CN113037703B - Agricultural informatization work management method in big data environment - Google Patents
Agricultural informatization work management method in big data environment Download PDFInfo
- Publication number
- CN113037703B CN113037703B CN202011493875.1A CN202011493875A CN113037703B CN 113037703 B CN113037703 B CN 113037703B CN 202011493875 A CN202011493875 A CN 202011493875A CN 113037703 B CN113037703 B CN 113037703B
- Authority
- CN
- China
- Prior art keywords
- login
- key
- agricultural
- authentication
- login authentication
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
Abstract
The invention provides an agricultural informatization work management method in a big data environment, which comprises the following steps: s1, acquiring basic user information of agricultural workers, and initiating a login authentication instruction, wherein the login authentication instruction comprises an IP address; s2, after the login authentication of agricultural workers is started, the current key list of the login authentication is synchronously logged in at regular time, the abnormal state in the login authentication process is found, and the safety authentication feedback is carried out; s3, after authentication feedback, when finding an abnormal intercepted data instruction through a big data network, enabling the abnormal intercepted data instruction to be incapable of decrypting the loaded data through a data interception method; meanwhile, the IP address of the terminal for initiating the abnormal interception data command request is positioned, so that the phenomena of tampering and retransmission in the login authentication process of agricultural workers are prevented; a secure login access control mechanism is realized; and carrying out cloud server distribution operation on the safety login process data so as to complete data sharing operation of the login authentication process of agricultural workers.
Description
Technical Field
The invention relates to the field of data security, in particular to an agricultural informatization work management method in a big data environment.
Background
The rural informatization is lagged, and the current situations that the rural network informatization degree is low, the information is not smooth, the vast farmers cannot obtain the needed agricultural information in time, the encountered agricultural scientific and technological problems cannot be solved in time and the like exist. The irregular agricultural technology and the commodity market order increase the risk of farmers adopting the agricultural technology and seriously strike the enthusiasm of farmers for adopting new technology.
The construction of the agricultural information platform for the science and technology specializer service aims to perfect a rural market system, strengthen bidirectional information interaction and exchange, promote the construction of a rural modern circulation service network, help farmers increase production and income, develop comprehensive technical training for most farmers in the area, create scientific technical and technical agricultural services, various community services and the like, and enable the farmers to obtain more convenience and benefit in life. Corresponding security authentication authorization is lacked in the login process of the personnel, and the security authentication mechanism is not perfect, so that massive data are exposed in a network environment, and therefore, the technical problem that the technical personnel in the field need to solve is urgently needed.
Disclosure of Invention
The invention aims to at least solve the technical problems in the prior art, and particularly creatively provides an agricultural informatization work management method in a big data environment.
In order to achieve the above object, the present invention provides an agricultural informatization work management method in a big data environment, comprising the following steps:
s1, acquiring basic user information of agricultural workers, and initiating a login authentication instruction, wherein the login authentication instruction comprises an IP address;
and S2, after the login authentication of agricultural workers is started, synchronously logging in a current key list at regular time, finding an abnormal state in the login authentication process, and performing safety authentication feedback.
Preferably, the S1 includes:
s1-1, judging whether the IP address in the login authentication instruction is a pre-stored IP address, entering system key authentication operation if the IP address is consistent with the pre-stored IP address, returning to the initial stage of login authentication if the IP address is inconsistent with the pre-stored IP address, and performing system entry or prompting an abnormal state on a new login authentication IP address.
Preferably, the S1 includes:
s1-2, after the password of the agricultural staff is successfully verified in the login authentication process, generating an effective key login cache value of the agricultural staff through a key list table, and returning the login cache value to the cloud server; the method comprises the steps that after a cloud server receives a login authentication request carrying a login cache value and an IP address of an agricultural worker, a key generation preparation instruction of the login cache value is obtained, and a key needing to be prepared for authentication is mirrored in a key list table through the key generation preparation instruction; and decrypting the login cache value by using the key, and executing a login security verification process after verifying that the decryption result is correspondingly matched.
Preferably, the S1 includes:
s1-3, modifying the key list in real time during the login security check process, wherein the key list comprises a plurality of key values, and any key value corresponds to a key state and a key version; and the agricultural staff received from the cloud server sends login authentication information at regular time, the key state and the key version are obtained from the generated login security verification information, and the security authentication operation is carried out by inquiring and matching the login information of the agricultural staff in the secondary login authentication information through the secondary login authentication information generated by the digital signature key.
Preferably, the key generation preparation instruction includes:
setting a safety parameter to 1μ,1μRepresents μ consecutive 1 s, where μ is a positive integer;
the method comprises the steps of distributing a unique identification code T in the login authentication process, and forming an integer set of identification codes by acquiring all identification codes in a cloud serveriThe integer set S being contained in all identification codes TiI is a positive integer;
forming agricultural worker authentication System parameters psAnd the homomorphic encryption authentication method is defined as H: { k } is a function ofi,sk,pk}1≤i;
KiAssigning a value for the output key, sk being a private key of the input receiver, pk being a public key of the input receiver;
selecting the process domain D with the order u to perform m times of amplification operations to form DmThe cyclic calculation value q is the calculation number of a multi-order operation variable equation set; impact-resistant one-way hash function I: DxDm→Dm,I2:D→DmSelecting system parameter G ═ q, Dm,u,m,I,I2),
Respectively selecting random numbers required by password generationAnd w ∈RYCHThe subscript R is uniformly and randomly selected,positive integer multiplicative group, Y, being a non-zero operation modulo rCHDistributing values for a random password one-way hash function;
for i from 1 to j, i is more than or equal to 1 and less than or equal to j, calculating a randomly selected key sequence in the key generation process, and utilizing a random password one-way hash function distribution value YCHProcessing the key sequence and the plaintext message to obtain agricultural staffLogging in the mapping parameters;
for the encryption algorithm transformation K at D → DmTwo groups of reversible affine transformations M and N are randomly set, and public key identification is carried out on the secret keyO is a mapping synthesis operation, then calculates the private key of the input receiverIn which two random numbers a are selected1And a2,
Obtaining an identity list Q of agricultural workers, and inputting a safety parameter 1μRunning cryptographic operation formulasPublic key identification of Q-pass-sum keyAnd performing joint encryption to sequentially generate a private key and a public key of the receiver.
Preferably, the method further comprises the following steps:
when the ciphertext information CH (g | | | sigma), an encryption operation inequality is established by setting the message g and the ciphertext sigmaTerminating the encryption operation;
computing ciphertext componentsWhere j is a positive integer for performing cumulative counting on the ciphertext, P1Encrypting the initial parameters for the ciphertext, IjDistributing value Y for one-way hash function of passwordCHMapping value to identity information of agricultural workers, JjDistributing value Y for one-way hash function of passwordCHFor the mapping value of the login IP address, y is the cipher text encryption coefficient, PskEncrypting the parameter, P, for the recipient's private key ciphertextpkAnd encrypting the parameters for the public key and the ciphertext of the receiving party.
Preferably, the S2 includes:
s2-1, when switching to any target login system from the current login authentication process, according to the security level of the target login system, determining a security abnormal risk discovery strategy and enabling the target login system to execute the security abnormal risk discovery strategy, selecting the target security abnormal discovery strategy from the preset security strategies of the target login system and executing the target security abnormal discovery strategy;
s2-2, if the target security abnormity discovery level of the target login system is smaller than the preset security abnormity discovery standard threshold, determining the preset security abnormity discovery standard threshold of the target login system as a standard for judging abnormal security risks, and determining the target login system as a system capable of safely logging in;
s2-3, if the target login system receives a system switching request of agricultural workers, sending the preset safety anomaly discovery standard threshold value to a login authentication system to be switched, and executing S2-2 by the login authentication system to be switched;
s2-4, if the target security abnormity discovery level of the target login system is larger than the preset security abnormity discovery standard threshold, determining the preset security abnormity discovery standard threshold of the target login system as a standard for judging abnormal security risks, and determining the target login system as a system capable of safely logging in; and if the target login system receives the system switching request of the agricultural workers, the target login system still logs in according to the preset safety abnormity discovery standard threshold value.
In summary, due to the adoption of the technical scheme, the invention has the beneficial effects that:
the safety management of the system is ensured to have high reliability, and the system has auditability and monitorability; the system requires 7X24 hours of working time and requires the operation of a core platform database, namely a database server and the guarantee of data; prevent the malicious attack of hacker to the application such as the portal; the backup and recovery of data can be realized.
Additional aspects and advantages of the invention will be set forth in part in the description which follows and, in part, will be obvious from the description, or may be learned by practice of the invention.
Drawings
The above and/or additional aspects and advantages of the present invention will become apparent and readily appreciated from the following description of the embodiments, taken in conjunction with the accompanying drawings of which:
FIG. 1 is a general schematic of the present invention;
fig. 2 is a flow chart of the present invention.
Detailed Description
Reference will now be made in detail to embodiments of the present invention, examples of which are illustrated in the accompanying drawings, wherein like or similar reference numerals refer to the same or similar elements or elements having the same or similar function throughout. The embodiments described below with reference to the accompanying drawings are illustrative only for the purpose of explaining the present invention, and are not to be construed as limiting the present invention.
As shown in fig. 1 and 2, the invention discloses an agricultural informatization work management method in a big data environment, which comprises the following steps:
the system safety is a big problem that the whole system platform must pay attention to solve, and the safety problem considered by the project is as follows:
s1, acquiring basic user information of agricultural workers, and initiating a login authentication instruction, wherein the login authentication instruction comprises an IP address;
s1-1, judging whether the IP address in the login authentication instruction is a pre-stored IP address, entering system key authentication operation if the IP address in the login authentication instruction is consistent with the pre-stored IP address, returning to the initial login authentication stage if the IP address in the login authentication instruction is inconsistent with the pre-stored IP address, and performing system entry or prompting an abnormal state on a new login authentication IP address;
s1-2, after the password of the agricultural staff is successfully verified in the login authentication process, generating an effective key login cache value of the agricultural staff through a key list table, and returning the login cache value to the cloud server; the method comprises the steps that after a cloud server receives a login authentication request carrying a login cache value and an IP address of an agricultural worker, a key generation preparation instruction of the login cache value is obtained, and a key needing to be prepared for authentication is mirrored in a key list table through the key generation preparation instruction; decrypting the login cache value by using the key, and executing a login security verification process after verifying that the decryption result is correspondingly matched;
s1-3, modifying the key list in real time during the login security check process, wherein the key list comprises a plurality of key values, and any key value corresponds to a key state and a key version; and the agricultural staff received from the cloud server sends login authentication information at regular time, the key state and the key version are obtained from the generated login security verification information, and the security authentication operation is carried out by inquiring and matching the login information of the agricultural staff in the secondary login authentication information through the secondary login authentication information generated by the digital signature key.
The key generation preparation instruction includes:
setting a safety parameter to 1μ,1μRepresents μ consecutive 1 s, where μ is a positive integer;
the method comprises the steps of distributing a unique identification code T in the login authentication process, and forming an integer set of identification codes by acquiring all identification codes in a cloud serveriThe integer set S being contained in all identification codes TiI is a positive integer;
forming agricultural worker authentication System parameters psAnd the homomorphic encryption authentication method is defined as H: { k } is a function ofi,sk,pk}1≤i;
KiAssigning a value for the output key, sk being a private key of the input receiver, pk being a public key of the input receiver;
selecting the process domain D with the order u to perform m times of amplification operations to form DmThe cyclic calculation value q is the calculation number of a multi-order operation variable equation set; impact-resistant one-way hash function I: DxDm→Dm,I2:D→DmSelecting system parameter G ═ q, Dm,u,m,I,I2),
Respectively selecting random numbers required by password generationAnd w ∈RYCHThe subscripts R are eachUniformly and randomly selecting the mixture,positive integer multiplicative group, Y, being a non-zero operation modulo rCHDistributing values for a random password one-way hash function;
for i from 1 to j, i is more than or equal to 1 and less than or equal to j, calculating a randomly selected key sequence in the key generation process, and utilizing a random password one-way hash function distribution value YCHProcessing the key sequence and the plaintext message to obtain a login mapping parameter of the agricultural worker;
for the encryption algorithm transformation K at D → DmTwo groups of reversible affine transformations M and N are randomly set, and public key identification is carried out on the secret keyO is a mapping synthesis operation, then calculates the private key of the input receiverIn which two random numbers a are selected1And a2,
Obtaining an identity list Q of agricultural workers, and inputting a safety parameter 1μRunning cryptographic operation formulasPublic key identification of Q-pass-sum keyPerforming joint encryption to sequentially generate a private key and a public key of a receiver;
when the ciphertext information CH (g | | | sigma), an encryption operation inequality is established by setting the message g and the ciphertext sigmaTerminating the encryption operation;
computing ciphertext componentsWherein j is a positive integerFor cumulative counting of cryptograms, P1Encrypting the initial parameters for the ciphertext, IjDistributing value Y for one-way hash function of passwordCHMapping value to identity information of agricultural workers, JjDistributing value Y for one-way hash function of passwordCHFor the mapping value of the login IP address, y is the cipher text encryption coefficient, PskEncrypting the parameter, P, for the recipient's private key ciphertextpkEncrypts the parameters for the recipient's public key ciphertext,
s2, after the login authentication of agricultural workers is started, the current key list of the login authentication is synchronously logged in at regular time, the abnormal state in the login authentication process is found, and the safety authentication feedback is carried out;
s2-1, when switching to any target login system from the current login authentication process, according to the security level of the target login system, determining a security abnormal risk discovery strategy and enabling the target login system to execute the security abnormal risk discovery strategy, selecting the target security abnormal discovery strategy from the preset security strategies of the target login system and executing the target security abnormal discovery strategy;
s2-2, if the target security abnormity discovery level of the target login system is smaller than the preset security abnormity discovery standard threshold, determining the preset security abnormity discovery standard threshold of the target login system as a standard for judging abnormal security risks, and determining the target login system as a system capable of safely logging in;
s2-3, if the target login system receives a system switching request of agricultural workers, sending the preset safety anomaly discovery standard threshold value to a login authentication system to be switched, and executing S2-2 by the login authentication system to be switched;
s2-4, if the target security abnormity discovery level of the target login system is larger than the preset security abnormity discovery standard threshold, determining the preset security abnormity discovery standard threshold of the target login system as a standard for judging abnormal security risks, and determining the target login system as a system capable of safely logging in; if the target login system receives the system switching request of the agricultural workers, the agricultural workers still log in the target login system according to the preset safety abnormity discovery standard threshold value,
the security anomaly risk discovery strategy comprises the following steps:
the method comprises the steps that S-A, A login authentication request submitted by an agricultural worker is received, the login authentication request carries login verification information of the agricultural worker and corresponding identity verification matching information of the agricultural worker, which is acquired by A cloud server, the corresponding identity verification matching information of the agricultural worker is in datA association with the cloud server, the cloud server receives the identity verification matching information sent by the agricultural worker, the identity verification matching information carries an IP (Internet protocol) identifier of the cloud server, the cloud server calls an abnormal risk list preset by the cloud server according to the corresponding identity verification matching information of the agricultural worker, and the abnormal risk list existing in the identity verification matching information of the agricultural worker is acquired; wherein the abnormal risk list includes: the password is wrong, and the login operation instruction is repeatedly executed, wherein the password instruction comprises a Trojan horse, abnormal IP address login and the like;
S-B, if the identity authentication matching information corresponding to the agricultural staff is obtained according to a login authentication request prestored in a cloud server; the corresponding identity verification matching information of the agricultural workers is returned to the cloud server, so that the cloud server sends the corresponding identity verification matching information of the agricultural workers to the information matching unit, and the information matching unit uses the corresponding identity verification matching information of the agricultural workers to log in the system; carrying out abnormal risk discovery through an abnormal risk list preset by a cloud server;
S-C, if the cloud server receives identity verification matching information corresponding to the agricultural workers; the agricultural staff corresponding identity verification matching information and at least one cloud server establish an abnormal risk finding process in advance, the agricultural staff corresponding identity verification matching information can acquire a cloud server risk finding list in advance, the abnormal risk data of the at least one cloud server is abnormal login data or abnormal access data, when the agricultural staff corresponding identity verification matching information can log in an authentication interface, whether the cloud server capable of matching the abnormal risk exists in the agricultural staff corresponding identity verification matching information is judged according to the identification of the cloud server included in the cloud server risk finding list, if so, an abnormal login risk prompt is sent to the cloud server, and the abnormal login risk prompt can carry the agricultural staff corresponding identity verification matching information and carry a data transmission public key for login authentication of the agricultural staff, the cloud server is used for carrying out safety encryption on the corresponding identity verification matching information of the agricultural workers by using the data transmission public key, and the agricultural workers carry out acquisition operation when opening a login page; the agricultural staff corresponding to the identity verification matching information carried by the identity verification matching information searches whether a cloud server which is performing abnormal risk analysis exists in the corresponding identity verification matching information of the agricultural staff, if so, the agricultural staff performs a login authentication request, and synchronously distributes the login authentication request at the cloud server,
S-D, before the corresponding identity verification matching information of the agricultural staff is sent to a cloud server to send a login authentication request, judging whether the node where the agricultural staff is located has corresponding identity verification matching information of the agricultural staff, if the node where the agricultural staff is located has corresponding identity verification matching information of the agricultural staff, logging in by using the login verification information stored at the appointed position of the agricultural staff, and if the node where the agricultural staff is located does not have corresponding identity verification matching information of the agricultural staff, or receiving the login authentication information of the agricultural staff but does not use the corresponding identity verification matching information of the agricultural staff;
S-E, identity verification matching information corresponding to agricultural workers is obtained through a cloud server according to a login authentication request, the identity verification matching information corresponding to the agricultural workers needs to be carried in the login authentication request of the cloud server, the cloud server obtains the identity verification matching information corresponding to the agricultural workers according to the login authentication request, if the login authentication request of the cloud server comprises client identifications of the agricultural workers, the cloud server calls preset authentication conditions according to the client identifications of the agricultural workers to obtain the identity verification matching information corresponding to the agricultural workers, and the risk of signature information leakage possibly brought by login authentication communication can be effectively reduced;
the identity verification matching information of the agricultural staff comprises a client basic information identifier and digital signature data of the agricultural staff, such as information of a system application program, a digital signature public key or a digital signature private key, and an IP address of the agricultural staff, and is used for identifying client positioning certificate information.
S-F, the cloud server submits an associated authentication matching request to a client of an agricultural worker, wherein the associated authentication matching request carries login authentication information of the cloud server and authentication matching information of the agricultural worker, so that the client of the agricultural worker can obtain the login authentication information of the agricultural worker according to the associated login authentication request; the method comprises the steps that the client side of the agricultural staff is preset with the association relationship between login verification information of a cloud server and identity verification matching information of the agricultural staff, and after an association login verification request submitted to the client side of the agricultural staff by the cloud server is received, the login verification information of the cloud server to the client side of the agricultural staff is searched according to the login verification information of the cloud server and the identity verification matching information of the agricultural staff.
The login authentication information comprises information such as a password, a voiceprint, a fingerprint, an iris and the like.
S-G, the cloud server receives identity verification matching information of the agricultural workers returned by the client of the agricultural workers; the cloud server sends the identity verification matching information of the agricultural workers to the client of the agricultural workers, so that the identity verification matching information of the agricultural workers, which is acquired by the client of the agricultural workers, logs in to an abnormal safety discovery process; after the identity verification matching information of the agricultural staff is acquired by the client of the agricultural staff, the agricultural staff enters a quick login page, when an instruction for the agricultural staff to click quick login is acquired, the identity verification matching information can be submitted to an abnormal safety discovery process, the received identity verification matching information of the agricultural staff carries a client data transmission public key of the agricultural staff, and the encrypted identity verification matching information of the agricultural staff is executed to the abnormal safety discovery process, so that the login authentication safety of the login authentication information between a cloud server and the client of the agricultural staff is further enhanced;
S-H, when a login verification request is sent to a cloud server, after agricultural workers do not store identity verification matching information of the agricultural workers at the specified position of the IP address, the login verification request is sent to the cloud server, and the identity verification matching information carries client identification of the agricultural workers; the cloud server acquires identity verification matching information of agricultural workers according to the client identification; the client side of the agricultural staff submits identity verification matching information to the abnormal security discovery process for login; the abnormal safety discovery process returns a login success instruction to the client of the agricultural worker when not discovering login abnormality; the abnormal safety finding process carries out login verification on the authentication matching information submitted by the client of the agricultural staff, matches the authentication matching information submitted by the client of the agricultural staff with the prestored authentication matching information, and if consistent authentication matching information exists, namely the login account number is consistent with the corresponding authentication information, returns login success to the client of the agricultural staff; when the client of the agricultural staff confirms that identity verification matching information does not exist in the local area, a login verification request is sent to a cloud service, the cloud server requests to acquire the identity verification matching information of the agricultural staff from each node of the cloud server according to the login verification information of the cloud server and the identity verification matching information of the agricultural staff, and the acquired login verification information is sent to the client of the agricultural staff to log in, so that the risk that the login verification information is stolen is effectively avoided while the client of the agricultural staff logs in quickly, and the login safety of the client is improved.
According to the embodiment of the invention, the login verification request sent by the client of the agricultural staff to the cloud server carries the data transmission public key, so that the cloud server verifies the matching information according to the login verification information of the cloud server and the identity of the agricultural staff, the risk of stealing the login verification information is effectively avoided while the target client is quickly logged in, and the login security of the client is improved.
S3, after authentication feedback, when finding an abnormal intercepted data instruction through a big data network, enabling the abnormal intercepted data instruction to be incapable of decrypting the loaded data through a data interception method; meanwhile, the IP address of the terminal for initiating the abnormal interception data command request is positioned, so that the phenomena of tampering and retransmission in the login authentication process of agricultural workers are prevented; a secure login access control mechanism is realized; and carrying out cloud server distribution operation on the safety login process data so as to complete data sharing operation of the login authentication process of agricultural workers.
Various changes, modifications, substitutions and alterations can be made to the embodiments without departing from the principles and spirit of the invention, the scope of which is defined by the claims and their equivalents.
Claims (1)
1. An agricultural informatization work management method in a big data environment is characterized by comprising the following steps:
s1, acquiring basic user information of agricultural workers, and initiating a login authentication instruction, wherein the login authentication instruction comprises an IP address;
s2, after the login authentication of agricultural staff is started, the current key list of the login authentication is synchronously logged in at regular time, the abnormal state in the login authentication process is found, the safety authentication feedback is carried out,
s1-1, judging whether the IP address in the login authentication instruction is a pre-stored IP address, entering system key authentication operation if the IP address in the login authentication instruction is consistent with the pre-stored IP address, returning to the initial login authentication stage if the IP address in the login authentication instruction is inconsistent with the pre-stored IP address, and performing system entry or prompting an abnormal state on a new login authentication IP address;
s1-2, after the password of the agricultural staff is successfully verified in the login authentication process, generating an effective key login cache value of the agricultural staff through a key list table, and returning the login cache value to the cloud server; the method comprises the steps that after a cloud server receives a login authentication request carrying a login cache value and an IP address of an agricultural worker, a key generation preparation instruction of the login cache value is obtained, and a key needing to be prepared for authentication is mirrored in a key list table through the key generation preparation instruction; decrypting the login cache value by using the key, and executing a login security verification process after verifying that the decryption result is correspondingly matched;
s1-3, modifying a key list in real time in the login security verification process, wherein the key list comprises a plurality of key values, and any key value corresponds to a key state and a key version; the method comprises the steps that login authentication information is sent to agricultural workers from a cloud server at regular time, the key state and the key version are obtained from generated login security verification information, secondary login authentication information generated through a digital signature key is used, and security authentication operation is carried out by inquiring and matching the login information of the agricultural workers in the secondary login authentication information;
the key generation preparation instruction includes:
setting a safety parameter to 1μ,1μRepresents μ consecutive 1 s, where μ is a positive integer;
the method comprises the steps of distributing a unique identification code T in the login authentication process, and forming an integer set of identification codes by acquiring all identification codes in a cloud serveriThe integer set S being contained in all identification codes TiI is a positive integer;
forming agricultural worker authentication System parameters psAnd the homomorphic encryption authentication method is defined as H: { k } is a function ofi,sk,pk}1≤i;
KiAssigning a value for the output key, sk being a private key of the input receiver, pk being a public key of the input receiver;
selecting the process domain D with the order u to perform m times of amplification operations to form DmThe cyclic calculation value q is the calculation number of a multi-order operation variable equation set; impact-resistant one-way hash function I: DxDm→Dm,I2:D→DmSelecting system parameter G ═ q, Dm,u,m,I,I2),
Respectively selecting random numbers required by password generationAnd w ∈R YCHThe subscript R is uniformly and randomly selected,positive integer multiplicative group, Y, being a non-zero operation modulo rCHDistributing values for a random password one-way hash function;
for i from 1 to j, i is more than or equal to 1 and less than or equal to j, calculating a randomly selected key sequence in the key generation process, and utilizing a random password one-way hash function distribution value YCHProcessing the key sequence and the plaintext message to obtain a login mapping parameter of the agricultural worker;
for the encryption algorithm transformation K at D → DmTwo groups of reversible affine transformations M and N are randomly set, and public key identification is carried out on the secret keyO is a mapping synthesis operation, then calculates the private key of the input receiverIn which two random numbers a are selected1And a2,
Obtaining an identity list Q of agricultural workers, and inputting a safety parameter 1μRunning cryptographic operation formulasPublic key identification of Q-pass-sum keyPerforming joint encryption to sequentially generate a private key and a public key of a receiver;
when the ciphertext information CH (g | | | sigma), an encryption operation inequality is established by setting the message g and the ciphertext sigmaTerminating the encryption operation;
computing ciphertext componentsWhere j is a positive integer for performing cumulative counting on the ciphertext, P1Encrypting the initial parameters for the ciphertext, IjDistributing value Y for one-way hash function of passwordCHMapping value to identity information of agricultural workers, JjDistributing value Y for one-way hash function of passwordCHFor the mapping value of the login IP address, y is the cipher text encryption coefficient, PskEncrypting the parameter, P, for the recipient's private key ciphertextpkAnd encrypting the parameters for the public key and the ciphertext of the receiving party.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202011493875.1A CN113037703B (en) | 2020-12-16 | 2020-12-16 | Agricultural informatization work management method in big data environment |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202011493875.1A CN113037703B (en) | 2020-12-16 | 2020-12-16 | Agricultural informatization work management method in big data environment |
Publications (2)
Publication Number | Publication Date |
---|---|
CN113037703A CN113037703A (en) | 2021-06-25 |
CN113037703B true CN113037703B (en) | 2021-12-07 |
Family
ID=76459252
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202011493875.1A Active CN113037703B (en) | 2020-12-16 | 2020-12-16 | Agricultural informatization work management method in big data environment |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN113037703B (en) |
Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109101795A (en) * | 2018-07-27 | 2018-12-28 | 海南新软软件有限公司 | A kind of account number safe login method, apparatus and system |
Family Cites Families (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP4992332B2 (en) * | 2006-08-03 | 2012-08-08 | 富士通株式会社 | Login management method and server |
CN104580248A (en) * | 2015-01-27 | 2015-04-29 | 中復保有限公司 | Secured logon method for variable secret key encryption under HTTP |
CN107276967B (en) * | 2016-04-07 | 2020-07-31 | 北京京东尚科信息技术有限公司 | Distributed system and login verification method thereof |
CN109214164A (en) * | 2018-09-07 | 2019-01-15 | 河北地质大学 | Computer communication security login method Internet-based and system |
-
2020
- 2020-12-16 CN CN202011493875.1A patent/CN113037703B/en active Active
Patent Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109101795A (en) * | 2018-07-27 | 2018-12-28 | 海南新软软件有限公司 | A kind of account number safe login method, apparatus and system |
Also Published As
Publication number | Publication date |
---|---|
CN113037703A (en) | 2021-06-25 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN112738030B (en) | Data acquisition and sharing working method for agricultural technicians through big data analysis | |
US5418854A (en) | Method and apparatus for protecting the confidentiality of passwords in a distributed data processing system | |
US6064736A (en) | Systems, methods and computer program products that use an encrypted session for additional password verification | |
US6959394B1 (en) | Splitting knowledge of a password | |
US9491174B2 (en) | System and method for authenticating a user | |
CN107040513B (en) | Trusted access authentication processing method, user terminal and server | |
US20090307495A1 (en) | Confidential communication method | |
CN106416123A (en) | Password-based authentication | |
AU2015202599B2 (en) | Methods and devices for securing keys when key-management processes are subverted by an adversary | |
CN113626802B (en) | Login verification system and method for equipment password | |
CN115632880B (en) | Reliable data transmission and storage method and system based on state cryptographic algorithm | |
CN114070559A (en) | Industrial Internet of things session key negotiation method based on multiple factors | |
CN106657002A (en) | Novel crash-proof base correlation time multi-password identity authentication method | |
CN113037702B (en) | Agricultural worker login system safe working method based on big data analysis | |
CN111245611B (en) | Anti-quantum computation identity authentication method and system based on secret sharing and wearable equipment | |
CN102215235A (en) | SIP (session initiation protocol) safety certification method capable of modifying authentication password | |
CN113037703B (en) | Agricultural informatization work management method in big data environment | |
Sani et al. | CyRA: A real-time risk-based security assessment framework for cyber attacks prevention in industrial control systems | |
CN114172696B (en) | Terminal authentication method for cloud edge end cooperative dual authentication in electric power Internet of things | |
CN116055136A (en) | Secret sharing-based multi-target authentication method | |
CN113656818B (en) | Trusted-free third party cloud storage ciphertext deduplication method and system meeting semantic security | |
CN115632797A (en) | Safety identity verification method based on zero-knowledge proof | |
CN116633530A (en) | Quantum key transmission method, device and system | |
CN112671737A (en) | Method for identifying abnormal identity of agricultural worker through big data platform | |
CN112035820B (en) | Data analysis method used in Kerberos encryption environment |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |