TWI489312B - Authentication method and authentication system - Google Patents

Authentication method and authentication system Download PDF

Info

Publication number
TWI489312B
TWI489312B TW102119131A TW102119131A TWI489312B TW I489312 B TWI489312 B TW I489312B TW 102119131 A TW102119131 A TW 102119131A TW 102119131 A TW102119131 A TW 102119131A TW I489312 B TWI489312 B TW I489312B
Authority
TW
Taiwan
Prior art keywords
preset
image
authentication
specific real
angle
Prior art date
Application number
TW102119131A
Other languages
Chinese (zh)
Other versions
TW201445354A (en
Inventor
Bor Ren Jeng
Hahn Ming Lee
Te En Wei
Yuh Jye Lee
Original Assignee
Univ Nat Taiwan Science Tech
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Univ Nat Taiwan Science Tech filed Critical Univ Nat Taiwan Science Tech
Priority to TW102119131A priority Critical patent/TWI489312B/en
Publication of TW201445354A publication Critical patent/TW201445354A/en
Application granted granted Critical
Publication of TWI489312B publication Critical patent/TWI489312B/en

Links

Landscapes

  • Collating Specific Patterns (AREA)

Description

認證方法以及認證系統Authentication method and authentication system

本發明是有關於一種資訊安全技術,且特別是有關於一種認證方法以及認證系統。The present invention relates to an information security technology, and more particularly to an authentication method and an authentication system.

由於科技的發展,網路已成為現代人不可獲缺的資訊取得管道。然而,隨著越來越多的技術是透過網路來發展,資訊安全便成為了網路應用中最重要的課題之一,由其是關於使用者的身份認證。Due to the development of technology, the Internet has become an indispensable information acquisition pipeline for modern people. However, as more and more technologies are developed through the Internet, information security has become one of the most important topics in web applications, and it is about user identity authentication.

最常見的身份認證方法,是透過使用者來登入正確的帳號及密碼的方式。但由於駭客(Hack)技術日新月異,為了更加提升網路使用者的資訊安全,全自動區分計算機和人類的圖靈測試(CAPTCHA,Completely Automated Public Turing Test to Tell Computers and Humans Apart)便成為了重要的認證碼技術之一。The most common method of authentication is to log in to the correct account and password through the user. However, due to the rapid changes in Hack technology, in order to improve the information security of Internet users, the fully differentiated computer and human Turing test (CAPTCHA, Completely Automated Public Turing Test to Tell Computers and Humans Apart) has become important. One of the authentication code technologies.

基於文字方案的CAPTCHA技術是目前最廣泛且接受度最高的方式之一,其主要是將文字與數字組合作各種不同的處理方式(例如,旋轉、變形、失真以及分割等),以使相對於使用者是較易辨識的內容,對於機器人或自動程式而言卻是難以自動辨 識。然而,為了增加其安全性而產生過度扭曲變形的字元,往往也導致使用者難以辨識。此外,現已存在有電腦光學字元辨識(OCR,Optical Character Recognition)軟體透過文字的分隔與背景雜訊的濾除來進行破解。基於語音方案的CAPTCHA技術主要是透過提供一段語音內容來讓使用者辨識。然而,其缺點在於,若語音內容並非使用者本身所慣用的母語,便會造成辨識上的障礙。此外,基於視頻方案的CAPTCHA技術雖然可提供較高的安全性,然而其缺點在於缺乏良好的擴充性以及其消耗較大的資源。The text-based CAPTCHA technology is one of the most widely accepted and highly accepted methods. It mainly cooperates with different combinations of text and digital groups (for example, rotation, deformation, distortion, segmentation, etc.) to make Users are more easily identifiable, but it is difficult to automatically identify robots or automatic programs. knowledge. However, characters that are excessively distorted in order to increase their security often cause the user to be difficult to recognize. In addition, there is a computer optical character recognition (OCR) software that is cracked by text separation and background noise filtering. The CAPTCHA technology based on the voice scheme mainly allows the user to recognize by providing a piece of voice content. However, the disadvantage is that if the speech content is not the native language that the user is accustomed to, it will cause an obstacle in recognition. In addition, the CAPTCHA technology based on the video scheme can provide high security, but its disadvantage is that it lacks good scalability and consumes a large amount of resources.

身份認證的機制除了應考量到安全性,也應考量到使用者的便利性以及實際應用上的可行性。In addition to the security considerations, the authentication mechanism should also consider the user's convenience and practical application feasibility.

本發明提供一種認證方法及認證系統,藉由提供圖像來讓使用者進行旋轉操作以使圖像位於正確狀態,並判斷旋轉操作之後的圖像是否符合允許的誤差範圍,且在執行認證的過程可結合個人化資訊,從而提高整體的資訊安全性,以有效避免機器人或自動程式的攻擊或阻斷。The present invention provides an authentication method and an authentication system for providing a user with a rotation operation to place an image in a correct state, and determining whether an image after the rotation operation conforms to an allowable error range, and performing authentication The process can be combined with personalized information to improve overall information security to effectively avoid attacks or blockages by robots or automated programs.

本發明提供一種認證方法,包括:根據註冊資訊來提供特定實景圖;反應於旋轉操作,以從特定實景圖獲得一選取圖像;計算選取圖像以及預設圖像各自的圖像雜湊值之間的差值;以及若差值小於門檻值,則判定為認證成功,其中,預設圖像是對應預設視角以從特定實景圖產生。The present invention provides an authentication method, including: providing a specific real-life map according to registration information; responding to a rotation operation to obtain a selected image from a specific real-life map; and calculating a respective image hash value of the selected image and the preset image The difference between the two; and if the difference is less than the threshold value, it is determined that the authentication is successful, wherein the preset image is corresponding to the preset viewing angle to be generated from the specific real-life map.

本發明提供一種認證系統,包括:身份辨識資訊資料庫,用以儲存註冊資訊;地理資訊實景圖資料庫,用以儲存多個實景圖;以及控制單元,耦接至地理資訊實景圖資料庫以及身份辨識資訊資料庫,控制單元經配置以:根據註冊資訊來從地理資訊實景圖資料庫提供特定實景圖;反應於旋轉操作,以從特定實景圖獲得選取圖像;計算選取圖像以及預設圖像各自的圖像雜湊值之間的差值;以及若差值小於門檻值,則判定為認證成功,其中,預設圖像是對應預設視角以從特定實景圖產生。The invention provides an authentication system, comprising: an identity identification information database for storing registration information; a geographic information real-time map database for storing a plurality of real-life maps; and a control unit coupled to the geographic information real-time map database and The identification information database, the control unit is configured to: provide a specific real-life map from the geographic information real-time map database according to the registration information; react to the rotation operation to obtain the selected image from the specific real-life map; calculate the selected image and preset The difference between the image hash values of the images; and if the difference is less than the threshold, it is determined that the authentication is successful, wherein the preset image is corresponding to the preset perspective to be generated from the specific real map.

基於上述,本發明根據註冊資訊來提供特定實景圖,來讓使用者進行旋轉操作以獲得選取圖像,若選取圖像與對應預設視角的預設圖像的圖像雜湊值之間的差值小於門檻值,則判定為認證成功。Based on the above, the present invention provides a specific real-life map according to the registration information, so that the user performs a rotation operation to obtain a selected image, and if the image is compared with the image hash value of the preset image corresponding to the preset viewing angle, If the value is less than the threshold, it is determined that the authentication is successful.

為讓本發明的上述特徵和優點能更明顯易懂,下文特舉實施例,並配合所附圖式作詳細說明如下。The above described features and advantages of the invention will be apparent from the following description.

100‧‧‧認證系統100‧‧‧Certification System

110‧‧‧介面單元110‧‧‧Interface unit

130‧‧‧身份辨識資訊資料庫130‧‧‧Identification Information Database

150‧‧‧實景圖資料庫150‧‧‧real map database

170‧‧‧後端服務單元170‧‧‧ Back-end service unit

190‧‧‧控制單元190‧‧‧Control unit

200‧‧‧使用者裝置200‧‧‧User device

S330、S350、S360、S370、S380‧‧‧認證方法的步驟Steps for the S330, S350, S360, S370, S380‧‧‧ authentication methods

S400、S500‧‧‧認證方法的步驟Steps for the S400, S500‧‧‧ authentication method

S510~S590‧‧‧認證方法的步驟Steps for the S510~S590‧‧‧ certification method

圖1為根據本發明的一實施例的認證系統及使用者裝置的方塊圖。1 is a block diagram of an authentication system and a user device in accordance with an embodiment of the present invention.

圖2A及圖2B為根據本發明的一實施例的認證介面的示意圖。2A and 2B are schematic diagrams of an authentication interface in accordance with an embodiment of the present invention.

圖3為根據本發明的一實施例的認證方法的流程圖。3 is a flow chart of an authentication method in accordance with an embodiment of the present invention.

圖4為根據本發明的一實施例的認證方法的流程圖。4 is a flow chart of an authentication method in accordance with an embodiment of the present invention.

圖5為根據本發明的一實施例的認證方法中的認證程序的流程圖。5 is a flow chart of an authentication procedure in an authentication method in accordance with an embodiment of the present invention.

圖1為根據本發明的一實施例的認證系統及使用者裝置的方塊圖。如圖1所示,本發明實施例的認證系統100包括介面單元110、身份辨識資訊資料庫130、實景圖資料庫150、後端服務單元170以及控制單元190。控制單元190耦接至介面單元110、身份辨識資訊資料庫130、實景圖資料庫150以及後端服務單元170。使用者的使用者裝置200可透過網路來與認證系統100通訊。在本發明實施例中,認證系統100可以是網路伺服器、個人電腦、工作站、主機電腦或是各種其他型式的電子裝置,而使用者裝置200可以是筆記型電腦、個人電腦、平板電腦、個人數位助理、智慧型手機或是其他具有上網功能的電子裝置。介面單元110用以提供註冊介面與認證介面,身份辨識資訊資料庫130用以儲存註冊資訊,實景圖資料庫150用以儲存對應多個位置座標的實景圖,後端服務單元170用以在判定為認證成功時提供後端服務,控制單元190用以控制註冊程序與認證程序的過程。在本發明實施例中,介面單元110、後端服務單元170以及控制單元190可以是各種形式的功能模組或微處理器,註冊介面與認證介面可以是網頁介面、軟體介面或是各種其他形式的人機介面,身份辨 識資訊資料庫130以及實景圖資料庫150可以是各種形式的儲存媒介。在本發明實施例中,實景圖資料庫150可以是各種形式的儲存媒介,認證介面可以是網頁介面、軟體介面或是各種其他形式的人機介面,控制單元190可以是各種形式的功能模組或微處理器。在本發明的另一實施例中,認證系統可不包括實景圖資料庫,而是藉由外界的其他資料庫來提供對應多個位置座標的實景圖。1 is a block diagram of an authentication system and a user device in accordance with an embodiment of the present invention. As shown in FIG. 1 , the authentication system 100 of the embodiment of the present invention includes an interface unit 110 , an identity information database 130 , a real-time map database 150 , a back-end service unit 170 , and a control unit 190 . The control unit 190 is coupled to the interface unit 110, the identity information repository 130, the live view database 150, and the backend service unit 170. The user device 200 of the user can communicate with the authentication system 100 via the network. In the embodiment of the present invention, the authentication system 100 can be a network server, a personal computer, a workstation, a host computer, or various other types of electronic devices, and the user device 200 can be a notebook computer, a personal computer, a tablet computer, Personal digital assistants, smart phones or other electronic devices with Internet access. The interface unit 110 is configured to provide a registration interface and an authentication interface, and the identity information database 130 is configured to store registration information. The real-time map database 150 is configured to store a real map corresponding to a plurality of location coordinates, and the backend service unit 170 is configured to determine The backend service is provided for the authentication success, and the control unit 190 is used to control the process of registering the program and the authentication program. In the embodiment of the present invention, the interface unit 110, the backend service unit 170, and the control unit 190 can be various types of function modules or microprocessors, and the registration interface and the authentication interface can be a web interface, a software interface, or various other forms. Human-machine interface The knowledge database 130 and the live view database 150 can be various forms of storage media. In the embodiment of the present invention, the real-time map database 150 can be various forms of storage media. The authentication interface can be a web interface, a software interface, or various other forms of human-machine interfaces. The control unit 190 can be various types of function modules. Or a microprocessor. In another embodiment of the present invention, the authentication system may not include a real-time map database, but provide a real-life map corresponding to a plurality of location coordinates by other databases of the outside world.

圖2A及圖2B為根據本發明的一實施例的認證介面的示意圖。下列請同時參照圖1、圖2A及圖2B。2A and 2B are schematic diagrams of an authentication interface in accordance with an embodiment of the present invention. Please refer to FIG. 1 , FIG. 2A and FIG. 2B simultaneously.

在本發明實施例中,當使用者進入認證系統100進行認證時,認證介面中將根據使用者的註冊資訊來輸出特定實景圖以讓使用者進行圖像式認證。初始時,如圖2A所示,輸出於認證介面中的特定實景圖可預先經旋轉而呈現於的隨機視角。對於使用者而言,其可輕易的辨識出認證介面中的特定實景圖是否位於自己在註冊資訊中所預設的視角,若否,則如圖2B所示,在認證介面中,使用者可藉由旋轉操作來選定特定實景圖中的選取圖像。然而此舉對於機器人或自動程式而言將是一件困難的事情,因為機器人或自動程式通常難以辨認對應不同視角的實景圖之間的關係,因此,根據本發明的認證方法將可有效防止駭客藉由機器人或自動程式的攻擊。當使用者確實將認證介面中的特定實景圖旋轉至可接受範圍內(對應預設視角或近似於預設視角)的選取圖像時,則可判定為認證成功。在本發明實施例中,使用者的旋轉操 作可以是在認證介面上拖曳操作、按鈕操作以及其他各種不同的輸入操作,在此不加以限制。下列將針對本發明實施例的認證方法來做詳述。下述有關使用者的操作的皆是透過使用者裝置200來執行,為了方便起見,其將省略有關"使用者裝置200"的描述而以"使用者"來簡述之。In the embodiment of the present invention, when the user enters the authentication system 100 for authentication, the authentication interface outputs a specific real-life map according to the user's registration information to allow the user to perform image-based authentication. Initially, as shown in FIG. 2A, the specific live view outputted in the authentication interface may be rotated before being presented at a random viewing angle. For the user, it is easy to recognize whether the specific real scene in the authentication interface is in the perspective that is preset in the registration information. If not, as shown in FIG. 2B, in the authentication interface, the user can The selected image in the specific live view is selected by a rotation operation. However, this will be a difficult task for robots or automated programs, because robots or automated programs are often difficult to recognize the relationship between real-life maps corresponding to different perspectives. Therefore, the authentication method according to the present invention can effectively prevent flaws. The guest attacks by robot or automatic program. When the user actually rotates the specific real scene in the authentication interface to a selected image within the acceptable range (corresponding to the preset viewing angle or approximate to the preset viewing angle), it can be determined that the authentication is successful. In the embodiment of the present invention, the user's rotary operation The operation may be a drag operation on the authentication interface, a button operation, and various other input operations, which are not limited herein. The following will be described in detail for the authentication method of the embodiment of the present invention. The following operations related to the user are performed by the user device 200. For the sake of convenience, the description of the "user device 200" will be omitted and the user will be briefly described.

圖3為根據本發明的一實施例的認證方法的流程圖。如圖3所示,本發明實施例的認證方法包括步驟S330、S350、S360、S370及S380。下列請同時參照圖1、圖2A、圖2B及圖3。3 is a flow chart of an authentication method in accordance with an embodiment of the present invention. As shown in FIG. 3, the authentication method of the embodiment of the present invention includes steps S330, S350, S360, S370, and S380. Please refer to FIG. 1 , FIG. 2A, FIG. 2B and FIG. 3 simultaneously.

在步驟S330中,根據註冊資訊來提供特定實景圖。舉例來說,控制單元190可根據使用者預先所提供的註冊資訊,來從實景圖資料庫150輸出對應於註冊資訊的特定實景圖於認證介面中。由於,特定實景圖可對應不同的視角而在認證介面中呈現出不同的圖像,因此,在本發明實施例中,所輸出的特定實景圖可經由預先的隨機旋轉處理,以使認證介面中的特定實景圖呈現於對應隨機視角的隨機圖像,如圖2A所示。In step S330, a specific live view is provided based on the registration information. For example, the control unit 190 may output a specific real map corresponding to the registration information from the real-time map database 150 in the authentication interface according to the registration information provided by the user in advance. Since the specific real-time map can present different images in the authentication interface corresponding to different viewing angles, in the embodiment of the present invention, the output specific real-life map can be processed through a pre-random rotation to make the authentication interface The specific real scene map is presented in a random image corresponding to a random angle of view, as shown in FIG. 2A.

在步驟S350中,反應於旋轉操作,以從特定實景圖獲得選取圖像。舉例來說,使用者可輕易的判別認證介面中的特定實景圖是否位於自己在註冊資訊中所預設的視角,若否,使用者可藉由執行旋轉操作,來將認證介面中呈現於隨機視角的特定實景圖旋轉至"近似於"自己在註冊資訊中所預設的視角的圖像(人為操作以及肉眼判斷可能會有些許誤差),此時,控制單元190即可獲得特定實景圖對應此旋轉操作的選取圖像,如圖2B所示。In step S350, a rotation operation is performed to obtain a selected image from a specific live view. For example, the user can easily determine whether the specific live view in the authentication interface is in the view angle preset by the user in the registration information. If not, the user can perform the rotation operation to present the authentication interface to the random address. The specific scene view of the angle of view is rotated to an image that is "approximate" to the angle of view that is preset in the registration information (the human operation and the visual judgment may have some errors), and at this time, the control unit 190 can obtain the specific real map corresponding The selected image of this rotation operation is as shown in Fig. 2B.

在步驟S360中,計算選取圖像以及預設圖像各自的圖像雜湊值之間的差值。如上所述,預設圖像是對應預設視角以從特定實景圖產生。在本發明實施例中,控制單元190可藉由雜湊函數或是其他具有雜湊值計算功能的軟體或硬體模組,來計算特定實景圖對應旋轉操作後的選取圖像的圖像雜湊值,以及特定實景圖對應預設視角的預設圖像的圖像雜湊值,並且計算上述兩圖像雜湊值間的差值。In step S360, a difference between the selected image and the image hash value of each of the preset images is calculated. As described above, the preset image is corresponding to the preset angle of view to be generated from the specific live view. In the embodiment of the present invention, the control unit 190 may calculate the image hash value of the selected image after the rotation operation corresponding to the specific real scene by using a hash function or other software or hardware module having a hash value calculation function. And the image hash value of the preset image corresponding to the preset perspective of the specific real image, and calculating the difference between the two image hash values.

在步驟S370中,判斷差值是否小於門檻值。若差值小於門檻值,則在步驟S380中判定為認證成功。舉例來說,若旋轉操作前後的兩圖像雜湊值間的差值小於門檻值,則可代表經使用者的旋轉操作後的特定實景圖的選取圖像,其相對於預設圖像的偏移或誤差是在可允許的範圍內,因而可判定為認證成功。由於在本發明實施例中,是藉由特定實景圖的選取圖像所對應的圖像雜湊值來做為判斷的方式,而選取圖像對應其圖像雜湊值的關係是難以預測的。舉例來說,假設使用者在不同時間下,選定了特定實景圖中的兩相異的選取圖像,若兩相異選取圖像分別對應預設圖像所計算出的圖像雜湊值的差值為相同,然而,此兩相異選取圖像分別在對應預設圖像的視角差卻有可能為不相同。因此,相對於藉由選取圖像與預設圖像間所對應的視角差來做為判斷的方式而言,本發明藉由使用圖像雜湊值的差值來做判斷,將可更有效的防止機器人或自動程式的攻擊。In step S370, it is determined whether the difference is less than the threshold value. If the difference is less than the threshold value, it is determined in step S380 that the authentication is successful. For example, if the difference between the two image hash values before and after the rotation operation is less than the threshold value, it may represent a selected image of the specific real scene image after the user's rotation operation, and the deviation from the preset image. The shift or error is within an allowable range, and thus it can be determined that the authentication is successful. In the embodiment of the present invention, the image hash value corresponding to the selected image of the specific real image is used as the judgment manner, and the relationship of the selected image corresponding to the image hash value is difficult to predict. For example, suppose that the user selects two different selected images in a specific real scene at different times, and if the two different selected images correspond to the difference of the image hash values calculated by the preset images respectively, The values are the same. However, the difference between the two differently selected images in the corresponding preset images may be different. Therefore, the present invention can be more effective by using the difference of the image hash value as a method of judging by selecting the angle of view difference between the image and the preset image. Prevent attacks from robots or automated programs.

圖4為根據本發明的一實施例的認證方法的流程圖。如 圖4所示,本發明實施例的認證方法包括步驟S400的註冊程序以及S500的認證程序。4 is a flow chart of an authentication method in accordance with an embodiment of the present invention. Such as As shown in FIG. 4, the authentication method of the embodiment of the present invention includes the registration procedure of step S400 and the authentication procedure of S500.

在步驟S400的註冊程序中,使用者可藉由註冊介面(未繪示於圖中)以將預設帳號、預設密碼以及地址資訊儲存至身份辨識資訊資料庫130。地址資訊可以是使用者的住家地址、公司地址、學校地址或是使用者所熟識的地點的地址。因此,在註冊程序中,當控制單元190接收到使用者的地址資訊時,即可針對此地址資訊所對應的位置座標來從實景圖資料庫150獲得對應此位置座標的特定實景圖,並輸出於註冊介面中,使用者便可在此特定實景圖中挑選對應預設視角的預設圖像。預設視角可包括水平軸預設角度以及縱軸預設角度,而此預設圖像將在步驟S500的認證程序中用來做為認證的條件之一。下列將針對步驟S500的認證程序來進一步說明。In the registration process of step S400, the user can store the preset account, the preset password, and the address information to the identity information database 130 by using a registration interface (not shown). The address information can be the user's home address, company address, school address, or the address of the location that the user is familiar with. Therefore, in the registration process, when the control unit 190 receives the address information of the user, the specific real scene corresponding to the location coordinate can be obtained from the real-time map database 150 for the location coordinates corresponding to the address information, and output. In the registration interface, the user can select a preset image corresponding to the preset viewing angle in the specific real scene view. The preset angle of view may include a horizontal axis preset angle and a vertical axis preset angle, and this preset image will be used as one of the conditions for authentication in the authentication procedure of step S500. The following will be further explained with respect to the authentication procedure of step S500.

圖5為根據本發明的一實施例的認證方法中的認證程序的流程圖。如圖5所示,步驟S500的認證程序包括步驟S510~S590。5 is a flow chart of an authentication procedure in an authentication method in accordance with an embodiment of the present invention. As shown in FIG. 5, the authentication procedure of step S500 includes steps S510 to S590.

在步驟S510中,接收登入帳號以及登入密碼。舉例來說,藉由認證介面來接收登入帳號與登入密碼,以做為認證的條件之一。In step S510, the login account number and the login password are received. For example, the authentication interface is used to receive the login account and the login password as one of the conditions for authentication.

在步驟S520中,判斷登入帳號與登入密碼是否分別匹配預設帳號與預設密碼。若登入帳號與登入密碼分別匹配預設帳號與預設密碼,則可執行步驟S530。若登入帳號或登入密碼分別不 匹配預設帳號或預設密碼,則可執行步驟S590。舉例來說,預設帳號與預設密碼乃是使用者在註冊程序所儲存至身份辨識資訊資料庫130的資訊,若登入帳號與登入密碼不符合預設帳號與預設密碼,則有可能是遭到他人的入侵,因而可不再允許其繼續執行後續的認證步驟。然而,此亦可能是因為使用者一時的誤記或是輸入上錯誤,因此,可在步驟S590中來對使用者進行身份再認證程序。In step S520, it is determined whether the login account and the login password respectively match the preset account and the preset password. If the login account and the login password respectively match the preset account and the preset password, step S530 may be performed. If the login account or login password is not If the preset account or the preset password is matched, step S590 may be performed. For example, the default account and the preset password are information stored by the user in the registration program to the identity information database 130. If the login account and the login password do not match the preset account and the preset password, it may be Intrusion by others, so they can no longer be allowed to continue the subsequent certification steps. However, this may also be due to a user's temporary misinterpretation or input error. Therefore, the user may be authenticated in step S590.

在步驟S530中,根據註冊資訊的地址資訊所對應的位置座標,來提供特定實景圖。舉例來說,控制單元190可根據使用者預先所提供的註冊資訊中的地址資訊,來獲得實景圖資料庫150中對應地址資訊的位置座標的特定實景圖。由於此位置座標的特定實景圖相對於使用者而言,可以是熟悉的環境,因而此認證程序結合了個人化的資訊,不僅提升了資訊安全性,也更加的人性化。In step S530, a specific live view is provided according to the location coordinates corresponding to the address information of the registration information. For example, the control unit 190 can obtain a specific real-life map of the location coordinates of the corresponding address information in the real-time map database 150 according to the address information in the registration information provided by the user in advance. Since the specific real-life map of the coordinates of the location can be a familiar environment with respect to the user, the authentication program combines personalized information, which not only improves information security but also is more humanized.

在步驟S540中,輸出特定實景圖對應隨機視角的隨機圖像。舉例來說,當控制單元190獲得實景圖資料庫150中對應地址資訊的位置座標的特定實景圖後,為了提升資訊安全性,更可在特定實景圖中選定對應隨機視角的隨機圖像來輸出至認證介面中,如圖2A所示。隨機視角可包括水平軸隨機角度以及縱軸隨機角度。In step S540, a random image corresponding to a random perspective of the specific live view is output. For example, after the control unit 190 obtains the specific real-life map of the location coordinates of the corresponding address information in the real-time map database 150, in order to improve the information security, a random image corresponding to the random viewing angle may be selected and outputted in the specific real-life map. To the authentication interface, as shown in Figure 2A. The random viewing angle may include a random angle of the horizontal axis and a random angle of the vertical axis.

在步驟S550中,反應於旋轉操作,以從特定實景圖獲得選取圖像。此步驟類似於步驟S350。控制單元190藉由使用者的 旋轉操作來獲得特定實景圖對應選取視角的選取圖像,如圖2B所示。選取視角可包括水平軸選取角度以及縱軸選取角度。In step S550, a rotation operation is performed to obtain a selected image from a specific live view. This step is similar to step S350. Control unit 190 by user The rotation operation is performed to obtain a selected image corresponding to the selected viewing angle of the specific real scene image, as shown in FIG. 2B. The selected viewing angle may include a horizontal axis selection angle and a vertical axis selection angle.

在步驟S560中,計算選取圖像以及預設圖像各自的圖像雜湊值之間的差值。此步驟類似於步驟S360。控制單元190可計算特定實景圖對應旋轉操作後的選取圖像的圖像雜湊值,以及特定實景圖對應預設視角的預設圖像的圖像雜湊值,並且計算上述兩圖像雜湊值間的差值。In step S560, a difference between the selected image and the image hash value of each of the preset images is calculated. This step is similar to step S360. The control unit 190 may calculate an image hash value of the selected image corresponding to the rotation operation of the specific real image, and an image hash value of the preset image corresponding to the preset perspective of the specific real image, and calculate the between the two image hash values The difference.

在步驟S570中,判斷差值是否小於門檻值。若差值小於門檻值,則在步驟S580中判定為認證成功,且可提供後端服務。步驟S570類似於步驟S370,若旋轉操作前後的兩圖像雜湊值間的差值小於門檻值,則可判定為認證成功,並且控制單元190可更進一步在步驟S580中藉由後端服務單元170來提供後端服務。若旋轉操作前後的兩圖像雜湊值間的差值大於門檻值,則可代表遭到不明人士或軟體的入侵,或是使用者已忘記了原先的預設圖像,此時則亦可執行S590。在本發明實施例中,若兩圖像雜湊值間的差值等於門檻值,則可判定為認證成功,或亦可判定為認證失敗,在此不加以限制。In step S570, it is determined whether the difference is less than the threshold value. If the difference is less than the threshold value, it is determined in step S580 that the authentication is successful, and the backend service can be provided. Step S570 is similar to step S370. If the difference between the two image hash values before and after the rotation operation is less than the threshold value, it may be determined that the authentication is successful, and the control unit 190 may further pass the backend service unit 170 in step S580. To provide backend services. If the difference between the two image hash values before and after the rotation operation is greater than the threshold value, it may represent an invasion by an unknown person or software, or the user has forgotten the original preset image, and may execute at this time. S590. In the embodiment of the present invention, if the difference between the two image hash values is equal to the threshold value, it may be determined that the authentication is successful, or may be determined as the authentication failure, which is not limited herein.

在步驟S590中,藉由身份再認證程序來確認註冊資訊的安全性。舉例來說,在身份再認證程序中,控制單元170可重新再次認證使用者的帳號與密碼資料,或是讓使用者重新設置密碼且藉由使用者的其他連絡方式(如手機號碼或電子信箱地址)來發送新密碼給使用者,或是以進行提示問答的方式來重新確認使用 者的身分,或者是透過其他各種不同的機制來確認使用者的身分,在此不加以限制。In step S590, the security of the registration information is confirmed by the identity re-authentication procedure. For example, in the identity re-authentication process, the control unit 170 may re-authenticate the user's account and password data, or allow the user to reset the password and use other contact methods of the user (such as a mobile phone number or an e-mail address). Address) to send a new password to the user, or to reconfirm the use of the prompt question and answer The identity of the person, or through various other mechanisms to confirm the identity of the user, is not limited here.

綜上所述,本發明藉由在註冊程序中獲得帳號與密碼資訊、地址資訊、對應地址資訊的位置座標的特定實景圖、以及對應水平軸預設角度與縱軸預設角度的預設圖像,並在認證程序中確認登入帳號與密碼是否正確,且根據註冊資訊來提供特定實景圖並輸出其隨機圖像於認證介面中,接著經由使用者的旋轉操作以獲得選取圖像,若選取圖像以及對應水平軸預設角度與縱軸預設角度的預設圖像的圖像雜湊值之間的差值小於門檻值,則判定為認證成功以提供後端服務。In summary, the present invention obtains a specific real map of the location coordinates of the account and password information, the address information, the corresponding address information in the registration process, and a preset map corresponding to the preset angle of the horizontal axis and the preset angle of the vertical axis. Like, and confirm in the authentication program that the login account and password are correct, and provide a specific real-life map according to the registration information and output a random image in the authentication interface, and then obtain a selected image through the user's rotation operation, if selected If the difference between the image and the image hash value of the preset image corresponding to the horizontal axis preset angle and the vertical axis preset angle is less than the threshold value, it is determined that the authentication is successful to provide the backend service.

雖然本發明已以實施例揭露如上,然其並非用以限定本發明,任何所屬技術領域中具有通常知識者,在不脫離本發明的精神和範圍內,當可作些許的更動與潤飾,故本發明的保護範圍當視後附的申請專利範圍所界定者為準。Although the present invention has been disclosed in the above embodiments, it is not intended to limit the present invention, and any one of ordinary skill in the art can make some changes and refinements without departing from the spirit and scope of the present invention. The scope of the invention is defined by the scope of the appended claims.

S330、S350、S360、S370、S380‧‧‧認證方法的步驟Steps for the S330, S350, S360, S370, S380‧‧‧ authentication methods

Claims (10)

一種認證方法,包括:根據一註冊資訊的一地址資訊來提供一特定實景圖,其中該註冊資訊還包括一預設帳號、一預設視角以及一預設密碼;對該特定實景圖進行隨機旋轉處理;藉由認證介面的輸入控制,產生一旋轉操作,以從該特定實景圖獲得一選取圖像;計算該選取圖像的第一圖像雜湊值以及一預設圖像的第二圖像雜湊值之間的一差值;以及若該差值小於一門檻值,則判定為認證成功,其中,該預設圖像是對應該預設視角以從該特定實景圖產生。 An authentication method includes: providing a specific real map according to an address information of a registration information, wherein the registration information further includes a preset account, a preset view, and a preset password; and randomly rotating the specific real map Processing; generating, by the input control of the authentication interface, a rotation operation to obtain a selected image from the specific real image; calculating a first image hash value of the selected image and a second image of a preset image a difference between the hash values; and if the difference is less than a threshold, the authentication is determined to be successful, wherein the preset image is corresponding to the preset perspective to be generated from the specific real map. 如申請專利範圍第1項所述的認證方法,其中在獲得該選取圖像的步驟之前,該隨機旋轉處理步驟會輸出該特定實景圖對應一隨機視角的一隨機圖像。 The authentication method of claim 1, wherein the random rotation processing step outputs a random image corresponding to a random perspective of the specific real scene before the step of obtaining the selected image. 如申請專利範圍第2項所述的認證方法,其中根據該註冊資訊來提供該特定實景圖的步驟,更包括:根據該地址資訊所對應的一位置座標,來提供該特定實景圖。 The method of claim 2, wherein the step of providing the specific real map according to the registration information further comprises: providing the specific real map according to a location coordinate corresponding to the address information. 如申請專利範圍第2項所述的認證方法,其中在根據該註冊資訊來提供該特定實景圖的步驟之前,更包括:接收一登入帳號以及一登入密碼;以及若該登入帳號與該登入密碼分別匹配該預設帳號與該預設密碼,則執行後續步驟。 The authentication method of claim 2, wherein before the step of providing the specific real map according to the registration information, the method further comprises: receiving a login account and a login password; and if the login account and the login password After the preset account and the preset password are respectively matched, the subsequent steps are performed. 如申請專利範圍第2項所述的認證方法,其中該預設視角更包括一水平軸預設角度以及一縱軸預設角度,該選取視角更包括一水平軸選取角度以及一縱軸選取角度,該隨機視角更包括一水平軸隨機角度以及一縱軸隨機角度。 The authentication method of claim 2, wherein the preset viewing angle further comprises a horizontal axis preset angle and a vertical axis preset angle, wherein the selected viewing angle further comprises a horizontal axis selection angle and a vertical axis selection angle. The random viewing angle further includes a horizontal axis random angle and a vertical axis random angle. 一種認證系統,包括:一身份辨識資訊資料庫,用以儲存一註冊資訊,其中該註冊資訊包括一地址資訊、一預設帳號、一預設視角以及一預設密碼;一地理資訊實景圖資料庫,用以儲存多個實景圖;以及一控制單元,耦接至該地理資訊實景圖資料庫以及該身份辨識資訊資料庫,該控制單元經配置以:根據該註冊資訊的該地址資訊來從該地理資訊實景圖資料庫提供一特定實景圖;對該特定實景圖進行隨機旋轉處理;藉由認證介面的輸入控制,產生一旋轉操作,以從該特定實景圖獲得一選取圖像;計算該選取圖像的第一圖像雜湊值以及一預設圖像的第二圖像雜湊值之間的一差值;以及若該差值小於一門檻值,則判定為認證成功,其中,該預設圖像是對應該預設視角以從該特定實景圖產生。 An authentication system includes: an identity identification information database for storing a registration information, wherein the registration information includes an address information, a preset account number, a preset perspective, and a preset password; and a geographic information map data a library for storing a plurality of real-life maps; and a control unit coupled to the geographic information real-time map database and the identification information database, the control unit configured to: according to the address information of the registration information The geographic information map database provides a specific real map; random rotation processing is performed on the specific real scene; and a rotation operation is generated by the input control of the authentication interface to obtain a selected image from the specific real map; Selecting a difference between the first image hash value of the image and the second image hash value of the predetermined image; and if the difference is less than a threshold, determining that the authentication is successful, wherein the pre- Let the image be corresponding to the preset perspective to be generated from the particular live view. 如申請專利範圍第6項所述的認證系統,其中該控制單元更進一步經配置以: 在該隨機旋轉處理步驟中輸出該特定實景圖對應一隨機視角的一隨機圖像。 The authentication system of claim 6, wherein the control unit is further configured to: And outputting, in the random rotation processing step, a random image corresponding to a random perspective of the specific real scene. 如申請專利範圍第7項所述的認證系統,其中該控制單元更進一步經配置以:根據該地址資訊所對應的一位置座標,來提供該特定實景圖。 The authentication system of claim 7, wherein the control unit is further configured to: provide the specific real map according to a location coordinate corresponding to the address information. 如申請專利範圍第7項所述的認證系統,其中該控制單元更進一步經配置以:接收一登入帳號以及一登入密碼;以及判別該登入帳號與該登入密碼是否分別匹配該預設帳號與該預設密碼。 The authentication system of claim 7, wherein the control unit is further configured to: receive a login account and a login password; and determine whether the login account and the login password respectively match the preset account and the Default password. 如申請專利範圍第7項所述的認證系統,其中該預設視角更包括一水平軸預設角度以及一縱軸預設角度,該選取視角更包括一水平軸選取角度以及一縱軸選取角度,該隨機視角更包括一水平軸隨機角度以及一縱軸隨機角度。 The authentication system of claim 7, wherein the preset viewing angle further comprises a horizontal axis preset angle and a vertical axis preset angle, wherein the selected viewing angle further comprises a horizontal axis selection angle and a vertical axis selection angle. The random viewing angle further includes a horizontal axis random angle and a vertical axis random angle.
TW102119131A 2013-05-30 2013-05-30 Authentication method and authentication system TWI489312B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
TW102119131A TWI489312B (en) 2013-05-30 2013-05-30 Authentication method and authentication system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
TW102119131A TWI489312B (en) 2013-05-30 2013-05-30 Authentication method and authentication system

Publications (2)

Publication Number Publication Date
TW201445354A TW201445354A (en) 2014-12-01
TWI489312B true TWI489312B (en) 2015-06-21

Family

ID=52707063

Family Applications (1)

Application Number Title Priority Date Filing Date
TW102119131A TWI489312B (en) 2013-05-30 2013-05-30 Authentication method and authentication system

Country Status (1)

Country Link
TW (1) TWI489312B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI643087B (en) * 2016-12-01 2018-12-01 財團法人資訊工業策進會 Authentication method and authentication system

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7386177B2 (en) * 2003-09-30 2008-06-10 Graphic Security Systems Corp. Method and system for encoding images using encoding parameters from multiple sources
TWI342506B (en) * 2007-06-23 2011-05-21 Wistron Corp Method of identification according to selected patterns and related computer system
TW201235930A (en) * 2011-02-23 2012-09-01 Quanta Comp Inc Verification method and computer system using the same
US20130007875A1 (en) * 2011-06-30 2013-01-03 Ebay, Inc. Interactive CAPTCHA

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7386177B2 (en) * 2003-09-30 2008-06-10 Graphic Security Systems Corp. Method and system for encoding images using encoding parameters from multiple sources
TWI342506B (en) * 2007-06-23 2011-05-21 Wistron Corp Method of identification according to selected patterns and related computer system
TW201235930A (en) * 2011-02-23 2012-09-01 Quanta Comp Inc Verification method and computer system using the same
US20130007875A1 (en) * 2011-06-30 2013-01-03 Ebay, Inc. Interactive CAPTCHA

Also Published As

Publication number Publication date
TW201445354A (en) 2014-12-01

Similar Documents

Publication Publication Date Title
US10657243B2 (en) Variation analysis-based public turing test to tell computers and humans apart
US20150012988A1 (en) Authentication method and authentication system
US9985786B1 (en) Cross-device authentication
CN108804884B (en) Identity authentication method, identity authentication device and computer storage medium
US9703982B2 (en) Document distribution and interaction
CN105100108B (en) A kind of login authentication method based on recognition of face, apparatus and system
US20090150983A1 (en) System and method for monitoring human interaction
KR102135998B1 (en) Generating barcode and authenticating based on barcode
US9202027B2 (en) Private/public gesture security system and method of operation thereof
CN102957682A (en) Method and equipment for providing picture verification code based on verification security level
US9077713B1 (en) Typeless secure login to web-based services
US10860704B1 (en) Capturing and sending one-time passwords using augmented reality glasses
US10192042B2 (en) User verifying method, terminal device, server and storage medium
CN105187412B (en) A kind of login authentication method based on gesture identification, apparatus and system
US11902275B2 (en) Context-based authentication of a user
US20220103539A1 (en) Verifying trusted communications using established communication channels
US9049211B1 (en) User challenge using geography of previous login
WO2015032281A1 (en) Method and system for generating and processing challenge-response tests
US20240214374A1 (en) Multi-factor authentication using symbols
US11599612B2 (en) Method, apparatus and system for authenticating a user based on eye data and/or facial data
TWI489312B (en) Authentication method and authentication system
US11178139B1 (en) Secure computer-implemented authentication
US20160344558A1 (en) System and Method for Obtaining Authorization
US12020692B1 (en) Secure interactions in a virtual environment using electronic voice
US20240022553A1 (en) Authenticating a virtual entity in a virtual environment