CN112182533A - Cloud terminal identity authentication method based on block chain encryption and biological information identification - Google Patents
Cloud terminal identity authentication method based on block chain encryption and biological information identification Download PDFInfo
- Publication number
- CN112182533A CN112182533A CN202010819228.9A CN202010819228A CN112182533A CN 112182533 A CN112182533 A CN 112182533A CN 202010819228 A CN202010819228 A CN 202010819228A CN 112182533 A CN112182533 A CN 112182533A
- Authority
- CN
- China
- Prior art keywords
- authentication
- identity
- information
- identity information
- file
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 17
- 239000007787 solid Substances 0.000 description 3
- 238000005336 cracking Methods 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 230000005540 biological transmission Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/32—User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/107—License processing; Key processing
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/107—License processing; Key processing
- G06F21/1078—Logging; Metering
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/34—User authentication involving the use of external additional devices, e.g. dongles or smart cards
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/44—Program or device authentication
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Multimedia (AREA)
- Technology Law (AREA)
- Storage Device Security (AREA)
Abstract
The invention relates to a cloud terminal identity authentication method based on block chain encryption and biological information identification, which comprises the steps of issuing an identity information authentication file and authenticating and logging in identity information; the issuing of the identity information authentication document comprises the following steps: acquiring related information of an identity authentication applicant; encrypting the related information based on a block chain elliptic encryption algorithm to generate an identity information authentication file, slicing and storing the identity information authentication file in a distributed storage system, and simultaneously storing the identity information authentication file in an identity authentication information storage medium; the identity information authentication file is issued to an identity authentication applicant; the identity information authentication login comprises the following steps: the cloud server side determines the identity of the user according to the identity information authentication file in the identity authentication information storage medium; and recording the operation of identity information authentication login through the distributed storage system and updating the identity information authentication file. The invention can realize the all-round protection of the user data safety and greatly reduce the possibility of being cracked.
Description
Technical Field
The invention belongs to the technical field of information security, and particularly relates to a cloud terminal identity authentication method based on block chain encryption and biological information identification.
Background
Identity authentication for cloud terminal (cloud desktop) login is one of important means for protecting information and property safety of cloud terminal service providers and users. From a practical perspective, a strong and effective identity authentication mode can enable an access policy of the cloud terminal to be reliably and effectively executed, prevent an attacker from impersonating a legal user to obtain the access right of resources, and ensure the safety of a system and data and the legal benefit of an authorized visitor.
In the prior art, basic methods for authenticating a user are divided into three types: the first is identity authentication based on information secrets, i.e. to prove identity based on what you know; the second is identity authentication based on trusted objects, i.e. identity is certified according to what you own; the third is identity authentication based on biometrics, i.e. directly proving identity based on unique physical characteristics (such as fingerprint, iris).
The leakage and the tampering of the identity authentication information of the cloud terminal are one of the problems which are urgently needed to be solved in the field of cloud identity authentication at present. Any one of the three kinds of authentication cannot guarantee higher-level authentication security.
Disclosure of Invention
The invention aims to provide a cloud terminal identity authentication method based on block chain encryption and biological information identification, which is applied to the storage and identification of identity information, and the cloud terminal identity authentication login is subjected to high-strength encryption on the basis of three-factor authentication, so that the comprehensive protection of user data safety is realized, the possibility of cracking is greatly reduced, and a solid foundation is laid for constructing a system with high safety and high resistance to denial.
The invention provides a cloud terminal identity authentication method based on block chain encryption and biological information identification, which comprises the steps of issuing an identity information authentication file and authenticating and logging in identity information;
the issuing of the identity information authentication document comprises:
acquiring related information of an identity authentication applicant; the related information comprises biological information and password information;
encrypting the related information based on a block chain elliptic encryption algorithm to generate an identity information authentication file, slicing and storing the identity information authentication file in a distributed storage system, and simultaneously storing the identity information authentication file in an identity authentication information storage medium; the identity information authentication file is a private key;
the identity information authentication file is issued to an identity authentication applicant;
the identity information authentication login comprises the following steps:
the cloud server side determines the identity of the user according to the identity information authentication file in the identity authentication information storage medium, compares the relevant identity information of the user with the identity information provided by the login application, if the comparison is successful, resources are distributed according to the authority, and if the comparison is failed, a corresponding strategy is started;
and recording the operation of identity information authentication login through the distributed storage system and updating the identity information authentication file.
Further, the identity authentication information storage medium is a pluggable device with file storage and biological information identification functions.
Further, the pluggable device is a USB flash disk.
Further, the identity information authentication login specifically includes:
a user inputs an authentication password to initiate an authentication application through a storage medium, decryption is carried out on the basis of an elliptic arc algorithm, after the decryption is carried out on the secret key, secondary decryption is carried out on the secret key according to a stored decryption secret key by a symmetric encryption algorithm, password comparison is carried out at the same time, if the comparison is successful, an encrypted data packet of user biological information and a mac address of the storage medium is read through a distributed system, decryption is carried out by using an SHA3-256 algorithm, and an information acquisition instruction is sent out;
the storage medium collects real-time biological information of the user, returns an authentication information data packet for comparison by combining a mac address of the user, completes authentication if the comparison is successful, and allocates resources according to the authority.
By means of the scheme, the block chain encryption method is applied to storage and identification of identity information through the cloud terminal identity authentication method based on block chain encryption and biological information identification, high-strength encryption is carried out on cloud terminal identity authentication login on the basis of three-factor authentication, all-round protection on user data safety can be achieved, the possibility of cracking is greatly reduced, and a solid foundation is laid for building a system with high safety and high resistance to denial.
The foregoing is a summary of the present invention, and in order to provide a clear understanding of the technical means of the present invention and to be implemented in accordance with the present specification, the following is a detailed description of the preferred embodiments of the present invention.
Drawings
FIG. 1 is a flowchart illustrating an application of an authentication information file according to an embodiment of the present invention;
FIG. 2 is a flowchart illustrating the generation of an authentication information file according to an embodiment of the present invention;
FIG. 3 is a flowchart illustrating the storage of an authentication information file according to an embodiment of the present invention;
FIG. 4 is a flowchart illustrating an encryption/decryption process of an authentication information file according to an embodiment of the present invention.
Detailed Description
The following detailed description of embodiments of the present invention is provided in connection with the accompanying drawings and examples. The following examples are intended to illustrate the invention but are not intended to limit the scope of the invention.
Referring to fig. 1 to 4, the embodiment provides a cloud terminal identity authentication method based on block chain encryption and biological information identification, including identity information authentication file issuance and identity information authentication login;
the issuing of the identity information authentication document comprises:
acquiring related information of an identity authentication applicant; the related information comprises biological information and password information;
encrypting the related information based on a block chain elliptic encryption algorithm to generate an identity information authentication file, slicing and storing the identity information authentication file in a distributed storage system, and simultaneously storing the identity information authentication file in an identity authentication information storage medium; the identity information authentication file is a private key;
the identity information authentication file is issued to an identity authentication applicant;
the identity information authentication login comprises the following steps:
the cloud server side determines the identity of the user according to the identity information authentication file in the identity authentication information storage medium, compares the relevant identity information of the user with the identity information provided by the login application, if the comparison is successful, resources are distributed according to the authority, and if the comparison is failed, a corresponding strategy is started;
and recording the operation of identity information authentication login through the distributed storage system and updating the identity information authentication file.
In this embodiment, the authentication information storage medium is a pluggable device having file storage and biometric information recognition functions.
In this embodiment, the pluggable device may be a usb disk.
In this embodiment, the identity information authentication login specifically includes:
a user inputs an authentication password to initiate an authentication application through a storage medium, decryption is carried out on the basis of an elliptic arc algorithm, after the decryption is carried out on the secret key, secondary decryption is carried out on the secret key according to a stored decryption secret key by a symmetric encryption algorithm, password comparison is carried out at the same time, if the comparison is successful, an encrypted data packet of user biological information and a mac address of the storage medium is read through a distributed system, decryption is carried out by using an SHA3-256 algorithm, and an information acquisition instruction is sent out;
the storage medium collects real-time biological information of the user, returns an authentication information data packet for comparison by combining a mac address of the user, completes authentication if the comparison is successful, and allocates resources according to the authority.
The cloud terminal identity authentication method based on block chain encryption and biological information identification confirms the identity of a user by using a biological identification technology and a user password, issues an identity information authentication file to the user by using a block chain technology elliptic encryption algorithm, performs encryption transmission on a user login request, an authentication result and return information by using the block chain technology elliptic encryption algorithm, and stores the user identity information and login record by using the distributed storage characteristic of the block chain technology. The block chain encryption method is applied to storage and identification of identity information, high-strength encryption is carried out on cloud terminal identity authentication login on the basis of three-factor authentication, all-round protection on user data safety is achieved, the possibility of being cracked is greatly reduced, and a solid foundation is laid for building a system with high safety and high resistance to denial.
The above description is only a preferred embodiment of the present invention and is not intended to limit the present invention, it should be noted that, for those skilled in the art, many modifications and variations can be made without departing from the technical principle of the present invention, and these modifications and variations should also be regarded as the protection scope of the present invention.
Claims (4)
1. A cloud terminal identity authentication method based on block chain encryption and biological information identification is characterized by comprising identity information authentication file issuing and identity information authentication login;
the issuing of the identity information authentication document comprises:
acquiring related information of an identity authentication applicant; the related information comprises biological information and password information;
encrypting the related information based on a block chain elliptic encryption algorithm to generate an identity information authentication file, slicing and storing the identity information authentication file in a distributed storage system, and simultaneously storing the identity information authentication file in an identity authentication information storage medium; the identity information authentication file is a private key;
the identity information authentication file is issued to an identity authentication applicant;
the identity information authentication login comprises the following steps:
the cloud server side determines the identity of the user according to the identity information authentication file in the identity authentication information storage medium, compares the relevant identity information of the user with the identity information provided by the login application, if the comparison is successful, resources are distributed according to the authority, and if the comparison is failed, a corresponding strategy is started;
and recording the operation of identity information authentication login through the distributed storage system and updating the identity information authentication file.
2. The cloud terminal identity authentication method based on block chain encryption and biological information identification according to claim 1, wherein the identity authentication information storage medium is a pluggable device with file storage and biological information identification functions.
3. The cloud terminal identity authentication method based on block chain encryption and biological information identification according to claim 2, wherein the pluggable device is a USB flash disk.
4. The cloud terminal identity authentication method based on block chain encryption and biological information identification as claimed in claim 3, wherein the identity information authentication login specifically comprises:
a user inputs an authentication password to initiate an authentication application through a storage medium, decryption is carried out on the basis of an elliptic arc algorithm, after the decryption is carried out on the secret key, secondary decryption is carried out on the secret key according to a stored decryption secret key by a symmetric encryption algorithm, password comparison is carried out at the same time, if the comparison is successful, an encrypted data packet of user biological information and a mac address of the storage medium is read through a distributed system, decryption is carried out by using an SHA3-256 algorithm, and an information acquisition instruction is sent out;
the storage medium collects real-time biological information of the user, returns an authentication information data packet for comparison by combining a mac address of the user, completes authentication if the comparison is successful, and allocates resources according to the authority.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010819228.9A CN112182533A (en) | 2020-08-14 | 2020-08-14 | Cloud terminal identity authentication method based on block chain encryption and biological information identification |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010819228.9A CN112182533A (en) | 2020-08-14 | 2020-08-14 | Cloud terminal identity authentication method based on block chain encryption and biological information identification |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN112182533A true CN112182533A (en) | 2021-01-05 |
Family
ID=73919204
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010819228.9A Pending CN112182533A (en) | 2020-08-14 | 2020-08-14 | Cloud terminal identity authentication method based on block chain encryption and biological information identification |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112182533A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113162903A (en) * | 2021-02-02 | 2021-07-23 | 上海大学 | Authentication method based on connection information in network slice |
-
2020
- 2020-08-14 CN CN202010819228.9A patent/CN112182533A/en active Pending
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113162903A (en) * | 2021-02-02 | 2021-07-23 | 上海大学 | Authentication method based on connection information in network slice |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10110585B2 (en) | Multi-party authentication in a zero-trust distributed system | |
| CN106888084B (en) | Quantum fort machine system and authentication method thereof | |
| US8074264B2 (en) | Secure key distribution to internet clients | |
| US6073237A (en) | Tamper resistant method and apparatus | |
| EP1498800B1 (en) | Security link management in dynamic networks | |
| US8046589B2 (en) | Renewable and private biometrics | |
| CN101588245B (en) | Method of identity authentication, system and memory device thereof | |
| CN111931144B (en) | Unified safe login authentication method and device for operating system and service application | |
| CN109361668A (en) | A kind of data trusted transmission method | |
| US10333930B2 (en) | System and method for transparent multi-factor authentication and security posture checking | |
| JP2007522540A (en) | User authentication methods and related architectures based on the use of biometric identification technology | |
| US20110314288A1 (en) | Circuit, system, device and method of authenticating a communication session and encrypting data thereof | |
| US11363033B2 (en) | Time-dependent blockchain-based self-verification user authentication method | |
| KR20020060075A (en) | Method and apparatus for protecting file system based on digital signature certificate | |
| CN108900296B (en) | Secret key storage method based on biological feature identification | |
| CN1901452A (en) | Multi-level and multi-factor security credentials management for network element authentication | |
| CN106657098A (en) | Authentication method, apparatus and system for logging in Linux operating system | |
| CN115333840A (en) | Resource access method, system, device and storage medium | |
| CN117216740A (en) | Digital identity authentication method based on blockchain technology | |
| CN112182533A (en) | Cloud terminal identity authentication method based on block chain encryption and biological information identification | |
| Cavoukian et al. | Keynote paper: Biometric encryption: Technology for strong authentication, security and privacy | |
| Alemu et al. | Fingerprint based authentication architecture for accessing multiple cloud computing services using single user credential in IOT environments | |
| US20210067961A1 (en) | Secure simultaneous authentication of equals anti-clogging mechanism | |
| CN113468596A (en) | Multi-element identity authentication method and system for power grid data outsourcing calculation | |
| CN111526010A (en) | Key escrow method suitable for user identity authentication |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |