CN111310142A - Service password authorization method based on face recognition, intranet network and system - Google Patents
Service password authorization method based on face recognition, intranet network and system Download PDFInfo
- Publication number
- CN111310142A CN111310142A CN202010092368.0A CN202010092368A CN111310142A CN 111310142 A CN111310142 A CN 111310142A CN 202010092368 A CN202010092368 A CN 202010092368A CN 111310142 A CN111310142 A CN 111310142A
- Authority
- CN
- China
- Prior art keywords
- authorization
- face
- requester
- password
- transfer machine
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/32—User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/604—Tools and structures for managing or administering access control systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2137—Time limited access, e.g. to a computer or data
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2141—Access rights, e.g. capability lists, access control lists, access tables, access matrices
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06V—IMAGE OR VIDEO RECOGNITION OR UNDERSTANDING
- G06V40/00—Recognition of biometric, human-related or animal-related patterns in image or video data
- G06V40/10—Human or animal bodies, e.g. vehicle occupants or pedestrians; Body parts, e.g. hands
- G06V40/16—Human faces, e.g. facial parts, sketches or expressions
- G06V40/172—Classification, e.g. identification
Abstract
The present disclosure relates to a service password authorization method based on face recognition, an intranet network and a system, wherein the method comprises the following steps: deploying a transfer machine in an intranet where the terminal equipment is located; the authorization system sends an authorization request containing the face photo of the requester and the face characteristic value to an authorization server through a transfer machine; acquiring a login password provided by a requester, and sending the login password to an authorization server through a transfer machine; obtaining an authentication result obtained by comparing the login password received by the transfer machine with the login password generated by the identity verification through the transfer machine acquisition authorization server; and if the verification result is consistent, providing corresponding authorization for the requester. The public authorization request needs to be transmitted to a remote authorization server through transfer, the server performs face recognition and password dual verification on the authorization request, data security is improved, and because the face image of a requester needs to be collected during verification every time, password leakage can be avoided, and authorization privacy is improved.
Description
Technical Field
The present disclosure relates to the field of medical imaging equipment technologies, and in particular, to a method, an intranet network, and a system for service password authorization based on face recognition.
Background
Positron Emission Tomography (PET) is a method of labeling a compound capable of participating in blood flow or metabolic processes of human tissues with a nuclide capable of emitting positrons to obtain images of a cross section, a coronal section and a sagittal section of a human body. Computed Tomography (CT) uses X-ray beams together with a highly sensitive detector to scan the cross section of a human body, and obtains images of the cross section, coronal section and sagittal section of the human body. And the PET-CT is used for fusing medical images generated by PET and CT by combining two technologies, and is used for clinical physiological and pathological diagnosis.
The PET-CT software system is installed on a desktop computer provided with a windows system, the functions of the software mainly comprise patient registration, patient scanning, data preview, image browsing, system tools and the like, and patient data, scanning data, image data and the like which are input through the software are directly stored on a hard disk of the computer. At this time, the following problems occur: 1. anyone using the windows system can enter the software system and perform operations such as viewing of scanned data, system data and the like. 2. Because the doctor needs to have the flexibility of convenient, quick, easy-to-use, most data of the local hard disk of the computer can not carry out encryption operation, otherwise can influence the performance of the software greatly, reduce doctor's availability factor.
Based on the use scene, a common manufacturer can specially customize a computer provided with a software system and preset a fixed login account and a fixed password when a PET-CT complete machine leaves a factory, so that the system directly enters the PET-CT software system after being started, and a common user cannot access all resources of a windows system such as a local hard disk, a resource manager and the like, thereby ensuring the privacy security of data. When the system needs to be upgraded, maintained and troubleshooting in a large version, engineers and other internal personnel of a manufacturer can use a preset fixed account and a preset password to access local resources to carry out the next work. After the method is implemented for a long time, the fixed account and the password are generally uniformly preset, the password can be known by a large number of people, the access form is too simple, and when a manufacturer has an opportunity of learning the account and the password, such as engineers and the like, the data security is greatly reduced if the account and the password are not changed; if the preset fixed account number and the preset password are replaced, more energy is consumed, and the expected effect cannot be achieved.
Based on the above, the mode of factory preset fixed account numbers and passwords in the prior art has a problem of great potential safety hazard to system data.
The above drawbacks are expected to be overcome by those skilled in the art.
Disclosure of Invention
Technical problem to be solved
In order to solve the above problems in the prior art, the present disclosure provides a method, an intranet network, and a system for service password authorization based on face recognition, so as to overcome at least to some extent the problem of a large potential safety hazard in computer system data in the prior art.
(II) technical scheme
In order to achieve the above purpose, the present disclosure adopts a main technical solution including:
an embodiment of the present disclosure provides a method for service password authorization based on face recognition, which is used for a terminal device having an authorization system and a medical imaging device software system, and includes:
deploying a transfer machine in an intranet where the terminal equipment is located;
the authorization system sends an authorization request containing a face photo of a requester and a face characteristic value to an authorization server through the transfer machine;
obtaining a login password provided by a requester through the authorization system, and sending the login password to the authorization server through the transfer machine, wherein the login password is generated by the authorization server by responding to the authorization request;
obtaining a verification result obtained by comparing the login password received by the transfer machine with the login password generated by the identity verification through the authorization server through the transfer machine;
and if the verification result is consistent, providing corresponding authorization for the requester.
In an embodiment of the present disclosure, before the authorization system sends an authorization request including a facial photograph and a facial feature value of a requester to an authorization server through the transfer machine, the authorization system further includes:
configuring an authorization account for the authorization system;
acquiring an authorization account number input by the requester in the authorization system, and triggering a camera on the terminal equipment to acquire a face photo of the requester;
calculating and extracting the face features according to the face picture to obtain the face feature value;
and obtaining the authorization request according to the face photo and the face feature value.
In an embodiment of the present disclosure, after the authorization system sends an authorization request including a facial photograph and a facial feature value of a requester to an authorization server through the transfer machine, the authorization system further includes:
the authorization server receives the face characteristic value in the authorization request and independently compares the face characteristic value with a plurality of prestored characteristic values stored in a database to respectively obtain a plurality of similar values, wherein a plurality of preset data groups are stored in the database, and each data group at least comprises a prestored face photo of an authorized person and a corresponding prestored characteristic value;
selecting a pre-stored face photo in a data group with the largest value in the plurality of similar values;
identity verification is carried out by comparing the pre-stored face picture with the face in the face picture in the authorization request, and if the pre-stored face picture and the face in the authorization request are the same person, a login password is generated; if not, a verification failure display message is generated.
In an embodiment of the present disclosure, after generating the verification failure message, the method further includes:
the authorization server sends the authentication failure message to the authorization system through the transfer machine;
and the authorization system prompts according to the verification failure message.
In an embodiment of the present disclosure, before obtaining, by the authorization system, the login password provided by the requester, the method further includes:
and the authorization server sends the login password generated by the identity verification to the requester according to a preset mode, wherein the preset mode is to send the login password to the portable terminal of the requester in a short message mode.
In an embodiment of the present disclosure, providing the corresponding authorization to the requester further includes:
setting a corresponding validity period for an authorization provided by an authorization request of the requester;
checking whether the validity period expires in a polling mode, and if the validity period expires, automatically locking the authorization system.
Another embodiment of the present disclosure further provides an intranet network authorized by a service password based on face recognition, including:
at least one terminal device with an authorization system and a medical imaging device software system; and
a transfer machine for transferring the authorization request and the login password between the terminal device and the authorization server;
wherein an authorization system in said terminal device is adapted to perform the above-mentioned method steps.
In an embodiment of the present disclosure, the terminal device and the transfer machine are in communication connection through a switch.
Still another embodiment of the present disclosure provides a system for service password authorization based on face recognition, including:
at least one terminal device with an authorization system and a medical imaging device software system;
a transfer machine for transferring the authorization request and the login password between the terminal device and the authorization server; and
the authorization server is used for receiving the service request and processing the service request to generate a corresponding login password;
wherein an authorization system in said terminal device is adapted to perform the above-mentioned method steps.
In an embodiment of the present disclosure, the authorization server is disposed in an external network, and is in communication connection with the transfer machine through a firewall.
(III) advantageous effects
The beneficial effects of this disclosure are: on one hand, the method, the intranet network and the system for service password authorization based on face recognition are characterized in that a transfer machine is arranged in an intranet where terminal equipment in a use scene is located, an authorization request of a requester needs to be sent to a remote authorization server through transfer, and the server performs face recognition and password dual verification on the authorization request, so that data security is improved; on the other hand, because the face image of the requester is acquired during each verification, the relevance between the requester and the factory preset account is weakened, the leakage of the password can be avoided, the authorized privacy is improved, and the data security is ensured.
Drawings
Fig. 1 is a flowchart of a method for service password authorization based on face recognition according to an embodiment of the present disclosure;
FIG. 2 is a network framework diagram of a service authorization system based on face recognition in an embodiment of the present disclosure;
FIG. 3 is a flowchart of an embodiment of the present disclosure before step S120;
FIG. 4 is a flowchart of an embodiment of the present disclosure after step S120;
FIG. 5 is a flowchart illustrating a process of implementing service password authorization based on the system shown in FIG. 2 according to an embodiment of the present disclosure;
fig. 6 is a schematic structural diagram illustrating a computer system of an electronic device according to an embodiment of the present disclosure.
Detailed Description
For the purpose of better explaining the present disclosure, and to facilitate understanding thereof, the present disclosure will be described in detail below by way of specific embodiments with reference to the accompanying drawings.
All technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this disclosure belongs. The terminology used herein in the description of the disclosure is for the purpose of describing particular embodiments only and is not intended to be limiting of the disclosure. As used herein, the term "and/or" includes any and all combinations of one or more of the associated listed items.
The method aims to solve the problem that a great potential safety hazard exists in the customized system for accessing the system data of the PET-CT software system. The invention provides a method for realizing the authorized access of a PET-CT face recognition service password under the condition of ensuring the data security and privacy.
Fig. 1 is a flowchart of a method for service password authorization based on face recognition according to an embodiment of the present disclosure, as shown in fig. 1, specifically including the following steps:
as shown in fig. 1, in step S110, a transit machine is deployed in an intranet where the terminal device is located;
as shown in fig. 1, in step S120, the authorization system sends an authorization request containing a facial photograph and facial feature values of a requester to an authorization server through the transfer machine;
as shown in fig. 1, in step S130, a login password provided by a requester is obtained by the authorization system, and the login password is sent to the authorization server through the transfer machine, where the login password is generated by the authorization server in response to the authorization request;
as shown in fig. 1, in step S140, the authorization server obtains, through the transfer machine, an authentication result obtained by comparing the login password received by the transfer machine with the login password generated by the identity verification;
as shown in fig. 1, in step S150, if the verification result is consistent, a corresponding authorization is provided for the requester.
The method is used for a terminal device with an authorization system and a medical imaging device software system, and the terminal device is also provided with a software system for realizing use in a specific scene besides the authorization system for authorization, and mainly refers to the medical imaging device software system in the present document. The method can be applied to not only PET-CT imaging equipment, but also CT, X-Ray, MRI and other imaging equipment, taking PET-CT as an example, wherein the software system can be a hospital PET-CT software system and the like.
Based on the method, on one hand, a transfer machine is arranged in an intranet where the terminal equipment is located in a use scene, an authorization request of a requester needs to be sent to a remote authorization server through transfer, and the server performs face recognition and password double verification on the authorization request, so that the data security is improved; on the other hand, because the face image of the requester is acquired during each verification, the relevance between the requester and the factory preset account is weakened, the leakage of the password can be avoided, the authorized privacy is improved, and the data security is ensured.
In order to implement the method, the present disclosure further provides an intranet network and a system authorized by a service password based on face recognition, wherein the intranet network authorized by the service password based on face recognition includes: the system comprises at least one terminal device with an authorization system and a transfer machine, wherein the transfer machine is used for transferring an authorization request and a login password between the terminal device and an authorization server; wherein an authorization system in said terminal device is adapted to perform the above-mentioned method steps.
The system for service password authorization based on face recognition comprises: the system comprises at least one terminal device with an authorization system, a transfer machine and an authorization server, wherein the transfer machine is used for transferring an authorization request and a login password between the terminal device and the authorization server; the authorization server is used for receiving the service request and processing the service request to generate a corresponding login password.
In an embodiment of the present disclosure, the terminal device and the transfer machine are in communication connection through a switch; the authorization server is arranged in an external network and is in communication connection with the transfer machine through a firewall.
In the following embodiments, the detailed implementation of each step of the embodiment shown in fig. 1 is mainly described by taking a PET-CT software system as an example:
in step S110, a relay device is deployed in an intranet where the terminal device is located.
In an embodiment of the present disclosure, according to the above system for authorizing a service password based on face recognition, an authorization server system is deployed at a company (manufacturer) side, and receives and processes an authorization request from each site, and besides an original terminal device (generally, a desktop computer), a service authorization transfer machine (transfer machine for short) capable of connecting to an external network needs to be deployed at the site side for receiving and sending an authorization request of the face recognition service authorization system and an authorization message of the company authorization server. For example, a transfer machine is deployed in a hospital intranet.
Fig. 2 is a network framework diagram of a service authorization system based on face recognition in an embodiment of the present disclosure, and as shown in fig. 2, taking a computer with a PET-CT software system as an example, the service authorization software system forms an internal local area network through a switch and a transit, and the transit is connected and communicated with an authorization server in an external network through a firewall.
In step S120, the authorization system sends an authorization request containing the face photograph and the face feature value of the requester to the authorization server through the transfer machine.
Some configurations and acquisitions are also required before step S120, and fig. 3 is a flowchart before step S120 in an embodiment of the present disclosure, which includes the following steps:
as shown in fig. 3, in step S301, an authorization account is configured for the authorization system.
In one embodiment of the present disclosure, the terminal device has an authorization system and a software system, the authorization system is configured to authorize an engineer to access, and the software system is configured to be used by a general user of the terminal device on a daily basis. For example, a face recognition service authorization system is installed and deployed on a computer installed in PET-CT software, a camera is installed, A, B two windows accounts are configured for the PET-CT software system and the service authorization system, respectively, an account a cannot access to system resource data, and an account B can access to local system resources within the validity period of face recognition service password authorization.
As shown in fig. 3, in step S302, an authorization account input by the requester in the authorization system is obtained, and a camera on the terminal device is triggered to capture a face photograph of the requester.
As shown in fig. 3, in step S303, face feature calculation and extraction are performed according to the face picture to obtain the face feature value. In the step, a Harr classifier can be adopted for extracting the face image to obtain the face features.
As shown in fig. 3, in step S304, the authorization request is obtained according to the face photo and the face feature value.
Based on the step flow shown in fig. 3, an authorization request can be generated according to the face photo collected in real time, and the authorization request can also include hospital identifications, so that unique marks of hospitals in different places can be marked, and independent authorization among hospitals is realized without mutual influence.
After step S120, the authorization server further needs to generate a login password according to the authorization request, and fig. 4 is a flowchart after step S120 in an embodiment of the present disclosure, which includes the following steps:
as shown in fig. 4, in step S401, the authorization server individually compares the face feature value in the authorization request with a plurality of pre-stored feature values stored in a database to obtain a plurality of similar values respectively.
In the step, a plurality of preset data groups are stored in the database, and each data group at least comprises a prestored face photo of an authorized person and a corresponding prestored characteristic value.
As shown in fig. 4, in step S402, a pre-stored face photograph in the data group with the largest value among the plurality of similarity values is selected.
As shown in fig. 4, in step S403, by comparing the pre-stored face picture with the face in the face picture in the authorization request, performing identity verification, and if the pre-stored face picture and the face picture are the same person, generating a login password; if not, a verification failure display message is generated.
Based on the step flow shown in fig. 4, if the identity verification passes, a sequential or random password is generated as a login password according to a preset rule, and the login password is stored in the authorization server.
In an embodiment of the present disclosure, after the step S403 generates the verification failure message, the method further includes: the authorization server sends the authentication failure message to the authorization system through the transfer machine; and the authorization system prompts according to the verification failure message.
In step S130, a login password provided by the requester is obtained through the authorization system, and the login password is sent to the authorization server through the transfer machine.
Wherein the login password is generated by the authorization server in response to the authorization request, and the login password may be in a preset form, such as at least one of a number, a letter, and a symbol, or a combination thereof.
Before the step S130 of obtaining the login password provided by the requester through the authorization system, the method further includes:
and the authorization server sends the login password generated by the identity verification to the requester according to a preset mode.
In an embodiment of the present disclosure, for example, the preset mode is a portable terminal (mobile phone) sent to the requester in a form of a short message, so that the database in the authorization server needs to establish a communication mode of the service engineer in addition to pre-storing the face image and the face feature value for the service engineer, for example, the communication mode may be a mobile phone number, so that the authorization server sends the login password to the mobile phone of the service engineer through a mobile network.
In step S140, the authorization server obtains, through the transfer machine, an authentication result obtained by comparing the login password received by the transfer machine with the login password generated by the identity verification.
In this step, the authorization server verifies the login password entered by the requester through the authorization system of the terminal device with the login password generated by the authorization server itself in step S120, and the verification result is consistent or inconsistent.
In step S150, if the verification result is consistent, a corresponding authorization is provided for the requester.
In an embodiment of the present disclosure, the step of providing the corresponding authorization to the requester further includes: firstly, setting a corresponding valid period for the authorization provided by one authorization request of the requester; secondly, whether the validity period expires is checked in a polling mode, and if the validity period expires, the authorization system automatically locks. The validity period in this step may be a fixed period, and may also be adjusted as needed.
Fig. 5 is a flowchart of a work procedure for implementing service password authorization based on the system shown in fig. 2 in an embodiment of the present disclosure, which includes the following steps:
51) when a service engineer needs to enter a local system to access data resources, switching login of a windows account B is firstly carried out on a PET-CT software computer, after login, the face faces towards the camera in the forward direction, a request authorization button is clicked, the service authorization system calculates and extracts face characteristic values of pictures shot by the camera, sends the pictures, the characteristic values and hospital identification to a transfer machine, and forwards the pictures, the characteristic values and the hospital identification to a company authorization server system through the transfer machine.
52) And after receiving the authorization request, the company authorization server system compares the characteristic value with the characteristic value of the local database, displays the personnel information photo with the highest similarity score, and clicks and sends the login password to the mobile phone of the service engineer in a short message form after the company authorization personnel are manually confirmed to be the same person.
53) And after receiving the login short message password, the service engineer inputs the password in the service authorization system and clicks login, and the service authorization system sends the login password to the transfer machine and sends the login password to the company authorization server by the transfer machine.
54) And after receiving the login password, the authorization server verifies whether the password is consistent with the login password which is just authorized, and sends the verification result back to the transfer machine.
55) And the transfer machine receives the verification result, sends the result to the service authorization system, passes the verification, enables the service authorization to enter the local resource system, and completes the authorization request of the service engineer.
56) After the authorization validity period expires, the service authorization system automatically locks the local resource system, and a service engineer cannot access the local resource data continuously and needs to perform face recognition service authorization verification again.
In summary, according to the technical solution provided by the embodiment of the present disclosure, in this embodiment, the face recognition service authorization system software is installed and deployed on the computer where the PET-CT software system is installed, a service authorization transfer machine capable of connecting to an external network is also deployed in a hospital, an authorization server is deployed at one side of a company, and after authorization is performed by the authorization server of the company, related personnel (service engineers) can enter the system to access data and resources. After the technical scheme is used, when related engineers and other personnel perform work such as upgrading, maintenance and maintenance of equipment, local resources can be easily and conveniently accessed, a face recognition and password dual verification mechanism is adopted for authorization, the life cycle of each authorization completely fails after the authorization time is up, all visiting authorization information is recorded by the authorization server, and the data security and authorization sustainability of the PET-CT software system are greatly guaranteed. .
Corresponding to the above method, the technical effects of the intranet network and the system authorized by the service password based on face recognition provided by the embodiment of the present disclosure are referred to the technical effects of the above method, and are not described herein again.
Referring now to FIG. 6, shown is a block diagram of a computer system suitable for use with the electronic device implementing an embodiment of the present invention. The computer system 600 of the electronic device shown in fig. 6 is only an example, and should not bring any limitation to the function and the scope of the use of the embodiments of the present invention.
As shown in fig. 6, the computer system 600 includes a Central Processing Unit (CPU)601 that can perform various appropriate actions and processes according to a program stored in a Read Only Memory (ROM)602 or a program loaded from a storage section 608 into a Random Access Memory (RAM) 603. In the RAM 603, various programs and data necessary for system operation are also stored. The CPU601, ROM 602, and RAM 603 are connected to each other via a bus 604. An input/output (I/O) interface 605 is also connected to bus 604.
The following components are connected to the I/O interface 605: an input portion 606 including a keyboard, a mouse, and the like; an output portion 607 including a display such as a Cathode Ray Tube (CRT), a Liquid Crystal Display (LCD), and the like, and a speaker; a storage section 608 including a hard disk and the like; and a communication section 609 including a network interface card such as a LAN card, a modem, or the like. The communication section 609 performs communication processing via a network such as the internet. The driver 610 is also connected to the I/O interface 605 as needed. A removable medium 611 such as a magnetic disk, an optical disk, a magneto-optical disk, a semiconductor memory, or the like is mounted on the drive 610 as necessary, so that a computer program read out therefrom is mounted in the storage section 608 as necessary.
In particular, according to an embodiment of the present invention, the processes described above with reference to the flowcharts may be implemented as computer software programs. For example, embodiments of the invention include a computer program product comprising a computer program embodied on a computer-readable medium, the computer program comprising program code for performing the method illustrated in the flow chart. In such an embodiment, the computer program may be downloaded and installed from a network through the communication section 609, and/or installed from the removable medium 611. The above-described functions defined in the system of the present application are executed when the computer program is executed by the Central Processing Unit (CPU) 601.
It should be noted that the computer readable medium shown in the present invention can be a computer readable signal medium or a computer readable storage medium or any combination of the two. A computer readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples of the computer readable storage medium may include, but are not limited to: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the present invention, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. In the present invention, however, a computer readable signal medium may include a propagated data signal with computer readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A computer readable signal medium may also be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to: wireless, wire, fiber optic cable, RF, etc., or any suitable combination of the foregoing.
The flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present invention. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams or flowchart illustration, and combinations of blocks in the block diagrams or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
The units described in the embodiments of the present invention may be implemented by software, or may be implemented by hardware, and the described units may also be disposed in a processor. Wherein the names of the elements do not in some way constitute a limitation on the elements themselves.
As another aspect, the present application also provides a computer-readable medium, which may be contained in the electronic device described in the above embodiments; or may exist separately without being assembled into the electronic device. The computer readable medium carries one or more programs, and when the one or more programs are executed by the electronic device, the electronic device is enabled to implement the online platform data transmission method in the embodiment.
For example, the electronic device may implement the following as shown in fig. 1: step S110, deploying a transfer machine in an intranet where the terminal equipment is located; step S120, the authorization system sends an authorization request containing a face photo of a requester and a face characteristic value to an authorization server through the transfer machine; step S130, obtaining a login password provided by a requester through the authorization system, and sending the login password to the authorization server through the transfer machine, wherein the login password is generated by the authorization server by responding to the authorization request; step S140, obtaining a verification result obtained by comparing the login password received by the transfer machine and the login password generated by the identity verification by the authorization server through the transfer machine; step S150, if the verification result is consistent, providing corresponding authorization for the requester.
It should be noted that although in the above detailed description several modules or units of the device for action execution are mentioned, such a division is not mandatory. Indeed, the features and functionality of two or more modules or units described above may be embodied in one module or unit, according to embodiments of the present disclosure. Conversely, the features and functions of one module or unit described above may be further divided into embodiments by a plurality of modules or units.
Through the above description of the embodiments, those skilled in the art will readily understand that the exemplary embodiments described herein may be implemented by software, or by software in combination with necessary hardware. Therefore, the technical solution according to the embodiments of the present disclosure may be embodied in the form of a software product, which may be stored in a non-volatile storage medium (which may be a CD-ROM, a usb disk, a removable hard disk, etc.) or on a network, and includes several instructions to enable a computing device (which may be a personal computer, a server, a touch terminal, or a network device, etc.) to execute the method according to the embodiments of the present disclosure.
Other embodiments of the disclosure will be apparent to those skilled in the art from consideration of the specification and practice of the disclosure disclosed herein. This application is intended to cover any variations, uses, or adaptations of the disclosure following, in general, the principles of the disclosure and including such departures from the present disclosure as come within known or customary practice within the art to which the disclosure pertains. It is intended that the specification and examples be considered as exemplary only, with a true scope and spirit of the disclosure being indicated by the following claims.
It will be understood that the present disclosure is not limited to the precise arrangements described above and shown in the drawings and that various modifications and changes may be made without departing from the scope thereof. The scope of the present disclosure is limited only by the appended claims.
Claims (10)
1. A service password authorization method based on face recognition is used for a terminal device with an authorization system and a medical image device software system, and is characterized by comprising the following steps:
deploying a transfer machine in an intranet where the terminal equipment is located;
the authorization system sends an authorization request containing a face photo of a requester and a face characteristic value to an authorization server through the transfer machine;
obtaining a login password provided by a requester through the authorization system, and sending the login password to the authorization server through the transfer machine, wherein the login password is generated by the authorization server by responding to the authorization request;
obtaining a verification result obtained by comparing the login password received by the transfer machine with the login password generated by the identity verification through the authorization server through the transfer machine;
and if the verification result is consistent, providing corresponding authorization for the requester.
2. The method for service password authorization based on face recognition according to claim 1, wherein before the authorization system sends the authorization request containing the face photo and the face feature value of the requester to the authorization server through the transfer machine, the method further comprises:
configuring an authorization account for the authorization system;
acquiring an authorization account number input by the requester in the authorization system, and triggering a camera on the terminal equipment to acquire a face photo of the requester;
calculating and extracting the face features according to the face picture to obtain the face feature value;
and obtaining the authorization request according to the face photo and the face feature value.
3. The method for service password authorization based on face recognition according to claim 1, wherein the authorization system sends an authorization request containing a face photo of a requester and a face feature value to an authorization server through the transfer machine, and further comprising:
the authorization server receives the face characteristic value in the authorization request and independently compares the face characteristic value with a plurality of prestored characteristic values stored in a database to respectively obtain a plurality of similar values, wherein a plurality of preset data groups are stored in the database, and each data group at least comprises a prestored face photo of an authorized person and a corresponding prestored characteristic value;
selecting a pre-stored face photo in a data group with the largest value in the plurality of similar values;
identity verification is carried out by comparing the pre-stored face picture with the face in the face picture in the authorization request, and if the pre-stored face picture and the face in the authorization request are the same person, a login password is generated; if not, a verification failure display message is generated.
4. The method for face recognition-based service password authorization according to claim 3, wherein after generating the authentication failure message, further comprising:
the authorization server sends the authentication failure message to the authorization system through the transfer machine;
and the authorization system prompts according to the verification failure message.
5. The method for service password authorization based on face recognition according to claim 3, wherein before obtaining the login password provided by the requester through the authorization system, the method further comprises:
and the authorization server sends the login password generated by the identity verification to the requester according to a preset mode, wherein the preset mode is to send the login password to the portable terminal of the requester in a short message mode.
6. The method of claim 1, wherein providing the requestor with a corresponding authorization further comprises:
setting a corresponding validity period for an authorization provided by an authorization request of the requester;
checking whether the validity period expires in a polling mode, and if the validity period expires, automatically locking the authorization system.
7. An intranet network authorized by a service password based on face recognition is characterized by comprising:
at least one terminal device with an authorization system and a medical imaging device software system; and
a transfer machine for transferring the authorization request and the login password between the terminal device and the authorization server;
wherein an authorization system in the terminal device is adapted to perform the method steps of any of claims 1-6.
8. The intranet network authorized by the service password based on the face recognition as claimed in claim 7, wherein the terminal device and the relay machine are in communication connection through a switch.
9. A system for service password authorization based on face recognition, comprising:
at least one terminal device with an authorization system and a medical imaging device software system;
a transfer machine for transferring the authorization request and the login password between the terminal device and the authorization server; and
the authorization server is used for receiving the service request and processing the service request to generate a corresponding login password;
wherein an authorization system in the terminal device is adapted to perform the method steps of any of claims 1-6.
10. The system for service password authorization based on face recognition according to claim 9, wherein the authorization server is disposed in an extranet and is in communication connection with the transfer machine through a firewall.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010092368.0A CN111310142B (en) | 2020-02-14 | 2020-02-14 | Service password authorization method based on face recognition, intranet network and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010092368.0A CN111310142B (en) | 2020-02-14 | 2020-02-14 | Service password authorization method based on face recognition, intranet network and system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111310142A true CN111310142A (en) | 2020-06-19 |
| CN111310142B CN111310142B (en) | 2022-07-05 |
Family
ID=71152867
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010092368.0A Active CN111310142B (en) | 2020-02-14 | 2020-02-14 | Service password authorization method based on face recognition, intranet network and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111310142B (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112214741A (en) * | 2020-10-09 | 2021-01-12 | 福建智康云医疗科技有限公司 | Medical image sharing method, system and storage medium |
| CN113516001A (en) * | 2021-02-26 | 2021-10-19 | 姚毅虹 | Patient information acquisition system based on image recognition and control method thereof |
Citations (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102164113A (en) * | 2010-02-22 | 2011-08-24 | 深圳市联通万达科技有限公司 | Face recognition login method and system |
| CN104765998A (en) * | 2015-04-16 | 2015-07-08 | 国家电网公司 | User identity reliably-verifying system based on face identification and using method thereof |
| US20160070894A1 (en) * | 2014-09-07 | 2016-03-10 | Michael Boodaei | Authentication method and system using password as the authentication key |
| CN105407070A (en) * | 2014-07-28 | 2016-03-16 | 小米科技有限责任公司 | Logging-in authorization method and device |
| CN105577664A (en) * | 2015-12-22 | 2016-05-11 | 深圳前海微众银行股份有限公司 | Cipher reset method and system, client and server |
| CN106790260A (en) * | 2017-02-03 | 2017-05-31 | 国政通科技股份有限公司 | A kind of multiple-factor identity identifying method |
| US20170310663A1 (en) * | 2017-03-23 | 2017-10-26 | Baldev Krishan | Local and Remote Access Apparatus and System for Password Storage and management |
| CN109088873A (en) * | 2018-08-16 | 2018-12-25 | 安徽大尺度网络传媒有限公司 | A kind of login system based on recognition of face big data |
| CN109815665A (en) * | 2018-12-25 | 2019-05-28 | 深圳供电局有限公司 | Identity identifying method and system, electronic equipment, computer readable storage medium |
| CN110675154A (en) * | 2019-08-27 | 2020-01-10 | 腾讯科技(深圳)有限公司 | Service providing method, device, equipment and medium based on face recognition |
| CN110691085A (en) * | 2019-09-21 | 2020-01-14 | RealMe重庆移动通信有限公司 | Login method, login device, password management system and computer readable medium |
| CN110708156A (en) * | 2019-09-26 | 2020-01-17 | 中电万维信息技术有限责任公司 | Communication method, client and server |
| CN110838195A (en) * | 2019-11-11 | 2020-02-25 | 北京新海汇仓储有限公司 | Method for authorizing others to unlock |
-
2020
- 2020-02-14 CN CN202010092368.0A patent/CN111310142B/en active Active
Patent Citations (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102164113A (en) * | 2010-02-22 | 2011-08-24 | 深圳市联通万达科技有限公司 | Face recognition login method and system |
| CN105407070A (en) * | 2014-07-28 | 2016-03-16 | 小米科技有限责任公司 | Logging-in authorization method and device |
| US20160070894A1 (en) * | 2014-09-07 | 2016-03-10 | Michael Boodaei | Authentication method and system using password as the authentication key |
| CN104765998A (en) * | 2015-04-16 | 2015-07-08 | 国家电网公司 | User identity reliably-verifying system based on face identification and using method thereof |
| CN105577664A (en) * | 2015-12-22 | 2016-05-11 | 深圳前海微众银行股份有限公司 | Cipher reset method and system, client and server |
| CN106790260A (en) * | 2017-02-03 | 2017-05-31 | 国政通科技股份有限公司 | A kind of multiple-factor identity identifying method |
| US20170310663A1 (en) * | 2017-03-23 | 2017-10-26 | Baldev Krishan | Local and Remote Access Apparatus and System for Password Storage and management |
| CN109088873A (en) * | 2018-08-16 | 2018-12-25 | 安徽大尺度网络传媒有限公司 | A kind of login system based on recognition of face big data |
| CN109815665A (en) * | 2018-12-25 | 2019-05-28 | 深圳供电局有限公司 | Identity identifying method and system, electronic equipment, computer readable storage medium |
| CN110675154A (en) * | 2019-08-27 | 2020-01-10 | 腾讯科技(深圳)有限公司 | Service providing method, device, equipment and medium based on face recognition |
| CN110691085A (en) * | 2019-09-21 | 2020-01-14 | RealMe重庆移动通信有限公司 | Login method, login device, password management system and computer readable medium |
| CN110708156A (en) * | 2019-09-26 | 2020-01-17 | 中电万维信息技术有限责任公司 | Communication method, client and server |
| CN110838195A (en) * | 2019-11-11 | 2020-02-25 | 北京新海汇仓储有限公司 | Method for authorizing others to unlock |
Non-Patent Citations (2)
| Title |
|---|
| H.ZUO 等: ""Two-Way Real-Time Authentication System Based on Dynamic Password and Multi-biometric"", 《2012 INTERNATIONAL CONFERENCE ON COMPUTER SCIENCE AND SERVICE SYSTEM》 * |
| 戈泉月 等: ""基于多因素认证的网络安全支付模式研究"", 《信息网络安全》 * |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112214741A (en) * | 2020-10-09 | 2021-01-12 | 福建智康云医疗科技有限公司 | Medical image sharing method, system and storage medium |
| CN113516001A (en) * | 2021-02-26 | 2021-10-19 | 姚毅虹 | Patient information acquisition system based on image recognition and control method thereof |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111310142B (en) | 2022-07-05 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11335440B1 (en) | Health status system, platform, and method | |
| US9532756B2 (en) | Medical image control system and mobile terminal | |
| DE10303652B4 (en) | System and method for universal remote access to diagnostic images and for universal remote display of diagnostic images for service delivery | |
| US8973091B2 (en) | Secure authentication using mobile device | |
| US20140207686A1 (en) | Secure real-time health record exchange | |
| US20090203973A1 (en) | Conveying Real Time Medical Data | |
| CN111310142B (en) | Service password authorization method based on face recognition, intranet network and system | |
| CN106295938A (en) | The storage of medical document based on cloud service and utilize system and using method thereof | |
| US7450742B2 (en) | Information processing apparatus, information processing system, information processing method, storage medium, and program | |
| CN108806025A (en) | Realize the entrance guard authorization method and device of visitor's temporary visit | |
| CN105117633B (en) | Recognition of face Windows system logins verify system | |
| US20130184557A1 (en) | Medical finding system with control module for image acquisition | |
| CN112071387A (en) | Automatic medical image electronic film and inspection report acquisition method and system | |
| CN111883235A (en) | Method and system for acquiring digital film and report based on medical image | |
| CN109960920A (en) | Information processing method and electronic equipment | |
| CN112309562A (en) | Method and device for operating medical equipment and method for inviting operation of medical equipment | |
| KR20170060761A (en) | System and method for providing telemedicine service | |
| KR20210108664A (en) | Kiosk installed pharmacy and operating method thereof | |
| CN111128404A (en) | Remote consultation device, method and system | |
| US20240111852A1 (en) | Method and system for generating a virtual authenticator | |
| CN112600843B (en) | Authentication method, storage medium and gateway | |
| KR20130088730A (en) | Apparatus for sharing and managing information in picture archiving communication system and method thereof | |
| CN213458138U (en) | Large-screen dynamic intelligent human face conference check-in machine | |
| JP7199015B2 (en) | Face authentication device and face authentication method | |
| US20230097318A1 (en) | Network access authentication method and associated system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |