CN114707133A - Smart store identity authentication method and system based on SaaS - Google Patents

Smart store identity authentication method and system based on SaaS Download PDF

Info

Publication number
CN114707133A
CN114707133A CN202210552218.2A CN202210552218A CN114707133A CN 114707133 A CN114707133 A CN 114707133A CN 202210552218 A CN202210552218 A CN 202210552218A CN 114707133 A CN114707133 A CN 114707133A
Authority
CN
China
Prior art keywords
feature
user
suspected
abstract
characteristic
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202210552218.2A
Other languages
Chinese (zh)
Inventor
张伟
张育宏
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen Sixun Network Technology Co ltd
Original Assignee
Shenzhen Sixun Network Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Sixun Network Technology Co ltd filed Critical Shenzhen Sixun Network Technology Co ltd
Priority to CN202210552218.2A priority Critical patent/CN114707133A/en
Publication of CN114707133A publication Critical patent/CN114707133A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F18/00Pattern recognition
    • G06F18/20Analysing
    • G06F18/22Matching criteria, e.g. proximity measures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0861Network architectures or network communication protocols for network security for authentication of entities using biometrical features, e.g. fingerprint, retina-scan
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • H04L9/3231Biological data, e.g. fingerprint, voice or retina

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Signal Processing (AREA)
  • Data Mining & Analysis (AREA)
  • Physics & Mathematics (AREA)
  • Life Sciences & Earth Sciences (AREA)
  • General Physics & Mathematics (AREA)
  • General Health & Medical Sciences (AREA)
  • Biomedical Technology (AREA)
  • Biodiversity & Conservation Biology (AREA)
  • Bioinformatics & Computational Biology (AREA)
  • Artificial Intelligence (AREA)
  • Bioinformatics & Cheminformatics (AREA)
  • Evolutionary Computation (AREA)
  • Evolutionary Biology (AREA)
  • Computer Vision & Pattern Recognition (AREA)
  • Computing Systems (AREA)
  • Software Systems (AREA)
  • Collating Specific Patterns (AREA)

Abstract

The invention provides a method and a system for authenticating identity of an intelligent store based on SaaS (software as a service), which are applied to a server side in an authentication system, and the method comprises the following steps: receiving a first feature abstract sent by a user side; determining a corresponding suspected user range according to the first characteristic abstract, acquiring a standard authentication image of each suspected user, and processing the standard authentication image by using an interference algorithm to obtain a plurality of conversion images; extracting suspected user features from the transformed images aiming at each transformed image of each suspected user, and processing the suspected user features by using an irreversible abstract algorithm to obtain a second feature abstract; and comparing each second characteristic abstract with the first characteristic abstract, taking a suspected user corresponding to the second characteristic abstract which is the same as the first characteristic abstract as a login user, and allowing the client to login. By applying the embodiment of the invention, the condition of authentication error or authentication incapability is not easy to occur.

Description

Smart store identity authentication method and system based on SaaS
Technical Field
The invention relates to the technical field of identity authentication, in particular to a method and a system for authenticating the identity of an intelligent store based on SaaS.
Background
In SaaS (Software-as-a-Service), Software manufacturers uniformly deploy application Software on their Service terminals, and users can order required application Software services to the Software manufacturers through the internet according to actual working requirements, pay fees to the Software manufacturers according to the number of Service modules ordered and the time duration, and obtain services provided by the SaaS Software manufacturers through the internet. When a user uses the SaaS platform, login authentication is required, and the existing authentication modes mainly include an account password, a fingerprint authentication mode and a face brushing authentication mode. The most common method is account password login, but in order to improve the security of a user account, many software manufacturers add fingerprint and face brushing authentication modes during user login authentication.
At present, in the existing fingerprint and face brushing authentication mode, the basic process is as follows: the fingerprint or face image is collected by using an image collecting device, then the image is cut and compressed and then uploaded to a server side, and the server side permits login after verification is passed.
However, even when an image is cropped and compressed in the prior art, features included in the image are cropped and compressed simultaneously, which causes loss of human face or fingerprint features included in the image, and is likely to cause authentication errors or failure in authentication.
Disclosure of Invention
The technical problem to be solved by the present invention is how to provide a method and a system for authenticating an identity of an intelligent store based on SaaS to reduce the situations of authentication errors or authentication incapability existing in the prior art.
The invention solves the technical problems through the following technical means:
the invention provides a SaaS-based intelligent store identity authentication method, which is applied to a server side in an authentication system, wherein the authentication system comprises the server side and a user side, and the method comprises the following steps:
receiving a first feature abstract sent by a user side, wherein the first feature abstract is obtained by processing login user features in an original image of a login user by the user side through an irreversible abstract algorithm, and the original image comprises: one or a combination of a face image and a fingerprint image;
determining a corresponding range of suspected users according to the first feature abstract, acquiring a standard authentication image of each suspected user, and processing the standard authentication image by using an interference algorithm to obtain a plurality of conversion images, wherein the interference algorithm comprises: one or a combination of a noise algorithm and a perturbation algorithm;
aiming at each transformed image of each suspected user, extracting suspected user features from the transformed image, and processing the suspected user features by using an irreversible abstract algorithm to obtain a second feature abstract;
and comparing each second characteristic abstract with the first characteristic abstract, taking a suspected user corresponding to the second characteristic abstract which is the same as the first characteristic abstract as a login user, and allowing the client to login.
Optionally, the generating process of the first feature abstract includes:
extracting the characteristics of the login user from the original image by using a characteristic extraction algorithm;
performing significance evaluation on the login user characteristics in the original image according to a preset characteristic significance evaluation model to obtain a first significance score corresponding to each login user characteristic;
sequencing the characteristics of all login users according to the first significance score to obtain a first characteristic sequence;
intercepting a first subsequence formed by login user features with a first number of sequence orders with larger first significance scores from the first feature sequence;
and processing the first subsequence by utilizing a Hash algorithm to obtain a first characteristic abstract.
Optionally, the determining a corresponding suspected user range according to the first feature abstract includes:
and acquiring the nearest operator gateway address corresponding to the IP address according to the IP address of the user side of the first characteristic abstract, and taking all system users using the operator gateway address as suspected users.
Optionally, the determining a corresponding suspected user range according to the first feature abstract includes:
and acquiring partial characteristics of the login user characteristics, wherein the partial characteristics are the login user characteristics of a second number of sequence orders with larger first significance scores extracted from the first characteristic sequence by the user side, and the second number is smaller than the first number.
Optionally, the extracting the suspected user feature from the transformed image, and processing the suspected user feature by using an irreversible digest algorithm to obtain a second feature digest includes:
extracting suspected user features from the transformed image by using a feature extraction algorithm;
carrying out significance evaluation on suspected user features in the transformed image according to a preset feature significance evaluation model to obtain a second significance score corresponding to each suspected user feature;
sorting each suspected user characteristic according to the second significance score to obtain a second characteristic sequence;
intercepting a second subsequence formed by suspected user features with larger second significance scores and a first number of sequential orders from the second feature sequence;
and processing the second subsequence by using a Hash algorithm to obtain a second characteristic abstract.
Optionally, the intercepting a second subsequence formed by the suspected user features with a first number of sequential orders with a larger second significance score from the second feature sequence includes:
intercepting a third number of suspected user features with larger second significance scores in the sequential order from the second feature sequence to obtain a feature set, wherein the third number is larger than the first number;
and randomly extracting a first number of suspected user characteristics from the characteristic set, and sequencing according to a second significance score value to obtain a plurality of second subsequences.
Optionally, the intercepting a second subsequence formed by the suspected user features with a first number of sequential orders with a larger second significance score from the second feature sequence includes:
intercepting a third number of suspected user features with larger second significance scores in the sequential order from the second feature sequence to obtain a feature set, wherein the third number is larger than the first number;
sequencing all suspected user features in the feature set according to the descending order of the second significance score values to obtain a third subsequence;
taking a sequence formed by suspected user features in a fourth number of sequential orders in the third subsequence as a fourth subsequence, wherein the fourth number is smaller than the first number;
randomly extracting a fifth number of suspected user features from other suspected user features in the third subsequence except the suspected user features in the fourth subsequence, wherein the fifth number is equal to the difference between the first number and the fourth number;
and arranging the fifth number of suspected user features extracted each time after the fourth subsequence according to the descending order of the second significance score values to obtain a plurality of second subsequences.
Optionally, before generating the first feature abstract, abstracting the features of the logged-in user by using a preset feature word stock to obtain an abstracted first subsequence, and processing the first subsequence by using a hash algorithm to obtain the first feature abstract;
before generating the second feature abstract, abstracting the suspected user features by using a preset feature word stock to obtain an abstracted second subsequence, and processing the second subsequence by using a Hash algorithm to obtain the second feature abstract.
Optionally, when the number of suspected users is two or more, the method further includes:
returning an instruction for generating a temporary login account to the client, wherein the client is used for generating the temporary login account according to the instruction for generating the temporary login account and uploading an original image corresponding to the first characteristic abstract to the server;
and receiving an original image returned by the client, comparing the original image with a standard authentication image one by one to obtain a corresponding login user, sending the login user authentication passing information to the client and allowing the client to log in.
The invention also provides a smart store identity authentication system based on SaaS, which comprises a user side and a server side, wherein the user side and the server side are communicated by using the Internet, and the server side is used for executing the method.
The invention has the advantages that:
by applying the embodiment of the invention, the login user characteristics are directly extracted from the original image, the login user characteristics are combined and then mapped by using a Hash algorithm, and the client sends the first characteristic abstract to the server; the server side carries out Hash algorithm mapping on suspected user features in the standard authentication image to obtain a second feature abstract, the client side only sends the mapped character strings when sending data, the mapped character strings are from features directly extracted from the original image, image compression is not needed, loss in the feature extraction process is reduced, and the situation that authentication errors or authentication cannot occur is not easy to occur; and the data quantity of the character strings sent at the same time is less relative to the characteristic, so that the transmission speed is improved.
Drawings
Fig. 1 is a schematic flowchart of an intelligent store identity authentication method based on SaaS according to an embodiment of the present invention;
fig. 2 is a schematic structural diagram of an identity authentication system in a SaaS-based system according to an embodiment of the present invention;
fig. 3 is a schematic flow chart illustrating a process of generating a first feature abstract in an SaaS-based smart store identity authentication method according to an embodiment of the present invention;
fig. 4 is a schematic flow chart illustrating a process of generating a second feature abstract in an SaaS-based smart store identity authentication method according to an embodiment of the present invention;
fig. 5 is a schematic flowchart illustrating a process of generating a second subsequence in a SaaS-based smart store identity authentication method according to an embodiment of the present invention;
fig. 6 is a schematic flowchart of another SaaS-based smart store identity authentication method according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the embodiments of the present invention, and it is obvious that the described embodiments are some embodiments of the present invention, but not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Example 1
It should be noted that embodiment 1 of the present invention is preferably applied to a server in an identity authentication system in a SaaS-based system, where a user side and the server communicate with each other through the internet.
Fig. 1 is a schematic flow diagram of an identity authentication method for a smart store based on SaaS according to an embodiment of the present invention, and fig. 2 is a schematic structural diagram of an identity authentication system in a SaaS based system according to an embodiment of the present invention, as shown in fig. 1 and fig. 2, the method includes:
s101: receiving a first feature abstract sent by a user side, wherein the first feature abstract is obtained by processing login user features in an original image of a login user by the user side through an irreversible abstract algorithm, and the original image comprises: one or a combination of a face image and a fingerprint image.
Fig. 3 is a schematic flow chart illustrating a process of generating a first feature abstract in an SaaS-based smart store identity authentication method according to an embodiment of the present invention, and as shown in fig. 3, in this step, a user side may have a camera for capturing a face image, an iris image, and the like of a login user, or may further have a fingerprint recognition device for obtaining a fingerprint image of the login user. The obtained face image, iris image and fingerprint image can be used as the original image of the login user. It is understood that the original image includes, but is not limited to, a face image, an iris image, and a fingerprint image.
After the user side collects the original image of the login user, the first characteristic abstract of the login user is extracted by the following method:
s201: the user side extracts the login user characteristics from the original image by using the existing characteristic extraction algorithms such as the convolution layer in the neural network: for example, the extracted login user characteristics include:
feature 1, feature 2, feature 3, feature 4, feature 5, feature 6. In practical applications, the logged user characteristic may be an eyebrow length, an eyebrow width, a nose bridge length, an eye axis angle, a bifurcation point in a fingerprint, an isolated point, a short stripe length, a direction, a short stripe position, and the like of the user.
S202: and then, carrying out significance evaluation on the login user characteristics in the original image by using a preset characteristic significance evaluation model to obtain a first significance score corresponding to each login user characteristic:
first significance score 1, first significance score 2, first significance score 3, first significance score 4, first significance score 5, first significance score 6. It can be understood that the feature significance evaluation model may be obtained by labeling, by a labeling person, according to the significance degree of each feature in the training image, then training the neural network model using the labeled training image as a training sample to obtain a trained model, and then evaluating each logged-in user feature using the trained neural network model to obtain a first significance score.
S203: the user side sorts the features of the login users according to the sequence of the first saliency scores from large to small to obtain a first feature sequence, for example, the obtained first feature sequence is as follows:
feature 1, feature 2, feature 3, feature 4, feature 5, feature 6.
S204: when the first number is 4, a first subsequence formed by the login user features with the first 4 sequential orders with larger significance scores is intercepted from the first feature sequence:
feature 1, feature 2, feature 3, feature 4.
S205: the first subsequence is processed using a hash algorithm to obtain a first feature digest hash 1.
The client sends the first feature digest hash1 to the server.
S102: determining a corresponding range of suspected users according to the first feature abstract, acquiring a standard authentication image of each suspected user, and processing the standard authentication image by using an interference algorithm to obtain a plurality of conversion images, wherein the interference algorithm comprises: a noise algorithm and a perturbation algorithm.
In the first implementation manner of this step, the nearest operator gateway address corresponding to the IP address may be obtained according to the IP address of the user side of the first feature abstract, for example, if the nearest operator gateway address corresponding to the IP address is a certain community internet gateway, all system users communicating through the community internet gateway are regarded as suspected users. In a chain industry, the same community user may have more than one storefront, so that a phenomenon of staff borrowing or a phenomenon of relative introduction work may exist between adjacent storefronts, and therefore, a staff of the store a may log in a system of the store B first, a shop clerk 1 may log in the system of the store a, a relative shop clerk 2 of the shop clerk 1 may log in the system of the store B, and in addition, staff borrowing between stores, so that all system users using the operator gateway address are taken as suspected users, and the probability of login failure can be avoided.
In the second embodiment of this step, a second number, for example, 2 registered user features may be extracted from the first feature series features 1, 2, 3, 4, 5, and 6 obtained in step S101, and the suspected users may be screened out based on these two registered user features. The suspected user matching is carried out by applying the characteristics with obvious significance, so that the reliability of the suspected user matching can be improved, the probability of mismatching is reduced, and the calculation amount is reduced.
For example, the suspected users matched in this step are:
suspected user 1, suspected user 2, suspected user 3, and suspected user 4.
For each suspected user, an optical noise algorithm is adopted to perform interference processing on the standard authentication image of the suspected user 1, and a noise algorithm can also be used to perform interference processing on the standard authentication image of the suspected user 1 so as to simulate the login environment of the login user in actual application and improve the matching accuracy. Furthermore, the standard authentication image is a three-dimensional vector image scanned by utilizing a holographic technology, when the standard authentication image is converted, the three-dimensional vector image can be firstly mapped into a three-dimensional space, a simulated light source is arranged at a preselected position in the three-dimensional space, so that converted images under the irradiation of light sources at different positions are obtained, the influence of the irradiation of the light sources on a login user is further improved, the illumination similarity between the converted images and an original image is improved, the login environment of the login user in actual application is simulated, and the matching accuracy is improved.
In practical application, the original image can be processed by using superposition of a plurality of interference algorithms to obtain a transformed image.
And analogizing in turn to obtain a plurality of transformed images of each suspected user.
S103: and aiming at each transformed image of each suspected user, extracting suspected user features from the transformed image, and processing the suspected user features by using an irreversible abstract algorithm to obtain a second feature abstract.
Fig. 4 is a schematic flow chart of a process of generating a second feature digest in an intelligent store identity authentication method based on SaaS according to an embodiment of the present invention, as shown in fig. 4, in a first implementation manner of this step, the following method may be used to extract the second feature digest:
s401: for each transformed image, firstly using the same feature extraction algorithm as that used in the process of extracting the features of the login user by the user side in the step S101 to extract the suspected user features from the transformed image, wherein the extracted suspected user features are as follows:
suspected user feature 1, suspected user feature 2, suspected user feature 3, suspected user feature 4, suspected user feature 5, suspected user feature 6, suspected user feature 7, and suspected user feature 8.
For example, if the first number of all the registered user features used in generating the first feature digest is 4, then the number of suspected user feature digests used in generating the second feature digest should also be 4, and the number of suspected user feature digests should also be all the second feature digests.
S402: using a feature significance evaluation model for acquiring the first significance score in the step S101 to evaluate the significance of the suspected user features in the transformed image to obtain a second significance score corresponding to each suspected user feature;
s403: and sequencing each suspected user characteristic according to the second significance score to obtain a second characteristic sequence:
suspected user feature 1, suspected user feature 2, suspected user feature 3, suspected user feature 4, suspected user feature 5, suspected user feature 6, suspected user feature 7, and suspected user feature 8.
S404: intercepting a second subsequence formed by suspected user features with larger second significance scores and a first number of sequential orders from the second feature sequence; when the first number has a value of 4, the second subsequence is: suspected user feature 1, suspected user feature 2, suspected user feature 3, suspected user feature 4,
S405: and processing the second subsequence by using a Hash algorithm to obtain a first characteristic abstract.
In practical application, the login user feature type and the feature quantity used in generating the first feature abstract are respectively consistent with the login user feature type and the feature quantity used in generating the second feature abstract.
In a second implementation of this step, the second feature digest may be extracted using the following method:
and extracting suspected user features from the converted image, wherein the extracted suspected user features are sorted according to the sequence of the second significance value from large to small to obtain a second feature sequence as follows:
suspected user feature 1, suspected user feature 2, suspected user feature 3, suspected user feature 4, suspected user feature 5, suspected user feature 6, suspected user feature 7, and suspected user feature 8.
When the third number is 6, the suspected user features in the 6 sequential orders before the second saliency score may be intercepted from the second feature sequence to obtain a feature set, as shown below:
suspected user feature 1, suspected user feature 2, suspected user feature 3, suspected user feature 4, suspected user feature 5, and suspected user feature 6.
Then, randomly extracting 4 suspected user features from the feature set, and sorting the features according to a second significance score value to obtain a plurality of second subsequences:
suspected user feature 1, suspected user feature 2, suspected user feature 3, and suspected user feature 4;
suspected user feature 1, suspected user feature 2, suspected user feature 3, and suspected user feature 5;
suspected user feature 1, suspected user feature 2, suspected user feature 3, and suspected user feature 6;
suspected user feature 1, suspected user feature 3, suspected user feature 5, and suspected user feature 6.
The 6 suspected user features in the feature set are freely combined, and 15 second subsequences can be obtained in total.
By applying the embodiment of the invention, the first number of suspected user features are screened out from the suspected user features and are freely combined, so that the most suspected user feature combinations can be obtained, and even if the feature extraction algorithm has slight difference of feature significance sorting between the server side and the user side, the feature sequence corresponding to the first feature abstract can be combined in the embodiment of the invention, so that the comparison accuracy is improved.
In a third embodiment of this step, the second feature digest may be extracted using the following method: fig. 5 is a flowchart illustrating a process of generating a second subsequence in a SaaS-based smart store identity authentication method according to an embodiment of the present invention, as shown in fig. 5,
s501: for example, if the first number of all the registered user features used in generating the first feature digest is 4, then the number of suspected user feature digests used in generating the second feature digest should also be 4.
And extracting suspected user features from the converted image, and sequencing the extracted suspected user features according to a second significance value from large to small to obtain a second feature sequence as follows:
suspected user feature 1, suspected user feature 2, suspected user feature 3, suspected user feature 4, suspected user feature 5, suspected user feature 6, suspected user feature 7, and suspected user feature 8.
Therefore, when the third number is 6, the suspected user features 6 in the sequential order before the second saliency score may be intercepted from the second feature sequence to obtain the feature set.
S502: the third subsequence obtained by sorting the first feature geometry from the second significance value to the smaller one is as follows:
suspected user feature 1, suspected user feature 2, suspected user feature 3, suspected user feature 4, suspected user feature 5, and suspected user feature 6.
S503: then, the fourth number is a value smaller than the first number, and may be, for example, 3; and sorting the first 3 suspected user features according to the extracted second significance value from the 3 suspected user features with the largest second significance value in the feature set, and obtaining a fourth subsequence after sorting according to the order.
Suspected user feature 1, suspected user feature 2, and suspected user feature 3.
S504: taking the other suspected user features in the third subsequence except the fourth subsequence as a residual set, and randomly selecting a fifth number of the suspected user features from the residual set, namely 4-3=1 suspected user features: suspected user feature 4.
S505: and combining and sequencing the selected 1 suspected user character and the fourth subsequence to obtain a plurality of second subsequences.
Suspected user feature 1, suspected user feature 2, suspected user feature 3, and suspected user feature 4.
By applying the embodiment of the invention, even if the operation results of the algorithm are slightly different in practical application, the feature extraction results with larger significance are relatively consistent, so that the suspected user features with larger second significance value are ensured to be unchanged, and then the user features with smaller second significance value are freely replaced, so that the number of the combined second subsequences can be reduced compared with the third embodiment, and the accuracy can also be ensured.
In a fourth embodiment of this step, the second feature digest may be extracted using the following method: in order to avoid the difference between the first characteristic abstract and the second characteristic abstract caused by the slight difference between the nose length used when the first characteristic abstract is generated and the nose length used when the second abstract is generated, the embodiment of the invention uses a preset characteristic word stock to abstract the characteristics of the login user before the first characteristic abstract is generated to obtain an abstracted first subsequence, and then uses a hash algorithm to process the first subsequence to obtain the first characteristic abstract; before the second feature abstract is generated, abstracting the suspected user features by using a preset feature word stock to obtain an abstracted second subsequence, and processing the second subsequence by using a Hash algorithm to obtain the second feature abstract.
For example, in the embodiment of the present invention, value division is performed according to the length of a nose, the nose is marked according to the length of the nose, a preset feature word library such as an ultra-short nose, a normal nose, a long nose, and an ultra-long nose is used for marking, then, features are described by using the preset feature word library respectively, that is, the corresponding preset feature word library is used for performing abstraction processing of logging user features, so as to obtain a first subsequence composed of fields in the feature word library. It should be noted that the above setting of the characteristic word library according to the length of the nose is only a simple example, and in practical applications, fields such as the width of the nose, the height of the nasal bridge, the number of scars on the nasal bridge, the color of scars on the nasal bridge, etc. may also be added to the characteristic word library to achieve relatively accurate description.
By applying the embodiment of the invention, the characteristic word stock is used for carrying out the standardized processing of the login user characteristic and the meaning user characteristic when the first characteristic abstract and the second characteristic abstract are generated, so that the error caused by an algorithm can be avoided, and the contrast precision is improved.
S104: and comparing each second characteristic abstract with the first characteristic abstract, taking a suspected user corresponding to the second characteristic abstract which is the same as the first characteristic abstract as a login user, and allowing the client to login.
This step is the same as the method of license login after passing authentication in the prior art, and the embodiment of the present invention is not described herein again.
Example 2
Fig. 6 is a schematic flow chart of another SaaS-based intelligent store identity authentication method according to an embodiment of the present invention, and as shown in fig. 6, when the number of suspected users is two or more, it indicates that the authentication at the server is unsuccessful, and in order to avoid repeated authentication of users, embodiment 2 of the present invention adds the following steps on the basis of embodiment 1:
s105: the server side returns an instruction for generating a temporary login account to the client side, the client side is used for generating the temporary login account according to the instruction for generating the temporary login account, when the customer has a settlement requirement, the client side carries out settlement on the customer in the temporary login account, an original image of the customer is used as identification information of the temporary login account, and the original image corresponding to the first feature abstract and information in the temporary login account are uploaded to the server side in the settlement process;
s106: after receiving an original image returned by a client, a server compares the original image with a standard authentication image one by using the existing image similarity algorithm or a character recognition algorithm to obtain corresponding login users, sends login user authentication passing information to the client and permits the client to log in; and simultaneously combining the information in the temporary login account with the account information corresponding to the customer.
By applying the embodiment of the invention, the secondary authentication is carried out in the client settlement process under the condition of not influencing the client settlement, and meanwhile, the non-sensitive authentication of the user is realized.
Example 3
Corresponding to embodiment 1 of the present invention, embodiment 3 of the present invention provides an identity authentication apparatus in a SaaS-based system, which is applied to a server in an authentication system, where the authentication system includes the server and a client, and the apparatus includes:
the system comprises a receiving module and a processing module, wherein the receiving module is used for receiving a first feature abstract sent by a user side, the first feature abstract is obtained by processing login user features in an original image of a login user by the user side through an irreversible abstract algorithm, and the original image comprises: one or a combination of a face image and a fingerprint image;
an obtaining module, configured to determine a corresponding suspected user range according to the first feature digest, obtain a standard authentication image of each suspected user, and process the standard authentication image by using an interference algorithm to obtain a plurality of transformed images, where the interference algorithm includes: one or a combination of a noise algorithm and a perturbation algorithm;
the extraction module is used for extracting suspected user features from the transformed images aiming at each transformed image of each suspected user, and processing the suspected user features by using an irreversible abstract algorithm to obtain a second feature abstract;
and the comparison module is used for comparing each second characteristic abstract with the first characteristic abstract, taking a suspected user corresponding to the second characteristic abstract which is the same as the first characteristic abstract as a login user, and allowing the client to login.
In a specific implementation manner of embodiment 3 of the present invention, the generating process of the first feature abstract includes:
extracting the characteristics of the login user from the original image by using a characteristic extraction algorithm;
performing significance evaluation on the login user characteristics in the original image according to a preset characteristic significance evaluation model to obtain a first significance score corresponding to each login user characteristic;
sequencing the characteristics of all login users according to the first significance score to obtain a first characteristic sequence;
intercepting a first subsequence formed by login user features with a first number of sequence orders with larger first significance scores from the first feature sequence;
and processing the first subsequence by utilizing a Hash algorithm to obtain a first characteristic abstract.
In a specific implementation manner of embodiment 3 of the present invention, the obtaining module is configured to:
and acquiring the nearest operator gateway address corresponding to the IP address according to the IP address of the user side of the first characteristic abstract, and taking all system users using the operator gateway address as suspected users.
In a specific implementation manner of embodiment 3 of the present invention, the obtaining module is configured to:
and acquiring partial characteristics of the login user characteristics, wherein the partial characteristics are the login user characteristics of a second number of sequence orders with larger first significance scores extracted from the first characteristic sequence by the user side, and the second number is smaller than the first number.
In a specific implementation manner of embodiment 3 of the present invention, the extraction module is configured to:
extracting suspected user features from the transformed image by using a feature extraction algorithm;
carrying out significance evaluation on suspected user features in the transformed image according to a preset feature significance evaluation model to obtain a second significance score corresponding to each suspected user feature;
sorting each suspected user characteristic according to the second significance score to obtain a second characteristic sequence;
intercepting a second subsequence formed by suspected user features with larger second significance scores and a first number of sequential orders from the second feature sequence;
and processing the second subsequence by using a Hash algorithm to obtain a second characteristic abstract.
In a specific implementation manner of embodiment 3 of the present invention, the extraction module is configured to:
intercepting a third number of suspected user features with larger second significance scores in the sequential order from the second feature sequence to obtain a feature set, wherein the third number is larger than the first number;
and randomly extracting a first number of suspected user characteristics from the characteristic set, and sequencing according to a second significance score value to obtain a plurality of second subsequences.
In a specific implementation manner of embodiment 3 of the present invention, the extraction module is configured to:
intercepting a third number of suspected user features with larger second significance scores in the sequential order from the second feature sequence to obtain a feature set, wherein the third number is larger than the first number;
sequencing all suspected user features in the feature set according to the descending order of the second significance score values to obtain a third subsequence;
taking a sequence formed by suspected user features in a fourth number of sequential orders in the third subsequence as a fourth subsequence, wherein the fourth number is smaller than the first number;
randomly extracting a fifth number of suspected user features from other suspected user features in the third subsequence except the suspected user features in the fourth subsequence, wherein the fifth number is equal to the difference between the first number and the fourth number;
and arranging the fifth number of suspected user features extracted each time after the fourth subsequence according to the descending order of the second significance score values to obtain a plurality of second subsequences.
In a specific implementation manner of embodiment 3 of the present invention, before generating the first feature digest, a preset feature word library is used to perform abstraction processing on features of a logged user to obtain an abstracted first subsequence, and then a hash algorithm is used to process the first subsequence to obtain the first feature digest;
before generating the second feature abstract, abstracting the suspected user features by using a preset feature word stock to obtain an abstracted second subsequence, and processing the second subsequence by using a Hash algorithm to obtain the second feature abstract.
In a specific implementation manner of embodiment 3 of the present invention, when the number of the suspected users is two or more, the method further includes:
returning an instruction for generating a temporary login account to the client, wherein the client is used for generating the temporary login account according to the instruction for generating the temporary login account and uploading an original image corresponding to the first characteristic abstract to the server;
and receiving an original image returned by the client, comparing the original image with a standard authentication image one by one to obtain a corresponding login user, sending the login user authentication passing information to the client and allowing the client to log in.
Example 4
Corresponding to embodiment 1 of the present invention, embodiment 4 of the present invention provides an identity authentication system in a SaaS-based system.
Fig. 2 is a schematic structural diagram of an identity authentication system in a SaaS-based system according to an embodiment of the present invention, and as shown in fig. 2, the system includes a user terminal 10 and a server terminal that communicate using the internet, where the server terminal 20 is configured to execute the method according to any one of embodiments 1 or 2.
The above examples are only intended to illustrate the technical solution of the present invention, but not to limit it; although the present invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; and such modifications or substitutions do not depart from the spirit and scope of the corresponding technical solutions of the embodiments of the present invention.

Claims (10)

1. An intelligent store identity authentication method based on SaaS is applied to a server side in an authentication system, wherein the authentication system comprises the server side and a user side, and the method comprises the following steps:
receiving a first feature abstract sent by a user side, wherein the first feature abstract is obtained by processing login user features in an original image of a login user by the user side through an irreversible abstract algorithm, and the original image comprises: one or a combination of a face image and a fingerprint image;
determining a corresponding range of suspected users according to the first feature abstract, acquiring a standard authentication image of each suspected user, and processing the standard authentication image by using an interference algorithm to obtain a plurality of conversion images, wherein the interference algorithm comprises: one or a combination of a noise algorithm and a perturbation algorithm;
aiming at each transformed image of each suspected user, extracting suspected user features from the transformed image, and processing the suspected user features by using an irreversible abstract algorithm to obtain a second feature abstract;
and comparing each second characteristic abstract with the first characteristic abstract, taking a suspected user corresponding to the second characteristic abstract which is the same as the first characteristic abstract as a login user, and allowing the client to login.
2. The SaaS-based smart store identity authentication method according to claim 1, wherein the generating process of the first feature digest comprises:
extracting the characteristics of the login user from the original image by using a characteristic extraction algorithm;
performing significance evaluation on the login user characteristics in the original image according to a preset characteristic significance evaluation model to obtain a first significance score corresponding to each login user characteristic;
sequencing the characteristics of all login users according to the first significance score to obtain a first characteristic sequence;
intercepting a first subsequence formed by login user features with a first number of sequence orders with larger first significance scores from the first feature sequence;
and processing the first subsequence by utilizing a Hash algorithm to obtain a first characteristic abstract.
3. The method as claimed in claim 2, wherein the step of determining the corresponding range of the suspected users according to the first feature digest comprises:
and acquiring the nearest operator gateway address corresponding to the IP address according to the IP address of the user side of the first characteristic abstract, and taking all system users using the operator gateway address as suspected users.
4. The method as claimed in claim 2, wherein the determining a corresponding suspected user range according to the first feature digest includes:
and acquiring partial characteristics of the login user characteristics, wherein the partial characteristics are the login user characteristics of a second number of sequence orders with larger first significance scores extracted from the first characteristic sequence by the user side, and the second number is smaller than the first number.
5. The method as claimed in claim 2, wherein the step of extracting the suspected user features from the transformed image and processing the suspected user features by using an irreversible digest algorithm to obtain a second feature digest includes:
extracting suspected user features from the transformed image by using a feature extraction algorithm;
carrying out significance evaluation on suspected user features in the transformed image according to a preset feature significance evaluation model to obtain a second significance score corresponding to each suspected user feature;
sorting each suspected user characteristic according to the second significance score to obtain a second characteristic sequence;
intercepting a second subsequence formed by suspected user features with larger second significance scores and a first number of sequential orders from the second feature sequence;
and processing the second subsequence by using a Hash algorithm to obtain a second characteristic abstract.
6. The method as claimed in claim 5, wherein the step of intercepting a second subsequence of suspected user features having a first number of sequential orders with a larger second significance score from the second sequence of features comprises:
intercepting a third number of suspected user features with larger second significance scores in the sequential order from the second feature sequence to obtain a feature set, wherein the third number is larger than the first number;
and randomly extracting a first number of suspected user characteristics from the characteristic set, and sequencing according to a second significance score value to obtain a plurality of second subsequences.
7. The method as claimed in claim 5, wherein the step of intercepting a second subsequence of suspected user features from the second sequence of features, the suspected user features having a second significance score that is greater than the first number of sequential orders, comprises:
intercepting a third number of suspected user features with larger second significance scores in the sequential order from the second feature sequence to obtain a feature set, wherein the third number is larger than the first number;
sequencing all suspected user features in the feature set according to the descending order of the second significance score values to obtain a third subsequence;
taking a sequence formed by suspected user features in a fourth number of sequential orders in the third subsequence as a fourth subsequence, wherein the fourth number is smaller than the first number;
randomly extracting a fifth number of suspected user features from other suspected user features in the third subsequence except the suspected user features in the fourth subsequence, wherein the fifth number is equal to the difference between the first number and the fourth number;
and arranging the fifth number of suspected user features extracted each time after the fourth subsequence according to the descending order of the second significance score values to obtain a plurality of second subsequences.
8. The intelligent store identity authentication method based on the SaaS according to any one of claims 3 to 7, characterized in that before the first feature digest is generated, a preset feature word stock is used for abstracting the features of the logged-in user to obtain an abstracted first subsequence, and then a hash algorithm is used for processing the first subsequence to obtain the first feature digest;
before the second feature abstract is generated, abstracting the suspected user features by using a preset feature word stock to obtain an abstracted second subsequence, and processing the second subsequence by using a Hash algorithm to obtain the second feature abstract.
9. The SaaS-based smart store identity authentication method according to any one of claims 1-7, wherein when the number of suspected users is two or more, the method further comprises:
returning an instruction for generating a temporary login account to the client, wherein the client is used for generating the temporary login account according to the instruction for generating the temporary login account and uploading an original image corresponding to the first characteristic abstract to the server;
and receiving an original image returned by the client, comparing the original image with a standard authentication image one by one to obtain a corresponding login user, sending the login user authentication passing information to the client and allowing the client to log in.
10. A SaaS-based smart store identity authentication system, comprising a client and a server communicating using the internet, wherein the server is configured to perform the method according to any one of claims 1 to 9.
CN202210552218.2A 2022-05-21 2022-05-21 Smart store identity authentication method and system based on SaaS Pending CN114707133A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210552218.2A CN114707133A (en) 2022-05-21 2022-05-21 Smart store identity authentication method and system based on SaaS

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210552218.2A CN114707133A (en) 2022-05-21 2022-05-21 Smart store identity authentication method and system based on SaaS

Publications (1)

Publication Number Publication Date
CN114707133A true CN114707133A (en) 2022-07-05

Family

ID=82175812

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210552218.2A Pending CN114707133A (en) 2022-05-21 2022-05-21 Smart store identity authentication method and system based on SaaS

Country Status (1)

Country Link
CN (1) CN114707133A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115050084A (en) * 2022-08-15 2022-09-13 珠海翔翼航空技术有限公司 Airport rapid identity retrieval method and system based on face feature abstract

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115050084A (en) * 2022-08-15 2022-09-13 珠海翔翼航空技术有限公司 Airport rapid identity retrieval method and system based on face feature abstract

Similar Documents

Publication Publication Date Title
CN110147726B (en) Service quality inspection method and device, storage medium and electronic device
CN109766872B (en) Image recognition method and device
CN112837069B (en) Block chain and big data based secure payment method and cloud platform system
CN111782550B (en) Method and device for training index prediction model based on user privacy protection
CN105989268A (en) Safety access method and system for human-computer identification
CN110503099B (en) Information identification method based on deep learning and related equipment
CN110414376B (en) Method for updating face recognition model, face recognition camera and server
CN113449725B (en) Object classification method, device, equipment and storage medium
CN115174231B (en) Network fraud analysis method and server based on AI Knowledge Base
CN111861240A (en) Suspicious user identification method, device, equipment and readable storage medium
CN110245573A (en) A kind of register method, apparatus and terminal device based on recognition of face
CN114419363A (en) Target classification model training method and device based on label-free sample data
CN114707133A (en) Smart store identity authentication method and system based on SaaS
US7085403B2 (en) Automatic fingerprint identification method
US20210081692A1 (en) System for characterizing biometric station metrics with genericized biometric information
CN112532645A (en) Internet of things equipment operation data monitoring method and system and electronic equipment
CN110874602A (en) Image identification method and device
CN115801309A (en) Big data-based computer terminal access security verification method and system
CN113269179B (en) Data processing method, device, equipment and storage medium
CN114266643A (en) Enterprise mining method, device, equipment and storage medium based on fusion algorithm
Garris et al. NIST fingerprint evaluations and developments
CN115906028A (en) User identity verification method and device and self-service terminal
CN111091354A (en) Real estate information processing system based on big data
de Jongh et al. Performance evaluation of automated fingerprint identification systems for specific conditions observed in casework using simulated fingermarks
CN111368866A (en) Picture classification method, device and system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination