CN112231682A - Security authentication method, system, device and computer equipment - Google Patents
Security authentication method, system, device and computer equipment Download PDFInfo
- Publication number
- CN112231682A CN112231682A CN202011110878.2A CN202011110878A CN112231682A CN 112231682 A CN112231682 A CN 112231682A CN 202011110878 A CN202011110878 A CN 202011110878A CN 112231682 A CN112231682 A CN 112231682A
- Authority
- CN
- China
- Prior art keywords
- angle change
- axis angle
- change rate
- verified
- equipment
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/44—Program or device authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F3/00—Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
- G06F3/01—Input arrangements or combined input and output arrangements for interaction between user and computer
- G06F3/03—Arrangements for converting the position or the displacement of a member into a coded form
- G06F3/033—Pointing devices displaced or positioned by the user, e.g. mice, trackballs, pens or joysticks; Accessories therefor
- G06F3/0346—Pointing devices displaced or positioned by the user, e.g. mice, trackballs, pens or joysticks; Accessories therefor with detection of the device orientation or free movement in a 3D space, e.g. 3D mice, 6-DOF [six degrees of freedom] pointers using gyroscopes, accelerometers or tilt-sensors
Abstract
The invention relates to a security authentication method, a system, a device, a computer device and a storage medium by using a terminal gyroscope, wherein the method comprises the following steps: receiving a first X-axis angle change rate, a first Y-axis angle change rate and a first Z-axis angle change rate which are read by the safety equipment passing the administrator information authentication through a first gyroscope; receiving a second X-axis angle change rate, a second Y-axis angle change rate and a second Z-axis angle change rate which are read by the equipment to be verified through a second gyroscope; comparing the first X-axis angle change rate with the second X-axis angle change rate, comparing the first Y-axis angle change rate with the second Y-axis angle change rate, and comparing the first Z-axis angle change rate with the second Z-axis angle change rate; and when the comparison result meets the preset condition, setting the equipment to be verified as the safety equipment. The method does not need to input information on the equipment or use data transmission between the equipment to complete equipment safety verification, and ensures the safety of data information.
Description
Technical Field
The present invention relates to the field of device authentication technologies, and in particular, to a security authentication method, system, device, computer device, and storage medium using a terminal gyroscope.
Background
Modern mobile phones have become essential information devices for individuals, and in many industries, mobile phones are used as devices for accessing related information systems, and authentication procedures are required to be completed on the mobile phones before accessing the information systems. Meanwhile, in many industries, information systems are usually designed as a multi-level authority system, and the authentication process of accessing the information systems by other people is usually controlled by an administrator. This requires that an authentication process for an account related to the information system is performed for another mobile phone through one mobile phone that has been authenticated as an administrator account, so as to allow the information system to log in on the mobile phone and complete related operations.
To achieve the above purpose, there are two techniques that are currently popular:
(1) the administrator assigns a password in advance when creating an account, and the user inputs the account and an initial password on his mobile phone to complete the authentication of the information system, which is the most traditional way.
(2) The mobile phone of the administrator and the mobile phone of the user carry out communication between the devices through NFC or Bluetooth communication, the device of the administrator transmits a section of instruction data sent by the information system to the device of the user, and the device of the user uses the instruction data to complete access verification of the information system.
The first technique has the advantages of mature and simple realization and wide application; the disadvantage is that if the pre-assigned password is too simple, security issues are likely to arise; if the pre-assigned password is too complicated, the user input is very cumbersome. Meanwhile, this approach cannot be applied to a scene where there is a requirement for the place where authentication occurs. For example, facilities that have associated confidential data in custody, require that users accessing the information system be inside the facilities and have the associated personnel, thereby avoiding external malicious attempts to access.
Compared with the first technology, the second technology can avoid the complex process of inputting the password by the user, and data transmission is carried out through NFC or Bluetooth communication, so that the equipment of the user is required to be within a certain range from the equipment of an administrator, and the scene of the place where authentication occurs and the scene of the requirement can be met. However, the second technique also has a very serious security problem because the administrator's device usually has a very high operation authority in the information system, and if the user's device attacks the administrator's device with malicious codes during data transmission, and steals information related to the information system stored on the administrator's device, malicious operations may be performed on the information system. In order to avoid the related safety hazard, ideally, there cannot be a way of data transmission between the administrator's device and the user's device.
Disclosure of Invention
The invention aims to overcome the defects of the prior art and provides a security authentication method, a system, a device, computer equipment and a storage medium by using a terminal gyroscope, which do not need to input information on the equipment or use data transmission between the equipment to complete the security verification of the equipment and ensure the security of data information.
In order to solve at least one technical problem, an embodiment of the present invention provides a security authentication method using a terminal gyroscope, where the method includes:
receiving a first X-axis angle change rate, a first Y-axis angle change rate and a first Z-axis angle change rate which are read by the safety equipment passing the administrator information authentication through a first gyroscope;
receiving a second X-axis angle change rate, a second Y-axis angle change rate and a second Z-axis angle change rate which are read by the equipment to be verified through a second gyroscope;
comparing the first X-axis angle change rate with the second X-axis angle change rate, comparing the first Y-axis angle change rate with the second Y-axis angle change rate, and comparing the first Z-axis angle change rate with the second Z-axis angle change rate;
when the comparison result meets a preset condition, setting the equipment to be verified as safety equipment so as to complete the safety authentication of the equipment to be verified;
the first X-axis angle change rate, the first Y-axis angle change rate, the first Z-axis angle change rate, the second X-axis angle change rate, the second Y-axis angle change rate and the second Z-axis angle change rate are used for binding the safety equipment and the equipment to be verified, and reading the safety equipment and the equipment to be verified respectively by a first gyroscope of the safety equipment and reading the safety equipment and the equipment to be verified by a second gyroscope of the equipment to be verified after spatial motion is carried out for a preset time.
Optionally, the preset condition includes that a data difference value between the first X-axis angle change rate and the second X-axis angle change rate, between the first Z-axis angle change rate and the second Y-axis angle change rate, between the second Y-axis angle change rate and the second Z-axis angle change rate is smaller than a preset value.
Optionally, when the comparison result meets a preset condition, setting the device to be verified as a security device includes:
calculating data difference values of the first X-axis angle change rate, the first Y-axis angle change rate, the first Z-axis angle change rate, the second X-axis angle change rate, the second Y-axis angle change rate and the second Z-axis angle change rate according to the difference values determined by a data difference formula:
wherein the data difference formula is:
Axnrepresents the first X-axis angle change rate, BxnRepresents the second X-axis angle change rate, AynRepresents the first Y-axis angle change rate, BynRepresents the second Y-axis angle change rate, AznRepresents the first Z-axis angle change rate, BznRepresenting the second Z-axis angle change rate, dnRepresenting the difference;
and when the data difference value is smaller than the preset value, setting the equipment to be verified as safety equipment.
Optionally, a plurality of the first X-axis angle change rate, the first Y-axis angle change rate, the first Z-axis angle change rate, the second X-axis angle change rate, the second Y-axis angle change rate, and the second Z-axis angle change rate are respectively read by a first gyroscope of the security device and a second gyroscope of the device to be verified after the security device and the device to be verified move in space for N seconds, where N is a positive integer;
a plurality of said first X-axis angular variationsA rate of
A plurality of the first Y-axis angle change rates of
A plurality of the first Z-axis angle change rates of
A plurality of the second X-axis angle change rates of
A plurality of the second Y-axis angle change rates of
A plurality of the second Z-axis angle change rates of
The calculating data difference values of the first X-axis angle change rate, the first Y-axis angle change rate, the first Z-axis angle change rate, the second X-axis angle change rate, the second Y-axis angle change rate, and the second Z-axis angle change rate according to the difference values determined by the data difference formula includes:
determining the data difference value according to the accumulated value of the difference value, wherein the accumulated value of the difference value is
Optionally, the preset value is 35; when the data difference value is smaller than the preset value, setting the device to be verified as a safety device, including:
when said
And when theta is 35, setting the device to be authenticated as a safety device.
Optionally, the method further comprises:
receiving an information authentication request of a security request device;
and when the information authentication request passes, using the safety request device as the safety device which passes the administrator information authentication.
In addition, the embodiment of the invention also provides a security authentication system using the terminal gyroscope, wherein the security authentication system comprises security equipment which passes the authentication of the administrator information, an authentication server and equipment to be verified;
after the safety device and the device to be verified are bound and move in space for a preset time, a first gyroscope of the safety device reads a first X-axis angle change rate, a first Y-axis angle change rate and a first Z-axis angle change rate, and a second gyroscope of the device to be verified reads a second X-axis angle change rate, a second Y-axis angle change rate and a second Z-axis angle change rate;
the security device sending the first X-axis angle change rate, the first Y-axis angle change rate, and the first Z-axis angle change rate to the authentication server;
the device to be verified sends the second X-axis angle change rate, the second Y-axis angle change rate and the second Z-axis angle change rate to the authentication server;
the authentication server compares the first X-axis angle change rate with the second X-axis angle change rate, compares the first Y-axis angle change rate with the second Y-axis angle change rate, compares the first Z-axis angle change rate with the second Z-axis angle change rate, and sets the device to be verified as a safety device when a comparison result meets a preset condition so as to complete safety authentication of the device to be verified.
In addition, an embodiment of the present invention further provides a security authentication apparatus using a terminal gyroscope, where the apparatus includes:
the first receiving module is used for receiving a first X-axis angle change rate, a first Y-axis angle change rate and a first Z-axis angle change rate which are read by the safety equipment which passes the administrator information authentication through the first gyroscope;
the second receiving module is used for receiving a second X-axis angle change rate, a second Y-axis angle change rate and a second Z-axis angle change rate which are read by the equipment to be verified through a second gyroscope;
a comparison module, configured to compare the first X-axis angle change rate with the second X-axis angle change rate, compare the first Y-axis angle change rate with the second Y-axis angle change rate, and compare the first Z-axis angle change rate with the second Z-axis angle change rate;
the authentication module is used for setting the equipment to be verified as safety equipment when the comparison result meets a preset condition so as to complete the safety authentication of the equipment to be verified;
the first X-axis angle change rate, the first Y-axis angle change rate, the first Z-axis angle change rate, the second X-axis angle change rate, the second Y-axis angle change rate and the second Z-axis angle change rate are used for binding the safety equipment and the equipment to be verified, and reading the safety equipment and the equipment to be verified respectively by a first gyroscope of the safety equipment and reading the safety equipment and the equipment to be verified by a second gyroscope of the equipment to be verified after spatial motion is carried out for a preset time.
In addition, an embodiment of the present invention further provides a computer device, including: the system comprises a memory, a processor and an application program stored on the memory and capable of running on the processor, wherein the processor realizes the steps of the method of any embodiment when executing the application program.
In addition, an embodiment of the present invention further provides a computer-readable storage medium, on which an application program is stored, and when the application program is executed by a processor, the steps of any one of the above-mentioned embodiments of the method are implemented.
In the embodiment of the invention, by implementing the method, after the security device is bound with the device to be verified and moves in space for a preset time, the security device reads the first gyroscope to the server for uploading the angular change rates of the three dimensions, meanwhile, the device to be verified reads the second gyroscope to the server for uploading the angular change rates of the three dimensions, and after the server respectively compares the angular change rates of the three dimensions of the two devices, the server determines whether the device to be verified is the security device according to the comparison result. And if the comparison result meets the preset condition, setting the equipment to be verified as the safety equipment. Therefore, the safety verification of the device setting to be verified is realized. In the whole verification process, the safety verification of the equipment to be verified is completed without inputting information on the safety equipment and the equipment to be verified or using data transmission between the equipment, so that the safety of data information is ensured.
Drawings
Fig. 1 is a schematic structural diagram of a security authentication system using a terminal gyroscope according to an embodiment of the present invention;
fig. 2 is a schematic flow chart of a security authentication method using a terminal gyroscope according to an embodiment of the present invention;
fig. 3 is a rectangular coordinate system established with the center of mass of the mobile phone as the center in the embodiment of the present invention;
FIG. 4 is a vector diagram of a vector R of a mobile phone in a space moving with a centroid as a coordinate origin according to an embodiment of the present invention;
FIG. 5 is a graph of a change in value in an embodiment of the present invention;
FIG. 6 is a graph of the error resulting from the simulator test in an embodiment of the present invention;
fig. 7 is a schematic structural diagram of a security authentication apparatus using a terminal gyroscope according to an embodiment of the present invention;
fig. 8 is a schematic structural composition diagram of a computer device in the embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
An embodiment of the present invention provides a security authentication system using a terminal gyroscope, as shown in fig. 1, the security authentication system using a terminal gyroscope includes a security device 10 that has been authenticated by administrator information, an authentication server 20, and a device to be authenticated 30;
after the security device 10 and the device to be verified 30 are bound and move for a preset time in space, a first gyroscope of the security device 10 reads a first X-axis angle change rate, a first Y-axis angle change rate and a first Z-axis angle change rate, and a second gyroscope of the device to be verified 30 reads a second X-axis angle change rate, a second Y-axis angle change rate and a second Z-axis angle change rate;
the secure device 10 sends the first X-axis angle change rate, the first Y-axis angle change rate, and the first Z-axis angle change rate to the authentication server 20;
the device to be verified 30 sends the second X-axis angle change rate, the second Y-axis angle change rate, and the second Z-axis angle change rate to the authentication server;
the authentication server 20 compares the first X-axis angle change rate with the second X-axis angle change rate, compares the first Y-axis angle change rate with the second Y-axis angle change rate, compares the first Z-axis angle change rate with the second Z-axis angle change rate, and sets the device to be verified 30 as a security device when a comparison result satisfies a preset condition, so as to complete security authentication of the device to be verified 30.
Accordingly, the authentication server 20 completes the security verification of the device to be verified 30. The device to be verified 30 as a secure device can perform information interaction with the authentication server 20 within a specified range.
The embodiment of the invention provides a security authentication method using a terminal gyroscope, which is applied to the authentication server 20 shown in fig. 1. As shown in fig. 2, the security authentication method using a terminal gyroscope includes the following steps:
s102, receiving a first X-axis angle change rate, a first Y-axis angle change rate and a first Z-axis angle change rate which are read by the safety equipment passing the administrator information authentication through the first gyroscope.
In this embodiment, before S102, the method further includes: receiving an information authentication request of a security request device; and when the information authentication request passes, using the safety request device as the safety device which passes the administrator information authentication.
In this embodiment, the security device is connected to the authentication server via a network, and performs security authentication of the authentication server. The safety device can read the three-dimensional angle change rate of the safety device during space motion through an internal gyroscope. In particular, the security device is a mobile phone. As shown in fig. 3, a rectangular coordinate system is established with the center of mass of the mobile phone as the center. As shown in fig. 4, the vector of the movement of the mobile phone in the space with the centroid as the origin of coordinates is R. In a rectangular coordinate system, Axz is the angle between the projection of the vector R on the XZ plane and the Y axis, and the gyroscope can measure the rate of change of the angle, for example, at time t0, the gyroscope rotates around the Y axis by an angle Axz0, and at time t1, the angle is measured again to obtain Axz1, where:
RateAxz=(Axz1–Axz0)/(t1–t0);
RateAxz is the angular velocity of rotation about the Y-axis when the gyroscope is in motion. The same principle is as follows: RateAxy is the angular velocity of the gyroscope about the Z-axis, and RateAyz is the angular velocity of the gyroscope about the X-axis.
A gyroscope mounted in a smart phone, taking an Android system as an example, can measure the change of angles of the smart phone around the X, Y and Z axes within a period of time through the following codes:
assuming that the initial X, Y, Z axis angular reading of the gyroscope is [0, 0, 0], rotating the gyroscope in space, continuously recording the change in reading, sampling every 1 second, sampling 10 times, the following tabular data is obtained:
the numerical curve obtained from the above table data is shown in fig. 5.
And S104, receiving a second X-axis angle change rate, a second Y-axis angle change rate and a second Z-axis angle change rate which are read by the equipment to be verified through a second gyroscope.
In this embodiment, the device to be verified is connected to the authentication server via a network, and the security authentication of the authentication server is not completed. And the equipment to be verified sends a security verification request to the authentication server, and uploads the second X-axis angle change rate, the second Y-axis angle change rate and the second Z-axis angle change rate read by the second gyroscope to the authentication server so as to perform security verification on the server to be verified. In particular, the security device is a mobile phone. The way in which the device to be authenticated reads the three-dimensional angular rate of change of the spatial motion process using the second gyroscope is as described above and will not be described in detail here.
S106, comparing the first X-axis angle change rate with the second X-axis angle change rate, comparing the first Y-axis angle change rate with the second Y-axis angle change rate, and comparing the first Z-axis angle change rate with the second Z-axis angle change rate.
In this embodiment, it should be noted that the first X-axis angle change rate, the first Y-axis angle change rate, the first Z-axis angle change rate, the second X-axis angle change rate, the second Y-axis angle change rate, and the second Z-axis angle change rate are obtained by binding the security device and the device to be verified, and reading the bound security device and the device to be verified by the first gyroscope of the security device and reading the bound security device and.
Specifically, the security device is a mobile phone a, the device to be verified is a mobile phone B, and both of the two mobile phones are equipped with gyroscopes and are connected to the authentication server through a network. The two planes of the mobile phone A and the mobile phone B are fixed, so that the positions of the two planes are consistent in space and no sliding occurs. A simple method is to use a rubber band to tighten. The administrator holds the fixed mobile phone A and the fixed mobile phone B and carries out a period of time in the spaceThe time may be about 5 to 30 seconds, here denoted as N seconds, and handset a and handset B upload the readings on the gyroscopes to the authentication server. The authentication server receives the reading of the mobile phone A:
receiving the reading of the mobile phone B:
the readings received by the authentication server are three-dimensional angle change rates of the mobile phone A and the mobile phone B respectively. Further, the two groups of three-dimensional angle change rates received by the authentication server are respectively compared.
And S108, when the comparison result meets a preset condition, setting the equipment to be verified as safety equipment so as to complete the safety authentication of the equipment to be verified.
In this embodiment, a preset condition is preset on the authentication server, and the preset condition is used for determining the matching degree of the comparison result. The preset condition may be that the matching degree of the comparison result reaches a preset value. And when the authentication server determines that the comparison result meets the preset condition, setting the equipment to be verified as safety equipment so as to complete the safety authentication of the equipment to be verified.
Specifically, the authentication server judges through comparison results and preset conditions
And
and if the mobile phone B belongs to the same motion track, the authorization of the mobile phone B is considered to pass.
By implementing the method, after the safety device is bound with the device to be verified and moves in space for a preset time length, the safety device reads the first gyroscope to the server for uploading the angle change rates of the three dimensions, meanwhile, the device to be verified reads the second gyroscope to the server for uploading the angle change rates of the three dimensions, and after the server respectively compares the angle change rates of the three dimensions of the two devices, whether the device to be verified is the safety device is determined according to the comparison result. And if the comparison result meets the preset condition, setting the equipment to be verified as the safety equipment. Therefore, the safety verification of the device setting to be verified is realized. In the whole verification process, the safety verification of the equipment to be verified is completed without inputting information on the safety equipment and the equipment to be verified or using data transmission between the equipment, so that the safety of data information is ensured.
In an embodiment, the preset condition includes that a data difference value between the first X-axis angle change rate and the first Y-axis angle change rate, between the first Z-axis angle change rate and the second X-axis angle change rate, between the second Y-axis angle change rate, and between the second Z-axis angle change rate is smaller than a preset value.
Preferably, when the comparison result meets a preset condition, setting the device to be verified as a security device includes: calculating data difference values of the first X-axis angle change rate, the first Y-axis angle change rate, the first Z-axis angle change rate, the second X-axis angle change rate, the second Y-axis angle change rate and the second Z-axis angle change rate according to the difference values determined by a data difference formula: wherein the data difference formula is:
Axnrepresents the first X-axis angle change rate, BxnRepresents the second X-axis angle change rate, AynRepresents the first Y-axis angle change rate, BynRepresents the second Y-axis angle change rate, AznRepresents the first Z-axis angle change rate, BznRepresenting the second Z-axis angle change rate, dnRepresenting the difference;
and when the data difference value is smaller than the preset value, setting the equipment to be verified as safety equipment.
Preferably, the plurality of first X-axis angle change rates, the first Y-axis angle change rates, the first Z-axis angle change rates, the second X-axis angle change rates, the second Y-axis angle change rates, and the second Z-axis angle change rates are respectively read by a first gyroscope of the security device and a second gyroscope of the device to be verified after the security device and the device to be verified move in space for N seconds, where N is a positive integer; a plurality of the first X-axis angle change rates of
A plurality of the first Y-axis angle change rates of
A plurality of the first Z-axis angle change rates of
A plurality of the second X-axis angle change rates of
A plurality of the second Y-axis angle change rates of
A plurality of the second Z-axis angle change rates of
The calculating data difference values of the first X-axis angle change rate, the first Y-axis angle change rate, the first Z-axis angle change rate, the second X-axis angle change rate, the second Y-axis angle change rate, and the second Z-axis angle change rate according to the difference values determined by the data difference formula includes: determining the data difference value according to the accumulated value of the difference value, wherein the accumulated value of the difference value is
Further, the preset value is 35; when the data difference value is smaller than the preset value, setting the device to be verified as a safety device, including: when said
And when theta is 35, setting the device to be authenticated as a safety device.
Specifically, whether the mobile phone A and the mobile phone B move in the space in a consistent manner or not is judged through the gyroscope to perform authorization authentication, and whether the reading of the mobile phone A and the reading of the mobile phone B are in the same movement track or not can be judged in any way. For completeness of explanation, a practical method is described herein:
ideally there are:
because there will be some slight differences in accuracy between the gyroscopes of the two handsets, plus possible delays of the network, a threshold θ is set, which is:
in practice, θ may be set to 35.
The code was written to verify as described above, where the gyroscope readings of handset a and handset B had a random 5 range deviation, then the readings of handset a and handset B are as follows:
according to the error formula, the above error is 19.77, so that the mobile phone a and the mobile phone B can be determined to belong to the same motion track within the error range. The results of ten thousand tests using the simulator are shown in fig. 6. Therefore, the accuracy of the judgment method is high.
In one embodiment, the invention further provides a security authentication device using the terminal gyroscope. As shown in fig. 7, the apparatus includes:
the first receiving module 71 is configured to receive a first X-axis angle change rate, a first Y-axis angle change rate, and a first Z-axis angle change rate that are read by the security device that has passed the administrator information authentication through the first gyroscope.
In this embodiment, the security authentication apparatus using a terminal gyroscope further includes a setting module, configured to receive an information authentication request from a security request device; and when the information authentication request passes, using the safety request device as the safety device which passes the administrator information authentication.
In this embodiment, the security device is connected to the authentication server via a network, and performs security authentication of the authentication server. The safety device can read the three-dimensional angle change rate of the safety device during space motion through an internal gyroscope. In particular, the security device is a mobile phone. As shown in fig. 3, a rectangular coordinate system is established with the center of mass of the mobile phone as the center. As shown in fig. 4, the vector of the movement of the mobile phone in the space with the centroid as the origin of coordinates is R. In a rectangular coordinate system, Axz is the angle between the projection of the vector R on the XZ plane and the Y axis, and the gyroscope can measure the rate of change of the angle, for example, at time t0, the gyroscope rotates around the Y axis by an angle Axz0, and at time t1, the angle is measured again to obtain Axz1, where:
RateAxz=(Axz1–Axz0)/(t1–t0);
RateAxz is the angular velocity of rotation about the Y-axis when the gyroscope is in motion. The same principle is as follows: RateAxy is the angular velocity of the gyroscope about the Z-axis, and RateAyz is the angular velocity of the gyroscope about the X-axis.
A gyroscope mounted in a smart phone, taking an Android system as an example, can measure the change of angles of the smart phone around the X, Y and Z axes within a period of time through the following codes:
assuming that the initial X, Y, Z axis angular reading of the gyroscope is [0, 0, 0], rotating the gyroscope in space, continuously recording the change in reading, sampling every 1 second, sampling 10 times, the following tabular data is obtained:
the numerical curve obtained from the above table data is shown in fig. 5.
And the second receiving module 72 is configured to receive a second X-axis angle change rate, a second Y-axis angle change rate, and a second Z-axis angle change rate that are read by the device to be verified through the second gyroscope.
In this embodiment, the device to be verified is connected to the authentication server via a network, and the security authentication of the authentication server is not completed. And the equipment to be verified sends a security verification request to the authentication server, and uploads the second X-axis angle change rate, the second Y-axis angle change rate and the second Z-axis angle change rate read by the second gyroscope to the authentication server so as to perform security verification on the server to be verified. In particular, the security device is a mobile phone. The way in which the device to be authenticated reads the three-dimensional angular rate of change of the spatial motion process using the second gyroscope is as described above and will not be described in detail here.
A comparison module 73, configured to compare the first X-axis angle change rate with the second X-axis angle change rate, compare the first Y-axis angle change rate with the second Y-axis angle change rate, and compare the first Z-axis angle change rate with the second Z-axis angle change rate.
In this embodiment, it should be noted that the first X-axis angle change rate, the first Y-axis angle change rate, the first Z-axis angle change rate, the second X-axis angle change rate, the second Y-axis angle change rate, and the second Z-axis angle change rate are obtained by binding the security device and the device to be verified, and reading the bound security device and the device to be verified by the first gyroscope of the security device and reading the bound security device and.
Specifically, the security device is a mobile phone a, the device to be verified is a mobile phone B, and both of the two mobile phones are equipped with gyroscopes and are connected to the authentication server through a network. The two planes of the mobile phone A and the mobile phone B are fixed, so that the positions of the two planes are consistent in space and no sliding occurs. A simple method is to use a rubber band to tighten. The administrator holds the fixed mobile phone A and the fixed mobile phone B by hand, and moves for a period of time in the space, wherein the time can be about 5 to 30 seconds, the time is recorded as N seconds, and the mobile phone A and the mobile phone B upload the reading on the gyroscope to the authentication server. The authentication server receives the reading of the mobile phone A:
receiving the reading of the mobile phone B:
wherein the authentication server receivesThe readings of (a) are three-dimensional angle change rates on cell phone a and cell phone B, respectively. Further, the two groups of three-dimensional angle change rates received by the authentication server are respectively compared.
The authentication module 74 is configured to set the device to be verified as a security device when the comparison result meets a preset condition, so as to complete security authentication of the device to be verified; the first X-axis angle change rate, the first Y-axis angle change rate, the first Z-axis angle change rate, the second X-axis angle change rate, the second Y-axis angle change rate and the second Z-axis angle change rate are used for binding the safety equipment and the equipment to be verified, and reading the safety equipment and the equipment to be verified respectively by a first gyroscope of the safety equipment and reading the safety equipment and the equipment to be verified by a second gyroscope of the equipment to be verified after spatial motion is carried out for a preset time.
In this embodiment, a preset condition is preset on the authentication server, and the preset condition is used for determining the matching degree of the comparison result. The preset condition may be that the matching degree of the comparison result reaches a preset value. And when the authentication server determines that the comparison result meets the preset condition, setting the equipment to be verified as safety equipment so as to complete the safety authentication of the equipment to be verified.
Specifically, the authentication server judges through comparison results and preset conditions
And
and if the mobile phone B belongs to the same motion track, the authorization of the mobile phone B is considered to pass.
In an embodiment, the preset condition includes that a data difference value between the first X-axis angle change rate and the first Y-axis angle change rate, between the first Z-axis angle change rate and the second X-axis angle change rate, between the second Y-axis angle change rate, and between the second Z-axis angle change rate is smaller than a preset value.
Preferably, when the comparison result meets a preset condition, setting the device to be verified as a security device includes: calculating data difference values of the first X-axis angle change rate, the first Y-axis angle change rate, the first Z-axis angle change rate, the second X-axis angle change rate, the second Y-axis angle change rate and the second Z-axis angle change rate according to the difference values determined by a data difference formula: wherein the data difference formula is:
Axnrepresents the first X-axis angle change rate, BxnRepresents the second X-axis angle change rate, AynRepresents the first Y-axis angle change rate, BynRepresents the second Y-axis angle change rate, AznRepresents the first Z-axis angle change rate, BznRepresenting the second Z-axis angle change rate, dnRepresenting the difference;
and when the data difference value is smaller than the preset value, setting the equipment to be verified as safety equipment.
Preferably, the plurality of first X-axis angle change rates, the first Y-axis angle change rates, the first Z-axis angle change rates, the second X-axis angle change rates, the second Y-axis angle change rates, and the second Z-axis angle change rates are respectively read by a first gyroscope of the security device and a second gyroscope of the device to be verified after the security device and the device to be verified move in space for N seconds, where N is a positive integer; a plurality of the first X-axis angle change rates of
A plurality of the first Y-axis angle change rates of
A plurality of the first Z-axis angle change rates of
A plurality of the second X-axis angle change rates of
A plurality of the second Y-axis angle change rates of
A plurality of the second Z-axis angle change rates of
The calculating data difference values of the first X-axis angle change rate, the first Y-axis angle change rate, the first Z-axis angle change rate, the second X-axis angle change rate, the second Y-axis angle change rate, and the second Z-axis angle change rate according to the difference values determined by the data difference formula includes: determining the data difference value according to the accumulated value of the difference value, wherein the accumulated value of the difference value is
Further, the preset value is 35; when the data difference value is smaller than the preset value, setting the device to be verified as a safety device, including: when said
And when theta is 35, setting the device to be authenticated as a safety device.
Specifically, whether the mobile phone A and the mobile phone B move in the space in a consistent manner or not is judged through the gyroscope to perform authorization authentication, and whether the reading of the mobile phone A and the reading of the mobile phone B are in the same movement track or not can be judged in any way. For completeness of explanation, a practical method is described herein:
ideally there are:
because there will be some slight differences in accuracy between the gyroscopes of the two handsets, plus possible delays of the network, a threshold θ is set, which is:
in practice, θ may be set to 35.
The code was written to verify as described above, where the gyroscope readings of handset a and handset B had a random 5 range deviation, then the readings of handset a and handset B are as follows:
according to the error formula, the above error is 19.77, so that the mobile phone a and the mobile phone B can be determined to belong to the same motion track within the error range. The results of ten thousand tests using the simulator are shown in fig. 6. It is thus understood that a security authentication device using a terminal gyroscope has high accuracy.
For a specific limitation of the security authentication apparatus using the terminal gyroscope, reference may be made to the above limitation on a security authentication method using the terminal gyroscope, and details are not described here. Each module in the security authentication apparatus using a terminal gyroscope may be wholly or partially implemented by software, hardware, or a combination thereof. The modules can be embedded in a hardware form or independent from a processor in the computer device, and can also be stored in a memory in the computer device in a software form, so that the processor can call and execute operations corresponding to the modules.
In an embodiment of the present invention, an application program is stored on a computer-readable storage medium, and when the application program is executed by a processor, the method for security authentication using a terminal gyroscope according to any one of the above embodiments is implemented. The computer-readable storage medium includes, but is not limited to, any type of disk including floppy disks, hard disks, optical disks, CD-ROMs, and magneto-optical disks, ROMs (Read-Only memories), RAMs (Random AcceSS memories), EPROMs (EraSable Programmable Read-Only memories), EEPROMs (Electrically EraSable Programmable Read-Only memories), flash memories, magnetic cards, or optical cards. That is, a storage device includes any medium that stores or transmits information in a form readable by a device (e.g., a computer, a cellular phone), and may be a read-only memory, a magnetic or optical disk, or the like.
The embodiment of the invention also provides a computer application program which runs on a computer and is used for executing the security authentication method by using the terminal gyroscope in any one of the embodiments.
Fig. 8 is a schematic structural diagram of a computer device in the embodiment of the present invention.
An embodiment of the present invention further provides a computer device, as shown in fig. 8. The computer apparatus includes devices such as a processor 802, a memory 803, an input unit 804, and a display unit 805. Those skilled in the art will appreciate that the device configuration means shown in fig. 8 do not constitute a limitation of all devices and may include more or less components than those shown, or some components in combination. The memory 803 may be used to store the application program 801 and various functional modules, and the processor 802 executes the application program 801 stored in the memory 803, thereby performing various functional applications of the device and data processing. The memory may be internal or external memory, or include both internal and external memory. The memory may comprise read-only memory (ROM), Programmable ROM (PROM), Electrically Programmable ROM (EPROM), Electrically Erasable Programmable ROM (EEPROM), flash memory, or random access memory. The external memory may include a hard disk, a floppy disk, a ZIP disk, a usb-disk, a magnetic tape, etc. The disclosed memory includes, but is not limited to, these types of memory. The disclosed memory is by way of example only and not by way of limitation.
The input unit 804 is used for receiving input of signals and receiving keywords input by a user. The input unit 804 may include a touch panel and other input devices. The touch panel can collect touch operations of a user on or near the touch panel (for example, operations of the user on or near the touch panel by using any suitable object or accessory such as a finger, a stylus and the like) and drive the corresponding connecting device according to a preset program; other input devices may include, but are not limited to, one or more of a physical keyboard, function keys (e.g., play control keys, switch keys, etc.), a trackball, a mouse, a joystick, and the like. The display unit 805 may be used to display information input by a user or information provided to the user and various menus of the terminal device. The display unit 805 may take the form of a liquid crystal display, an organic light emitting diode, or the like. The processor 802 is a control center of the terminal device, connects various parts of the entire device using various interfaces and lines, and performs various functions and processes data by operating or executing software programs and/or modules stored in the memory 803 and calling data stored in the memory.
As one embodiment, the computer device includes: one or more processors 802, a memory 803, one or more applications 801, wherein the one or more applications 801 are stored in the memory 803 and configured to be executed by the one or more processors 802, the one or more applications 801 configured to perform a method of secure authentication using a terminal gyroscope of any of the above embodiments.
In addition, the security authentication method, system, apparatus, computer device and storage medium using a terminal gyroscope according to the embodiments of the present invention are described in detail above, and a specific example should be used herein to explain the principle and the implementation of the present invention, and the description of the above embodiments is only used to help understanding the method and the core idea of the present invention; meanwhile, for a person skilled in the art, according to the idea of the present invention, there may be variations in the specific embodiments and the application scope, and in summary, the content of the present specification should not be construed as a limitation to the present invention.
Claims (10)
1. A security authentication method using a terminal gyroscope, the method comprising:
receiving a first X-axis angle change rate, a first Y-axis angle change rate and a first Z-axis angle change rate which are read by the safety equipment passing the administrator information authentication through a first gyroscope;
receiving a second X-axis angle change rate, a second Y-axis angle change rate and a second Z-axis angle change rate which are read by the equipment to be verified through a second gyroscope;
comparing the first X-axis angle change rate with the second X-axis angle change rate, comparing the first Y-axis angle change rate with the second Y-axis angle change rate, and comparing the first Z-axis angle change rate with the second Z-axis angle change rate;
when the comparison result meets a preset condition, setting the equipment to be verified as safety equipment so as to complete the safety authentication of the equipment to be verified;
the first X-axis angle change rate, the first Y-axis angle change rate, the first Z-axis angle change rate, the second X-axis angle change rate, the second Y-axis angle change rate and the second Z-axis angle change rate are used for binding the safety equipment and the equipment to be verified, and reading the safety equipment and the equipment to be verified respectively by a first gyroscope of the safety equipment and reading the safety equipment and the equipment to be verified by a second gyroscope of the equipment to be verified after spatial motion is carried out for a preset time.
2. The method according to claim 1, wherein the preset condition includes that a data difference value of the first X-axis angle change rate, the first Y-axis angle change rate, the first Z-axis angle change rate and the second X-axis angle change rate, the second Y-axis angle change rate, the second Z-axis angle change rate is smaller than a preset value.
3. The method according to claim 2, wherein when the comparison result satisfies a preset condition, setting the device to be verified as a security device comprises:
calculating data difference values of the first X-axis angle change rate, the first Y-axis angle change rate, the first Z-axis angle change rate, the second X-axis angle change rate, the second Y-axis angle change rate and the second Z-axis angle change rate according to the difference values determined by a data difference formula:
wherein the data difference formula is:
Axnrepresents the first X-axis angle change rate, BxnRepresents the second X-axis angle change rate, AynRepresents the first Y-axis angle change rate, BynRepresents the second Y-axis angle change rate, AznRepresents the first Z-axis angle change rate, BznRepresenting the second Z-axis angle change rate, dnRepresenting the difference;
and when the data difference value is smaller than the preset value, setting the equipment to be verified as safety equipment.
4. The method according to claim 3, wherein a plurality of the first X-axis angular rate, the first Y-axis angular rate, the first Z-axis angular rate and the second X-axis angular rate, the second Y-axis angular rate, the second Z-axis angular rate are read by a first gyroscope of the security device and by a second gyroscope of the device to be verified, respectively, after N seconds of spatial movement of the security device and the device to be verified, where N is a positive integer;
a plurality of the first X-axis angle change rates of
A plurality of the first Y-axis angle change rates of
A plurality of the first Z-axis angle change rates of
A plurality of the second X-axis angle change rates of
A plurality of the second Y-axis angle change rates of
A plurality of the second Z-axis angle change rates of
The calculating data difference values of the first X-axis angle change rate, the first Y-axis angle change rate, the first Z-axis angle change rate, the second X-axis angle change rate, the second Y-axis angle change rate, and the second Z-axis angle change rate according to the difference values determined by the data difference formula includes:
determining the data difference value according to the accumulated value of the difference value, wherein the accumulated value of the difference value is
5. The method according to claim 4, characterized in that said preset value is 35; when the data difference value is smaller than the preset value, setting the device to be verified as a safety device, including:
when said
And when theta is 35, setting the device to be authenticated as a safety device.
6. The method of claim 1, further comprising:
receiving an information authentication request of a security request device;
and when the information authentication request passes, using the safety request device as the safety device which passes the administrator information authentication.
7. A security authentication system using a terminal gyroscope is characterized by comprising a security device which passes through administrator information authentication, an authentication server and a device to be verified;
after the safety device and the device to be verified are bound and move in space for a preset time, a first gyroscope of the safety device reads a first X-axis angle change rate, a first Y-axis angle change rate and a first Z-axis angle change rate, and a second gyroscope of the device to be verified reads a second X-axis angle change rate, a second Y-axis angle change rate and a second Z-axis angle change rate;
the security device sending the first X-axis angle change rate, the first Y-axis angle change rate, and the first Z-axis angle change rate to the authentication server;
the device to be verified sends the second X-axis angle change rate, the second Y-axis angle change rate and the second Z-axis angle change rate to the authentication server;
the authentication server compares the first X-axis angle change rate with the second X-axis angle change rate, compares the first Y-axis angle change rate with the second Y-axis angle change rate, compares the first Z-axis angle change rate with the second Z-axis angle change rate, and sets the device to be verified as a safety device when a comparison result meets a preset condition so as to complete safety authentication of the device to be verified.
8. A security authentication apparatus using a terminal gyroscope, the apparatus comprising:
the first receiving module is used for receiving a first X-axis angle change rate, a first Y-axis angle change rate and a first Z-axis angle change rate which are read by the safety equipment which passes the administrator information authentication through the first gyroscope;
the second receiving module is used for receiving a second X-axis angle change rate, a second Y-axis angle change rate and a second Z-axis angle change rate which are read by the equipment to be verified through a second gyroscope;
a comparison module, configured to compare the first X-axis angle change rate with the second X-axis angle change rate, compare the first Y-axis angle change rate with the second Y-axis angle change rate, and compare the first Z-axis angle change rate with the second Z-axis angle change rate;
the authentication module is used for setting the equipment to be verified as safety equipment when the comparison result meets a preset condition so as to complete the safety authentication of the equipment to be verified;
the first X-axis angle change rate, the first Y-axis angle change rate, the first Z-axis angle change rate, the second X-axis angle change rate, the second Y-axis angle change rate and the second Z-axis angle change rate are used for binding the safety equipment and the equipment to be verified, and reading the safety equipment and the equipment to be verified respectively by a first gyroscope of the safety equipment and reading the safety equipment and the equipment to be verified by a second gyroscope of the equipment to be verified after spatial motion is carried out for a preset time.
9. A computer device comprising a memory, a processor and an application program stored on the memory and executable on the processor, wherein the steps of the method of any one of claims 1 to 7 are implemented when the application program is executed by the processor.
10. A computer-readable storage medium, on which an application program is stored, which when executed by a processor implements the steps of the method of any one of claims 1 to 7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011110878.2A CN112231682A (en) | 2020-10-16 | 2020-10-16 | Security authentication method, system, device and computer equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011110878.2A CN112231682A (en) | 2020-10-16 | 2020-10-16 | Security authentication method, system, device and computer equipment |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN112231682A true CN112231682A (en) | 2021-01-15 |
Family
ID=74118869
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011110878.2A Pending CN112231682A (en) | 2020-10-16 | 2020-10-16 | Security authentication method, system, device and computer equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112231682A (en) |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| TW201205081A (en) * | 2010-07-29 | 2012-02-01 | Chi Mei Comm Systems Inc | System and method for unlocking the portable electronic devices |
| CN106164920A (en) * | 2014-04-04 | 2016-11-23 | 高通股份有限公司 | Assist the method and apparatus of wearable identity manager |
| CN106790264A (en) * | 2017-02-07 | 2017-05-31 | 努比亚技术有限公司 | Authentication system and method, the server for authentication and checking equipment |
| CN107632722A (en) * | 2017-09-30 | 2018-01-26 | 北京梆梆安全科技有限公司 | A kind of various dimensions user ID authentication method and device |
| US9949124B1 (en) * | 2017-04-24 | 2018-04-17 | Zihan Chen | Method and device for authenticating wireless pairing and/or data transfer between two or more electronic devices |
| CN110908507A (en) * | 2019-10-31 | 2020-03-24 | 京东数字科技控股有限公司 | Control system and control method of terminal |
| CN111199025A (en) * | 2019-12-20 | 2020-05-26 | 招银云创(深圳)信息技术有限公司 | Information verification method and device, computer equipment and storage medium |
-
2020
- 2020-10-16 CN CN202011110878.2A patent/CN112231682A/en active Pending
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| TW201205081A (en) * | 2010-07-29 | 2012-02-01 | Chi Mei Comm Systems Inc | System and method for unlocking the portable electronic devices |
| CN106164920A (en) * | 2014-04-04 | 2016-11-23 | 高通股份有限公司 | Assist the method and apparatus of wearable identity manager |
| CN106790264A (en) * | 2017-02-07 | 2017-05-31 | 努比亚技术有限公司 | Authentication system and method, the server for authentication and checking equipment |
| US9949124B1 (en) * | 2017-04-24 | 2018-04-17 | Zihan Chen | Method and device for authenticating wireless pairing and/or data transfer between two or more electronic devices |
| CN107632722A (en) * | 2017-09-30 | 2018-01-26 | 北京梆梆安全科技有限公司 | A kind of various dimensions user ID authentication method and device |
| CN110908507A (en) * | 2019-10-31 | 2020-03-24 | 京东数字科技控股有限公司 | Control system and control method of terminal |
| CN111199025A (en) * | 2019-12-20 | 2020-05-26 | 招银云创(深圳)信息技术有限公司 | Information verification method and device, computer equipment and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9607140B2 (en) | Authenticating a user of a system via an authentication image mechanism | |
| US10200360B2 (en) | Authentication using physical interaction characteristics | |
| US10185813B2 (en) | Orientation aware authentication on mobile platforms | |
| US8806610B2 (en) | Multilevel passcode authentication | |
| JP2018507461A (en) | Mobile devices that provide continuous and discrete user authentication | |
| AU2013245980B2 (en) | Location-based access control for portable electronic device | |
| EP2503479B1 (en) | Login method based on direction of gaze | |
| WO2015187505A1 (en) | Geo-location and biometric presence security | |
| CN108141497B (en) | Information interaction method and device | |
| US20200366670A1 (en) | A system and method for authenticating a user | |
| CN107111511B (en) | Access control method, device and system | |
| US10204265B2 (en) | System and method for authenticating user | |
| KR20150011376A (en) | Method and system for authentication of communication and operation | |
| WO2016209370A1 (en) | Handling risk events for a mobile device | |
| CN105207783A (en) | Authentication method and device for user's confidence level | |
| CN112231682A (en) | Security authentication method, system, device and computer equipment | |
| US20230325488A1 (en) | Multi-factor authentication via mixed reality | |
| CN112231683A (en) | Security authentication method, system, device and computer equipment | |
| US20180357407A1 (en) | Authentication system with motion parameters | |
| CN110781833A (en) | Authentication method and device and electronic equipment | |
| KR20070066548A (en) | Method for executing signature certification operation and terminal of enabling the method | |
| CN114268952B (en) | Identity real name authentication method and device, storage medium and 4G box equipment | |
| CN109167766B (en) | Network platform login verification method and system based on mobile terminal verification | |
| CN113329333A (en) | Indoor positioning method and device, computer equipment and storage medium | |
| CN115694919A (en) | Identity authentication method based on gravity characteristics |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20210115 |