CN113037703B - Agricultural informatization work management method in big data environment - Google Patents

Agricultural informatization work management method in big data environment Download PDF

Info

Publication number
CN113037703B
CN113037703B CN202011493875.1A CN202011493875A CN113037703B CN 113037703 B CN113037703 B CN 113037703B CN 202011493875 A CN202011493875 A CN 202011493875A CN 113037703 B CN113037703 B CN 113037703B
Authority
CN
China
Prior art keywords
login
key
agricultural
authentication
login authentication
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202011493875.1A
Other languages
Chinese (zh)
Other versions
CN113037703A (en
Inventor
杨琴
师铭
姚平波
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Chongqing Yangcheng Big Data Technology Co ltd
Original Assignee
Chongqing Yangcheng Big Data Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Chongqing Yangcheng Big Data Technology Co ltd filed Critical Chongqing Yangcheng Big Data Technology Co ltd
Priority to CN202011493875.1A priority Critical patent/CN113037703B/en
Publication of CN113037703A publication Critical patent/CN113037703A/en
Application granted granted Critical
Publication of CN113037703B publication Critical patent/CN113037703B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords

Abstract

The invention provides an agricultural informatization work management method in a big data environment, which comprises the following steps: s1, acquiring basic user information of agricultural workers, and initiating a login authentication instruction, wherein the login authentication instruction comprises an IP address; s2, after the login authentication of agricultural workers is started, the current key list of the login authentication is synchronously logged in at regular time, the abnormal state in the login authentication process is found, and the safety authentication feedback is carried out; s3, after authentication feedback, when finding an abnormal intercepted data instruction through a big data network, enabling the abnormal intercepted data instruction to be incapable of decrypting the loaded data through a data interception method; meanwhile, the IP address of the terminal for initiating the abnormal interception data command request is positioned, so that the phenomena of tampering and retransmission in the login authentication process of agricultural workers are prevented; a secure login access control mechanism is realized; and carrying out cloud server distribution operation on the safety login process data so as to complete data sharing operation of the login authentication process of agricultural workers.

Description

Agricultural informatization work management method in big data environment
Technical Field
The invention relates to the field of data security, in particular to an agricultural informatization work management method in a big data environment.
Background
The rural informatization is lagged, and the current situations that the rural network informatization degree is low, the information is not smooth, the vast farmers cannot obtain the needed agricultural information in time, the encountered agricultural scientific and technological problems cannot be solved in time and the like exist. The irregular agricultural technology and the commodity market order increase the risk of farmers adopting the agricultural technology and seriously strike the enthusiasm of farmers for adopting new technology.
The construction of the agricultural information platform for the science and technology specializer service aims to perfect a rural market system, strengthen bidirectional information interaction and exchange, promote the construction of a rural modern circulation service network, help farmers increase production and income, develop comprehensive technical training for most farmers in the area, create scientific technical and technical agricultural services, various community services and the like, and enable the farmers to obtain more convenience and benefit in life. Corresponding security authentication authorization is lacked in the login process of the personnel, and the security authentication mechanism is not perfect, so that massive data are exposed in a network environment, and therefore, the technical problem that the technical personnel in the field need to solve is urgently needed.
Disclosure of Invention
The invention aims to at least solve the technical problems in the prior art, and particularly creatively provides an agricultural informatization work management method in a big data environment.
In order to achieve the above object, the present invention provides an agricultural informatization work management method in a big data environment, comprising the following steps:
s1, acquiring basic user information of agricultural workers, and initiating a login authentication instruction, wherein the login authentication instruction comprises an IP address;
and S2, after the login authentication of agricultural workers is started, synchronously logging in a current key list at regular time, finding an abnormal state in the login authentication process, and performing safety authentication feedback.
Preferably, the S1 includes:
s1-1, judging whether the IP address in the login authentication instruction is a pre-stored IP address, entering system key authentication operation if the IP address is consistent with the pre-stored IP address, returning to the initial stage of login authentication if the IP address is inconsistent with the pre-stored IP address, and performing system entry or prompting an abnormal state on a new login authentication IP address.
Preferably, the S1 includes:
s1-2, after the password of the agricultural staff is successfully verified in the login authentication process, generating an effective key login cache value of the agricultural staff through a key list table, and returning the login cache value to the cloud server; the method comprises the steps that after a cloud server receives a login authentication request carrying a login cache value and an IP address of an agricultural worker, a key generation preparation instruction of the login cache value is obtained, and a key needing to be prepared for authentication is mirrored in a key list table through the key generation preparation instruction; and decrypting the login cache value by using the key, and executing a login security verification process after verifying that the decryption result is correspondingly matched.
Preferably, the S1 includes:
s1-3, modifying the key list in real time during the login security check process, wherein the key list comprises a plurality of key values, and any key value corresponds to a key state and a key version; and the agricultural staff received from the cloud server sends login authentication information at regular time, the key state and the key version are obtained from the generated login security verification information, and the security authentication operation is carried out by inquiring and matching the login information of the agricultural staff in the secondary login authentication information through the secondary login authentication information generated by the digital signature key.
Preferably, the key generation preparation instruction includes:
setting a safety parameter to 1μ,1μRepresents μ consecutive 1 s, where μ is a positive integer;
the method comprises the steps of distributing a unique identification code T in the login authentication process, and forming an integer set of identification codes by acquiring all identification codes in a cloud serveriThe integer set S being contained in all identification codes TiI is a positive integer;
forming agricultural worker authentication System parameters psAnd the homomorphic encryption authentication method is defined as H: { k } is a function ofi,sk,pk}1≤i
KiAssigning a value for the output key, sk being a private key of the input receiver, pk being a public key of the input receiver;
selecting the process domain D with the order u to perform m times of amplification operations to form DmThe cyclic calculation value q is the calculation number of a multi-order operation variable equation set; impact-resistant one-way hash function I: DxDm→Dm,I2:D→DmSelecting system parameter G ═ q, Dm,u,m,I,I2),
Respectively selecting random numbers required by password generation
Figure GDA0002987002520000031
And w ∈RYCHThe subscript R is uniformly and randomly selected,
Figure GDA0002987002520000032
positive integer multiplicative group, Y, being a non-zero operation modulo rCHDistributing values for a random password one-way hash function;
for i from 1 to j, i is more than or equal to 1 and less than or equal to j, calculating a randomly selected key sequence in the key generation process, and utilizing a random password one-way hash function distribution value YCHProcessing the key sequence and the plaintext message to obtain agricultural staffLogging in the mapping parameters;
for the encryption algorithm transformation K at D → DmTwo groups of reversible affine transformations M and N are randomly set, and public key identification is carried out on the secret key
Figure GDA0002987002520000033
O is a mapping synthesis operation, then calculates the private key of the input receiver
Figure GDA0002987002520000034
In which two random numbers a are selected1And a2
Obtaining an identity list Q of agricultural workers, and inputting a safety parameter 1μRunning cryptographic operation formulas
Figure GDA0002987002520000035
Public key identification of Q-pass-sum key
Figure GDA0002987002520000036
And performing joint encryption to sequentially generate a private key and a public key of the receiver.
Preferably, the method further comprises the following steps:
when the ciphertext information CH (g | | | sigma), an encryption operation inequality is established by setting the message g and the ciphertext sigma
Figure GDA0002987002520000037
Terminating the encryption operation;
computing ciphertext components
Figure GDA0002987002520000038
Where j is a positive integer for performing cumulative counting on the ciphertext, P1Encrypting the initial parameters for the ciphertext, IjDistributing value Y for one-way hash function of passwordCHMapping value to identity information of agricultural workers, JjDistributing value Y for one-way hash function of passwordCHFor the mapping value of the login IP address, y is the cipher text encryption coefficient, PskEncrypting the parameter, P, for the recipient's private key ciphertextpkAnd encrypting the parameters for the public key and the ciphertext of the receiving party.
Preferably, the S2 includes:
s2-1, when switching to any target login system from the current login authentication process, according to the security level of the target login system, determining a security abnormal risk discovery strategy and enabling the target login system to execute the security abnormal risk discovery strategy, selecting the target security abnormal discovery strategy from the preset security strategies of the target login system and executing the target security abnormal discovery strategy;
s2-2, if the target security abnormity discovery level of the target login system is smaller than the preset security abnormity discovery standard threshold, determining the preset security abnormity discovery standard threshold of the target login system as a standard for judging abnormal security risks, and determining the target login system as a system capable of safely logging in;
s2-3, if the target login system receives a system switching request of agricultural workers, sending the preset safety anomaly discovery standard threshold value to a login authentication system to be switched, and executing S2-2 by the login authentication system to be switched;
s2-4, if the target security abnormity discovery level of the target login system is larger than the preset security abnormity discovery standard threshold, determining the preset security abnormity discovery standard threshold of the target login system as a standard for judging abnormal security risks, and determining the target login system as a system capable of safely logging in; and if the target login system receives the system switching request of the agricultural workers, the target login system still logs in according to the preset safety abnormity discovery standard threshold value.
In summary, due to the adoption of the technical scheme, the invention has the beneficial effects that:
the safety management of the system is ensured to have high reliability, and the system has auditability and monitorability; the system requires 7X24 hours of working time and requires the operation of a core platform database, namely a database server and the guarantee of data; prevent the malicious attack of hacker to the application such as the portal; the backup and recovery of data can be realized.
Additional aspects and advantages of the invention will be set forth in part in the description which follows and, in part, will be obvious from the description, or may be learned by practice of the invention.
Drawings
The above and/or additional aspects and advantages of the present invention will become apparent and readily appreciated from the following description of the embodiments, taken in conjunction with the accompanying drawings of which:
FIG. 1 is a general schematic of the present invention;
fig. 2 is a flow chart of the present invention.
Detailed Description
Reference will now be made in detail to embodiments of the present invention, examples of which are illustrated in the accompanying drawings, wherein like or similar reference numerals refer to the same or similar elements or elements having the same or similar function throughout. The embodiments described below with reference to the accompanying drawings are illustrative only for the purpose of explaining the present invention, and are not to be construed as limiting the present invention.
As shown in fig. 1 and 2, the invention discloses an agricultural informatization work management method in a big data environment, which comprises the following steps:
the system safety is a big problem that the whole system platform must pay attention to solve, and the safety problem considered by the project is as follows:
s1, acquiring basic user information of agricultural workers, and initiating a login authentication instruction, wherein the login authentication instruction comprises an IP address;
s1-1, judging whether the IP address in the login authentication instruction is a pre-stored IP address, entering system key authentication operation if the IP address in the login authentication instruction is consistent with the pre-stored IP address, returning to the initial login authentication stage if the IP address in the login authentication instruction is inconsistent with the pre-stored IP address, and performing system entry or prompting an abnormal state on a new login authentication IP address;
s1-2, after the password of the agricultural staff is successfully verified in the login authentication process, generating an effective key login cache value of the agricultural staff through a key list table, and returning the login cache value to the cloud server; the method comprises the steps that after a cloud server receives a login authentication request carrying a login cache value and an IP address of an agricultural worker, a key generation preparation instruction of the login cache value is obtained, and a key needing to be prepared for authentication is mirrored in a key list table through the key generation preparation instruction; decrypting the login cache value by using the key, and executing a login security verification process after verifying that the decryption result is correspondingly matched;
s1-3, modifying the key list in real time during the login security check process, wherein the key list comprises a plurality of key values, and any key value corresponds to a key state and a key version; and the agricultural staff received from the cloud server sends login authentication information at regular time, the key state and the key version are obtained from the generated login security verification information, and the security authentication operation is carried out by inquiring and matching the login information of the agricultural staff in the secondary login authentication information through the secondary login authentication information generated by the digital signature key.
The key generation preparation instruction includes:
setting a safety parameter to 1μ,1μRepresents μ consecutive 1 s, where μ is a positive integer;
the method comprises the steps of distributing a unique identification code T in the login authentication process, and forming an integer set of identification codes by acquiring all identification codes in a cloud serveriThe integer set S being contained in all identification codes TiI is a positive integer;
forming agricultural worker authentication System parameters psAnd the homomorphic encryption authentication method is defined as H: { k } is a function ofi,sk,pk}1≤i
KiAssigning a value for the output key, sk being a private key of the input receiver, pk being a public key of the input receiver;
selecting the process domain D with the order u to perform m times of amplification operations to form DmThe cyclic calculation value q is the calculation number of a multi-order operation variable equation set; impact-resistant one-way hash function I: DxDm→Dm,I2:D→DmSelecting system parameter G ═ q, Dm,u,m,I,I2),
Respectively selecting random numbers required by password generation
Figure GDA0002987002520000061
And w ∈RYCHThe subscripts R are eachUniformly and randomly selecting the mixture,
Figure GDA0002987002520000062
positive integer multiplicative group, Y, being a non-zero operation modulo rCHDistributing values for a random password one-way hash function;
for i from 1 to j, i is more than or equal to 1 and less than or equal to j, calculating a randomly selected key sequence in the key generation process, and utilizing a random password one-way hash function distribution value YCHProcessing the key sequence and the plaintext message to obtain a login mapping parameter of the agricultural worker;
for the encryption algorithm transformation K at D → DmTwo groups of reversible affine transformations M and N are randomly set, and public key identification is carried out on the secret key
Figure GDA0002987002520000063
O is a mapping synthesis operation, then calculates the private key of the input receiver
Figure GDA0002987002520000064
In which two random numbers a are selected1And a2
Obtaining an identity list Q of agricultural workers, and inputting a safety parameter 1μRunning cryptographic operation formulas
Figure GDA0002987002520000065
Public key identification of Q-pass-sum key
Figure GDA0002987002520000066
Performing joint encryption to sequentially generate a private key and a public key of a receiver;
when the ciphertext information CH (g | | | sigma), an encryption operation inequality is established by setting the message g and the ciphertext sigma
Figure GDA0002987002520000071
Terminating the encryption operation;
computing ciphertext components
Figure GDA0002987002520000072
Wherein j is a positive integerFor cumulative counting of cryptograms, P1Encrypting the initial parameters for the ciphertext, IjDistributing value Y for one-way hash function of passwordCHMapping value to identity information of agricultural workers, JjDistributing value Y for one-way hash function of passwordCHFor the mapping value of the login IP address, y is the cipher text encryption coefficient, PskEncrypting the parameter, P, for the recipient's private key ciphertextpkEncrypts the parameters for the recipient's public key ciphertext,
s2, after the login authentication of agricultural workers is started, the current key list of the login authentication is synchronously logged in at regular time, the abnormal state in the login authentication process is found, and the safety authentication feedback is carried out;
s2-1, when switching to any target login system from the current login authentication process, according to the security level of the target login system, determining a security abnormal risk discovery strategy and enabling the target login system to execute the security abnormal risk discovery strategy, selecting the target security abnormal discovery strategy from the preset security strategies of the target login system and executing the target security abnormal discovery strategy;
s2-2, if the target security abnormity discovery level of the target login system is smaller than the preset security abnormity discovery standard threshold, determining the preset security abnormity discovery standard threshold of the target login system as a standard for judging abnormal security risks, and determining the target login system as a system capable of safely logging in;
s2-3, if the target login system receives a system switching request of agricultural workers, sending the preset safety anomaly discovery standard threshold value to a login authentication system to be switched, and executing S2-2 by the login authentication system to be switched;
s2-4, if the target security abnormity discovery level of the target login system is larger than the preset security abnormity discovery standard threshold, determining the preset security abnormity discovery standard threshold of the target login system as a standard for judging abnormal security risks, and determining the target login system as a system capable of safely logging in; if the target login system receives the system switching request of the agricultural workers, the agricultural workers still log in the target login system according to the preset safety abnormity discovery standard threshold value,
the security anomaly risk discovery strategy comprises the following steps:
the method comprises the steps that S-A, A login authentication request submitted by an agricultural worker is received, the login authentication request carries login verification information of the agricultural worker and corresponding identity verification matching information of the agricultural worker, which is acquired by A cloud server, the corresponding identity verification matching information of the agricultural worker is in datA association with the cloud server, the cloud server receives the identity verification matching information sent by the agricultural worker, the identity verification matching information carries an IP (Internet protocol) identifier of the cloud server, the cloud server calls an abnormal risk list preset by the cloud server according to the corresponding identity verification matching information of the agricultural worker, and the abnormal risk list existing in the identity verification matching information of the agricultural worker is acquired; wherein the abnormal risk list includes: the password is wrong, and the login operation instruction is repeatedly executed, wherein the password instruction comprises a Trojan horse, abnormal IP address login and the like;
S-B, if the identity authentication matching information corresponding to the agricultural staff is obtained according to a login authentication request prestored in a cloud server; the corresponding identity verification matching information of the agricultural workers is returned to the cloud server, so that the cloud server sends the corresponding identity verification matching information of the agricultural workers to the information matching unit, and the information matching unit uses the corresponding identity verification matching information of the agricultural workers to log in the system; carrying out abnormal risk discovery through an abnormal risk list preset by a cloud server;
S-C, if the cloud server receives identity verification matching information corresponding to the agricultural workers; the agricultural staff corresponding identity verification matching information and at least one cloud server establish an abnormal risk finding process in advance, the agricultural staff corresponding identity verification matching information can acquire a cloud server risk finding list in advance, the abnormal risk data of the at least one cloud server is abnormal login data or abnormal access data, when the agricultural staff corresponding identity verification matching information can log in an authentication interface, whether the cloud server capable of matching the abnormal risk exists in the agricultural staff corresponding identity verification matching information is judged according to the identification of the cloud server included in the cloud server risk finding list, if so, an abnormal login risk prompt is sent to the cloud server, and the abnormal login risk prompt can carry the agricultural staff corresponding identity verification matching information and carry a data transmission public key for login authentication of the agricultural staff, the cloud server is used for carrying out safety encryption on the corresponding identity verification matching information of the agricultural workers by using the data transmission public key, and the agricultural workers carry out acquisition operation when opening a login page; the agricultural staff corresponding to the identity verification matching information carried by the identity verification matching information searches whether a cloud server which is performing abnormal risk analysis exists in the corresponding identity verification matching information of the agricultural staff, if so, the agricultural staff performs a login authentication request, and synchronously distributes the login authentication request at the cloud server,
S-D, before the corresponding identity verification matching information of the agricultural staff is sent to a cloud server to send a login authentication request, judging whether the node where the agricultural staff is located has corresponding identity verification matching information of the agricultural staff, if the node where the agricultural staff is located has corresponding identity verification matching information of the agricultural staff, logging in by using the login verification information stored at the appointed position of the agricultural staff, and if the node where the agricultural staff is located does not have corresponding identity verification matching information of the agricultural staff, or receiving the login authentication information of the agricultural staff but does not use the corresponding identity verification matching information of the agricultural staff;
S-E, identity verification matching information corresponding to agricultural workers is obtained through a cloud server according to a login authentication request, the identity verification matching information corresponding to the agricultural workers needs to be carried in the login authentication request of the cloud server, the cloud server obtains the identity verification matching information corresponding to the agricultural workers according to the login authentication request, if the login authentication request of the cloud server comprises client identifications of the agricultural workers, the cloud server calls preset authentication conditions according to the client identifications of the agricultural workers to obtain the identity verification matching information corresponding to the agricultural workers, and the risk of signature information leakage possibly brought by login authentication communication can be effectively reduced;
the identity verification matching information of the agricultural staff comprises a client basic information identifier and digital signature data of the agricultural staff, such as information of a system application program, a digital signature public key or a digital signature private key, and an IP address of the agricultural staff, and is used for identifying client positioning certificate information.
S-F, the cloud server submits an associated authentication matching request to a client of an agricultural worker, wherein the associated authentication matching request carries login authentication information of the cloud server and authentication matching information of the agricultural worker, so that the client of the agricultural worker can obtain the login authentication information of the agricultural worker according to the associated login authentication request; the method comprises the steps that the client side of the agricultural staff is preset with the association relationship between login verification information of a cloud server and identity verification matching information of the agricultural staff, and after an association login verification request submitted to the client side of the agricultural staff by the cloud server is received, the login verification information of the cloud server to the client side of the agricultural staff is searched according to the login verification information of the cloud server and the identity verification matching information of the agricultural staff.
The login authentication information comprises information such as a password, a voiceprint, a fingerprint, an iris and the like.
S-G, the cloud server receives identity verification matching information of the agricultural workers returned by the client of the agricultural workers; the cloud server sends the identity verification matching information of the agricultural workers to the client of the agricultural workers, so that the identity verification matching information of the agricultural workers, which is acquired by the client of the agricultural workers, logs in to an abnormal safety discovery process; after the identity verification matching information of the agricultural staff is acquired by the client of the agricultural staff, the agricultural staff enters a quick login page, when an instruction for the agricultural staff to click quick login is acquired, the identity verification matching information can be submitted to an abnormal safety discovery process, the received identity verification matching information of the agricultural staff carries a client data transmission public key of the agricultural staff, and the encrypted identity verification matching information of the agricultural staff is executed to the abnormal safety discovery process, so that the login authentication safety of the login authentication information between a cloud server and the client of the agricultural staff is further enhanced;
S-H, when a login verification request is sent to a cloud server, after agricultural workers do not store identity verification matching information of the agricultural workers at the specified position of the IP address, the login verification request is sent to the cloud server, and the identity verification matching information carries client identification of the agricultural workers; the cloud server acquires identity verification matching information of agricultural workers according to the client identification; the client side of the agricultural staff submits identity verification matching information to the abnormal security discovery process for login; the abnormal safety discovery process returns a login success instruction to the client of the agricultural worker when not discovering login abnormality; the abnormal safety finding process carries out login verification on the authentication matching information submitted by the client of the agricultural staff, matches the authentication matching information submitted by the client of the agricultural staff with the prestored authentication matching information, and if consistent authentication matching information exists, namely the login account number is consistent with the corresponding authentication information, returns login success to the client of the agricultural staff; when the client of the agricultural staff confirms that identity verification matching information does not exist in the local area, a login verification request is sent to a cloud service, the cloud server requests to acquire the identity verification matching information of the agricultural staff from each node of the cloud server according to the login verification information of the cloud server and the identity verification matching information of the agricultural staff, and the acquired login verification information is sent to the client of the agricultural staff to log in, so that the risk that the login verification information is stolen is effectively avoided while the client of the agricultural staff logs in quickly, and the login safety of the client is improved.
According to the embodiment of the invention, the login verification request sent by the client of the agricultural staff to the cloud server carries the data transmission public key, so that the cloud server verifies the matching information according to the login verification information of the cloud server and the identity of the agricultural staff, the risk of stealing the login verification information is effectively avoided while the target client is quickly logged in, and the login security of the client is improved.
S3, after authentication feedback, when finding an abnormal intercepted data instruction through a big data network, enabling the abnormal intercepted data instruction to be incapable of decrypting the loaded data through a data interception method; meanwhile, the IP address of the terminal for initiating the abnormal interception data command request is positioned, so that the phenomena of tampering and retransmission in the login authentication process of agricultural workers are prevented; a secure login access control mechanism is realized; and carrying out cloud server distribution operation on the safety login process data so as to complete data sharing operation of the login authentication process of agricultural workers.
Various changes, modifications, substitutions and alterations can be made to the embodiments without departing from the principles and spirit of the invention, the scope of which is defined by the claims and their equivalents.

Claims (1)

1. An agricultural informatization work management method in a big data environment is characterized by comprising the following steps:
s1, acquiring basic user information of agricultural workers, and initiating a login authentication instruction, wherein the login authentication instruction comprises an IP address;
s2, after the login authentication of agricultural staff is started, the current key list of the login authentication is synchronously logged in at regular time, the abnormal state in the login authentication process is found, the safety authentication feedback is carried out,
s1-1, judging whether the IP address in the login authentication instruction is a pre-stored IP address, entering system key authentication operation if the IP address in the login authentication instruction is consistent with the pre-stored IP address, returning to the initial login authentication stage if the IP address in the login authentication instruction is inconsistent with the pre-stored IP address, and performing system entry or prompting an abnormal state on a new login authentication IP address;
s1-2, after the password of the agricultural staff is successfully verified in the login authentication process, generating an effective key login cache value of the agricultural staff through a key list table, and returning the login cache value to the cloud server; the method comprises the steps that after a cloud server receives a login authentication request carrying a login cache value and an IP address of an agricultural worker, a key generation preparation instruction of the login cache value is obtained, and a key needing to be prepared for authentication is mirrored in a key list table through the key generation preparation instruction; decrypting the login cache value by using the key, and executing a login security verification process after verifying that the decryption result is correspondingly matched;
s1-3, modifying a key list in real time in the login security verification process, wherein the key list comprises a plurality of key values, and any key value corresponds to a key state and a key version; the method comprises the steps that login authentication information is sent to agricultural workers from a cloud server at regular time, the key state and the key version are obtained from generated login security verification information, secondary login authentication information generated through a digital signature key is used, and security authentication operation is carried out by inquiring and matching the login information of the agricultural workers in the secondary login authentication information;
the key generation preparation instruction includes:
setting a safety parameter to 1μ,1μRepresents μ consecutive 1 s, where μ is a positive integer;
the method comprises the steps of distributing a unique identification code T in the login authentication process, and forming an integer set of identification codes by acquiring all identification codes in a cloud serveriThe integer set S being contained in all identification codes TiI is a positive integer;
forming agricultural worker authentication System parameters psAnd the homomorphic encryption authentication method is defined as H: { k } is a function ofi,sk,pk}1≤i
KiAssigning a value for the output key, sk being a private key of the input receiver, pk being a public key of the input receiver;
selecting the process domain D with the order u to perform m times of amplification operations to form DmThe cyclic calculation value q is the calculation number of a multi-order operation variable equation set; impact-resistant one-way hash function I: DxDm→Dm,I2:D→DmSelecting system parameter G ═ q, Dm,u,m,I,I2),
Respectively selecting random numbers required by password generation
Figure FDA0003320321910000021
And w ∈R YCHThe subscript R is uniformly and randomly selected,
Figure FDA0003320321910000022
positive integer multiplicative group, Y, being a non-zero operation modulo rCHDistributing values for a random password one-way hash function;
for i from 1 to j, i is more than or equal to 1 and less than or equal to j, calculating a randomly selected key sequence in the key generation process, and utilizing a random password one-way hash function distribution value YCHProcessing the key sequence and the plaintext message to obtain a login mapping parameter of the agricultural worker;
for the encryption algorithm transformation K at D → DmTwo groups of reversible affine transformations M and N are randomly set, and public key identification is carried out on the secret key
Figure FDA0003320321910000023
O is a mapping synthesis operation, then calculates the private key of the input receiver
Figure FDA0003320321910000024
In which two random numbers a are selected1And a2
Obtaining an identity list Q of agricultural workers, and inputting a safety parameter 1μRunning cryptographic operation formulas
Figure FDA0003320321910000025
Public key identification of Q-pass-sum key
Figure FDA0003320321910000026
Performing joint encryption to sequentially generate a private key and a public key of a receiver;
when the ciphertext information CH (g | | | sigma), an encryption operation inequality is established by setting the message g and the ciphertext sigma
Figure FDA0003320321910000027
Terminating the encryption operation;
computing ciphertext components
Figure FDA0003320321910000028
Where j is a positive integer for performing cumulative counting on the ciphertext, P1Encrypting the initial parameters for the ciphertext, IjDistributing value Y for one-way hash function of passwordCHMapping value to identity information of agricultural workers, JjDistributing value Y for one-way hash function of passwordCHFor the mapping value of the login IP address, y is the cipher text encryption coefficient, PskEncrypting the parameter, P, for the recipient's private key ciphertextpkAnd encrypting the parameters for the public key and the ciphertext of the receiving party.
CN202011493875.1A 2020-12-16 2020-12-16 Agricultural informatization work management method in big data environment Active CN113037703B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011493875.1A CN113037703B (en) 2020-12-16 2020-12-16 Agricultural informatization work management method in big data environment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011493875.1A CN113037703B (en) 2020-12-16 2020-12-16 Agricultural informatization work management method in big data environment

Publications (2)

Publication Number Publication Date
CN113037703A CN113037703A (en) 2021-06-25
CN113037703B true CN113037703B (en) 2021-12-07

Family

ID=76459252

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011493875.1A Active CN113037703B (en) 2020-12-16 2020-12-16 Agricultural informatization work management method in big data environment

Country Status (1)

Country Link
CN (1) CN113037703B (en)

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109101795A (en) * 2018-07-27 2018-12-28 海南新软软件有限公司 A kind of account number safe login method, apparatus and system

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP4992332B2 (en) * 2006-08-03 2012-08-08 富士通株式会社 Login management method and server
CN104580248A (en) * 2015-01-27 2015-04-29 中復保有限公司 Secured logon method for variable secret key encryption under HTTP
CN107276967B (en) * 2016-04-07 2020-07-31 北京京东尚科信息技术有限公司 Distributed system and login verification method thereof
CN109214164A (en) * 2018-09-07 2019-01-15 河北地质大学 Computer communication security login method Internet-based and system

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109101795A (en) * 2018-07-27 2018-12-28 海南新软软件有限公司 A kind of account number safe login method, apparatus and system

Also Published As

Publication number Publication date
CN113037703A (en) 2021-06-25

Similar Documents

Publication Publication Date Title
CN112738030B (en) Data acquisition and sharing working method for agricultural technicians through big data analysis
US5418854A (en) Method and apparatus for protecting the confidentiality of passwords in a distributed data processing system
US6064736A (en) Systems, methods and computer program products that use an encrypted session for additional password verification
US6959394B1 (en) Splitting knowledge of a password
US9491174B2 (en) System and method for authenticating a user
CN107040513B (en) Trusted access authentication processing method, user terminal and server
US20090307495A1 (en) Confidential communication method
CN106416123A (en) Password-based authentication
AU2015202599B2 (en) Methods and devices for securing keys when key-management processes are subverted by an adversary
CN113626802B (en) Login verification system and method for equipment password
CN115632880B (en) Reliable data transmission and storage method and system based on state cryptographic algorithm
CN114070559A (en) Industrial Internet of things session key negotiation method based on multiple factors
CN106657002A (en) Novel crash-proof base correlation time multi-password identity authentication method
CN113037702B (en) Agricultural worker login system safe working method based on big data analysis
CN111245611B (en) Anti-quantum computation identity authentication method and system based on secret sharing and wearable equipment
CN102215235A (en) SIP (session initiation protocol) safety certification method capable of modifying authentication password
CN113037703B (en) Agricultural informatization work management method in big data environment
Sani et al. CyRA: A real-time risk-based security assessment framework for cyber attacks prevention in industrial control systems
CN114172696B (en) Terminal authentication method for cloud edge end cooperative dual authentication in electric power Internet of things
CN116055136A (en) Secret sharing-based multi-target authentication method
CN113656818B (en) Trusted-free third party cloud storage ciphertext deduplication method and system meeting semantic security
CN115632797A (en) Safety identity verification method based on zero-knowledge proof
CN116633530A (en) Quantum key transmission method, device and system
CN112671737A (en) Method for identifying abnormal identity of agricultural worker through big data platform
CN112035820B (en) Data analysis method used in Kerberos encryption environment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant