CN113347213B - Trusted channel authentication system based on protection of sensitive data of evanescent member - Google Patents

Trusted channel authentication system based on protection of sensitive data of evanescent member Download PDF

Info

Publication number
CN113347213B
CN113347213B CN202110894865.7A CN202110894865A CN113347213B CN 113347213 B CN113347213 B CN 113347213B CN 202110894865 A CN202110894865 A CN 202110894865A CN 113347213 B CN113347213 B CN 113347213B
Authority
CN
China
Prior art keywords
data
management module
module
sensitive
authentication
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202110894865.7A
Other languages
Chinese (zh)
Other versions
CN113347213A (en
Inventor
张卫平
张浩宇
张思琪
米小武
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Global Digital Group Co Ltd
Original Assignee
Global Digital Group Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Global Digital Group Co Ltd filed Critical Global Digital Group Co Ltd
Priority to CN202110894865.7A priority Critical patent/CN113347213B/en
Publication of CN113347213A publication Critical patent/CN113347213A/en
Application granted granted Critical
Publication of CN113347213B publication Critical patent/CN113347213B/en
Priority to PCT/CN2022/100979 priority patent/WO2023011042A1/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Bioethics (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computing Systems (AREA)
  • Medical Informatics (AREA)
  • Databases & Information Systems (AREA)
  • Storage Device Security (AREA)

Abstract

The invention provides a trusted channel authentication system based on protection of sensitive data of an elapsed member, which comprises a member management module, a data management module, a trusted authentication module and a sensitive identification module, wherein the member management module is used for storing basic information of the member and judging whether the member elapses, the data management module is used for storing data information of the member, the trusted authentication module is used for acquiring the data information of the member and performing trusted authentication, and the sensitive identification module is used for performing sensitivity identification on data items in the data information. The trusted authentication module adopts an encryption protection mechanism when acquiring data, acquires a data saving code from the member management module to serve as a certificate for acquiring the data from the data management module, and protects sensitive data of a vanishing user, so that the data security of the user is protected on the premise of ensuring a trusted authentication function.

Description

Trusted channel authentication system based on protection of sensitive data of evanescent member
Technical Field
The invention relates to the technical field of trusted authentication, in particular to a trusted channel authentication system based on protection of sensitive data of an elapsed member.
Background
Mutual trust is the premise of communication of social objects, is the basis of stable development of society, and currently, many systems provide trusted authentication third-party services, so that many investigation costs are reduced for each object, but the systems also have the risk of revealing safety privacy.
Now, a plurality of trusted channel authentication systems have been developed, and through a large number of searches and references, it is found that the existing authentication systems are disclosed as KR101483895B1, KR101488627B1, CN102801524B and KR101740391B1, and the system comprises four modules, namely a trusted authentication module based on combined public key CPK identification authentication, a trust calculable module meeting temporary service and rapid service recombination, an automatic trust negotiation module based on intelligent agent technology and meeting dynamic service requirements and automation degree requirements, and a service credibility prediction module based on fuzzy heterogeneous markov system and multiple regression analysis. But the system is not perfect for the protection mechanism of the member, and especially sensitive data of the elapsed user has a great leakage risk.
Disclosure of Invention
The invention aims to solve the existing defects and provides a trusted channel authentication system based on protection of sensitive data of an evanescent member,
the invention adopts the following technical scheme:
a credible channel authentication system based on protection of sensitive data of an elapsed member comprises a member management module, a data management module, a credible authentication module and a sensitive identification module, wherein the member management module is used for storing basic information of the member and judging whether the member elapses or not, the data management module is used for storing data information of the member, the credible authentication module is used for acquiring the data information of the member and carrying out credible authentication, and the sensitive identification module is used for carrying out sensitivity identification on data items in the data information;
the member management module monitors the activity of each member, and the calculation formula of the activity H is as follows:
Figure 220313DEST_PATH_IMAGE001
wherein, TiIndicating the time interval, t, between the last i-th logged-on system and the current timeiRepresenting the activity duration when the ith last time logs in the system, and n representing the number of times of logging in the system for participating in activity calculation;
when the activity is lower than a threshold value, the member management module sends a prompt message to the corresponding member, and if the corresponding member does not log in the system within a specified time, the member is classified as an elapsed member;
the sensitive recognition module is internally provided with a sensitive word bank, the sensitive word bank contains preset sensitive words, each sensitive word has a sensitivity coefficient, and the identification formula of the sensitivity M of the sensitive recognition module to the data item is as follows:
Figure 807152DEST_PATH_IMAGE002
wherein k is a weight reduction coefficient less than 1, giThe number of the sensitivity coefficients of the data items containing the sensitive words is the ith sensitivity coefficient after the sensitivity coefficients of the data items containing the sensitive words are arranged in a descending order, and m is the number of the sensitive words contained in the data items;
when the sensitivity of a data item exceeds a threshold, the data item will be privacy protected;
the system further comprises a user client side used for logging in the system, the user client side is connected with the credible authentication module and obtains the access right of a personal information center of a corresponding member in the member management module, the data information is sent to the data management module by accessing the personal information center to upload the data information of the member, and the data management module returns a data storage code to the personal information center;
furthermore, the trusted authentication module comprises a member access unit, a member search unit, a data search unit and an authentication feedback unit, wherein the member access unit is in butt joint with the user client, the member search unit is used for searching members in the member management module, the data search unit is used for searching data in the data management module, and the authentication feedback unit is used for performing trusted authentication on the searched data;
further, the data storage codes comprise a first encryption code and a second encryption code, the first encryption code is generated by the data management module by using a head address and a verification code of the stored data and is sent to the member management module, and the second encryption code is generated by the member management module by using the first encryption code and the member ID and is stored in the personal information center;
further, the trusted authentication module performs member authentication on the accessed user client, and if the corresponding member information is not searched in the member management module, the trusted authentication module actively disconnects the user client.
The beneficial effects obtained by the invention are as follows:
the system monitors the liveness of the user, finds the lost user in time and starts a sensitive data protection mechanism of the lost user to protect the privacy from being disclosed, and carries out sensitivity identification on the data information to realize the protection of sensitive data on the premise of not influencing the credible authentication function.
Drawings
The invention will be further understood from the following description in conjunction with the accompanying drawings. The components in the figures are not necessarily to scale, emphasis instead being placed upon illustrating the principles of the embodiments. Like reference numerals designate corresponding parts throughout the different views.
FIG. 1 is a schematic view of an overall structural framework;
FIG. 2 is a schematic diagram of a trusted authentication module;
FIG. 3 is a schematic diagram illustrating a process for authenticating a member of a user client;
FIG. 4 is a schematic flow chart of an encryption mechanism for stored data;
FIG. 5 is a diagram illustrating data of time required for liveness.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is further described in detail below with reference to embodiments thereof; it should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention. Other systems, methods, and/or features of the present embodiments will become apparent to those skilled in the art upon review of the following detailed description. It is intended that all such additional systems, methods, features and advantages be included within this description, be within the scope of the invention, and be protected by the accompanying claims. Additional features of the disclosed embodiments are described in, and will be apparent from, the detailed description that follows.
The same or similar reference numerals in the drawings of the embodiments of the present invention correspond to the same or similar components; in the description of the present invention, it should be understood that if there is an orientation or positional relationship indicated by terms such as "upper", "lower", "left", "right", etc., based on the orientation or positional relationship shown in the drawings, it is only for convenience of description and simplification of description, but it is not indicated or implied that the device or component referred to must have a specific orientation, be constructed and operated in a specific orientation, and therefore, the terms describing the positional relationship in the drawings are only used for illustrative purposes and are not to be construed as limitations of the present patent, and specific meanings of the terms may be understood by those skilled in the art according to specific situations.
The first embodiment.
The embodiment provides a trusted channel authentication system based on protection of sensitive data of an elapsed member, which comprises a member management module, a data management module, a trusted authentication module and a sensitive identification module, wherein the member management module is used for storing basic information of the member and judging whether the member elapses or not, the data management module is used for storing data information of the member, the trusted authentication module is used for acquiring the data information of the member and performing trusted authentication, and the sensitive identification module is used for performing sensitivity identification on data items in the data information;
the member management module monitors the activity of each member, and the calculation formula of the activity H is as follows:
Figure 957554DEST_PATH_IMAGE003
wherein, TiIndicating the time interval, t, between the last i-th logged-on system and the current timeiRepresenting the activity duration when the ith last time logs in the system, and n representing the number of times of logging in the system for participating in activity calculation;
when the activity is lower than a threshold value, the member management module sends a prompt message to the corresponding member, and if the corresponding member does not log in the system within a specified time, the member is classified as an elapsed member;
the sensitive recognition module is internally provided with a sensitive word bank, the sensitive word bank contains preset sensitive words, each sensitive word has a sensitivity coefficient, and the identification formula of the sensitivity M of the sensitive recognition module to the data item is as follows:
Figure 288041DEST_PATH_IMAGE004
wherein k is a weight reduction coefficient less than 1, giThe number of the sensitivity coefficients of the data items containing the sensitive words is the ith sensitivity coefficient after the sensitivity coefficients of the data items containing the sensitive words are arranged in a descending order, and m is the number of the sensitive words contained in the data items;
when the sensitivity of a data item exceeds a threshold, the data item will be privacy protected;
the system also comprises a user client used for logging in the system, wherein the user client is connected with the credible authentication module and obtains the access right of a personal information center of a corresponding member in the member management module;
the trusted authentication module comprises a member access unit, a member search unit, a data search unit and an authentication feedback unit, wherein the member access unit is in butt joint with a user client, the member search unit is used for searching members in the member management module, the data search unit is used for searching data in the data management module, and the authentication feedback unit is used for performing trusted authentication on the searched data;
the data storage codes comprise first encryption codes and second encryption codes, the first encryption codes are generated by the data management module by using the head addresses and the verification codes of the stored data and are sent to the member management module, and the second encryption codes are generated by the member management module by using the first encryption codes and the member IDs and are stored in the personal information center;
the trusted authentication module performs member authentication on the accessed user client, and if corresponding member information is not searched in the member management module, the trusted authentication module can actively disconnect the user client.
Example two.
The embodiment includes all contents of the first embodiment, and with reference to fig. 1, the embodiment provides a trusted channel authentication system based on protected and elapsed member sensitive data, which includes a member management module, a data management module, a trusted authentication module and a sensitive identification module, where the member management module is configured to store member basic information, the data management module is configured to store member data information, the trusted authentication module is configured to acquire member data information corresponding to a member and perform trusted authentication, and the sensitive identification module is configured to perform sensitivity identification on data in the data management module;
the system also comprises a user client, wherein the user client is used for user registration and login, basic information of a new member is generated in the member management module after the new user is registered, and the user client is accessed to the credible authentication module after the new user is logged in and carries out credible authentication on the existing member through the credible authentication module;
the user client acquires partial access right of the member management module after successful registration, wherein the partial access right refers to that the user client can log in a personal information center in the member management module, the data information of a member is uploaded through the personal information center, the data information is sent to the data management module, the data management module returns a data saving code to the personal information center, and the data saving code is recorded in the personal information center;
with reference to fig. 2 and fig. 3, the trusted authentication module includes a member access unit, a member search unit, a data search unit, and an authentication feedback unit, and the trusted authentication module performs member authentication on an accessed client, including the following steps:
s1, the member access unit actively acquires member information of an access client and sends the member information to the member search unit;
s2, the member searching unit searches in the member management module according to the received member information and feeds back the searching result;
s3, if the feedback result is that the member exists, the credible authentication module further opens the function to the client, if the feedback result is that the member does not exist, the user is regarded as an illegal user, and the connection with the user client is actively disconnected;
the trusted authentication module generates a trusted authentication communication space after completing member authentication on the access client, the user client inputs the information of other members to be authenticated in the trusted authentication communication space, the member searching unit searches in the member management module according to the member information in the credible authentication communication space, acquires a corresponding data storage code and sends the data storage code to the data searching unit, the data searching unit searches the data management module for data information of a corresponding member according to the data saving code, the sensitivity identification module carries out sensitivity identification on the searched data information, the data search unit sends the corresponding data information to the authentication feedback unit according to the sensitivity identification result, the authentication feedback unit carries out credible authentication on the received data information and returns the result to the credible authentication communication space;
with reference to fig. 5, the member management module monitors the activity of each member, and when the activity of a member is lower than a threshold, the member management module sends information to the member according to a contact manner in the personal information center of the member, and if the member cannot log in the system within a specified time, the member management module classifies the member as an elapsed member and starts a sensitivity data protection mechanism for the member;
the calculation formula of the activity degree H is as follows:
Figure 404901DEST_PATH_IMAGE005
wherein, TiIndicating the time interval, t, between the last i entry of the system and the current timeiIndicating the length of activity at the time of the i-th last log-in to the system,n represents the number of times of logging in the system participating in liveness calculation, and in the embodiment, n is 5;
example three.
The present embodiment includes all the contents of the above embodiments, where the data saving code of the present embodiment is generated by the data management module, is stored in the member management module, and is used to search data of a corresponding member after being acquired by the trusted authentication module, and the data saving code is encrypted and protected by using an encryption technology when circulating in the three modules;
with reference to fig. 4, the data management module generates a verification code after a member uploads data information for the first time, the verification code and a first address of stored data information are combined into a first encryption code, the first encryption code is sent to the member management module and then combined into a second encryption code with ID information of a corresponding member, a member search unit of the trusted authentication module obtains the second encryption code and then decodes the second encryption code into the first encryption code by using the member ID information, the data search unit decodes the first encryption code into the first address information and the verification code, the data search unit finds a data storage area of the corresponding member in the data management module according to the first address information, and then obtains data after verification is completed by using the verification code;
the data saving code is a general name of the first encryption code and the second encryption code;
the data search unit is internally provided with a first decoder for decoding the first encryption code, and the member search unit is internally provided with a second decoder for decoding the second encryption code;
the encryption mode of the first encryptor is as follows:
Figure 428221DEST_PATH_IMAGE006
wherein Z isiIth digit, X, representing a first encryption codeiI-th digit code, Y, representing first address informationiI-th digit, k, representing the verification code1Is a first encryption coefficient;
the encryption mode of the second encryptor is as follows:
Figure 997743DEST_PATH_IMAGE007
wherein Z isi' an ith digit, X, representing a second encryption codei' i-th digit code representing first encryption code, Yi' ith digit code, k, representing Member ID1' is and k1A second, different encryption coefficient;
it should be noted that the verification code has the same number of bits as the first address, and the first encryption code has the same number of bits as the member ID;
the sensitive recognition module is internally provided with a sensitive word bank, the sensitive word bank contains preset sensitive words, each sensitive word has a sensitivity coefficient, the sensitive recognition module carries out sensitivity identification on each item of data according to the sensitive word bank, and the identification formula of the sensitivity M is as follows:
Figure 663079DEST_PATH_IMAGE008
wherein k is a weight reduction coefficient less than 1, giThe number of the sensitivity coefficients of the data items containing the sensitive words is the ith sensitivity coefficient after the sensitivity coefficients of the data items containing the sensitive words are arranged in a descending order, and m is the number of the sensitive words contained in the data items;
when the sensitivity of a certain data item of an elapsed member exceeds a threshold value, the data item will not be sent to the authentication feedback unit;
the trusted authentication module performs necessary data verification on the user before the user client performs trusted authentication on other members, the data search module actively retrieves the data of the user in the data management module, and if the user is detected not to upload necessary data information, a prompt is sent to the user client until the necessary data in the data management module is detected, and then a trusted authentication function is opened.
Although the invention has been described above with reference to various embodiments, it should be understood that many changes and modifications may be made without departing from the scope of the invention. That is, the methods, systems, and devices discussed above are examples. Various configurations may omit, substitute, or add various procedures or components as appropriate. For example, in alternative configurations, the methods may be performed in an order different than that described, and/or various components may be added, omitted, and/or combined. Moreover, features described with respect to certain configurations may be combined in various other configurations, as different aspects and elements of the configurations may be combined in a similar manner. Further, elements therein may be updated as technology evolves, i.e., many elements are examples and do not limit the scope of the disclosure or claims.
Specific details are given in the description to provide a thorough understanding of the exemplary configurations including implementations. However, configurations may be practiced without these specific details, for example, well-known circuits, processes, algorithms, structures, and techniques have been shown without unnecessary detail in order to avoid obscuring the configurations. This description provides example configurations only, and does not limit the scope, applicability, or configuration of the claims. Rather, the foregoing description of the configurations will provide those skilled in the art with an enabling description for implementing the described techniques. Various changes may be made in the function and arrangement of elements without departing from the spirit or scope of the disclosure.
In conclusion, it is intended that the foregoing detailed description be regarded as illustrative rather than limiting, and that it be understood that these examples are illustrative only and are not intended to limit the scope of the invention. After reading the description of the invention, the skilled person can make various changes or modifications to the invention, and these equivalent changes and modifications also fall into the scope of the invention defined by the claims.

Claims (5)

1. A trusted channel authentication system based on protected sensitive data of an elapsed member is characterized by comprising a member management module, a data management module, a trusted authentication module and a sensitive identification module, wherein the member management module is used for storing basic information of the member and judging whether the member elapses or not, the data management module is used for storing data information of the member, the trusted authentication module is used for acquiring the data information of the member and performing trusted authentication, and the sensitive identification module is used for performing sensitivity identification on a data item in the data information;
the member management module monitors the activity of each member, and the calculation formula of the activity H is as follows:
Figure DEST_PATH_IMAGE001
wherein, TiIndicating the time interval, t, between the last i-th logged-on system and the current timeiRepresenting the activity duration when the ith last time logs in the system, and n representing the number of times of logging in the system for participating in activity calculation;
when the activity is lower than a threshold value, the member management module sends a prompt message to the corresponding member, if the corresponding member does not log in the system within a specified time, the member is classified as an elapsed member, and a sensitivity data protection mechanism is started for the member;
the sensitive recognition module is internally provided with a sensitive word bank, the sensitive word bank contains preset sensitive words, each sensitive word has a sensitivity coefficient, and the identification formula of the sensitivity M of the sensitive recognition module to the data item is as follows:
Figure 713757DEST_PATH_IMAGE002
wherein k is a weight reduction coefficient less than 1, giThe number of the sensitivity coefficients of the data items containing the sensitive words is the ith sensitivity coefficient after the sensitivity coefficients of the data items containing the sensitive words are arranged in a descending order, and m is the number of the sensitive words contained in the data items;
when the sensitivity of a data item exceeds a threshold, the data item will be privacy protected.
2. The trusted channel authentication system for protecting sensitive data of an elapsed member as claimed in claim 1, wherein said system further comprises a user client for logging in said system, said user client being connected to said trusted authentication module and obtaining access to a personal information center of a corresponding member in said member management module, said data information being sent to said data management module by accessing said personal information center to upload data information of the member, said data management module returning a data save code to said personal information center.
3. A trusted channel authentication system based on protecting sensitive data of an elapsed member as defined in claim 2, wherein said trusted authentication module includes a member access unit interfacing with a user client, a member search unit for searching for a member in said member management module, a data search unit for searching for data in said data management module, and an authentication feedback unit for performing trusted authentication on the searched data.
4. The trusted channel authentication system for protecting sensitive data of a passing member as claimed in claim 3, wherein said data saving code includes a first encryption code and a second encryption code, said first encryption code being generated by said data management module using a head address of the saved data and a verification code and transmitted to said member management module, said second encryption code being generated by said member management module using the first encryption code and the member ID and stored in the personal information center.
5. The trusted channel authentication system for protecting sensitive data of an elapsed member as claimed in claim 4, wherein said trusted authentication module performs member authentication on an accessed user client first, and if no corresponding member information is searched in said member management module, said trusted authentication module actively disconnects from said user client.
CN202110894865.7A 2021-08-05 2021-08-05 Trusted channel authentication system based on protection of sensitive data of evanescent member Active CN113347213B (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN202110894865.7A CN113347213B (en) 2021-08-05 2021-08-05 Trusted channel authentication system based on protection of sensitive data of evanescent member
PCT/CN2022/100979 WO2023011042A1 (en) 2021-08-05 2022-06-24 Trusted channel authentication system based on protection of sensitive data of evanescent member

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110894865.7A CN113347213B (en) 2021-08-05 2021-08-05 Trusted channel authentication system based on protection of sensitive data of evanescent member

Publications (2)

Publication Number Publication Date
CN113347213A CN113347213A (en) 2021-09-03
CN113347213B true CN113347213B (en) 2021-10-29

Family

ID=77480767

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110894865.7A Active CN113347213B (en) 2021-08-05 2021-08-05 Trusted channel authentication system based on protection of sensitive data of evanescent member

Country Status (2)

Country Link
CN (1) CN113347213B (en)
WO (1) WO2023011042A1 (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113347213B (en) * 2021-08-05 2021-10-29 环球数科集团有限公司 Trusted channel authentication system based on protection of sensitive data of evanescent member

Family Cites Families (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101478450B (en) * 2009-02-12 2011-09-28 阿里巴巴集团控股有限公司 Monitoring method and server for network user active degree
US8560722B2 (en) * 2011-03-18 2013-10-15 International Business Machines Corporation System and method to govern sensitive data exchange with mobile devices based on threshold sensitivity values
US20160189158A1 (en) * 2014-12-29 2016-06-30 Ebay Inc. Authenticating requests to access accounts based on prior requests
CN105574216A (en) * 2016-03-07 2016-05-11 达而观信息科技(上海)有限公司 Personalized recommendation method and system based on probability model and user behavior analysis
CN108449327B (en) * 2018-02-27 2020-06-23 平安科技(深圳)有限公司 Account cleaning method and device, terminal equipment and storage medium
CN110020553A (en) * 2019-04-12 2019-07-16 山东浪潮云信息技术有限公司 A kind of method and system for protecting sensitive data
US11138281B2 (en) * 2019-05-22 2021-10-05 Microsoft Technology Licensing, Llc System user attribute relevance based on activity
US20210026982A1 (en) * 2019-07-25 2021-01-28 Commvault Systems, Inc. Sensitive data extrapolation system
CN111160992A (en) * 2020-01-02 2020-05-15 焦点科技股份有限公司 Marketing system based on user portrait system
CN112445690B (en) * 2020-11-27 2023-07-25 广州三七互娱科技有限公司 Information acquisition method and device and electronic equipment
CN113347213B (en) * 2021-08-05 2021-10-29 环球数科集团有限公司 Trusted channel authentication system based on protection of sensitive data of evanescent member

Also Published As

Publication number Publication date
WO2023011042A1 (en) 2023-02-09
CN113347213A (en) 2021-09-03

Similar Documents

Publication Publication Date Title
US11937081B2 (en) Quorum-based secure authentication
US9959417B2 (en) Methods and systems for preventing transmission of sensitive data from a remote computer device
US20070168677A1 (en) Changing user authentication method by timer and the user context
JP2010518493A (en) Method and system for dynamically controlling access to a network
JP2000315999A (en) Cryptographic key generating method
Kantarci et al. Towards secure cloud-centric internet of biometric things
CN113347213B (en) Trusted channel authentication system based on protection of sensitive data of evanescent member
CN111553689A (en) Matching correlation method and system based on quadratic hash
JP2007199995A (en) Access controller, access control method, and program
CN106296926B (en) A kind of intelligent entrance guard control system and method based on mandate in limited time
KR20190061606A (en) Method and system for protecting personal information infringement using division of authentication process and biometrics authentication
CN114239041A (en) Data safety protection system based on internet
US11755704B2 (en) Facilitating secure unlocking of a computing device
KR101955449B1 (en) Method and system for protecting personal information infingement using division of authentication process and biometrics authentication
CN112702359A (en) Data information safety management method, system, computer equipment and storage medium
Li et al. A privacy protection mechanism for numerical control information in Internet of things
US20140041003A1 (en) Method of and system for gaining secure access to a service
EP4016924A1 (en) Risk-aware access control system and related methods
KR101594315B1 (en) Service providing method and server using third party's authentication
Griffin Biometric-based cybersecurity techniques
US11706214B2 (en) Continuous multifactor authentication system integration with corporate security systems
KR100864330B1 (en) Data communication method and system, and computer readable recording medium
AKANNI PROTECTION OF CYBER PHYSICAL SYSTEMS WITH BIOMETRICS
Luo et al. Privacy information management for video surveillance
CN115277246A (en) Financial data safety system and method based on block chain

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant