WO2015039589A1 - Système d'autorisation d'identité utilisateur et procédé d'autorisation basés sur des codes barres - Google Patents

Système d'autorisation d'identité utilisateur et procédé d'autorisation basés sur des codes barres Download PDF

Info

Publication number
WO2015039589A1
WO2015039589A1 PCT/CN2014/086605 CN2014086605W WO2015039589A1 WO 2015039589 A1 WO2015039589 A1 WO 2015039589A1 CN 2014086605 W CN2014086605 W CN 2014086605W WO 2015039589 A1 WO2015039589 A1 WO 2015039589A1
Authority
WO
WIPO (PCT)
Prior art keywords
user
terminal
barcode
information
identity authentication
Prior art date
Application number
PCT/CN2014/086605
Other languages
English (en)
Chinese (zh)
Inventor
曲立东
Original Assignee
曲立东
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 曲立东 filed Critical 曲立东
Publication of WO2015039589A1 publication Critical patent/WO2015039589A1/fr

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • GPHYSICS
    • G09EDUCATION; CRYPTOGRAPHY; DISPLAY; ADVERTISING; SEALS
    • G09CCIPHERING OR DECIPHERING APPARATUS FOR CRYPTOGRAPHIC OR OTHER PURPOSES INVOLVING THE NEED FOR SECRECY
    • G09C5/00Ciphering apparatus or methods not provided for in the preceding groups, e.g. involving the concealment or deformation of graphic data such as designs, written or printed messages

Definitions

  • the present invention relates to the field of computer application technologies, and in particular, to the field of bar code application technologies, and in particular to a barcode-based user identity authentication system and an authentication method.
  • the object of the present invention is to overcome the shortcomings of the prior art described above, and to provide a process for greatly simplifying a user's login to a website, the registration process is also relatively simple, and the user account security is effectively guaranteed, and the application method is simple and the application cost is low.
  • the barcode-based user identity authentication system of the present invention has the following composition:
  • the barcode-based user identity authentication system includes an application server, a user terminal, and an identity authentication server.
  • the application server is configured to provide user identity authentication page information, where the page information includes a user ID input window, and generate a barcode according to the input user ID, the barcode includes application server information; the user terminal stores the user account and the user account and The user terminal is uniquely corresponding to the terminal identification code, the user terminal is configured to acquire the barcode, and send the application server information, the user account, and the terminal identification code through the network; the identity authentication server stores the registered user.
  • the account and the corresponding terminal identification code information, the identity authentication server is configured to obtain the server information, the user account and the terminal identification code sent by the user terminal through the network, and compare the obtained user account and the terminal identification code with the registration information. , generating an authentication result and transmitting the authentication result to the application server.
  • the terminal identity identification code is a terminal identity identification code uniquely generated according to a hardware device code of the user terminal.
  • the user terminal is a mobile phone
  • the hardware device code of the user terminal includes at least one of mobile phone IMEI information, device SN code, MEID information, and SIM card IMSI information.
  • the user terminal includes a barcode acquisition module, a barcode resolution module, a storage module, and a network transmission control module.
  • the barcode obtaining module is configured to obtain the barcode;
  • the barcode parsing module is configured to parse the barcode to obtain application server information;
  • the storage module is configured to store a user account and a terminal identifier uniquely corresponding to the user account and the user terminal.
  • the network transmission control module is configured to send the application server information, the user account, and the terminal identification code to the identity authentication server over the network.
  • the invention also provides a barcode-based user identity authentication method, the method comprising the following steps:
  • the application server displays the identity authentication page information to the user, the page information includes a user ID input window, and generates a barcode according to the input user ID, the barcode includes application server information;
  • the user terminal acquires the barcode, and sends the application server information, the user account, and the terminal identification code uniquely corresponding to the user account and the user terminal through the network;
  • the identity authentication server compares the obtained user account and the terminal identification code with the registration information, generates an authentication result, and sends the authentication result to the application server.
  • the user terminal includes a barcode acquiring module, a barcode parsing module, a storage module, and a network transmission control module, and the step (2) specifically includes the following steps:
  • the barcode acquiring module acquires the barcode
  • the barcode parsing module parses the barcode and obtains application server information
  • the user terminal reads the user account stored in the storage module and the terminal identification code
  • the user terminal sends the application server information, the user account, and the terminal identity code to the identity authentication server by using a network transmission control module.
  • the user terminal further includes an input module
  • the input module includes a keyboard and/or a fingerprint identifier
  • the step (2) further includes the following steps:
  • the user terminal prompts the user to input a personal key through the input module, and the personal key is a password and/or a fingerprint;
  • the user terminal sends the personal key to the identity authentication server through a network transmission control module.
  • the barcode-based user identity authentication method further includes a user identity registration operation, and the user identity registration operation includes the following steps:
  • the identity authentication server acquires the hardware device code of the user terminal
  • the identity authentication server generates a unique terminal identity code according to the user terminal hardware device code, and stores and sends the user account and the corresponding terminal identity code to the user terminal;
  • the user terminal stores the user account and the corresponding terminal identity code.
  • the user terminal is a mobile phone
  • the hardware device code of the user terminal includes at least one of a mobile phone IMEI information, a device SN code, MEID information, and SIM card IMSI information.
  • the identity authentication server In the barcode-based user identity authentication method, the identity authentication server generates a unique terminal identity code according to the user terminal hardware device code, and the identity authentication server uses the mobile terminal IMEI of the user terminal. At least one of the information, the device SN code, the MEID information, and the SIM card IMSI information, and generates a terminal identity code uniquely corresponding to the user account and the user terminal by using a preset encryption algorithm.
  • the barcode-based user identity authentication system and the authentication method of the invention are adopted, wherein the application server displays the identity authentication page information to the user, the page information includes a user ID input window, and generates a barcode according to the input user ID, the barcode includes an application.
  • Server information after obtaining the barcode, the user terminal sends the application server information, the user account and the terminal identification code to the identity authentication server through the network; the identity authentication server compares the obtained user account and the terminal identification code with the registration information to generate an authentication result. And send the authentication result to the application server.
  • the user can use the mobile phone as an identity authentication device to complete the operation of logging in to the website by taking a barcode, thereby greatly simplifying the process of the user logging in to the website; and using the third party identity authentication server to log in to multiple protocol websites, exempting The operation of registering each website by the user simplifies the registration process.
  • the terminal identification code is generated according to the hardware code of the user terminal, and uniquely corresponds to the user terminal and the account, thereby effectively improving the security of the user account, and at the same time.
  • the barcode-based user identity authentication system and the authentication method of the invention have simple application methods, low application cost and wide application range.
  • FIG. 1 is a flow chart showing the steps of a barcode-based user identity authentication method of the present invention.
  • FIG. 2 is a schematic flowchart of a third-party authentication server user registration using the present invention in an actual application.
  • FIG. 3 is a schematic diagram of an operational flow in which a user account is bound to a mobile terminal by a registration process and a unique terminal identification code is generated by using the present invention.
  • FIG. 4 is a schematic flowchart of performing user identity authentication based on a third-party server by using the present invention in an actual application.
  • FIG. 5 is a schematic diagram of a barcode-based user identity authentication system of the present invention in practical use.
  • the barcode-based user identity authentication system of the present invention includes an application server, a user terminal, and an identity authentication server.
  • the application server is configured to provide user identity authentication page information, where the page information includes a user ID input window, and generate a barcode according to the input user ID, and the barcode may be a one-dimensional code, a two-dimensional code, or a three-dimensional code, and includes an application server.
  • the user terminal stores a user account and a terminal identification code uniquely corresponding to the user account and the user terminal, and the user terminal is configured to acquire the barcode and send the application server information, the user account, and the network through the network.
  • the identity authentication server stores the registered user account and corresponding terminal identification code information, and the identity authentication server is configured to obtain server information, a user account, and a terminal identity code sent by the user terminal through the network, and The obtained user account and the terminal identification code are compared with the registration information, the authentication result is generated, and the authentication result is sent to the application server.
  • the barcode-based user identity authentication method is implemented by using the system described in this embodiment. As shown in FIG. 1 , the method includes the following steps:
  • the application server displays the identity authentication page information to the user, the page information includes a user ID input window, and generates a barcode according to the input user ID, the barcode includes application server information;
  • the user terminal acquires the barcode, and sends the application server information, the user account, and the terminal identification code uniquely corresponding to the user account and the user terminal through the network;
  • the identity authentication server compares the obtained user account and the terminal identification code with the registration information, generates an authentication result, and sends the authentication result to the application server.
  • the user terminal includes a barcode acquisition module, a barcode resolution module, a storage module, and a network transmission control module.
  • the barcode obtaining module is configured to obtain the barcode;
  • the barcode parsing module is configured to parse the barcode to obtain application server information;
  • the storage module is configured to store a user account and a terminal identifier uniquely corresponding to the user account and the user terminal.
  • the network transmission control module is configured to send the application server information, the user account, and the terminal identification code to the identity authentication server over the network.
  • the step (2) specifically includes the following steps:
  • the barcode acquiring module acquires the barcode
  • the barcode parsing module parses the barcode and obtains application server information
  • the user terminal reads the user account stored in the storage module and the terminal identification code
  • the user terminal sends the application server information, the user account, and the terminal identity code to the identity authentication server by using a network transmission control module.
  • the user terminal further includes an input module
  • the input module includes a keyboard and/or a fingerprint identifier
  • the step (2) further includes the following steps:
  • the user terminal prompts the user to input a personal key through the input module, and the personal key is a password and/or a fingerprint;
  • the user terminal sends the personal key to the identity authentication server through a network transmission control module.
  • the barcode-based user identity authentication method further includes a user identity registration operation, and the user identity registration operation includes the following steps:
  • the identity authentication server acquires the hardware device code of the user terminal
  • the identity authentication server generates a unique terminal identity code according to the user terminal hardware device code, and stores and sends the user account and the corresponding terminal identity code to the user terminal;
  • the user terminal stores the user account and the corresponding terminal identity code.
  • the user terminal may be a smart phone or a PAD tablet with a camera, or may be a handheld scanner with a scanning function.
  • the hardware device code of the user terminal includes at least one of mobile phone IMEI information, device SN code, MEID information, and SIM card IMSI information.
  • the identity authentication server in the step (c) generates a unique terminal identity code according to the user terminal hardware device code, and the identity authentication server uses the mobile phone IMEI information and the device SN code of the user terminal. And at least one of the MEID information and the IMSI information of the SIM card, and generating, by using a preset encryption algorithm, a terminal identification code that uniquely corresponds to the user account and the user terminal.
  • the hardware device code is generated by the mobile phone IMEI information, the device SN code, the MEID information, and the SIM card IMSI information.
  • the main feature of the present invention is that the information of the smart phone terminal is collected, a unique Device ID (terminal identification code) is generated, and the account and the Device ID are bound to enhance the security and practicability of the identity verification.
  • the use of third-party authentication servers to provide authentication services greatly simplifies the process of registration and login operations.
  • the operation flow of binding the user account to the mobile terminal through the registration process and generating a unique Device ID (terminal identification code) is shown in FIG. 3 .
  • the process of user identity authentication based on a third-party server using the present invention in practical application is as shown in FIG. 4 .
  • the barcode-based user identity authentication system of the present invention is shown in FIG. 5 in practical use.
  • the hardware information of the smart phone terminal is unique and non-repetitive.
  • the IMSI information in the SIM card of the communication carrier is unique and non-repetitive.
  • the smart phone terminal scans the barcode through the APP program for identity verification, and of course, the process of completing the operation by keyboard input or mouse operation without the key.
  • the barcode-based user identity authentication system and the authentication method of the invention are adopted, wherein the application server displays the identity authentication page information to the user, the page information includes a user ID input window, and generates a barcode according to the input user ID, the barcode includes an application.
  • Server information after obtaining the barcode, the user terminal sends the application server information, the user account and the terminal identification code to the identity authentication server through the network; the identity authentication server compares the obtained user account and the terminal identification code with the registration information to generate an authentication result. And send the authentication result to the application server.
  • the user can use the mobile phone as an identity authentication device to complete the operation of logging in to the website by taking a barcode, thereby greatly simplifying the process of the user logging in to the website; and using the third party identity authentication server to log in to multiple protocol websites, exempting The operation of registering each website by the user simplifies the registration process.
  • the terminal identification code is generated according to the hardware code of the user terminal, and uniquely corresponds to the user terminal and the account, thereby effectively improving the security of the user account, and at the same time.
  • the barcode-based user identity authentication system and the authentication method of the invention have simple application methods, low application cost and wide application range.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Telephonic Communication Services (AREA)

Abstract

La présente invention concerne un système d'autorisation d'identité utilisateur et un procédé d'autorisation basés sur des codes barres, et appartient au domaine de la technologie des applications informatiques. Dans la présente invention, un serveur d'application affiche une page de certification à un utilisateur, et génère un code barre qui comprend des informations du serveur d'application selon un ID utilisateur saisi ; après avoir acquis le code barre, le terminal utilisateur transmet les informations du serveur d'application, le numéro de compte utilisateur et le code d'identification de terminal à un serveur d'autorisation d'identité ; le serveur d'autorisation d'identité compare des informations d'enregistrement avec le numéro de compte utilisateur acquis et le code d'identification de terminal, et génère un résultat d'autorisation qui est retourné au serveur d'application. Grâce à la présente invention, l'utilisateur peut se connecter au site Web en prenant une image du code barre, le processus de connexion étant simplifié ; en outre, un serveur d'autorisation d'identité tiers est utilisé pour une connexion à plusieurs sites Web sans une opération d'enregistrement. Le code d'identification de terminal correspond de manière unique au terminal utilisateur et au numéro de compte utilisateur respectivement, et la sécurité du numéro de compte utilisateur est améliorée significativement. En outre, la présente invention a un procédé d'application simple, sa mise en oeuvre peu coûteuse et a une large portée d'utilisation.
PCT/CN2014/086605 2013-09-18 2014-09-16 Système d'autorisation d'identité utilisateur et procédé d'autorisation basés sur des codes barres WO2015039589A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201310428694.4 2013-09-18
CN201310428694.4A CN104468108A (zh) 2013-09-18 2013-09-18 基于条形码的用户身份认证系统及认证方法

Publications (1)

Publication Number Publication Date
WO2015039589A1 true WO2015039589A1 (fr) 2015-03-26

Family

ID=52688239

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2014/086605 WO2015039589A1 (fr) 2013-09-18 2014-09-16 Système d'autorisation d'identité utilisateur et procédé d'autorisation basés sur des codes barres

Country Status (2)

Country Link
CN (1) CN104468108A (fr)
WO (1) WO2015039589A1 (fr)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109636411A (zh) * 2018-11-16 2019-04-16 阿里巴巴集团控股有限公司 提供和获取安全身份信息的方法及装置
CN112118243A (zh) * 2020-09-09 2020-12-22 中国联合网络通信集团有限公司 身份认证方法及系统,和互联网应用登录方法及系统

Families Citing this family (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105337997B (zh) * 2015-11-30 2020-10-23 广州华多网络科技有限公司 一种应用客户端的登录方法及相关设备
CN105933347B (zh) * 2016-06-29 2019-03-19 天脉聚源(北京)传媒科技有限公司 一种获取应用程序中的数据资源的方法及装置
CN106712933A (zh) * 2016-11-21 2017-05-24 北京洋浦伟业科技发展有限公司 基于移动互联网终端的身份认证方法和装置
CN108259436B (zh) * 2016-12-29 2021-01-01 中国移动通信集团公司 用户身份认证处理方法、应用服务器以及认证系统服务器
CN108259445B (zh) * 2016-12-29 2021-12-10 格尔软件股份有限公司 基于智能手机的MS Windows桌面安全登录系统及其登录方法
CN109214166B (zh) * 2018-08-20 2020-10-27 创新先进技术有限公司 智能设备授权控制方法及系统
CN110532256A (zh) * 2019-07-04 2019-12-03 平安科技(深圳)有限公司 一种账号校验方法、装置、计算机设备及存储介质

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7305478B2 (en) * 2000-06-08 2007-12-04 Symbol Technologies, Inc. Bar code symbol ticketing for authorizing access in a wireless local area communications network
CN102316123A (zh) * 2011-10-25 2012-01-11 江苏奇异点网络有限公司 基于移动终端的用户认证方法
CN103020506A (zh) * 2012-11-22 2013-04-03 北京握奇数据系统有限公司 一种结合拍照和条形码识别技术的Key设备和方法
CN103297231A (zh) * 2012-03-01 2013-09-11 盛大计算机(上海)有限公司 一种身份认证的方法及系统

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101316167A (zh) * 2008-07-04 2008-12-03 宇龙计算机通信科技(深圳)有限公司 一种安全认证的注册及登录方法、系统和移动终端
KR100992573B1 (ko) * 2010-03-26 2010-11-05 주식회사 아이그로브 휴대단말기를 이용한 인증 방법 및 시스템
CN102118743A (zh) * 2011-03-02 2011-07-06 中兴通讯股份有限公司 一种登录手机网上银行的方法和系统、银行服务器
CN103023918B (zh) * 2012-12-26 2016-08-31 百度在线网络技术(北京)有限公司 为多个网络服务统一提供登录的方法、系统和装置

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7305478B2 (en) * 2000-06-08 2007-12-04 Symbol Technologies, Inc. Bar code symbol ticketing for authorizing access in a wireless local area communications network
CN102316123A (zh) * 2011-10-25 2012-01-11 江苏奇异点网络有限公司 基于移动终端的用户认证方法
CN103297231A (zh) * 2012-03-01 2013-09-11 盛大计算机(上海)有限公司 一种身份认证的方法及系统
CN103020506A (zh) * 2012-11-22 2013-04-03 北京握奇数据系统有限公司 一种结合拍照和条形码识别技术的Key设备和方法

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109636411A (zh) * 2018-11-16 2019-04-16 阿里巴巴集团控股有限公司 提供和获取安全身份信息的方法及装置
CN109636411B (zh) * 2018-11-16 2020-06-09 阿里巴巴集团控股有限公司 提供和获取安全身份信息的方法及装置
CN112118243A (zh) * 2020-09-09 2020-12-22 中国联合网络通信集团有限公司 身份认证方法及系统,和互联网应用登录方法及系统

Also Published As

Publication number Publication date
CN104468108A (zh) 2015-03-25

Similar Documents

Publication Publication Date Title
WO2015039589A1 (fr) Système d'autorisation d'identité utilisateur et procédé d'autorisation basés sur des codes barres
US20220191016A1 (en) Methods, apparatuses, and computer program products for frictionless electronic signature management
CN104468531B (zh) 敏感数据的授权方法、装置和系统
CN105099692B (zh) 安全校验方法、装置、服务器及终端
CN107302539B (zh) 一种电子身份注册及认证登录的方法及其系统
CN107070945B (zh) 身份登录方法及设备
CN103607284B (zh) 身份认证方法及设备、服务器
US9438575B2 (en) Smart phone login using QR code
US9240886B1 (en) Authentication adaptation
KR101214839B1 (ko) 인증 방법 및 그 시스템
US10339366B2 (en) System and method for facial recognition
US20140289508A1 (en) Method, client and system of identity authentication
AU2014262138B2 (en) User authentication
CN104540129B (zh) 第三方应用的注册和登录方法及系统
CN104065621A (zh) 一种第三方服务的身份验证方法、客户端和系统
US9628875B1 (en) Provisioning a device to be an authentication device
US20160149886A1 (en) Method, device and system for account recovery with a durable code
KR20130072790A (ko) 사용자 인증 시스템 및 그 방법
US9710633B2 (en) Method and apparatus for authenticating user
CN102624687A (zh) 基于移动终端的联网程序用户验证方法
CN105635075A (zh) 登录云终端的方法、云终端、云服务器及云系统
CN104657652A (zh) 进行移动应用登录的方法及系统
CN103701586A (zh) 获取密钥的方法和装置
CN103095825B (zh) 一种互联网的信息管理方法和系统、服务器
CN106101140B (zh) 一种信息认证的方法及服务器

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 14846188

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 14846188

Country of ref document: EP

Kind code of ref document: A1