TW201145066A

TW201145066A - CAPTCHA (completely automated public test to tell computers and humans apart) data generation methods and management systems thereof, and related application management methods and computer program products thereof

Info

Publication number: TW201145066A
Application number: TW99118331A
Authority: TW
Inventors: Pai Helen
Original assignee: F2Ware Inc
Priority date: 2010-06-07
Filing date: 2010-06-07
Publication date: 2011-12-16

Abstract

CAPTCHA (Completely Automated Public Test to tell Computers and Humans Apart) data generation methods for use in an electronic device and related application management systems are provided. First, the electronic device determines a first data set according to at least one first data corresponding to an operation to be performed, wherein the first data represents a sensitive data corresponding to the operation. Then, the electronic device generates a group of CAPTCHA data according to data attribute of the first data. The electronic device may be a server or a client. When the electronic device is a client, the client obtains at least a generation module from the server to determine the first data set, and generate the CAPTCHA data. In some embodiments, during a data transmission procedure, the client performs the operation with the server using the CAPTCHA data. Before the data transmission procedure is complete, the server can optionally indicate the client to perform a specific operation by using a physical device, thus to validate the operation, and terminate the data transmission procedure.

Description

201145066 六、發明說明：【發明所屬之技術領域】本發明係有關於一種資料處理方法及其相關之資料管理系統’特別是有關於一種全自動區分計算機和人類的測試（Completely Automated Public Test to tell Computers and201145066 VI. Description of the Invention: [Technical Field of the Invention] The present invention relates to a data processing method and related data management system, in particular to a fully automatic computer and human test (Completely Automated Public Test to tell) Computers and

Humans Apart ’ CAPTCHA)資料產生方法及其管理系統，及其相關應用管理方法，從而強化對於傳輸資料的保護。【先前技術】近年來，隨著網路的應用與發展越來越成熟，使用者需要透過網路取得資訊的機會有越來越大。使用者可以利用其電子裝置如電腦系統、可攜式裝置等，透過網路進行大量服務與應用。在一些網路服務中，使用者必須對於特定服務進行註冊或對於一些資訊進行確認。在註冊或_認過程中，使用者必須檢視提供服務之伺服器端所提供的相關資訊’並依據這些資訊來進行相關輸入，以進行註冊或確認。傳統上’資訊在伺服器與使用者端之傳遞是經由電腦文字傳輸’谷易被病毒或木馬等惡意程式竄改，即使採用虛擬鍵盤之方式，其在使用者端輪入完成後之傳遞亦是經由電腦文字傳輸。舉例來說，目前交易資料之輪入，乃藉由使用者端以鍵盤或呈現在螢幕上之虛擬鍵盤進行輪入。在使用者端選擇並傳輸時，仍藉由電子文字方法傳輪至飼服器以為交易内容之識別。為了避免這些個人資料或操作的内容被旁人盜取，需要加強伺服器與用戶端之間的資料傳送的保密措施。因：9096-A42389-TW/Drafl-Final 201145066Humans Apart ’ CAPTCHA) data generation method and its management system, and related application management methods, thereby enhancing the protection of transmitted data. [Prior Art] In recent years, as the application and development of the Internet has become more and more mature, the opportunities for users to obtain information through the Internet are increasing. Users can use their electronic devices such as computer systems, portable devices, etc. to carry out a large number of services and applications through the network. In some network services, users must register for a particular service or confirm some information. During the registration or _recognition process, the user must view the relevant information provided by the server providing the service' and use the information to make relevant input for registration or confirmation. Traditionally, the transmission of information between the server and the user terminal is transmitted via computer text transmission. The valley is tampering with malicious programs such as viruses or Trojans. Even if the virtual keyboard is used, the transmission after the user's round is completed is Transfer via computer text. For example, the current rounding of transaction data is performed by the user side by keyboard or by a virtual keyboard presented on the screen. When the user selects and transmits, it still passes the electronic text method to the feeder to identify the transaction content. In order to prevent the contents of these personal data or operations from being stolen by others, it is necessary to strengthen the confidentiality measures of data transmission between the server and the client. Because: 9096-A42389-TW/Drafl-Final 201145066

:’需要-種能夠於伺服器與用戶端之間執行任時，確實保護傳送㈣料的正確性的方法㈣統H =部分技術可㈣用嶋錢擬用戶端輸入行為的式來欺騙舰器，進而完成資料回覆作業。如此技術對於需要㊉度安全考量之傳輪行為將形成重大風險。【發明内容】有鑑於此，本發明提供一種全自動區分計算機和人類: 'Required - a method that can protect the correctness of the transmission (four) material when it is executed between the server and the client. (4) System H = part of the technology can (4) use the formula to calculate the user input behavior to deceive the ship , and then complete the data reply operation. Such technology poses a significant risk to the transmission of a need for a ten-degree safety consideration. SUMMARY OF THE INVENTION In view of this, the present invention provides a fully automatic distinction between a computer and a human

^測試資料產生方Μ其管料'統，及其㈣制管理方法’以解決上述的問題。 η -4 =實施例提供—種全自動區分計算機和人類的測 ^貝料產生方法，適用於—電子I置。首先，電子裝置依據對應一操作之至少一第一八。哲令笫貝枓，決定一組第一資料集 :” 1料係為與—操作有關電子裝置依據第-資料，產生對應於第一資料华合:二用戶端。當該電子裝置係以係-伺服器端或-哭嫂ρ“ ★置係該用戶&時，該用戶端由該伺服 : 付’產生模組，用以決定該第-資料集合且產生該組CAPTCHA資料。測試Ϊ:另提供一種全自動區分計算機和人類的對庳一择二之，至少包括一電子裝置。電子裝置依據並：：:笛：—第一資料’決定-組第-資料集合，並且依據第一資料，產 CAPTCHA資料4中，/;二第一貝料集合之-組資料，且電子裝置：二：係為與操作有關之敏感係用戶端時'“司服盗端或一用戶端。當電子裝置 '、化寺’用戶端由飼服器端取得至少一產生模組，用：9096-A42389-TW/Draft-Final 201145066 以決定第一資料集合且產生該組CAPTCHA資料。本發明實施例提供一種全自動區分計算機和人類的測試資料之應用管理方法。首先，一伺服器端或一用戶端依據對應一操作之至少一第一資料，決定一組第一資料集合，且依據第一資料’產生對應於該組第一資料集合之一組CAPTCHA資料。其中，第一資料係為與操作有關之敏感資料。接著，於一資料傳輸程序中，用戶端利用該組 CAPTCHA資料與伺服器端進行操作，且在資料傳輸程序結束之前，伺服器端得/可指示用戶端利用一實體裝置執行一特定操作。當伺服器端偵測到用戶端利用實體裝置執行特定操作時’確認操作完成，以結束資料傳輸程序。在一些實施例中，當電子裝置係伺服器端時，伺服器端將CAPTCHA資料傳送至用戶端，且用戶端利用 CAPTCHA資料與伺服器端進行操作。在一些實施例中，當電子裝置係用戶端時，用戶端直接利用CAPTCHA資料將CAPTCHA資料或相應CAPTCHA資料之一摘要資訊傳送至伺服器端，以進行操作。本發明上述方法可以透過程式碼方式而存在。當程式碼被機器載入並執行時，該機器就會變成用於實行本發明之裝置。為使本發明之上述目的、特徵與優點能更明顯易懂，下文特舉實施例，炎配合所附圖示，詳細說明如下。【實施方式】本發明實施例中提供一種可用於一電子裝置，如伺服器端與/或用戶端的全自動區分計算機和人類的測試：9096-A42389-TW/Draft-Final 6 201145066 (Completely Automated Public Test to tell Computers and Humans Apart，以下簡稱CAPTCHA)資料之產生方法及其相關之資料管理系統。電子裝置會依據對應用戶端的使用者所要求的一操作的一或多個與操作相關的敏感性資料或重要資料，決定一組第一資料集合，接著，再依據敏感性資料，產生對應於第一資料集合之一組CAPTCHA資料。同時，可將產生的每個CAPTCHA資料加上一特定的加密資料（例如一浮水印）。之後，便可利用加密後的資料與用 • 戶端進行此操作以及進行雙方資料的驗證，預防傳送過程中資料被有效竄改。於實施例中’更提供了一種將產生的CAPTCHA資料例如圖片用於操作如交易處理之方法。首先，電子裝置產生人類或電腦可辨別之圖片（CAPTCHA資料），其中，圖片 "T依據不同之父易内谷產生不同的樣式或組合。當圖片係由伺服器端產生時，伺服器端可以透過傳輸媒介將圖片傳送至一用戶端。用戶端可使用圖片做為交易資料之輸入，鲁以進行交易之處理，並將圖片以傳輸媒介傳送回伺服器端。最後’伺服器端可依據圖片識別交易之内容。當圖片係由用戶端產生時，用戶端可直接使用圖片做為交易資料之輸入，以進行交易之處理，並將圖片以傳輸媒介傳送回伺服器端。最後，伺服器端可依據圖片識別交易之内容。第1圖顯示依據本發明實施例之資料管理系統。依據本發明實施例之資料管理系統100至少包括一伺服器端 110與一用戶端120’其中伺服器端110可透過一傳輸媒介例如網路130與用戶端120進行資料的傳輸，於兩者之間 :9096-A42389-TW/Draft-Final 201145066 =一：;3!=’有舉:來說但不限於此，包括網路 ⑽一，但不:於==’例如網際網路括-或多個步驟且心此貫把例中個操作可包驟此操作時 /、中祠服器端11G更包括—產生模組組114以及一解密模組116。產生模組112用以=密模資料’決定一叙第-資料集合。產生模組112二 =第-執行的操作中的—或多個第―資料衫 p據所欲合。其中’第1料可為與操作有關的敏感料集者相關的敏感性資料或重要資料，例如使的使用資料、帳號、轉帳金額、地址料。由於這身份操作的結果，因此需要特別的處理。第—資^=將影響對應於第-資料的所有可能的資料。舉例來說二可包含料為一數字資料時，則其對應的第一資料集合資接著，產生模組112再依據第一資料的資料生對應於第一資料集合的一組CAPTCHA資料。、11，產由計算機或程式所造成大量惡意或重複性的輸為/了避免 CAPTCHA技術可以用來區分計算機或人類，=入仃為’ 關輸入係由使用者所輸入，亦或由計算機所自^辨識出相一般而言，CAPTCHA係藉由要求使用者輪入一生的。容易被一些辨識程式自動辨識出的圖片上戶斤Ss_ 比較不孫貝示的文玄+ 數字，例如扭曲變形或劃線之圖片上所顯示 ^ f或、勺文字或數字 :9096-A42389-TW/Draft-Final 201145066 來區分出相關輪入係由計算機或人類所產生。須注意的疋’於本發明實施例中，係採用CAPTCHA技術的概念，提供對應於操作所需的相關資料的CAPTCHA資料。當第一資料包括一由一或多個數字所組成的數字資料時，每一資料段係可為—或多個數字。因此，產生模組112可依據數字資料的特性’產生包含數字0-9的一組CAPTCHA資料’如第2A圖所示。當第一資料包括一由一或多個字元所組成的字元資料時，每一資料段係可為單一字元或多個字元（字串）。因此，產生模組112可依據字元資料的特性，^ Test data generation party's management of the 'system, and its (four) system management method' to solve the above problems. η -4 = The embodiment provides a fully automatic method for distinguishing between computer and human beings, which is suitable for -Electronic I. First, the electronic device is dependent on at least one of the first eight operations. Zhe Ling 笫枓, decided a set of first data set: "1 material system is related to - operation related electronic device based on the - data, corresponding to the first data Huahe: two user terminals. When the electronic device is tied - Server end or - crying “ "When the user & is set, the client is powered by the 'pay' module to determine the first data set and generate the set of CAPTCHA data. Test Ϊ: Another way to fully distinguish between computers and humans is to include at least one electronic device. The electronic device is based on and::: flute: - first data 'decision - group first - data set, and according to the first data, produces CAPTCHA data 4, /; two first beet collection - group data, and electronic device : 2: When it is the sensitive user terminal related to the operation, '"the service thief or a user terminal. When the electronic device ', Huasi' user terminal obtains at least one production module from the feeding device, use: 9096 -A42389-TW/Draft-Final 201145066 to determine the first data set and generate the set of CAPTCHA data. Embodiments of the present invention provide an application management method for automatically distinguishing computer and human test data. First, a server end or a The user determines a set of first data sets according to at least one first data corresponding to an operation, and generates a group of CAPTCHA data corresponding to the first data set according to the first data. The first data is Operation related sensitive information. Then, in a data transmission program, the user uses the group of CAPTCHA data to operate with the server, and before the end of the data transmission program, the server end / Instructing the client to perform a specific operation using a physical device. When the server detects that the client performs a specific operation using the physical device, the operation is confirmed to complete the data transfer process. In some embodiments, when the electronic device is a servo At the server end, the server transmits the CAPTCHA data to the client, and the client operates with the CAPTCHA data and the server. In some embodiments, when the electronic device is the user terminal, the user directly uses the CAPTCHA data to connect the CAPTCHA. The summary information of the data or the corresponding CAPTCHA data is transmitted to the server for operation. The above method of the present invention can exist through the code mode. When the code is loaded and executed by the machine, the machine becomes used for implementation. The above-mentioned objects, features, and advantages of the present invention will become more apparent and understood from the embodiments of the invention. Can be used for an electronic device, such as server-side and / or user-side fully automatic distinction between computers and people Test: 9096-A42389-TW/Draft-Final 6 201145066 (Completely Automated Public Test to tell Computers and Humans Apart, hereinafter referred to as CAPTCHA) data generation method and related data management system. The electronic device will be based on the corresponding user's use. One or more operationally related sensitive data or important data required by the operator to determine a set of first data sets, and then, based on the sensitive data, generate a set of CAPTCHA data corresponding to the first data set . At the same time, each of the generated CAPTCHA data can be added with a specific encrypted data (for example, a watermark). After that, the encrypted data can be used to perform this operation with the client and verify the data of both parties to prevent the data from being effectively falsified during the transmission. In the embodiment, a method of generating a CAPTCHA material such as a picture for operation such as transaction processing is provided. First, the electronic device produces a human or computer identifiable picture (CAPTCHA data), wherein the picture "T produces different styles or combinations depending on the parent. When the picture is generated by the server, the server can transmit the picture to a client through the transmission medium. The client can use the picture as the input of the transaction data, and the transaction is processed by the client, and the picture is transmitted back to the server by the transmission medium. Finally, the server side can identify the content of the transaction based on the picture. When the picture is generated by the client, the client can directly use the picture as the input of the transaction data to process the transaction, and transmit the picture to the server side as the transmission medium. Finally, the server can identify the content of the transaction based on the picture. Figure 1 shows a data management system in accordance with an embodiment of the present invention. The data management system 100 according to the embodiment of the present invention includes at least a server end 110 and a client end 120'. The server end 110 can transmit data through a transmission medium such as the network 130 and the client 120. Between: 9096-A42389-TW/Draft-Final 201145066 = one:; 3!=' There are: but not limited to, including the network (10) one, but not: in == 'such as the Internet - or In a plurality of steps, and in the following, the operation may be performed in the case of the operation, and the server end 11G further includes a generation module group 114 and a decryption module 116. The generation module 112 is used to determine the data collection. The generation module 112 2 = the first-executive operation - or the plurality of - the first information shirts are as desired. The 'first material' may be sensitive information or important information related to the sensitive material collectors related to the operation, such as usage data, account number, transfer amount, and address material. Due to the result of this identity operation, special handling is required. The first---^ will affect all possible data corresponding to the first-data. For example, when the second data component is a digital data, the corresponding first data collection is performed. Then, the generating module 112 generates a set of CAPTCHA data corresponding to the first data set according to the data of the first data. 11, the production of a large number of malicious or repetitive losses caused by computers or programs to avoid the CAPTCHA technology can be used to distinguish between computers or humans, = enter the input system is input by the user, or by the computer Recognizing the phase In general, CAPTCHA relies on requiring the user to take a lifetime. It is easy to be automatically recognized by some recognition programs. Ss_ is not the text of the text, such as the distortion or the line of the line. ^ f or , scoop text or number: 9096-A42389-TW/Draft -Final 201145066 to distinguish between related wheeling systems generated by computers or humans. It should be noted that in the embodiment of the present invention, the concept of CAPTCHA technology is used to provide CAPTCHA data corresponding to relevant data required for operation. When the first material includes a digital material consisting of one or more digits, each data segment can be - or multiple digits. Thus, the generation module 112 can generate a set of CAPTCHA data containing the numbers 0-9 depending on the characteristics of the digital material as shown in FIG. 2A. When the first material includes a character data consisting of one or more characters, each data segment can be a single character or a plurality of characters (strings). Therefore, the generating module 112 can be based on the characteristics of the character data.

產生包含英文字母A-Z的一組CAPTCHA資料，如第2B 圖所示。在一實施例中，假設第一資料為一地址資料時，由於地址資料係由包含城市、區域、街道、巷、弄等字元資料所組成，因此，產生模組112可依據地址資料的特性，將每個資料段設為一或多個字元並產生對應的一組 CAPTCHA資料，如第2C圖所示。注意的是，在此例子中，第2圖至第2C圖所示的CAPTCHA資料係一圖片。然而，在一些實施例中，除了圖片之外，CAPTCHA資料亦可以係視訊或聲音等。舉例來說但不限於此，於一實施例中，當操作為一網銀轉帳操作時，操作時包括使用者的帳號以及轉帳金額的敏感性資料’因此’產生模組112將分別產生數字〇_9所對應的10個CAPTCHA資料，如第2A圖所示。於另一實施例中，若帳號資料包括英文字母與數字的組合時，則產生模組112可分別產生字母A-Z與數字0-9所對應的36個 CAPTCHA資料，如第2A圖與第2B圖所示。 :9096-A42389-TW/Draft-Final 9 201145066 在產生模組112產生對應於第一資料集合的一組 CAPTCHA資料之後，加密模組114可將產生模組112所有產生的CAPTCHA資料個別藏入一對應的加密資料。其中’加密資料包含有與操作有關的資訊，例如操作者的識別資料與操作的步驟資訊。在一些實施例中，加密資料係可為一浮水印、一數位簽章或一演算法所產生之特定密鑰等。請參照第3圖，係顯示依據本發明實施例之一 CAPTCHA資料示意圖。如第3圖所示，CAPTCHA資料 300中更包含有一加密資料31〇，此加密資料31〇係為一不可視浮水印。加密資料31〇更包含有一第二資料312以及一第三資料314。舉例來說，第二資料312可用以表示加密資料310於操作步驟中的一對應操作步驟，亦即此加密資料310係於那一步驟所產生，而第三資料314係可表示用戶端120之使用者的一識別資料。換句話說，可透過第二資料312與第三資料314得知加密資料310係於那一步驟所產生與那一使用者所產生，進而驗證使用者身份與資料的正確性。藏入加密資料的CAPTCHA資料將被傳送至用戶端 120 ’致使用戶端12〇利用這些產生的全自動區分計算機和人類的測試資料進行輸入，與伺服器端110進行該項操作。於操作過程中，用戶端120可將所選的CAPTCHA資料傳送至伺服器端11〇進行驗證。之後’舉例來說’若一步驟為輸入金額之步驟時，使用者可透過點選對應欲輸入的金額數字的CAPTCHA資料來輸入’並且用戶端12〇可將對應的CAPTCHA資料或其 :9096-A42389-TW/Draft-Final 10 201145066 摘要資訊傳送至伺服器端110進行驗證，用以驗證資料是否正確傳達伺服器端110。解密模組116係用以解碼用戶端120所傳送的資料，從用戶端120所傳送的資料中解碼出加密資料（例如浮水印），再依據加密資料所表示的内容判斷資料是否與原先發出的資料相同。在一些實施例中，產生模組112也可依據與操作有關的資訊，產生一摘要資訊。舉例來說，摘要資訊可為一特定的資料結構，其中包含，例如，前述的第二 # 及第三資料。在一些實施例中，用戶端120所傳送的資料可為對應CAPTCHA資料的摘要資訊，此時，解密模組116 亦可從用戶端120所傳送的摘要資訊中解碼出第二及第三資料，再依據第二及第三資料所表示的内容判斷資料是否與原先發出的資料相同。因此，透過解密模組116可更進一步確保伺服器端110與用戶端120之間傳輸資料的正確性。詳細的CAPTCHA資料產生方法將於後進行說明。第4圖顯示一依據本發明實施例之CAPTCHA資料產 ® 生方法之流程圖。請同時參照第1圖與第4圖。依據本發明實施例之CAPTCHA資料產生方法可以應用於資料管理系統100的伺服器端110上，用以產生執行一操作所需的操作資料，此操作具有複數有固定操作順序的步驟。舉例來說，一操作可包括第一步驟以及第二步驟，其中第二步驟係於第一步驟執行完後才被執行。首先，如步驟S410，產生模組112依據對應一操作之至少一第一資料，決定一組第一資料集合。舉例來說，若第一資料為一數字資料時，第一資料集合即為數字0-9,而 :9096-A42389-TW/Drafl-Final 11 201145066 若第一資料為一字元資料時，第一資料集合即為所有可能字元的集合。接著’如步驟S420，產生模組ι12依據第一資料之特性’將第一資料集合分為多個資料段，並對每一資料段’產生一對應CAPTCHA資料。類似地，當第一資料包括一由一或多個數字所組成的數字資料時，每一資料段係可為一或多個數字。當第一資料包括一由一或多個字元所組成的字元資料時，每一資料段係可為單一字元或多個字兀（字串）。舉例來說’當操作為一網銀轉帳操作時，操作時所需的資料可包括帳號以及轉帳金額資料，因此，词服器端U0將分別產生數字0_9所對應的1〇個 CAPTCHA資料，如第2A圖所示。於另一實施例中，若帳號資料包括英文字母與數字的組合時，則伺服器端n〇可刀別產生子母A-Z與數子0-9所對應的％個CAPTCHA資料。類似地，CAPTCHA資料係可為一圖片（如第2圖至第 2C圖所示）、視訊或聲音等。之後，如步驟S430，加密模組114將產生模組112所產生的每-CAPTCHA資_人-包含有與操作有關的資訊的對應加密資料。類似地，加密資料係可為一浮尺印一數位簽章或一演算法所產生之特定密鑰。請參照^ 3 圖。如第3圖所示，CAPTCHA資料300中更包^‘有一密資料310，其中加密資料310更包含有一笛_ L ° 月弟一資料312 以及一第三資料314。第二資料312可用以矣_ , 表不加密資料 310於操作步驟中的之一對應操作步驟，亦 j即此加密資料 310係於那一步驟所產生，而第三資料314係可表厂、T 端120之使用者的一識別資料。戶 :9096-A42389-TW/Draft-Final 12 201145066 藏入加密資料的CAPTCHA資料將被傳送至用戶端 120’致使用戶端12〇利用這些產生的CApTCHA資料進行輸入，與伺服器端11〇進行該項操作。於操作過程中，用戶端120可將所選的CAPTCHA資料傳送至伺服器端進行驗證。用戶端12〇便會將對應的CApTCHA資料或其摘要資訊傳送至伺服器端11〇進行驗證，用以驗證資料曰否正確傳達伺服器端11〇。 ^A set of CAPTCHA data containing the English letters A-Z is generated, as shown in Figure 2B. In an embodiment, when the first data is an address data, since the address data is composed of character data including cities, regions, streets, lanes, lanes, etc., the generation module 112 can be based on the characteristics of the address data. , set each data segment to one or more characters and generate a corresponding set of CAPTCHA data, as shown in Figure 2C. Note that in this example, the CAPTCHA data shown in Figures 2 through 2C is a picture. However, in some embodiments, in addition to the pictures, the CAPTCHA data may be video or sound. For example, but not limited to, in an embodiment, when the operation is a online banking transfer operation, the operation includes the user's account number and the sensitivity information of the transfer amount. Therefore, the generation module 112 will respectively generate the number 〇_ The 10 CAPTCHA data corresponding to 9 are shown in Figure 2A. In another embodiment, if the account data includes a combination of English letters and numbers, the generating module 112 can generate 36 CAPTCHA data corresponding to the letters AZ and 0-9, respectively, such as FIG. 2A and FIG. 2B. Shown. :9096-A42389-TW/Draft-Final 9 201145066 After the generating module 112 generates a set of CAPTCHA data corresponding to the first data set, the encryption module 114 can individually hide all the generated CAPTCHA data of the generating module 112 into one. Corresponding encrypted data. The 'encrypted data contains information related to the operation, such as the operator's identification data and the steps of the operation. In some embodiments, the encrypted data can be a watermark, a digital signature, or a particular key generated by an algorithm. Referring to Figure 3, there is shown a schematic diagram of a CAPTCHA data in accordance with an embodiment of the present invention. As shown in Fig. 3, the CAPTCHA data 300 further includes an encrypted data 31, which is an invisible watermark. The encrypted data 31 further includes a second data 312 and a third data 314. For example, the second data 312 can be used to indicate a corresponding operation step of the encrypted data 310 in the operation step, that is, the encrypted data 310 is generated in that step, and the third data 314 can represent the user terminal 120. A user identification data. In other words, the second data 312 and the third data 314 can be used to determine that the encrypted data 310 is generated by the user in the step, thereby verifying the correctness of the user's identity and information. The CAPTCHA data stored in the encrypted data will be transmitted to the client 120' causing the client 12 to use the generated fully automated computer and human test data for input, and the server terminal 110 performs this operation. During operation, the client 120 can transmit the selected CAPTCHA data to the server terminal 11 for verification. Then, for example, if a step is the step of inputting the amount, the user can input the 'CAPTCHA data corresponding to the amount of the amount to be input' and the user terminal 12 can input the corresponding CAPTCHA data or its: 9096- A42389-TW/Draft-Final 10 201145066 The summary information is transmitted to the server end 110 for verification to verify whether the data is correctly communicating with the server end 110. The decryption module 116 is configured to decode the data transmitted by the client 120, decode the encrypted data (for example, a watermark) from the data transmitted by the client 120, and determine whether the data is originally sent according to the content indicated by the encrypted data. The information is the same. In some embodiments, the generation module 112 can also generate a summary message based on information related to the operation. For example, the summary information can be a specific data structure including, for example, the aforementioned second # and third materials. In some embodiments, the data transmitted by the client 120 may be summary information corresponding to the CAPTCHA data. In this case, the decryption module 116 may also decode the second and third data from the summary information transmitted by the client 120. Based on the content indicated by the second and third materials, it is judged whether the data is the same as the original information. Therefore, the correctness of data transmission between the server end 110 and the client end 120 can be further ensured through the decryption module 116. The detailed CAPTCHA data generation method will be described later. Figure 4 is a flow chart showing a CAPTCHA data generation method in accordance with an embodiment of the present invention. Please refer to both Figure 1 and Figure 4. The CAPTCHA data generation method in accordance with an embodiment of the present invention can be applied to the server terminal 110 of the data management system 100 for generating operational data required to perform an operation having a plurality of steps having a fixed operational sequence. For example, an operation can include a first step and a second step, wherein the second step is performed after the first step is performed. First, in step S410, the generating module 112 determines a set of first data sets according to at least one first data corresponding to an operation. For example, if the first data is a digital data, the first data set is the number 0-9, and: 9096-A42389-TW/Drafl-Final 11 201145066, if the first data is a character data, A collection of data is a collection of all possible characters. Then, as in step S420, the generating module ι12 divides the first data set into a plurality of data segments according to the characteristics of the first data, and generates a corresponding CAPTCHA data for each data segment. Similarly, when the first material includes a digital material consisting of one or more digits, each data segment can be one or more digits. When the first material includes a character data consisting of one or more characters, each data segment can be a single character or a plurality of words (strings). For example, when the operation is a online banking transfer operation, the data required for the operation may include the account number and the transfer amount data. Therefore, the word server U0 will respectively generate one CAPTCHA data corresponding to the number 0_9, such as Figure 2A shows. In another embodiment, if the account data includes a combination of English letters and numbers, the server end n〇 can generate % CAPTCHA data corresponding to the child A-Z and the numbers 0-9. Similarly, the CAPTCHA data can be a picture (as shown in Figures 2 through 2C), video or sound, and the like. Then, in step S430, the encryption module 114 generates each of the CAPTCHAs generated by the module 112 to contain corresponding encrypted data of the operation-related information. Similarly, the encrypted data can be a floating-point printed digital signature or a specific key generated by an algorithm. Please refer to the ^ 3 diagram. As shown in FIG. 3, the CAPTCHA data 300 further includes a cryptographic data 310, wherein the encrypted data 310 further includes a flute _ L ° 弟一资料 312 and a third 314. The second data 312 can be used to 矣_, and the table does not encrypt the data 310 in one of the operation steps, that is, the encrypted data 310 is generated in that step, and the third data 314 is a table factory, An identification data of the user of the T end 120. User: 9096-A42389-TW/Draft-Final 12 201145066 The CAPTCHA data hidden in the encrypted data will be transmitted to the client 120', causing the client 12 to use the generated CApTCHA data for input, and the server terminal 11 Item operation. During operation, the user 120 can transmit the selected CAPTCHA data to the server for verification. The client 12 then transmits the corresponding CApTCHA data or its summary information to the server terminal 11 for verification to verify whether the data correctly communicates the server port 11〇. ^

之後，當伺服器端110接收到用戶端送出的資料時，可檢查CAPTCHA資料上的加密資料是否正確來確保資料的正確性。 y 第5圖顯示依據本發明另一實施例之資料管理系統依據本發明實施例之資料管理系統500至少包括一旬服哭端510與一用戶端520，其中伺服器端51〇可透過〜傳^ 媒介例如網路530與用戶端520進行資料的傳輸，於兩= 之間執行一操作。傳輸媒介，舉例來說但不限於此，包括網路530。網路530可包括有線或無線網路’例如網^李路(INTERNET)，但不限於此。於此實施例中，—個操;, 包括一或多個步驟且這些步驟有一既定的執行流程，告= 行此操作時，必須依據此既定的執行流程依序執行所=、步驟。有的其中，伺服器端510更包括一產生模組512、一加密* 組514以及一解密模組516。類似地，產生模級512进〉依據第一資料，決定一組第一資料集合。產生模組5丨== 依據所欲執4亍的細作中的一或多個第一資料決定一乡第資料集合。其中，第一資料可為與操作有關的敏感 :9096-A42389-TW/Draft-Final 13 201145066 如使用者相關的敏感性資料或重要資料，例如使用者的個人身份資料、帳號、轉帳金額、地址等等。第一資料集合可包含對應於第一資料的所有可能的資料。產生模組512 可以依據第一資料的資料特性，產生對應於第一資料集合的一組CAPTCHA資料。須注意的是，於本發明實施例中，係採用CAPTCHA技術的概念，提供對應於操作所需的相關資料的CAPTCHA資料。當第一資料包括一由一或多個數字所組成的數字資料時，每一資料段係可為一或多個數字。因此，產生模組512可以依據數字資料的特性，產生包含數字0-9的一組CAPTCHA資料，如第2A圖所示。當第一資料包括一由一或多個字元所組成的字元資料時，每一資料段係可為單一字元或多個字元（字串）。因此，產生模組512可依據字元資料的特性，產生包含英文字母A-Z 的一組CAPTCHA資料，如第2B圖所示。在一實施例中，假設第一資料為一地址資料時，由於地址資料係由包含城市、區域、街道、巷、弄等字元資料所組成，因此，產生模組512可依據地址資料的特性，將每個資料段設為一或多個字元並產生對應的一組CAPTCHA資料，如第2C圖所示。注意的是，在此例子中，第2A圖至第2C圖所示的 CAPTCHA資料係一圖片。然而，在一些實施例中，除了圖片之外，CAPTCHA資料亦可以係視訊或聲音等。產生模組512產生對應於第一資料集合的一組 CAPTCHA資料之後，加密模組514可以將產生模組512 所有產生的CAPTCHA資料個別藏入一對應的加密資料。其中，加密資料包含有與操作有關的資訊，例如操作者的 :9096-A42389-TW/Drafl-Final 14 201145066 識別資料與操作的步驟資訊。在一些實施例中，加密資料係可為一浮水印、一數位簽章或一演算法所產生之特定密鑰等。請參照第3圖，係顯示依據本發明實施例之一 CAPTCHA資料示意圖。如第3圖所示，CAPTCHA資料 300中更包含有一加密資料310，此加密資料310係為一不可視浮水印。加密資料310更包含有一第二資料312以及一第三資料314。舉例來說，第二資料312可用以表示加密資料310於操作步驟中的一對應操作步驟，亦即此加密資料310係於那一步驟所產生，而第三資料314係可表示用戶端520之使用者的一識別資料。換句話說，可透過第二資料312與第三資料314得知加密資料310係於那一步驟所產生與那一使用者所產生，進而驗證使用者身份與資料的正確性。解密模組516係用以解碼用戶端520所傳送的資料，從用戶端520所傳送的資料中解碼出加密資料（例如浮水印），再依據加密資料所表示的内容判斷資料是否與原先發出的資料相同。在一些實施例中，產生模組512也可依據與操作有關的資訊，產生一摘要資訊。舉例來說，摘要資訊可為一特定的資料結構，其中包含，例如，前述的第二及第三資料。在一些實施例中，用戶端520所傳送的資料可為對應CAPTCHA資料的摘要資訊，此時，解密模組516 亦可從用戶端520所傳送的摘要資訊中解碼出第二及第三資料，再依據第二及第三資料所表示的内容判斷資料是否與原先發出的資料相同。因此，透過解密模組516可更進一步確保伺服器端510與用戶端520之間傳輸資料的正確 :9096-A42389-TW/Draft-Final 15 201145066 性0 另一方面，用戶端520可以包括產生模組512與/或加密模組514。值得注意的是’用戶端520係透過一傳輸媒介例如網路530由一特定電子裝置，如伺服器端510取得產生模組512與/或加密模組514。提醒的是，在一些實施例中，用戶端520亦可透過一第三方取得產生模組5丨2與/ 或加密模組514。舉例來說，透過郵局或物流業者配送一個外置式附加卡（Dongle)給用戶端520、或用戶端520臨櫃以取得一個智慧卡（Smart Card)。產生模組512之功能主要係決定第一資料集合且產生CAPTCHA資料。加密模組514 之功能主要係於CAPTHCA資料中藏入一對應的加密資料。產生模組512與加密模組514之相關細節如前所述，在此不再贅述。用戶端520可以利用CPATCHA資料或藏入加密資料的CAPTCHA資料來進行輸入，與伺服器端510 進行該項操作。於操作過程中，用戶端520可將所選的 CAPTCHA資料、與/或相應之摘要資訊傳送至伺服器端510 進行驗證。第6圖顯示依據本發明另一實施例之CAPTCHA資料產生方法之流程圖。請同時參照第5圖與第6圖。依據本發明實施例之CAPTCHA資料產生方法可以應用於資料管理系統500的用戶端520上，用以產生執行一操作所需的操作資料，此操作具有複數有固定操作順序的步驟。舉例來說，一操作可包括第一步驟以及第二步驟’其中第二步驟係於第一步驟執行完後才被執行。首先，如步驟S610，用戶端520透過一傳輸媒介’如 :9096-A42389-TW/Draft-Final 16 201145066 網路別由-衫電子裝置，如词服器端5ig取得（Then, when the server end 110 receives the data sent by the client, it can check whether the encrypted data on the CAPTCHA data is correct to ensure the correctness of the data. The fifth embodiment shows a data management system according to another embodiment of the present invention. The data management system 500 according to the embodiment of the present invention includes at least a server 510 and a client 520, wherein the server terminal 51 can transmit through ^ The medium, for example, the network 530 and the client 520 transmit data, and perform an operation between the two =. The transmission medium is, for example but not limited to, a network 530. Network 530 may include a wired or wireless network, such as the Internet, but is not limited thereto. In this embodiment, the operation includes one or more steps and the steps have an established execution flow. When the operation is performed, the = and steps must be sequentially executed according to the established execution flow. The server end 510 further includes a generating module 512, an encryption group 514, and a decryption module 516. Similarly, generating a level 512 into a set of first data sets based on the first data. The generating module 5丨== determines the first data set according to one or more first materials in the detailed work of the desired one. Among them, the first data may be sensitive to the operation: 9096-A42389-TW/Draft-Final 13 201145066 such as user-related sensitive data or important information, such as the user's personal identification data, account number, transfer amount, address and many more. The first data set may contain all possible data corresponding to the first material. The generating module 512 can generate a set of CAPTCHA data corresponding to the first data set according to the data characteristics of the first data. It should be noted that in the embodiment of the present invention, the concept of CAPTCHA technology is used to provide CAPTCHA data corresponding to the relevant data required for operation. When the first material includes a digital material consisting of one or more digits, each data segment can be one or more digits. Therefore, the generation module 512 can generate a set of CAPTCHA data containing the numbers 0-9 according to the characteristics of the digital data, as shown in FIG. 2A. When the first data includes a character data consisting of one or more characters, each data segment can be a single character or a plurality of characters (strings). Therefore, the generating module 512 can generate a set of CAPTCHA data including the English letters A-Z according to the characteristics of the character data, as shown in FIG. 2B. In an embodiment, when the first data is an address data, since the address data is composed of character data including cities, regions, streets, lanes, lanes, etc., the generation module 512 can be based on the characteristics of the address data. Set each data segment to one or more characters and generate a corresponding set of CAPTCHA data, as shown in Figure 2C. Note that in this example, the CAPTCHA data shown in Figures 2A through 2C is a picture. However, in some embodiments, in addition to the pictures, the CAPTCHA data may also be video or sound. After the generating module 512 generates a set of CAPTCHA data corresponding to the first data set, the encryption module 514 can individually hide all the generated CAPTCHA data of the generating module 512 into a corresponding encrypted data. The encrypted data contains information related to the operation, such as the operator's :9096-A42389-TW/Drafl-Final 14 201145066 information on the steps of identifying data and operations. In some embodiments, the encrypted data can be a watermark, a digital signature, or a particular key generated by an algorithm. Referring to Figure 3, there is shown a schematic diagram of a CAPTCHA data in accordance with an embodiment of the present invention. As shown in FIG. 3, the CAPTCHA data 300 further includes an encrypted data 310, which is an invisible watermark. The encrypted material 310 further includes a second data 312 and a third data 314. For example, the second data 312 can be used to indicate a corresponding operation step of the encrypted data 310 in the operation step, that is, the encrypted data 310 is generated in that step, and the third data 314 can represent the user terminal 520. A user identification data. In other words, the second data 312 and the third data 314 can be used to determine that the encrypted data 310 is generated by the user in the step, thereby verifying the correctness of the user's identity and information. The decryption module 516 is configured to decode the data transmitted by the client 520, decode the encrypted data (for example, a watermark) from the data transmitted by the client 520, and determine whether the data is originally issued according to the content indicated by the encrypted data. The information is the same. In some embodiments, the generation module 512 can also generate a summary message based on information related to the operation. For example, the summary information can be a specific data structure containing, for example, the aforementioned second and third materials. In some embodiments, the data transmitted by the client 520 may be summary information corresponding to the CAPTCHA data. In this case, the decryption module 516 may also decode the second and third data from the summary information transmitted by the user terminal 520. Based on the content indicated by the second and third materials, it is judged whether the data is the same as the original information. Therefore, the decryption module 516 can further ensure the correct transmission of data between the server end 510 and the client 520: 9096-A42389-TW/Draft-Final 15 201145066. On the other hand, the client 520 can include a generating module. Group 512 and/or encryption module 514. It should be noted that the client 520 obtains the generating module 512 and/or the encryption module 514 from a specific electronic device, such as the server terminal 510, through a transmission medium such as the network 530. It is to be noted that in some embodiments, the client 520 can also obtain the module 5丨2 and/or the encryption module 514 through a third party. For example, an external add-on card (Dongle) is delivered to the client 520 or the client 520 through a post office or a logistics provider to obtain a smart card. The function of the generation module 512 is mainly to determine the first data set and generate the CAPTCHA data. The function of the encryption module 514 is mainly to hide a corresponding encryption data in the CAPTHCA data. The details of the generation module 512 and the encryption module 514 are as described above, and are not described herein again. The client 520 can perform input by using the CPATCHA data or the CAPTCHA data of the encrypted data, and the server 510 performs the operation. During operation, the client 520 can transmit the selected CAPTCHA data, and/or corresponding summary information to the server terminal 510 for verification. Figure 6 is a flow chart showing a method of generating a CAPTCHA data according to another embodiment of the present invention. Please refer to Figure 5 and Figure 6 at the same time. The CAPTCHA data generation method according to an embodiment of the present invention can be applied to the client 520 of the data management system 500 for generating operational data required to perform an operation having a plurality of steps having a fixed operational sequence. For example, an operation can include a first step and a second step 'where the second step is performed after the first step is performed. First, in step S610, the client 520 obtains through a transmission medium such as: 9096-A42389-TW/Draft-Final 16 201145066 network-by-shirt electronic device, such as the word server end 5ig (

產生拉組512與加密模組514。類似地，在一些實施例用戶端520亦可透過一第三方取得產生模組512與/或加兹模組5丨4。如步驟S620，產生模組512依據對應一操作: :少一第一資料，決定一組第一資料集合。舉例來說，若第:資料為-數字資料時，第-資料集合即為數字〇_9,而 :第-資料為-字元資料時’第一資料集合即為所有可能子疋的集合。接著，如步驟S63G’產生模組512依據第一資料之特性，將第一資料集合分為多個資料段，並對每一資料段’產生-對應CAPTCHA資料。類似地，當第一資料包括-由-或多個數字所組成的數字資㈣，^ 段係可為-或多個數字。當第一資料包括一由一或多個字 1組成的字元資料時，每-資·係可為單—字元或多字串）.舉例來^ @操作為—網銀轉帳操作時，刼作時所需的資料可包括帳號以及轉帳金額資料，因此，用戶端520將分別產生數字0-9所對應的1〇個captcha 資料，如第2A圖所示。於另一實施例中，若帳號資料包括英文字母與數字的組合時’則用戶端52〇可分別產生字母A-Z與數字0-9所對應的36個CAPTCHA資料。類似地， CAPTCHA資料係可為一圖片（如第2圖至第2C圖所示）、視訊或聲音等。之後，如步驟S640 ’加密模組514將產生模組512所產生的每一 CAPTCHA資料藏入一包含有與操作有關的資訊的對應加密資料。類似地’加密資料係可為一浮水印、一數位簽章或一演算法所產生之特定密鑰。請參照第3 :9096-A42389-TW/Draft-Final 17 201145066 圖。如第3圖所示，CAPTCHA資料3〇〇中更包含有一加雄=貝料310，其中加密資料31〇更包含有一第二資料312 以及一第二資料314。第二資料312可用以表示加密資料 310於刼作步驟中的之一對應操作步驟，亦即此加密資料 310係於那一步驟所產生，而第三資料314係可表示用戶端120之使用者的一識別資料。藏入加密資料的CAPTCHA資料被產生之後，用戶端 520可以利用這些產生的CApTCHA資料進行輸入，與伺服器端510進行該項操作。於操作過程中，用戶端52〇會籲 ^所選的CAPTCHA資料與/或相應之摘要資訊傳送至伺服器端510進行驗證。當伺服器端510接收到用戶端520送出的資料時，可檢查CAPTCHA資料上的加密資料是否正確來確保資料的正確性，以驗證資料是否正確傳達伺服器端 510。以下列舉一實施例，用以輔助說明依據本發明之資料處理細節’但本發明並不限於此。於本實施例，假設以一操作為網路銀行的轉帳交易為例，在此項交易中的”轉帳帳 φ 號”與”金額”兩部分的資料將會影響整個交易的結果，因此可定義為此項交易中的敏感性資料，而”轉帳帳號”與”金額”資料所對應的資料集合可為數字，，〇”_“9”與字母”A’’-“Z”，例如，”轉帳帳號”可為”A123456”與”金額”可為”1000”，因此，數字”〇”_“9”與字母”A”_“Z”即為可能的資料集合，因此依據本發明之CAPTCHA資料產生方法，伺服器端或用戶端的產生模組將分別產生〇_9與A-Z的對應 CAPTCHA資料’如第2A圖以及第2B圖所示。伺服器端 :9096-A42389-TW/Draft-Final 18 201145066 或用戶端的加密模組再將所有產生的CAPTCHA資料藏入一包含與操作有關的資料的浮水印。當CAPTCHA資料係由伺服器端產生時，伺服器端便可將加密後的CAPTCHA 資料傳送至用戶端，且用戶端便可利用加密後的CAPTCHA 資料進行此項交易。當CAPTCHA資料係由用戶端產生時’用戶端便可直接利用加密後的CAPTCHA資料進行此項交易。第7圖係顯示依據本發明實施例之CAPTCHA資料之應用官理方法之流程圖。值得注意的是’在此實施例中，用戶端之一實體裝置可以結合本案產生之CAPTCHA資料來進行使用’進而強化資料傳輸之安全性。首先，於一資料傳輸程序中’如步驟S710，依據對應一操作之至少一第一資料，決定一組第一資料集合，且依據第一資料集合’產生對應於該組第一資料集合之一組 CAPTCHA資料。值得注意的是，步驟S71〇可以係由一伺服器端或一用戶端所執行。當步驟S710係由用戶端所執行時’用戶端可以先由一特定電子裝置，如伺服器端取得相關之模組，如產生模組與加密模組，再利用取得之模組決定第一資料集合與產生CAPTCHA資料。類似地，在一些實施例中’用戶端亦可透過一第三方取得產生模組與/或加密模組。另外，類似地，第一資料可以係為與該操作有關之敏感資料。舉例來說，當操作為一網銀轉帳操作時，操作時所需的資料可包括帳號以及轉帳金額資料，因此，用戶端520將分別產生數字〇_9所對應的1〇個CAPTCHA資料，如第2A圖所示。於另一實施例中，若帳號資料包括 :9096-A42389-TW/Draft-Final 19 201145066 英文字母與數字的組合時，則用戶端520可分別產生字母 A-Z與數字0-9所對應的36個CAPTCHA資料。類似地， CAPTCHA資料係可為一圖片（如第2圖至第2C圖所示）、視訊或聲音等。如步驟S720，用戶端利用該組CAPTCHA資料與伺服器端進行操作。值得注意的是，在一些實施例中，當第一資料集合與CAPTCHA資料係由伺服器端所決定與產生時，於資料傳輸程序中，伺服器端可以先將該組CAPTCHA 資料傳送至用戶端。另外，類似地，當用戶端利用該組 captcha資料與伺月民器端進行操作時，用戶端會將所選的CAPTCHA資料與/或相應之摘要資訊傳送至伺服器端 510進行驗證。如步驟S730，在資料傳輸程序結束之前，伺服器端得/ 可傳送相關資訊至用戶端，以指示用戶端利用一實體裝置執行一特定操作。值得注意的是，在一些實施例中，實體裝置可以包括一金融卡、一信用卡、一記憶卡、一智能卡、或可由用戶端進行挿拔或感應之一特定裝置。注意的是，步驟S730之目的在於要求使用者在用戶端處實際利用實體裝置執行特定操作。另外，值得注意的是，特定操作可以依據不同需求與應用來設計。舉例來說，特定操作可以係將前述卡片或裝置拔出再挿進用戶端或連接至用戶端之讀取設備，如讀卡機等。在另一個例子中，特定操作可以係將特定裝置移離開用戶端或連接至用戶端之感應設備，使得用戶端無法感應到特定裝置。之後，再將特定裝置移近用戶端或連接至用戶端之感應設備，使得用戶端重新感 :9096-A42389-TW/Draft-Final 20 201145066 應到特定裝置。在另— 裝置之至少-構件例子中’特定操作可以係將實體是，特定操作可以依據如㈣位置等。再次提醒的 p艮定於任何特定操作。5而求與應用來⑨計’本案並不之後，如步驟幻4〇，/_ 實體裝置執行此特定服器端判斷用戶端是否有利用有利用實體裝置執行^=伺服器端並未偵測到用戶端A pull group 512 and an encryption module 514 are generated. Similarly, in some embodiments, the client 520 can also obtain the generation module 512 and/or the zither module 5丨4 through a third party. In step S620, the generating module 512 determines a set of first data sets according to a corresponding operation:: one less first data. For example, if the data: is - digital data, the first data set is the number 〇 _9, and the : - data is - character data ‘the first data set is the set of all possible sub 疋. Then, in step S63G, the generating module 512 divides the first data set into a plurality of data segments according to the characteristics of the first data, and generates - corresponding CAPTCHA data for each data segment. Similarly, when the first item includes a number (four) consisting of - or a plurality of numbers, the ^ section can be - or a plurality of numbers. When the first data includes a character data consisting of one or more words 1, each capital can be a single-character or a multi-word string. For example, when the operation is - online banking transfer operation, 刼The data required for the operation may include the account number and the transfer amount data. Therefore, the client 520 will generate one of the captcha data corresponding to the numbers 0-9, as shown in FIG. 2A. In another embodiment, if the account data includes a combination of English letters and numbers, then the client terminal 52 can generate 36 CAPTCHA data corresponding to the letters A-Z and the numbers 0-9, respectively. Similarly, the CAPTCHA data can be a picture (as shown in Figures 2 through 2C), video or sound, and the like. Then, in step S640', the encryption module 514 hides each CAPTCHA data generated by the generation module 512 into a corresponding encrypted material containing information related to the operation. Similarly, the encrypted data can be a specific key generated by a watermark, a digital signature, or an algorithm. Please refer to the figure of 3:9096-A42389-TW/Draft-Final 17 201145066. As shown in FIG. 3, the CAPTCHA data further includes a tamper=bead 310, wherein the encrypted data 31 further includes a second data 312 and a second data 314. The second data 312 can be used to indicate one of the steps of the encryption data 310 in the processing step, that is, the encrypted data 310 is generated in that step, and the third data 314 can represent the user of the user terminal 120. An identification material. After the CAPTCHA data hidden in the encrypted data is generated, the client 520 can use the generated CApTCHA data for input, and the server 510 performs the operation. During operation, the client 52 will call the selected CAPTCHA data and/or corresponding summary information to the server 510 for verification. When the server end 510 receives the data sent by the client 520, it can check whether the encrypted data on the CAPTCHA data is correct to ensure the correctness of the data, so as to verify whether the data correctly communicates with the server 510. An embodiment is exemplified below to assist in explaining the details of the data processing in accordance with the present invention', but the present invention is not limited thereto. In this embodiment, assuming that an operation is an online banking transfer transaction, the data of the "transfer account φ number" and the "amount" in the transaction will affect the result of the entire transaction, and thus can be defined. For the sensitive information in this transaction, the data set corresponding to the "transfer account" and "amount" data can be a number, 〇"_"9" and the letters "A''-"Z", for example," The transfer account number can be "A123456" and the "amount" can be "1000", therefore, the number "〇"_"9" and the letter "A"_"Z" are possible data sets, so the CAPTCHA according to the present invention The data generation method, the server side or the user side generation module will respectively generate the corresponding CAPTCHA data of 〇_9 and AZ, as shown in FIG. 2A and FIG. 2B. Server Side: 9096-A42389-TW/Draft-Final 18 201145066 or the client's encryption module then hides all generated CAPTCHA data into a watermark containing operational-related data. When the CAPTCHA data is generated by the server, the server can transmit the encrypted CAPTCHA data to the client, and the client can use the encrypted CAPTCHA data for the transaction. When the CAPTCHA data is generated by the client, the client can directly use the encrypted CAPTCHA data for the transaction. Figure 7 is a flow chart showing the application of the CAPTCHA data in accordance with an embodiment of the present invention. It is worth noting that in this embodiment, one of the client-side physical devices can use the CAPTCHA data generated in the present case to enhance the security of data transmission. First, in a data transmission program, as in step S710, a set of first data sets is determined according to at least one first data corresponding to an operation, and one of the first data sets corresponding to the set is generated according to the first data set Group CAPTCHA data. It should be noted that step S71 can be performed by a server terminal or a client terminal. When the step S710 is performed by the client, the user can first obtain the relevant module by a specific electronic device, such as a server, such as a module and an encryption module, and then use the obtained module to determine the first data. Collect and generate CAPTCHA data. Similarly, in some embodiments, the client can also acquire the generating module and/or the encryption module through a third party. Additionally, similarly, the first material can be sensitive to the operation. For example, when the operation is a online banking transfer operation, the information required for the operation may include an account number and a transfer amount data. Therefore, the user terminal 520 will respectively generate one CAPTCHA data corresponding to the number 〇_9, such as Figure 2A shows. In another embodiment, if the account information includes: 9096-A42389-TW/Draft-Final 19 201145066, the combination of English letters and numbers, the user terminal 520 can respectively generate 36 letters corresponding to the letters AZ and the numbers 0-9. CAPTCHA information. Similarly, the CAPTCHA data can be a picture (as shown in Figures 2 through 2C), video or sound, and the like. In step S720, the UE operates with the set of CAPTCHA data and the server. It should be noted that, in some embodiments, when the first data set and the CAPTCHA data are determined and generated by the server, in the data transmission program, the server may first transmit the group of CAPTCHA data to the client. . In addition, similarly, when the user uses the set of captcha data to operate with the server, the client transmits the selected CAPTCHA data and/or the corresponding summary information to the server 510 for verification. In step S730, before the end of the data transmission process, the server end/transmits relevant information to the client to instruct the client to perform a specific operation using a physical device. It should be noted that in some embodiments, the physical device may include a financial card, a credit card, a memory card, a smart card, or a specific device that can be plugged or unplugged by the user. It is noted that the purpose of step S730 is to require the user to actually perform a specific operation using the physical device at the user end. In addition, it is worth noting that specific operations can be designed according to different needs and applications. For example, a particular operation may be to remove the aforementioned card or device and insert it into the user terminal or a reading device connected to the client, such as a card reader or the like. In another example, a particular operation may be to move a particular device away from the client or to a sensing device at the user end such that the client cannot sense the particular device. After that, the specific device is moved closer to the user terminal or connected to the sensing device of the user terminal, so that the user end re-sensing: 9096-A42389-TW/Draft-Final 20 201145066 should go to a specific device. In the at least-component example of another device, the specific operation may be an entity, and the specific operation may be based on, for example, (4) position. Re- reminded that p is set to any specific operation. 5 and the application to 9 counts 'this case is not after, such as step magic 4, / _ physical device to perform this specific server end to determine whether the user has the use of the use of physical devices to execute ^ = server end is not detected To the client

㈣，確認失敗，並=:(步驟S74。的否)，如步驟到用戶端有利用香束貝料傳輸程序。當伺服器端偵測實體裝置執行特定操作時（步驟S740 @ 疋办口’驟S760’確認操作完成，並結束資料傳輸程序、。綜上所述’依據本發明之CAPTCHA資料產生方法为其貝料官理系統’及其相關應用管理方法，可以在伺服器端或用戶端依據1欲執行的操作中與使用者有關的敏: 性資料的可能資料集合產生一組CAPTCHA資料，再對此組CAPTCHA資料加人—包括有與操作有關的加密資料例如一洋水印來進—步的保護所傳送及接收的資料，可強化現行交易方法上之安全性，在伺服器端與用戶端全程利用 CAPTCHA資料（如圖片）取代較容易被病毒或木馬窥電腦文字’較過去完全採用f敎字傳輸來得安全，並可確保傳送過程中重要的資料不致遺失或被錢，進而增加執行操作時的安全性。另-方面，透過指示使用者在用曰戶端處實際利用㈣|置執行特定操作，可以解決習知中利用側錄與模擬用戶端輸人行為來欺騙舰ϋ之行為。本發明之方法，或特定型態或其部份，可以以程式碼的型態存在。程式碼可以包含於實體媒體，如軟碟、光碟 :9096-A42389-TW/Draft-Final 201145066 片、硬碟、或是任何其他機器可讀取（如電腦可媒體，，亦或不限於外在形式之電腦程式產品，4中=存式碼被機如電腦載人且執行時，此機器變成用以= 本發明之襄置。程式碼也可以透過一些傳送媒體，如雷、或電纜、光纖、或是任何傳輸型態進行傳送，其中，咯二式碼被機n，如電腦接收、載人且執行時，此機器變= 以參與本㈣之裝置。當在―般用途處理單元實作時式碼結合處理單元提供一操作類似於應用特定邏輯: 獨特裝置。 < 雖然本發明已以較佳實施例揭露如上，然其並非用以限定本發明’任何熟悉此項技藝者，在不麟本發明之精神和範圍内，當可做些許更動與潤飾，因此本發明之保護範圍當視後附之申請專利範圍所界定者為準。【圖式簡單說明】第1圖係顯示依據本發明實施例之資料管理系統。第2A、2B、2C圖係顯示依據本發明實施例之 CAPTCHA資料之示意圖。第3圖係顯示一依據本發明實施例之含加密資料之 CAPTCHA資料之示意圖。第4圖係顯示一依據本發明實施例之CAPTCHA資料產生方法之流程圖。第5圖係顯示依據本發明另一實施例之資料管理系統。第6圖係顯示依據本發明另一實施例之CAPTCHA資料產生方法之流程圖。第7圖係顯示依據本發明實施例之CAPTCHA資料產 22(4) Confirmation failure, and =: (No in step S74), such as the step to the user side to use the fragrant beam to send the program. When the server detects that the physical device performs a specific operation (step S740 @ 疋 ' 'S S760' confirms the completion of the operation, and ends the data transmission procedure. In summary, the method for generating the CAPTCHA data according to the present invention is The material management system 'and its related application management method can generate a set of CAPTCHA data on the server side or the user side according to the user-related sensitivity: the possible data set of the sexual data, and then the group CAPTCHA data addition - including operationally related encrypted data such as a ocean watermark to further protect and transmit the received data, which enhances the security of current transaction methods and utilizes CAPTCHA on both the server and the client side. Information (such as pictures) is more likely to be safely hacked into the computer text by viruses or Trojans. It is safer to use f敎 word transmission in the past, and it can ensure that important data in the transmission process is not lost or money, thus increasing the security when performing operations. On the other hand, it can be solved by instructing the user to use the (4)| The method of the invention is used to deceive the behavior of the ship. The method of the present invention, or a specific type or part thereof, may exist in the form of a code. The code may be included in a physical medium such as soft. Disc, CD: 9096-A42389-TW/Draft-Final 201145066 Tablet, hard drive, or any other machine readable (such as computer media, or not limited to external computer programs, 4 = save When the code is carried by a computer such as a computer and executed, the machine becomes a device for use in the present invention. The code can also be transmitted through some transmission medium such as lightning, or cable, optical fiber, or any transmission type. Wherein, the second code is accepted by the machine n, such as when the computer receives, carries and executes, the machine becomes = to participate in the device of the (4). When the "general purpose processing unit is implemented", the code combination processing unit provides an operation similar to The application of the specific logic: a unique device. <RTIgt; </ RTI> <RTIgt; </ RTI> <RTIgt; </ RTI> <RTIgt; </ RTI> <RTIgt; Can do The scope of protection of the present invention is defined by the scope of the appended claims. [FIG. 1] FIG. 1 shows a data management system according to an embodiment of the present invention. 2A, 2B 2C is a schematic diagram showing CAPTCHA data according to an embodiment of the present invention. FIG. 3 is a schematic diagram showing CAPTCHA data containing encrypted data according to an embodiment of the present invention. FIG. 4 is a diagram showing a CAPTCHA according to an embodiment of the present invention. A flowchart of a method for generating data. Fig. 5 is a flowchart showing a data management system according to another embodiment of the present invention. Fig. 6 is a flow chart showing a method for generating a CAPTCHA data according to another embodiment of the present invention. CAPTCHA data production according to an embodiment of the present invention 22

:9096-A42389-TW/Drafi-FinaI 201145066 生方法之流程圖。【主要元件符號說明】 100〜資料管理系統； 110〜伺服器端； 112〜產生模組； 114〜加密模組； 116〜解密模組； 120〜用戶端； ® 130〜網路； 300〜CAPTCHA 資料； 312〜第二資料； 314〜第三資料； S410、S420、S430〜執行步驟； 500〜資料管理系統； 510〜伺服器端； 512〜產生模組； 514〜加密模組； 516〜解密模組； 520〜用戶端； 530〜網路； S610、S620、S630、S640〜執行步驟； S710、S720、…、S760〜執行步驟。 23 :9096-A42389-TW/Draft-Final:9096-A42389-TW/Drafi-FinaI 201145066 Flow chart of the method of birth. [Main component symbol description] 100~ data management system; 110~server end; 112~ generation module; 114~ encryption module; 116~ decryption module; 120~user end; ® 130~ network; 300~CAPTCHA Information; 312~second data; 314~third data; S410, S420, S430~ execution steps; 500~ data management system; 510~server end; 512~ generation module; 514~encryption module; Module; 520~user end; 530~network; S610, S620, S630, S640~ execution steps; S710, S720, ..., S760~ execution steps. 23 :9096-A42389-TW/Draft-Final

Claims

201145066 VII. Scope of application for patents: I. A method for generating test data for fully automatic computer and human beings is applicable to - electronic I, including τ column steps: sensitive data; and at least one first data of the electronic device according to the corresponding operation Determining the material set 'where the first-data is related to the operation, and the electronic device generates the first capital of the group according to the first-(four)

The collection of materials - the group fully automatic computer and human test (C. m 吻 Auto Automated Public Test to tell C〇mputers and Humans Apart, CAPTCHA) data, wherein the electronic device is the server side - the client side, And when the electronic device is the user end, the user terminal obtains at least a production module, which is used to determine the first data set and generates the fully automatic test computer and human test data. 2. The automatic separation of computer and human test data generation methods as described in Section 4 (4) of the Chinese syllabus, including:

The group automatically distinguishes each of the = and : corresponding encrypted data of the computer and human test data, so that the encrypted data contains information related to the operation. 3. If you apply for the full-time 2nd rhyme, you can automatically distinguish between computer and human test data generation methods, including: Generate and summarize information based on the information related to the operation. 4. The method for generating a fully automatic classification calculation type according to claim 3, wherein the operation has a plurality of operation steps and the information related to the operation included in the encrypted data comprises 1:9096 -A42389^TW/Draft-FinaI 24 201145066 Two data, in which the second data is in the middle of the step - corresponding operation steps. Ding ° Hai encrypted bead material in the operation steps 5. As claimed in the patent scope 4 human test data The fully automatic computer and related information for generating na includes - the third data is included in the confidential information and is used by one of the users of the operation terminal, wherein the third data indicates that the application is 6_ The first human test data producer = the fully automatic computer and 7. The patent application scope data is - watermarking. The human test data generation method, the mental computer and the first data set corresponding to the group " According to the first bedding material, the steps of the test data generated further include: , 'and fully distinguishing the characteristics of the computer and the human resources, and dividing the group-data set into a pair Each of these data sections, #' human test data. - Corresponding to the fully automatic computer and 8. The method for generating human test data as described in the Patent Model _7, 20 and I and the mother The data segment is - or a number of digits. Corruption 9. The method for generating human test data as described in paragraph 7 of the patent application, wherein the first data scoop 2 - machine and each of the data segments The system is one or more characters. L subsequences and 10. The fully automatic zone t=data generation method as described in item i of the patent application scope, wherein each of the fully automatic zones C 4 and human test data Including - picture one video or -. 10: 9096-A42389-TW/Draft-Final 25 201145066 The first automatic automatic distinction between computer and test end is described in the first item; method 'where the electronic device is the servo 2 material is transmitted to the user end, and the user end uses the set of automatic computer and human test: #料与轴机端端 to perform the operation. °° knife 12. If the towel please patent scope item i The test data generating method of the fully automatic zone j, wherein, when the electricity Means Department: Μ 'UE directly benefit the group (iv) automatic distinguish people and computers

The data is automatically distributed to the computer and human test data or the group of fully automatic distinguishing computers and humans to the server for performing the operation. ° 13. A fully automatic computer and human test data management system, comprising at least: ” an electronic device for determining a group-data set according to at least one data corresponding to an operation, and according to the first Data generation

Completely Automated Public Test t〇tell c〇mpmers and Humans Apart (CAPTCHA) data corresponding to the (four)-data set, wherein the first data is related to the operation Sensitive data, wherein the electronic device is a server end or a user #, and when the electronic device is the user end, the user end obtains at least one generating module by the server end to determine the first The data is aggregated and produced to automatically separate test data from computers and humans. 14. The fully automatic computer and human test data management system according to claim 13, wherein the electronic device further comprises a product; 9096-A42389-TW/Draft-Final 26 201145066 according to the first data The 'Decision-New Zealand-data collection, which corresponds to the set of fully automatic classifications and human test data for the miscellaneous-data collection. 15. The test data management system of the fully-classified computer=class as described in Item 14 (4), wherein the electronic device further includes a Jialai group for automatically distinguishing the encrypted data of the computer and human test data. , wherein the encrypted data contains information about the automobile industry. 16. If the application is specifically (4), the fully automatic test data management system described in the 15th section, wherein the production module generates a summary information based on the information about the work.如. For example, the automatic classification and human test data management system described in Item 16 of the application section, wherein the operation has a plurality of steps, and the information related to the operation included in the encrypted data includes - the first data The second data indicates that the encrypted data corresponds to one of the steps. 18. The automatic metering and human test data management system of claim 17, wherein the information related to the encryption operation comprises a third data, wherein the third; = the user terminal One of the users identifies the data. 19. The test data management system for a fully automated area as described in claim 13 of the patent application, wherein the encrypted data is a floating water: 9096-A42389-TW/Draft-Final 20. If the patent application (4) is 13 The automatic area and the human job data management system, wherein the generating module further divides the first data set of the group into a plurality of data segments according to the characteristic of the data, and the material data segment is generated. - Corresponding to the test data of the automatic zone machine.蝴蝶和人2=°巾, please refer to the fully automatic computerized slanting test data management system described in Section 2G of the patent scope. The first data includes a digital tribute and the parent data is a number. . And two === all _ points computer 曰曰贝贝贝贝贝贝贝贝贝贝贝贝贝贝贝贝贝贝贝贝贝贝贝贝贝贝贝贝贝贝贝贝贝贝贝贝贝贝贝贝贝贝And the human charm patent * surrounding the 13th item of the automatic distinction between computer and human test data management system, ^ computer and human test data including one (four) mother Hai Wang Wang automatic points U, 丄, 贝竹匕祜 pictures , a video or a voice. 24. For the full-automatic zone and the human test data management system of the special-purpose machine (4) as described in the patent scope 帛13 item: [When the electronic device is the term of the test service, the group is fully automatic. The test data that distinguishes between the computer and the human is transmitted to the user end, and the user distinguishes the computer and the human test-, and the king automatically Μ. For example, the patent-based human test data management system, in the basin, ^^ When the computer and the terminal are separated, the user directly directs the user's electronic device, and the user test data is used to automatically distinguish the computer from the person. The group should automatically distinguish between the computer and the human body. Go to the server side to do this. ^ Summary information 26.- Computer program products, which are automatically differentiated between computer and human test data generators, execute - all: 9096-A42389-TW/Draft-Final 28 28 201145066 Products include · First The code determines a set of first data sets according to at least one first data corresponding to an operation, wherein the first data is sensitive data related to the operation; and the second code is used according to the first data a data generating a Completely Automated Public Test to Tell Computers and Humans Apart (CAPTCHA) data corresponding to the first set of data sets of the set; and a third code for The group automatically separates the computer and human test data from each of the corresponding encrypted data, wherein the encrypted data contains information related to the operation. 27. An application management method for automatically distinguishing computer and human test data, comprising the steps of: determining, by a server or a client, a set of first data sets according to at least one first data corresponding to an operation, and According to the first data, a Completely Automated Public Test to Tell Computers and Humans Apart (CAPTCHA) data corresponding to the set of the first data set is generated, wherein the first data system For sensitive data related to the operation; in the data transmission program, the user uses the group to automatically distinguish the computer and human test data from the server to perform the operation; and before the data transmission program ends, The server end instructs the client to perform a specific operation by using a physical device; and when the server detects that the client performs the specific operation by using the physical device, confirms that the operation is completed to end the data transmission process. :9096-A42389-TW/Draft-Final 29 201145066 28. The application management method for automatically distinguishing computer and human test data according to claim 27 of the patent application scope, wherein: the first and the automatic separation When the computer and human test data are determined and generated by the feeding service, in the data transmission program, the server end transmits the test data of the fully automatic computer and human to the user terminal. For example, the automatic management computer and human ❹m (4) application management method described in claim 27 of the patent scope, the first set and the fully automatic computer and human test data are determined and generated by the user Lu Duan. In the data transmission program, the client obtains at least a generation module from the server to determine the first data set and generate the fully automatic computer and human test data. 3. The application management method for automatically distinguishing between computer and human data as described in claim 27 of the patent application, the physical device comprising - a financial card, a credit card, a memory card, a smart card, or the like The user side pulls or senses one of the specific devices.

:9096-A42389-TW/Draft-Final 30