CN113132106B - User identity recognition system - Google Patents
User identity recognition system Download PDFInfo
- Publication number
- CN113132106B CN113132106B CN201911398337.1A CN201911398337A CN113132106B CN 113132106 B CN113132106 B CN 113132106B CN 201911398337 A CN201911398337 A CN 201911398337A CN 113132106 B CN113132106 B CN 113132106B
- Authority
- CN
- China
- Prior art keywords
- data
- information
- user
- unit
- matching
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3234—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving additional secure or trusted devices, e.g. TPM, smartcard, USB or software token
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0853—Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0861—Network architectures or network communication protocols for network security for authentication of entities using biometrical features, e.g. fingerprint, retina-scan
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3226—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
- H04L9/3231—Biological data, e.g. fingerprint, voice or retina
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Biomedical Technology (AREA)
- General Health & Medical Sciences (AREA)
- Health & Medical Sciences (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Life Sciences & Earth Sciences (AREA)
- Biodiversity & Conservation Biology (AREA)
- Measurement Of The Respiration, Hearing Ability, Form, And Blood Characteristics Of Living Organisms (AREA)
- Collating Specific Patterns (AREA)
Abstract
The invention discloses a user identity recognition system, which comprises: a storage unit for storing user information; an information reading unit configured to read user information from the storage unit in a case where a distance between the storage unit and the information reading unit is smaller than a predetermined threshold; the information matching unit is used for matching the user information read from the storage unit with the user information stored in the database to obtain a first matching result; the mobile equipment comprises a characteristic acquisition module and a data matching module, wherein the characteristic acquisition module is used for acquiring first biological characteristic data of a user; the data matching module is used for matching the first biological characteristic data with pre-stored second biological characteristic data to obtain a second matching result; and the control unit is used for identifying the user identity according to the first matching result and the second matching result. According to the embodiment of the invention, the identification of the user identity can be accurately realized.
Description
Technical Field
The invention belongs to the field of identity recognition, and particularly relates to a user identity recognition system.
Background
With the rapid development of the internet and mobile informatization, the variety of networking devices is increasing, so that it is important for users to be able to accurately identify the identity of the user.
At present, identification of user identity is realized through an identity identification system. However, the use of illegal means by illegal molecules is also becoming more and more advanced, and the current identification system often cannot effectively prevent some illegal molecules, and especially for some important places of business and exit, the security becomes important. Therefore, how to accurately identify the user is a problem to be solved.
Disclosure of Invention
The embodiment of the invention provides a user identity recognition system which can accurately recognize the user identity.
In one aspect, an embodiment of the present invention provides a user identity recognition system, including:
a storage unit for storing user information;
an information reading unit configured to read user information from the storage unit in a case where a distance between the storage unit and the information reading unit is smaller than a predetermined threshold;
the information matching unit is used for matching the user information read from the storage unit with the user information stored in the database to obtain a first matching result;
the mobile equipment comprises a characteristic acquisition module and a data matching module, wherein the characteristic acquisition module is used for acquiring first biological characteristic data of a user; the data matching module is used for matching the first biological characteristic data with pre-stored second biological characteristic data to obtain a second matching result;
and the control unit is used for identifying the user identity according to the first matching result and the second matching result.
The user identity recognition system provided by the embodiment of the invention can connect the user information with the Internet on the basis of the Internet of things, thereby realizing user identity recognition. In addition, identity recognition is performed by reading user information stored in the storage unit and collecting biometric data of the user. The identity of the user can be accurately identified by the gateway through the multi-layer identity identification.
Drawings
In order to more clearly illustrate the technical solution of the embodiments of the present invention, the drawings that are needed to be used in the embodiments of the present invention will be briefly described, and it is possible for a person skilled in the art to obtain other drawings according to these drawings without inventive effort.
FIG. 1 is a schematic diagram of a user identification system according to an embodiment of the present invention;
FIG. 2 is a schematic diagram illustrating a configuration of a user identification system according to another embodiment of the present invention;
fig. 3 is a schematic structural diagram of a terminal device according to an embodiment of the present invention;
FIG. 4 is a schematic diagram of a block chain unit according to one embodiment of the present invention;
fig. 5 is a flow chart illustrating a user identification method according to another embodiment of the present invention.
Detailed Description
Features and exemplary embodiments of various aspects of the present invention will be described in detail below, and in order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention will be described in further detail below with reference to the accompanying drawings and the detailed embodiments. It should be understood that the specific embodiments described herein are merely configured to illustrate the invention and are not configured to limit the invention. It will be apparent to one skilled in the art that the present invention may be practiced without some of these specific details. The following description of the embodiments is merely intended to provide a better understanding of the invention by showing examples of the invention.
It is noted that relational terms such as first and second, and the like are used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Moreover, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising … …" does not exclude the presence of other like elements in a process, method, article or apparatus that comprises the element.
In order to solve the problems in the prior art, fig. 1 is a schematic diagram of a user identification system according to an embodiment of the present invention. The user identification system can be a user identification system based on the internet of things. As shown in fig. 1, the user identification system includes a storage unit 101, an information reading unit 102, an information matching unit 103, a mobile device 104, and a control unit 105.
The storage unit 101 is used to store user information. For example, the storage unit 101 may be a user Identification (ID) card having a chip in which user information is stored.
The information reading unit 102 is configured to read user information from the storage unit 101 in a case where a distance between the storage unit 101 and the information reading unit 102 is smaller than a predetermined threshold. For example, the information reading unit 102 is a radio frequency identification unit, and in the case where the storage unit 101 is close to the radio frequency identification unit, the radio frequency identification unit reads the user information stored in the storage unit 101.
The information matching unit 103 is configured to match the user information read from the storage unit 101 with the user information stored in the database, and obtain a first matching result. If the first matching result is that the user information read from the storage unit 101 is successfully matched with the user information stored in the database, the user identity can be primarily identified as legal. Further determinations may then be made in connection with the first biometric data collected by the mobile device 104.
Wherein after the information reading unit 102 reads the user information, the user information may be sent to the control unit 105, and the control unit 105 sends the user information to the information matching unit 103. Alternatively, after the information reading unit 102 reads the user information, the user information may be directly transmitted to the control unit 105
The mobile device 104 includes a feature collection module and a data matching module, where the feature collection module is configured to collect first biometric data of a user; the data matching module is used for matching the first biological characteristic data with the pre-stored second biological characteristic data to obtain a second matching result. The data matching module may perform similarity calculation on the first biometric data and the second biometric data, and if the similarity between the first biometric data and the second biometric data is greater than a predetermined similarity threshold, determine that the first biometric data and the second biometric data are successfully matched. If the similarity of the first biometric data and the second biometric data is less than or equal to a predetermined similarity threshold, determining that the first biometric data fails to match the second biometric data.
The control unit 105 is configured to identify the identity of the user according to the first matching result and the second matching result. And if the first matching result and the second matching result are successful in matching, the user identity is identified to be legal. If any one of the first matching result and the second matching result is the matching failure, the user identity is identified as illegal.
For example, the subscriber identity system may be a subscriber identity system for access control. The access control may be a corporate access control or a residential access control. The storage unit 101 may be an access card, and the information reading unit 102 may be disposed near the door. The user identification system may be a card identification system, such as identifying the identity of a user of a bank card.
In the embodiment of the invention, the user information can be connected with the Internet on the basis of the Internet of things, so that the user identity recognition is realized. In addition, identification is performed by reading the user information stored in the storage unit 101 and collecting biometric data of the user. The user identification can be accurately realized due to the gateway of the multi-layer identification.
In one or more embodiments of the present invention, the information reading unit 102 is optionally further configured to read a hardware identifier of the storage unit 101, for example, the hardware identifier is a hardware identifier code.
The user identification system further comprises:
and the safety unit is connected with the information reading unit 102 and is used for matching the hardware identifier of the storage unit 101 with the pre-stored hardware identifier so as to record the unmatched result of the hardware identifier of the storage unit 101 and the pre-stored hardware identifier under the condition that the hardware identifier of the storage unit 101 is unmatched with the pre-stored hardware identifier. The security element may be a security anti-blocking microprocessor chip.
Alternatively, in the case where the hardware identification of the storage unit 101 does not match the pre-stored hardware identification, the alarm information is output.
In the embodiment of the present invention, the storage unit 101 storing the user information can be prevented from being counterfeited by an illegal user by the security unit, thereby preventing the user information read by the information reading unit 102 from being counterfeited by an illegal user.
In one or more embodiments of the present invention, optionally, the feature collection module includes a face collection module, an iris collection module, and a fingerprint collection module;
the first biometric data includes: face data collected by the face collection module, iris data collected by the iris collection module and fingerprint data collected by the fingerprint collection module.
The system combining the three groups of face data, fingerprint data and iris data, which can identify the identity of the user, is put into use, and can carry out multi-layer identification, matching and comparison on the identity information of the user, so that the identity information of the user can be accurately and efficiently identified.
In one or more embodiments of the invention, the mobile device 104 optionally further comprises:
the second data processing module is used for cleaning and format conversion of the first biological characteristic data to obtain cleaned and preset-format first biological characteristic data;
the data identification module is connected with the second data processing module and is used for identifying whether the first biological characteristic data in the preset format meets a first preset condition or not;
the data matching module is connected with the data identification module and is used for matching the first biological characteristic data which are in a preset format and meet the first preset condition with the second biological characteristic data.
Optionally, the second data processing module cleans the first biometric data including at least one of: the second data processing module deletes useless data in the first biological characteristic data and fills the missing data in the first biological characteristic data. The first predetermined condition may include that the first biometric data is free of distortion.
In one or more embodiments of the invention, the mobile device 104 optionally further comprises:
the first data processing module is used for carrying out edge extraction and normalization processing on the first biological characteristic data so that the data matching module matches the first biological characteristic data subjected to the edge extraction and normalization processing with the second biological characteristic data.
The first biological characteristic data can be a digital image, and the edge extraction refers to the processing of the picture outline in the digital image processing. Normalization is a dimensionless processing means that changes the absolute value of a physical system value into a relative value relationship.
In one or more embodiments of the invention, the mobile device 104 optionally further comprises:
and the feature coding module is used for generating codes of the first biological feature data so that the data matching module matches the first biological feature data with the second biological feature data according to the codes of the first biological feature data.
For example, in the case where the first biometric data includes face data, the face attributes in the face data include the height of the cheekbone and the area of the face, and therefore, the attribute of the height of the cheekbone in the face data is encoded as 1001, and the attribute of the area of the face in the face data is encoded as 1002.
In the case where the first biometric data comprises iris data, the iris attributes in the iris data comprise iris size and iris texture, the attributes of the iris size in the iris data may be encoded as 2001 and the attributes of the iris texture in the iris data as 2002.
Therefore, by encoding the first biometric data, it is convenient to expand the attributes of the biometric data later.
In one or more embodiments of the present invention, optionally, the user identification system further comprises:
a data storage unit 110;
a control unit 105, configured to store user information and information of the information reading unit 102 that reads the user information in association with each other to the data storage unit 110;
wherein the information of the information reading unit 102 comprises an identification of the information reading unit 102 and/or a geographical location of the information reading unit 102.
The embodiment of the invention stores the read user information and the related information of the information reading unit 102 for reading the user information through the data storage unit 110 so as to facilitate the management of the user. Later security analysis may be performed using information stored by the data storage unit 110.
The data storage unit 110 may include, among other things, mass storage for data or instructions. By way of example, and not limitation, the data storage unit 110 may comprise a Hard Disk Drive (HDD), floppy Disk Drive, flash memory, optical Disk, magneto-optical Disk, magnetic tape, or universal serial bus (Universal Serial Bus, USB) Drive, or a combination of two or more of the foregoing. The data storage unit 110 may include removable or non-removable (or fixed) media, where appropriate. Data storage unit 110 may be internal or external to the integrated gateway disaster recovery device, where appropriate. In a particular embodiment, the data storage unit 110 is a non-volatile solid-state memory. In a particular embodiment, the data storage unit 110 includes Read Only Memory (ROM). The ROM may be mask programmed ROM, programmable ROM (PROM), erasable PROM (EPROM), electrically Erasable PROM (EEPROM), electrically rewritable ROM (EAROM), or flash memory, or a combination of two or more of these, where appropriate.
In one or more embodiments of the present invention, optionally, the user identification system further comprises a blockchain unit; the blockchain unit includes:
a verification node for receiving the user information transmitted from the control unit 105 and verifying whether the user information is tampered in the process of being transmitted from the control unit 105 to the verification node;
and the recording node is used for recording the user information under the condition that the verification node verifies that the user information is not tampered.
In one or more embodiments of the present invention, optionally, the user identification system further comprises:
the user management unit is used for acquiring the latest N time points of the user information which are read and the geographic position of each time the user information is read; judging whether the storage unit 101 meets the reading abnormal condition according to the latest N times of read time points and the geographic position; when the read abnormality condition is satisfied, the warning information of the abnormality of the storage unit 101 is output, and N is a positive integer.
In one or more embodiments of the invention, the exception condition optionally includes: the method comprises the steps that adjacent first time points and second time points exist in the time points which are read for the last N times, and the distance between a first geographic position corresponding to the first time points and a second geographic position corresponding to the second time points is larger than a preset distance threshold;
the first geographic position is the geographic position of the user information when the user information is read at the first time point, and the second geographic position is the geographic position of the user information when the user information is read at the second time point.
For example, the user information is read at 1:00 pm at the first geographic location and then read at 1:02 pm at the second geographic location, but the distance between the first geographic location and the second geographic location is 4 km, and the user is almost unable to move for 4 km within 2 minutes, so that there is an abnormality in the reading of the user information, and there is a possibility that the storage unit 101 storing the user information is duplicated. In this case, warning information of abnormality of the storage unit 101 may be output to realize early warning.
In one or more embodiments of the present invention, optionally, the user identification system further comprises:
and the display unit is connected with the control unit 105 and is used for displaying the user identity identified by the control unit 105.
In one or more embodiments of the present invention, optionally, the user identification system further comprises:
and the reader is connected with the control unit 105 and is used for sending the user information read by the information reading unit 102 to the control unit 105 and sending the second matching result obtained by the mobile device 104 to the control unit 105.
Fig. 2 is a schematic structural diagram of a user identification system according to another embodiment of the present invention. As shown in fig. 2, the user identification system includes: an ID card 106, an information reading unit 102, a security unit 107, a mobile device 104, an interpreter 108, a control unit 105, a display unit 109, a data storage unit 110, an information matching unit 103, a blockchain unit 111, a user management unit 112, a physical markup language (Physical Markup Language, PML) server 113, a local database 114, and a remote database 115.
Wherein the information reading unit 102 reads user information and a hardware identification of the ID card 106 from the ID card 106.
The security unit 107 is connected to the information reading unit 102, and the security unit 107 matches the hardware identifier of the ID card 106 with a pre-stored hardware identifier in the hardware ID identifier database, so as to record a result of the mismatch between the hardware identifier of the ID card 106 and the pre-stored hardware identifier in the case that the hardware identifier of the ID card 106 does not match with the pre-stored hardware identifier.
The mobile device 104 collects face data, iris data, and fingerprint data of the user and verifies the user's identity.
Specifically, referring to FIG. 3, the mobile device 104 includes a face acquisition module 1041-1, an iris acquisition module 1041-2, and a fingerprint acquisition module 1041-3. The face collection module 1041-1 is used for collecting face data, the iris collection module 1041-2 is used for collecting iris data, and the fingerprint collection module 1041-3 is used for collecting fingerprint data.
The first data processing module 1043 performs edge extraction and normalization processing on the face data, the iris data, and the fingerprint data, respectively.
The feature encoding module 1044 generates an encoding of face data from the face data, an encoding of iris data from the iris data, and an encoding of fingerprint data from the fingerprint data.
The second data processing module 1045 cleans and format-converts the face data, the iris data, and the fingerprint data, respectively, to obtain cleaned face data, iris data, and fingerprint data in a predetermined format.
The data identifying module 1046 identifies the face data, the iris data and the fingerprint data output by the second data processing module, so as to identify whether the face data, the iris data and the fingerprint data conform to the usage conditions of the data matching module 1042, for example, identify whether the face data, the iris data and the fingerprint data are distorted. In the case that the face data, the iris data and the fingerprint data are recognized to respectively meet the use conditions of the data matching module 1042, the face data, the iris data and the fingerprint data are sent to the data matching module 1042.
The data matching module 1042 matches face data output by the data recognition module with face data in the matching information database 1047, matches iris data output by the data recognition module 1046 with iris data in the matching information database 1047, and matches fingerprint data output by the data recognition module 1046 with fingerprint data in the matching information database 1047.
The display module 1048 displays a second matching result, where the second matching result includes whether the face data matches, whether the iris data matches, and whether the fingerprint data matches.
The foregoing is a description of the terminal device 104, and the description of the subscriber identity system is continued with reference to fig. 2.
The interpreter 108 in the user identification system is connected to the control unit 105, and the interpreter 108 sends the user information read by the information reading unit 102 to the control unit 105 and sends the second matching result obtained by the mobile device 104 to the control unit 105. The control unit 105 may be a single-chip microcomputer, or the control unit 105 may comprise a Central Processing Unit (CPU), or an application specific integrated circuit (Application Specific Integrated Circuit, ASIC), or may be configured to implement one or more integrated circuits of embodiments of the present invention.
The control unit 105 sends the user information to the information matching unit 103, and the information matching unit 103 matches the user information read from the ID card 106 with the user information stored in the local database 114, resulting in a first matching result.
The control unit 105 recognizes the user identity based on the second matching result of the terminal device and the first matching result of the information matching unit 103. If the first matching result is that the user information read from the ID card 106 matches the user information stored in the local database 114, and the second matching result is that the face data match, the iris data match, and the fingerprint data match, the user identity is identified as legal. If the first matching result is that the user information read from the ID card 106 does not match the user information stored in the local database 114, or if any one of the face data, the iris data, and the fingerprint data does not match, the user identity is identified as not legal.
The display unit 109 is connected to the control unit 105, and the display unit 109 displays whether the identified user identity is legal. The display unit 109 may display a selection interface, and the staff may select a system flow to enter an alarm system or a positioning system, the positioning system collects the relevant information of the face and the body of the user, performs image processing on the collected information, and uploads the processed information to a retrieval system, that is, performs search query and tracking positioning through the sky eye system of the Beidou positioning system, so as to obtain the dynamic directions of the relevant identity users at any time.
The user management unit 112 is used for managing user information and performing abnormality early warning. For example, the user management unit 112 acquires the point in time when the user information in the ID card 106 was last read 2 times and the geographical position each time the user information was read; judging whether the ID card 106 meets the reading abnormality condition according to the latest 2 times of reading time points and the geographic position; in the case where the reading abnormality condition is satisfied, the alarm information of the abnormality of the ID card 106 is output.
The user management unit 112 is connected with the local database 114 in a data information sharing way, and the user management unit 112 is connected with the PML server 113 through the Internet (Internet), the PML server 113 is connected with the remote database 115 in a network way, and the identified user information is transmitted to the remote database 115 for storage. The PML server 113, remote database 115, and multiple nodes build up a centralized distributed storage environment. The plurality of nodes may be a plurality of data storage units 110.
The PML server 113, the remote database 115 and a plurality of nodes build a distributed architecture forming a centralized distributed storage environment based on a Hadoop distributed file system (Hadoop Distributed File System, HDFS), in order to provide a better data storage function, the centralized distributed storage environment system is divided into a storage layer, a basic service layer and a reference layer, the storage layer comprises a storage unit, a local file system and self-data persistent storage, the basic service layer is divided into two parts of collection analysis and search engines, and the reference layer adopts a modular architecture structure.
Referring to fig. 4, the blockchain unit 111 includes a blockchain network including an authentication node and a record node.
A verification node for receiving the user information transmitted from the control unit 105 and verifying whether the user information is tampered in the process of being transmitted from the control unit 105 to the verification node;
and the recording node is used for recording the user information under the condition that the verification node verifies that the user information is not tampered.
The block chain network performs information interaction with the application program, the application program comprises a data receiving unit, the data receiving unit is respectively and electrically connected with the digital identity information comparing unit and the digital data format converting unit in a bidirectional mode, the data receiving unit is electrically output-connected with the data encrypting unit, the block chain network can be interconnected with a network (net), the net comprises a security engine, and the security engine can interact with multiple groups of Internet of things (Internet of Things, IOT) equipment information. The user information and the information of the operators are ensured to be safe and reliable through verification, comparison and recording, and information leakage is avoided.
The network may implement a secure socket layer (Secure Sockets Layer, SSL) connection of the application with the server, the establishment of the SSL connection comprising the following workflow: (1) applying for establishing SSL protocol connection; (2) initializing required information; (3) validating the encryption algorithm; (4) application validation; (5) transmitting/receiving data.
In the embodiment of the invention, the user identity information is connected with the Internet on the basis of the Internet of things to inquire and identify the identity information, so that the intelligent identification and management functions are realized, the identification of the identity information is enhanced by combining the multi-layer identity identification checkpoints, and the safety is greatly improved. After the identity of the user is identified and collected, according to the identified identity information, the user can be selected to give an alarm in time or to carry out positioning tracking on the user holding the identity information, so that the position information of the user can be acquired in time, the related user information can be provided in special occasions, potential safety hazards which can exist are tracked and eliminated, and the system which can identify the three groups of face data, fingerprint data and iris data of the user identity are put into use, so that the user identity can be identified, matched and compared in multiple layers, the identity of the user can be identified accurately and efficiently, and the possibility that an illegal person can make hands and feet on the identity is reduced.
The invention provides a flow diagram of a user identity recognition method of an embodiment. As shown in fig. 5, the user identification method includes:
in step 201, the mobile device 104 logs into the identification system and sends an authentication request of the ID card to the server, where the authentication request includes an identification of the ID card.
Step 202, the server receives the authentication request, and determines whether the ID card is already on the network according to the ID card identification.
In step 203, in case of access to the network by the ID card, the use is authorized by means of the distribution mechanism of the blockchain. For example, the ID card is assigned a key by means of a blockchain assignment mechanism. To encrypt user information in the ID card using the assigned key and to transmit the encrypted user information when transmitting the user information in the ID card.
In step 204, the system collects the collected information data of the user. The information data includes user information in the ID card and face data, iris data, and fingerprint data of the user.
And step 205, comparing and matching the collected user data with database information. The method specifically comprises the following steps: the collected user information in the ID card is matched with the user information stored in the database, the collected face data is matched with the pre-stored face data, the collected iris data is matched with the pre-stored iris data, and the collected fingerprint data is matched with the pre-stored fingerprint data.
Step 206, performing face authentication, iris authentication and fingerprint authentication. If any one of the face authentication, iris authentication, and fingerprint authentication is not passed, re-authentication is required, i.e., step 204 is re-performed.
Step 207, in the case that the face authentication, iris authentication and fingerprint authentication are all passed, and the authentication of the user information in the ID card is also passed, it is determined that the user identity authentication is passed.
It should be understood that the invention is not limited to the particular arrangements and instrumentality described above and shown in the drawings. For the sake of brevity, a detailed description of known methods is omitted here. In the above embodiments, several specific steps are described and shown as examples. However, the method processes of the present invention are not limited to the specific steps described and shown, and those skilled in the art can make various changes, modifications and additions, or change the order between steps, after appreciating the spirit of the present invention.
The functional blocks shown in the above-described structural block diagrams may be implemented in hardware, software, firmware, or a combination thereof. When implemented in hardware, it may be, for example, an electronic circuit, an Application Specific Integrated Circuit (ASIC), suitable firmware, a plug-in, a function card, or the like. When implemented in software, the elements of the invention are the programs or code segments used to perform the required tasks. The program or code segments may be stored in a machine readable medium or transmitted over transmission media or communication links by a data signal carried in a carrier wave. A "machine-readable medium" may include any medium that can store or transfer information. Examples of machine-readable media include electronic circuitry, semiconductor memory devices, ROM, flash memory, erasable ROM (EROM), floppy disks, CD-ROMs, optical disks, hard disks, fiber optic media, radio Frequency (RF) links, and the like. The code segments may be downloaded via computer networks such as the internet, intranets, etc.
It should also be noted that the exemplary embodiments mentioned in this disclosure describe some methods or systems based on a series of steps or devices. However, the present invention is not limited to the order of the above-described steps, that is, the steps may be performed in the order mentioned in the embodiments, or may be performed in a different order from the order in the embodiments, or several steps may be performed simultaneously.
In the foregoing, only the specific embodiments of the present invention are described, and it will be clearly understood by those skilled in the art that, for convenience and brevity of description, the specific working processes of the systems, modules and units described above may refer to the corresponding processes in the foregoing method embodiments, which are not repeated herein. It should be understood that the scope of the present invention is not limited thereto, and any equivalent modifications or substitutions can be easily made by those skilled in the art within the technical scope of the present invention, and they should be included in the scope of the present invention.
Claims (10)
1. A user identification system, comprising:
a storage unit for storing user information;
an information reading unit configured to read user information from the storage unit in a case where a distance between the storage unit and the information reading unit is smaller than a predetermined threshold;
the information matching unit is used for matching the user information read from the storage unit with the user information stored in the database to obtain a first matching result;
the mobile equipment comprises a characteristic acquisition module and a data matching module, wherein the characteristic acquisition module is used for acquiring first biological characteristic data of a user; the data matching module is used for matching the first biological characteristic data with pre-stored second biological characteristic data to obtain a second matching result;
the control unit is used for identifying the user identity according to the first matching result and the second matching result;
further comprises:
the user management unit is used for acquiring the latest N time points of the user information which are read and the geographic position of each time the user information is read; judging whether the storage unit meets the reading abnormal condition according to the latest N time points and the geographic position; outputting alarm information of the memory cell abnormality under the condition that the reading abnormality condition is met, wherein N is a positive integer;
the exception condition includes: the time points which are read for the last N times have adjacent first time points and second time points, and the distance between a first geographic position corresponding to the first time points and a second geographic position corresponding to the second time points is larger than a preset distance threshold;
the first geographic position is the geographic position of the user information when the first time point is read, and the second geographic position is the geographic position of the user information when the second time point is read;
the information reading unit is also used for reading the hardware identifier of the storage unit;
the user identity recognition system further comprises:
and the safety unit is connected with the information reading unit and is used for matching the hardware identifier of the storage unit with a pre-stored hardware identifier so as to record the result of the mismatch between the hardware identifier of the storage unit and the pre-stored hardware identifier and output alarm information under the condition that the hardware identifier of the storage unit is not matched with the pre-stored hardware identifier.
2. The user identification system of claim 1, wherein the feature collection module comprises a face collection module, an iris collection module, and a fingerprint collection module;
the first biometric data includes: the face data that face collection module gathered, iris data that iris collection module gathered, and the fingerprint data that fingerprint collection module gathered.
3. The subscriber identity system according to claim 1, wherein the mobile device further comprises:
the first data processing module is used for carrying out edge extraction and normalization processing on the first biological characteristic data so that the data matching module matches the first biological characteristic data subjected to the edge extraction and normalization processing with the second biological characteristic data.
4. The subscriber identity system according to claim 1, wherein the mobile device further comprises:
the second data processing module is used for cleaning and format conversion of the first biological characteristic data to obtain the cleaned and preset-format first biological characteristic data;
the data identification module is connected with the second data processing module and is used for identifying whether the first biological characteristic data in the preset format meets a first preset condition or not;
the data matching module is connected with the data identification module, and is used for matching the first biological characteristic data which is in the preset format and meets the first preset condition with the second biological characteristic data.
5. The subscriber identity system according to claim 1, wherein the mobile device further comprises:
and the feature encoding module is used for generating the encoding of the first biological feature data so that the data matching module matches the first biological feature data with the second biological feature data according to the encoding of the first biological feature data.
6. The subscriber identity system according to claim 1, further comprising:
a data storage unit;
the control unit is further used for storing the user information and the information of the information reading unit for reading the user information in a data storage unit in an associated mode;
wherein the information of the information reading unit comprises an identification of the information reading unit and/or a geographical location of the information reading unit.
7. The subscriber identity system of claim 1, further comprising a blockchain unit; the blockchain unit includes:
the verification node is used for receiving the user information sent by the control unit and verifying whether the user information is tampered in the process of being sent from the control unit to the verification node;
and the recording node is used for recording the user information under the condition that the verification node verifies that the user information is not tampered.
8. The subscriber identity system according to claim 1, further comprising:
and the display unit is connected with the control unit and used for displaying the user identity identified by the control unit.
9. The subscriber identity system according to claim 1, further comprising:
and the reader is connected with the control unit and is used for sending the user information read by the information reading unit to the control unit and sending the second matching result obtained by the mobile equipment to the control unit.
10. The subscriber identity system according to claim 1, wherein the storage unit comprises an ID card.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911398337.1A CN113132106B (en) | 2019-12-30 | 2019-12-30 | User identity recognition system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911398337.1A CN113132106B (en) | 2019-12-30 | 2019-12-30 | User identity recognition system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN113132106A CN113132106A (en) | 2021-07-16 |
| CN113132106B true CN113132106B (en) | 2023-08-18 |
Family
ID=76768099
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201911398337.1A Active CN113132106B (en) | 2019-12-30 | 2019-12-30 | User identity recognition system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113132106B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117809348A (en) * | 2023-12-26 | 2024-04-02 | 浙江汉邦瑞商信息技术有限公司 | Security face comparison search system |
Citations (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101860832A (en) * | 2010-06-22 | 2010-10-13 | 候万春 | Device and method for identifying shared mobile phone number of mobile phone subscriber |
| CN103345601A (en) * | 2013-06-28 | 2013-10-09 | 无锡华御信息技术有限公司 | Identity recording and verification system based on radio frequency |
| CN104240342A (en) * | 2014-08-25 | 2014-12-24 | 中国航天科工集团第四研究院指挥自动化技术研发与应用中心 | Access control method and device |
| CN106716503A (en) * | 2016-12-06 | 2017-05-24 | 深圳前海达闼云端智能科技有限公司 | A safety verification method, device and server |
| CN107682336A (en) * | 2017-09-30 | 2018-02-09 | 北京梆梆安全科技有限公司 | A kind of auth method and device based on geographical position |
| CN207367296U (en) * | 2017-11-17 | 2018-05-15 | 中国华电集团公司福建分公司 | Personnel tracking device based on bio-identification |
| CN108492429A (en) * | 2018-05-23 | 2018-09-04 | 上海弘目智能科技有限公司 | Double mode personal identity authentication process and system |
| CN108711207A (en) * | 2018-05-17 | 2018-10-26 | 立旃(上海)科技有限公司 | Computer room management system based on block chain and method |
| CN109376725A (en) * | 2018-12-21 | 2019-02-22 | 北京无线电计量测试研究所 | A kind of identification check method and apparatus based on iris recognition |
| CN110457878A (en) * | 2019-08-14 | 2019-11-15 | 北京中电普华信息技术有限公司 | A kind of identity identifying method based on block chain, apparatus and system |
| CN110473319A (en) * | 2019-07-30 | 2019-11-19 | 武汉慧联无限科技有限公司 | A kind of door opening method of access control system, device, equipment and readable medium |
| CN209842636U (en) * | 2019-07-30 | 2019-12-24 | 重庆德尔星测控技术有限公司 | Identity recognition system for prisons |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US10698995B2 (en) * | 2014-08-28 | 2020-06-30 | Facetec, Inc. | Method to verify identity using a previously collected biometric image/data |
| CN109034815B (en) * | 2017-06-09 | 2021-06-18 | 创新先进技术有限公司 | Method and device for performing security verification based on biological characteristics |
-
2019
- 2019-12-30 CN CN201911398337.1A patent/CN113132106B/en active Active
Patent Citations (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101860832A (en) * | 2010-06-22 | 2010-10-13 | 候万春 | Device and method for identifying shared mobile phone number of mobile phone subscriber |
| CN103345601A (en) * | 2013-06-28 | 2013-10-09 | 无锡华御信息技术有限公司 | Identity recording and verification system based on radio frequency |
| CN104240342A (en) * | 2014-08-25 | 2014-12-24 | 中国航天科工集团第四研究院指挥自动化技术研发与应用中心 | Access control method and device |
| CN106716503A (en) * | 2016-12-06 | 2017-05-24 | 深圳前海达闼云端智能科技有限公司 | A safety verification method, device and server |
| CN107682336A (en) * | 2017-09-30 | 2018-02-09 | 北京梆梆安全科技有限公司 | A kind of auth method and device based on geographical position |
| CN207367296U (en) * | 2017-11-17 | 2018-05-15 | 中国华电集团公司福建分公司 | Personnel tracking device based on bio-identification |
| CN108711207A (en) * | 2018-05-17 | 2018-10-26 | 立旃(上海)科技有限公司 | Computer room management system based on block chain and method |
| CN108492429A (en) * | 2018-05-23 | 2018-09-04 | 上海弘目智能科技有限公司 | Double mode personal identity authentication process and system |
| CN109376725A (en) * | 2018-12-21 | 2019-02-22 | 北京无线电计量测试研究所 | A kind of identification check method and apparatus based on iris recognition |
| CN110473319A (en) * | 2019-07-30 | 2019-11-19 | 武汉慧联无限科技有限公司 | A kind of door opening method of access control system, device, equipment and readable medium |
| CN209842636U (en) * | 2019-07-30 | 2019-12-24 | 重庆德尔星测控技术有限公司 | Identity recognition system for prisons |
| CN110457878A (en) * | 2019-08-14 | 2019-11-15 | 北京中电普华信息技术有限公司 | A kind of identity identifying method based on block chain, apparatus and system |
Non-Patent Citations (1)
| Title |
|---|
| Research and Implementation of Access Control System Based on RFID and FNN-Face Recognition;Xiang Pan;2012 Second International Conference on Intelligent System Design and Engineering Application;全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN113132106A (en) | 2021-07-16 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109639632B (en) | User information management method based on block chain, electronic equipment and storage medium | |
| US7773779B2 (en) | Biometric systems | |
| AU2010282394B2 (en) | An intelligent peripheral device and system for the authentication and verification of individuals and/ or documents through a secure multifunctional authentication service with data storage capability | |
| US11044244B2 (en) | Authenticating devices via one or more pseudorandom sequences and one or more tokens | |
| WO2022001778A1 (en) | Method and device for uploading health information, storage medium and electronic device | |
| CN104240342A (en) | Access control method and device | |
| CN104639517A (en) | Method and device for verifying identities by aid of human body biological characteristics | |
| CN105260757A (en) | Ticket checking system combining palm vein authentication and mobile positioning and method | |
| CN109948320B (en) | Block chain-based identity recognition management method, device, medium and electronic equipment | |
| CN106710032B (en) | Entrance guard opening method and device | |
| CN107004077A (en) | Method and system for providing safe and independently operable biological characteristic authentication | |
| CN104240013A (en) | Door access control method and door access control platform | |
| CN104240014A (en) | Door access control method and door access control platform | |
| CN109242666A (en) | Personal reference method, apparatus and computer equipment are obtained based on block chain | |
| CN111553689A (en) | Matching correlation method and system based on quadratic hash | |
| CN115662657A (en) | Online inquiry system based on internet hospital | |
| CN113132106B (en) | User identity recognition system | |
| US20230246820A1 (en) | Dynamic privacy-preserving application authentication | |
| CN116166839B (en) | Core drilling process supervision system, method, medium and computer | |
| CN110222187B (en) | Common activity detection and data sharing method for protecting user privacy | |
| CN115690969A (en) | Non-contact fingerprint authentication method, terminal, access control equipment and storage medium | |
| CN112669501B (en) | Access control method, device and computer readable storage medium | |
| US20180114005A1 (en) | System and method for managing identity information stored in a cloud server | |
| CN111553694A (en) | Distributed storage block chain method and system | |
| CN108492214B (en) | Mobile terminal, server, management system and self-service check-in system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |