WO2011006295A1 - Procédé d’authentification pour équipement d’identification d’utilisateur - Google Patents

Procédé d’authentification pour équipement d’identification d’utilisateur Download PDF

Info

Publication number
WO2011006295A1
WO2011006295A1 PCT/CN2009/072764 CN2009072764W WO2011006295A1 WO 2011006295 A1 WO2011006295 A1 WO 2011006295A1 CN 2009072764 W CN2009072764 W CN 2009072764W WO 2011006295 A1 WO2011006295 A1 WO 2011006295A1
Authority
WO
WIPO (PCT)
Prior art keywords
information
user identification
user
module
identification device
Prior art date
Application number
PCT/CN2009/072764
Other languages
English (en)
Chinese (zh)
Inventor
盛永祥
邢益涛
Original Assignee
Sheng Yongxiang
Xing Yitao
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Sheng Yongxiang, Xing Yitao filed Critical Sheng Yongxiang
Priority to CN200980160469.9A priority Critical patent/CN102474498B/zh
Priority to PCT/CN2009/072764 priority patent/WO2011006295A1/fr
Publication of WO2011006295A1 publication Critical patent/WO2011006295A1/fr

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/42User authentication using separate channels for security data
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/18Network architectures or network communication protocols for network security using different networks or channels, e.g. using out of band channels

Definitions

  • the present invention relates to a method for authenticating a user identification device, and more particularly to a method for authenticating a user identification device requiring an account number and a password by using a user feature identification method and performing security authentication on an external device connected to the user identification device.
  • the security authentication between the device and the device is of great significance in practical applications. It is widely used in various fields before determining whether the device is legal before performing secure communication between devices. For example, in the banking industry, a U-Shield device is now popular, the principle is that the fixed information in the USB device is used as the identification information, and the server in the bank network system can verify the fixed information, and if the verification is successful, the use is The user of the USB device can obtain the correct authentication identity.
  • a remote control lock is widely used, wherein a lock control device is installed on the lock, the lock control device can control the lock to open or close, and the user holds the remote control device.
  • the lock control device After controlling the remote control device to transmit a series of identification control codes, the lock control device identifies the identification code after obtaining the identification control code, thereby judging the legality of the remote control device, and after the identification is successful, locking the vehicle according to the content of the control code Open or close.
  • the identification information is usually fixed.
  • the identification information in the U shield is permanently stored in the U disk.
  • the use of fixed identification information usually There is a certain risk because fixed information is more likely to be brute-forced.
  • the prior art usually uses a single channel for communication, and if the illegal component monitors the single channel for a long time with a special listening device, the identification information can be easily intercepted.
  • existing inter-device authentication techniques often encrypt information with publicly available algorithms, such as the MD5 algorithm, although it is technically difficult to decrypt the identification information encrypted using the public algorithm after intercepting the identification information. But if you use the exhaustive method to crack it, you have enough time. Under the premise of the speed of operation, there is also the possibility of successful cracking.
  • the present invention proposes a user identification device authentication method that can solve the above problems.
  • the technical problem to be solved by the present invention is to provide an authentication method for a user identification device, which overcomes the problem that the identification information that appears when the existing user identification device and the external device are authenticated are fixed and easily acquired.
  • the authentication method of the user identification device of the present invention comprises the following steps: S1 the user identification device detects the additional device; S2 the user identification device acquires the identification information; S3 the user identification device converts the identification information into a pseudo feature information file; S4 the user identification device will have the pseudo feature The information file is converted into registration information and saved.
  • the authentication method of the user identification device of the present invention further includes the following steps: S5
  • the user identification device transmits the identification information to the external device for storage.
  • the authentication method of the user identification device of the present invention further includes the following steps: S6 the user identification device detects the added device; the S7 user identification device acquires the identification information from the external device; S8 the user identification device converts the identification information into a pseudo feature information file; S9 user identification The device converts the pseudo-feature information file into the authentication information; the S10 user identification device compares the registration information with the authentication information, and if the comparison result is found to be inconsistent, the user identification device does not establish a trust connection with the external device, and if the comparison result is found to be consistent, The user identification device establishes a trusted connection with the external device.
  • the user identification device and the external device respectively detect the environment information, the user identification device detects the first environment information, and the external device detects the second environment information;
  • the user identification device converts the first environment information into the first temporary comparison information, and the adding device converts the second environment information into the second temporary comparison information;
  • the user identification device acquires the second temporary comparison information;
  • the user identification device will be the first Temporary comparison information and second temporary comparison information Perform comparison. If the comparison results are inconsistent, exit the authentication. If the comparison results are consistent, perform the steps.
  • the user identification device and the external device respectively detect the environment information, the user identification device detects the first environment information, and the external device detects the second environment information.
  • the user identification device converts the first environment information into the first temporary comparison information, and the adding device converts the second environment information into the second temporary comparison information;
  • the adding device uses the second temporary comparison information as the operator to perform the identification information Encryption operation, generating encryption identification information;
  • the adding device sends the encryption identification information to the user identification device;
  • the user identification device uses the first temporary comparison information as an operator to perform a decryption operation symmetrically with the encryption operation on the encrypted identification information, if the decryption is unsuccessful Then, the authentication is exited. If the decryption is successful, step S7 is performed.
  • the subscriber identity device transmits the identification information using one or more channels.
  • the identification information is module information.
  • the identification information is part of the user characteristic information or a combination of the module information and a portion of the user characteristic information.
  • the module information is one of a chip type of the external device, a battery life, a processor frequency factory date and a lot number, and a first installation use time.
  • the user identification device and the authentication method of the external device provided by the invention cooperate with the external module of the external device, so that the user identification device can be authenticated with the external device provided with the external module, thereby realizing the purpose of secure communication.
  • the environment information determination method is used before the authentication, and the multi-channel communication method is adopted in the communication process, and the user characteristic information saved in the user identification device and the module information of the external device are fully utilized as the identification information when selecting the identification information, thereby It ensures that the user identification device will not steal confidential information by the unauthenticated external device, thereby achieving secure data communication.
  • FIG. 1 is a schematic structural diagram of a user identification device according to the present invention.
  • FIG. 2 is a schematic diagram of storage contents of a storage module of the user identification device of the present invention.
  • Figure 3 details a flow chart of the user identification device accepting the registration of the additional device.
  • Figure 4 details the flow chart for the user identification device to verify the device.
  • Figure 5 details a flow chart that uses environmental information to verify that the currently used device is operating in the same environment.
  • Figure 6 details a flow chart of another method of verifying whether a currently used device is operating in the same environment using environmental information.
  • Figure 7 details the flow chart for generating registration information and verification information.
  • Figure 8 details a schematic diagram of device name information and device class information linked to registration information stored in the subscriber identity module.
  • Figure 9 is a detailed flow chart showing the use of multi-channel communication in the authentication step to obtain module information from the add-on module in the verification step to ensure security during information transmission.
  • the user identification device 10 of the present invention includes a main controller 101, a user identification module 103, a user interface module 107, a communication module 115, and a storage module 117.
  • the main controller 101 is configured to control the user identification module 103 of the user identification device 10, the user interface module 107, the communication module 115, and the storage module 117 to operate.
  • the user interface module 107 enables the user to perform operations on the user identification device 10.
  • the user can implement operations such as system function selection, user selection, and determination on the user interface module 107, such as confirmation, cancellation, etc., wherein the user interface module 107 It can be realized by any one or any combination of voice prompt, voice recognition, LCD display, touch screen, LED, button, computer operation, etc.
  • the communication module 115 is configured to implement the user identification device 10 to communicate with the outside world, and the implementation manner may be any communication technology such as wired or wireless. Through the communication module 115, the user identification device 10 can transmit information with an external device, wherein the communication module 115 has one or more communication interfaces to enable communication by one or more communication methods, and the communication interface can be, for example, a USB interface. , RJ45 interface, fiber interface, etc.
  • the storage module 117 is configured to provide a storage space for the user identification device 10 to store related information.
  • the storage module 117 can be implemented using a memory chip, a TF card, an SD card, a USB flash drive, and a remote storage space such as a network space.
  • the storage module 117 stores an index file 201 and other information 203, wherein the index file 201 includes: a registration information number - a device number index file 205, a device number - a device name index file 207, a device number -
  • the device category index file 209 wherein the device number-device name index file 207, the device number-device category index file 209 may be referred to as a user entry information index file.
  • the user identification module 103 includes an information collection sensor 103a, a signature generation module 103b, a signature matching module 103c, a signature storage module 103d, and an internal communication module 103e.
  • the information collection sensor 103a is configured to collect information unique to the user, such as fingerprint, iris, voiceprint, ID number, and identity card.
  • the signature generation module 103b is configured to generate the corresponding feature encoding information according to a specific algorithm, where the specific algorithm may be, for example, a fingerprint feature grayscale direct extraction algorithm, a PCNN fingerprint feature extraction algorithm, and a zero-crossing detection based iris. Feature extraction algorithms, etc. These algorithms are provided by the chip designer and are not public.
  • the signature storage module 103d is configured to store the registered signatures in a certain order for comparison or backup.
  • the feature code comparison module 103c is configured to determine whether the feature code obtained at the time of registration is consistent with the feature code obtained at the time of access, When two signatures meet the same definition of the feature, the description is from the same user feature, such as the same finger of the same user or the left eye iris of the same user.
  • the internal communication module 103e is for communicating with the main controller 101.
  • the main function of the user identification module 103 is to identify the user.
  • the specific operation flow is as follows: First, the user registers, at this time, the information collection sensor 103a collects the feature information of the user, and the feature code generation module 103b according to the collected user feature information, according to a certain A specific algorithm generates corresponding signature information, and the signature storage module 103d can store the signature information in a certain order. At this time, the registration is completed. Then, if the user accesses, the information collection sensor 103a collects the feature information input by the user again. Then, the feature code generating module 103b generates the feature code information by using the same algorithm as described above. At this time, the feature code comparison module 103c compares the feature code information with the feature code previously stored in the feature code storage module 103d. When the same is found, the subscriber identity module 103 sends a corresponding signal to the master controller 101 by using the internal communication module 103e, and the master controller 101 implements the corresponding action according to the corresponding signal of the subscriber identity module 103.
  • the present invention fully exploits the hardware functions of the user identification device 10, so that the user identification device 10 can recognize insecure device access in addition to the user feature information.
  • the user identification device 10 disclosed by the present invention can be connected to a computer through a communication module, thereby realizing user identity authentication applied to the computer. For example, by connecting the user identification device 10 to the computer, the computer can obtain the function of user feature recognition.
  • the online user personal identity verification can be implemented, and can also be directly connected to the external lock control device through the communication module 115, thereby directly implementing the function of unlocking by the user's personal information.
  • the present invention provides a registration and authentication mechanism for the connection between the user identification device 10 and the external device, thereby ensuring that the external device is legal and cannot be casual.
  • the replacement of the external device increases the security usability of the user identification device 10.
  • the process of the user identification device 10 accepting the registration of the external device is described in detail with reference to FIG. 3.
  • the connection mode may be one of USB, Bluetooth, network cable or other conventional communication connection manner, and may be implemented by using the communication module 115.
  • the communication module 115 has a USB interface
  • the communication module 115 may be used.
  • the USB interface is connected to the USB interface of the external device.
  • the user needs to start an add-on module set in the external device, wherein the external module can be implemented by software or hardware. Specifically, if the external device is a computer, the external module can be installed on the computer.
  • the specific software on the PCI software module can also be a hardware module inserted in the PCI slot.
  • the external device is a lock control device
  • the external module can be a single-chip computer program that is solidified on the controlled device, or can be soldered to the lock.
  • the hardware module of the control device is configured to analyze data in the connection channel, collect module information of the added module, package or encrypt the collected module information, and send the data to the user identification device 10 from a certain channel.
  • the user initiates a detection function on the user identification device 10, at which time the user identification device 10 scans the channel on the communication module 115 to see if an additional device is on the channel.
  • step 307 the user identification device 10 detects that an external device exists on the channel, and in step 309, the user identification device 10 detects whether the external device and the user identification device 10 are themselves in the same environment (the detection method will be described in detail below). If not in the same environment, the process proceeds to step 311, the registration process is exited, and a warning message is sent through the user interface module 107. Otherwise, if it is detected in the same environment, then step 313 is entered. It should be noted that steps 309 and 311 are additional steps that are available in the case of high security requirements, which may not be used in general.
  • the external module on the external device acquires the module information of the external device and sends the module information to the user identification device 10, so that the user identification device 10 obtains the module information, wherein the module information is the chip model, the battery life, and the processor frequency.
  • the batch number and one of the first installation and use time which can be customized to the user according to the needs of the user, and if the battery life is selected as the module information, it will have better effect, because the battery life is changed, if registered
  • the current battery life is used as the identification information (or part of the identification information), and when the external module is used elsewhere, the battery life is shortened, so the battery life will be inconsistent in the next certification, and not added
  • the module establishes a trusted connection, and in step 315, the user identification device 10 acquires the module information and utilizes
  • the module information generates identification information, and generates identification information by using an algorithm (the specific generation method thereof will be described in detail below), and saves the registration information to the user identification module 103, where the identification information may be It is a module information, and may be a part of a signature information stored in the signature storage module 103d, or a combination of the two, and may be customized to the designer according to the needs of the user, and for the latter
  • step 317 the user identification device 10 sends the identification information to the external device and saves it on the external device.
  • the identification information is module information
  • step 317 can be Omitted
  • step 319 the user identification device 10 prompts the user to input the device name.
  • the user identification device 10 receives the device name through the user interface module and saves it to the index file of the storage module ( The specific method will be described in detail below.
  • step 321 the user identification device 10 prompts the user to enter a device category, and when the user inputs the device category, the user identification device 10 receives the device category information through the user interface module 107.
  • the order of the above steps 319 and 321 may be replaced, or step 321 may be omitted. At this point, the entire registration process for the added device is completed.
  • step 401-step 411 is the same as step 301-step 411 at the time of registration, and therefore, the description is omitted.
  • step 413 the user identification device 10 acquires the identification information.
  • the identification information used in the registration is the module information
  • the user identification device 10 acquires the module information of the external device through the external module on the external device, when registering.
  • the identification information used is part of the user characteristic information
  • the user identification device 10 acquires a part of the user information stored in the external device through the external module on the external device, and the identification information used when registering is the user characteristic information.
  • the user identification device 10 acquires module information and a part of the user characteristic information through an add-on module on the external device.
  • the authentication information is generated using the identification information (the specific generation method thereof will be described in detail below), and in step 417, the user identification The module 10 compares the authentication information with the registration information stored in the signature storage module. If the comparison result is found to be inconsistent, step 419 is performed to issue a warning message through the user interface module and refuse to establish a trusted connection. If the result is consistent, step 421 is performed, and the registration information number is obtained from the user identification module according to the user registration information.
  • step 423 the corresponding file of the device name and the device type is obtained in the index file according to the registration information number, and the user can be obtained through the user.
  • the interface module plays the file to inform the user that in step 423, a trusted channel is established to complete the authentication.
  • the sound information may also be acquired by using sensors such as ambient temperature and ambient humidity to collect environmental information, but these sensors need to be added in the user identification module 10 and the external device, and in this embodiment, the user identification module 10
  • the user interface module can select the installation recording and the sound recognition function according to the needs, so the sound environment detection can be realized by adding a recording module in the external device, and only one recording module is added in the external device such as the computer or the lock control device, in step 501
  • the user identification device 10 sends the synchronization data to the external device, and the synchronization data informs the external device to turn on the recording device after a period of time.
  • step 503 the external device and the user identification device 10 take the current environment in the same period of time according to the synchronization data. Sound information, in step 5 In 05, the user identification device 10 obtains the audio file 1, and the external device obtains the audio file 2. In step 507, the user identification device 10 converts the audio file 1 to obtain a temporary comparison file 1, and the external device converts the audio file 2 to obtain Temporarily compare file 2. In step 509, the user identification device 10 acquires the temporary comparison file 2 of the external device. In step 511, the user identification device compares the temporary comparison file 2 with the temporary comparison file 1.
  • step 515 If it is determined that the device is not in the same environment, or that the other device is a fake device, or that the other device has a module failure, it will not be used. If it is the same, then in step 513, it is determined that the next step can be performed in the same environment.
  • step 607 the user identification device 10 performs analog-to-digital conversion on the audio file 1 to obtain the temporary key file 1
  • the external device performs analog-to-digital conversion on the audio file 2 to obtain the temporary key file 2.
  • step 609 the external device utilizes the temporary secret.
  • the key file 2 encrypts the identification information and sends it to the user identification module 10.
  • step 611 the user identification module 10 obtains the encrypted identification information, and extracts the information according to the temporary key file 1 by using a decryption algorithm.
  • step 613 determining whether the extraction is successful, if not successful, proceeding to step 613, knowing that the two devices are not in the same environment, or the other device is a spoofing device, or the other device has a module failure, and is not used, if the extraction is successful Go to step 615 to determine that the two devices are in the same environment and proceed to the next step.
  • the encryption and decryption algorithm employed may be a conventional AES algorithm, or a conventional DES algorithm may be employed, or may be other various key algorithms that achieve the same function.
  • the environment information is used as an operator, and when the operator for decryption is the same as the operator for encryption, the encrypted information can be successfully decrypted.
  • the identification information 701 is subjected to a specific algorithm to obtain pseudo characteristic information.
  • the file 703, the pseudo feature information file 703 includes feature files in various formats. For example, if the user identification module 103 is a fingerprint identification module, the pseudo feature information file 703 used must be a pseudo image format file because the fingerprint identification is performed.
  • the information collection module 103a in the module collects a fingerprint image, which can only collect the feature information of the user's fingerprint image, and the feature code generation module 103b generates the feature code from the fingerprint image, so the identification information 701 must be converted into a pseudo by using a specific algorithm.
  • the image format file is further generated in the user identification module by the signature generation module to generate the pseudo image format file as registration information or verification information 705.
  • the identification information may be a combination of the module information and a part of the user characteristic information, or only the module information, or only the user characteristic information, and may be customized according to the needs of the customer, and the specific algorithm for converting the identification information into the pseudo image format file may be, for example, To generate a pseudo fingerprint image file 703 by utilizing the identification information as a factor by one or several templates using an iterative application based on a spatial Gabor filter. Characteristic code
  • the signature generation algorithm of the module is designed by the chip provider and is not public.
  • the user identification module 103 may also be a specific module for identifying various user feature information, such as an iris recognition module, a voiceprint recognition module, etc., and may be selected according to specific needs of the user, and thus the pseudo feature information file 703 may include
  • the pseudo image file, the pseudo sound file, and the like may be directly generated by the feature code generating module 103b in the user identification module 103 to generate the registration information or the verification information 705, but the pseudo feature information file 703 is generated by using a specific software algorithm.
  • the generated, rather than collected by the information collecting module 103a, is that the pseudo feature information file, as the operation object of the feature code generating module 103b, must have the same format as the user feature information collected by the information collecting module 103a.
  • the pseudo feature information file 703 having the same format as the user feature information must be generated by using a specific software algorithm.
  • the pseudo feature information file 703 can be a pseudo image format file or a pseudo sound format depending on the format of the feature information collected by the information collection module 103a. File or any other pattern Pieces.
  • the specific algorithm employed may be any conventional software algorithm depending on the format of the imitation, such as the sound format, image format, and the like. For example, as described above, a specific algorithm for converting identification information into a pseudo image format file can generate pseudo fingerprints by using one or several templates to reuse the identification information as a factor by using an iterative application based on a spatial Gabor filter. Image format file.
  • the steps 319 and 321 of FIG. 3 and the steps 421 and 423 of FIG. 4 are used to store the acquired device name information or device class information into the storage module, and
  • the device name information and the device category information are linked to the registration information stored in the user identification module 103, so that the device name and the device category can be obtained based on the registration information.
  • the user identification module stores the registration information generated by the signature generation module 103b in the signature storage module 103d, and numbers them in a specific order, so that the signature of the user identification module 103 Registration information number - registration information index is established in the storage module 103d File, at the same time, the user identification device starts the user interface module, asks the user for the device name, enters the device name spoken by the user, and records the recorded device name into the storage module. At this time, the user identification device is in the storage module.
  • a registration information number-device number index file Generating a registration information number-device number index file, and recording the corresponding registration information number returned, so that the registration information number in the registration information number-device number index file is consistent with the registration information number in the signature storage module, and Assign a device number to the device and write it to the device number field of the registration information number-device number index file. Also, write the device number in the device number field of the device number-device name index file. And write the device name in the device name field of the device number - device name index file.
  • a device number-device category index file can be added, and the audio file of the device category is entered by the user interface module, and the audio file is written into the device category field of the device number-device category index file.
  • the user identification module of the user identification device When the external device is connected to the user identification device 10 again, authentication is performed.
  • the user identification module of the user identification device generates the verification information by using the signature generation module, and the user identification module compares and stores the verification information.
  • the registration information in the signature storage module when a consistent registration code is not found, a trusted connection cannot be established, but if a consistent registration code is found, the subscriber identity module returns the registration to the master module.
  • the registration information number corresponding to the information can be linked to the user input information through the index table mechanism, so that the user can obtain the information recorded by the user such as the current device name and the current device category from the registration information.
  • step 901 the user identification device sends information to the external device, and after transmitting the information, listens to the channel to be connected, where the information sent includes: What information is required to be acquired, and the external device is required to send the module.
  • the external device collects the requested information after receiving the information, and in step 907, the external device modulates the collected information and transmits it from the required channel to User identification device 10, in step 907, The user identification device receives the modulated information and demodulates it to restore the information. Therefore, any one or more channels can be selected as the communication channel as needed, thereby achieving the purpose of secure communication.
  • the invention discloses a user identification device with device authentication function and an authentication method of the external device thereof, which is matched with an external module of the external device, so that the user identification device can be authenticated with an external device provided with an external module, thereby realizing
  • the environmental information determination method is used before the authentication, and the multi-channel communication method is adopted in the communication process.
  • the identification information is selected, the user characteristic information saved in the user identification device and the external device are fully utilized.
  • the module information is used as the identification information, thereby ensuring that the user identification device does not steal confidential information by the unauthenticated external device, thereby realizing secure data communication.
  • a person skilled in the art can understand the content of the present invention and implement it according to the definition of the scope of the present invention. For those skilled in the art, the adjustment and modification of the technical solution according to the present embodiment does not exceed the technical solution of the present invention. It should be considered to fall within the scope of protection of the present invention.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computing Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)

Abstract

L'invention porte sur un procédé d’authentification pour un système d’identification d’utilisateur. Le procédé d’authentification pour le système d’identification d’utilisateur de la présente invention applique la communication multivoies, un algorithme non décrit et des informations d’identification variables, et pallie ainsi au problème de sécurité du système d’identification d’utilisateur existant provoqué par un canal unique, un algorithme décrit et des informations d’identification sans modification.
PCT/CN2009/072764 2009-07-14 2009-07-14 Procédé d’authentification pour équipement d’identification d’utilisateur WO2011006295A1 (fr)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN200980160469.9A CN102474498B (zh) 2009-07-14 2009-07-14 用户识别设备认证方法
PCT/CN2009/072764 WO2011006295A1 (fr) 2009-07-14 2009-07-14 Procédé d’authentification pour équipement d’identification d’utilisateur

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2009/072764 WO2011006295A1 (fr) 2009-07-14 2009-07-14 Procédé d’authentification pour équipement d’identification d’utilisateur

Publications (1)

Publication Number Publication Date
WO2011006295A1 true WO2011006295A1 (fr) 2011-01-20

Family

ID=43448870

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2009/072764 WO2011006295A1 (fr) 2009-07-14 2009-07-14 Procédé d’authentification pour équipement d’identification d’utilisateur

Country Status (2)

Country Link
CN (1) CN102474498B (fr)
WO (1) WO2011006295A1 (fr)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105984432A (zh) * 2015-07-13 2016-10-05 乐卡汽车智能科技(北京)有限公司 报警方法及装置

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106027468B (zh) * 2016-01-21 2019-05-21 李明 一种身份证认证信息处理请求的异常处理系统
CN107862185A (zh) * 2017-10-18 2018-03-30 福建中金在线信息科技有限公司 Usb识别系统以及usb系统

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1689042A (zh) * 2003-01-28 2005-10-26 富士通株式会社 生物测量信息登记装置、生物测量信息校验装置、生物测量信息登记/校验系统和生物测量信息登记程序
CN1716275A (zh) * 2004-06-30 2006-01-04 沈阳上方电子有限公司 指纹认证算法和系统
CN1822013A (zh) * 2006-03-14 2006-08-23 上海一维科技有限公司 基于可信平台模块的指纹生物识别引擎系统及其识别方法

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
AU2003300062A1 (en) * 2003-06-12 2005-01-28 Michael Arnouse Personal identification and contact location and timing

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1689042A (zh) * 2003-01-28 2005-10-26 富士通株式会社 生物测量信息登记装置、生物测量信息校验装置、生物测量信息登记/校验系统和生物测量信息登记程序
CN1716275A (zh) * 2004-06-30 2006-01-04 沈阳上方电子有限公司 指纹认证算法和系统
CN1822013A (zh) * 2006-03-14 2006-08-23 上海一维科技有限公司 基于可信平台模块的指纹生物识别引擎系统及其识别方法

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105984432A (zh) * 2015-07-13 2016-10-05 乐卡汽车智能科技(北京)有限公司 报警方法及装置

Also Published As

Publication number Publication date
CN102474498B (zh) 2013-12-18
CN102474498A (zh) 2012-05-23

Similar Documents

Publication Publication Date Title
US8386795B2 (en) Information security device of Universal Serial Bus Human Interface Device class and data transmission method for same
US8739266B2 (en) Universal authentication token
CN112214745B (zh) 经认证的外部生物特征读取器和验证设备
US9218473B2 (en) Creation and authentication of biometric information
US7735132B2 (en) System and method for encrypted smart card PIN entry
US7805614B2 (en) Secure local or remote biometric(s) identity and privilege (BIOTOKEN)
US20090158033A1 (en) Method and apparatus for performing secure communication using one time password
US20100042848A1 (en) Personalized I/O Device as Trusted Data Source
JPWO2007094165A1 (ja) 本人確認システムおよびプログラム、並びに、本人確認方法
CN101291224A (zh) 在通信系统中处理数据的方法和系统
EP2628133B1 (fr) Authentification d'une image d'empreinte digitale
WO2006067739A2 (fr) Procede et dispositif de generation de cles et de verification d'authenticite
JP2008544710A (ja) 暗号化を実現する方法及び装置
US10742410B2 (en) Updating biometric template protection keys
KR20160139885A (ko) 생체 정보 인식과 키 분할 방식을 이용한 공인인증 시스템 및 그 방법, 그 방법을 수행하는 프로그램이 기록된 기록매체
WO2018228061A1 (fr) Procédé, dispositif, et système de transmission de données
US20070180507A1 (en) Information security device of universal serial bus human interface device class and data transmission method for same
CN114556356A (zh) 用户认证框架
JP4426030B2 (ja) 生体情報を用いた認証装置及びその方法
WO2011006295A1 (fr) Procédé d’authentification pour équipement d’identification d’utilisateur
WO2011066690A1 (fr) Dispositif de sécurité électronique pour effectuer une validation employant des informations biométriques et utilisation de celui-ci
CN210157214U (zh) 燃气器具物联网信息安全传输系统
JP4639698B2 (ja) データ処理システム及びデータ処理方法
KR20210063177A (ko) 모바일 인증 장치 및 방법, 그리고 이에 적용되는 기록매체
JP2006323691A (ja) 認証装置、登録装置、登録方法及び認証方法

Legal Events

Date Code Title Description
WWE Wipo information: entry into national phase

Ref document number: 200980160469.9

Country of ref document: CN

121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 09847220

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 09847220

Country of ref document: EP

Kind code of ref document: A1