CN201048392Y - Multi-biological characteristic based remote network identification authentication system - Google Patents
Multi-biological characteristic based remote network identification authentication system Download PDFInfo
- Publication number
- CN201048392Y CN201048392Y CNU2007201032630U CN200720103263U CN201048392Y CN 201048392 Y CN201048392 Y CN 201048392Y CN U2007201032630 U CNU2007201032630 U CN U2007201032630U CN 200720103263 U CN200720103263 U CN 200720103263U CN 201048392 Y CN201048392 Y CN 201048392Y
- Authority
- CN
- China
- Prior art keywords
- network
- biological characteristic
- biological
- certificate server
- attribute data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Lifetime
Links
- 238000004891 communication Methods 0.000 claims abstract description 64
- 210000001525 retina Anatomy 0.000 claims abstract description 7
- 230000005540 biological transmission Effects 0.000 claims description 17
- 241001269238 Data Species 0.000 claims description 10
- 230000003287 optical effect Effects 0.000 claims description 8
- 230000004256 retinal image Effects 0.000 claims description 7
- 230000001815 facial effect Effects 0.000 claims description 6
- 230000003068 static effect Effects 0.000 claims description 6
- 238000012795 verification Methods 0.000 claims description 5
- 230000004927 fusion Effects 0.000 claims description 3
- 238000000034 method Methods 0.000 abstract 1
- 238000005457 optimization Methods 0.000 description 9
- 230000006870 function Effects 0.000 description 7
- 238000010586 diagram Methods 0.000 description 5
- 238000005516 engineering process Methods 0.000 description 5
- 230000007246 mechanism Effects 0.000 description 5
- 238000012544 monitoring process Methods 0.000 description 4
- 230000008859 change Effects 0.000 description 3
- 238000004458 analytical method Methods 0.000 description 2
- 230000008878 coupling Effects 0.000 description 2
- 238000010168 coupling process Methods 0.000 description 2
- 238000005859 coupling reaction Methods 0.000 description 2
- 238000007405 data analysis Methods 0.000 description 2
- 238000005538 encapsulation Methods 0.000 description 2
- 238000006243 chemical reaction Methods 0.000 description 1
- 230000006855 networking Effects 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
- 230000009897 systematic effect Effects 0.000 description 1
Images
Landscapes
- Small-Scale Networks (AREA)
- Measurement Of The Respiration, Hearing Ability, Form, And Blood Characteristics Of Living Organisms (AREA)
Abstract
The utility model discloses a telenet identity authenticating system which is based on the multi-biometric character. The system includes a multi-biometric character network collecting and controlling terminal, a telenet, and a central authenticating server. The multi-biometric character network collecting and controlling terminal establishes a communication connection with the central authenticating server, acquires the biometric character data by a biometric character collecting module, and transfers the biometric character data to the central authenticating server through the communication module in the TCP/IP protocol. The central authenticating server matches the biometric character data with the biometric character data which is stored in the server in order to authenticate the identity of the biometric character holder, and sends control instruction to the multi-biometric character network collecting and controlling terminal according to the authenticated result. The utility model enables a computer to be connected to a fingerprint, face, iris, and retina multi-biometric character collecting device through the telenet in the method of the central authenticating server.
Description
Technical field
The utility model belongs to multi-biological characteristic recognition technology and networking technology area, relates to a more biological characteristic authentication system of biological characteristic network collection and a control terminal and a central server.
Background technology
In traditional biological feature Verification System, a biometric data acquisition terminal need connect together with the Verification System on a computer or the processor.Generally speaking, the biological characteristic authentication system is based on PC, and data acquisition equipment is based on USB, so that be directly connected on the personal computer.These mainly mate the biological attribute data that collects with personal computer and biological characteristic masterplate on the memory device that has been stored in personal computer based on the biological characteristic authentication product of personal computer.
And the biological characteristic network authentication system can be realized functions such as central authorities' control physical characteristics collecting, optimization, analysis, authentication and checking, monitoring, cross reference, database storage, and saves cost.But owing to need many computers and other network hardwares, the biological characteristic authentication systematic cost of setting up on the Wide Area Network is higher relatively.Physical characteristics collecting system in the biological characteristic network authentication system that for example, generally can buy all comprises following hardware usually:
A, be connected to the physical characteristics collecting module on the personal computer, thereby can compare, fingerprint is authenticated with the biological characteristic masterplate that is stored in the computer.If coupling is correct, this computer will agree that this people enters network system.
B, physical characteristics collecting equipment are to be connected to personal computer, and this personal computer receives the fingerprint masterplate of having stored by network.Afterwards, personal computer compares biological attribute data and the biological characteristic masterplate that is stored in the internal memory, thereby finishes biological characteristic authentication.
C, physical characteristics collecting equipment are to be connected to personal computer, and biological attribute data is controlled, optimizes, obtained to this personal computer there from physical characteristics collecting equipment, then these data are sent to server and obtain authentication result.
Similarly, as gate control system etc. independently the physical characteristics collecting device interior semiconductor chip is arranged, have the disposal ability of similar computer.These chips are typical microprocessor or digital signal processor, and they require extra storage chip to store biological attribute data to be certified and coupling usually.In addition, these independently product come the biological characteristic masterplate of memory limited with extra storage card or storage chip so that authentication and checking.In these cases, biological characteristic authentication is finished in this locality by physical characteristics collecting product independently.
More typical situation is, if independently the physical characteristics collecting product is described network throughput arranged, and its ability also only is confined to configuration and remote monitoring.Real biological characteristic control, optimization, analysis, authentication and checking are all carried out in this locality, just finish in this physical characteristics collecting product location.The way that such product uses local to authenticate at acquisition terminal needs to use the extra storage card or the network hardware.And, other are described have network capabilities, independently the biological characteristic product just possesses the sequence ability to communicate, as RS232 or RS485, and lacks whole wavelength that real network communication can provide.
Ideal state is to need a real biological characteristic network collection and a Verification System, not needing to adopt Acquisition Instrument and computer is pattern one to one, and server just can control, optimize, analyze, gather a plurality of biological attribute datas, simultaneously biological characteristic or other authenticated and verifies from the data that a plurality of biological characteristic terminals receive.
Summary of the invention
The disadvantage that need be connected with a computer for a physical characteristics collecting and control terminal in the prior art is with not enough, and the utility model has designed a kind of telecommunication network Verification System of multi-biological characteristic acquisition terminal.
In order to realize described purpose, the utility model provides a kind of remote network identification authenticating system based on multi-biological characteristic, comprise following some:
Multi-biological characteristic network collection and control terminal, be used to gather the biological attribute data that gets access to, and send to central certificate server, and commands for controlling multi-biological characteristic network collection that returns according to central certificate server and the door lock circuit on the control terminal by telecommunication network;
Telecommunication network, be used for transport communication data between central certificate server and a plurality of multi-biological characteristic network collection and the control terminal, these communication datas comprise the biological attribute data that multi-biological characteristic network collection and control terminal collect, and the order parameter of central certificate server transmission;
Central authorities' certificate server is used for the biological attribute data that will receive and compares with the biological attribute data that has been stored on the central certificate server, is used for to multi-biological characteristic network collection and control terminal sending controling instruction.
Preferably, described multi-biological characteristic network collection and control terminal comprise: physical characteristics collecting module and communication module,
The physical characteristics collecting module is used to receive the control command that communication module transmits, according to control command collection of biological characteristic, and with these biological attribute datas according to the form of series data stream to the communication module transmission;
Communication module, be used to receive the encryption control command that central certificate server transmits, the deciphering control command, instruct to physical characteristics collecting module transmitting control, from the physical characteristics collecting module, extract series data stream, generate and encrypt biological attribute data, send to central certificate server and encrypt biological attribute data.
Preferably, described telecommunication network adopts the tcp/ip communication agreement, the cable network that the connected mode of multi-biological characteristic network collection and control terminal and telecommunication network is made up of Ethernet, or the wireless network of forming by wireless receiver and 802.x or blue teeth wireless card.
Preferably, described central certificate server, be used for a plurality of multi-biological characteristic network collections and control terminal Synchronization Control, optimize, obtain, analyze, authenticate and verify biological attribute data, and to multi-biological characteristic network collection and control terminal sending controling instruction.
Preferably, described biological characteristic is fingerprint, people's face, iris, retina biological characteristic, or the fusion of fingerprint, people's face, iris, several biological characteristic mode of retina.
Preferably, described biological attribute data is the biological characteristic primary signal, or biometric templates.
Preferably, described physical characteristics collecting module comprises a physical characteristics collecting IC chip and a physical characteristics collecting transducer; Physical characteristics collecting IC chip is used to receive the control command that communication module transmits, according to the biological attribute data on the control command collection of biological collection apparatus transducer, and with these data according to the form of series data stream to the communication module transmission; The physical characteristics collecting transducer is used to gather biological attribute data.
Preferably, described physical characteristics collecting transducer comprises one or several in fingerprint image sensor, facial image transducer, iris image transducer and the retinal images transducer; The kind of physical characteristics collecting transducer is determined according to the demand of practical application.
Preferably, described communication module also comprises:
A communication IC chip, be used to set up with telecommunication network between be connected, receive the encryption control command that central certificate server transmits, decipher this control command, to physical characteristics collecting module sending controling instruction, gather biological attribute data, and pass to central certificate server after will storing the biological attribute data encryption; Also be used for transmitting biological attribute data and control command, instruct to the door lock circuit transmitting control to static memory;
A static memory is used for receiving and transmission biological attribute data and control command to communication IC chip, also is used for the control signal of receiving gate lock circuit;
A control circuit is used to receive the control command of communication IC chip, is " authentication by " or " authentification failure " state according to the control command control circuit;
A universal asynchronous receiver is used for the transfer of data between communication IC chip and the physical characteristics collecting IC chip.
A network access device is used to set up communicating to connect between communication IC chip and the central certificate server.Network access device is that ply-yarn drill is arranged, and is used for connecting central certificate server by Ethernet, and it is the 10M/100M Ethernet card that ply-yarn drill is arranged; Network access device or unruled card are used for connecting central certificate server by wireless network, and unruled card is 802.x or bluetooth.When network access device is unruled card, claim that multi-biological characteristic network collection and control terminal are collection of multi-biological characteristic wireless network and control terminal.
The utility model makes a computer be connected to a plurality of physical characteristics collecting equipment in the mode of central certificate server by telecommunication network, and carries out the biometric identity authentication of one-to-many.Central authorities' certificate server controls one or more multi-biological characteristic network collections and control terminal is gathered biological attribute data, and multi-biological characteristic network collection and control terminal will collect biological attribute data with TCP/IP or other procotols and be transferred to central certificate server.Central authorities' certificate server with these biological attribute datas be stored in biological attribute data on the server and compare and come holder to carry out authentication these biological attribute datas.
For fear of single biometrics identification technology reliability and the lower shortcoming of fail safe, the utility model has also designed the network collection and the control terminal of multi-biological characteristics such as comprising fingerprint, people's face, iris, retina, make various different types of biological characteristics in the utility model according to identical form collection and transmission.
The utility model guarantees that also central certificate server can dispose, optimizes, control a plurality of multi-biological characteristic network collections and the control terminal that connect by telecommunication network synchronously, and analyzes and authenticate the biological attribute data that each terminal is gathered.This multi-biological characteristic network collection and control terminal do not need physically to be connected on a calculator or the server, do not need the local internal memory to store biological attribute data simultaneously yet and are used for comparison and proportioning.Identification important documents such as the data analysis of biological attribute data, storage, template stores, authentication and checking all focus on one long-range, independently, be connected on the central certificate server on the network, the disadvantage of avoiding need being connected with a computer for a physical characteristics collecting and control terminal in the prior art is with not enough.
Description of drawings
Fig. 1 is the general structure that the utility model is described the biological characteristic network authentication system.
Fig. 2 is the general structure that the utility model is described the biological characteristic wireless network authentication system.
Fig. 3 is the structured flowchart that the utility model is described multi-biological characteristic network collection and control terminal.
Fig. 4 is the specific embodiment that the utility model is described a multi-biological characteristic network collection and control terminal.
Fig. 5 is that the utility model is described a multi-biological characteristic network collection and control terminal workflow diagram.
Fig. 6 is the workflow diagram that the utility model is described a central certificate server.
Fig. 7 is that the utility model is described the communication exchange flow chart between a plurality of multi-biological characteristic network collections and control terminal and the central certificate server.
Embodiment
By to above the description of the drawings, come the concrete enforcement of the system introduced in more detailed description the utility model.
Fig. 1 has described network topology structure of the present utility model, wherein:
The 11st, central certificate server, the 12nd, the TCP/IP network, the 13rd, Ethernet, 14-1,14-2 to 14-N are a plurality of multi-biological characteristic network collections and control terminal.
To emphasize following three chief components especially: in this system, multi-biological characteristic network collection and control terminal collection and obtain biological attribute data; With telecommunication network the biological attribute data that collects is transferred to a central certificate server; Central authorities' certificate server mates to come the holder to these biological attribute datas to authenticate these biological attribute datas and the biological attribute data that has been stored on the server.
1, central certificate server 11: can dispose, optimize, control a plurality of multi-biological characteristic network collections and the control terminal that connect by telecommunication network synchronously, and analyze and authenticate the biological attribute data that each terminal is gathered.Central authorities' certificate server 11 is made up of a PC computer or PC server and systems soft ware.PC computer or PC server are as commercial desktop computer of the B4200 of Kaitian that is provided by Legend Company and the perfectly sound 4200PC server that can buy on the market.Operation Windows XP Server operating system or (SuSE) Linux OS on central authorities' certificate server.Central authorities' certificate server 11 is connected with Ethernet by the Ethernet card that carries.
2, the network collection of multi-biological characteristic and control terminal 14-1 to 14-N: can gather and transmit multiple biological characteristic, and communicate to connect by telecommunication network and central certificate server.Biological characteristic can be biological characteristics such as fingerprint, people's face, iris, retina, also the fusion of above several biological characteristic mode.As shown in Figure 1, multi-biological characteristic network collection and control terminal comprise: multi-biological characteristic network collection and control terminal 14-1 to 14-N, wherein N be one greater than 1 positive integer, the root of number of N factually the application scenario, border needs and determine N=5 when five multi-biological characteristic network collections of needs and control terminal for example.
3, based on the telecommunication network 12 of ICP/IP protocol, the cable network that the connected mode of network is made up of Ethernet 13.
At first, after central authorities' certificate server receives connection request from a plurality of multi-biological characteristic network collections and control terminal, setting up corresponding TCP connects concurrent delivery and puts parameter, receive the TCP/IP packet from multi-biological characteristic network collection and control terminal, the order that sends optimization, control variables and obtain data from multi-biological characteristic network collection and control terminal; Then from the TCP/IP packet, separate the biological attribute data and the deciphering of encrypting, obtain original biological attribute data and analyze.
Then, central certificate server compares the biological attribute data of storing in the biological attribute data of receiving biological attribute data inner with it storehouse and authenticate, and obtains authentication result.Central authorities' certificate server is packaged into authentication result the form of TCP/IP packet again, by telecommunication network packet is returned to each multi-biological characteristic network collection and control terminal.
At last, multi-biological characteristic network collection and control terminal receive the TCP/IP packet from central certificate server, during from then on packet divides with authentication result from coming out.Multi-biological characteristic network collection and control terminal are carried out back function corresponding operation based on the authentication result that receives.
In system configuration of the present utility model, a plurality of multi-biological characteristic network collections and control terminal are connected in the network based on ICP/IP protocol, and are connected with a central certificate server by this network.Because the configuration of a plurality of biological characteristic terminals, optimization and control all are to carry out on a long-range central certificate server, so, this multi-biological characteristic network collection and control terminal do not need physically to be connected on a calculator or the server, do not need the local internal memory to store biological attribute data simultaneously yet and are used for comparison and proportioning.Identification important documents such as the data analysis of biological attribute data, storage, template stores, authentication and checking all focus on one long-range, independently, be connected on the central certificate server on the network.
The precondition of Fig. 1 is: select to have suitable network hardware provide a safety, reliably, the environment of high speed communication, these network hardwares may need to comprise at least: router, switch, hub, fire compartment wall etc.
In Fig. 1, Fig. 6 and Fig. 7, when startup and Reset Status, central certificate server employing is adopted multipoint transmission mode or is directly broadcasted with the UDP mode at broadcast mode on the UDP or on UDP.Central authorities' certificate server is by monitoring UDP and search for multi-biological characteristic network collection and control terminal and wait for the connection request of a plurality of biological characteristic network collection terminals by the TCP transmission.In case the TCP connection request is received, central certificate server has just been set up unique TCP for each multi-biological characteristic network collection with control terminal and has been connected.The central certificate server in back that connects exchanges unique key with each multi-biological characteristic network collection and control terminal again.
Central authorities' certificate server sends configuration parameter to multi-biological characteristic network collection and control terminal, and to differentiate the type of biological characteristic IC chip, this chip type depends on the collection IC chip type of various biological characteristics.In case the IC chip type of multi-biological characteristic network collection and control terminal is differentiated, certificate server will send optimization, control variables to multi-biological characteristic network collection and control terminal, collects any obtainable biological attribute data.
Biological attribute data in the middle of central certificate server receives the biological attribute data of encryption, and extract the deciphering back is also judged the quality of biological attribute data.Central authorities' certificate server will constantly send optimization, control variables to multi-biological characteristic network collection and control terminal, till its quality to biological attribute data is satisfied.
Fig. 2 has described according to the utility model and the wireless connections mode of attainable multi-biological characteristic network collection and control terminal and telecommunication network, wherein:
The 11st, central certificate server, the 12nd, the TCP/IP network, the 23rd, wireless receiver, the 24th, wireless network, 25-1,25-2 to 25-N are collection of a plurality of multi-biological characteristic wireless network and control terminal.Need to prove that Fig. 2 is identical with central certificate server 11 and TCP/IP network 12 among Fig. 1.
Need following three chief components of lay special stress on:
1, central certificate server 11: can dispose, optimize, control the collection of a plurality of multi-biological characteristic wireless network and the control terminal that connect by telecommunication network synchronously, and analyze and authenticate the biological attribute data that each terminal is gathered.
2, a plurality of multi-biological characteristic wireless networks are gathered and control terminal 25-1 to 25-N.As shown in Figure 3, multi-biological characteristic network collection and control terminal comprise: multi-biological characteristic network collection and control terminal 25-1 to 25-N, wherein N be one greater than 1 positive integer, the root of number of N factually the application scenario, border needs and determine N=5 when gathering with control terminal at five multi-biological characteristic wireless networks of needs.
3, based on the telecommunication network 12 of ICP/IP protocol, internetwork connection mode by wireless receiver 23 and multi-biological characteristic wireless network gather with control terminal in the wireless network 24 formed of unruled card.
According to Fig. 3 with Fig. 4 illustrates the structure chart of multi-biological characteristic network collection and control terminal and a specific embodiment of multi-biological characteristic network collection and control terminal under cable network environment.
A key property of multi-biological characteristic network collection and control terminal is that it does not need physically to be directly connected to a computer, and does not need to comprise microprocessor or digital signal processor.As shown in Figure 3, multi-biological characteristic network collection and control terminal comprise: physical characteristics collecting module 31 and communication module 32.
Physical characteristics collecting module 31 is used physical characteristics collecting IC chip, be used to receive the control command that communication module transmits, collect the primitive organism characteristic according to control command by biometric sensor, and with these data according to the form of series data stream to the communication module transmission.
The major function of physical characteristics collecting module 31 is to collect the primitive organism characteristic, as files such as image, videos, and these data is passed to communication module 32 according to the form of series data stream.Physical characteristics collecting module 31 comprises:
A physical characteristics collecting IC chip is 80219 general processor as the model that is provided by Intel Company that can buy on the market;
A physical characteristics collecting transducer, biometric sensor comprise one or several in fingerprint image sensor, facial image transducer, iris image transducer and the retinal images transducer.The kind of transducer is determined according to the demand of practical application.
The major function of communication module 32 is to connect central certificate server by the TCP/IP network.In this characteristic, communication module 32 comprises:
A communication IC chip is the risc processor of IP2022 as the model that is provided by UIMVC company that can buy on the market;
A static memory is the 1024K SRAM static memory of K4S641633H-N as the model that is provided by SAMSUNG company that can buy on the market;
A universal asynchronous receiver is used for the transfer of data between communication IC chip and the physical characteristics collecting IC chip, the 16C UART that provides as Philips company.
A control circuit is used to receive the control command of communication IC chip, is " authentication by " or " authentification failure " state according to the control command control circuit, and control circuit is according to different applied environments and difference;
A network access device is used to set up communicating to connect between communication IC chip and the central certificate server.Network access device is that ply-yarn drill is arranged, and is used for connecting central certificate server by Ethernet, and it is the 10M/100M Ethernet card that ply-yarn drill is arranged; Network access device or unruled card are used for connecting central certificate server by wireless network, and unruled card is 802.x or bluetooth.When network access device is unruled card, claim that multi-biological characteristic network collection and control terminal are collection of multi-biological characteristic wireless network and control terminal.
Communication IC chip in communication module 32 has following function:
A, 10M bit (IEEE802.3) Ethernet are to the bridge communication port string (UART) that transmits with the speed of per second 921.6K bit;
The Request for Comment of b, 100% compatible tcpip stack;
C, automatic distributing IP: under startup or Reset Status, communication module 32 will be searched for LAN server DHCP automatically and come IP address of requirement.If do not find server DHCP, communication module 32 is given Network Environment automatically and oneself is distributed an IP address;
D, automatic substitute I P: normally in service, communication module 32 provides a kind of mechanism especially, and under this mechanism, central certificate server or the people of secure network access entitlements is arranged can change the IP address and set special names for communication module 32.
E, monitor central certificate server automatically: start or Reset Status under, communication module 32 will use the IP address of finding central certificate server based on the broadcasting of UDP or multicast or other appropriate protocol.
F, AES encrypt: encrypt biological attribute data or masterplate in transmission course;
G, reciprocity cipher key change;
H, self-destruction mechanism: in order to guarantee its physical security, when multi-biological characteristic network collection and control terminal N-BU or the collection of multi-biological characteristic wireless network and control terminal W-FBU were in the unknown network environment, communication module 32 can detect.
1, in case detect unknown network environment, communication module 32 will to central certificate server and other in communication module 32 registered multi-biological characteristic network collection and control terminal N-BU or multi-biological characteristic wireless network gather with control terminal W-FBU request and " help to advise ".
If 2 communication modules 32 can not verify self terminal N-BU or W-FBU's " help suggestion ", it will start self-destruction mechanism.
In case 3 self-destructions mechanism starts, communication module 32 will destroy the software code of its inside automatically, thereby destroy himself.Communication module 32 is " death " therefore, and is non-renewable.
Fig. 4 has described a specific embodiment of multi-biological characteristic network collection and control terminal, and wherein the network access device in the communication module 32 is the 10/100M Ethernet card, and the biometric sensor in the physical characteristics collecting module 31 comprises:
A capacitance sensor is used for gathering fingerprint image, as the AFS2 capacitance sensor that is provided by Authentec company that can buy on the market
A CMOS optical pickocff is used for gathering facial image, the MT9V111D00STC CMOS optical pickocff that provides as the Micron company that can buy on the market.
A CCD optical pickocff is used for gathering iris and retinal images, the D3571D CCD optical pickocff that provides as the NEC Corporation that can buy on the market.
Of particular note, biometric sensor comprises one or several in fingerprint image sensor, facial image transducer, iris image transducer and the retinal images transducer.The kind of transducer is determined according to the demand of practical application.Physical characteristics collecting IC chip has connected a capacitance sensor, a CMOS optical pickocff and a CCD optical pickocff as described in Figure 4, is used for gathering fingerprint, people's face, iris and retinal images respectively.
As Fig. 5 and shown in Figure 7, Fig. 5 describes a multi-biological characteristic network collection and control terminal workflow diagram, Fig. 7 describes the communication exchange flow chart between a plurality of multi-biological characteristic network collections and control terminal and the central certificate server, need to prove at this, the multi-biological characteristic wireless network gather with the workflow diagram of control terminal also as shown in Figure 5, and the communication exchange flow chart between the central certificate server is also as shown in Figure 7.The step that Fig. 5 describes is as follows:
S51: central certificate server is under startup or Reset Status;
S52: multi-biological characteristic network collection and control terminal start the function of automatic distributing IP, automatic IP address allocation, if do not find Dynamic Host Configuration Protocol server, multi-biological characteristic network collection and control terminal will be given based on the network environment at its place and oneself distribute an IP address;
S53: multi-biological characteristic network collection and control terminal are restarted automatic radius server device function, to obtain the IP address of central certificate server;
S54: multi-biological characteristic network collection and control terminal send one to central certificate server and set up the request that TCP communicates to connect;
S55: with central certificate server interchange key and enter the configuration parameter state that receives;
S56: receive the configuration parameter that central certificate server sends, the special parameter of the biological characteristic IC chip that multi-biological characteristic network collection and control terminal are built-in with it writes configuration parameter and transmits back central certificate server;
S57: when in the biological characteristic IC chip biological attribute data being arranged, multi-biological characteristic network collection and control terminal enter the transmission data mode, carry out S58; When not having biological attribute data in the biological characteristic IC chip, return S56;
S58: encrypt biological attribute data with AES;
S59: the biological attribute data after will encrypting is packaged into the TCP/IP packet, waits for the parameters optimization that central certificate server sends;
S510: receive the parameters optimization of central certificate server transmission and send the TCP/IP packet, wait for receiving the Control Parameter that central certificate server sends to central certificate server;
S511: if receive the Control Parameter that central certificate server sends, then carry out S512,, then continue to carry out S510 if do not receive the Control Parameter that central certificate server sends;
S512: wait for and receive the result that central certificate server need to judge whether additional biological attribute data, carry out S56 as if "Yes"; If "No" is then carried out S513;
S513: wait for and receive the authentication result of central certificate server,, then carry out S514,, then carry out S513 if do not receive the control command of central certificate server if receive the authentication result of central certificate server;
S514: multi-biological characteristic network collection and control terminal change the state of control circuit and carry out subsequent treatment according to the authentication result that receives, and after this carry out S56.
As shown in Figure 6, describe the workflow diagram of a central certificate server, its service steps is as follows:
S61: central certificate server is under start or Reset Status;
S62: central certificate server is declared automatically, and employing is adopted multipoint transmission mode or directly broadcasted with the UDP mode at broadcast mode on the UDP or on UDP;
S63: search for and detect multi-biological characteristic network collection and control terminal automatically;
S64: the connection request of monitoring multi-biological characteristic network collection and control terminal;
S65: judge whether to exist legal connection request, then exist and carry out S66, then do not carry out S64 if do not exist;
S66: set up that TCP connects and with multi-biological characteristic network collection and control terminal switched communication key;
S67: send configuration parameter to multi-biological characteristic network collection and control terminal, to differentiate the type of physical characteristics collecting IC chip, this chip type depends on different types of data acquisition network terminal;
S68:, obtain the type of physical characteristics collecting IC chip according to the configuration parameter that multi-biological characteristic network collection and control terminal return;
S69: send parameters optimization to multi-biological characteristic network collection and control terminal, wait for receiving biological characteristic TCP/IP packet;
S610: detect whether receive biological characteristic TCP/IP packet,, then carry out S69 if not if then carry out S611;
S611: decipher biological attribute data with aes algorithm;
S612: whether acquisition quality and the validity of judging the biological attribute data after deciphering meet the demands, and then carry out S613 if satisfy, otherwise carry out S69;
S613: send the final biological attribute data of Control Parameter acquisition to multi-biological characteristic network collection and control terminal;
S614: the biological attribute data after will deciphering is compared with the biological attribute data that is stored on the server, and obtains authentication result;
S615: with the authentication result after the form encapsulation encryption of TCP/IP packet;
S616: send the TCP/IP packet by telecommunication network to multi-biological characteristic network collection and control terminal, continue to carry out S64 real-time listening multi-biological characteristic network collection and control terminal.
The above; it only is the embodiment in the utility model; but protection range of the present utility model is not limited thereto; anyly be familiar with the people of this technology in the disclosed technical scope of the utility model; can understand conversion or the replacement expected; all should be encompassed in of the present utility model comprising within the scope, therefore, protection range of the present utility model should be as the criterion with the protection range of claims.
Claims (9)
1. a multi-biological characteristic telecommunication network Verification System is characterized in that comprising,
Multi-biological characteristic network collection and control terminal, be used to gather the biological attribute data that gets access to, and send to central certificate server, and commands for controlling multi-biological characteristic network collection that returns according to central certificate server and the door lock circuit on the control terminal by telecommunication network;
Telecommunication network, be used for transport communication data between central certificate server and a plurality of multi-biological characteristic network collection and the control terminal, these communication datas comprise the biological attribute data that multi-biological characteristic network collection and control terminal collect, and the order parameter of central certificate server transmission;
Central authorities' certificate server is used for the biological attribute data that will receive and compares with the biological attribute data that has been stored on the central certificate server, is used for to multi-biological characteristic network collection and control terminal sending controling instruction.
2. network authentication system according to claim 1 is characterized in that, described multi-biological characteristic network collection and control terminal comprise: physical characteristics collecting module and communication module,
The physical characteristics collecting module is used to receive the control command that communication module transmits, according to control command collection of biological characteristic, and with these biological attribute datas according to the form of series data stream to the communication module transmission;
Communication module, be used to receive the encryption control command that central certificate server transmits, the deciphering control command, instruct to physical characteristics collecting module transmitting control, from the physical characteristics collecting module, extract series data stream, generate and encrypt biological attribute data, send to central certificate server and encrypt biological attribute data.
3. network authentication system according to claim 1, it is characterized in that, described telecommunication network adopts the tcp/ip communication agreement, the cable network that the connected mode of multi-biological characteristic network collection and control terminal and telecommunication network is made up of Ethernet, or the wireless network of forming by wireless receiver and 802.x or blue teeth wireless card.
4. network authentication system according to claim 1, it is characterized in that, described central certificate server, be used for a plurality of multi-biological characteristic network collections and control terminal Synchronization Control, optimize, obtain, analyze, authenticate and verify biological attribute data, and to multi-biological characteristic network collection and control terminal sending controling instruction.
5. network authentication system according to claim 1 is characterized in that, described biological characteristic is fingerprint, people's face, iris, retina biological characteristic, or the fusion of fingerprint, people's face, iris, several biological characteristic mode of retina.
6. network authentication system according to claim 2 is characterized in that, described physical characteristics collecting module comprises:
Physical characteristics collecting IC chip is used to receive the control command that communication module transmits, according to the biological attribute data on the control command collection of biological collection apparatus transducer, and with these data according to the form of series data stream to the communication module transmission;
The physical characteristics collecting transducer is used to gather biological attribute data.
7. network authentication system according to claim 6 is characterized in that, described physical characteristics collecting transducer comprises one or several in fingerprint image sensor, facial image transducer, iris image transducer and the retinal images transducer.
8. network authentication system according to claim 2 is characterized in that, described communication module also comprises:
A communication IC chip, be used to set up with telecommunication network between be connected, receive the encryption control command that central certificate server transmits, decipher this control command, to physical characteristics collecting module sending controling instruction, gather biological attribute data, and pass to central certificate server after will storing the biological attribute data encryption; Also be used for transmitting biological attribute data and control command, instruct to the door lock circuit transmitting control to static memory;
A static memory is used for receiving and transmission biological attribute data and control command to communication IC chip, also is used for the control signal of receiving gate lock circuit;
A control circuit is used to receive the control command of communication IC chip, is " authentication by " or " authentification failure " state according to the control command control circuit;
A universal asynchronous receiver is used for the transfer of data between communication IC chip and the physical characteristics collecting IC chip;
A network access device is used to set up communicating to connect between communication IC chip and the central certificate server.
9. network authentication system according to claim 6 is characterized in that, described physical characteristics collecting transducer comprises:
A capacitance sensor is used for gathering fingerprint image;
A CMOS optical pickocff is used for gathering facial image;
A CCD optical pickocff is used for gathering iris and retinal images.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNU2007201032630U CN201048392Y (en) | 2007-01-18 | 2007-01-18 | Multi-biological characteristic based remote network identification authentication system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNU2007201032630U CN201048392Y (en) | 2007-01-18 | 2007-01-18 | Multi-biological characteristic based remote network identification authentication system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN201048392Y true CN201048392Y (en) | 2008-04-16 |
Family
ID=39300984
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNU2007201032630U Expired - Lifetime CN201048392Y (en) | 2007-01-18 | 2007-01-18 | Multi-biological characteristic based remote network identification authentication system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN201048392Y (en) |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105227516A (en) * | 2014-05-28 | 2016-01-06 | 中兴通讯股份有限公司 | The access method of Smart Home, control centre's equipment and dress terminal |
| CN106600754A (en) * | 2015-10-15 | 2017-04-26 | 天津新基斯科技有限公司 | Cloud calculation iris identification access control apparatus |
| CN108389348A (en) * | 2017-06-27 | 2018-08-10 | 武汉普惠海洋光电技术有限公司 | The system of smart home security based on smart mobile phone |
| CN108702295A (en) * | 2016-02-19 | 2018-10-23 | 三星电子株式会社 | The electronic equipment and its operating method being authenticated based on biological data |
| CN109564602A (en) * | 2016-08-03 | 2019-04-02 | 思睿逻辑国际半导体有限公司 | For the authentication method and device in electronic equipment |
| TWI701934B (en) * | 2014-04-14 | 2020-08-11 | 香港商阿里巴巴集團服務有限公司 | Method and device for verifying availability of biometric image |
| CN112639806A (en) * | 2018-09-04 | 2021-04-09 | 株式会社东海理化电机制作所 | Biometric information authentication device |
-
2007
- 2007-01-18 CN CNU2007201032630U patent/CN201048392Y/en not_active Expired - Lifetime
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| TWI701934B (en) * | 2014-04-14 | 2020-08-11 | 香港商阿里巴巴集團服務有限公司 | Method and device for verifying availability of biometric image |
| CN105227516A (en) * | 2014-05-28 | 2016-01-06 | 中兴通讯股份有限公司 | The access method of Smart Home, control centre's equipment and dress terminal |
| CN106600754A (en) * | 2015-10-15 | 2017-04-26 | 天津新基斯科技有限公司 | Cloud calculation iris identification access control apparatus |
| CN108702295A (en) * | 2016-02-19 | 2018-10-23 | 三星电子株式会社 | The electronic equipment and its operating method being authenticated based on biological data |
| CN108702295B (en) * | 2016-02-19 | 2021-10-22 | 三星电子株式会社 | Electronic device for authentication based on biometric data and method of operating the same |
| CN109564602A (en) * | 2016-08-03 | 2019-04-02 | 思睿逻辑国际半导体有限公司 | For the authentication method and device in electronic equipment |
| CN108389348A (en) * | 2017-06-27 | 2018-08-10 | 武汉普惠海洋光电技术有限公司 | The system of smart home security based on smart mobile phone |
| CN112639806A (en) * | 2018-09-04 | 2021-04-09 | 株式会社东海理化电机制作所 | Biometric information authentication device |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101227278B (en) | Method and system of remote network identification authenticating based on multiple biology characteristics | |
| CN201048392Y (en) | Multi-biological characteristic based remote network identification authentication system | |
| CN100405796C (en) | Admittance control method for IPv6 switch-in network true source address access | |
| US11177943B2 (en) | Digital electronic device based on dual blockchain having virtual blockchain and operation method thereof | |
| CN107121938A (en) | Intelligent home equipment control method, the device and system of identity-based identification | |
| US8838989B2 (en) | Optimized biometric authentication method and system | |
| US20060161770A1 (en) | Network apparatus and program | |
| CN106960491A (en) | Mobile fingerprint access control system and control method | |
| WO2006129551A1 (en) | Pattern collation method, pattern collation system, and pattern collation program | |
| CN101796860A (en) | Node for a network and method for establishing a distributed security architecture for a network | |
| US7286691B1 (en) | Devices and methods for biometric authentication | |
| CN102184391A (en) | Distributed type face recognition method and system as well as face recognition terminal | |
| WO2015180261A1 (en) | Smart home access method, control centre device and wearable terminal | |
| CN105574968A (en) | Intelligent building visitor system | |
| CN108615284A (en) | A kind of Quick Response Code dynamic access control system and unlocking method to work offline | |
| CN203276380U (en) | Distributed door access authentication system based on palm veins | |
| CN105050086A (en) | Method for terminal to log in Wifi hotspot | |
| CN107395634A (en) | A kind of wearable device without password authentication method | |
| CN207037762U (en) | mobile fingerprint access control system | |
| KR102085540B1 (en) | Visitor Management System by Using Server at Home and Method thereof | |
| JP3222191U (en) | Multifunctional authentication device | |
| KR102089030B1 (en) | Access control system and method based on combination of authentications | |
| US7962173B2 (en) | Portable personal server device with biometric user authentication | |
| CN203224925U (en) | Palm vein-based centralized entrance guard authentication system | |
| KR20140063104A (en) | User authentication system and method using near field communication |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CX01 | Expiry of patent term |
Granted publication date: 20080416 |
|
| EXPY | Termination of patent right or utility model |