaining unit 30, configured to perform adaptive verification on the user side according to a preset adaptive verification scheme if the user side has not performed adaptive verification within a predetermined time, so as to obtain an adaptive verification result, where the adaptive verification scheme at least includes verifying the request number;
an adaptive verification result determination unit 40 configured to determine whether the adaptive verification result is verified;
a plane projection image obtaining unit 50, configured to, if the adaptive verification result is that verification passes, call a pre-stored virtual stereo seal, obtain an assigned projection direction according to a preset projection direction calculation method, and project the virtual stereo seal from the assigned projection direction, so as to obtain a plane projection image;
a plane projection image judgment unit 60 configured to judge whether the plane projection image is the same as the signature pattern;
and a user authentication passing determination unit 70, configured to determine that the user of the user terminal passes the user authentication if the planar projection image is the same as the signature pattern.
The operations performed by the units are respectively corresponding to the steps of the user authentication method in the foregoing embodiment one by one, and are not described herein again.
In one embodiment, the apparatus comprises:
a user number obtaining unit, configured to obtain a digital certificate sent by the user side, and extract a character string with a specified digit from the digital certificate as a user number of the user side;
the system comprises an original number acquisition unit, a processing unit and a processing unit, wherein the original number acquisition unit is used for acquiring an original number by adopting a preset character string connection operation method, and the original number is composed of a timestamp, a random number, partial characters in a user number and characters corresponding to a previous process processing result;
an authentication number calculation unit for calculating, according to a formula: the authentication number is md (original number + user number), and the authentication number is obtained by calculation, wherein md refers to a preset hash value calculation method, and operator + is a character string directly connected operator;
a request number generation unit for generating, according to a formula: generating a request number which is the original number and n-bit characters before the authentication number, wherein an operator + is a character string directly connected operator, and n is an integer greater than or equal to 1;
and the request number sending unit is used for sending the request number to the user side.
The operations performed by the units are respectively corresponding to the steps of the user authentication method in the foregoing embodiment one by one, and are not described herein again.
In one embodiment, the history obtaining unit 20 includes:
a history record obtaining subunit, configured to obtain a history record of the user accessing the authentication server, and calculate a size of data in the history record within the predetermined time;
a data size determining subunit, configured to determine whether the size of the data within the predetermined time is larger than a preset data size;
and the verification-performed judging subunit is configured to judge that the user side performs adaptive verification within the predetermined time if the data size within the predetermined time is larger than a preset data size.
The operations performed by the sub-units correspond to the steps of the user authentication method in the foregoing embodiment one to one, and are not described herein again.
In one embodiment, the adaptive verification request carries a user number, and the adaptive verification result obtaining unit 30 includes:
the request number analyzing subunit is used for analyzing the request number according to a preset request number format so as to obtain a first character string and a second character string, wherein the second character string has n-bit characters;
a hash value operator unit for employing the formula: calculating to obtain the hash value which is md (a first character string and a user number), wherein md refers to a preset hash value calculation method, and an operator + is a character string directly connected operator;
a string identity judgment subunit, configured to judge whether the first n-bit string of the hash value is identical to the second string;
the similarity operator unit is used for calculating the similarity value between the user number and the first character string by using a preset similarity calculation method if the first n-bit characters of the hash value are the same as the second character string;
a request time data mapping subunit, configured to, if the similarity value is greater than a preset similarity threshold, extract a front k-bit character from the first character string, and map the front k-bit character into request time data according to a preset time mapping method;
an effective time value judgment subunit, configured to judge whether an absolute value of a time difference between the requested time data and the current time point is greater than a preset effective time value;
and the adaptive verification passing output subunit is used for outputting an adaptive verification result of the adaptive verification passing if the absolute value of the time difference between the request time data and the current time point is not greater than a preset effective time value.
The operations performed by the sub-units correspond to the steps of the user authentication method in the foregoing embodiment one to one, and are not described herein again.
In one embodiment, the similarity operator unit includes:
a high-dimensional vector mapping module, configured to map, according to a preset order relationship between a next character and a previous character, the user number and an order relationship between the previous character and the next character in the first character string as high-dimensional vectors (a1, a2, A3 …, Am) and (B1, B2, B3 …, Bo), where a1 is B1 is 0, a2, A3 …, and Am are respectively an order relationship between a second character of the user number and a previous character, an order relationship … between a third character of the user number and a previous character, and an order relationship between an m-th character of the user number and a previous character; b2, B3 … and Bo are the sequence relation of the second character of the first character string to the previous character, the sequence relation of the third character of the first character string to the previous character …, the sequence relation of the o-th character of the first character string to the previous character, the user number has m characters in total, the first character string has o characters in total, wherein o is larger than m;
a high-dimensional vector splitting module for splitting the high-dimensional vectors (B1, B2, B3 …, Bo) into a plurality of m-dimensional vectors (B1, B2, B3 …, Bm), (B2, B3, B4 …, B (m +1)) …, (B (o-m +1), B (o-m +2) …, Bo);
and the cosine distance calculation module is used for respectively calculating the distances between the high-dimensional vectors (A1, A2, A3 … and Am) and the m-dimensional vectors by adopting a preset cosine distance algorithm so as to obtain a plurality of distance values, and recording the maximum numerical value in the distance values as the similarity value between the user number and the first character string.
The operations executed by the modules correspond to the steps of the user authentication method in the foregoing embodiment one to one, and are not described herein again.
In one embodiment, the planar projection image acquisition unit 50 includes:
the virtual three-dimensional seal transferring subunit is used for transferring the pre-stored virtual three-dimensional seal if the adaptability verification result is that the verification is passed;
the appointed coordinate point obtaining subunit is used for obtaining current time, taking the front center of the virtual three-dimensional seal as an origin point, and obtaining an appointed coordinate point corresponding to the current time according to the corresponding relation between preset time and a space coordinate point;
and the plane projection image acquisition subunit is used for recording the direction in which the specified coordinate points point to the origin as a specified projection direction, and projecting the virtual three-dimensional seal from the specified projection direction to obtain a plane projection image.
The operations performed by the sub-units correspond to the steps of the user authentication method in the foregoing embodiment one to one, and are not described herein again.
In one embodiment, the specified coordinate point acquisition subunit includes:
the three-dimensional rectangular coordinate system establishing module is used for establishing a three-dimensional rectangular coordinate system by taking the center of the front face of the virtual three-dimensional stamp as an original point, taking a connecting line between the original point and a preset point in the front face as an x axis, taking a straight line which is perpendicular to the x axis and passes through the original point in the front face as a y axis, and taking a perpendicular line which passes through the original point in the front face as a z axis;
the appointed coordinate point acquisition module is used for acquiring the current time and according to a formula:
x is k1 × M + a 1; k2 × D + a 2; and z is k3 × T + a3, and a specified coordinate point (x, y, z) is obtained, wherein the current time is the T-th hour on day D in month M of the current year, wherein k1, k2, k3, a1, a2, and a3 are all preset parameters.
The operations executed by the modules correspond to the steps of the user authentication method in the foregoing embodiment one to one, and are not described herein again.
The user authentication device receives an adaptive authentication request sent by a user side, wherein the adaptive authentication request carries a request number and a signature pattern; acquiring a history record of the user side accessing the verification server; if the user side does not perform adaptive verification within the preset time, performing adaptive verification on the user side to obtain an adaptive verification result; if the adaptive verification result is that the verification is passed, calling a pre-stored virtual three-dimensional seal, acquiring an appointed projection direction according to a preset projection direction calculation method, and projecting the virtual three-dimensional seal from the appointed projection direction so as to obtain a plane projection image; and if the plane projection image is the same as the signature pattern, judging that the user authentication of the user side is passed. Therefore, the efficiency, the accuracy and the safety of user verification are improved.
Referring to fig. 3, an embodiment of the present invention further provides a computer device, where the computer device may be a server, and an internal structure of the computer device may be as shown in the figure. The computer device includes a processor, a memory, a network interface, and a database connected by a system bus. Wherein the computer designed processor is used to provide computational and control capabilities. The memory of the computer device comprises a nonvolatile storage medium and an internal memory. The non-volatile storage medium stores an operating system, a computer program, and a database. The memory provides an environment for the operation of the operating system and the computer program in the non-volatile storage medium. The database of the computer device is used to store data for the user authentication method. The network interface of the computer device is used for communicating with an external terminal through a network connection. The computer program is executed by a processor to implement a user authentication method.
The processor executes the user authentication method, wherein steps included in the method correspond to steps of executing the user authentication method of the foregoing embodiment one to one, and are not described herein again.
It will be understood by those skilled in the art that the structures shown in the drawings are only block diagrams of some of the structures associated with the embodiments of the present application and do not constitute a limitation on the computer apparatus to which the embodiments of the present application may be applied.
The computer equipment receives an adaptive verification request sent by a user side, wherein the adaptive verification request carries a request number and a signature pattern; acquiring a history record of the user side accessing the verification server; if the user side does not perform adaptive verification within the preset time, performing adaptive verification on the user side to obtain an adaptive verification result; if the adaptive verification result is that the verification is passed, calling a pre-stored virtual three-dimensional seal, acquiring an appointed projection direction according to a preset projection direction calculation method, and projecting the virtual three-dimensional seal from the appointed projection direction so as to obtain a plane projection image; and if the plane projection image is the same as the signature pattern, judging that the user authentication of the user side is passed. Therefore, the efficiency, the accuracy and the safety of user verification are improved.
An embodiment of the present application further provides a computer-readable storage medium, on which a computer program is stored, where the computer program, when executed by a processor, implements a user authentication method, where steps included in the method are respectively in one-to-one correspondence with steps of executing the user authentication method in the foregoing embodiment, and are not described herein again.
The computer-readable storage medium receives an adaptive verification request sent by a user side, wherein the adaptive verification request carries a request number and a signature pattern; acquiring a history record of the user side accessing the verification server; if the user side does not perform adaptive verification within the preset time, performing adaptive verification on the user side to obtain an adaptive verification result; if the adaptive verification result is that the verification is passed, calling a pre-stored virtual three-dimensional seal, acquiring an appointed projection direction according to a preset projection direction calculation method, and projecting the virtual three-dimensional seal from the appointed projection direction so as to obtain a plane projection image; and if the plane projection image is the same as the signature pattern, judging that the user authentication of the user side is passed. Therefore, the efficiency, the accuracy and the safety of user verification are improved.
It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above can be implemented by hardware instructions of a computer program, which can be stored in a non-volatile computer-readable storage medium, and when executed, can include the processes of the embodiments of the methods described above. Any reference to memory, storage, database, or other medium provided herein and used in the examples may include non-volatile and/or volatile memory. Non-volatile memory can include read-only memory (ROM), Programmable ROM (PROM), Electrically Programmable ROM (EPROM), Electrically Erasable Programmable ROM (EEPROM), or flash memory. Volatile memory can include Random Access Memory (RAM) or external cache memory. By way of illustration and not limitation, RAM is available in a variety of forms such as Static RAM (SRAM), Dynamic RAM (DRAM), Synchronous DRAM (SDRAM), double-rate SDRAM (SSRSDRAM), Enhanced SDRAM (ESDRAM), synchronous link (Synchlink) DRAM (SLDRAM), Rambus Direct RAM (RDRAM), direct bus dynamic RAM (DRDRAM), and bus dynamic RAM (RDRAM).
It should be noted that, in this document, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, apparatus, article, or method that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, apparatus, article, or method. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other like elements in a process, apparatus, article, or method that includes the element.
The above description is only a preferred embodiment of the present application, and not intended to limit the scope of the present application, and all modifications of equivalent structures and equivalent processes, which are made by the contents of the specification and the drawings of the present application, or which are directly or indirectly applied to other related technical fields, are also included in the scope of the present application.

Claims (10)

1. A user authentication method applied to an authentication server is characterized by comprising the following steps:
receiving an adaptive verification request sent by a user side, wherein the adaptive verification request carries a request number and a signature pattern;
acquiring a history record of the user side accessing the verification server, and judging whether the user side performs adaptive verification within preset time according to the history record;
if the user side does not carry out the adaptive verification within the preset time, carrying out the adaptive verification on the user side according to a preset adaptive verification scheme so as to obtain an adaptive verification result, wherein the adaptive verification scheme at least comprises the verification of the request number;
judging whether the adaptive verification result is verified;
if the adaptive verification result is that the verification is passed, calling a pre-stored virtual three-dimensional seal, acquiring an appointed projection direction according to a preset projection direction calculation method, and projecting the virtual three-dimensional seal from the appointed projection direction so as to obtain a plane projection image;
judging whether the plane projection image is the same as the signature pattern or not;
and if the plane projection image is the same as the signature pattern, judging that the user authentication of the user side is passed.
2. The method according to claim 1, wherein the step of receiving the adaptive authentication request sent by the user side, where the adaptive authentication request carries the request number and the signature pattern, comprises:
acquiring a digital certificate sent by the user side, and extracting a character string with a specified digit number from the digital certificate to be used as a user number of the user side;
acquiring an original number by adopting a preset character string connection operation method, wherein the original number is composed of a timestamp, a random number, partial characters in a user number and characters corresponding to a previous process processing result;
according to the formula: the authentication number is md (original number + user number), and the authentication number is obtained by calculation, wherein md refers to a preset hash value calculation method, and operator + is a character string directly connected operator;
according to the formula: generating a request number which is the original number and n-bit characters before the authentication number, wherein an operator + is a character string directly connected operator, and n is an integer greater than or equal to 1;
and sending the request number to the user side.
3. The method according to claim 1, wherein the step of obtaining a history of the access of the user terminal to the authentication server and determining whether the user terminal has performed adaptive authentication within a predetermined time according to the history comprises:
acquiring a history record of the user accessing the verification server, and calculating the data size in the history record within the preset time;
judging whether the data size in the preset time is larger than a preset data size or not;
and if the data size within the preset time is larger than the preset data size, judging that the user side carries out adaptive verification within the preset time.
4. The user authentication method according to claim 1, wherein the adaptive authentication request carries a user number, and the adaptive authentication is performed on the user side according to a preset adaptive authentication scheme to obtain an adaptive authentication result, wherein the adaptive authentication scheme at least includes a step of authenticating the request number, and includes:
analyzing the request number according to a preset request number format to obtain a first character string and a second character string, wherein the second character string has n-bit characters;
the formula is adopted: calculating to obtain the hash value which is md (a first character string and a user number), wherein md refers to a preset hash value calculation method, and an operator + is a character string directly connected operator;
judging whether the first n-bit character of the hash value is the same as the second character string;
if the first n-bit characters of the hash value are the same as the second character string, calculating the similarity value between the user number and the first character string by using a preset similarity calculation method;
if the similarity value is larger than a preset similarity threshold value, extracting a front k-bit character from the first character string, and mapping the front k-bit character into request time data according to a preset time mapping method;
judging whether the absolute value of the time difference between the request time data and the current time point is greater than a preset effective time value or not;
and if the absolute value of the time difference between the request time data and the current time point is not greater than the preset effective time value, outputting an adaptive verification result of which the adaptive verification is passed.
5. The user authentication method according to claim 4, wherein the step of calculating the similarity value between the user number and the first character string by using a preset similarity calculation method includes:
according to a preset sequence relation of a next character to a previous character, mapping the user number and the sequence relation of the previous character and the next character in the first character string into high-dimensional vectors (A1, A2, A3 … and Am) and (B1, B2, B3 … and Bo), wherein A1 is B1 is 0, A2, A3 … and Am are sequence relations of a second character of the user number to the previous character, sequence relation … of a third character of the user number to the previous character and sequence relation of an m character of the user number to the previous character; b2, B3 … and Bo are the sequence relation of the second character of the first character string to the previous character, the sequence relation of the third character of the first character string to the previous character …, the sequence relation of the o-th character of the first character string to the previous character, the user number has m characters in total, the first character string has o characters in total, wherein o is larger than m;
splitting the high-dimensional vectors (B1, B2, B3 …, Bo) into a plurality of m-dimensional vectors (B1, B2, B3 …, Bm), (B2, B3, B4 …, B (m +1)) …, (B (o-m +1), B (o-m +2) …, Bo);
and respectively calculating the distances between the high-dimensional vectors (A1, A2, A3 … and Am) and the m-dimensional vectors by adopting a preset cosine distance algorithm so as to obtain a plurality of distance values, and recording the maximum numerical value in the distance values as the similarity value of the user number and the first character string.
6. The user authentication method according to claim 1, wherein if the adaptive authentication result is that the authentication is passed, the step of retrieving a pre-stored virtual stereo seal, obtaining a designated projection direction according to a preset projection direction calculation method, and projecting the virtual stereo seal from the designated projection direction to obtain a planar projection image comprises:
if the adaptability verification result is that the verification is passed, calling a pre-stored virtual three-dimensional seal;
acquiring current time, and acquiring a specified coordinate point corresponding to the current time according to a corresponding relation between preset time and a space coordinate point by taking the front center of the virtual three-dimensional seal as an origin;
and recording the direction of the designated coordinate point pointing to the origin as a designated projection direction, and projecting the virtual three-dimensional seal from the designated projection direction to obtain a plane projection image.
7. The user authentication method according to claim 6, wherein the step of obtaining the current time, taking a front center of the virtual three-dimensional stamp as an origin, and obtaining a specified coordinate point corresponding to the current time according to a preset correspondence between time and a spatial coordinate point comprises:
taking the center of the front face of the virtual three-dimensional seal as an origin, taking a connecting line between the origin and a preset point in the front face as an x-axis, taking a straight line which is perpendicular to the x-axis and passes through the origin in the front face as a y-axis, and taking a perpendicular line which passes through the origin in the front face as a z-axis, thereby establishing a three-dimensional rectangular coordinate system;
obtaining the current time, and according to a formula:
x is k1 × M + a 1; k2 × D + a 2; and z is k3 × T + a3, and a specified coordinate point (x, y, z) is obtained, wherein the current time is the T-th hour on day D in month M of the current year, wherein k1, k2, k3, a1, a2, and a3 are all preset parameters.
8. A user authentication apparatus applied to an authentication server, comprising:
the adaptive verification request receiving unit is used for receiving an adaptive verification request sent by a user side, wherein the adaptive verification request carries a request number and a signature pattern;
the history record acquisition unit is used for acquiring the history record of the user terminal accessing the verification server and judging whether the user terminal performs adaptive verification within preset time according to the history record;
an adaptive verification result obtaining unit, configured to perform adaptive verification on the user side according to a preset adaptive verification scheme if the user side has not performed adaptive verification within a predetermined time, so as to obtain an adaptive verification result, where the adaptive verification scheme at least includes verifying the request number;
an adaptive verification result judging unit, configured to judge whether the adaptive verification result is a verification pass;
the plane projection image acquisition unit is used for calling a pre-stored virtual stereo seal if the adaptive verification result is that the verification is passed, acquiring a specified projection direction according to a preset projection direction calculation method, and projecting the virtual stereo seal from the specified projection direction so as to obtain a plane projection image;
the plane projection image judging unit is used for judging whether the plane projection image is the same as the signature pattern or not;
and the user authentication passing judgment unit is used for judging that the user of the user side passes authentication if the plane projection image is the same as the signature pattern.
9. A computer device comprising a memory and a processor, the memory storing a computer program, wherein the processor implements the steps of the method of any one of claims 1 to 7 when executing the computer program.
10. A computer-readable storage medium, on which a computer program is stored, which, when being executed by a processor, carries out the steps of the method of any one of claims 1 to 7.
CN201910844500.6A 2019-09-06 2019-09-06 User authentication method, device, computer equipment and storage medium Active CN110717157B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910844500.6A CN110717157B (en) 2019-09-06 2019-09-06 User authentication method, device, computer equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910844500.6A CN110717157B (en) 2019-09-06 2019-09-06 User authentication method, device, computer equipment and storage medium

Publications (2)

Publication Number Publication Date
CN110717157A true CN110717157A (en) 2020-01-21
CN110717157B CN110717157B (en) 2023-10-24

Family

ID=69209726

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910844500.6A Active CN110717157B (en) 2019-09-06 2019-09-06 User authentication method, device, computer equipment and storage medium

Country Status (1)

Country Link
CN (1) CN110717157B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115168826A (en) * 2022-07-27 2022-10-11 中国电信股份有限公司 Projection verification method and device, electronic equipment and computer readable storage medium

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH0589227A (en) * 1991-09-26 1993-04-09 Nec Corp Seal collating system by stereoscopic image processing
KR20070080066A (en) * 2006-02-06 2007-08-09 에스케이 텔레콤주식회사 System for personal authentication and electronic signature using image recognition and method thereof
US20090006860A1 (en) * 2007-06-26 2009-01-01 John Gordon Ross Generating multiple seals for electronic data
CN101894260A (en) * 2010-06-04 2010-11-24 北京化工大学 Method for identifying forgery seal based on feature line randomly generated by matching feature points
CN102044059A (en) * 2010-12-09 2011-05-04 东南大学 Method for embedding and extracting digital watermarks of three-dimensional point model
CN104408338A (en) * 2014-10-31 2015-03-11 上海理工大学 Three-dimension mesh model copyright verification method
CN107944252A (en) * 2017-12-18 2018-04-20 乐清咔咔网络科技有限公司 A kind of method of information seal impression uniqueness characteristic extraction
CN109308676A (en) * 2018-08-16 2019-02-05 董珍花 A kind of 3D printing works multidimensional digital watermarking addition verifying system and method

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH0589227A (en) * 1991-09-26 1993-04-09 Nec Corp Seal collating system by stereoscopic image processing
KR20070080066A (en) * 2006-02-06 2007-08-09 에스케이 텔레콤주식회사 System for personal authentication and electronic signature using image recognition and method thereof
US20090006860A1 (en) * 2007-06-26 2009-01-01 John Gordon Ross Generating multiple seals for electronic data
CN101894260A (en) * 2010-06-04 2010-11-24 北京化工大学 Method for identifying forgery seal based on feature line randomly generated by matching feature points
CN102044059A (en) * 2010-12-09 2011-05-04 东南大学 Method for embedding and extracting digital watermarks of three-dimensional point model
CN104408338A (en) * 2014-10-31 2015-03-11 上海理工大学 Three-dimension mesh model copyright verification method
CN107944252A (en) * 2017-12-18 2018-04-20 乐清咔咔网络科技有限公司 A kind of method of information seal impression uniqueness characteristic extraction
CN109308676A (en) * 2018-08-16 2019-02-05 董珍花 A kind of 3D printing works multidimensional digital watermarking addition verifying system and method

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115168826A (en) * 2022-07-27 2022-10-11 中国电信股份有限公司 Projection verification method and device, electronic equipment and computer readable storage medium

Also Published As

Publication number Publication date
CN110717157B (en) 2023-10-24

Similar Documents

Publication Publication Date Title
CN109784922B (en) Electronic contract signing method, electronic contract signing device, computer equipment and storage medium
CN110598823B (en) Signature method and device based on virtual three-dimensional seal and computer equipment
EP3779792B1 (en) Two-dimensional code generation method, data processing method, apparatus, and server
EP3637674A1 (en) Computer system, secret information verification method, and computer
CN110084600B (en) Processing and verifying method, device, equipment and medium for resolution transaction request
CN110830257A (en) File signature method and device, electronic equipment and readable storage medium
CN111563273A (en) Information verification method and related equipment
CN110717157B (en) User authentication method, device, computer equipment and storage medium
CN111125748A (en) Judgment method and device for unauthorized query, computer equipment and storage medium
CN116541872B (en) Data information safety transmission method and system
CN117240473A (en) Electronic contract signing method, electronic contract signing device, electronic equipment and storage medium
CN110826034B (en) File signature method and device, electronic equipment and readable storage medium
CN116962021A (en) Method, device, equipment and medium for user real name authentication in financial cooperative institution
CN111431876A (en) Method and device for accessing database, computer equipment and storage medium
CN114021175B (en) User portrait configuration method and device, computer equipment and medium
CN110943839A (en) Signature verification method and device, electronic equipment and readable storage medium
CN115859319A (en) Signing and sealing method and device for electronic document and storage medium
CN112307445B (en) Identity management method and device based on block chain
CN112860702B (en) Test execution work order verification method, device, computer equipment and storage medium
CN114817903A (en) Vaccination verification system, method and contract platform based on intelligent contract
CN114416875A (en) Block chain-based task processing method, device, equipment and storage medium
CN114239004A (en) Electronic signature generation method and device, computer equipment and storage medium
CN111274568A (en) User side authority control method and device, computer equipment and storage medium
CN110599386A (en) Identity authentication method, identity authentication device, storage medium and computer equipment
CN117992932B (en) Digital resource right protection method and system for collaborative storage of upper chain and lower chain of block chain

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant