CN111200617A - Network real-name authentication method and system - Google Patents

Network real-name authentication method and system Download PDF

Info

Publication number
CN111200617A
CN111200617A CN202010132993.3A CN202010132993A CN111200617A CN 111200617 A CN111200617 A CN 111200617A CN 202010132993 A CN202010132993 A CN 202010132993A CN 111200617 A CN111200617 A CN 111200617A
Authority
CN
China
Prior art keywords
real
key
password
name authentication
authentication
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
CN202010132993.3A
Other languages
Chinese (zh)
Inventor
不公告发明人
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Password Technology Co ltd
Original Assignee
Beijing Password Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Password Technology Co ltd filed Critical Beijing Password Technology Co ltd
Priority to CN202010132993.3A priority Critical patent/CN111200617A/en
Publication of CN111200617A publication Critical patent/CN111200617A/en
Withdrawn legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • H04L63/0838Network architectures or network communication protocols for network security for authentication of entities using passwords using one-time-passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0861Network architectures or network communication protocols for network security for authentication of entities using biometrical features, e.g. fingerprint, retina-scan
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • H04L9/3228One-time or temporary data, i.e. information which is sent for every authentication or authorization, e.g. one-time-password, one-time-token or one-time-key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • H04L9/3231Biological data, e.g. fingerprint, voice or retina

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Biomedical Technology (AREA)
  • General Health & Medical Sciences (AREA)
  • Life Sciences & Earth Sciences (AREA)
  • Biodiversity & Conservation Biology (AREA)
  • Storage Device Security (AREA)

Abstract

The invention relates to the field of network and information security, in particular to a network real-name authentication method and a network real-name authentication system in the field of network and information security. The disclosed network real-name authentication system comprises: the authentication terminal is a real-name authentication server; the authentication terminal is used for authenticating the identity and compiling the password by the digital signature; the real-name authentication server is used for controlling the access of remote network resources and providing comprehensive real-name authentication and audit service; the authentication terminal is provided with a microprocessor for receiving the dynamic password sent by the real-name authentication server, the dynamic password comprises an operation rule key, a fingerprint key, a memory identity identification rule key and identity authentication fingerprint identity authentication, a command key signature module and a dynamic password operation digital signature compiling password, and the real-name authentication server is sent for decrypting and restoring the dynamic password, so that the real-name authentication of the identity authenticity of the operation rule key and the fingerprint key network active personnel is accurately confirmed, and the absolute security of the authorized access of the network resources is guaranteed.

Description

Network real-name authentication method and system
Technical Field
The invention relates to the field of network and information security, in particular to a network real-name authentication method and a network real-name authentication system in the field of network and information security.
Background
The network identity authentication at present adopts three ways of knowing and having things including unique physical characteristics to confirm the identity authenticity authentication basis of network activity personnel. The first way is known, such as a static password or a dynamic password, etc. The authentication system confirms the identity authenticity of each other of the network active personnel by logging in a static password or a dynamic password. Based on the authentication system, only the validity of the static password or the dynamic password can be confirmed, and the authenticity of the identities of the network active personnel of the static password or the dynamic password cannot be confirmed. If the static password or the dynamic password is attacked, an attacker can completely forge the unauthorized access of the identity network resource. The second way is something owned such as an IC smart card or USB KEY, etc. The authentication system confirms the identity authenticity of each other network activity personnel by logging in an IC smart card or a USB KEY. Based on the authentication system, only the integrity and the legality of the IC smart card or the USB KEY can be confirmed, and the authenticity of the identity of each other of the IC smart card or the USB KEY network activity personnel cannot be confirmed. If the IC smart card or the USB KEY is attacked, an attacker has the full possibility of forging the unauthorized access of the identity network resource. The third way is a unique physical characteristic such as a fingerprint or face. The authentication system confirms the identity authenticity of each other of the network activity personnel by logging in fingerprints or human faces. In a network environment, the physical characteristics are generally considered to be a real and credible identity authentication security environment, so that the identity authentication security of the user is ensured. Actually, many uncertain factors exist in practical application based on biological characteristics, and the physical characteristics of the people are completely exposed in real life environment, and the people are easily attacked and forged illegally. For example, a mobile phone with samsung in 10 months in 2019 is exposed to a great security vulnerability of fingerprint identification, mainly shows the fingerprint identification function of a user, and can be cracked through a clear water adhesive protective sleeve. China banking limited publishes an announcement to temporarily turn off the fingerprint service of a mobile banking service of a mobile phone model of the samsung part. High-definition 3D masks and photos are used by an artificial intelligence company Kneron in san Diego in 12 months in 2019, and in Asian stores with widely applied facial recognition technology, a Kneron team uses a special 3D mask to successfully deceive a face recognition payment system with payment treasures and WeChat, so that a shopping payment program is completed. At the Sckups airport, the largest airport in the Netherlands, the Kneron team also deceives the sensor of the self-service boarding terminal with a picture on the cell phone screen. The team also alleges that they entered the train station in china in the same manner. Due to the current network identity authentication mode, the authentication system can only confirm that the known and owned things comprise unique physical characteristic legality, and can not confirm that the known and owned things comprise the identity authenticity of each other of the unique physical characteristic network activity personnel. Network security problems such as unauthorized access of network resources by counterfeited identities of attackers are increasingly prominent, network economic development is greatly hindered, and the individual privacy, national security and social stability of citizens face serious threats. How to solve the problem of unauthorized access of network resources with forged identities, even if the identity information of network activity personnel is leaked and attacked, the identities of the network activity personnel are also safe, which is the key for ensuring real and reliable identity authentication.
Disclosure of Invention
In order to overcome the problems in the prior art, the invention provides a network real-name authentication method and a network real-name authentication system. The method and the system utilize the authentication terminal, based on the network active personnel operation rule key and the fingerprint key, the identity identification rule key and the identity identification fingerprint identity authentication of the memory are carried out through the microprocessor and the memory, and the dynamic password operation digital signature is compiled to send the password to the real-name authentication server to decrypt and recover the dynamic password, so that the mutual identity authenticity real-name authentication of the operation rule key and the fingerprint key network active personnel can be accurately confirmed, the real and reliable identity authentication is realized, and the absolute safety of the authorized access of the network resources is ensured.
The purpose of the invention is realized as follows: a network real-name authentication method and a system thereof are provided, the method uses the system comprising: authentication terminal, real name authentication server, wherein: the authentication terminal is used for authenticating the identity and compiling the password by the digital signature; the authentication terminal operation interface is provided with a rule key and a fingerprint key which comprise dynamic passwords, and a password is compiled based on the operation rule key and the fingerprint key identity authentication and the dynamic password digital signature; the authentication terminal is provided with a memory for storing an identity identification rule key and identity certificate fingerprint data; the authentication terminal is provided with a secret key signature module and a dynamic password operation digital signature compilation password; the authentication terminal is provided with a microprocessor for receiving a dynamic password sent by the real-name authentication server, and the dynamic password comprises an operation rule key, a fingerprint key, a memory identity identification rule key, an identity certificate fingerprint identity authentication, an instruction key signature module and a dynamic password operation digital signature compilation password are sent to the real-name authentication server; the real-name authentication server is used for controlling the access of remote network resources and providing comprehensive real-name authentication and audit service; the real-name authentication server is provided with a dynamic password survival module survival dynamic password and sends an authentication terminal operation interface; the real-name authentication server is provided with a real-name authentication module for decrypting the password and restoring the dynamic password to verify real-name authentication; the real-name authentication server is provided with an auditing module for recording operation rule keys, fingerprint keys and dynamic password digital signature compiling passwords in detail, and the dynamic password real-name authentication electronic evidence is restored by password decryption. The method and the system have the following operation steps:
the step of identity identification rule key operation, wherein the identity identification rule key is an identity certificate of the network activity personnel, and is like the shape of the network activity personnel; the identity identification rule key is an added sequence arrangement rule key, a subtracted sequence arrangement rule key and a multiplied sequence arrangement rule key which are formed by each bit of the dynamic passwords 1-6 and the operands 1-9; the dynamic passwords 1-6 form a staggered orderly arranged regular key, a carry orderly arranged regular key and a back orderly arranged regular key; and comprises an added sequence arrangement rule key, a subtracted sequence arrangement rule key and a multiplied sequence arrangement rule key which are formed by each bit of the dynamic passwords 1-6 and the operands 1-9; the dynamic password 1-6 bit forms the staggered order arrangement rule key, the carry order arrangement rule key and the back order arrangement rule key which are mutually combined;
the step of identity certification fingerprint operation, wherein the fingerprint is the physical characteristics of the network activity personnel, and is similar to the face of the network activity personnel; the fingerprint is a line on the skin on the front side of the tail end of the finger, fine concave-convex lines are arranged on the surface of the skin of the finger, the shape of the fingerprint is linear and is regularly and directionally arranged, and the fingerprint is a structural arrangement form of skin tissue cells; the fingerprint can be divided into bow-shaped lines, skip-shaped lines, bucket-shaped lines and defective lines according to the overall shape of lines, and the characteristic values for distinguishing different fingerprints comprise the line type, the central point, the starting point, the terminal point, the combination point and the divergence of various lines. Due to the above characteristic values of the fingerprints, each person fingerprint has uniqueness;
a step of human behavior operation; the behavior of the person is conscious behavior of network activity personnel, and is the behavior of using an identity identification rule key and an identity identification fingerprint operation rule key and a fingerprint key under the subjective consciousness that the network activity personnel completely dominate the person, and the behavior has no reproducibility, cannot be replaced and is completely unique;
performing network real-name authentication through an identity identification rule key, an identity certificate fingerprint and a person behavior;
the invention has the following beneficial effects: 1. the authentication terminal can accurately judge the authenticity of the identity of each other between the network activity personnel and the operation rule key based on the association of the operation rule key and the fingerprint key with the identity identification rule key and the identity identification fingerprint through the identity identification rule key and the identity identification fingerprint of the network activity personnel and the behavior of the personnel. The method overcomes the difficult problem of reliable and universal identity recognition, and effectively eliminates the possibility that an attacker pretends to be the unauthorized access of the identity network resources. 2. The authentication terminal can accurately verify the authenticity of the identity of the network active personnel through the network active personnel identity identification rule key, the identity certification fingerprint and the behavior of the personnel based on the identity authentication of the operation rule key, the fingerprint key, the memory identity identification rule key and the identity certification fingerprint. The method overcomes the difficult problem of safe and reliable identity authentication, effectively eliminates the possibility that an attacker forges the unauthorized access of the identity network resources, ensures that personal data, intellectual property rights and enterprise data are not controlled by other people, and ensures that national sensitive information and confidentiality are not disclosed by unauthorized. 3. The authentication terminal can accurately confirm the authenticity and non-repudiation of the identity of the network active personnel by the network active personnel identity identification rule key, the identity certification fingerprint and the behavior of the personnel based on the operation rule key, the fingerprint key, the memory identity identification rule key, the identity certification fingerprint identity authentication and the dynamic password operation digital signature. The method overcomes the difficulty of real-name authentication digital signature, and eliminates the possibility of denial of authorized access of illegal molecular network resources. 4. The authentication terminal can accurately confirm the identity authenticity undeniability and traceability of network activity personnel who compile the password through the identity identification rule key, the identity certification fingerprint and the behavior of the personnel based on the operation rule key, the fingerprint key, the memory identity identification rule key, the identity certification fingerprint identity authentication and the dynamic password digital signature compilation password. The method overcomes the difficult problem of coding the password by real-name authentication and eliminates all attack methods adopted by attackers. 5. The authentication terminal sends a real-name authentication server to decrypt and restore a dynamic password based on the operation rule key, the fingerprint key, the memory identity identification rule key, the identity identification fingerprint and the dynamic password digital signature compilation password through the identity identification rule key, the identity identification fingerprint and the human behavior of the network active personnel, and can accurately confirm the identity authenticity real-name authentication of the operation rule key and the fingerprint key network active personnel. The method overcomes the difficult problem of network real-name authentication, realizes real and reliable identity authentication, and ensures the absolute safety of authorized access of network resources. 6. The network real-name authentication not only ensures the identificatino rule key and the identification fingerprint, and the certifiability, the non-repudiation and the traceability of the behavior of a person, but also comprises the integrity of an authentication terminal and a password, the personal privacy protection and the real-name authentication. 7. The network-based real-name authentication method and system of the invention are based on artificial subjects and passwords and take laws as guarantee, thus endowing citizens with a real and credible identity in network space and ensuring that individuals, organizations, data and equipment mutually trust. The online crime, fraud, identity stealing and online information abuse are reduced or eliminated, and the network information security level protection is effectively improved. 8. The method is applied to real-name authentication of information/transaction website user names/account numbers, smart cards, two-dimensional codes, smart terminal IDs and network equipment PINs, and network active personnel form a trusted network space, so that the identity management authority of a national network space main body is maintained, the key basic implementation and the network resource safety are guaranteed, and the network economic development is promoted.
Drawings
The invention is further illustrated by the following figures and examples.
FIG. 1 is a schematic diagram of a system according to an embodiment of the invention;
FIG. 2 is a schematic diagram of the operation of the method and system of the second embodiment of the present invention;
fig. 3 is a schematic diagram of the operation of the method and system according to the second embodiment of the present invention.
Detailed Description
The first embodiment is as follows:
the embodiment describes a network real-name authentication method and system, and the system used by the method comprises: an authentication terminal and a real name authentication server are shown in fig. 1. The authentication terminal is used for authenticating the identity and compiling the password by the digital signature; the authentication terminal operation interface is provided with an additional rule key, a subtractive rule key, a multiplying rule key, a staggered rule key, a carry rule key, a back-off rule key, a number rule key 1, a number rule key 2, a number rule key 3, a number rule key 4, a number rule key 5, a number rule key 6, a number rule key 7, a number rule key 8, a number rule key 9 and a fingerprint key, and comprises a dynamic password 6 digit; compiling a password based on the operation rule key, the fingerprint key identity authentication and the dynamic password digital signature; the authentication terminal is provided with a memory for storing an identity identification rule key and identity certificate fingerprint data; the authentication terminal is provided with a secret key signature module and a dynamic password digital signature compiling password; the authentication terminal is provided with a microprocessor for receiving a dynamic password sent by the real-name authentication server, including an operation rule key, a fingerprint key, a memory identity identification rule key and identity certification fingerprint identity authentication, instructing a key signature module and a dynamic password digital signature to compile a password, and sending the real-name authentication server; the real-name authentication server is used for controlling remote network resource access and providing comprehensive real-name authentication and audit service; the real-name authentication server is provided with a dynamic password survival module survival dynamic password and sends an authentication terminal operation interface; the real-name authentication server is provided with a real-name authentication module for verifying real-name authentication based on a password decryption and restoration dynamic password; the real-name authentication server is provided with a rule key and a fingerprint key for recording operation in detail by the auditing module and a dynamic password digital signature compilation password, and the dynamic password real-name authentication electronic evidence is restored by password decryption. In this embodiment, the authentication terminal is in remote wireless connection with the real-name authentication server. The process of a network real-name authentication method and system is shown in fig. 2, and the operation steps are as follows:
the step of identity identification rule key operation, wherein the identity identification rule key is an identity certificate of the network activity personnel, and is like the shape of the network activity personnel; the identity identification rule key is an added sequence arrangement rule key, a subtracted sequence arrangement rule key and a multiplied sequence arrangement rule key which are formed by each bit of the dynamic passwords 1-6 and the operands 1-9; the dynamic passwords 1-6 form a staggered orderly arranged regular key, a carry orderly arranged regular key and a back orderly arranged regular key; and comprises an added sequence arrangement rule key, a subtracted sequence arrangement rule key and a multiplied sequence arrangement rule key which are formed by each bit of the dynamic passwords 1-6 and the operands 1-9; the dynamic password 1-6 bit forms the staggered order arrangement rule key, the carry order arrangement rule key and the back order arrangement rule key which are mutually combined;
and the identity identification rule key is an identity certificate of the network activity personnel, and is like the network activity personnel shape. The identity identification rule key is an identity identification rule key digitally signed by a rule key of a network activity person operating and authenticating a terminal, and the identity identification rule key is an added sequence arrangement rule key, a subtracted sequence arrangement rule key and a multiplied sequence arrangement rule key which are formed by each bit of a dynamic password 1-6 and an operand 1-9; for example, the rule key 3 plus 5 is added to describe the sequence, where 3 is the 3 rd digit of the dynamic password, plus is the addition, 5 is the operand, and the number rule key of the real name authentication operation 3 and the added rule key comprise the number rule key of 5. For example, the order of subtraction is used to describe the rule key 2 minus 8, where 2 is the 2 nd digit of the dynamic password, minus is subtraction, 8 is the operand, and the number rule key and the minus rule key of the real-name authentication operation 2 comprise the number rule key of 8. For example, the order of multiplication is 4 times 7 to explain, 4 is the 4 th digit of the dynamic password, the multiplication is multiplication, 7 is an operand, and the number rule key of the real name authentication operation 4 and the rule key of the multiplication comprise the number rule key of 7. The dynamic passwords 1-6 form a staggered orderly arranged regular key, a carry orderly arranged regular key and a back orderly arranged regular key; for example, the rule key 4 is arranged in a staggered order, the staggered position is 6, 4 is the 4 th digit of the dynamic password, the staggered position is the mutual exchange position, and the number rule key of the real name authentication operation 4 and the staggered rule key comprise the number rule key of 6. For example, the rule key 5 carries 2 in order of carrying, 5 is the 5 th digit of the dynamic password, the carrying is moving forward, and the number rule key of the real-name authentication operation 5 and the rule key of the carrying comprise the number rule key of 2. For example, the rule key 2 is arranged in a backspace sequence, and 3 backspaces are shown, wherein 2 is the 2 nd digit of the dynamic password, the backspace is moved backwards, and the number rule key of the real name authentication operation 2 and the backspaced rule key comprise the number rule key of 3. The sum comprises an added sequence arrangement rule key, a subtracted sequence arrangement rule key and a multiplied sequence arrangement rule key which are formed by each bit of the dynamic passwords 1-6 and the operands 1-9; the dynamic password 1-6 bit forms the rule key of the order arrangement of the dislocation, the order arrangement rule key of the carry, the order arrangement rule key of the back bit makes up the rule key of the mutual combination; for example, the rule key is described by combining the added sequential arrangement rule key 1 plus 5 and the multiplied sequential arrangement rule key 4 plus 2, wherein 1 is the 1 st digit of the dynamic password, the addition is the addition, and 5 is the operand; 4 is the 4 th digit of the dynamic password, multiplication is multiplication, 2 is an operand, the digit rule key of real name authentication operation 1, the addition rule key, the digit rule key of 5, the digit rule key of 4, the multiplication rule key and the digit rule key of 2. The rule keys are arranged in the order of the backspace of the added multiplication-subtracted staggered carry for mutual group combination, and 2 to 6 rule keys can be combined freely according to the above description. The rule key network activity personnel can set 1-2 operations, the rule key is private secret, and other people cannot know the rule key. The regular key code is encrypted and stored, and is not transmitted in open occasion operation and system, thereby effectively ensuring the security of personal privacy. The operation can be performed corresponding to a plurality of scenes by using one rule key, and the trouble of memorizing a plurality of passwords can be fundamentally eliminated.
The step of identity certification fingerprint operation, wherein the fingerprint is the physical characteristics of the network activity personnel, and is similar to the face of the network activity personnel; the fingerprint is a line on the skin on the front side of the tail end of the finger, fine concave-convex lines are arranged on the surface of the skin of the finger, the shape of the fingerprint is linear and is regularly and directionally arranged, and the fingerprint is a structural arrangement form of skin tissue cells; the fingerprint can be divided into bow-shaped lines, skip-shaped lines, bucket-shaped lines and defective lines according to the overall shape of lines, and the characteristic values for distinguishing different fingerprints comprise the line type, the central point, the starting point, the terminal point, the combination point and the divergence of various lines. Due to the above characteristic values of the fingerprints, each person fingerprint has uniqueness;
and the identification fingerprint is physical characteristics of the network activity personnel, and is like the face of the network activity personnel. The identification fingerprint is the identification fingerprint which is identified by the network activity personnel operating the authentication terminal rule key and the fingerprint key identity by using the identification fingerprint and the identification rule key. The fingerprint is lines on the skin on the front side of the tail end of the finger, fine concave-convex lines are arranged on the surface of the skin of the finger, the shape of the fingerprint is linear and is regularly and directionally arranged, and the fingerprint is a structural arrangement form of skin tissue cells. The fingerprint can be divided into bow-shaped lines, skip-shaped lines, bucket-shaped lines and defective lines according to the overall shape of lines, and the characteristic values for distinguishing different fingerprints comprise the line type, the central point, the starting point, the terminal point, the combination point and the divergence of various lines. Based on the above feature values of the fingerprints, each person fingerprint is made unique. The first is that the characteristics of fingerprints do not identify two people with identical fingerprints, and even if twin brothers and sisters look exactly like, the fingerprints of the two people are different. Not only does this, but also there are obvious differences between the ten fingers of a person. The characteristic of the fingerprint provides objective basis for identity recognition. Secondly, the fingerprints are basically unchanged throughout the life, and the fingerprints have strong relative stability. Since the six months of the fetus, the fingerprint is completely formed until the human body dies and decays, although the fingerprint has the outer shape and the thickness of lines can be changed along with the increase of the age, and new fine line characteristics can also appear between local lines, the overall layout and the like of the same fingerprint line type and detail characteristics are not obviously changed all the time. Even if the skin of the finger is injured, as long as the dermis is not injured, the line can be restored to the original shape after the injury is healed; if the dermis is injured, scars will form after the injury is healed. Scars destroy the lines, but the scars themselves add a new stabilizing feature to the fingerprint. The characteristics of the fingerprint have the beginning of evidence, and the person can identify the reputation of a reliable tool as a reliable means for identity identification.
A step of human behavior operation; the behavior of the person is conscious behavior of network activity personnel, and is the behavior of using an identity identification rule key and an identity identification fingerprint operation rule key and a fingerprint key under the subjective consciousness that the network activity personnel completely dominate the person, and the behavior has no reproducibility, cannot be replaced and is completely unique;
human behavior having purposefulness, motility, predictability, progressiveness, diversity, and versatility. Purposeful refers to the conscious, planned, targeted, organized, and conscious mental activities of a person. The motility means that the behavioral motivation of the human is that the objective world acts on the sense organ of the human, and the motility is reflected by the brain thinking, and the behavior of the human is not negatively adapted to the external world, but is a process of actively reforming the world. The predictability means that the behavior patterns, behavior results and the like of the human are foreseeable because the behaviors of the human have a common law. The diversity of behaviors means that the behaviors of people are different in nature, time and difficulty, and the like. The scalability means that the behavior of a person can be planned, controlled, organized and measured by various means. The network activity person operates this behavior of the rule keys and fingerprint keys using the id rule key and the identification fingerprint. This behavior is not duplicative, nor can it be replaced, and is completely unique.
And performing network real-name authentication through the identity identification rule key, the identity certificate fingerprint and the behavior of the person. The real name authentication server dynamic password survival module survives a transmission authentication operation interface of a dynamic 1 digit 1 password or 2 or 3 or 4 or 5 or 6 or 7 or 8 or 9 or 0 password, a 2 digit 1 password or 2 or 3 or 4 or 5 or 6 or 7 or 8 or 9 or 0 password, a 3 digit 1 password or 2 or 3 or 4 or 5 or 6 or 7 or 8 or 9 or 0 password, a 4 digit 1 password or 2 or 3 or 4 or 5 or 6 or 7 or 8 or 9 or 0 password, a 5 digit 1 password or 2 or 3 or 4 or 5 or 6 or 7 or 8 or 9 or 0 password, a 6 digit 1 password or 2 or 3 or 4 or 5 or 6 or 7 or 8 or 9 or 0 password, and a 6 digit 1 password or 2 or 3 or 4 or 5 or 6 or 7 or 8 or 9 or 0 password.
The network activity personnel identify an algorithm of mutual combination of the digits of 1 or 2 or 3 or 4 or 5 or 6 and the carry-back of the added or subtracted or multiplied or misplaced or carried or carry-back or added and subtracted multiplied misplaced carry and an operand rule key of 1 or 2 or 3 or 4 or 5 or 6 or 7 or 8 or 9 through the identities; and identification of the left thumb or index finger or middle finger or ring finger or little finger or thumb or index finger or middle finger or ring finger or little finger fingerprint and human behavior; the mutually combined arithmetic rule keys of operating the authentication terminal 1 or 2 or 3 or 4 or 5 or 6 digit number rule keys and the backspace of the plus or minus or multiplying or dislocating or carry or backspace of the plus or minus multiplying dislocating carry include 1 or 2 or 3 or 4 or 5 or 6 or 7 or 8 or 9 arithmetic number rule keys and real name authentication using a fingerprint key operated by a left thumb or a left index finger or a left middle finger or a left ring finger or a left little finger or a right thumb or a right index finger or a right ring finger or a right little finger.
The authentication terminal operates the arithmetic rule keys of the mutual combination of 1 or 2 or 3 or 4 or 5 or 6 digit number rule keys and plus or minus or multiply or misplaced or carry or back-out or plus and minus multiplied and misplaced carry back-out of the arithmetic rule keys comprises 1 or 2 or 3 or 4 or 5 or 6 or 7 or 8 or 9 arithmetic number rule keys and fingerprint keys operated by using a left thumb or a left index finger or a left middle finger or a left ring finger or a left little finger or a right thumb or a right index finger or a right ring finger or a right little finger; the identity authentication of the left thumb or left index finger or left middle finger or left little finger or right thumb or right index finger or right middle finger or right little finger fingerprint is proved to be correct through an algorithm of mutually combining the digit number of 1 or 2 or 3 or 4 or 5 or 6 and the bit back of the plus or minus multiplied or staggered or carry or bit back or plus or minus multiplied staggered carry of the microprocessor and the memory identity identification 1 or 2 or 3 or 4 or 5 or 6 or 7 or 8 or 9 operand rule key and identity authentication; an algorithm instructing the key signature module 1 to perform a mutual combination of a 2 or 3 or 4 or 5 or 6 bit number and a carry-back of an added or subtracted or multiplied or misplaced or carry-back or added or subtracted misplaced carry-back and an operand of 1 or 2 or 3 or 4 or 5 or 6 or 7 or 8 or 9 and a number of 1 or 2 or 3 or 4 or 5 or 6 or 7 or 8 or 9 or 0 of a dynamic password 1 or 2 or 3 or 4 or 5 or 6 bit number, arithmetic digital signatures of combinations of added or subtracted or multiplied or misplaced or carry-back or add-minus carry-back with 1 or 2 or 3 or 4 or 5 or 6 or 7 or 8 or 9 operands or 1 or 2 or 3 or 4 or 5 or 6 bits; a 1-digit 1 or 2 or 3 or 4 or 5 or 6 or 7 or 8 or 9 or 0 cipher is programmed, a 2-digit 1 or 2 or 3 or 4 or 5 or 6 or 7 or 8 or 9 or 0 cipher is programmed, a 3-digit 1 or 2 or 3 or 4 or 5 or 6 or 7 or 8 or 9 or 0 cipher is programmed, a 4-digit 1 or 2 or 3 or 4 or 5 or 6 or 7 or 8 or 9 or 0 cipher is programmed, a 5-digit 1 or 2 or 3 or 4 or 5 or 6 or 7 or 8 or 9 or 0 cipher is programmed, a 6-digit 1 or 2 or 5 or 3 or 7 or 8 or 9 or 0 cipher is programmed, a 6-digit 1 or 2 or 3 or 4 or 5 or 6 or 7 or 8 or 9 or 0 cipher is programmed. And sends the real name authentication server.
The real name authentication server multiplies the number 1 or 2 or 3 or 4 or 5 or 6 or 7 or 8 or 9 or 0 password of 1, the number 1 or 2 or 3 or 4 or 5 or 6 or 7 or 8 or 9 or 0 password of 2, the number 1 or 2 or 3 or 4 or 5 or 6 or 7 or 8 or 9 or 0 password of 3, the number 1 or 2 or 3 or 4 or 5 or 6 or 7 or 8 or 9 or 0 password of 4, the number 1 or 2 or 3 or 4 or 5 or 6 or 7 or 8 or 9 or 0 password of 5, the number 1 or 4 or 5 or 6 or 7 or 9 or 0 password of 5, the number 1 or 2 or 3 or 4 or 5 or 6 or 7 or 8 or 9 or 0 password of 6, the number 1 or 2 or 3 or 4 or 5 or 6 or 7 or 8 or 9 or 0 password of 6, the number 1 or 2 or 3 or 4 or 5 or 6 or 7 or 8 or 9 or 0 password of 6, the number 1 or 4 or 5 or 6 or 7 or 9 or 0 password of, Or the carry-back of the subtracted multiplied, misplaced carry, and the decryption of the 1 or 2 or 3 or 4 or 5 or 6 or 7 or 8 or 9 operands to recover the dynamic 1 digit 1 or 2 or 3 or 4 or 5 or 6 or 7 or 8 or 9 or 0 password, the 2 digit 1 or 2 or 3 or 4 or 5 or 6 or 7 or 8 or 9 or 0 password, the 3 digit 1 or 2 or 3 or 4 or 5 or 6 or 7 or 8 or 9 or 0 password, the 3 digit 1 or 3 or 4 or 5 or 6 or 7 or 8 or 9 or 0 password, the 4 digit 1 or 2 or 3 or 4 or 5 or 6 or 7 or 8 or 9 or 0 password, the 4 digit 1 or 2 or 3 or 4 or 5 or 6 or 7 or 8 or 9 or 0 password, the 5 digit 1 or 3 or 4 or 5 or 6 or 7 or 8 or 9 or 0 password, the 4 or 6 or 7 or 9 or 0 password, the 4 or 6 or 7 or 0 password, the method comprises the steps that the arithmetic rule keys of the mutual combination of the operation 1 or 2 or 3 or 4 or 5 or 6 digit number rule keys and the added or subtracted or multiplied or staggered or carry back or added and subtracted staggered carry back of the operation 1 or 2 or 3 or 4 or 5 or 6 or 7 or 8 or 9 arithmetic number rule keys and the identity authenticity real-name authentication of each other of fingerprint key network operators operated by using left thumb or left index finger or left middle finger or left ring finger or left little finger or right thumb or right index finger or right ring finger fingerprints, and an auditing module records the operation rule keys and the fingerprint keys in detail and the dynamic password arithmetic digital signature coding password, and comprises the steps of decrypting and recovering the electronic evidence of the dynamic password real-name authentication.
Example two:
the embodiment is an improvement of the step of performing network real-name authentication through an id rule key, an id fingerprint and human behavior in the method and system for network real-name authentication in the first embodiment, as shown in fig. 3.
The sub-steps in the step of performing network real-name authentication through the identity rule key, the identity certificate fingerprint and the behavior of the person comprise:
a substep of sending a survival dynamic password of the dynamic password survival module of the real-name authentication server to an operation interface of the authentication terminal;
the network activity personnel operates the sub-step of real-name authentication of the rule key and the fingerprint key of the authentication terminal through the identity identification rule key, the identity certificate fingerprint and the behavior of the person;
the authentication terminal operates the rule key and the fingerprint key based on the network active personnel, the fingerprint identity authentication is correct through the identity identification rule key and the identity certification of the microprocessor and the memory, the password is compiled by instructing the key signature module and the dynamic password operation digital signature, and the real-name authentication server is sent;
the real-name authentication server decrypts the password through the real-name authentication module to recover the dynamic password, accurately confirms the identity authenticity real-name authentication of the operation rule key and the fingerprint key network active personnel, and the auditing module records the operation rule key, the fingerprint key and the dynamic password digital signature compilation password in detail.
The embodiments of the present invention have been described in detail, but the present invention is not limited to the above-described embodiments, which are only examples. Any equivalent modifications and substitutions to the method and system would be obvious to those skilled in the art and are intended to be within the scope of the present invention. Accordingly, variations and modifications may be made without departing from the spirit and scope of the invention, which should be determined from the following claims.

Claims (2)

1. A network real-name authentication system comprising: authentication terminal, real name authentication server, its characterized in that, wherein: the authentication terminal is used for authenticating the identity and compiling the password by the digital signature; the authentication terminal operation interface is provided with a rule key and a fingerprint key which comprise a dynamic password with 6 digits, and a password is compiled based on the operation rule key and the fingerprint key identity authentication and a dynamic password digital signature; the authentication terminal is provided with a memory for storing an identity identification rule key and identity certificate fingerprint data; the authentication terminal is provided with a secret key signature module and a dynamic password operation digital signature compilation password; the authentication terminal is provided with a microprocessor for receiving a dynamic password sent by the real-name authentication server, and the dynamic password comprises an operation rule key, a fingerprint key, a memory identity identification rule key, an identity certificate fingerprint identity authentication, an instruction key signature module and a dynamic password operation digital signature compilation password are sent to the real-name authentication server; the real-name authentication server is used for controlling the access of remote network resources and providing comprehensive real-name authentication and audit service; the real-name authentication server is provided with a dynamic password survival module survival dynamic password and sends an authentication terminal operation interface; the real-name authentication server is provided with a real-name authentication module for decrypting the password and restoring the dynamic password to verify real-name authentication; the real-name authentication server is provided with an auditing module for recording operation rule keys, fingerprint keys and dynamic password digital signature compiling passwords in detail, and the dynamic password real-name authentication electronic evidence is restored by password decryption.
2. The network real name authentication system as claimed in claim 1, comprising: authentication terminal, real name authentication server, its characterized in that: the authentication terminal is in remote wireless connection with the real-name authentication server.
CN202010132993.3A 2020-02-29 2020-02-29 Network real-name authentication method and system Withdrawn CN111200617A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010132993.3A CN111200617A (en) 2020-02-29 2020-02-29 Network real-name authentication method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010132993.3A CN111200617A (en) 2020-02-29 2020-02-29 Network real-name authentication method and system

Publications (1)

Publication Number Publication Date
CN111200617A true CN111200617A (en) 2020-05-26

Family

ID=70746815

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010132993.3A Withdrawn CN111200617A (en) 2020-02-29 2020-02-29 Network real-name authentication method and system

Country Status (1)

Country Link
CN (1) CN111200617A (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114973772A (en) * 2022-04-27 2022-08-30 浙江海洋大学 Ship collision early warning system and method based on unmanned aerial vehicle
CN115643117A (en) * 2022-12-23 2023-01-24 北京六方云信息技术有限公司 Digital entity identity identification method, device, terminal equipment and storage medium

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105610873A (en) * 2016-03-22 2016-05-25 广东欧珀移动通信有限公司 Identity authentication method and device
CN106712931A (en) * 2015-08-20 2017-05-24 上海国盾量子信息技术有限公司 Mobile phone token identity authentication system and method based on quantum cipher network
CN106911722A (en) * 2017-04-25 2017-06-30 北京帕斯沃得科技有限公司 A kind of intelligent cipher signature identity differentiates mutual authentication method and system
CN110650021A (en) * 2019-10-15 2020-01-03 北京帕斯沃得科技有限公司 Authentication terminal network real-name authentication method and system

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106712931A (en) * 2015-08-20 2017-05-24 上海国盾量子信息技术有限公司 Mobile phone token identity authentication system and method based on quantum cipher network
CN105610873A (en) * 2016-03-22 2016-05-25 广东欧珀移动通信有限公司 Identity authentication method and device
CN106911722A (en) * 2017-04-25 2017-06-30 北京帕斯沃得科技有限公司 A kind of intelligent cipher signature identity differentiates mutual authentication method and system
CN110650021A (en) * 2019-10-15 2020-01-03 北京帕斯沃得科技有限公司 Authentication terminal network real-name authentication method and system

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114973772A (en) * 2022-04-27 2022-08-30 浙江海洋大学 Ship collision early warning system and method based on unmanned aerial vehicle
CN114973772B (en) * 2022-04-27 2023-09-22 浙江海洋大学 Ship collision early warning system and method based on unmanned aerial vehicle
CN115643117A (en) * 2022-12-23 2023-01-24 北京六方云信息技术有限公司 Digital entity identity identification method, device, terminal equipment and storage medium
CN115643117B (en) * 2022-12-23 2023-03-21 北京六方云信息技术有限公司 Digital entity identity identification method, device, terminal equipment and storage medium

Similar Documents

Publication Publication Date Title
Campisi Security and privacy in biometrics: towards a holistic approach
CN104322003B (en) Cryptographic authentication and identification method using real-time encryption
CN107925581A (en) 1:N organism authentications, encryption, signature system
US20050144484A1 (en) Authenticating method
CN101945114B (en) Identity authentication method based on fuzzy vault and digital certificate
KR20060127080A (en) User authentication method based on the utilization of biometric identification techniques and related architecture
CN107171796A (en) A kind of many KMC key recovery methods
CN107690791A (en) Method for making the certification safety in electronic communication
WO2012097362A2 (en) Protecting codes, keys and user credentials with identity and patterns
CN106911722B (en) Intelligent password signature identity authentication bidirectional authentication method and system
KR20190038938A (en) SYSTEM, METHOD, AND SERVER COMPUTER SYSTEM FOR IMPLEMENTING CONVERTING ONE entity in a heterogeneous communication network environment to a verifiably authenticated entity
Qureshi et al. SeVEP: Secure and verifiable electronic polling system
Huang et al. Efficient access control system based on aesthetic QR code
CN104123777B (en) A kind of gate inhibition's remote-authorization method
CN109981290A (en) The communication system and method close based on no certificate label under a kind of intelligent medical environment
CN110650021A (en) Authentication terminal network real-name authentication method and system
CN111200617A (en) Network real-name authentication method and system
CN104881595B (en) The self-help remote unlocking method managed based on PIN code
CN106100854A (en) The reverse authentication method of terminal unit based on authority's main body and system
US9268934B2 (en) Cryptographic passcode reset
CN117371048A (en) Remote access data processing method, device, equipment and storage medium
Ameen Secure Electronic Voting Application Based on Face Recognition and Ciphering
CN109961542A (en) A kind of entrance guard device, verifying device, verifying system and its verification method
CN105072136B (en) A kind of equipment room safety certifying method and system based on virtual drive
Kate et al. Security of remote voting system based on Visual Cryptography and SHA

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
WW01 Invention patent application withdrawn after publication
WW01 Invention patent application withdrawn after publication

Application publication date: 20200526