CN2824442Y - Finger print identifier for electronic signing mane - Google Patents
Finger print identifier for electronic signing mane Download PDFInfo
- Publication number
- CN2824442Y CN2824442Y CN 200520100497 CN200520100497U CN2824442Y CN 2824442 Y CN2824442 Y CN 2824442Y CN 200520100497 CN200520100497 CN 200520100497 CN 200520100497 U CN200520100497 U CN 200520100497U CN 2824442 Y CN2824442 Y CN 2824442Y
- Authority
- CN
- China
- Prior art keywords
- fingerprint
- security manager
- finger
- intelligent code
- code key
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Landscapes
- Credit Cards Or The Like (AREA)
Abstract
The utility model provides a fingerprint identifier for an electronic signature, which relates to the field of information security certification. The utility model comprises a fingerprint sensor, a fingerprint identification controller, a module security manager, an intelligent cipher key interface and a programmable control line. At present, when a digital certificate medium is used, a user needs to input an accessing cipher which is the weakest link for protecting the electronic signature. The utility model realizes the interconversion between fingerprint information and an intelligent cipher key through the connection of the module security manager and the intelligent cipher key interface and can carry out the comparison of congeneric data after the encryption and the decryption of data streams, and consequently, the identity certification of a user can be realized. By using the fingerprint identification technology, the effective protection of an outer digital certificate can be realized. The intelligent cipher key interface supports any intelligent cipher keys which are approved by the national conference cipher committee, the fingerprint sensor adopts a semiconductor sensor and components can be integrated into a whole. The utility model has the advantages of low cost, volume reduction, portability and superior cost performance.
Description
Technical field
The utility model relates to the information security certification field, is specifically related to a kind of finger-print recognising instrument that is used to sign electronically.
Background technology
In today of information exchange prosperity, ensuring information security becomes matter of utmost importance.For guarantee information storage and transmission safety, the encryption of information necessitates.Present encryption system generally needs the user to protect key with the form of password, but password is difficult to memory and is easy to crack.Finger print identifying is a kind of of biological characteristic authentication, possesses accurately, characteristics fast and efficiently.A kind of new mode that finger print identifying is combined with the cryptoguard system is applied to the field that more and more needs authentication.
So-called electronic signature is meant in the electronic message to be used to discern signer's identity and to show that the signer approves the wherein data of content so that electronic form is contained, appended.Digital signature based on the public key cryptography technology of PKI is a kind of particular form of electronic signature.PKIX PKI is a kind of new information security certification technology, and it is by public-key cipher technology, digital certificate, certificate issuing authority (CA) and form jointly about the bases such as security strategy of public-key cryptography.Digital certificate is called for short certificate, is the core element of PKI, is signed and issued by the server of certification authority, and it is the technical foundation guarantee of electronic signature.Existing PKI mechanism is generally double certificate mechanism, and promptly an entity should have two certificates, and two keys are right, and one is encrypted certificate, and one is signing certificate, and encrypted certificate can not be used to sign in principle.Certificate is the media of key management in public key system, and different entities can transmit PKI mutually by certificate, and certificate is signed and issued by the third-party institution of authority, credible wilfulness and fairness, is authoritative electronic document.
As previously mentioned, in the technology of whole electronic signature realizes, be to encrypt, transmit, store, decipher, verify that each process has all taken into full account safe demand, but, because electronic signature technology is the technology of a pure electronics/information after all, the process of whole electronic signature is the checking for digital certificate in fact, and therefore the safety of digital certificate is vital in electronic signature.
But digital certificate is replicated very easily in the electronic signature; in order to protect digital certificate; technology the most commonly used at present is to adopt intellective IC card technology and USB Key technology that digital certificate is left in IC-card and two kinds of physical mediums of USB Key; the IC-card technology is by digital certificate being kept in the very reliable intelligent chip; guarantee that digital certificate can be by bootlegging and use, and it is higher to make the cost of IC-card.
But there is not complete indivisible relation between physical medium and the user, unique relation is exactly usually all to need the user to import the access code of this medium when using the digital certificate medium, and the password of this visit digital certificate is the weakest link in all electronic signature technologies just.
The utility model content
For addressing the deficiencies of the prior art and deficiency, really realize user identity identification, the utility model patent provides a kind of brand-new electronic signature mode---the finger-print recognising instrument that is used to sign electronically.
The finger-print recognising instrument that is used to sign electronically, comprise: read user's finger print information fingerprint sensor, with the module security manager of the fingerprint recognition controller of host computer communication, checking user's identity, the fingerprint recognition controller is connected by USB with fingerprint sensor, module security manager, it is characterized in that described module security manager is connected with the intelligent code key interface.This intelligent code key interface is connected encryption, deciphering and the storage of back realization to finger print information and external digital certificate with the physical medium of storage external digital certificate.Such connection is related with the user's of visit external digital certificate identity with user's finger print information, adopts fingerprint recognition to realize the uniqueness of digital certificate user identity is confirmed.
Described intelligent code key interface is connected with the physical medium of storage external digital certificate.Such connection has realized encryption, deciphering and the storage to finger print information and external digital certificate.
Described module security manager is used for that fingerprint sensor is read finger print information and is converted to fingerprint template and controls the intelligent code key interface and the opening and closing of intelligent code key communication.Fingerprint sensor carries out preliminary processing to original picture after reading user's the image of fingerprint, makes it more clear, sets up the characteristic of fingerprint again, and these data are commonly referred to fingerprint template.
Described intelligent code key interface (4) adopts the API API, and the physical medium that is connected is intellective IC card or USB Key.Two kinds of physical mediums can be selected according to actual needs.The API API can be supported the intelligent code key of any national commercial cipher committee exploitation.
Described intelligent code key interface is used for converting fingerprint template to physical medium that intelligent code key is stored in the external digital certificate.Usually there is the part amount of physical memory to be used to store intelligent code key in the physical medium, has only to obtain intelligent code key and just can carry out visit outside digital certificate.
Data and the module security manager recognition data of described intelligent code key after the intelligent code key interface conversion matches.The intelligent code key interface is deciphered intelligent code key, converts fingerprint characteristic data to, i.e. fingerprint template.This fingerprint template can be the identification of module security manager.
Described module security manager is used for finger print information that fingerprint sensor is read and the intelligent code key that is stored in the external digital certificate and compares.The module security manager is compared the fingerprint characteristic data that user's fingerprint characteristic data and intelligent code key converts to, and user's identity is confirmed.
Described fingerprint sensor is a semiconductor transducer.The semiconductor transducer volume is little, and price is low, and whole electronic devices and components are become one becomes possibility, and cost performance is better than optical pickocff.This semiconductor transducer maskable static prevents that fingerprint sensor from being punctured by high-pressure electrostatic.
Described fingerprint sensor is by control line able to programme and the communication of module security manager, and response is from the control signal of module security manager.The module security manager is with the result of fingerprint characteristic data comparison; send fingerprint sensor to; if the result is consistent; fingerprint sensor is with the hardware access passage of control module security manager opening to outside digital certificate; play the effect of management and protection external digital certificate hardware access passage, the while is as host's platform of external digital certificate.
Fingerprint sensor, fingerprint recognition controller, module security manager, intelligent code key interface, control line able to programme are integrated as a whole.The finger-print recognising instrument volume that is used in electronic signature is small and exquisite, is easy to carry.
The utility model has been realized finger print information by module security manager and being connected of intelligent code key interface and has been stored in mutual conversion between the intelligent code key of external physical media, data stream is carried out carrying out data of the same type relatively after the encryption and decryption, thereby realize authentication, satisfy the requirement of the safety encipher storage of finger print information user identity; Utilize fingerprint identification technology to realize effective protection again for the external digital certificate; thoroughly solved the safety problem when the applying electronic signature technology---utilize electronic signature technology to realize data security in transmission and electronic information flow process such as storage, utilize fingerprint identification technology to realize identity validation again the digital certificate user.The intelligent code key interface has any intelligent code key that versatility can be supported the approval of the national commercial cipher of the process committee, and the finger-print recognising instrument range of application that is used in electronic signature is unrestricted.Fingerprint sensor adopts semiconductor transducer, has reduced cost, has dwindled volume, and cost performance is more superior, is convenient to realize that all are formed electronic devices and components becomes one, and is easy to carry.
Description of drawings
Fig. 1 is a block diagram of the present utility model;
Fig. 2 is a building-block of logic of the present utility model.
Among the figure: 1, fingerprint sensor, 2, the fingerprint recognition controller, 3, the module security manager, 4, the intelligent code key interface, 5, control line able to programme, be the utility model in the frame of broken lines.
Specific implementation
Usually the physical medium of digital certificate is intellective IC card and USBKey in the store electrons signature, and both are as broad as long in itself, and at different physical mediums, the intelligent code key interface can need be selected in actual use.Relatively low with cost.
Below in conjunction with the finger-print recognising instrument that be used to sign electronically of Fig. 1 explanation when the intelligent code key interface connects USB Key storage external digital certificate.The utility model comprises: fingerprint sensor 1, fingerprint recognition controller 2, module security manager 3 and intelligent code key interface 4, control line able to programme 5.
Fingerprint recognition controller 2 is connected and communication with host computer with USB, be positioned at the core position of whole instrument, module security manager 3, fingerprint sensor 1 and intelligent code key interface 4 are all by fingerprint recognition controller 2 and host computer communication.Fingerprint identification controller 2 can be fingerprint sensor 1 power supply is provided in most preferred embodiment.Fingerprint recognition controller 2 and module security manager 3 and fingerprint sensor 1 are connected with USB.
Fingerprint sensor 1 adopts semiconductor transducer, and its volume is little, and price is low, and cost performance is better than optical pickocff, whole electronic devices and components are become one after, overall volume reduces, and is easy to carry.This semiconductor transducer maskable static prevents that fingerprint sensor 1 from being punctured by high-pressure electrostatic.Fingerprint sensor 1 converts user's fingerprint image to electronic signal, by control line 5 able to programme and 3 communications of module security manager, passes to module security manager 3.
Module security manager 3 carries out preliminary processing to original picture after with the electronic signal of receiving, makes it more clear, sets up the characteristic of fingerprint again, forms fingerprint template.As the time, fingerprint template is stored among the outside USB Key by the intelligent code key that 4 conversions of intelligent code key interface form the initialization of intelligent code key.When needs checkings user identity, the fingerprint characteristic data that the intelligent code key that module security manager 3 will be stored in external USB Key converts to by intelligent code key interface 4 and the user's of extraction fingerprint characteristic data is compared.If result relatively is consistent, fingerprint sensor 1 can be achieved control module security manager 3 open hardware access passages to USB Key for visit that is stored in the external digital certificate among the USBKey and use.If comparative result is inconsistent, then the user can not can not operate accordingly by authentication.Usually the memory space of USB Key can both satisfy the needs of storage intelligent code key and digital certificate, and USB Key itself has the hardware encipher ability, can guarantee the safety of intelligent code key.Intelligent code key interface 4 has versatility between module security manager 3 and external physical media, adopt the API API data stream to be encrypted, to decipher based on different digital certificates.Module security manager 3 all is connected with USB with external USB Key with intelligent code key interface 4, intelligent code key interface 4.
Control line 5 able to programme connects fingerprint sensor 1 and module security manager 3, is responsible for both communications.
In such environment for use, the memory device that USB Key is used as a safety uses, for the user stores intelligent code key and digital certificate.Therefore,,, can store the data of different user respectively with different intelligent code keys, just can realize the support of individual equipment the multi-user as long as employed USB Key supports partition management for multi-user's environment.
For the situation of intelligent code key interface connection intellective IC card, operation principle is identical, seldom gives unnecessary details at this.
Among Fig. 2, during the intelligent code key of initialization external digital certificate, the fingerprint that extracts the user forms fingerprint image, fingerprint image is carried out data processing, the characteristic that takes the fingerprint, conversion forms the physical medium that intelligent code key is stored in the external digital certificate through the API API to form fingerprint template.During checking user identity, extract user's fingerprint, through data processing, form fingerprint characteristic data, call the cipher key in the physical medium that is stored in the external digital certificate simultaneously, convert fingerprint template to through the API API, both compare, if unanimity as a result, after the feedback control signal, the passage of open visit and use external digital certificate can move with the program of answering.
Claims (6)
1. be used to the finger-print recognising instrument that signs electronically, comprise: read user's finger print information fingerprint sensor (1), with the module security manager (3) of the fingerprint recognition controller (2) of host computer communication, checking user's identity, fingerprint recognition controller (2) is connected by USB with fingerprint sensor (1), module security manager (3), it is characterized in that described module security manager (3) is connected with intelligent code key interface (4).
2. the finger-print recognising instrument that is used to sign electronically according to claim 1 is characterized in that described intelligent code key interface (4) is connected with the physical medium of storage external digital certificate.
3. the finger-print recognising instrument that is used to sign electronically according to claim 1 is characterized in that described intelligent code key interface (4) adopts the API API, and the physical medium that is connected is intellective IC card or USB Key.
4. the finger-print recognising instrument that is used to sign electronically according to claim 1 is characterized in that described fingerprint sensor (1) is a semiconductor transducer.
5. the finger-print recognising instrument that is used to sign electronically according to claim 1 is characterized in that described fingerprint sensor (1) by control line able to programme (5) and module security manager (3) communication, and response is from the control signal of module security manager (3).
6. the finger-print recognising instrument that is used to sign electronically according to claim 1 is characterized in that fingerprint sensor (1), fingerprint recognition controller (2), module security manager (3), intelligent code key interface (4), control line able to programme (5) integrated as a whole.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 200520100497 CN2824442Y (en) | 2005-02-04 | 2005-02-04 | Finger print identifier for electronic signing mane |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 200520100497 CN2824442Y (en) | 2005-02-04 | 2005-02-04 | Finger print identifier for electronic signing mane |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN2824442Y true CN2824442Y (en) | 2006-10-04 |
Family
ID=37033563
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN 200520100497 Expired - Fee Related CN2824442Y (en) | 2005-02-04 | 2005-02-04 | Finger print identifier for electronic signing mane |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN2824442Y (en) |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103793640A (en) * | 2012-11-01 | 2014-05-14 | 北京握奇数据系统有限公司 | Method and system for applying biological identification technology to USB Key |
| CN104102867A (en) * | 2014-07-30 | 2014-10-15 | 中山艺展装饰工程有限公司 | Multi-modal electronic bank payment settlement authentication method using retina verification |
| US9009359B2 (en) | 2013-03-29 | 2015-04-14 | International Business Machines Corporation | Emulating multiple universal serial bus (USB) keys so as to efficiently configure different types of hardware |
| US9245131B2 (en) | 2013-03-29 | 2016-01-26 | International Business Machines Corporation | Multi-user universal serial bus (USB) key with customizable file sharing permissions |
| US9720852B2 (en) | 2013-03-29 | 2017-08-01 | International Business Machines Corporation | Universal serial bus (USB) key functioning as multiple USB keys so as to efficiently configure different types of hardware |
-
2005
- 2005-02-04 CN CN 200520100497 patent/CN2824442Y/en not_active Expired - Fee Related
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103793640A (en) * | 2012-11-01 | 2014-05-14 | 北京握奇数据系统有限公司 | Method and system for applying biological identification technology to USB Key |
| US9009359B2 (en) | 2013-03-29 | 2015-04-14 | International Business Machines Corporation | Emulating multiple universal serial bus (USB) keys so as to efficiently configure different types of hardware |
| US9245131B2 (en) | 2013-03-29 | 2016-01-26 | International Business Machines Corporation | Multi-user universal serial bus (USB) key with customizable file sharing permissions |
| US9245130B2 (en) | 2013-03-29 | 2016-01-26 | International Business Machines Corporation | Multi-user universal serial bus (USB) key with customizable file sharing permissions |
| US9720852B2 (en) | 2013-03-29 | 2017-08-01 | International Business Machines Corporation | Universal serial bus (USB) key functioning as multiple USB keys so as to efficiently configure different types of hardware |
| US9720853B2 (en) | 2013-03-29 | 2017-08-01 | International Business Machines Corporation | Universal serial bus (USB) key functioning as multiple USB keys so as to efficiently configure different types of hardware |
| CN104102867A (en) * | 2014-07-30 | 2014-10-15 | 中山艺展装饰工程有限公司 | Multi-modal electronic bank payment settlement authentication method using retina verification |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101465019B (en) | Method and system for implementing network authentication | |
| CN100454321C (en) | USB device with data memory and intelligent secret key and control method thereof | |
| CN1889419B (en) | Method and apparatus for realizing encrypting | |
| US6321333B1 (en) | Efficient digital certificate processing in a data processing system | |
| CN105554035B (en) | A kind of electronic lock system and its control method | |
| CN101196855B (en) | Mobile encrypted memory device and cipher text storage area data encrypting and deciphering processing method | |
| CN1221900C (en) | User's identity authentication method of dynamic electron cipher equipment and its resources sharing system | |
| CN101447010A (en) | Login system and method for logging in | |
| CN106169041A (en) | A kind of safety encryption portable hard drive based on USBKEY authentication and data transmission method thereof | |
| CN101009556A (en) | Intelligent card and U disk compound device and its access security improvement method based on bidirectional authentication mechanism | |
| CN102064944A (en) | Safety card issuing method as well as card issuing equipment and system | |
| CN103326864A (en) | Electronic tag anti-fake authentication method | |
| CN2824442Y (en) | Finger print identifier for electronic signing mane | |
| CN110674515B (en) | Multilevel security storage chip framework | |
| CN2609069Y (en) | Fingerprint digital autograph device | |
| CN102163267A (en) | Solid state disk as well as method and device for secure access control thereof | |
| CN109903052A (en) | A kind of block chain endorsement method and mobile device | |
| TWI476629B (en) | Data security and security systems and methods | |
| CN104125064A (en) | Dynamic password authentication method, client and authentication system | |
| CN106953731A (en) | The authentication method and system of a kind of terminal management person | |
| CN1696463A (en) | Method for opening electronic coded lock and electronic coded lock device | |
| CN109657502A (en) | A kind of SATA bridge based on domestic cryptographic algorithm connects real-time Transmission encryption system and method | |
| CN108038392A (en) | A kind of smart card encryption method | |
| US11797717B2 (en) | Bus encryption for non-volatile memories | |
| CN101739593A (en) | Safety certification method of medium access control codes of integrated circuit cards |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| C19 | Lapse of patent right due to non-payment of the annual fee | ||
| CF01 | Termination of patent right due to non-payment of annual fee |