WO2015158148A1 - 用户认证方法、认证装置和终端 - Google Patents

用户认证方法、认证装置和终端 Download PDF

Info

Publication number
WO2015158148A1
WO2015158148A1 PCT/CN2014/093910 CN2014093910W WO2015158148A1 WO 2015158148 A1 WO2015158148 A1 WO 2015158148A1 CN 2014093910 W CN2014093910 W CN 2014093910W WO 2015158148 A1 WO2015158148 A1 WO 2015158148A1
Authority
WO
WIPO (PCT)
Prior art keywords
terminal
authentication
type
authentication information
information
Prior art date
Application number
PCT/CN2014/093910
Other languages
English (en)
French (fr)
Inventor
翟征德
Original Assignee
华为技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 华为技术有限公司 filed Critical 华为技术有限公司
Priority to EP17210729.4A priority Critical patent/EP3361671A1/en
Priority to EP14886670.0A priority patent/EP2963856B1/en
Priority to JP2016528350A priority patent/JP6137658B2/ja
Priority to KR1020157034386A priority patent/KR101808215B1/ko
Priority to US14/885,381 priority patent/US10089450B2/en
Publication of WO2015158148A1 publication Critical patent/WO2015158148A1/zh

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/316User authentication by observing the pattern of computer usage, e.g. typical user behaviour
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3271Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3297Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving time stamps, e.g. generation of time stamps

Definitions

  • Embodiments of the present invention relate to the field of terminals, and, more particularly, to a user authentication method, an authentication device, and a terminal.
  • the user device or application needs to authenticate the user frequently to determine the identity of the current user. Authentication is the primary security barrier before allowing users to access data and applications in the terminal.
  • One of the most critical factors of the user authentication mechanism is the memory cost of the user as low as possible, and the ease of use.
  • the user equipment is always carried by the user, and is used in various occasions and environments.
  • the authentication process is easy to be sneaked, so the authentication mechanism is required to have certain anti-peeping ability.
  • the embodiment of the invention provides a user authentication method, an authentication device and a terminal, which can have certain anti-peeping ability while reducing user memory cost.
  • a first aspect provides a method for user authentication, the method comprising: determining a first type of authentication information and a second type of authentication information of a terminal, where the first type of authentication information includes a specific interaction behavior of the terminal.
  • the specific attribute information of the interaction object is a specific attribute information whose frequency is a predetermined range within a predetermined time, and the specific attribute information is an attribute information of the interaction object or a combination of multiple attribute information, and the second type of authentication information is used.
  • the first authentication challenge set includes at least one of the first type of authentication information and at least one of the second type
  • the authentication information the recognition result of the first type of authentication information and the second type of authentication information in the first authentication challenge set by the user of the terminal; determining the correct rate of the first type of authentication information according to the identification result Certification results.
  • the specific information that the second type of authentication information includes at least one of the following: a specific genus of the interaction object corresponding to the specific interaction behavior of the terminal The specific information in the sexual information that occurs outside the predetermined range within a predetermined time; the specific attribute information in the specific attribute information of the interactive object that does not belong to the specific interactive behavior of the terminal.
  • the first type of authentication information further includes: the user specified by the user of the terminal specified in the terminal The specific attribute information of the interactive object is used to reduce the memory cost of the user of the terminal for the first type of authentication information.
  • the first authentication is performed by the user who receives the terminal Before challenging the identification result of the first type of authentication information and the second type of authentication information in the set, the method further includes: if the interaction object corresponding to the specific interaction behavior of the terminal changes, or the terminal generates the new specific The interaction behavior re-determines the first type of authentication information and the second type of authentication information of the terminal, and presents a second authentication challenge set to the user of the terminal, where the second authentication challenge set is based on the re-determined first class The authentication information and the second type of authentication information are generated.
  • the interaction object corresponding to the specific interaction behavior of the terminal is changed, including: adding a specific interaction behavior of the terminal.
  • the specific implementation is The specific interaction behavior of the terminal includes the behavior of the terminal accessing the contact of the terminal, the first type of authentication information and the second type of authentication information being specific attribute information of the contact; or the specific interaction behavior of the terminal includes the The behavior of the terminal accessing the audio and video files of the terminal, the first type of authentication information and the second type of authentication information being specific attribute information of the audio and video file; or the specific interaction behavior of the terminal includes the application of the terminal accessing the terminal Behavior, the first type of authentication information and the second type of authentication information are specific attribute information of the application; or the specific interaction behavior of the terminal includes the behavior of the terminal accessing the website, the first type of authentication information and the second type of authentication The information is specific attribute information of the website; or the specific interaction behavior of the terminal includes the behavior of the terminal accessing the picture of the terminal, A type of authentication information and the second type of authentication information are
  • the method further includes: configuring the predetermined time, the predetermined range, and the number of the first type of authentication information that needs to be identified by the user of the terminal. .
  • Determining the authentication result according to the recognition accuracy rate of the first type of authentication information in the identification result is specifically implemented as: if the number of the first type of authentication information identified by the user of the terminal in the identification result is not less than N pieces, determining The authentication of the user of the terminal is passed; or if the number of the first type of authentication information identified by the user of the terminal is less than N, the authentication of the user of the terminal is determined not to pass.
  • a seventh possible implementation if the predetermined time and the predetermined range are larger, the set of the first type of authentication information is larger, and the terminal is The greater the security strength of the user's authentication; if the number N of the first type of authentication information that needs to be identified for the user of the terminal is greater, the identification result required for the authentication of the user of the terminal is The greater the recognition accuracy rate of the first type of authentication information, the greater the security strength of the authentication of the user of the terminal.
  • the specific implementation is The predetermined range is a range of the specific attribute information of the interaction object corresponding to the specific interaction behavior of the terminal in a predetermined time or more, or a specific attribute information of the interaction object corresponding to the specific interaction behavior of the terminal.
  • determining the terminal Before the first type of authentication information the method further includes: configuring a set of excluded authentication information of the terminal, wherein the authentication information in the excluded authentication information set is not allowed as the first type of authentication information.
  • determining the first type of authentication information of the terminal is specifically implemented as: determining that the specific attribute information of the interaction object corresponding to the specific interaction behavior of the terminal occurs within a predetermined time within a predetermined time and does not belong to the excluded authentication set.
  • the specific attribute information is the first type of authentication information.
  • the method further includes: generating the first authentication challenge set according to the first type of authentication information and the second type of authentication information of the terminal, so as to present the first to the user of the terminal.
  • a set of certification challenges Before the user of the terminal presents the first authentication challenge set, the method further includes: generating the first authentication challenge set according to the first type of authentication information and the second type of authentication information of the terminal, so as to present the first to the user of the terminal.
  • the terminal includes smartphones, tablets, personal computers, servers or workstations.
  • an authentication apparatus comprising: a confirmation unit, configured to determine a first type of authentication information and a second type of authentication information of a terminal where the apparatus is located, wherein the first type of authentication information includes the The specific attribute information of the interaction object corresponding to the specific interaction behavior of the terminal occurs in a predetermined time within a predetermined time, and the specific attribute information is an attribute information of the interaction object or a combination of multiple attribute information.
  • the second type of authentication information is used by the user who interferes with the terminal to select the first type of authentication information
  • the authentication and presentation unit is configured to present the first authentication challenge set to the user of the terminal, where the first authentication challenge set includes at least a first type of authentication information and at least one of the second type of authentication information
  • a receiving unit configured to receive, by the user of the terminal, the first type of authentication information and the second type of authentication information in the first authentication challenge set
  • the identification unit is configured to determine an authentication result according to the recognition accuracy rate of the first type of authentication information in the identification result.
  • the second type of authentication information is specifically configured to include at least one of the following: the specific attribute information of the interaction object corresponding to the specific interaction behavior of the terminal is within a predetermined time The specific attribute information whose occurrence frequency is outside the predetermined range; the specific attribute information in the specific attribute information of the interactive object that does not belong to the specific interaction behavior of the terminal.
  • the first type of authentication information further includes: the user specified by the user of the terminal specified in the terminal
  • the specific attribute information of the interactive object is used to reduce the memory cost of the user of the terminal for the first type of authentication information.
  • the confirmation unit is further configured to re-determine the first type of authentication information and the second type of authentication information of the terminal. So that the authentication presentation unit presents a second authentication challenge set to the user of the terminal, wherein the second authentication challenge is generated in combination with the first type of authentication information and the second type of authentication information that are re-determined based on the determining unit.
  • the interaction object corresponding to the specific interaction behavior of the terminal is changed, including: adding a specific interaction behavior of the terminal The interaction object, or the interaction object corresponding to the specific interaction behavior of the terminal, or the interaction object corresponding to the specific interaction behavior of the terminal.
  • the specific implementation is The specific interaction behavior of the terminal includes the behavior of the terminal accessing the contact of the terminal, the first type of authentication information and the second type of authentication information being specific attribute information of the contact; or the specific interaction behavior of the terminal includes the The behavior of the terminal accessing the audio and video files of the terminal, the first type of authentication information and the second type of authentication information being specific attribute information of the audio and video file; or the specific interaction behavior of the terminal includes the application of the terminal accessing the terminal Behavior, the first type of authentication information and the second type of authentication information are specific attribute information of the application; or the specific interaction behavior of the terminal includes the behavior of the terminal accessing the website, the first type of authentication information and the second type of authentication The information is specific attribute information of the website; or the specific interaction behavior of the terminal includes the behavior of the terminal accessing the picture of the terminal, A type of authentication information and the second type of authentication information
  • the apparatus further
  • the first configuration unit is configured to: configure the predetermined time, the predetermined range, and the number of the first type of authentication information that needs to be identified by the user of the terminal for authentication. N.
  • the authentication unit is specifically configured to: if the number of the first type of authentication information identified by the user of the terminal in the identification result is not less than N, or if the user of the terminal identifies the first type of authentication in the identification result If the number of pieces of information is less than N, it is determined that the authentication of the user of the terminal does not pass.
  • the greater the predetermined time and the predetermined range, the larger the set of the first type of authentication information, the user of the terminal The greater the security strength of the authentication; the greater the number of the first type of authentication information that needs to be identified by the user of the terminal, the first of the identification results required for the authentication of the user of the terminal.
  • the specific implementation is The predetermined range is a range of the specific attribute information of the interaction object corresponding to the specific interaction behavior of the terminal in a predetermined time or more, or a specific attribute information of the interaction object corresponding to the specific interaction behavior of the terminal.
  • the device is further The second configuration unit is configured to configure the excluded authentication information set of the terminal, where the authentication information in the excluded authentication information set is not allowed as the first type of authentication information.
  • the determining unit is specifically configured to determine that the specific attribute information of the interaction object corresponding to the specific interaction behavior of the terminal occurs within a predetermined time within a predetermined time and The specific attribute information that does not belong to the excluded authentication set is the first type of authentication information.
  • the apparatus further The generating unit is configured to: generate the first authentication challenge set according to the first type of authentication information and the second type of authentication information of the terminal, so as to present the first authentication challenge set to a user of the terminal.
  • the terminal includes smartphones, tablets, personal computers, servers or workstations.
  • a terminal comprising: a processor, a memory, a communication interface, a display device, and an input device, the processor being coupled to the memory, and connected to the display device and the input through the communication interface a device, the memory stores a set of program codes, and the processor is configured to call the program code stored in the memory, to perform the following operations: determining the first type of authentication information and the second type of authentication information of the terminal, and passing the The communication interface presents a first authentication challenge set to the user of the terminal on the display device, where the first type of authentication information includes the specific attribute information of the interaction object corresponding to the specific interaction behavior of the terminal, which occurs in a predetermined time.
  • the specific attribute information of the predetermined range is a kind of attribute information or a combination of multiple attribute information of the interaction object
  • the second type of authentication information is used by a user who interferes with the terminal to select the first type of authentication information.
  • the first authentication challenge set includes at least one of the first type of authentication information and at least one of the second type
  • the recognition accuracy rate of the first type of authentication information determines the authentication result.
  • the display device is configured to present the first authentication challenge set to a user of the terminal.
  • the input device is configured to input a recognition result of the first type of authentication information and the second type of authentication information in the first authentication challenge set by a user of the terminal.
  • the second type of authentication information is specifically configured to include at least one of the following: the specific attribute information of the interaction object corresponding to the specific interaction behavior of the terminal is within a predetermined time The specific attribute information whose occurrence frequency is outside the predetermined range; the specific attribute information in the specific attribute information of the interactive object that does not belong to the specific interaction behavior of the terminal.
  • the first type of authentication information further includes: the user specified by the user of the terminal specified in the terminal The specific attribute information of the interactive object is used to reduce the memory cost of the user of the terminal for the first type of authentication information.
  • the processor is further configured to re-determine the first type of authentication information and the second type of authentication information of the terminal, so that the communication interface is used to
  • the user in the display device presents a second authentication challenge set to the user of the terminal, and the second authentication challenge set is generated based on the first type of authentication information and the second type of authentication information that are determined by the determining unit.
  • the interaction object corresponding to the specific interaction behavior of the terminal is changed, including: adding a specific interaction behavior of the terminal.
  • the specific implementation is The specific interaction behavior of the terminal includes the behavior of the terminal accessing the contact of the terminal, the first type of authentication information and the second type of authentication information being specific attribute information of the contact; or the specific interaction behavior of the terminal includes the The behavior of the terminal accessing the audio and video files of the terminal, the first type of authentication information and the second type of authentication information being specific attribute information of the audio and video file; or the specific interaction behavior of the terminal includes the application of the terminal accessing the terminal Behavior, the first type of authentication information and the second type of authentication information are specific attribute information of the application; or the specific interaction behavior of the terminal includes the behavior of the terminal accessing the website, the first type of authentication information and the second type of authentication The information is specific attribute information of the website; or the specific interaction behavior of the terminal includes the behavior of the terminal accessing the picture of the terminal, A type of authentication information and the second type of authentication information
  • the processor It is further configured to configure the predetermined time, the predetermined range, and the number N of first type authentication information that needs to be identified by the user of the terminal for authentication.
  • the processor is specifically configured to: if the user of the terminal identifies the first type of authentication information in the identification result The number of articles is not less than N, so The authentication of the user of the terminal is passed, or if the number of the first type of authentication information identified by the user of the terminal is less than N, the authentication of the user of the terminal is determined not to pass.
  • the greater the predetermined time and the predetermined range, the larger the set of the first type of authentication information, the user of the terminal The greater the security strength of the authentication; the greater the number of the first type of authentication information that needs to be identified by the user of the terminal, the first of the identification results required for the authentication of the user of the terminal.
  • the specific implementation is The predetermined range is a range of the specific attribute information of the interaction object corresponding to the specific interaction behavior of the terminal in a predetermined time or more, or a specific attribute information of the interaction object corresponding to the specific interaction behavior of the terminal.
  • the processor The method further includes configuring the excluded authentication information set of the terminal, where the authentication information in the excluded authentication information set is not allowed as the first type of authentication information.
  • the processor is specifically configured to determine that the specific attribute information of the interaction object corresponding to the specific interaction behavior of the terminal occurs within a predetermined time within a predetermined time and The specific attribute information that does not belong to the excluded authentication set is the first type of authentication information.
  • the processor The method further includes: generating the first authentication challenge set according to the first type of authentication information of the terminal and the second type of authentication information, so as to present the first authentication challenge set to a user of the terminal.
  • the terminal includes a smartphone, a tablet, a personal computer, a server, or a workstation.
  • the display device and the input device are the same device having both display and input functions in the terminal; or the display device and the input device are different devices in the terminal.
  • the user authentication method, the authentication device, and the terminal in the embodiment of the present invention perform identity authentication according to specific attribute information of a specific interaction object that the user most recently uses. Since the specific attribute information of the specific interactive object that is most frequently used recently belongs to the information in the user's memory period, the cost of the user's memory can be reduced, and the authentication information that occurs every time is not fixed, and the authentication can be avoided due to inadvertent voyeurism. The information is stolen, so that it can have a certain anti-peeping ability while reducing the user's memory cost.
  • FIG. 1 is a flow chart of a method for user authentication according to an embodiment of the present invention.
  • FIG. 2 is a schematic flowchart of performing user authentication by using contact information according to an embodiment of the present invention.
  • FIG. 3 is a schematic flow chart of performing user authentication by playing music piece information according to an embodiment of the present invention.
  • FIG. 4 is a schematic diagram of a process for performing user authentication by accessing website information of a website according to an embodiment of the present invention.
  • FIG. 5 is a schematic flow chart of user authentication by using the read e-book information in the embodiment of the present invention.
  • FIG. 6 is a schematic flowchart of performing user authentication by using an APP according to an embodiment of the present invention.
  • FIG. 7 is a schematic structural diagram of an authentication apparatus according to an embodiment of the present invention.
  • FIG. 8 is a schematic structural diagram of a terminal according to an embodiment of the present invention.
  • the method of Figure 1 is a flow chart of a method for user authentication according to an embodiment of the present invention.
  • the method of Figure 1 is performed by an authentication device.
  • the authentication device may be an authentication module of the system in the terminal, or a chip for implementing the authentication function in the terminal, which is not limited herein.
  • the first type of authentication information includes specific attribute information in a specific attribute information of the interaction object corresponding to the specific interaction behavior of the terminal, which occurs within a predetermined time within a predetermined time, and the specific attribute information is one of the interaction object.
  • the specific interaction behavior refers to the interaction behavior used in the authentication process to determine the frequency of occurrence.
  • the interaction object corresponding to the specific interaction behavior refers to the source of the first type of authentication information, and the specific attribute information of the interaction object can be used to form the first type of authentication information.
  • the specific attribute information is a kind of attribute information or a combination of multiple attribute information of the interactive object, and may be, for example, a unique identifier, a name, a picture, or a name + a picture, and the like.
  • the specific attribute information of different interactive objects may be the same.
  • the album name is the same.
  • the authors of several different e-books may be the same author, and so on.
  • the second type of authentication information may include at least one of the following: the specific attribute information of the specific attribute information of the interactive object corresponding to the specific interaction behavior of the terminal occurs within a predetermined time within a predetermined time; The specific attribute information in the specific attribute information of the interaction object corresponding to the specific interaction behavior of the terminal.
  • the specific interaction behavior of the terminal is an interaction behavior specified in the authentication process.
  • the specific interaction behavior of the terminal may have multiple representations.
  • the first type of authentication information and the second type of authentication information may also have multiple representations.
  • the specific interaction behavior of the terminal may include the behavior of the terminal accessing the contact of the terminal, the first type of authentication information and the second type of authentication information being specific attribute information of the contact; or the specific interaction behavior of the terminal
  • the behavior of the terminal to access the audio and video files of the terminal may be included, the first type of authentication information and the second type of authentication information being specific attribute information of the audio and video file; or the specific interaction behavior of the terminal may include the terminal accessing the The behavior of the application of the terminal, the first type of authentication information and the second type of authentication information are specific attributes of the application
  • the specific interaction behavior of the terminal may include the behavior of the terminal accessing the website, the first type of authentication information and the second type of authentication information being specific attribute information of the website; or the specific interaction behavior of the terminal may include the The behavior of the terminal
  • the contact information when the first type of authentication information is the specific attribute information of the contact, the contact information may be a photo of the contact, a name of the contact, a contact phone of the contact, or Contact name + picture, etc.
  • the audio file information when the first type of authentication information is audio file information, the audio file information may be the name of the audio file, the album name of the audio file, or the player of the audio file, etc. .
  • the terminal can have a variety of specific implementations, such as a smartphone, tablet, personal computer, server, or workstation.
  • the terminal may also be other devices having an authentication function, which is not limited herein.
  • the first type of authentication information includes specific attribute information in a specific attribute information of the interaction object corresponding to the specific interaction behavior of the terminal, which occurs within a predetermined time within a predetermined time, wherein the occurrence frequency is a predetermined range, and the occurrence frequency is a predetermined range.
  • the range may be an absolute frequency range, or may be a relative frequency range.
  • the predetermined range is that the specific attribute information of the interaction object corresponding to the specific interaction behavior of the terminal occurs within a predetermined time within a predetermined time.
  • the range, or the specific attribute information of the interactive object corresponding to the specific interaction behavior of the terminal occurs within a predetermined time within a predetermined time, or a specific attribute of the interactive object corresponding to the specific interaction behavior of the terminal.
  • the first type of authentication information may be the name of a contact whose number of calls is more than 5 times in 3 days, or the name of an e-book that reads more than 10% of the total number of e-books in two days, or is played within 5 days.
  • the predetermined time, predetermined range is configurable.
  • the predetermined time may be configured as 12 hours, 1 day, 2 days, 3 days, or even January, and the like, which is not limit.
  • the predetermined range may be configured such that the occurrence frequency is one time or more, five times or more, or the top five, the first 5%, and the like of all occurrence frequencies.
  • the first type of authentication information further includes specific attribute information of the interaction object specified by the user of the terminal in the terminal, so as to reduce the memory cost of the user of the terminal for the first type of authentication information.
  • the method may further include: configuring the excluded authentication information set of the terminal, where the authentication information in the excluded authentication information set is not allowed as the first type of authentication information.
  • determining that the first type of authentication information of the terminal is specifically implemented is: determining that the specific attribute information of the interaction object corresponding to the specific interaction behavior of the terminal occurs within a predetermined time within a predetermined time and does not The specific attribute information belonging to the excluded authentication set is the first type of authentication information.
  • the first authentication challenge set includes at least one of the first type of authentication information and at least one of the second type of authentication information.
  • the authentication information is dynamically generated by using the specific attribute information of the interactive object whose predetermined frequency occurs in the terminal within a predetermined time to authenticate the user, because the information of the specific interactive object that is most frequently used recently belongs to the user memory period.
  • the information of the user can reduce the cost of the user's memory, and the authentication information of each embodiment is not fixed, and the authentication information can be prevented from being stolen due to inadvertent peek. Therefore, the authentication method in the embodiment of the present invention reduces the user's authentication information. At the same time as the memory cost, it also has a certain ability to resist voyeurism.
  • the authentication information can be dynamically generated based on the access frequency to authenticate the user, the user experience can also be improved.
  • the method may further include: if the interaction object corresponding to the specific interaction behavior of the terminal changes, or the terminal generates a new specific interaction behavior, re-determining the first category of the terminal
  • the authentication information and the second type of authentication information are presented to the user of the terminal, where the second authentication challenge set is generated based on the re-determined first type of authentication information and the second type of authentication information.
  • the interaction object corresponding to the specific interaction behavior of the terminal includes: increasing an interaction pair corresponding to the specific interaction behavior of the terminal. For example, the interaction object corresponding to the specific interaction behavior of the terminal is deleted, or the interaction object corresponding to the specific interaction behavior of the terminal is modified. It should be understood that the behavior causing the change of the first type of authentication information and the second type of authentication information is not limited to the above enumerated cases, and the case where the interactive object changes is not limited to the above enumerated cases.
  • the method may further include: configuring the predetermined time, the predetermined range, and the number N of first type authentication information that needs to be identified by the user of the terminal for authentication. It should be understood that the number of the first type of authentication information that needs to be identified by the user of the terminal is the first type of authentication information that the user of the terminal needs to identify from the first authentication challenge set during the user authentication process. The number of articles.
  • the step 104 is specifically implemented as follows: if the first type of authentication information identified by the user of the terminal in the identification result is not less than N, it is determined that the authentication of the user of the terminal passes; or if the terminal is in the recognition result If the first type of authentication information identified by the user is less than N, it is determined that the authentication of the user of the terminal does not pass.
  • N is a positive integer.
  • the configuring the predetermined time, the predetermined range, and the number of the first type of authentication information that needs to be identified by the user of the terminal may include: configuring the predetermined time, the predetermined range, and the The number of types of authentication information that the user needs to identify for authentication is adjusted to the security strength of the authentication of the user of the terminal.
  • the predetermined time and the predetermined range are larger, the larger the set of the first type of authentication information, the greater the security strength of the authentication of the user of the terminal; if the user of the terminal needs to be authenticated, the identification needs to be recognized.
  • the greater the number of the first type of authentication information the greater the recognition accuracy rate of the first type of authentication information in the recognition result required for the authentication of the user of the terminal, and the security of the authentication of the user of the terminal. The greater the intensity.
  • the method further includes: generating the first authentication challenge set according to the first type of authentication information and the second type of authentication information of the terminal, so as to present the first authentication challenge to the user of the terminal. set.
  • FIG. 2 is a schematic flowchart of performing user authentication by using contact information according to an embodiment of the present invention.
  • the authentication information is specific attribute information of the contact.
  • the frequency of occurrence of the specific attribute information of the contact is equal to the frequency of access of the user accessing the contact of the terminal, and the authentication device performs user authentication according to the specific attribute information of the contact that is frequently accessed recently in the terminal.
  • the contact in the embodiment of the present invention may be a contact in a telephone address book of the terminal, a contact of a mail or a contact of other social software; the specific attribute information of the contact may be the name of the contact, the contact person The name of the present invention is not limited herein.
  • the links mentioned below Person information refers to specific attribute information of a contact.
  • the first type of authentication information includes specific attribute information whose access frequency is a predetermined range within a predetermined time in the specific attribute information of the interactive object corresponding to the specific interaction behavior of the terminal.
  • the first type of authentication information is the contact information of the contact information of the terminal within a predetermined time in the contact information of the terminal, that is, the recent frequent contact information, and the contact information may be a contact name, Contact name + photo, etc.
  • the second type of authentication information is used to judge the user of the terminal to judge the first type of authentication information.
  • the second type of authentication information may be specific attribute information whose access frequency is outside the predetermined range within a predetermined time in the specific attribute information of the interaction object corresponding to the specific interaction behavior of the terminal, or a specific interaction behavior that does not belong to the terminal.
  • the second type of authentication information may be contact information whose access frequency is outside a predetermined range within a predetermined time, or contact information that does not belong to the terminal.
  • the contact information of different contacts is generally different. That is, determining a contact can be equivalent to determining contact information.
  • the user can configure the working mode of the authentication device, and the configured parameters can be saved in the configuration database of the authentication device.
  • the user can perform the following configurations:
  • the first type of contact selection method parameters may include a valid time requirement for accessing the contact record (denoted as T, for example, 3 days, 5 days, 10 hours, etc.), and the contact access frequency requirement (recorded as X) , indicates a predetermined number of times, for example, 5 times, or indicates a predetermined ranking, such as the top 3, or indicates a predetermined ratio, such as 3%, etc.).
  • the first type of contact determined based on T and X can be denoted as L.
  • the user may not configure, and the authentication device may set a default setting for the first type of contact selection method parameter.
  • the user may also specify one or more contacts as a fixed first type of contact, rather than through the T and X temporary calculations described above.
  • the first type of contact specified by the user can be recorded as D.
  • the second type of contact parameters may include the number of obfuscated items (denoted as f) when constructing the authentication information and/or the number of distracting items (denoted as i) when constructing the authentication information.
  • the confusing term refers to the system Machine-generated fake contacts, or contacts that do not exist in the terminal
  • the interference item refers to the contact that the user has not contacted recently.
  • the authentication selection parameter may include the number of first-type contacts that must be correctly selected at the same time for each authentication (denoted as c, for example, three must be correctly selected at the same time to pass the authentication).
  • the authentication device can also introduce a security strength adjustment function to adjust the security strength of the identity authentication by adjusting the values of the above f, i and c. Obviously, the larger the three values, the higher the security strength.
  • the authentication device may set different difficulty levels, each level corresponding to different values, and the implementation may be implemented by a security strength drag bar or a difficulty selection box; or, the authentication device may provide a numerical adjustment function, and respectively adjust The above three values.
  • the authentication device After the configuration is complete, the authentication device automatically loads the corresponding configuration parameters when the authentication is started.
  • the information of the first type of contact is the first type of authentication information
  • the information of the second type of contact is the second type of authentication information
  • the authentication device can read the address book maintained in the terminal into the set M.
  • the authentication device can obtain the contact information through the API of the system; for the mail or other social programs, the authentication device can obtain the contact information through the plug-in of the software program or the system API Hook.
  • the authentication device directly adds all the elements in the D to the set L; otherwise, the terminal device phone program, mail program or other social software maintenance is read through the system API.
  • the contact record N within the time T, removes the contact record in the contact list of the contact in the NP set or not in the terminal, calculates the frequency of occurrence of each contact and sorts, and obtains a group of contacts whose contact frequency meets the requirements, Put in the collection L.
  • There are various methods for calculating the contact frequency For example, the contact record initiated by the terminal owner may be included only, and the contact record initiated by the contact owner of the terminal owner may be ignored, or both.
  • the set L constructed at this time is a collection of the first type of contacts.
  • the range of the first type of contacts may be determined according to the content represented by X.
  • X represents a predetermined number of accesses, and at this time, a contact whose access frequency is more than a predetermined number of times in a predetermined time is determined to be a first type of contact, for example, the access frequency is 5 in 3 days. More than one contact is the first type of contact.
  • X represents a first predetermined ratio of the total number of accesses, and at this time, a relationship may be determined in which the access frequency is greater than the first predetermined ratio of the total number of accesses in the predetermined time.
  • the first type of contact is the first contact, wherein the total number of visits is the total number of visits to the contact within a predetermined time, for example, the contact whose frequency of visits is more than 3% of the total number of visits within 5 days.
  • X represents a predetermined ranking of the access frequency, and at this time, a contact whose access frequency is ranked within a predetermined ranking within a predetermined time may be determined, for example, the top 3 access frequency in the 10 hours. Name of the contact.
  • X represents a second predetermined proportion of the access frequency ranking, and at this time, the contact whose access frequency ranks above the second predetermined ratio within a predetermined time may be determined as the first type of contact. For example, the top 3% of contacts in the frequency of access within 5 days.
  • the interference item refers to information of a contact that the user has not visited recently.
  • the authentication device selects a subset R of size i from the set M according to the configuration information, and requires the user to not contact the contact in the set R recently, and the elements in the set R are not in the L, and then take one from the set L.
  • the subset V of size c is the first type of contact identified by the user in this authentication.
  • the set R is empty, and the scheme degenerates to require the user to identify the real existing contacts from the set of contacts containing the fake contacts.
  • the number of elements in V may be more than c.
  • the obfuscated item refers to a fake contact randomly generated by the system, or a contact that does not exist in the terminal.
  • the authentication device generates a set of fake contacts, the number of which is f, which is recorded as the set F.
  • a fake contact can be randomly combined according to the initial configuration of the common last name and common name and related information (such as avatar) in the system, or can be obtained by connecting to a remote network service.
  • Elements in set F cannot appear in set L or D. Strictly speaking, elements in set F cannot also appear in set R.
  • the authentication device presents the authentication challenge set A to the user for identification by the user.
  • the authentication device can determine the result of the authentication. If the user can select an element from c Vs, the authentication is successful; otherwise the authentication fails.
  • 24 pieces of contact information may be presented to the user. If the user can select 3 correct contact information from the user, the authentication is successful, otherwise the authentication fails.
  • the weighting calculation may be performed according to the time length of the contact behavior to the current time length, and the user may directly designate a fixed set of contacts as the permanent first type contact. At this time, it is equivalent to giving the maximum right to this set of fixed contacts.
  • the size of the selection space can be increased to confuse the information, and the information in the sets R and V can be protected from attack. The person directly infers the contact that actually exists in the terminal.
  • the set R the difficulty of the selection can be further improved, and an attack familiar with the current terminal owner can be prevented from directly guessing the first type of contacts according to the background knowledge about the contacts that the terminal owner may use.
  • the method of the embodiment of the present invention can support multiple operating modes.
  • the initial authentication mode needs to be performed.
  • the initial authentication mode needs to perform the aforementioned steps 210 to 270.
  • the initial authentication mode directly jumps to step 210, and steps 210 to 270 are performed.
  • the user's first type of contact may have changed at this time, and the authentication device needs to perform the contact authentication mode.
  • the authentication device may perform the contact authentication mode before step 270 and any step after step 230.
  • the interaction behavior other than authentication is usually not generated in the authentication process, only after the authentication is completed. Other interactions may occur.
  • the contact authentication mode needs to jump to step 230, and step 230 to step 270 are performed.
  • the re-election authentication is mainly used when the user wants to provide the strongest anti-peeping ability, or when the number of user authentication errors is too many, and the subset V that is recalculated each time is different under the condition that the set L is unchanged, and the C can be reselected at most.
  • the reselection authentication mode needs to jump to step 240, and the reselection authentication mode needs to perform step 240 to step 270.
  • the set A is completely unchanged, based on the same secret.
  • the interference information authenticates the user.
  • the constant authentication mode only needs to be re-executed in step 270.
  • the scheme can resist guessing attacks for a long time by delaying the authentication for a period of time (for example, 30 seconds) in the case where the user continuously authenticates the error.
  • the system performs a reselection authentication, can recalculate the challenge set A, and then re-enter the constant authentication mode.
  • the authentication secret of this program is based on the constantly changing information of the first category of contacts.
  • the attacker peeks into the secret of the user's last authentication (a group of first-class contacts at the time), and he is conditionally able to get the user's terminal, he can try to authenticate based on the previously obtained secret.
  • the real user of the terminal has already had several new communication behaviors.
  • the first type of contact has changed, and the last authentication secret is invalid.
  • This solution has complete anti-peeping ability.
  • the system can be set to perform reselection authentication every time, so that each time based on different secret authentication users, combined with authentication errors Delay can provide better anti-peeping ability. For example, if the user has 8 eligible first-category contacts (
  • 8), if you want to select 3 frequent contacts (
  • 3) each time, before performing 56 re-elections, each The secrets of sub-certification are different.
  • the method of the embodiment of the present invention protects the contact information that exists in the terminal through the fake contact set F, thereby avoiding leakage of the private information. If the attacker does not have the background knowledge of the possible contacts of the current terminal owner, he will have difficulty distinguishing the real contacts in the terminal from the fake contacts through the display information on the terminal screen, so this time The program does not cause additional information disclosure. If the attacker M has the background knowledge of the contact O of the current terminal owner N and N, and obtains the terminal of the N, then the maximum information that the M can obtain from the terminal of the N is: N and O mutually recognize each other. At this time, the amount of such privacy leakage is extremely small.
  • FIG. 3 is a schematic flow chart of performing user authentication by playing music piece information according to an embodiment of the present invention.
  • the authentication information is specific attribute information of the audio file, such as an audio file.
  • the embodiment of the present invention realizes the recognition of the terminal owner (i.e., the user) by having the user recall and select the musical piece or the musical piece player that he has recently listened to frequently.
  • the music piece information mentioned below is the specific attribute information of the audio file.
  • the authentication device can obtain the music piece information of the audio file in various manners.
  • the authentication device may include an audio file monitoring module for monitoring audio files in the system of the terminal and their opening.
  • the first type of authentication information is music piece information whose frequency occurs within a predetermined range within a predetermined time.
  • a piece of musical composition information may correspond to a plurality of audio files.
  • the musical piece information is the album name
  • the musical piece information of all the audio files belonging to the same album is the same, and when the frequency of occurrence is calculated, the musical piece information of all the audio files belonging to the same album should be collectively calculated.
  • the second type of authentication information is music piece information for interfering with user judgment.
  • the user can configure the working mode of the authentication device, and the configured parameters can be saved in the configuration database of the authentication device.
  • the user can perform the following configurations:
  • the parameters of the first type of music work information selection method may include the time requirement for effective playing of the music work (denoted as T, for example, 3 days, 5 days, 10 hours, etc.), the frequency requirement of the music piece information (recorded as X, representing a predetermined number of times, for example, 5 times, or indicating a predetermined ranking, such as the top 3, or indicating a predetermined ratio, such as 3%, etc.).
  • the first type of musical piece information determined based on T and X can be recorded as L.
  • the user may not configure, and the authentication device may set a default setting for the first type of music composition information selection method parameter.
  • the user may specify one or more pieces of musical composition information as fixed first type of musical piece information, rather than being temporarily calculated by the above T and X calculations.
  • the first type of musical composition information specified by the user can be recorded as D.
  • the second type of musical composition information parameter may include the number of obfuscated items (denoted as f) when constructing the authentication information and/or the number of distracting items (denoted as i) when constructing the authentication information.
  • the confusing term refers to the false music work information randomly generated by the system, or the music work information that does not exist in the terminal, and the interference item refers to the music work information that does not appear in the music work that the user recently played.
  • the authentication selection parameter may include the number of the first type of musical piece information that must be correctly selected at the same time for each authentication (denoted as c, for example, three must be correctly selected at the same time to pass the authentication).
  • the authentication device can also introduce a security strength adjustment function to adjust the security strength of the identity authentication by adjusting the values of the above f, i and c. Obviously, the larger the three values, the higher the security strength.
  • the authentication device may set different difficulty levels, each level corresponding to different values, and the implementation may be implemented by a security strength drag bar or a difficulty selection box; or, the authentication device may provide a numerical adjustment function, and respectively adjust The above three values.
  • the authentication device After the configuration is complete, the authentication device automatically loads the corresponding configuration parameters when the authentication is started.
  • the first type of music work information is the first type of authentication information
  • the second type of music work information is the second type of authentication information
  • the authentication device may include an audio file monitoring module for monitoring the playback of the audio file.
  • the authentication device can read a list of all audio files stored by the terminal and its players (recorded as L1) and a recent audio file playlist (denoted as L2) through the audio file monitoring module. If the audio file monitoring switch is turned on, the opening operation of the audio file in the terminal system can be monitored by means of a Hook system file open function, and the information recorded in the database is continuously updated.
  • the authentication device can also implement the above functions through a function module similar to the audio file monitoring module, which is not limited herein.
  • the elements in D are put into the set L; otherwise, the module calculates the playing frequency of the music and the player according to L2, and takes out a group of recent frequent play. The music or work player puts in the collection L. If the number of elements of L is less than c, then all audio file lists or players corresponding to all audio files can be placed in the set L.
  • the set L constructed at this time is a collection of the first type of musical composition information.
  • the interference item refers to music piece information that does not appear in the music piece that the user has recently played.
  • the authentication device selects a subset R of size i from the set L1 according to the configuration information, and requires that none of the elements in R appear in the set L2 (these pieces of music work have not appeared recently), and the elements in the set R are not in the L. Then, a subset V of size c is taken from the set L as the first type of musical piece information recognized by the user in the authentication. If L contains all the audio files on the terminal, then R is empty without interference items, and the scheme is degraded to require the user to identify the musical piece information that actually exists on the terminal from the set containing the fake musical piece information.
  • the number of elements in V may be more than c.
  • the obfuscated item refers to music piece information randomly generated by the system, or music piece information that does not exist in the terminal.
  • the authentication device generates a set of false musical composition information (fake music, music albums, or performers, etc.), the number of which is f, and is recorded as a set F.
  • the fake music work information can be obtained according to the music library or the player library that is initially configured in the system; it can also be obtained by connecting to the remote network service. Elements in set F cannot appear in set L or D.
  • the authentication device presents the authentication challenge set A to the user for identification by the user.
  • the authentication device can determine the result of the authentication. If the user can select an element from c Vs, the authentication is successful; otherwise the authentication fails.
  • the weighting calculation may be performed according to the time length of the playing behavior to the current time length, and the user may directly designate a set of fixed music works information as the first type of music works. Information, at this time equivalent to giving this set of fixed entities The biggest right.
  • a false authentication information set F in the process of constructing the set A displayed on the screen, the size of the selection space is increased, which serves as a confusion to improve the discrimination to the user, and also protects the set R and V. Information.
  • the purpose of introducing the set R by the method is to further improve the difficulty of selection, and avoid an attacker who knows the music work information existing in the terminal directly guessing the first type of music work information.
  • the method of the embodiment of the present invention can support multiple modes of operation.
  • the initial authentication mode needs to be performed.
  • the initial authentication mode needs to perform the aforementioned steps 310 to 370.
  • the initial authentication mode directly jumps to step 310, and steps 310 to 370 are performed.
  • the user's first type of musical composition information may have changed at this time, and the authentication device needs to execute the play authentication mode.
  • the authentication device may perform the play authentication mode before step 370 and any step after step 330.
  • the play authentication mode needs to jump to step 330, and steps 330 to 370 are performed.
  • the re-election authentication is mainly used when the user wants to provide the strongest anti-peeping ability, or when the number of user authentication errors is too many, and the subset V that is recalculated each time is different under the condition that the set L is unchanged, and the C can be reselected at most.
  • combination calculation
  • the reselection authentication mode needs to jump to step 340, and the reselection authentication mode needs to perform steps 340 to 370.
  • the set A is completely unchanged, based on the same secret.
  • the interference information authenticates the user.
  • the arrow 371 of FIG. 3 points to the point where the constant authentication mode only needs to be re-executed step 370.
  • the scheme can resist guessing attacks for a long time by delaying the authentication for a period of time (for example, 30 seconds) in the case where the user continuously authenticates the error.
  • the continuous authentication error must be After the number of times, the system performs a reselection authentication, which can recalculate the challenge set A and then re-enter the constant authentication mode.
  • the authentication secret of this program is based on the constantly changing information of the first type of music work information. Assuming that the attacker peeks into the secret of the user's last authentication (a set of first-class music work information at the time), and he is conditionally able to get the user's terminal, he can try to authenticate based on the previously obtained secret. In many cases, the real user of the terminal has already had several new playback behaviors. At this time, the information of the first type of music works has changed, and the last authentication secret is invalid. This scheme has complete anti-peeping ability.
  • the system can be set to perform reselection authentication every time, so that each time based on different secret authentication users, combined with authentication errors Delay can provide better anti-peeping ability. For example, the user has 8 eligible first-class musical pieces of information (
  • 8), and if three first-class musical pieces of information (
  • 3) are required to be selected each time, 56 re-elections are performed. Prior to certification, the secret of each authentication was different.
  • FIG. 4 is a schematic diagram of a process for performing user authentication by accessing website information of a website according to an embodiment of the present invention.
  • the authentication information is specific attribute information of the visited website, such as a website address, a website name, a website icon, a domain name, and the like as a website identifier recognized by the user.
  • the website information mentioned below refers to the specific attribute information of the visited website.
  • the authentication device can obtain website information in various manners.
  • the authentication device may include a URL input monitoring module that monitors and records the user's URL input in the browser, either in the form of a BHO (Browser Helper Object) object embedded in an existing browser or a mobile device manufacturer.
  • a self-developed browser that supports URL access records.
  • the web address input monitoring module can always monitor and record the website address input by the user through the browser address bar or the favorites, and the web address automatically accessed by the browser automatically opens the window without recording.
  • the first type of authentication information is website information whose access frequency is within a predetermined range within a predetermined time.
  • the second type of authentication information is website information used to interfere with user judgment.
  • the user can configure the working mode of the authentication device, and the configured parameters can be saved in the configuration database of the authentication device.
  • the user can perform the following configurations:
  • Exclude website information can be recorded as NP. This part specifies that the website information will not participate in the process of generating authentication information, thus allowing users to directly exclude some websites that users feel sensitive and do not want to use, and some users will fix it almost every day. Visit the website. In other words, the elements of the collection NP do not appear in the first type of website information. Of course, in order to avoid confusion, the elements of the collection NP will not appear in the second type of website information.
  • the first type of website information selection method parameters which may include the time requirement of effective website information (denoted as T, for example, 3 days, 5 days, 10 hours, etc.), the frequency requirement of website information (denoted as X, indicating The predetermined number of times, for example, 5 times, or indicates a predetermined ranking, such as the top 3, or indicates a predetermined ratio, such as 3%, etc.).
  • the first type of website information determined based on T and X can be recorded as L.
  • the user may not configure, and the authentication device may set a default setting for the first type of website information selection method parameter.
  • the user may also specify one or more website information as a fixed first type of website information, rather than through the T and X temporary calculations described above.
  • the first type of website information specified by the user can be recorded as D.
  • the second type of website information parameter may include the number of obfuscated items (denoted as f) when constructing the authentication information and/or the number of distracting items (denoted as i) when constructing the authentication information.
  • the confusing item refers to the fake website information randomly generated by the system, that is, the website information of the website that the user has never visited, and the interference item refers to the website information of the website that the user has visited before but has not visited recently.
  • the authentication selection parameter may include the number of the first type of website information that must be correctly selected at the same time for each authentication (denoted as c, for example, three must be correctly selected at the same time to pass the authentication).
  • the authentication device can also introduce a security strength adjustment function to adjust the security strength of the identity authentication by adjusting the values of the above f, i and c. Obviously, the larger the three values, the higher the security strength.
  • the authentication device may set different difficulty levels, each level corresponding to different values, and the implementation may be implemented by a security strength drag bar or a difficulty selection box; or, the authentication device may provide a numerical adjustment function, and respectively adjust The above three values.
  • the authentication device After the configuration is complete, the authentication device automatically loads the corresponding configuration parameters when the authentication is started.
  • the first type of website information is the first type of authentication information
  • the second type of website information is the second type of authentication information
  • the authentication device can include a web address input monitoring module for monitoring the visited website.
  • the authentication device can read the user web access record stored in the terminal through the web address input monitoring module (recorded as a list), and if the monitoring switch is turned on, the user input and monitoring can be monitored through the web address input monitoring module. List List. For the website information in the collection NP or the collection D, it may not be recorded.
  • the authentication device can also implement the above functions by inputting the function module of the monitoring module, and the embodiment of the present invention is not limited herein.
  • the module selects a group of recently visited sites into the collection L according to the pre-configured filter criteria. If the user specifies the set D or there is not enough URL records in the terminal, the elements in D are placed in the set L. A subset V of size c is taken from the set L as the website information identified by the user in this authentication. If the size of L is less than c, then all the URLs can be placed in the set L.
  • the set L constructed at this time is a collection of the first type of website information.
  • the interference item is website information of a visiting website that the user has visited before but has not visited recently.
  • the authentication device selects a subset R of size i from the list List according to the configuration information, and requires that the elements in the R are not in the L, and then takes a subset V of the size c from the set L, as the user is required in the authentication.
  • the first type of website information identified. If L contains the website information record of all the visiting websites on the terminal, then R is empty without interference items, and the scheme is degraded to require the user to identify the website that actually exists on the terminal from the collection containing the fake website information. information.
  • the number of elements in V may be more than c.
  • the obfuscated item refers to website information randomly generated by the system, or website information of a website that the terminal has never visited.
  • the authentication device generates a set of fake website information, the number of which is f, which is recorded as the set F.
  • False website information can be filtered according to the initially configured website information database in the system; it can also be retrieved by connecting to a remote web service. Elements in set F cannot appear in set L or D.
  • the authentication device presents the authentication challenge set A to the user for identification by the user.
  • the authentication device can determine the result of the authentication. If the user can select an element from c Vs, the authentication is successful; otherwise the authentication fails.
  • the weighting calculation when calculating the information of the first type of website, may be performed according to the time length of the access behavior to the current time length, and the user may directly specify a fixed set of website information as the first type of website information. This is equivalent to giving the largest weight to this set of fixed entities.
  • a false authentication information set F in the process of constructing the set A displayed on the screen, the size of the selection space is increased, which serves as a confusion to improve the discrimination to the user, and also protects the set R and V. Information.
  • the purpose of introducing the set R in this method is to further improve the difficulty of selection, and avoid an attacker who knows the website information existing in the terminal directly guessing the first type of website information.
  • the method of the embodiment of the present invention can support multiple modes of operation.
  • the initial authentication mode needs to be performed.
  • the initial authentication mode needs to perform the aforementioned steps 410 to 470.
  • the initial authentication mode directly jumps to step 410, and steps 410 to 470 are performed.
  • the authentication device may perform the access authentication mode before step 470 and any step after step 430.
  • the access authentication mode needs to jump to step 430, and steps 430 to 470 are performed.
  • the re-election authentication is mainly used when the user wants to provide the strongest anti-peeping ability, or when the number of user authentication errors is too many, and the subset V that is recalculated each time is different under the condition that the set L is unchanged, and the C can be reselected at most.
  • combination calculation
  • the reselection authentication mode needs to jump to step 440, and the reselection authentication mode needs to perform steps 440 to 470.
  • the set A is completely unchanged, based on the same secret.
  • the interference information authenticates the user.
  • the constant authentication mode only needs to be re-executed in step 470.
  • the scheme can resist guessing attacks for a long time by delaying the authentication for a period of time (for example, 30 seconds) in the case where the user continuously authenticates the error.
  • the system performs a reselection authentication, can recalculate the challenge set A, and then re-enter the constant authentication mode.
  • the authentication secret of this program is based on the constantly changing information of the first type of website information. Assuming that the attacker peeks into the secret of the user's last authentication (a set of first-class website information at the time), and he is conditionally able to get the user's terminal, he can attempt authentication based on the previously obtained secret. In many cases, the real user of the terminal has already had several new access behaviors. At this time, the information of the first type of website has changed, and the last authentication secret is invalid. This scheme has complete anti-peeping ability.
  • the system can be set to perform reselection authentication every time, so that each time based on different secret authentication users, combined with authentication error Delay can provide better anti-peeping ability.
  • the user has 8 eligible first-class website information (
  • 8). If you want to select 3 first-class website information (
  • 3) each time, before performing 56 re-elections. The secret of each certification is different.
  • FIG. 5 is a schematic flow chart of user authentication by using the read e-book information in the embodiment of the present invention.
  • the authentication information is specific attribute information of the e-book for reading, for example, the title of the e-book, the author of the e-book, the cover of the e-book, or the combination of the title and the cover of the e-book, etc. .
  • Embodiments of the present invention implement authentication by having the user recall and identify his/her most recent frequently read e-book.
  • the e-book information mentioned below refers to specific attribute information of the e-book.
  • the user can configure the working mode of the authentication device, and the configured parameters can be saved in the configuration database of the authentication device.
  • the user can perform the following configurations:
  • Excluding e-book information can be recorded as NP
  • this part specifies that the e-book information will not participate in the process of generating the authentication information, thereby allowing the user to directly exclude some e-book information that the user considers sensitive.
  • the elements of the set NP do not appear in the first type of e-book information.
  • the elements of the set NP will not appear in the second type of e-book information.
  • the first type of e-book information selection method parameters may include the time requirement of an effective reading e-book (denoted as T, for example, 3 days, 5 days, 10 hours, etc.), and the frequency of reading e-book information occurs frequently. (Remarked as X, indicating a predetermined number of times, for example, 5 times, or indicating a predetermined ranking, such as the top 3, or indicating a predetermined ratio, such as 3%, etc.).
  • the first type of e-book information determined based on T and X can be recorded as L.
  • the user may not configure, and the authentication device may set a default setting for the first type of e-book information selection method parameters.
  • the user may also designate one or more read e-books as fixed first-class e-book information instead of being temporarily calculated by the above T and X calculations.
  • the first type of e-book information specified by the user can be recorded as D.
  • the second type of e-book information parameter may include the number of confusion items (denoted as f) when constructing the authentication information and/or the number of interference items (denoted as i) when constructing the authentication information.
  • the confusing term refers to the fake e-book information randomly generated by the system, or the e-book information that does not exist in the terminal, and the distracting item refers to the e-book information that the user has not read recently.
  • the authentication selection parameter may include the number of the first type of e-book information that must be correctly selected at the same time for each authentication (denoted as c, for example, three must be correctly selected at the same time to pass the authentication).
  • the authentication device can also introduce a security strength adjustment function to adjust the security strength of the identity authentication by adjusting the values of the above f, i and c. Obviously, the larger the three values, the higher the security strength.
  • the authentication device may set different difficulty levels, each level corresponding to different values, and the implementation may be implemented by a security strength drag bar or a difficulty selection box; or, the authentication device may provide a numerical adjustment function, and respectively adjust The above three values.
  • the authentication device After the configuration is complete, the authentication device automatically loads the corresponding configuration parameters when the authentication is started.
  • the authentication device can read the records of all the e-books stored in the terminal (denoted as L1) and the e-book open record of the user (denoted as L2) through a function module similar to the e-book monitoring module. If the e-book monitoring switch is turned on, the creation, opening, and closing behavior of these types of files are tracked according to the main e-book type (such as PDF, etc.), and L1 and L2 are updated accordingly. For the e-books in the set NP or set D, no monitoring is possible.
  • the authentication device may put the elements in D into the set L; otherwise, the authentication device may acquire L2 and L1, and calculate each electronic according to the L2 combined weight configuration. The reading frequency of the book, the highest frequency of the e-book is taken into the set L.
  • the set L constructed at this time is a collection of the first type of e-book information.
  • the interference item is an electronic book that the user has not read recently.
  • the authentication device selects a subset R from L1, and requires that none of the elements in R appear in the set L2 and L, and then takes a subset V of size c from the set L as the identification of the user in the authentication.
  • the first type of e-book information If L contains information about all the e-books of the system, then R is empty, and the scheme degenerates to require the user to identify the information of the e-books that actually exist in the terminal from all the e-books containing the false information.
  • the number of elements in V may be more than c.
  • the obfuscated item refers to an e-book that is randomly generated by the system, or an e-book that does not exist in the terminal.
  • the authentication device generates a set of fake e-books, the number of which is f, which is denoted as set F.
  • the falsely read e-books can be selected according to the initial configuration of the e-book library in the system; they can also be retrieved by connecting to a remote web service. Elements in set F cannot appear in set L or D.
  • the authentication device presents the authentication challenge set A to the user for identification by the user.
  • the authentication device can determine the result of the authentication. If the user can select an element from c Vs, the authentication is successful; otherwise the authentication fails.
  • the weighting calculation may be performed according to the time period of the reading behavior to the current time length, and the user may directly designate a fixed set of electrons.
  • the book is equivalent to giving the greatest weight to this set of fixed entities.
  • the method of the embodiment of the present invention can support multiple modes of operation.
  • the initial authentication mode needs to be performed.
  • the initial authentication mode needs to perform the aforementioned steps 510 to 570.
  • the initial authentication mode directly jumps to step 510, and steps 510 to 570 are performed.
  • the user's first type of e-book information may have changed at this time, and the authentication device needs to perform the reading authentication mode. In the theoretical case, the authentication device may perform the read authentication mode before step 570 and any step after step 530.
  • the read authentication mode needs to jump to step 530, and step 530 to step 570 are performed.
  • the re-election authentication is mainly used when the user wants to provide the strongest anti-peeping ability, or when the number of user authentication errors is too many, and the subset V that is recalculated each time is different under the condition that the set L is unchanged, and the C can be reselected at most.
  • combination calculation
  • the reselection authentication mode needs to jump to step 540, and the reselection authentication mode needs to perform steps 540 to 570.
  • the set A is completely unchanged, based on the same secret.
  • the interference information authenticates the user.
  • the constant authentication mode only needs to be re-executed in step 570.
  • the system performs a reselection authentication, can recalculate the challenge set A, and then re-enter the constant authentication mode.
  • the authentication secret of this program is based on the constantly changing information of the first type of e-book information. Assuming that the attacker peeks into the user's last authenticated secret (a set of first-class e-book information at the time) and he is conditionally able to get the user's terminal, he can attempt authentication based on the previously obtained secret. In many cases, the real user of the terminal has already had several new reading behaviors. At this time, the information of the first type of e-book has changed, and the last authentication secret has failed. This scheme has complete anti-peeping ability.
  • the system can be set to perform reselection authentication every time, so that each time based on different secret authentication users, combined with authentication errors Delay can provide better anti-peeping ability.
  • the user has 8 eligible first-class e-book information (
  • 8), and if three first-class e-book information (
  • 3) are required to be selected each time, 56 re-elections are performed. Prior to certification, the secret of each authentication was different.
  • FIG. 6 is a schematic flowchart of performing user authentication by using Application (APP) information in an embodiment of the present invention.
  • the authentication information is specific attribute information of the used APP, such as the name of the APP, the development company of the APP, the application icon of the APP, or the combination of the name and icon of the APP, and the like.
  • Embodiments of the present invention implement authentication by having the user recall and identify his/her most frequently used APP.
  • the APP information mentioned below refers to specific attribute information of the APP.
  • the user can configure the working mode of the authentication device, and the configured parameters can be saved in the configuration database of the authentication device.
  • the user can perform the following configurations:
  • the first type of APP information selection method parameters may include the time requirement of the valid used APP (denoted as T, for example, 3 days, 5 days, 10 hours, etc.), and the frequency of application frequency used (recorded as X) , indicates a predetermined number of times, for example, 5 times, or indicates a predetermined ranking, such as the top 3, or indicates a predetermined ratio, such as 3%, etc.).
  • the first type of APP information determined based on T and X can be recorded as L.
  • the user may not configure, and the authentication device may set a default setting for the first type of APP information selection method parameters.
  • the user may also specify one or more APP information as the fixed first type of APP information, instead of being obtained by the above T and X temporary calculations.
  • the first type of APP information specified by the user can be recorded as D.
  • the second type of APP information parameters may include the number of confusion items (denoted as f) when constructing the authentication information and/or the number of interference items (denoted as i) when constructing the authentication information.
  • the confusing term refers to the fake APP information randomly generated by the system, or the APP information that does not exist in the terminal, and the interference term refers to the information of the APP that the user has not used recently.
  • the authentication selection parameter may include the number of the first type of APP information that must be correctly selected at the same time for each authentication (denoted as c, for example, three must be correctly selected at the same time to pass the authentication).
  • the authentication device can also introduce a security strength adjustment function to adjust the security strength of the identity authentication by adjusting the values of the above f, i and c. Obviously, the larger the three values, the higher the security strength.
  • the authentication device may set different difficulty levels, each level corresponding to different values, and the implementation may be implemented by a security strength drag bar or a difficulty selection box; or, the authentication device may provide a numerical adjustment function, and respectively adjust The above three values.
  • the authentication device After the configuration is complete, the authentication device automatically loads the corresponding configuration parameters when the authentication is started.
  • the installation usage behavior record of the APP of the reading terminal is read.
  • the authentication device may include an APP usage tracking module for reading the APP installation and usage behavior record.
  • the authentication device reads the APP installation and usage behavior record (denoted as H) through the APP using the tracking module. If the APP tracking switch is turned on, start tracking the APP installation and usage behavior in the system and update H. For an APP in a collection NP or collection D, its installation and opening behavior may not be recorded.
  • the authentication information calculation module directly adds the elements in the D to the L; otherwise, obtains the set H, and calculates the usage frequency of each APP according to the weight parameter and Sorting, taking a set of APPs that meet the requirements into the set L.
  • the set L constructed at this time is a set of the first type of APP information.
  • the interference item is information of an APP that the user has not used recently.
  • the authentication device queries and obtains a set of installed APPs into the set R, and requests the APP users in the R to not be used recently and does not appear in the L, and then takes a subset V of the size c from the set L, as the present
  • the first type of APP information identified by the user is required in the secondary authentication. If L contains all the contact information in the system address book, then R is empty. At this time, the scheme degenerates to require the user to identify the APP information actually existing on the terminal from the APP set mixed with the obfuscated items.
  • the number of elements in V may be more than c.
  • the obfuscated item refers to the APP information randomly generated by the system, or the APP information that does not exist in the terminal.
  • the authentication device generates a set of fake APP information, the number of which is f, which is recorded as the set F.
  • the fake APP information can be obtained by initially configuring the fake APP database in the system; or by connecting to the remote network service. Elements in set F cannot appear in set L or D.
  • the authentication device presents the authentication challenge set A to the user for identification by the user.
  • the authentication device can determine the result of the authentication. If the user can select an element from c Vs, the authentication is successful; otherwise the authentication fails.
  • the weighting calculation when calculating the first type of APP information, may be performed according to the time period of the use behavior to the current time length, and the user may directly designate a set of fixed APP information as the first type of APP information. This is equivalent to giving the largest weight to this set of fixed entities.
  • a false authentication information set F in the process of constructing the set A displayed on the screen, the size of the selection space is increased, which serves as a confusion to improve the discrimination to the user, and also protects the set R and V. Information.
  • the purpose of introducing the set R in this method is to further improve the difficulty of selection, and avoid an attacker who knows the APP used in the terminal to directly guess The first type of APP information.
  • the method of the embodiment of the present invention can support multiple modes of operation.
  • the initial authentication mode needs to be performed.
  • the initial authentication mode needs to perform the aforementioned steps 610 to 670.
  • the initial authentication mode directly jumps to step 610, and steps 610 to 670 are performed.
  • the user's new APP behavior occurs, the user's first type of APP information may have changed at this time, and the authentication device needs to perform the use authentication mode.
  • the authentication device may perform the use authentication mode before step 670 and any step after step 630.
  • the interaction behavior other than authentication is usually not generated in the authentication process, only after the authentication is completed. Other interactions may occur.
  • the use of the authentication mode requires a jump to step 630, and steps 630 to 670 are performed.
  • the re-election authentication is mainly used when the user wants to provide the strongest anti-peeping ability, or when the number of user authentication errors is too many, and the subset V that is recalculated each time is different under the condition that the set L is unchanged, and the C can be reselected at most.
  • the reselection authentication mode needs to jump to step 640, and the reselection authentication mode needs to perform steps 640 to 670.
  • the set A is completely unchanged, based on the same secret.
  • the interference information authenticates the user.
  • the arrow 671 of Figure 6 points to the point where the constant authentication mode only needs to be re-executed step 670.
  • the scheme can resist guessing attacks for a long time by delaying the authentication for a period of time (for example, 30 seconds) in the case where the user continuously authenticates the error.
  • the system performs a reselection authentication, can recalculate the challenge set A, and then re-enter the constant authentication mode.
  • the secret is based on the constantly changing information of the first type of APP information. Assuming that the attacker peeks into the user's last authenticated secret (a set of first-class APP information at the time) and he is conditionally able to get the user's terminal, he can attempt authentication based on the previously obtained secret. In many cases, the real user of the terminal has already had several new usage behaviors. At this time, the first type of APP information has changed, and the last authentication secret has failed. This scheme has complete anti-peeping capability.
  • the system can be set to perform reselection authentication every time, so that each time based on different secret authentication users, combined with authentication errors Delay can provide better anti-peeping ability.
  • the user has 8 eligible first-class APP information (
  • 8). If it is required to select 3 first-class APP information (
  • 3) each time, before performing 56 re-selection authentications. The secret of each certification is different.
  • the above several embodiments only introduce information of several interactive objects that can be used for identity authentication, such as contact information, APP information used, identification of musical works or player information, access to website information, and reading of e-book information.
  • identity authentication such as contact information, APP information used, identification of musical works or player information, access to website information, and reading of e-book information.
  • the method of the embodiment of the present invention may also use multiple authentication information, for example, the director of the video file, the name, the geographical area information that the terminal has visited (obtained by the terminal user on the terminal, and the location record of the mobile network) or the terminal.
  • the picture information browsed, etc., the specific implementation method can refer to the above embodiment.
  • FIG. 7 is a schematic structural diagram of an authentication apparatus 700 according to an embodiment of the present invention.
  • the authentication device 700 may include a confirmation unit 701, an authentication presentation unit 702, a receiving unit 703, and an authentication unit 704.
  • the confirmation unit 701 is configured to determine the first type of authentication information and the second type of authentication information of the terminal where the authentication apparatus 700 is located.
  • the first type of authentication information includes specific attribute information in a specific attribute information of the interaction object corresponding to the specific interaction behavior of the terminal, which occurs within a predetermined time within a predetermined time, and the specific attribute information is one of the interaction object.
  • a combination of attribute information or a plurality of attribute information, the second type of authentication information being used by a user who interferes with the terminal to select the first type of authentication information.
  • the specific interaction behavior refers to the interaction behavior used in the authentication process to determine the frequency of occurrence.
  • the interaction object corresponding to the specific interaction behavior refers to the source of the first type of authentication information, and the specific attribute information of the interaction object can be used to form the first type of authentication information.
  • the specific attribute information is a kind of attribute information or a combination of multiple attribute information of the interactive object, and may be, for example, a unique identifier, a name, a picture, or a name + a picture, and the like.
  • the specific attribute information of different interactive objects may be the same.
  • the album name is the same.
  • the authors of several different e-books may be the same An author, and so on.
  • the second type of authentication information may include at least one of the following: the specific attribute information of the specific attribute information of the interactive object corresponding to the specific interaction behavior of the terminal occurs within a predetermined time within a predetermined time; The specific attribute information in the specific attribute information of the interaction object corresponding to the specific interaction behavior of the terminal.
  • the specific interaction behavior of the terminal is an interaction behavior specified in the authentication process.
  • the specific interaction behavior of the terminal may have multiple representations.
  • the first type of authentication information and the second type of authentication information may also have multiple representations.
  • the specific interaction behavior of the terminal may include the behavior of the terminal accessing the contact of the terminal, the first type of authentication information and the second type of authentication information being specific attribute information of the contact; or the specific interaction behavior of the terminal
  • the behavior of the terminal to access the audio and video files of the terminal may be included, the first type of authentication information and the second type of authentication information being specific attribute information of the audio and video file; or the specific interaction behavior of the terminal may include the terminal accessing the The behavior of the application of the terminal, the first type of authentication information and the second type of authentication information are specific attribute information of the application; or the specific interaction behavior of the terminal may include the behavior of the terminal accessing the website, the first type of authentication information and The second type of authentication information is specific attribute information of the website; or the specific interaction behavior of the terminal may include the behavior of the
  • the specific interaction behavior of the terminal may include the behavior of the terminal accessing the e-book of the terminal, the The class authentication information and the second type of authentication information are specific attribute information of the electronic book; or the specific interaction behavior of the terminal may include the behavior of the terminal communicating with the external device of the terminal, the first type of authentication information and the second type
  • the authentication information is information of a geographical area in which the terminal communicates with the device outside the terminal.
  • the contact information when the first type of authentication information is the specific attribute information of the contact, the contact information may be a photo of the contact, a name of the contact, a contact phone of the contact, or Contact name + picture, etc.
  • the audio file information may be the name of the audio file, the album name of the audio file, or the player of the audio file, etc. .
  • the terminal can have a variety of specific implementations, such as a smartphone, tablet, personal computer, server, or workstation.
  • the terminal may also be other devices having an authentication function, which is not limited herein.
  • the first type of authentication information includes an interaction pair corresponding to a specific interaction behavior of the terminal.
  • the specific attribute information whose frequency is a predetermined range occurs within a predetermined time, wherein the occurrence frequency is a predetermined range, and the range may be an absolute frequency range or a relative frequency range, for example,
  • the predetermined range is that the number of occurrences of the specific attribute information of the interaction object corresponding to the specific interaction behavior of the terminal is within a predetermined number of times or more, or the specific attribute information of the interaction object corresponding to the specific interaction behavior of the terminal is a range in which the number of occurrences in the predetermined time period is greater than a predetermined ratio of the total number of occurrences, or a range in which the number of occurrences of the interactive object corresponding to the specific interaction behavior of the terminal is within a predetermined number of times within a predetermined time, or the terminal
  • the specific attribute information of the interactive object corresponding to the specific interaction behavior is ranked within a predetermined ratio
  • the first type of authentication information may be the name of a contact whose number of calls is more than 5 times in 3 days, or the name of an e-book that reads more than 10% of the total number of e-books in two days, or is played within 5 days.
  • the predetermined time, predetermined range is configurable.
  • the predetermined time may be configured as 12 hours, 1 day, 2 days, 3 days, or even January, and the like, which is not limited by the embodiment of the present invention.
  • the predetermined range may be configured such that the occurrence frequency is one time or more, five times or more, or the top five, the first 5%, and the like of all occurrence frequencies.
  • the first type of authentication information further includes specific attribute information of the interaction object specified by the user of the terminal in the terminal, so as to reduce the memory cost of the user of the terminal for the first type of authentication information.
  • the authentication presentation unit 702 is configured to present a first authentication challenge set to a user of the terminal.
  • the first authentication challenge set includes at least one of the first type of authentication information and at least one of the second type of authentication information.
  • the receiving unit 703 is configured to receive, by the user of the terminal, a recognition result of the first type of authentication information and the second type of authentication information in the first authentication challenge set.
  • the authentication unit 704 is configured to determine an authentication result according to the recognition correctness rate of the first type of authentication information in the identification result.
  • the authentication apparatus 700 dynamically generates authentication information by using the specific attribute information of the interaction object of the predetermined frequency in the predetermined time in the terminal to authenticate the user, because the information of the specific interaction object that is most frequently used recently belongs to the user.
  • the information in the memory period can reduce the cost of the user's memory, and the authentication information that appears every time is not fixed, and the authentication information can be prevented from being stolen due to inadvertent sneak peek, so the authentication device 700 reduces the user's authentication information.
  • it also has a certain ability to resist voyeurism.
  • the authentication device 700 can dynamically generate authentication information based on the access frequency to authenticate the user, the user experience can also be improved.
  • the receiving unit 703 before the receiving unit 703 receives the identification result of the first type of authentication information and the second type of authentication information in the first authentication challenge set by the user of the terminal, if the specific interaction behavior of the terminal corresponds to The interaction object is changed, or the terminal generates a new specific interaction behavior, and the determining unit 701 is further configured to re-determine the first type of authentication information and the second type of authentication information of the terminal, so as to authenticate the presentation unit 702 to the user of the terminal.
  • the interaction object corresponding to the specific interaction behavior of the terminal may include: adding an interaction object corresponding to the specific interaction behavior of the terminal, or deleting an interaction object corresponding to the specific interaction behavior of the terminal, or Modify the interactive object corresponding to the specific interaction behavior of the terminal, and so on.
  • the authentication device 700 may further include a first configuration unit 705.
  • the first configuration unit 705 is configured to configure the predetermined time, the predetermined range, and the number N of first type authentication information that needs to be identified by the user of the terminal for authentication.
  • the authentication unit 704 is specifically configured to: if the number of the first type of authentication information identified by the user of the terminal in the identification result is not less than N, determine that the authentication of the user of the terminal passes, or if If the number of the first type of authentication information identified by the user of the terminal is less than N, it is determined that the authentication of the user of the terminal does not pass.
  • the first configuration unit 705 can be configured to adjust the security of the authentication of the user of the terminal by configuring the predetermined time, the predetermined range, and the number of the first type of authentication information that is required to be authenticated by the user of the terminal. strength. Wherein, if the predetermined time and the predetermined range are larger, the larger the set of the first type of authentication information, the greater the security strength of the authentication of the user of the terminal; if the user of the terminal needs to be authenticated, the identification needs to be recognized. The greater the number of the first type of authentication information, the greater the recognition accuracy rate of the first type of authentication information in the recognition result required for the authentication of the user of the terminal, and the security of the authentication of the user of the terminal. The greater the intensity.
  • the authentication device 700 may further include a second configuration unit 706.
  • the second configuration unit 706 is configured to configure the excluded authentication information set of the terminal, where the authentication information in the excluded authentication information set is not allowed as the first type of authentication information.
  • the determining unit 701 is specifically configured to determine that the specific attribute information of the interaction object corresponding to the specific interaction behavior of the terminal occurs in a predetermined time within a predetermined time. Scope and does not belong to the The specific attribute information of the authentication set is excluded as the first type of authentication information.
  • the authentication device 700 may further include a generating unit 707.
  • the generating unit 707 is configured to generate the authentication set according to the first type of authentication information and the second type of authentication information of the terminal, so as to present the authentication set to a user of the terminal.
  • the confirmation unit 701 can include a monitoring tracking module, an interactive object computing module, and a fake interactive object generating module.
  • the monitoring and tracking module is configured to monitor interaction behavior with the interaction object
  • the interaction object calculation module is configured to calculate the first type of interaction object and the interference item in the second type of interaction object
  • the fake interaction object generation module is used to generate The obfuscated item in the second type of interactive object.
  • the authentication presentation unit 702, the receiving unit 703, and the authentication unit 704 may be implemented by one authentication interaction module, or the authentication presentation unit 702 and the receiving unit 703 may be implemented by one input/output module, such as a touch screen.
  • the first configuration unit 705 and the second configuration unit 706 can be implemented by one configuration module.
  • there are other specific implementations of the authentication device which are not limited herein.
  • the authentication device 700 can also perform the method of FIG. 1 and implement the functions of the authentication device in the embodiment shown in FIG. 1 to FIG. 6. Referring specifically to the embodiment shown in FIG. 1 to FIG. 6, the present invention is no longer Narration.
  • FIG. 8 is a schematic structural diagram of a terminal 800 according to an embodiment of the present invention.
  • Terminal 800 can include a communication interface 801, a processor 802, and a memory 803.
  • the communication interface 801, the processor 802, and the memory 803 are connected to each other through a bus 803 system.
  • the bus 804 can be an ISA bus, a PCI bus, or an EISA bus.
  • the bus can be divided into an address bus, a data bus, a control bus, and the like. For ease of representation, only one double-headed arrow is shown in Figure 8, but it does not mean that there is only one bus or one type of bus.
  • the memory 803 is configured to store a program.
  • the program can include program code, the program code including computer operating instructions.
  • Memory 803 can include read only memory and random access memory and provides instructions and data to processor 802.
  • the memory 803 may include a high speed RAM memory and may also include a non-volatile memory such as at least one disk memory.
  • the processor 802 is configured to invoke a program stored in the memory 803, and is specifically configured to perform the following operations:
  • the terminal 800 Determining at least one first type of authentication information and at least one second type of authentication information of the terminal 800, And presenting, by the communication interface 801, the first authentication challenge set to the user of the terminal 800 in the display device 805, where the first type of authentication information includes the specific attribute information of the interaction object corresponding to the specific interaction behavior of the terminal 800 at a predetermined time.
  • the specific attribute information whose frequency is a predetermined range, the specific attribute information is an attribute information of the interaction object or a combination of multiple attribute information, and the second type of authentication information is used by the user of the interference terminal 800 to select the first Class authentication information, the first authentication challenge set includes at least one of the first type of authentication information and at least one of the second type of authentication information;
  • the specific interaction behavior refers to the interaction behavior used in the authentication process to determine the frequency of occurrence.
  • the interaction object corresponding to the specific interaction behavior refers to the source of the first type of authentication information, and the specific attribute information of the interaction object can be used to form the first type of authentication information.
  • the communication interface 801 is configured to implement data communication between the processor 802 and the display device 805 and the input device 806.
  • the display device 805 is configured to present the first authentication challenge set to a user of the terminal 800.
  • the input device is configured to input, by the user of the terminal 800, the recognition result of the first type of authentication information and the second type of authentication information in the first authentication challenge set.
  • the specific attribute information is a kind of attribute information or a combination of multiple attribute information of the interactive object, and may be, for example, a unique identifier, a name, a picture, or a name + a picture, and the like.
  • the specific attribute information of different interactive objects may be the same.
  • the album name is the same.
  • the authors of several different e-books may be the same author, and so on.
  • the second type of authentication information may include at least one of the following: the specific attribute information of the specific attribute information of the interaction object corresponding to the specific interaction behavior of the terminal 800 occurs within a predetermined time within a predetermined time; The specific attribute information in the specific attribute information of the interactive object corresponding to the specific interaction behavior of the terminal 800.
  • the specific interaction behavior of the terminal is an interaction behavior specified by the terminal during the authentication process.
  • the specific interaction behavior of the terminal may have multiple representations.
  • the first type of authentication information and the second type of authentication information may also have multiple representations.
  • the specific interaction behavior of the terminal may include the behavior of the terminal accessing the contact of the terminal, and the first type of authentication information and the second type of authentication information are The specific attribute information of the contact; or the specific interaction behavior of the terminal may include the behavior of the terminal accessing the audio and video files of the terminal, the first type of authentication information and the second type of authentication information being specific attribute information of the audio and video file;
  • the specific interaction behavior of the terminal may include the behavior of the terminal accessing the application of the terminal, the first type of authentication information and the second type of authentication information being specific attribute information of the application; or the specific interaction behavior of the terminal may include the terminal
  • the behavior of accessing the website, the first type of authentication information and the second type of authentication information are specific attribute information of the website; or the specific interaction behavior of the terminal may include the
  • the contact information when the first type of authentication information is the specific attribute information of the contact, the contact information may be a photo of the contact, a name of the contact, a contact phone of the contact, or Contact name + picture, etc.
  • the audio file information when the first type of authentication information is audio file information, the audio file information may be the name of the audio file, the album name of the audio file, or the player of the audio file, etc. .
  • terminal 800 can have a variety of specific implementations, such as a smartphone, tablet, personal computer, server, or workstation.
  • the terminal 800 may also be another device having an authentication function, which is not limited herein.
  • display device 805 and input device 806 may synthesize a device, such as a touch screen or the like, in terminal 800.
  • the display device 805 and the input device 806 are different devices in the terminal 800, the display device 805 is a display device such as a display or a display screen, and the input device 806 is an input device such as a mouse or a keyboard.
  • the first type of authentication information includes specific attribute information in a specific attribute information of the interaction object corresponding to the specific interaction behavior of the terminal 800 that occurs within a predetermined time within a predetermined time, wherein the occurrence frequency is a predetermined range, and the occurrence frequency is a predetermined range.
  • the range may be an absolute frequency range, or may be a relative frequency range.
  • the predetermined range is that the specific attribute information of the interaction object corresponding to the specific interaction behavior of the terminal 800 occurs within a predetermined time within a predetermined time.
  • the range, or the specific attribute information of the interaction object corresponding to the specific interaction behavior of the terminal 800 is sent within a predetermined time.
  • the number of births is in a range above a predetermined ratio of the total number of occurrences, or a range in which the number of occurrences of the interactive object corresponding to the specific interaction behavior of the terminal is within a predetermined number of times within a predetermined time, or the specific interaction behavior of the terminal 800
  • the specific attribute information of the corresponding interactive object is ranked within a predetermined ratio within a predetermined time.
  • the first type of authentication information may be the name of a contact whose number of calls is more than 5 times in 3 days, or the name of an e-book that reads more than 10% of the total number of e-books in two days, or is played within 5 days.
  • the predetermined time, predetermined range is configurable.
  • the predetermined time may be configured as 12 hours, 1 day, 2 days, 3 days, or even January, and the like, which is not limited by the embodiment of the present invention.
  • the predetermined range may be configured such that the occurrence frequency is one time or more, five times or more, or the top five, the first 5%, and the like of all occurrence frequencies.
  • the first type of authentication information further includes specific attribute information of the interaction object specified by the user of the terminal 800 in the terminal 800, so as to reduce the memory cost of the user of the terminal 800 to the first type of authentication information.
  • Processor 802 may be an integrated circuit chip with signal processing capabilities. In the implementation process, each step of the foregoing method may be completed by an integrated logic circuit of hardware in the processor 802 or an instruction in a form of software.
  • the processor 802 may be a general-purpose processor, including a central processing unit (CPU), a network processor (NP Processor, etc.), or a digital signal processor (DSP), an application specific integrated circuit. (ASIC), off-the-shelf programmable gate array (FPGA) or other programmable logic device, discrete gate or transistor logic device, discrete hardware component.
  • the general purpose processor may be a microprocessor or the processor or any conventional processor or the like.
  • the steps of the method disclosed in the embodiments of the present invention may be directly implemented by the hardware decoding processor, or may be performed by a combination of hardware and software modules in the decoding processor.
  • the software module can be located in a conventional storage medium such as random access memory, flash memory, read only memory, programmable read only memory or electrically erasable programmable memory, registers, and the like.
  • the storage medium is located in the memory 803, and the processor 802 reads the information in the memory 803 and completes the steps of the above method in combination with its hardware.
  • the terminal 800 dynamically generates authentication information by using information of an interactive object whose frequency of predetermined frequency is predetermined in the terminal to authenticate the user, which is most frequently
  • the information of the specific interactive object used belongs to the information in the user's memory period, which can reduce the cost of the user's memory, and the authentication information that appears every time is not fixed, and the authentication information can be prevented from being stolen due to inadvertent voyeurism, thus the terminal 800 reduces the user's memory cost to the authentication information, but also has a certain anti-peeping ability.
  • the terminal 800 can dynamically generate authentication information based on the access frequency to authenticate the user, the user's use experience can also be improved.
  • the processor 802 before the processor 802 receives the identification result of the first type of authentication information and the second type of authentication information in the first authentication challenge set by the user of the terminal 800 from the input device 806 through the communication interface 801, The interaction object corresponding to the specific interaction behavior of the terminal 800 changes, or the terminal 800 generates a new specific interaction behavior, and the processor 802 is further configured to re-determine the first type of authentication information and the second type of authentication information of the terminal 800, so that The second authentication challenge set is presented to the user of the terminal 800 in the display device 805 via the communication interface 801, wherein the second authentication challenge set is generated based on the first type of authentication information and the second type of authentication information that are re-determined by the processor 802.
  • the change of the interaction object corresponding to the specific interaction behavior of the terminal 800 may include: adding an interaction object corresponding to the specific interaction behavior of the terminal 800, or deleting the interaction object corresponding to the specific interaction behavior of the terminal 800, or The interaction object corresponding to the specific interaction behavior of the terminal 800 is modified, and the like.
  • the processor 802 is further configured to configure the predetermined time, the predetermined range, and the number N of the first type of authentication information that needs to be identified for authenticating the user of the terminal 800.
  • the processor 802 is specifically configured to: if the user of the terminal 800 identifies the first category in the recognition result If the number of the authentication information is not less than N, the authentication of the user of the terminal 800 is determined to be passed, or if the number of the first type of authentication information identified by the user of the terminal 800 is less than N, the pair is determined to be The authentication of the user of the terminal 800 does not pass.
  • the processor 800 may adjust the security strength of the authentication of the user of the terminal 800 by configuring the predetermined time, the predetermined range, and the number of the first type of authentication information that needs to be identified by the user of the terminal 800 for authentication. Wherein, if the predetermined time and the predetermined range are larger, the greater the set of the first type of authentication information, the greater the security strength of the authentication of the user of the terminal 800; if the user of the terminal 800 is authenticated, the identification needs to be recognized. The larger the number N of the first type of authentication information, the greater the recognition accuracy rate of the first type of authentication information in the recognition result required for the authentication of the user of the terminal 800, and the authentication of the user of the terminal 800. The greater the security strength.
  • the processor 802 is further configured to configure the excluded authentication information set of the terminal 800, where the authentication information in the excluded authentication information set is not allowed as the first type of authentication information.
  • the processor 802 is specifically configured to determine that the specific attribute information of the interaction object corresponding to the specific interaction behavior of the terminal 800 occurs within a predetermined time within a predetermined time and The specific attribute information that does not belong to the excluded authentication set is the first type of authentication information.
  • the processor 802 is further configured to generate the authentication set according to the information of the first type of interaction object of the terminal 800 and the information of the second type of interaction object.
  • the terminal 800 can also perform the method of FIG. 1 and implement the functions of the authentication device in the embodiment shown in FIG. 1 to FIG. 6. For details, refer to the embodiment shown in FIG. 1 to FIG. .
  • the disclosed systems, devices, and methods may be implemented in other manners.
  • the device embodiments described above are merely illustrative.
  • the division of the unit is only a logical function division.
  • there may be another division manner for example, multiple units or components may be combined or Can be integrated into another system, or some features can be ignored or not executed.
  • the mutual coupling or direct coupling or communication connection shown or discussed may be an indirect coupling or communication connection through some interface, device or unit, and may be in an electrical, mechanical or other form.
  • the units described as separate components may or may not be physically separated, and the components displayed as units may or may not be physical units, that is, may be located in one place, or may be distributed to multiple network units. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution of the embodiment.
  • each functional unit in various embodiments of the present invention may be integrated in one processing unit
  • each unit may exist physically separately, or two or more units may be integrated into one unit.
  • the functions may be stored in a computer readable storage medium if implemented in the form of a software functional unit and sold or used as a standalone product.
  • the technical solution of the present invention which is essential or contributes to the prior art, or a part of the technical solution, may be embodied in the form of a software product, which is stored in a storage medium, including
  • the instructions are used to cause a computer device (which may be a personal computer, server, or network device, etc.) to perform all or part of the steps of the methods described in various embodiments of the present invention.
  • the foregoing storage medium includes: a U disk, a mobile hard disk, a read-only memory (ROM), a random access memory (RAM), a magnetic disk, or an optical disk, and the like. .

Abstract

本发明实施例提供了一种用户认证方法、认证装置和终端,该方法包括:确定终端的第一类认证信息和第二类认证信息,其中,第一类认证信息包括终端的特定交互行为所对应的交互对象的特定属性信息中在预定时间内发生频度为预定范围的特定属性信息,第二类认证信息用于干扰终端的用户选择第一类认证信息;向终端的用户呈现认证挑战集合;接收终端的用户对认证挑战集合的识别结果;根据识别结果中第一类认证信息的识别正确率确定认证结果。本发明实施例的用户认证方法、认证装置和终端,通过利用终端中预定时间内预定发生频率的交互对象的信息动态地生成认证信息以对用户进行认证,在减少用户对认证信息的记忆代价的同时,还具备一定的抗偷窥能力。

Description

用户认证方法、认证装置和终端
本申请要求于2014年4月17日提交中国专利局、申请号为201410153707.6、发明名称为“用户认证方法、认证装置和终端”的中国专利申请的优先权,其全部内容通过引用结合在本申请中。
技术领域
本发明实施例涉及终端领域,并且更具体地,涉及一种用户认证方法、认证装置和终端。
背景技术
用户设备或应用程序需要频繁地认证用户以确定当前用户的身份。认证是允许用户访问终端中的数据和应用之前最主要的安全屏障。
用户认证机制的最关键因素之一是尽量低的用户的记忆代价,提高易用性。另外用户设备总是被用户随身携带,在各种场合和环境中使用,认证过程易被偷看,所以要求认证机制有一定的抗偷窥能力。
发明内容
本发明实施例提供一种用户认证方法、认证装置和终端,能够在降低用户记忆代价的同时具备一定的抗偷窥能力。
第一方面,提供了一种用户认证的方法,该方法包括:确定终端的第一类认证信息和第二类认证信息,其中,该第一类认证信息包括该终端的特定交互行为所对应的交互对象的特定属性信息中在预定时间内发生频度为预定范围的特定属性信息,该特定属性信息为该交互对象的一种属性信息或多种属性信息的组合,该第二类认证信息用于干扰该终端的用户选择该第一类认证信息;向该终端的用户呈现第一认证挑战集合,其中,该第一认证挑战集合包括至少一个该第一类认证信息和至少一个该第二类认证信息;接收该终端的用户对该第一认证挑战集合中的该第一类认证信息和该第二类认证信息的识别结果;根据该识别结果中该第一类认证信息的识别正确率确定认证结果。
结合第一方面,在第一种可能的实现方式中,具体实现为该第二类认证信息包括以下至少一种:该终端的特定交互行为所对应的交互对象的特定属 性信息中在预定时间内发生频度为预定范围以外的特定属性信息;不属于该终端的特定交互行为所对应的交互对象的特定属性信息中的特定属性信息。
结合第一方面或第一方面的第一种可能的实现方式,在第二种可能的实现方式中,具体实现为:该第一类认证信息还包括该终端的用户在该终端中所指定的交互对象的特定属性信息,以便减少该终端的用户对该第一类认证信息的记忆代价。
结合第一方面或第一方面的第一种可能的实现方式或第一方面的第二种可能的实现方式,在第三种可能的实现方式中,在接收该终端的用户对该第一认证挑战集合中的该第一类认证信息和该第二类认证信息的识别结果之前,该方法还包括:如果该终端的特定交互行为所对应的交互对象发生变化,或者该终端产生新的该特定交互行为,则重新确定该终端的第一类认证信息和第二类认证信息,并向该终端的用户呈现第二认证挑战集合,其中,该第二认证挑战集合基于重新确定后的第一类认证信息和第二类认证信息生成。
结合第一方面的第三种可能的实现方式,在第四种可能的实现方式中,具体实现为该终端的特定交互行为所对应的交互对象发生变化包括:增加该终端的特定交互行为所对应的交互对象,或者删除该终端的特定交互行为所对应的交互对象,或者修改该终端的特定交互行为所对应的交互对象。
结合第一方面或第一方面的第一种可能的实现方式至第一方面的第四种可能的实现方式中任一种可能的实现方式,在第五种可能的实现方式中,具体实现为:该终端的特定交互行为包括该终端访问该终端的联系人的行为,该第一类认证信息和该第二类认证信息为联系人的特定属性信息;或者,该终端的特定交互行为包括该终端访问该终端的音视频文件的行为,该第一类认证信息和该第二类认证信息为音视频文件的特定属性信息;或者,该终端的特定交互行为包括该终端访问该终端的应用的行为,该第一类认证信息和该第二类认证信息为应用的特定属性信息;或者,该终端的特定交互行为包括该终端访问网站的行为,该第一类认证信息和该第二类认证信息为网站的特定属性信息;或者,该终端的特定交互行为包括该终端访问该终端的图片的行为,该第一类认证信息和该第二类认证信息为图片的特定属性信息;或者,该终端的特定交互行为包括该终端访问该终端的电子书的行为,该第一类认证信息和该第二类认证信息为电子书的特定属性信息;或者,该终端 的特定交互行为包括该终端与该终端外设备通信的行为,该第一类认证信息和该第二类认证信息为该终端与该终端外设备通信时所处的地理区域的信息。
结合第一方面或第一方面的第一种可能的实现方式至第一方面的第五种可能的实现方式中任一种可能的实现方式,在第六种可能的实现方式中,在确定终端的第一类认证信息和至少一个第二类认证信息之前,该方法还包括:配置该预定时间、该预定范围以及对该终端的用户进行认证所需要识别的第一类认证信息的条数N。该根据该识别结果中该第一类认证信息的识别正确率确定认证结果具体实现为:如果该识别结果中该终端的用户识别的该第一类认证信息的条数不小于N条,则确定对该终端的用户的认证通过;或者,如果该识别结果中该终端的用户识别的该第一类认证信息的条数小于N条,则确定对该终端的用户的认证不通过。
结合第一方面的第六种可能的实现方式,在第七种可能的实现方式中,如果该预定时间和该预定范围越大,则该第一类认证信息的集合越大,对该终端的用户的认证的安全强度越大;如果对该终端的用户进行认证所需要识别的第一类认证信息的条数N越大,则通过对该终端的用户的认证时所需要的该识别结果中该第一类认证信息的识别正确率越大,对该终端的用户的认证的安全强度越大。
结合第一方面或第一方面的第一种可能的实现方式至第一方面的第七种可能的实现方式中任一种可能的实现方式,在第八种可能的实现方式中,具体实现为:该预定范围为该终端的特定交互行为所对应的交互对象的特定属性信息中在预定时间内发生次数在预定次数以上的范围,或者该终端的特定交互行为所对应的交互对象的特定属性信息中在预定时间内发生次数在总发生次数的预定比例以上的范围,或者终端的特定交互行为所对应的交互对象的特定属性信息中在预定时间内发生次数排名在预定名次以内的范围,或者该终端的特定交互行为所对应的交互对象的特定属性信息中在预定时间内发生次数排名在预定比例以内的范围。
结合第一方面或第一方面的第一种可能的实现方式至第一方面的第八种可能的实现方式中任一种可能的实现方式,在第九种可能的实现方式中,在确定终端的第一类认证信息之前,该方法还包括:配置该终端的排除认证信息集合,其中该排除认证信息集合中的认证信息不允许作为该第一类认证 信息。此时,确定终端的第一类认证信息具体实现为:确定该终端的特定交互行为所对应的交互对象的特定属性信息中在预定时间内发生频度为预定范围且不属于该排除认证集合的特定属性信息为该第一类认证信息。
结合第一方面或第一方面的第一种可能的实现方式至第一方面的第九种可能的实现方式中任一种可能的实现方式,在第十种可能的实现方式中,在向该终端的用户呈现第一认证挑战集合之前,该方法还包括:根据该终端的该第一类认证信息和该第二类认证信息生成该第一认证挑战集合,以便向该终端的用户呈现该第一认证挑战集合。
结合第一方面或第一方面的第一种可能的实现方式至第一方面的第十种可能的实现方式中任一种可能的实现方式,在第十一种可能的实现方式中,该终端包括智能手机、平板电脑、个人计算机、服务器或工作站。
第二方面,提供了一种认证装置,该装置包括:确认单元,用于确定所述装置所在的终端的第一类认证信息和第二类认证信息,其中,该第一类认证信息包括该终端的特定交互行为所对应的交互对象的特定属性信息中在预定时间内发生频度为预定范围的特定属性信息,该特定属性信息为该交互对象的一种属性信息或多种属性信息的组合,该第二类认证信息用于干扰该终端的用户选择该第一类认证信息;认证呈现单元,用于向该终端的用户呈现第一认证挑战集合,其中,该第一认证挑战集合包括至少一个该第一类认证信息和至少一个该第二类认证信息;接收单元,用于接收该终端的用户对该第一认证挑战集合中的该第一类认证信息和该第二类认证信息的识别结果;认证单元,用于根据该识别结果中该第一类认证信息的识别正确率确定认证结果。
结合第二方面,在第一种可能的实现方式中,具体实现为该第二类认证信息包括以下至少一种:该终端的特定交互行为所对应的交互对象的特定属性信息中在预定时间内发生频度为预定范围以外的特定属性信息;不属于该终端的特定交互行为所对应的交互对象的特定属性信息中的特定属性信息。
结合第二方面或第二方面的第一种可能的实现方式,在第二种可能的实现方式中,具体实现为:该第一类认证信息还包括该终端的用户在该终端中所指定的交互对象的特定属性信息,以便减少该终端的用户对该第一类认证信息的记忆代价。
结合第二方面或第二方面的第一种可能的实现方式或第二方面的第二 种可能的实现方式,在第三种可能的实现方式中,在接收单元接收该终端的用户对该第一认证挑战集合中的该第一类认证信息和该第二类认证信息的识别结果之前,如果该终端的特定交互行为所对应的交互对象发生变化,或者该终端产生新的该特定交互行为,则该确认单元还用于重新确定该终端的第一类认证信息和第二类认证信息,以便该认证呈现单元向该终端的用户呈现第二认证挑战集合,其中,该第二认证挑战结合基于该确定单元重新确定后的第一类认证信息和第二类认证信息生成。
结合第二方面的第三种可能的实现方式,在第四种可能的实现方式中,具体实现为该终端的特定交互行为所对应的交互对象发生变化包括:增加该终端的特定交互行为所对应的交互对象,或者删除该终端的特定交互行为所对应的交互对象,或者修改该终端的特定交互行为所对应的交互对象。
结合第二方面或第二方面的第一种可能的实现方式至第二方面的第四种可能的实现方式中任一种可能的实现方式,在第五种可能的实现方式中,具体实现为:该终端的特定交互行为包括该终端访问该终端的联系人的行为,该第一类认证信息和该第二类认证信息为联系人的特定属性信息;或者,该终端的特定交互行为包括该终端访问该终端的音视频文件的行为,该第一类认证信息和该第二类认证信息为音视频文件的特定属性信息;或者,该终端的特定交互行为包括该终端访问该终端的应用的行为,该第一类认证信息和该第二类认证信息为应用的特定属性信息;或者,该终端的特定交互行为包括该终端访问网站的行为,该第一类认证信息和该第二类认证信息为网站的特定属性信息;或者,该终端的特定交互行为包括该终端访问该终端的图片的行为,该第一类认证信息和该第二类认证信息为图片的特定属性信息;或者,该终端的特定交互行为包括该终端访问该终端的电子书的行为,该第一类认证信息和该第二类认证信息为电子书的特定属性信息;或者,该终端的特定交互行为包括该终端与该终端外设备通信的行为,该第一类认证信息和该第二类认证信息为该终端与该终端外设备通信时所处的地理区域的信息。
结合第二方面或第二方面的第一种可能的实现方式至第二方面的第五种可能的实现方式中任一种可能的实现方式,在第六种可能的实现方式中,该装置还包括第一配置单元,该第一配置单元用于:配置该预定时间、该预定范围以及对该终端的用户进行认证所需要识别的第一类认证信息的条数 N。该认证单元具体用于:如果该识别结果中该终端的用户识别的该第一类认证信息的条数不小于N条,或者,如果该识别结果中该终端的用户识别的该第一类认证信息的条数小于N条,则确定对该终端的用户的认证不通过。
结合第二方面的第六种可能的实现方式,在第七种可能的实现方式中,该预定时间和该预定范围越大,则该第一类认证信息的集合越大,对该终端的用户的认证的安全强度越大;对该终端的用户进行认证所需要识别的第一类认证信息的条数越大,则通过对该终端的用户的认证时所需要的该识别结果中该第一类认证信息的识别正确率越大,对该终端的用户的认证的安全强度越大。
结合第二方面或第二方面的第一种可能的实现方式至第二方面的第七种可能的实现方式中任一种可能的实现方式,在第八种可能的实现方式中,具体实现为:该预定范围为该终端的特定交互行为所对应的交互对象的特定属性信息中在预定时间内发生次数在预定次数以上的范围,或者该终端的特定交互行为所对应的交互对象的特定属性信息中在预定时间内发生次数在总发生次数的预定比例以上的范围,或者终端的特定交互行为所对应的交互对象的特定属性信息中在预定时间内发生次数排名在预定名次以内的范围,或者该终端的特定交互行为所对应的交互对象的特定属性信息中在预定时间内发生次数排名在预定比例以内的范围。
结合第二方面或第二方面的第一种可能的实现方式至第二方面的第八种可能的实现方式中任一种可能的实现方式,在第九种可能的实现方式中,该装置还包括第二配置单元,该第二配置单元用于配置该终端的排除认证信息集合,其中该排除认证信息集合中的认证信息不允许作为该第一类认证信息。在用于确定该终端的第一类认证信息的过程中,该确定单元具体用于确定该终端的特定交互行为所对应的交互对象的特定属性信息中在预定时间内发生频度为预定范围且不属于该排除认证集合的特定属性信息为该第一类认证信息。
结合第二方面或第二方面的第一种可能的实现方式至第二方面的第九种可能的实现方式中任一种可能的实现方式,在第十种可能的实现方式中,该装置还包括生成单元,该生成单元用于:根据该终端的该第一类认证信息和该第二类认证信息生成该第一认证挑战集合,以便向该终端的用户呈现该第一认证挑战集合。
结合第二方面或第二方面的第一种可能的实现方式至第二方面的第十种可能的实现方式中任一种可能的实现方式,在第十一种可能的实现方式中,该终端包括智能手机、平板电脑、个人计算机、服务器或工作站。
第三方面,提供了一种终端,该终端包括:包括处理器、存储器、通信接口、显示设备和输入设备,该处理器与该存储器相连,且通过该通信接口连接到该显示设备和该输入设备,该存储器中存储一组程序代码,且该处理器用于调用该存储器中存储的程序代码,用于执行以下操作:确定该终端的第一类认证信息和第二类认证信息,并通过该通信接口在该显示设备上向该终端的用户呈现第一认证挑战集合,其中,该第一类认证信息包括该终端的特定交互行为所对应的交互对象的特定属性信息中在预定时间内发生频度为预定范围的特定属性信息,该特定属性信息为该交互对象的一种属性信息或多种属性信息的组合,该第二类认证信息用于干扰该终端的用户选择该第一类认证信息,该第一认证挑战集合包括至少一个该第一类认证信息和至少一个该第二类认证信息;通过该通信接口从该输入设备中接收该终端的用户对该第一认证挑战集合中的该第一类认证信息和该第二类认证信息的识别结果,并根据该识别结果中该第一类认证信息的识别正确率确定认证结果。该显示设备,用于向该终端的用户呈现该第一认证挑战集合。该输入设备,用于输入该终端的用户对该第一认证挑战集合中的该第一类认证信息和该第二类认证信息的识别结果。
结合第三方面,在第一种可能的实现方式中,具体实现为该第二类认证信息包括以下至少一种:该终端的特定交互行为所对应的交互对象的特定属性信息中在预定时间内发生频度为预定范围以外的特定属性信息;不属于该终端的特定交互行为所对应的交互对象的特定属性信息中的特定属性信息。
结合第三方面或第三方面的第一种可能的实现方式,在第二种可能的实现方式中,具体实现为:该第一类认证信息还包括该终端的用户在该终端中所指定的交互对象的特定属性信息,以便减少该终端的用户对该第一类认证信息的记忆代价。
结合第三方面或第三方面的第一种可能的实现方式或第三方面的第二种可能的实现方式,在第三种可能的实现方式中,在该处理器通过该通信接口从该输入设备中接收该终端的用户对该第一认证挑战集合中的该第一类认证信息和该第二类认证信息的识别结果之前,如果该终端的特定交互行为 所对应的交互对象发生变化,或者该终端产生新的该特定交互行为,则该处理器还用于重新确定该终端的第一类认证信息和第二类认证信息,以便通过该通信接口在该显示设备中向该终端的用户呈现第二认证挑战集合,该第二认证挑战集合基于该确定单元重新确定后的第一类认证信息和第二类认证信息生成。
结合第三方面的第三种可能的实现方式,在第四种可能的实现方式中,具体实现为该终端的特定交互行为所对应的交互对象发生变化包括:增加该终端的特定交互行为所对应的交互对象,或者删除该终端的特定交互行为所对应的交互对象,或者修改该终端的特定交互行为所对应的交互对象。
结合第三方面或第三方面的第一种可能的实现方式至第三方面的第四种可能的实现方式中任一种可能的实现方式,在第五种可能的实现方式中,具体实现为:该终端的特定交互行为包括该终端访问该终端的联系人的行为,该第一类认证信息和该第二类认证信息为联系人的特定属性信息;或者,该终端的特定交互行为包括该终端访问该终端的音视频文件的行为,该第一类认证信息和该第二类认证信息为音视频文件的特定属性信息;或者,该终端的特定交互行为包括该终端访问该终端的应用的行为,该第一类认证信息和该第二类认证信息为应用的特定属性信息;或者,该终端的特定交互行为包括该终端访问网站的行为,该第一类认证信息和该第二类认证信息为网站的特定属性信息;或者,该终端的特定交互行为包括该终端访问该终端的图片的行为,该第一类认证信息和该第二类认证信息为图片的特定属性信息;或者,该终端的特定交互行为包括该终端访问该终端的电子书的行为,该第一类认证信息和该第二类认证信息为电子书的特定属性信息;或者,该终端的特定交互行为包括该终端与该终端外设备通信的行为,该第一类认证信息和该第二类认证信息为该终端与该终端外设备通信时所处的地理区域的信息。
结合第三方面或第三方面的第一种可能的实现方式至第三方面的第五种可能的实现方式中任一种可能的实现方式,在第六种可能的实现方式中,该处理器还用于配置该预定时间、该预定范围以及对该终端的用户进行认证所需要识别的第一类认证信息的条数N。在用于根据该识别结果中该第一类认证信息的识别正确率确定认证结果的过程中,该处理器具体用于:如果该识别结果中该终端的用户识别的该第一类认证信息的条数不小于N条,则确 定对该终端的用户的认证通过,或者,如果该识别结果中该终端的用户识别的该第一类认证信息的条数小于N条,则确定对该终端的用户的认证不通过。
结合第三方面的第六种可能的实现方式,在第七种可能的实现方式中,该预定时间和该预定范围越大,则该第一类认证信息的集合越大,对该终端的用户的认证的安全强度越大;对该终端的用户进行认证所需要识别的第一类认证信息的条数越大,则通过对该终端的用户的认证时所需要的该识别结果中该第一类认证信息的识别正确率越大,对该终端的用户的认证的安全强度越大。
结合第三方面或第三方面的第一种可能的实现方式至第三方面的第七种可能的实现方式中任一种可能的实现方式,在第八种可能的实现方式中,具体实现为:该预定范围为该终端的特定交互行为所对应的交互对象的特定属性信息中在预定时间内发生次数在预定次数以上的范围,或者该终端的特定交互行为所对应的交互对象的特定属性信息中在预定时间内发生次数在总发生次数的预定比例以上的范围,或者终端的特定交互行为所对应的交互对象的特定属性信息中在预定时间内发生次数排名在预定名次以内的范围,或者该终端的特定交互行为所对应的交互对象的特定属性信息中在预定时间内发生次数排名在预定比例以内的范围。
结合第三方面或第三方面的第一种可能的实现方式至第三方面的第八种可能的实现方式中任一种可能的实现方式,在第九种可能的实现方式中,该处理器还用于配置该终端的排除认证信息集合,其中该排除认证信息集合中的认证信息不允许作为该第一类认证信息。在用于确定该终端的第一类认证信息的过程中,该处理器具体用于确定该终端的特定交互行为所对应的交互对象的特定属性信息中在预定时间内发生频度为预定范围且不属于该排除认证集合的特定属性信息为该第一类认证信息。
结合第三方面或第三方面的第一种可能的实现方式至第三方面的第九种可能的实现方式中任一种可能的实现方式,在第十种可能的实现方式中,该处理器还用于:根据该终端的该第一类认证信息和该第二类认证信息生成该第一认证挑战集合,以便向该终端的用户呈现该第一认证挑战集合。
结合第三方面或第三方面的第一种可能的实现方式至第三方面的第十种可能的实现方式中任一种可能的实现方式,在第十一种可能的实现方式 中,该终端包括智能手机、平板电脑、个人计算机、服务器或工作站。
结合第三方面或第三方面的第一种可能的实现方式至第三方面的第十一种可能的实现方式中任一种可能的实现方式,在第十二种可能的实现方式中,该显示设备和该输入设备为该终端中同时具备显示和输入功能的同一设备;或者,该显示设备和该输入设备为该终端中不同的设备。
基于以上技术方案,本发明实施例的用户认证方法、认证装置和终端,通过根据用户最近最频繁使用的特定交互对象的特定属性信息进行身份认证。由于最近最频繁使用的特定交互对象的特定属性信息属于用户记忆期内的信息,可以降低用户记忆的代价,同时每次出现的认证信息都不固定,又可以避免因为不慎被偷窥而导致认证信息被窃取,从而能够在降低用户记忆代价的同时具备一定的抗偷窥能力。
附图说明
为了更清楚地说明本发明实施例的技术方案,下面将对实施例或现有技术描述中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图仅仅是本发明的一些实施例,对于本领域普通技术人员来讲,在不付出创造性劳动的前提下,还可以根据这些附图获得其他的附图。
图1是本发明实施例用户认证的方法流程图。
图2是本发明实施例以联系人信息进行用户认证的流程示意图。
图3是本发明实施例以播放的音乐作品信息进行用户认证的流程示意图。
图4是本发明实施例以访问网站的网站信息进行用户认证的流程示意图。
图5是本发明实施例以阅读的电子书信息进行用户认证的流程示意图。
图6是本发明实施例以使用的APP进行用户认证的流程示意图。
图7是本发明实施例认证装置的结构示意图。
图8是本发明实施例终端的结构示意图。
具体实施方式
下面将结合本发明实施例中的附图,对本发明实施例中的技术方案进行清楚、完整地描述,显然,所描述的实施例是本发明一部分实施例,而不是 全部的实施例。基于本发明中的实施例,本领域普通技术人员在没有作出创造性劳动前提下所获得的所有其他实施例,都属于本发明保护的范围。
图1是本发明实施例用户认证的方法流程图。图1的方法由认证装置执行。该认证装置可以是终端内的系统的一个认证模块,或者是终端内的一个实现认证功能的芯片,本发明实施例在此不作限制。
101,确定终端的第一类认证信息和第二类认证信息。
其中,该第一类认证信息包括该终端的特定交互行为所对应的交互对象的特定属性信息中在预定时间内发生频度为预定范围的特定属性信息,该特定属性信息为该交互对象的一种属性信息或多种属性信息的组合,该第二类交互对象信息用于干扰该终端的用户选择该第一类认证信息。
应理解,特定交互行为,是指认证过程中用于判定发生频度的交互行为。特定交互行为所对应的交互对象,是指采集第一类认证信息的来源,该交互对象的特定属性信息可用于构成第一类认证信息。
应理解,该特定属性信息为该交互对象的一种属性信息或多种属性信息的组合,可例如唯一标识、名称、图片,或者名称+图片,等等。
应理解,不同交互对象的特定属性信息可能相同。例如,同一个专辑的音频文件中,其专辑名称相同。又例如,几本不同电子书的作者,可能为同一个作者,等等。在确认第一类认证信息时,是以特定交互行为所对应的交互对象的特定属性信息的发生频率来确定的。
应理解,该第二类认证信息可包括以下至少一种:该终端的特定交互行为所对应的交互对象的特定属性信息中在预定时间内发生频度为预定范围以外的特定属性信息;不属于该终端的特定交互行为所对应的交互对象的特定属性信息中的特定属性信息。
可选地,该终端的特定交互行为是认证过程中指定的交互行为。该终端的特定交互行为可以有多种表现形式,相应的,该第一类认证信息和该第二类认证信息也可以有多种表现形式。例如,该终端的特定交互行为可包括该终端访问该终端的联系人的行为,该第一类认证信息和该第二类认证信息为联系人的特定属性信息;或者,该终端的特定交互行为可包括该终端访问该终端的音视频文件的行为,该第一类认证信息和该第二类认证信息为音视频文件的特定属性信息;或者,该终端的特定交互行为可包括该终端访问该终端的应用的行为,该第一类认证信息和该第二类认证信息为应用的特定属性 信息;或者,该终端的特定交互行为可包括该终端访问网站的行为,该第一类认证信息和该第二类认证信息为网站的特定属性信息;或者,该终端的特定交互行为可包括该终端访问该终端的图片的行为,该第一类认证信息和该第二类认证信息为图片的特定属性信息;或者,该终端的特定交互行为可包括该终端访问该终端的电子书的行为,该第一类认证信息和该第二类认证信息为电子书的特定属性信息;或者,该终端的特定交互行为可包括该终端与该终端外设备通信的行为,该第一类认证信息和该第二类认证信息为该终端与该终端外设备通信时所处的地理区域的信息。本发明实施例的一种具体实现方式,当第一类认证信息为联系人的特定属性信息时,该联系人信息具体可以是联系人的照片、联系人的姓名、联系人的联系电话,或者联系人的姓名+图片等等。本发明实施例的另一种具体实现方式,当第一类认证信息为音频文件信息时,该音频文件信息可以是音频文件的名称、音频文件的专辑名称或者是音频文件的演奏者,等等。
可选地,该终端可以有多种具体实现形式,例如,智能手机、平板电脑、个人计算机、服务器或工作站。当然,该终端还可以是其它具备认证功能的设备,本发明实施例在此不作限制。
应理解,该第一类认证信息包括该终端的特定交互行为所对应的交互对象的特定属性信息中在预定时间内发生频度为预定范围的特定属性信息,其中发生频度为预定范围,该范围可以是一个绝对频度范围,也可以是一个相对频度范围,例如该预定范围为该终端的特定交互行为所对应的交互对象的特定属性信息中在预定时间内发生次数在预定次数以上的范围,或者该终端的特定交互行为所对应的交互对象的特定属性信息中在预定时间内发生次数在总发生次数的预定比例以上的范围,或者终端的特定交互行为所对应的交互对象的特定属性信息中在预定时间内发生次数排名在预定名次以内的范围,或者该终端的特定交互行为所对应的交互对象的特定属性信息中在预定时间内发生次数排名在预定比例以内的范围。例如,该第一类认证信息可以是3天内通话次数在5次以上的联系人的姓名,或者是2天内电子书阅读次数占两天内总阅读10%以上的电子书名称,或者是5天内播放排名前3位的音乐专辑,或者是12小时内访问网站频率在前5%的网站,等等。
应理解,该预定时间、预定范围都是可配置的。例如,可将该预定时间配置为12小时,1天,2天,3天乃至1月,等等,本发明实施例对此不作 限制。又例如,可将该预定范围配置为发生频度在1次以上,5次以上,或者是所有发生频度的前5名,前5%,等等。
可选地,该第一类认证信息还包括该终端的用户在该终端中所指定的交互对象的特定属性信息,以便减少该终端的用户对该第一类认证信息的记忆代价。
可选地,在步骤101之前,该方法还可包括:配置该终端的排除认证信息集合,其中,该排除认证信息集合中的认证信息不允许作为该第一类认证信息。此时,步骤101中,确定该终端的第一类认证信息具体可实现为:确定该终端的特定交互行为所对应的交互对象的特定属性信息中在预定时间内发生频度为预定范围且不属于该排除认证集合的特定属性信息为该第一类认证信息。
102,向该终端的用户呈现第一认证挑战集合。
其中,该第一认证挑战集合包括至少一个该第一类认证信息和至少一个该第二类认证信息。
103,接收该终端的用户对该第一认证挑战集合中的该第一类认证信息和该第二类认证信息的识别结果。
104,根据该识别结果中该第一类认证信息的识别正确率确定认证结果。
本发明实施例中,通过使用终端中预定时间内预定发生频率的交互对象的特定属性信息动态地生成认证信息以对用户进行认证,由于最近最频繁使用的特定交互对象的信息属于用户记忆期内的信息,可以降低用户记忆的代价,同时每次出现的认证信息都不固定,又可以避免因为不慎被偷窥而导致认证信息被窃取,因此本发明实施例的认证方法在减少用户对认证信息的记忆代价的同时,还具备一定的抗偷窥能力。
另外,本发明实施例的方法,由于可以基于访问频率动态地生成认证信息以对用户进行认证,还可以提高用户的使用体验。
可选地,在步骤103之前,该方法还可包括:如果该终端的特定交互行为所对应的交互对象发生变化,或者该终端产生新的该特定交互行为,则重新确定该终端的第一类认证信息和第二类认证信息,并向该终端的用户呈现第一认证挑战集合,其中该第二认证挑战集合基于重新确定后的第一类认证信息和第二类认证信息生成。在具体的应用中,该终端的特定交互行为所对应的交互对象发生变化包括:增加该终端的特定交互行为所对应的交互对 象,或者删除该终端的特定交互行为所对应的交互对象,或者修改该终端的特定交互行为所对应的交互对象。应理解,导致第一类认证信息和第二类认证信息发生变化的行为并不限于上述列举的情况,导致交互对象发生变化的情况也不限于上述列举的情况。
可选地,在步骤101之前,该方法还可包括:配置该预定时间、该预定范围以及对该终端的用户进行认证所需要识别的第一类认证信息的条数N。应理解,对该终端的用户进行认证所需要识别的第一类认证信息的条数为该终端的用户在用户认证过程中需要从该第一认证挑战集合中识别出来的第一类认证信息的条数。此时,步骤104具体实现为:如果该识别结果中该终端的用户识别出的第一类认证信息不小于N条,则确定对该终端的用户的认证通过;或者如果该识别结果中该终端的用户识别出的第一类认证信息小于N条,则确定对该终端的用户的认证不通过。其中,N取值为正整数。
具体地,该配置该预定时间、该预定范围以及对该终端的用户进行认证所需要识别的第一类认证信息的条数可包括:通过配置该预定时间、该预定范围以及该对该终端的用户进行认证所需要识别的第一类认证信息的条数调整对该终端的用户的认证的安全强度。其中,如果该预定时间和该预定范围越大,则该第一类认证信息的集合越大,对该终端的用户的认证的安全强度越大;如果对该终端的用户进行认证所需要识别的第一类认证信息的条数越大,则通过对该终端的用户的认证时所需要的该识别结果中该第一类认证信息的识别正确率越大,对该终端的用户的认证的安全强度越大。
可选地,在步骤102之前,该方法还包括:根据该终端的该第一类认证信息和该第二类认证信息生成该第一认证挑战集合,以便向该终端的用户呈现第一认证挑战集合。
下面将结合具体的实施例,对本发明实施例的方法做进一步的描述。
图2是本发明实施例以联系人信息进行用户认证的流程示意图。本发明实施例中,认证信息为联系人的特定属性信息。此时,联系人的特定属性信息的发生频度等于终端的用户访问联系人的访问频度,认证装置根据终端中最近频繁访问的联系人的特定属性信息进行用户认证。本发明实施例中的联系人,可以是终端中电话通讯录中的联系人、邮件的联系人或者其它社交软件的联系人;联系人的特定属性信息,可以是联系人的姓名,联系人的姓名+照片,等等,本发明实施例在此不作限制。为方便描述,下文提到的联系 人信息即指代联系人的特定属性信息。
第一类认证信息,包括该终端的特定交互行为所对应的交互对象的特定属性信息中在预定时间内访问频度为预定范围的特定属性信息。本发明实施例中,第一类认证信息为该终端的联系人信息中预定时间内访问频度为预定范围的联系人信息,即最近频繁联系人信息,该联系人信息可以是联系人姓名、联系人姓名+照片等。第二类认证信息,用于干扰终端的用户对第一类认证信息的判断。该第二类认证信息可以是该终端的特定交互行为所对应的交互对象的特定属性信息中在预定时间内访问频度为预定范围以外的特定属性信息,或者是不属于该终端的特定交互行为所对应的交互对象的特定属性信息中的特定属性信息。在本发明实施例中,该第二类认证信息可以是预定时间内访问频度在预定范围外的联系人信息,或者是不属于该终端的联系人信息。
应理解,本发明实施例中,不同联系人的联系人信息一般不相同。也就是说,确定联系人可以等价于确定联系人信息。
如图2所示,本发明实施例初始认证过程的详细步骤具体如下:
210,认证参数配置。
用户可对认证装置的工作方式进行配置,配置的参数可保存在认证装置的配置数据库中。
用户可进行以下配置:
(1)排除联系人(可记为NP),即排除交互对象。其中集合NP的元素不出现在第一类联系人中。当然,为了避免混淆,集合NP的元素也不会出现在第二类联系人中。
(2)第一类联系人选择方法参数,可包括有效的访问联系人记录的时间要求(记为T,例如3天、5天、10小时等),联系人访问频度要求(记为X,表示预定次数,例如5次,或表示预定名次,例如前3名,或表示预定比例,例如3%等)。基于T和X确定的第一类联系人可记为L。当然,用户也可不进行配置,认证装置可对第一类联系人选择方法参数设置一个默认设置。另外,用户也可指定一个或多个联系人作为固定的第一类联系人,而不是通过上述T和X临时计算获得。用户指定的第一类联系人可记为D。
(3)第二类联系人参数,可包括构造认证信息时混淆项数目(记为f)和/或构造认证信息时的干扰项的数目(记为i)。其中,混淆项是指系统随 机生成的虚假联系人,或者说终端中不存在的联系人,干扰项是指用户最近没有与之联系的联系人。
(4)认证选择参数,可包括每次认证必须同时正确选择的第一类联系人的个数(记为c,例如,必须要同时正确选择3个才算通过认证)。认证装置还可引入一个安全强度调整功能,通过调整上述f、i和c的值来调整身份认证的安全强度,显然这三个数值越大,安全强度越高。具体地,认证装置可设定不同的难度级别,每个级别对应不同的值,其实现可通过安全强度拖动条或难度选择框等实现;或者,认证装置可提供一个数值调整功能,分别调整上述三个值。
配置完毕后,认证装置在启动认证时会自动加载对应的配置参数。
应理解,本发明实施例中,第一类联系人的信息即为第一类认证信息,第二类联系人的信息即为第二类认证信息。
220,读取终端的联系人。
认证装置可读取终端中维护的通讯录放入集合M。对于终端的电话通讯录,认证装置可以通过系统的API获取联系人信息;对于邮件或其它社交程序,认证装置可以通过软件程序的插件或者系统API Hook获取联系人信息。
230,确定第一类联系人的集合。
如果用户指定了使用集合D或终端中尚且没有足够的联系记录,则认证装置直接将D中所有元素加入集合L中;否则通过系统API读取终端设备电话程序、邮件程序或其它社交软件维护的时间T之内的联系记录N,去除在联系人在NP集合中或者不在终端的通讯录中的联系记录,计算每个联系人的出现频率并且排序,取得联系频率满足要求的一组联系人,放入集合L。在计算联系频率时可以有多种方法,例如可以只包含终端属主主动对外发起的联系记录,而忽略联系人对终端属主发起的联系记录,或者同时包含两者。此时构建的集合L为第一类联系人的集合。
另外,在通过T和X确定第一类联系人时,可以根据X所表示的内容来确定第一类联系人的范围。本发明实施例的第一种具体实现方式,X表示预定访问次数,此时可确定预定时间内访问频度在预定次数以上的联系人为第一类联系人,例如,3天内访问频度为5次以上的联系人为第一类联系人。本发明实施例的第二种具体实现方式,X表示总访问次数的第一预定比例,此时可确定预定时间内访问频度在总访问次数的第一预定比例以上的联系 人为第一类联系人,其中该总访问次数为预定时间内对联系人的总访问次数,例如5天内访问频度在总访问次数的3%以上的联系人。本发明实施例的第三种具体实现方式,X表示访问频度的预定名次,此时可确定预定时间内访问频度排名在预定名次以内的联系人,例如10小时内访问频度排名前3名的联系人。本发明实施例的第四种具体实现方式,X表示访问频度排名的第二预定比例,此时可确定预定时间内访问频度排名在第二预定比例以上的联系人为第一类联系人,例如5天内访问频度排名前3%的联系人。
当然,还可能存在其它确定第一类联系人的算法,本发明实施例在此不作限制。
240,确定参与认证的第一类联系人及第二类联系人中的干扰项。
本发明实施例中,干扰项是指用户最近没有访问过的联系人的信息。
认证装置根据配置信息从集合M中选取一个大小为i的子集R,要求用户最近没有与集合R中的联系人联系过,且集合R中元素都不在L中,然后从集合L中取一个大小为c的子集V,作为本次认证中要求用户的识别出来的第一类联系人。
如果集合L包含了系统中所有的联系人,则集合R为空,此时方案退化为要求用户从包含虚假联系人的联系人集合中识别出真实存在的联系人。
另外,为了降低记忆的难度,还可以增加V中元素的个数,也就是说,V中元素的个数可以多于c个。
250,确定第二类联系人中的混淆项。
本发明实施例中,混淆项是指系统随机生成的虚假联系人,或者说终端中不存在的联系人。
认证装置生成一组虚假联系人,个数为f,记为集合F。虚假联系人可以按照系统中初始配置好的常见姓氏和常见名字以及相关信息(如头像等)随机组合而成,也可以通过连接远端网络服务获取。集合F中的元素不能在集合L或D中出现。严格地说,集合F中的元素也不能在集合R中出现。
当然,也可不生成混淆项,此时f为0,集合F为空集。
260,生成认证挑战集合。
认证装置将集合V、R和F中的元素打乱混合,形成认证挑战集合A,即A=V+R+F(其中符号“+”代表集合加)。
270,呈现认证挑战集合,确认认证结果。
认证装置将认证挑战集合A呈现给用户,以供用户进行识别。
根据用户的认证识别结果,认证装置可确定认证的结果。如果用户能够从中选择出c个V中的元素,则认证成功;否则认证失败。
例如,可向用户呈现24条联系人信息,如果用户能够从中选择出3条正确的联系人信息,则认证成功,否则认证失败。
本发明实施例中,在计算第一类联系人时,可以按照联系行为产生时间到当前的时间长度进行赋权计算,用户也可以直接指定一组固定的联系人作为永久的第一类联系人,此时相当于对这组固定的联系人都赋予了最大的权。通过在构建最终显示在屏幕上的联系人集合A的过程中引入虚假联系人集合F,可以提高选择空间的大小,起到混淆的作用,另外还可以保护集合R和V中的信息,避免攻击者直接推断出终端中真实存在的联系人。另外,通过引入集合R可以进一步提高选择的难度,避免一个熟悉当前终端属主的攻击根据其关于该终端属主可能常用联系人的背景知识直接猜测出第一类联系人。
如图2所示,本发明实施例的方法可支持多种运行模式。当开机首次进行运行或者认证参数配置发生变化时,需要执行初始认证模式。初始认证模式需要执行前述步骤210至步骤270。如图2的箭头272指向所示,在认证结束后,如果认证参数配置发生变化,初始认证模式直接跳转到步骤210,执行步骤210至步骤270。当用户发生新的联系行为之后,此时用户的第一类联系人可能已经发生变化,认证装置需要执行联系认证模式。理论情况下,认证装置可在步骤270之前,步骤230之后的任一个步骤执行联系认证模式,但是,实际情况下,在认证过程中通常不会产生认证以外的交互行为,只有在认证结束后才可能产生别的交互行为。如图2的箭头273指向所示,此时,联系认证模式需要跳转到步骤230,执行步骤230到步骤270。重选认证主要在用户希望提供最强的抗偷窥能力,或当用户认证错误次数太多时使用,要求在集合L不变的前提下每次重新计算的子集V都不同,最多可以重选C|L| |V|(组合计算)次。与联系认证模式类似,重选认证模式需要在上一次认证完毕后执行。如图2的箭头274指向所示此时,重选认证模式需要跳转到步骤240,重选认证模式需要执行步骤240到步骤270,不变认证模式中集合A完全不变,基于同样的秘密和干扰信息对用户进行认证。如图2的箭头271指向所示,此时不变认证模式只需要重新执行步骤270。
在不变认证模式下,如果当前用户认证错误,下次认证仍然基于同样的干扰和秘密进行。随着通过逐步试错,排除的联系人组合逐渐增多,攻击者猜中可能性增大,但是下降速度非常缓慢。例如假设集合A中包含24个元素,认证时要求识别出3个第一类联系人(集合V大小为3),则攻击者一开始猜中的概率是1/2024(3个联系人的组合数为24*23*22/6=2024),攻击者尝试m次之后,其猜中的概率变为为1/2014-m,由此可以看出该方案在常见的参数尺寸下抵抗数千次的猜测攻击。通过在用户连续认证错误的情况,延时一段时间再进行认证(例如30秒),该方案可以长时间抵抗猜测攻击。为了进一步提高抗猜测能力,在连续认证错误一定次数之后,系统执行一次重选认证,可以重新计算挑战集合A,然后重新进入不变认证模式。
现有各种的认证方案,如口令,由于秘密是固定的,所以一旦认证时被偷窥,攻击者就能够掌握所有认证秘密,完全突破认证机制。本方案的认证秘密是基于第一类联系人这一不断动态变化的信息的。假设攻击者偷窥到了用户上次认证的秘密(当时的一组第一类联系人),并且他有条件能够拿到用户的终端,则他可以基于以前获得的秘密尝试认证。在很多情况下,终端的真实用户已经发生过几次新的通讯行为,此时第一类联系人已经发生变化,则上次的认证秘密失效,本方案具有完全的抗偷窥能力。在极少的情况下即使用户没有发生过任何新的通讯行为,如果用户对于抗偷窥特别关心,可以设置系统每次都执行重选认证,使得每次都基于不同的秘密认证用户,结合认证错误时延,可以提供较好的抗偷窥能力。例如用户有8个符合条件的第一类联系人(|L|=8),如果每次要求选中3个频繁联系人(|v|=3),则在执行56次重选认证之前,每次认证的秘密都不相同。
本发明实施例的方法通过虚假联系人集合F保护终端中真实存在的联系人信息,避免隐私信息的泄露。如果攻击者没有当前终端属主的可能的联系人的背景知识,则他将难以通过终端屏幕上的显示信息把终端中部分的真实的联系人从虚假联系人中区分开来,所以此时本方案不会引起额外的信息泄露。如果攻击者M同时拥有当前终端属主N和N的联系人O的背景知识,且拿到了N的终端,则此时M从N的终端上能够获得最大信息的是:N和O相互认识。此时这种隐私泄露量是极为微量的。
图3是本发明实施例以播放的音乐作品信息进行用户认证的流程示意图。本发明实施例中,认证信息为音频文件的特定属性信息,例如音频文件 名称、音频文件的专辑名称、音频文件中音乐的演奏者,音频文件中音乐的演唱歌手、演奏乐队或乐团等。本发明实施实例通过让用户回忆和选择其最近频繁播放收听的音乐作品或者音乐作品演奏者来实现对终端属主(即用户)的识别。为方便描述,下文提到的音乐作品信息即音频文件的特定属性信息。
本发明实施例中,认证装置可通过各种方式获取音频文件的音乐作品信息。例如,认证装置可能包括一个音频文件监控模块,用于监控终端的系统中音频文件及其打开的情况。
本发明实施例中,第一类认证信息为预定时间内发生频度在预定范围的音乐作品信息。应理解,一个音乐作品信息可能可以对应于多个音频文件。例如,当音乐作品信息为专辑名称时,属于同一专辑的所有音频文件的音乐作品信息相同,在计算发生频率时,应将属于同一专辑的所有音频文件的音乐作品信息合在一起计算。第二类认证信息为用于干扰用户判断的音乐作品信息。
如图3所示,本发明实施例初始认证过程的详细步骤具体如下:
310,认证参数配置。
用户可对认证装置的工作方式进行配置,配置的参数可保存在认证装置的配置数据库中。
用户可进行以下配置:
(1)排除音乐作品信息(可记为NP),此部分指定的音乐作品信息(例如,专辑、演奏者、演唱歌手、乐队等)将不参与认证信息的生成过程,从而允许用户可以直接排除一些敏感的音乐曲目或终端所有者的被众所周知的偏爱艺人。换句话说,集合NP的元素不出现在第一类音乐作品信息中。当然,为了避免混淆,集合NP的元素也不会出现在第二类音乐作品信息中。
(2)第一类音乐作品信息选择方法参数,可包括有效的播放音乐作品的时间要求(记为T,例如3天、5天、10小时等),音乐作品信息发生频度要求(记为X,表示预定次数,例如5次,或表示预定名次,例如前3名,或表示预定比例,例如3%等)。基于T和X确定的第一类音乐作品信息可记为L。当然,用户也可不进行配置,认证装置可对第一类音乐作品信息选择方法参数设置一个默认设置。另外,用户也可指定一个或多个音乐作品信息作为固定的第一类音乐作品信息,而不是通过上述T和X临时计算获得。 用户指定的第一类音乐作品信息可记为D。
(3)第二类音乐作品信息参数,可包括构造认证信息时混淆项数目(记为f)和/或构造认证信息时的干扰项的数目(记为i)。其中,混淆项是指系统随机生成的虚假音乐作品信息,或者说终端中不存在的音乐作品信息,干扰项是指没有出现在用户最近播放过音乐作品中的音乐作品信息。
(4)认证选择参数,可包括每次认证必须同时正确选择的第一类音乐作品信息的个数(记为c,例如,必须要同时正确选择3个才算通过认证)。认证装置还可引入一个安全强度调整功能,通过调整上述f、i和c的值来调整身份认证的安全强度,显然这三个数值越大,安全强度越高。具体地,认证装置可设定不同的难度级别,每个级别对应不同的值,其实现可通过安全强度拖动条或难度选择框等实现;或者,认证装置可提供一个数值调整功能,分别调整上述三个值。
配置完毕后,认证装置在启动认证时会自动加载对应的配置参数。
应理解,本发明实施例中,第一类音乐作品信息即为第一类认证信息,第二类音乐作品信息即为第二类认证信息。
320,读取终端的音乐作品信息。
认证装置可包括音频文件监控模块,用于监控音频文件的播放情况。认证装置可通过音频文件监控模块读取终端存储的所有音频文件及其演奏者的列表(记为L1)、最近音频文件播放列表(记为L2)。如果音频文件监控开关打开,则可以通过Hook系统文件打开函数等方式监控终端系统中对音频文件的打开操作,并且对数据库记录的信息进行持续更新。当然认证装置也可通过类似音频文件监控模块的功能模块实现上述功能,本发明实施例在此不作限制。
330,确定第一类音乐作品信息的集合。
如果用户指定了集合D或者终端中尚且没有足够的音乐播放记录,则把D中的元素都放入集合L中;否则模块根据L2计算音乐和演奏者的播放频度,取出一组最近频繁播放的音乐或作品演奏者放入集合L。如果L的元素个数小于c,则可以把所有音频文件列表或所有音频文件对应的演奏者放入集合L中。
通过T和X确定第一类音乐作品信息的集合的具体实现方式与步骤230中确定第一类联系人的方式类似,本发明实施例在此不再赘述。
此时构建的集合L为第一类音乐作品信息的集合。
340,确定参与认证的第一类音乐作品信息及第二类音乐作品信息中的干扰项。
本发明实施例中,干扰项是指没有出现在用户最近播放过音乐作品中的音乐作品信息。
认证装置根据配置信息从集合L1中选取一个大小为i的子集R,要求R中元素都没有在集合L2中出现(这些音乐作品信息近期未出现过),且集合R中元素都不在L中,然后从集合L中取一个大小为c的子集V,作为本次认证中要求用户的识别出来的第一类音乐作品信息。如果L包含了终端上的所有音频文件,则R为空而没有干扰项,此时方案退化为要求用户从包含虚假音乐作品信息集合中识别出终端上真实存在的音乐作品信息。
另外,为了降低记忆的难度,还可以增加V中元素的个数,也就是说,V中元素的个数可以多于c个。
350,获取第二类音乐作品信息中的混淆项。
本发明实施例中,混淆项是指系统随机生成的音乐作品信息,或者说终端中不存在的音乐作品信息。
认证装置生成一组虚假音乐作品信息(虚假的音乐、音乐专辑或者演奏者等),个数为f,记为集合F。虚假音乐作品信息可以按照系统中初始配置好的音乐库或者演奏者库而成;也可以通过连接远端网络服务获取。集合F中的元素不能在集合L或D中出现。
当然,也可不生成混淆项,此时f为0,集合F为空集。
360,生成认证挑战集合。
认证装置将集合V、R和F中的元素打乱混合,形成认证挑战集合A,即A=V+R+F(其中符号“+”代表集合加)。
370,呈现认证挑战集合,确认认证结果。
认证装置将认证挑战集合A呈现给用户,以供用户进行识别。
根据用户的认证识别结果,认证装置可确定认证的结果。如果用户能够从中选择出c个V中的元素,则认证成功;否则认证失败。
本发明实施例中,在计算第一类音乐作品信息时,可以按照播放行为产生时间到当前的时间长度进行赋权计算,用户也可以直接指定一组固定的音乐作品信息作为第一类音乐作品信息,此时相当于对这组固定的实体都赋予 了最大的权。通过在构建最终显示在屏幕上的集合A的过程中引入虚假认证信息集合F,提高选择空间的大小,起到混淆的作用,以提高对用户的区分度,另外还可以保护集合R和V中的信息。本方法引入集合R的目的是进一步提高选择的难度,避免一个知道终端中存在的音乐作品信息的攻击者直接猜测出第一类音乐作品信息。
如图3所示,本发明实施例的方法可支持多种运行模式。当开机首次进行运行或者认证参数配置发生变化时,需要执行初始认证模式。初始认证模式需要执行前述步骤310至步骤370。如图3的箭头372指向所示,在认证结束后,如果认证参数配置发生变化,初始认证模式直接跳转到步骤310,执行步骤310至步骤370。当用户发生新的播放行为之后,此时用户的第一类音乐作品信息可能已经发生变化,认证装置需要执行播放认证模式。理论情况下,认证装置可在步骤370之前,步骤330之后的任一个步骤执行播放认证模式,但是,实际情况下,在认证过程中通常不会产生认证以外的交互行为,只有在认证结束后才可能产生别的交互行为。如图3的箭头373指向所示,此时,播放认证模式需要跳转到步骤330,执行步骤330到步骤370。重选认证主要在用户希望提供最强的抗偷窥能力,或当用户认证错误次数太多时使用,要求在集合L不变的前提下每次重新计算的子集V都不同,最多可以重选C|L| |V|(组合计算)次。与播放认证模式类似,重选认证模式需要在上一次认证完毕后执行。如图3的箭头374指向所示此时,重选认证模式需要跳转到步骤340,重选认证模式需要执行步骤340到步骤370,不变认证模式中集合A完全不变,基于同样的秘密和干扰信息对用户进行认证。如图3的箭头371指向所示,此时不变认证模式只需要重新执行步骤370。
在不变认证模式下,如果当前用户认证错误,下次认证仍然基于同样的干扰和秘密进行。随着通过逐步试错,排除的音乐作品信息组合逐渐增多,攻击者猜中可能性增大,但是下降速度非常缓慢。例如假设集合A中包含24个元素,认证时要求识别出3个第一类音乐作品信息(集合V大小为3),则攻击者一开始猜中的概率是1/2024(3个音乐作品信息的组合数为24*23*22/6=2024),攻击者尝试m次之后,其猜中的概率变为为1/2014-m,由此可以看出该方案在常见的参数尺寸下抵抗数千次的猜测攻击。通过在用户连续认证错误的情况,延时一段时间再进行认证(例如30秒),该方案可以长时间抵抗猜测攻击。为了进一步提高抗猜测能力,在连续认证错误一定 次数之后,系统执行一次重选认证,可以重新计算挑战集合A,然后重新进入不变认证模式。
现有各种的认证方案,如口令,由于秘密是固定的,所以一旦认证时被偷窥,攻击者就能够掌握所有认证秘密,完全突破认证机制。本方案的认证秘密是基于第一类音乐作品信息这一不断动态变化的信息的。假设攻击者偷窥到了用户上次认证的秘密(当时的一组第一类音乐作品信息),并且他有条件能够拿到用户的终端,则他可以基于以前获得的秘密尝试认证。在很多情况下,终端的真实用户已经发生过几次新的播放行为,此时第一类音乐作品信息已经发生变化,则上次的认证秘密失效,本方案具有完全的抗偷窥能力。在极少的情况下即使用户没有发生过任何新的播放行为,如果用户对于抗偷窥特别关心,可以设置系统每次都执行重选认证,使得每次都基于不同的秘密认证用户,结合认证错误时延,可以提供较好的抗偷窥能力。例如用户有8个符合条件的第一类音乐作品信息(|L|=8),如果每次要求选中3个第一类音乐作品信息(|v|=3),则在执行56次重选认证之前,每次认证的秘密都不相同。
图4是本发明实施例以访问网站的网站信息进行用户认证的流程示意图。本发明实施例中,认证信息为访问网站的特定属性信息,例如网址、网站名、网站图标、域名等作为用户识别的网站标识。为方便描述,下文提到的网站信息即指代访问网站的特定属性信息。
本发明实施例中,认证装置可通过各种方式获取网站信息。例如,认证装置可能包括一个网址输入监控模块,负责监控并记录用户在浏览器中的网址输入,实现形式可以是嵌入到现有浏览器中的BHO(浏览器辅助对象)对象或者手机设备制造商自主开发的、支持网址访问记录的浏览器。网址输入监控模块可一直监控和记录用户通过浏览器地址栏或者收藏夹输入的网站地址,浏览器自动打开窗口自动进行的网址访问不进行记录。
本发明实施例中,第一类认证信息为预定时间内访问频度在预定范围的网站信息。第二类认证信息为用于干扰用户判断的网站信息。
如图4所示,本发明实施例初始认证过程的详细步骤具体如下:
410,认证参数配置。
用户可对认证装置的工作方式进行配置,配置的参数可保存在认证装置的配置数据库中。
用户可进行以下配置:
(1)排除网站信息(可记为NP),此部分指定网站信息将不参与认证信息的生成过程,从而允许用户可以直接排除一些用户感到敏感而不想使用的网址和一些用户几乎每天都固定会访问的网站。换句话说,集合NP的元素不出现在第一类网站信息中。当然,为了避免混淆,集合NP的元素也不会出现在第二类网站信息中。
(2)第一类网站信息选择方法参数,可包括有效的网站信息的时间要求(记为T,例如3天、5天、10小时等),网站信息发生频度要求(记为X,表示预定次数,例如5次,或表示预定名次,例如前3名,或表示预定比例,例如3%等)。基于T和X确定的第一类网站信息可记为L。当然,用户也可不进行配置,认证装置可对第一类网站信息选择方法参数设置一个默认设置。另外,用户也可指定一个或多个网站信息作为固定的第一类网站信息,而不是通过上述T和X临时计算获得。用户指定的第一类网站信息可记为D。
(3)第二类网站信息参数,可包括构造认证信息时混淆项数目(记为f)和/或构造认证信息时的干扰项的数目(记为i)。其中,混淆项是指系统随机生成的虚假网站信息,即用户从未访问过的网站的网站信息,干扰项是指用户之前访问过但最近没有访问过的网站的网站信息。
(4)认证选择参数,可包括每次认证必须同时正确选择的第一类网站信息的个数(记为c,例如,必须要同时正确选择3个才算通过认证)。认证装置还可引入一个安全强度调整功能,通过调整上述f、i和c的值来调整身份认证的安全强度,显然这三个数值越大,安全强度越高。具体地,认证装置可设定不同的难度级别,每个级别对应不同的值,其实现可通过安全强度拖动条或难度选择框等实现;或者,认证装置可提供一个数值调整功能,分别调整上述三个值。
配置完毕后,认证装置在启动认证时会自动加载对应的配置参数。
应理解,本发明实施例中,第一类网站信息即为第一类认证信息,第二类网站信息即为第二类认证信息。
420,读取终端的网站信息。
认证装置可包括网址输入监控模块,用于监控访问的网站。认证装置可通过网址输入监控模块读取终端存储的用户网址访问记录(记为列表List),如果监控开关打开,则可以通过网址输入监控模块监控用户网址输入并更新 列表List。对于集合NP或集合D中的网站信息,可不予以记录。当然认证装置也可通过类似网址输入监控模块的功能模块,实现上述功能,本发明实施例在此不作限制。
430,确定第一类网站信息的集合。
初始启动或列表List更新后,模块按照预先配置的筛选条件选择一组最近频繁访问的网站放入集合L。如果用户指定了集合D或者终端中尚且没有足够的网址记录,则把D中的元素都放入集合L中。从集合L中取一个大小为c的子集V,作为本次认证中要求用户的识别出来的网站信息。如果L的大小小于c,则可以把所有网址放入集合L中。
此时构建的集合L为第一类网站信息的集合。
440,确定参与认证的第一类网站信息及第二类网站信息中的干扰项。
本发明实施例中,干扰项是用户之前访问过但最近没有访问过的访问网站的网站信息。
认证装置根据配置信息从列表List中选取一个大小为i的子集R,要求R中元素都不在L中,然后从集合L中取一个大小为c的子集V,作为本次认证中要求用户的识别出来的第一类网站信息。如果L包含了终端上的所有访问网站的网站信息记录,则R为空而没有干扰项,此时方案退化为要求用户从包含虚假网站信息的集合中识别出终端上真实存在的访问网站的网站信息。
另外,为了降低记忆的难度,还可以增加V中元素的个数,也就是说,V中元素的个数可以多于c个。
450,确定第二类网站信息中的混淆项。
本发明实施例中,混淆项是指系统随机生成的网站信息,或者说终端从未访问过的网站的网站信息。
认证装置生成一组虚假网站信息,个数为f,记为集合F。虚假网站信息可以按照系统中初始配置好的网站信息库筛选而生;也可以通过连接远端网络服务检索获取。集合F中的元素不能在集合L或D中出现。
当然,也可不生成混淆项,此时f为0,集合F为空集。
460,生成认证挑战集合。
认证装置将集合V、R和F中的元素打乱混合,形成认证挑战集合A,即A=V+R+F(其中符号“+”代表集合加)。
470,呈现认证挑战集合,确认认证结果。
认证装置将认证挑战集合A呈现给用户,以供用户进行识别。
根据用户的认证识别结果,认证装置可确定认证的结果。如果用户能够从中选择出c个V中的元素,则认证成功;否则认证失败。
本发明实施例中,在计算第一类网站信息时,可以按照访问行为产生时间到当前的时间长度进行赋权计算,用户也可以直接指定一组固定的网站信息作为第一类网站信息,此时相当于对这组固定的实体都赋予了最大的权。通过在构建最终显示在屏幕上的集合A的过程中引入虚假认证信息集合F,提高选择空间的大小,起到混淆的作用,以提高对用户的区分度,另外还可以保护集合R和V中的信息。本方法引入集合R的目的是进一步提高选择的难度,避免一个知道终端中存在的网站信息的攻击者直接猜测出第一类网站信息。
如图4所示,本发明实施例的方法可支持多种运行模式。当开机首次进行运行或者认证参数配置发生变化时,需要执行初始认证模式。初始认证模式需要执行前述步骤410至步骤470。如图4的箭头472指向所示,在认证结束后,如果认证参数配置发生变化,初始认证模式直接跳转到步骤410,执行步骤410至步骤470。当用户发生新的访问网站行为之后,此时用户的最近频繁访问网站可能已经发生变化,认证装置需要执行访问认证模式。理论情况下,认证装置可在步骤470之前,步骤430之后的任一个步骤执行访问认证模式,但是,实际情况下,在认证过程中通常不会产生认证以外的交互行为,只有在认证结束后才可能产生别的交互行为。如图4的箭头473指向所示,此时,访问认证模式需要跳转到步骤430,执行步骤430到步骤470。重选认证主要在用户希望提供最强的抗偷窥能力,或当用户认证错误次数太多时使用,要求在集合L不变的前提下每次重新计算的子集V都不同,最多可以重选C|L| |V|(组合计算)次。与访问认证模式类似,重选认证模式需要在上一次认证完毕后执行。如图4的箭头474指向所示此时,重选认证模式需要跳转到步骤440,重选认证模式需要执行步骤440到步骤470,不变认证模式中集合A完全不变,基于同样的秘密和干扰信息对用户进行认证。如图4的箭头471指向所示,此时不变认证模式只需要重新执行步骤470。
在不变认证模式下,如果当前用户认证错误,下次认证仍然基于同样的干扰和秘密进行。随着通过逐步试错,排除的网站信息组合逐渐增多,攻击 者猜中可能性增大,但是下降速度非常缓慢。例如假设集合A中包含24个元素,认证时要求识别出3个第一类网站信息(集合V大小为3),则攻击者一开始猜中的概率是1/2024(3个访问网站的组合数为24*23*22/6=2024),攻击者尝试m次之后,其猜中的概率变为为1/2014-m,由此可以看出该方案在常见的参数尺寸下抵抗数千次的猜测攻击。通过在用户连续认证错误的情况,延时一段时间再进行认证(例如30秒),该方案可以长时间抵抗猜测攻击。为了进一步提高抗猜测能力,在连续认证错误一定次数之后,系统执行一次重选认证,可以重新计算挑战集合A,然后重新进入不变认证模式。
现有各种的认证方案,如口令,由于秘密是固定的,所以一旦认证时被偷窥,攻击者就能够掌握所有认证秘密,完全突破认证机制。本方案的认证秘密是基于第一类网站信息这一不断动态变化的信息的。假设攻击者偷窥到了用户上次认证的秘密(当时的一组第一类网站信息),并且他有条件能够拿到用户的终端,则他可以基于以前获得的秘密尝试认证。在很多情况下,终端的真实用户已经发生过几次新的访问行为,此时第一类网站信息已经发生变化,则上次的认证秘密失效,本方案具有完全的抗偷窥能力。在极少的情况下即使用户没有发生过任何新的访问行为,如果用户对于抗偷窥特别关心,可以设置系统每次都执行重选认证,使得每次都基于不同的秘密认证用户,结合认证错误时延,可以提供较好的抗偷窥能力。例如用户有8个符合条件的第一类网站信息(|L|=8),如果每次要求选中3个第一类网站信息(|v|=3),则在执行56次重选认证之前,每次认证的秘密都不相同。
图5是本发明实施例以阅读的电子书信息进行用户认证的流程示意图。本发明实施例中,认证信息为为阅读的电子书的特定属性信息,例如,电子书的书名,电子书的作者,电子书的封面,或者电子书的书名和封面的组合,等等。本发明实施例通过让用户回忆和识别他/她最近的频繁阅读的电子书实现身份验证。为方便描述,下文提到的电子书信息即指电子书的特定属性信息。
如图5所示,本发明实施例初始认证过程的详细步骤具体如下:
510,认证参数配置。
用户可对认证装置的工作方式进行配置,配置的参数可保存在认证装置的配置数据库中。
用户可进行以下配置:
(1)排除电子书信息(可记为NP),此部分指定电子书信息将不参与认证信息的生成过程,从而允许用户可以直接排除一些用户认为敏感的电子书信息。换句话说,集合NP的元素不出现在第一类电子书信息。当然,为了避免混淆,集合NP的元素也不会出现在第二类电子书信息中。
(2)第一类电子书信息选择方法参数,可包括有效的阅读的电子书的时间要求(记为T,例如3天、5天、10小时等),阅读的电子书信息发生频度要求(记为X,表示预定次数,例如5次,或表示预定名次,例如前3名,或表示预定比例,例如3%等)。基于T和X确定的第一类电子书信息可记为L。当然,用户也可不进行配置,认证装置可对第一类电子书信息选择方法参数设置一个默认设置。另外,用户也可指定一个或多个阅读的电子书作为固定的第一类电子书信息,而不是通过上述T和X临时计算获得。用户指定的第一类电子书信息可记为D。(3)第二类电子书信息参数,可包括构造认证信息时混淆项数目(记为f)和/或构造认证信息时的干扰项的数目(记为i)。其中,混淆项是指系统随机生成的虚假电子书信息,或者说终端中不存在的电子书信息,干扰项是指用户最近没有阅读过的电子书信息。(4)认证选择参数,可包括每次认证必须同时正确选择的第一类电子书信息的个数(记为c,例如,必须要同时正确选择3个才算通过认证)。认证装置还可引入一个安全强度调整功能,通过调整上述f、i和c的值来调整身份认证的安全强度,显然这三个数值越大,安全强度越高。具体地,认证装置可设定不同的难度级别,每个级别对应不同的值,其实现可通过安全强度拖动条或难度选择框等实现;或者,认证装置可提供一个数值调整功能,分别调整上述三个值。
配置完毕后,认证装置在启动认证时会自动加载对应的配置参数。
520,读取终端的电子书阅读记录。
认证装置可通过类似电子书监控模块的功能模块,读取终端存储的中所有电子书的记录(记为L1)及用户的电子书打开记录(记为L2)。如果电子书监控开关是打开的,根据主要的电子书类型(如PDF等)跟踪这些类型的文件的创建、打开和关闭行为,并据此更新L1和L2。对于集合NP或集合D中的电子书,可不进行监控。
530,确定第一类电子书信息的集合。
如果用户指定了集合D或者终端中尚且没有足够的电子书打开记录,则认证装置可以把D中的元素放入集合L中;否则认证装置可获取L2和L1,依据L2结合权重配置计算各个电子书的阅读频率,取出频度最高的一组电子书放入集合L。
此时构建的集合L为第一类电子书信息的集合。
540,确定参与认证的第一类电子书信息及第二类电子书信息中的干扰项。
本发明实施例中,干扰项是用户最近没有阅读过的阅读的电子书。
认证装置从L1中选取一个子集R,要求R中元素都没有在集合L2和L中出现,然后从集合L中取一个大小为c的子集V,作为本次认证中要求用户的识别出来的第一类电子书信息。如果L包含了系统所有的电子书的信息,则R为空,此时方案退化为要求用户从包含虚假信息的全部电子书中识别出终端中真实存在的电子书的信息。
另外,为了降低记忆的难度,还可以增加V中元素的个数,也就是说,V中元素的个数可以多于c个。
550,确定第二类电子书信息中的混淆项。
本发明实施例中,混淆项是指系统随机生成的阅读的电子书,或者说终端中不存在的电子书。
认证装置生成一组虚假的电子书,个数为f,记为集合F。虚假阅读的电子书可以按照系统中初始配置好的电子书库筛选而生;也可以通过连接远端网络服务检索获取。集合F中的元素不能在集合L或D中出现。
当然,也可不生成混淆项,此时f为0,集合F为空集。
560,生成认证挑战集合。
认证装置将集合V、R和F中的元素打乱混合,形成认证挑战集合A,即A=V+R+F(其中符号“+”代表集合加)。
570,呈现认证挑战集合,确认认证结果。
认证装置将认证挑战集合A呈现给用户,以供用户进行识别。
根据用户的认证识别结果,认证装置可确定认证的结果。如果用户能够从中选择出c个V中的元素,则认证成功;否则认证失败。
本发明实施例中,在计算第一类电子书信息时,可以按照阅读行为产生时间到当前的时间长度进行赋权计算,用户也可以直接指定一组固定的电子 书作为第一类电子书信息,此时相当于对这组固定的实体都赋予了最大的权。通过在构建最终显示在屏幕上的集合A的过程中引入虚假认证信息集合F,提高选择空间的大小,起到混淆的作用,以提高对用户的区分度,另外还可以保护集合R和V中的信息。本方法引入集合R的目的是进一步提高选择的难度,避免一个知道终端中存在的电子书信息的攻击者直接猜测出第一类电子书信息。
如图5所示,本发明实施例的方法可支持多种运行模式。当开机首次进行运行或者认证参数配置发生变化时,需要执行初始认证模式。初始认证模式需要执行前述步骤510至步骤570。如图5的箭头572指向所示,在认证结束后,如果认证参数配置发生变化,初始认证模式直接跳转到步骤510,执行步骤510至步骤570。当用户发生新的阅读的电子书行为之后,此时用户的第一类电子书信息可能已经发生变化,认证装置需要执行阅读认证模式。理论情况下,认证装置可在步骤570之前,步骤530之后的任一个步骤执行阅读认证模式,但是,实际情况下,在认证过程中通常不会产生认证以外的交互行为,只有在认证结束后才可能产生别的交互行为。如图5的箭头573指向所示,此时,阅读认证模式需要跳转到步骤530,执行步骤530到步骤570。重选认证主要在用户希望提供最强的抗偷窥能力,或当用户认证错误次数太多时使用,要求在集合L不变的前提下每次重新计算的子集V都不同,最多可以重选C|L| |V|(组合计算)次。与阅读认证模式类似,重选认证模式需要在上一次认证完毕后执行。如图5的箭头574指向所示此时,重选认证模式需要跳转到步骤540,重选认证模式需要执行步骤540到步骤570,不变认证模式中集合A完全不变,基于同样的秘密和干扰信息对用户进行认证。如图5的箭头571指向所示,此时不变认证模式只需要重新执行步骤570。
在不变认证模式下,如果当前用户认证错误,下次认证仍然基于同样的干扰和秘密进行。随着通过逐步试错,排除的电子书信息组合逐渐增多,攻击者猜中可能性增大,但是下降速度非常缓慢。例如假设集合A中包含24个元素,认证时要求识别出3个第一类电子书信息(集合V大小为3),则攻击者一开始猜中的概率是1/2024(3个阅读的电子书的组合数为24*23*22/6=2024),攻击者尝试m次之后,其猜中的概率变为为1/2014-m,由此可以看出该方案在常见的参数尺寸下抵抗数千次的猜测攻击。通过在用 户连续认证错误的情况,延时一段时间再进行认证(例如30秒),该方案可以长时间抵抗猜测攻击。为了进一步提高抗猜测能力,在连续认证错误一定次数之后,系统执行一次重选认证,可以重新计算挑战集合A,然后重新进入不变认证模式。
现有各种的认证方案,如口令,由于秘密是固定的,所以一旦认证时被偷窥,攻击者就能够掌握所有认证秘密,完全突破认证机制。本方案的认证秘密是基于第一类电子书信息这一不断动态变化的信息的。假设攻击者偷窥到了用户上次认证的秘密(当时的一组第一类电子书信息),并且他有条件能够拿到用户的终端,则他可以基于以前获得的秘密尝试认证。在很多情况下,终端的真实用户已经发生过几次新的阅读行为,此时第一类电子书信息已经发生变化,则上次的认证秘密失效,本方案具有完全的抗偷窥能力。在极少的情况下即使用户没有发生过任何新的阅读行为,如果用户对于抗偷窥特别关心,可以设置系统每次都执行重选认证,使得每次都基于不同的秘密认证用户,结合认证错误时延,可以提供较好的抗偷窥能力。例如用户有8个符合条件的第一类电子书信息(|L|=8),如果每次要求选中3个第一类电子书信息(|v|=3),则在执行56次重选认证之前,每次认证的秘密都不相同。
图6是本发明实施例以使用的应用(Application,APP)信息进行用户认证的流程示意图。本发明实施例中,认证信息为使用的APP的特定属性信息,例如APP的名称,APP的开发公司,APP的应用图标,或者APP的名称和图标的组合,等等。本发明实施例通过让用户回忆和识别他/她最近的频繁使用的APP实现身份验证。为方便描述,下文提到的APP信息即指APP的特定属性信息。
如图6所示,本发明实施例初始认证过程的详细步骤具体如下:
610,认证参数配置。
用户可对认证装置的工作方式进行配置,配置的参数可保存在认证装置的配置数据库中。
用户可进行以下配置:
(1)排除APP信息(可记为NP),此部分指定APP信息将不参与认证信息的生成过程,从而允许用户可以直接排除一些众所周知的APP信息或者用户异常敏感的APP信息。换句话说,集合NP的元素不出现在第一类APP信息中。当然,为了避免混淆,集合NP的元素也不会出现在第二类 APP信息中。
(2)第一类APP信息选择方法参数,可包括有效的使用的APP的时间要求(记为T,例如3天、5天、10小时等),使用的APP发生频度要求(记为X,表示预定次数,例如5次,或表示预定名次,例如前3名,或表示预定比例,例如3%等)。基于T和X确定的第一类APP信息可记为L。当然,用户也可不进行配置,认证装置可对第一类APP信息选择方法参数设置一个默认设置。另外,用户也可指定一个或多个APP信息作为固定的第一类APP信息,而不是通过上述T和X临时计算获得。用户指定的第一类APP信息可记为D。
(3)第二类APP信息参数,可包括构造认证信息时混淆项数目(记为f)和/或构造认证信息时的干扰项的数目(记为i)。其中,混淆项是指系统随机生成的虚假APP信息,或者说终端中不存在的APP信息,干扰项是指用户最近没有使用过的APP的信息。(4)认证选择参数,可包括每次认证必须同时正确选择的第一类APP信息的个数(记为c,例如,必须要同时正确选择3个才算通过认证)。认证装置还可引入一个安全强度调整功能,通过调整上述f、i和c的值来调整身份认证的安全强度,显然这三个数值越大,安全强度越高。具体地,认证装置可设定不同的难度级别,每个级别对应不同的值,其实现可通过安全强度拖动条或难度选择框等实现;或者,认证装置可提供一个数值调整功能,分别调整上述三个值。
配置完毕后,认证装置在启动认证时会自动加载对应的配置参数。
620,读取终端的APP的安装使用行为记录。
认证装置可包括APP使用跟踪模块,用于读取APP安装和使用行为记录。认证装置通过APP使用跟踪模块,读取APP安装和使用行为记录(记为H)。如果APP追踪开关是打开的,开始跟踪系统中的APP安装和使用行为,并更新H。对于集合NP或集合D中的APP,其安装和打开行为可不予以记录。
630,获取第一类APP信息的集合。
如果用户指定了使用集合D或用户终端中尚且没有足够的APP使用记录,则认证信息计算模块直接将D中元素加入到L中;否则获取集合H,结合权重参数计算各个APP的使用频度并且排序,取频度满足要求的一组APP放入集合L。
此时构建的集合L为第一类APP信息的集合。
640,获取参与认证的第一类APP信息及第二类APP信息中的干扰项。
本发明实施例中,干扰项是用户最近没有使用过的APP的信息。
认证装置查询并获取一组已经安装的APP放入集合R中,要求R中的APP用户最近没有使用过且不在L中出现,然后从集合L中取一个大小为c的子集V,作为本次认证中要求用户的识别出来的第一类APP信息。如果L包含了系统通讯录中所有的联系人信息,则R为空,此时方案退化为要求用户从混入混淆项的APP集合中识别出终端上真实存在的APP信息。
另外,为了降低记忆的难度,还可以增加V中元素的个数,也就是说,V中元素的个数可以多于c个。
650,确定第二类APP信息中的混淆项。
本发明实施例中,混淆项是指系统随机生成的APP信息,或者说终端中不存在的APP信息。
认证装置生成一组虚假APP信息,个数为f,记为集合F。虚假APP信息可以按照系统中初始配置好虚假APP数据库获得;也可以通过连接远端网络服务获取。集合F中的元素不能在集合L或D中出现。
当然,也可不生成混淆项,此时f为0,集合F为空集。
660,生成认证挑战集合。
认证装置将集合V、R和F中的元素打乱混合,形成认证挑战集合A,即A=V+R+F(其中符号“+”代表集合加)。
670,呈现认证挑战集合,确认认证结果。
认证装置将认证挑战集合A呈现给用户,以供用户进行识别。
根据用户的认证识别结果,认证装置可确定认证的结果。如果用户能够从中选择出c个V中的元素,则认证成功;否则认证失败。
本发明实施例中,在计算第一类APP信息时,可以按照使用行为产生时间到当前的时间长度进行赋权计算,用户也可以直接指定一组固定的APP信息作为第一类APP信息,此时相当于对这组固定的实体都赋予了最大的权。通过在构建最终显示在屏幕上的集合A的过程中引入虚假认证信息集合F,提高选择空间的大小,起到混淆的作用,以提高对用户的区分度,另外还可以保护集合R和V中的信息。本方法引入集合R的目的是进一步提高选择的难度,避免一个知道终端中存在的使用的APP的攻击者直接猜测出 第一类APP信息。
如图6所示,本发明实施例的方法可支持多种运行模式。当开机首次进行运行或者认证参数配置发生变化时,需要执行初始认证模式。初始认证模式需要执行前述步骤610至步骤670。如图6的箭头672指向所示,在认证结束后,如果认证参数配置发生变化,初始认证模式直接跳转到步骤610,执行步骤610至步骤670。当用户发生新的使用的APP行为之后,此时用户的第一类APP信息可能已经发生变化,认证装置需要执行使用认证模式。理论情况下,认证装置可在步骤670之前,步骤630之后的任一个步骤执行使用认证模式,但是,实际情况下,在认证过程中通常不会产生认证以外的交互行为,只有在认证结束后才可能产生别的交互行为。如图6的箭头673指向所示,此时,使用认证模式需要跳转到步骤630,执行步骤630到步骤670。重选认证主要在用户希望提供最强的抗偷窥能力,或当用户认证错误次数太多时使用,要求在集合L不变的前提下每次重新计算的子集V都不同,最多可以重选C|L| |V|(组合计算)次。与使用认证模式类似,重选认证模式需要在上一次认证完毕后执行。如图6的箭头674指向所示此时,重选认证模式需要跳转到步骤640,重选认证模式需要执行步骤640到步骤670,不变认证模式中集合A完全不变,基于同样的秘密和干扰信息对用户进行认证。如图6的箭头671指向所示,此时不变认证模式只需要重新执行步骤670。
在不变认证模式下,如果当前用户认证错误,下次认证仍然基于同样的干扰和秘密进行。随着通过逐步试错,排除的使用的APP组合逐渐增多,攻击者猜中可能性增大,但是下降速度非常缓慢。例如假设集合A中包含24个元素,认证时要求识别出3个第一类APP信息(集合V大小为3),则攻击者一开始猜中的概率是1/2024(3个使用的APP的组合数为24*23*22/6=2024),攻击者尝试m次之后,其猜中的概率变为为1/2014-m,由此可以看出该方案在常见的参数尺寸下抵抗数千次的猜测攻击。通过在用户连续认证错误的情况,延时一段时间再进行认证(例如30秒),该方案可以长时间抵抗猜测攻击。为了进一步提高抗猜测能力,在连续认证错误一定次数之后,系统执行一次重选认证,可以重新计算挑战集合A,然后重新进入不变认证模式。
现有各种的认证方案,如口令,由于秘密是固定的,所以一旦认证时被偷窥,攻击者就能够掌握所有认证秘密,完全突破认证机制。本方案的认证 秘密是基于第一类APP信息这一不断动态变化的信息的。假设攻击者偷窥到了用户上次认证的秘密(当时的一组第一类APP信息),并且他有条件能够拿到用户的终端,则他可以基于以前获得的秘密尝试认证。在很多情况下,终端的真实用户已经发生过几次新的使用行为,此时第一类APP信息已经发生变化,则上次的认证秘密失效,本方案具有完全的抗偷窥能力。在极少的情况下即使用户没有发生过任何新的使用行为,如果用户对于抗偷窥特别关心,可以设置系统每次都执行重选认证,使得每次都基于不同的秘密认证用户,结合认证错误时延,可以提供较好的抗偷窥能力。例如用户有8个符合条件的第一类APP信息(|L|=8),如果每次要求选中3个第一类APP信息(|v|=3),则在执行56次重选认证之前,每次认证的秘密都不相同。
上述几个实施例只是介绍了几种可以用作身份认证的交互对象的信息,例如联系人信息、使用的APP信息、音乐作品的标识或演奏者信息、访问网站信息和阅读电子书信息。当然,本发明实施例的方法还可以使用多种认证信息,例如,视频文件的导演、名称、终端所到过的地理区域信息(通过终端上的终端用户在移动网络的位置记录获得)或者终端内浏览的图片信息,等等,具体实现的方法可以参考上述实施例。
图7是本发明实施例认证装置700的结构示意图。认证装置700可包括确认单元701、认证呈现单元702、接收单元703和认证单元704。
确认单元701用于确定认证装置700所在的终端的第一类认证信息和第二类认证信息。
其中,该第一类认证信息包括该终端的特定交互行为所对应的交互对象的特定属性信息中在预定时间内发生频度为预定范围的特定属性信息,该特定属性信息为该交互对象的一种属性信息或多种属性信息的组合,该第二类认证信息用于干扰该终端的用户选择该第一类认证信息。
应理解,特定交互行为,是指认证过程中用于判定发生频度的交互行为。特定交互行为所对应的交互对象,是指采集第一类认证信息的来源,该交互对象的特定属性信息可用于构成第一类认证信息。
应理解,该特定属性信息为该交互对象的一种属性信息或多种属性信息的组合,可例如唯一标识、名称、图片,或者名称+图片,等等。
应理解,不同交互对象的特定属性信息可能相同。例如,同一个专辑的音频文件中,其专辑名称相同。又例如,几本不同电子书的作者,可能为同 一个作者,等等。在确认第一类认证信息时,是以特定交互行为所对应的交互对象的特定属性信息的发生频率来确定的。
应理解,该第二类认证信息可包括以下至少一种:该终端的特定交互行为所对应的交互对象的特定属性信息中在预定时间内发生频度为预定范围以外的特定属性信息;不属于该终端的特定交互行为所对应的交互对象的特定属性信息中的特定属性信息。
可选地,该终端的特定交互行为是认证过程中指定的交互行为。该终端的特定交互行为可以有多种表现形式,相应的,该第一类认证信息和该第二类认证信息也可以有多种表现形式。例如,该终端的特定交互行为可包括该终端访问该终端的联系人的行为,该第一类认证信息和该第二类认证信息为联系人的特定属性信息;或者,该终端的特定交互行为可包括该终端访问该终端的音视频文件的行为,该第一类认证信息和该第二类认证信息为音视频文件的特定属性信息;或者,该终端的特定交互行为可包括该终端访问该终端的应用的行为,该第一类认证信息和该第二类认证信息为应用的特定属性信息;或者,该终端的特定交互行为可包括该终端访问网站的行为,该第一类认证信息和该第二类认证信息为网站的特定属性信息;或者,该终端的特定交互行为可包括该终端访问该终端的图片的行为,该第一类认证信息和该第二类认证信息为图片的特定属性信息;或者,该终端的特定交互行为可包括该终端访问该终端的电子书的行为,该第一类认证信息和该第二类认证信息为电子书的特定属性信息;或者,该终端的特定交互行为可包括该终端与该终端外设备通信的行为,该第一类认证信息和该第二类认证信息为该终端与该终端外设备通信时所处的地理区域的信息。本发明实施例的一种具体实现方式,当第一类认证信息为联系人的特定属性信息时,该联系人信息具体可以是联系人的照片、联系人的姓名、联系人的联系电话,或者联系人的姓名+图片等等。本发明实施例的另一种具体实现方式,当第一类认证信息为音频文件信息时,该音频文件信息可以是音频文件的名称、音频文件的专辑名称或者是音频文件的演奏者,等等。
可选地,该终端可以有多种具体实现形式,例如,智能手机、平板电脑、个人计算机、服务器或工作站。当然,该终端还可以是其它具备认证功能的设备,本发明实施例在此不作限制。
应理解,该第一类认证信息包括该终端的特定交互行为所对应的交互对 象的特定属性信息中在预定时间内发生频度为预定范围的特定属性信息,其中发生频度为预定范围,该范围可以是一个绝对频度范围,也可以是一个相对频度范围,例如该预定范围为该终端的特定交互行为所对应的交互对象的特定属性信息中在预定时间内发生次数在预定次数以上的范围,或者该终端的特定交互行为所对应的交互对象的特定属性信息中在预定时间内发生次数在总发生次数的预定比例以上的范围,或者终端的特定交互行为所对应的交互对象的特定属性信息中在预定时间内发生次数排名在预定名次以内的范围,或者该终端的特定交互行为所对应的交互对象的特定属性信息中在预定时间内发生次数排名在预定比例以内的范围。例如,该第一类认证信息可以是3天内通话次数在5次以上的联系人的姓名,或者是2天内电子书阅读次数占两天内总阅读10%以上的电子书名称,或者是5天内播放排名前3位的音乐专辑,或者是12小时内访问网站频率在前5%的网站,等等。
应理解,该预定时间、预定范围都是可配置的。例如,可将该预定时间配置为12小时,1天,2天,3天乃至1月,等等,本发明实施例对此不作限制。又例如,可将该预定范围配置为发生频度在1次以上,5次以上,或者是所有发生频度的前5名,前5%,等等。
可选地,该第一类认证信息还包括该终端的用户在该终端中所指定的交互对象的特定属性信息,以便减少该终端的用户对该第一类认证信息的记忆代价。
认证呈现单元702,用于向该终端的用户呈现第一认证挑战集合。
其中,该第一认证挑战集合包括至少一个该第一类认证信息和至少一个该第二类认证信息。
接收单元703,用于接收该终端的用户对该第一认证挑战集合中的该第一类认证信息和该第二类认证信息的识别结果。
认证单元704,用于根据该识别结果中该第一类认证信息的识别正确率确定认证结果。
本发明实施例中,认证装置700通过所在终端中预定时间内预定发生频率的交互对象的特定属性信息动态地生成认证信息以对用户进行认证,由于最近最频繁使用的特定交互对象的信息属于用户记忆期内的信息,可以降低用户记忆的代价,同时每次出现的认证信息都不固定,又可以避免因为不慎被偷窥而导致认证信息被窃取,因而认证装置700在减少用户对认证信息的 记忆代价的同时,还具备一定的抗偷窥能力。
另外,由于认证装置700可以基于访问频率动态地生成认证信息以对用户进行认证,还可以提高用户的使用体验。
可选地,在接收单元703接收该终端的用户对该第一认证挑战集合中的该第一类认证信息和该第二类认证信息的识别结果之前,如果该终端的特定交互行为所对应的交互对象发生变化,或者该终端产生新的该特定交互行为,则确定单元701还用于重新确定该终端的第一类认证信息和第二类认证信息,以便认证呈现单元702向该终端的用户呈现第二认证挑战集合,其中该第二认证挑战集合基于确定单元701重新确定后的第一类认证信息和第二类认证信息生成。在具体的应用中,该终端的特定交互行为所对应的交互对象发生变化可包括:增加该终端的特定交互行为所对应的交互对象,或者删除该终端的特定交互行为所对应的交互对象,或者修改该终端的特定交互行为所对应的交互对象,等等。
可选地,认证装置700还可包括第一配置单元705。第一配置单元705用于配置该预定时间、该预定范围以及对该终端的用户进行认证所需要识别的第一类认证信息的条数N。此时,认证单元704具体用于:如果该识别结果中该终端的用户识别的该第一类认证信息的条数不小于N条,则确定对该终端的用户的认证通过,或者,如果该识别结果中该终端的用户识别的该第一类认证信息的条数小于N条,则确定对该终端的用户的认证不通过。
具体地,第一配置单元705可用于通过配置该预定时间、该预定范围以及该对该终端的用户进行认证所需要识别的第一类认证信息的条数调整对该终端的用户的认证的安全强度。其中,如果该预定时间和该预定范围越大,则该第一类认证信息的集合越大,对该终端的用户的认证的安全强度越大;如果对该终端的用户进行认证所需要识别的第一类认证信息的条数越大,则通过对该终端的用户的认证时所需要的该识别结果中该第一类认证信息的识别正确率越大,对该终端的用户的认证的安全强度越大。
可选地,认证装置700还可包括第二配置单元706。第二配置单元706用于配置该终端的排除认证信息集合,其中该排除认证信息集合中的认证信息不允许作为该第一类认证信息。在用于确定该终端的至少一个第一类认证信息的过程中,确定单元701具体用于确定该终端的特定交互行为所对应的交互对象的特定属性信息中在预定时间内发生频度为预定范围且不属于该 排除认证集合的特定属性信息为该第一类认证信息。
可选地,认证装置700还可包括生成单元707。生成单元707用于根据该终端的该第一类认证信息和该第二类认证信息生成该认证集合,以便向该终端的用户呈现该认证集合。
具体的,在实际的应用中,认证装置的各个组成单元中,可以是几个单元合成一个实现模块,也可以是一个单元由几个实现模块一起实现。例如,确认单元701可包括监控跟踪模块、交互对象计算模块和虚假交互对象生成模块。其中,监控跟踪模块用于监控与交互对象之间的交互行为,交互对象计算模块用于计算出第一类交互对象,以及第二类交互对象中的干扰项,虚假交互对象生成模块用于生成第二类交互对象中的混淆项。认证呈现单元702、接收单元703和认证单元704可以由一个认证交互模块实现,或者认证呈现单元702和接收单元703可以由一个输入输出模块实现,比如触摸屏。第一配置单元705和第二配置单元706,可由一个配置模块实现。当然,认证装置还可能存在其它的具体实现方式,本发明实施例在此不作限制。
另外,认证装置700还可执行图1的方法,并实现认证装置在图1至图6所示实施例的功能,具体可参考图1至图6所示的实施例,本发明在此不再赘述。
图8是本发明实施例终端800的结构示意图。终端800可包括通信接口801,处理器802和存储器803。
通信接口801、处理器802和存储器803通过总线803系统相互连接。总线804可以是ISA总线、PCI总线或EISA总线等。所述总线可以分为地址总线、数据总线、控制总线等。为便于表示,图8中仅用一个双向箭头表示,但并不表示仅有一根总线或一种类型的总线。
存储器803,用于存放程序。具体地,程序可以包括程序代码,所述程序代码包括计算机操作指令。存储器803可以包括只读存储器和随机存取存储器,并向处理器802提供指令和数据。存储器803可能包含高速RAM存储器,也可能还包括非易失性存储器(non-volatile memory),例如至少一个磁盘存储器。
处理器802,用于调用存储器803所存放的程序,并具体用于执行以下操作:
确定终端800的至少一个第一类认证信息和至少一个第二类认证信息, 并通过通信接口801在显示设备805中向终端800的用户呈现第一认证挑战集合,其中,该第一类认证信息包括终端800的特定交互行为所对应的交互对象的特定属性信息中在预定时间内发生频度为预定范围的特定属性信息,该特定属性信息为该交互对象的一种属性信息或多种属性信息的组合,该第二类认证信息用于干扰终端800的用户选择该第一类认证信息,该第一认证挑战集合包括至少一个该第一类认证信息和至少一个该第二类认证信息;
通过通信接口801从输入设备806中接收终端800的用户对该第一认证挑战集合中的该第一类认证信息和该第二类认证信息的识别结果,并根据该识别结果中该第一类认证信息的识别正确率确定认证结果。
应理解,特定交互行为,是指认证过程中用于判定发生频度的交互行为。特定交互行为所对应的交互对象,是指采集第一类认证信息的来源,该交互对象的特定属性信息可用于构成第一类认证信息。
通信接口801,用于实现处理器802与显示设备805、输入设备806之间的数据通信。
显示设备805,用于向终端800的用户呈现该第一认证挑战集合。
所述输入设备,用于输入终端800的用户对该第一认证挑战集合中的该第一类认证信息和该第二类认证信息的识别结果。
应理解,该特定属性信息为该交互对象的一种属性信息或多种属性信息的组合,可例如唯一标识、名称、图片,或者名称+图片,等等。
应理解,不同交互对象的特定属性信息可能相同。例如,同一个专辑的音频文件中,其专辑名称相同。又例如,几本不同电子书的作者,可能为同一个作者,等等。在确认第一类认证信息时,是以特定交互行为所对应的交互对象的特定属性信息的发生频率来确定的。
应理解,该第二类认证信息可包括以下至少一种:终端800的特定交互行为所对应的交互对象的特定属性信息中在预定时间内发生频度为预定范围以外的特定属性信息;不属于终端800的特定交互行为所对应的交互对象的特定属性信息中的特定属性信息。
可选地,终端的特定交互行为是终端在认证过程中指定的交互行为。终端的特定交互行为可以有多种表现形式,相应的,该第一类认证信息和该第二类认证信息也可以有多种表现形式。例如,终端的特定交互行为可包括该终端访问该终端的联系人的行为,该第一类认证信息和该第二类认证信息为 联系人的特定属性信息;或者,终端的特定交互行为可包括该终端访问该终端的音视频文件的行为,该第一类认证信息和该第二类认证信息为音视频文件的特定属性信息;或者,终端的特定交互行为可包括该终端访问该终端的应用的行为,该第一类认证信息和该第二类认证信息为应用的特定属性信息;或者,终端的特定交互行为可包括该终端访问网站的行为,该第一类认证信息和该第二类认证信息为网站的特定属性信息;或者,终端的特定交互行为可包括该终端访问该终端的图片的行为,该第一类认证信息和该第二类认证信息为图片的特定属性信息;或者,终端的特定交互行为可包括该终端访问该终端的电子书的行为,该第一类认证信息和该第二类认证信息为电子书的特定属性信息;或者,终端的特定交互行为可包括该终端与该终端外设备通信的行为,该第一类认证信息和该第二类认证信息为该终端与该终端外设备通信时所处的地理区域的信息。本发明实施例的一种具体实现方式,当第一类认证信息为联系人的特定属性信息时,该联系人信息具体可以是联系人的照片、联系人的姓名、联系人的联系电话,或者联系人的姓名+图片等等。本发明实施例的另一种具体实现方式,当第一类认证信息为音频文件信息时,该音频文件信息可以是音频文件的名称、音频文件的专辑名称或者是音频文件的演奏者,等等。
可选地,终端800可以有多种具体实现形式,例如,智能手机、平板电脑、个人计算机、服务器或工作站。当然,终端800还可以是其它具备认证功能的设备,本发明实施例在此不作限制。
可选地,显示设备805和输入设备806在终端800中可以合成一个设备,例如,触摸屏等。
或者,可选地,显示设备805和输入设备806在终端800为不同的设备,显示设备805为显示器、显示屏等显示设备,输入设备806为鼠标,键盘等输入设备。
应理解,该第一类认证信息包括终端800的特定交互行为所对应的交互对象的特定属性信息中在预定时间内发生频度为预定范围的特定属性信息,其中发生频度为预定范围,该范围可以是一个绝对频度范围,也可以是一个相对频度范围,例如该预定范围为终端800的特定交互行为所对应的交互对象的特定属性信息中在预定时间内发生次数在预定次数以上的范围,或者终端800的特定交互行为所对应的交互对象的特定属性信息中在预定时间内发 生次数在总发生次数的预定比例以上的范围,或者终端的特定交互行为所对应的交互对象的特定属性信息中在预定时间内发生次数排名在预定名次以内的范围,或者终端800的特定交互行为所对应的交互对象的特定属性信息中在预定时间内发生次数排名在预定比例以内的范围。例如,该第一类认证信息可以是3天内通话次数在5次以上的联系人的姓名,或者是2天内电子书阅读次数占两天内总阅读10%以上的电子书名称,或者是5天内播放排名前3位的音乐专辑,或者是12小时内访问网站频率在前5%的网站,等等。
应理解,该预定时间、预定范围都是可配置的。例如,可将该预定时间配置为12小时,1天,2天,3天乃至1月,等等,本发明实施例对此不作限制。又例如,可将该预定范围配置为发生频度在1次以上,5次以上,或者是所有发生频度的前5名,前5%,等等。
可选地,该第一类认证信息还包括终端800的用户在终端800中所指定的交互对象的特定属性信息,以便减少终端800的用户对该第一类认证信息的记忆代价。
上述如本发明图1至图6任一实施例揭示的认证装置执行的方法可以应用于处理器802中,或者由处理器802实现。处理器802可能是一种集成电路芯片,具有信号的处理能力。在实现过程中,上述方法的各步骤可以通过处理器802中的硬件的集成逻辑电路或者软件形式的指令完成。上述的处理器802可以是通用处理器,包括中央处理器(Central Processing Unit,简称CPU)、网络处理器(Network Processor,简称NP)等;还可以是数字信号处理器(DSP)、专用集成电路(ASIC)、现成可编程门阵列(FPGA)或者其他可编程逻辑器件、分立门或者晶体管逻辑器件、分立硬件组件。可以实现或者执行本发明实施例中的公开的各方法、步骤及逻辑框图。通用处理器可以是微处理器或者该处理器也可以是任何常规的处理器等。结合本发明实施例所公开的方法的步骤可以直接体现为硬件译码处理器执行完成,或者用译码处理器中的硬件及软件模块组合执行完成。软件模块可以位于随机存储器,闪存、只读存储器,可编程只读存储器或者电可擦写可编程存储器、寄存器等本领域成熟的存储介质中。该存储介质位于存储器803,处理器802读取存储器803中的信息,结合其硬件完成上述方法的步骤。
本发明实施例中,终端800通过使用终端中预定时间内预定发生频率的交互对象的信息动态地生成认证信息以对用户进行认证,由于最近最频繁使 用的特定交互对象的信息属于用户记忆期内的信息,可以降低用户记忆的代价,同时每次出现的认证信息都不固定,又可以避免因为不慎被偷窥而导致认证信息被窃取,因而终端800在减少用户对认证信息的记忆代价的同时,还具备一定的抗偷窥能力。
另外,由于终端800可以基于访问频率动态地生成认证信息以对用户进行认证,还可以提高用户的使用体验。
可选地,在处理器802通过通信接口801从输入设备806中接收终端800的用户对该第一认证挑战集合中的该第一类认证信息和该第二类认证信息的识别结果之前,如果终端800的特定交互行为所对应的交互对象发生变化,或者终端800产生新的该特定交互行为,则处理器802还用于重新确定终端800的第一类认证信息和第二类认证信息,以便通过通信接口801在显示设备805中向终端800的用户呈现第二认证挑战集合,其中该第二认证挑战集合基于处理器802重新确定后的第一类认证信息和第二类认证信息生成。在具体的应用中,终端800的特定交互行为所对应的交互对象发生变化可包括:增加终端800的特定交互行为所对应的交互对象,或者删除终端800的特定交互行为所对应的交互对象,或者修改终端800的特定交互行为所对应的交互对象,等等。
可选地,处理器802还可用于配置该预定时间、该预定范围以及对终端800的用户进行认证所需要识别的第一类认证信息的条数N。此时,在用于根据该识别结果中该第一类认证信息的识别正确率确定认证结果的过程中,处理器802具体可用于:如果该识别结果中终端800的用户识别的该第一类认证信息的条数不小于N条,则确定对终端800的用户的认证通过,或者,如果该识别结果中终端800的用户识别的该第一类认证信息的条数小于N条,则确定对终端800的用户的认证不通过。
具体地,处理器800可通过配置该预定时间、该预定范围以及该对终端800的用户进行认证所需要识别的第一类认证信息的条数调整对终端800的用户的认证的安全强度。其中,如果该预定时间和该预定范围越大,则该第一类认证信息的集合越大,对终端800的用户的认证的安全强度越大;如果对终端800的用户进行认证所需要识别的第一类认证信息的条数N越大,则通过对终端800的用户的认证时所需要的该识别结果中该第一类认证信息的识别正确率越大,对终端800的用户的认证的安全强度越大。
可选地,处理器802还可用于配置终端800的排除认证信息集合,其中该排除认证信息集合中的认证信息不允许作为该第一类认证信息。在用于确定终端800的第一类认证信息的过程中,处理器802具体用于确定终端800的特定交互行为所对应的交互对象的特定属性信息中在预定时间内发生频度为预定范围且不属于该排除认证集合的特定属性信息为该第一类认证信息。
可选地,处理器802还可用于根据该终端800的该第一类交互对象的信息和该第二类交互对象的信息生成该认证集合。
另外,终端800还可执行图1的方法,并实现认证装置在图1至图6所示实施例的功能,具体可参考图1至图6所示的实施例,本发明在此不再赘述。
本领域普通技术人员可以意识到,结合本文中所公开的实施例描述的各示例的单元及算法步骤,能够以电子硬件、或者计算机软件和电子硬件的结合来实现。这些功能究竟以硬件还是软件方式来执行,取决于技术方案的特定应用和设计约束条件。专业技术人员可以对每个特定的应用来使用不同方法来实现所描述的功能,但是这种实现不应认为超出本发明的范围。
所属领域的技术人员可以清楚地了解到,为描述的方便和简洁,上述描述的系统、装置和单元的具体工作过程,可以参考前述方法实施例中的对应过程,在此不再赘述。
在本申请所提供的几个实施例中,应该理解到,所揭露的系统、装置和方法,可以通过其它的方式实现。例如,以上所描述的装置实施例仅仅是示意性的,例如,所述单元的划分,仅仅为一种逻辑功能划分,实际实现时可以有另外的划分方式,例如多个单元或组件可以结合或者可以集成到另一个系统,或一些特征可以忽略,或不执行。另一点,所显示或讨论的相互之间的耦合或直接耦合或通信连接可以是通过一些接口,装置或单元的间接耦合或通信连接,可以是电性,机械或其它的形式。
所述作为分离部件说明的单元可以是或者也可以不是物理上分开的,作为单元显示的部件可以是或者也可以不是物理单元,即可以位于一个地方,或者也可以分布到多个网络单元上。可以根据实际的需要选择其中的部分或者全部单元来实现本实施例方案的目的。
另外,在本发明各个实施例中的各功能单元可以集成在一个处理单元 中,也可以是各个单元单独物理存在,也可以两个或两个以上单元集成在一个单元中。
所述功能如果以软件功能单元的形式实现并作为独立的产品销售或使用时,可以存储在一个计算机可读取存储介质中。基于这样的理解,本发明的技术方案本质上或者说对现有技术做出贡献的部分或者该技术方案的部分可以以软件产品的形式体现出来,该计算机软件产品存储在一个存储介质中,包括若干指令用以使得一台计算机设备(可以是个人计算机,服务器,或者网络设备等)执行本发明各个实施例所述方法的全部或部分步骤。而前述的存储介质包括:U盘、移动硬盘、只读存储器(ROM,Read-Only Memory)、随机存取存储器(RAM,Random Access Memory)、磁碟或者光盘等各种可以存储程序代码的介质。
以上所述,仅为本发明的具体实施方式,但本发明的保护范围并不局限于此,任何熟悉本技术领域的技术人员在本发明揭露的技术范围内,可轻易想到变化或替换,都应涵盖在本发明的保护范围之内。因此,本发明的保护范围应所述以权利要求的保护范围为准。

Claims (37)

  1. 一种用户认证方法,其特征在于,包括:
    确定终端的第一类认证信息和第二类认证信息,其中,所述第一类认证信息包括该终端的特定交互行为所对应的交互对象的特定属性信息中在预定时间内发生频度为预定范围的特定属性信息,所述特定属性信息为所述交互对象的一种属性信息或多种属性信息的组合,所述第二类认证信息用于干扰所述终端的用户选择所述第一类认证信息;
    向所述终端的用户呈现第一认证挑战集合,其中,所述第一认证挑战集合包括至少一个所述第一类认证信息和至少一个所述第二类认证信息;
    接收所述终端的用户对所述第一认证挑战集合中的所述第一类认证信息和所述第二类认证信息的识别结果;
    根据所述识别结果中所述第一类认证信息的识别正确率确定认证结果。
  2. 如权利要求1所述的方法,其特征在于,所述第二类认证信息包括以下至少一种:
    所述终端的特定交互行为所对应的交互对象的特定属性信息中在预定时间内发生频度为预定范围以外的特定属性信息;
    不属于所述终端的特定交互行为所对应的交互对象的特定属性信息中的特定属性信息。
  3. 如权利要求1或2所述的方法,其特征在于,所述第一类认证信息还包括所述终端的用户在所述终端中所指定的交互对象的特定属性信息,以便减少所述终端的用户对所述第一类认证信息的记忆代价。
  4. 如权利要求1至3任一项所述的方法,其特征在于,在所述接收所述终端的用户对所述第一认证挑战集合中的所述第一类认证信息和所述第二类认证信息的识别结果之前,还包括:
    如果所述终端的特定交互行为所对应的交互对象发生变化,或者所述终端产生新的所述特定交互行为,则重新确定所述终端的第一类认证信息和第二类认证信息,并向所述终端的用户呈现第二认证挑战集合,其中所述第二认证挑战集合基于重新确定后的第一类认证信息和第二类认证信息生成。
  5. 如权利要求4所述的方法,其特征在于,所述终端的特定交互行为所对应的交互对象发生变化包括:增加所述终端的特定交互行为所对应的交 互对象,或者删除所述终端的特定交互行为所对应的交互对象,或者修改所述终端的特定交互行为所对应的交互对象。
  6. 如权利要求1至5任一项所述的方法,其特征在于,
    所述终端的特定交互行为包括所述终端访问所述终端的联系人的行为,所述第一类认证信息和所述第二类认证信息为联系人的特定属性信息;或者
    所述终端的特定交互行为包括所述终端访问所述终端的音视频文件的行为,所述第一类认证信息和所述第二类认证信息为音视频文件的特定属性信息;或者
    所述终端的特定交互行为包括所述终端访问所述终端的应用的行为,所述第一类认证信息和所述第二类认证信息为应用的特定属性信息;或者
    所述终端的特定交互行为包括所述终端访问网站的行为,所述第一类认证信息和所述第二类认证信息为网站的特定属性信息;或者
    所述终端的特定交互行为包括所述终端访问所述终端的图片的行为,所述第一类认证信息和所述第二类认证信息为图片的特定属性信息;或者
    所述终端的特定交互行为包括所述终端访问所述终端的电子书的行为,所述第一类认证信息和所述第二类认证信息为电子书的特定属性信息;或者
    所述终端的特定交互行为包括所述终端与所述终端外设备通信的行为,所述第一类认证信息和所述第二类认证信息为所述终端与所述终端外设备通信时所处的地理区域的信息。
  7. 如权利要求1至6任一项所述的方法,其特征在于,
    在所述确定终端的第一类认证信息和第二类认证信息之前,还包括:
    配置所述预定时间、所述预定范围以及对所述终端的用户进行认证所需要识别的第一类认证信息的条数N;
    所述根据所述识别结果中所述第一类认证信息的识别正确率确定认证结果包括:
    如果所述识别结果中所述终端的用户识别的所述第一类认证信息的条数不小于N条,则确定对所述终端的用户的认证通过;或者
    如果所述识别结果中所述终端的用户识别的所述第一类认证信息的条数小于N条,则确定对所述终端的用户的认证不通过。
  8. 如权利要求7所述的方法,其特征在于,
    所述预定时间和所述预定范围越大,则所述第一类认证信息的集合越 大,所述对所述终端的用户的认证的安全强度越大;
    所述对所述终端的用户进行认证所需要识别的第一类认证信息的条数N越大,则通过对所述终端的用户的认证时所需要的所述识别结果中所述第一类认证信息的识别正确率越大,所述对所述终端的用户的认证的安全强度越大。
  9. 如权利要求1至8任一项所述的方法,其特征在于,
    所述预定范围为所述终端的特定交互行为所对应的交互对象的特定属性信息中在预定时间内发生次数在预定次数以上的范围,或者所述终端的特定交互行为所对应的交互对象的特定属性信息中在预定时间内发生次数在总发生次数的预定比例以上的范围,或者终端的特定交互行为所对应的交互对象的特定属性信息中在预定时间内发生次数排名在预定名次以内的范围,或者所述终端的特定交互行为所对应的交互对象的特定属性信息中在预定时间内发生次数排名在预定比例以内的范围。
  10. 如权利要求1至9任一项所述的方法,其特征在于,在所述确定终端的第一类认证信息之前,还包括:配置所述终端的排除认证信息集合,其中所述排除认证信息集合中的认证信息不允许作为所述第一类认证信息;
    所述确定所述终端的第一类认证信息包括:确定所述终端的特定交互行为所对应的交互对象的特定属性信息中在预定时间内发生频度为预定范围且不属于所述排除认证集合的特定属性信息为所述第一类认证信息。
  11. 如权利要求1至10任一项所述的方法,其特征在于,在向所述终端的用户呈现第一认证挑战集合之前,还包括:
    根据所述终端的所述第一类认证信息和所述第二类认证信息生成所述第一认证挑战集合,以便向所述终端的用户呈现所述认证挑战集合。
  12. 如权利要求1至11任一项所述的方法,其特征在于,所述终端包括智能手机、平板电脑、个人计算机、服务器或工作站。
  13. 一种认证装置,其特征在于,包括:
    确认单元,用于确定所述装置所在的终端的第一类认证信息和第二类认证信息,其中,所述第一类认证信息包括该终端的特定交互行为所对应的交互对象的特定属性信息中在预定时间内发生频度为预定范围的特定属性信息,所述特定属性信息为所述交互对象的一种属性信息或多种属性信息的组合,所述第二类认证信息用于干扰所述终端的用户选择所述第一类认证信 息;
    认证呈现单元,用于向所述终端的用户呈现第一认证挑战集合,其中,所述第一认证挑战集合包括至少一个所述第一类认证信息和至少一个所述第二类认证信息;
    接收单元,用于接收所述终端的用户对所述第一认证挑战集合中的所述第一类认证信息和所述第二类认证信息的识别结果;
    认证单元,用于根据所述识别结果中所述第一类认证信息的识别正确率确定认证结果。
  14. 如权利要求13所述的装置,其特征在于,所述第二类认证信息包括以下至少一种:
    所述终端的特定交互行为所对应的交互对象的特定属性信息中在预定时间内发生频度为预定范围以外的特定属性信息;
    不属于所述终端的特定交互行为所对应的交互对象的特定属性信息中的特定属性信息。
  15. 如权利要求13或14所述的装置,其特征在于,所述第一类认证信息还包括所述终端的用户在所述终端中所指定的交互对象的特定属性信息,以便减少所述终端的用户对所述第一类认证信息的记忆代价。
  16. 如权利要求13至15任一项所述的装置,其特征在于,
    在所述接收单元接收所述终端的用户对所述第一认证挑战集合中的所述第一类认证信息和所述第二类认证信息的识别结果之前,如果所述终端的特定交互行为所对应的交互对象发生变化,或者所述终端产生新的所述特定交互行为,则
    所述确认单元还用于重新确定所述终端的第一类认证信息和第二类认证信息,以便所述认证呈现单元向所述终端的用户呈现第二认证挑战集合,所述第二认证挑战集合基于所述确定单元重新确定后的第一类认证信息和第二类认证信息生成。
  17. 如权利要求16所述的装置,其特征在于,所述终端的特定交互行为所对应的交互对象发生变化包括:增加所述终端的特定交互行为所对应的交互对象,或者删除所述终端的特定交互行为所对应的交互对象,或者修改所述终端的特定交互行为所对应的交互对象。
  18. 如权利要求13至17任一项所述的装置,其特征在于,
    所述终端的特定交互行为包括所述终端访问所述终端的联系人的行为,所述第一类认证信息和所述第二类认证信息为联系人的特定属性信息;或者
    所述终端的特定交互行为包括所述终端访问所述终端的音视频文件的行为,所述第一类认证信息和所述第二类认证信息为音视频文件的特定属性信息;或者
    所述终端的特定交互行为包括所述终端访问所述终端的应用的行为,所述第一类认证信息和所述第二类认证信息为应用的特定属性信息;或者
    所述终端的特定交互行为包括所述终端访问网站的行为,所述第一类认证信息和所述第二类认证信息为网站的特定属性信息;或者
    所述终端的特定交互行为包括所述终端访问所述终端的图片的行为,所述第一类认证信息和所述第二类认证信息为图片的特定属性信息;或者
    所述终端的特定交互行为包括所述终端访问所述终端的电子书的行为,所述第一类认证信息和所述第二类认证信息为电子书的特定属性信息;或者
    所述终端的特定交互行为包括所述终端与所述终端外设备通信的行为,所述第一类认证信息和所述第二类认证信息为所述终端与所述终端外设备通信时所处的地理区域的信息。
  19. 如权利要求13至18任一项所述的装置,其特征在于,
    所述装置还包括第一配置单元,所述第一配置单元用于:配置所述预定时间、所述预定范围以及对所述终端的用户进行认证所需要识别的第一类认证信息的条数N;
    所述认证单元具体用于:如果所述识别结果中所述终端的用户识别的所述第一类认证信息的条数不小于N条,则确定对所述终端的用户的认证通过,或者,如果所述识别结果中所述终端的用户识别的所述第一类认证信息的条数小于N条,则确定对所述终端的用户的认证不通过。
  20. 如权利要求19所述的装置,其特征在于,
    所述预定时间和所述预定范围越大,则所述第一类认证信息的集合越大,所述对所述终端的用户的认证的安全强度越大;
    所述对所述终端的用户进行认证所需要识别的第一类认证信息的条数N越大,则通过对所述终端的用户的认证时所需要的所述识别结果中所述第一类认证信息的识别正确率越大,所述对所述终端的用户的认证的安全强度越大。
  21. 如权利要求13至20任一项所述的装置,其特征在于,所述预定范围为所述终端的特定交互行为所对应的交互对象的特定属性信息中在预定时间内发生次数在预定次数以上的范围,或者所述终端的特定交互行为所对应的交互对象的特定属性信息中在预定时间内发生次数在总发生次数的预定比例以上的范围,或者终端的特定交互行为所对应的交互对象的特定属性信息中在预定时间内发生次数排名在预定名次以内的范围,或者所述终端的特定交互行为所对应的交互对象的特定属性信息中在预定时间内发生次数排名在预定比例以内的范围。
  22. 如权利要求13至21任一项所述的装置,其特征在于,所述装置还包括第二配置单元,所述第二配置单元用于配置所述终端的排除认证信息集合,其中所述排除认证信息集合中的认证信息不允许作为所述第一类认证信息;
    在用于确定所述终端的第一类认证信息的过程中,所述确定单元具体用于确定所述终端的特定交互行为所对应的交互对象的特定属性信息中在预定时间内发生频度为预定范围且不属于所述排除认证集合的特定属性信息为所述第一类认证信息。
  23. 如权利要求13至22任一项所述的装置,其特征在于,所述装置还包括生成单元,所述生成单元用于:根据所述终端的所述第一类认证信息和所述第二类认证信息生成所述第一认证挑战集合,以便向所述终端的用户呈现所述第一认证挑战集合。
  24. 如权利要求13至23任一项所述的装置,其特征在于,所述终端包括智能手机、平板电脑、个人计算机、服务器或工作站。
  25. 一种终端,其特征在于,包括处理器、存储器、通信接口、显示设备和输入设备,所述处理器与所述存储器相连,且通过所述通信接口连接到所述显示设备和所述输入设备,所述存储器中存储一组程序代码,且所述处理器用于调用所述存储器中存储的程序代码,用于执行以下操作:
    确定所述终端的第一类认证信息和第二类认证信息,并通过所述通信接口在所述显示设备上向所述终端的用户呈现第一认证挑战集合,其中,所述第一类认证信息包括所述终端的特定交互行为所对应的交互对象的特定属性信息中在预定时间内发生频度为预定范围的特定属性信息,所述特定属性信息为所述交互对象的一种属性信息或多种属性信息的组合,所述第二类认 证信息用于干扰所述终端的用户选择所述第一类认证信息,所述第一认证挑战集合包括至少一个所述第一类认证信息和至少一个所述第二类认证信息;
    通过所述通信接口从所述输入设备中接收所述终端的用户对所述第一认证挑战集合中的所述第一类认证信息和所述第二类认证信息的识别结果,并根据所述识别结果中所述第一类认证信息的识别正确率确定认证结果;
    所述显示设备,用于向所述终端的用户呈现所述第一认证挑战集合;
    所述输入设备,用于输入所述终端的用户对所述第一认证挑战集合中的所述第一类认证信息和所述第二类认证信息的识别结果。
  26. 如权利要求25所述的终端,其特征在于,所述第二类认证信息包括以下至少一种:
    所述终端的特定交互行为所对应的交互对象的特定属性信息中在预定时间内发生频度为预定范围以外的特定属性信息;
    不属于所述终端的特定交互行为所对应的交互对象的特定属性信息中的特定属性信息。
  27. 如权利要求25或26所述的终端,其特征在于,所述第一类认证信息还包括所述终端的用户在所述终端中所指定的交互对象的特定属性信息,以便减少所述终端的用户对所述第一类认证信息的记忆代价。
  28. 如权利要求25至27任一项所述的终端,其特征在于,
    在所述处理器通过所述通信接口从所述输入设备中接收所述终端的用户对所述第一认证挑战集合中的所述第一类认证信息和所述第二类认证信息的识别结果之前,如果所述终端的特定交互行为所对应的交互对象发生变化,或者所述终端产生新的所述特定交互行为,则
    所述处理器还用于重新确定所述终端的第一类认证信息和第二类认证信息,以便通过所述通信接口在所述显示设备中向所述终端的用户呈现第二认证挑战集合,所述第二认证挑战集合基于所述确定单元重新确定后的第一类认证信息和第二类认证信息生成。
  29. 如权利要求28所述的终端,其特征在于,所述终端的特定交互行为所对应的交互对象发生变化包括:增加所述终端的特定交互行为所对应的交互对象,或者删除所述终端的特定交互行为所对应的交互对象,或者修改所述终端的特定交互行为所对应的交互对象。
  30. 如权利要求25至29任一项所述的终端,其特征在于,
    所述终端的特定交互行为包括所述终端访问所述终端的联系人的行为,所述第一类认证信息和所述第二类认证信息为联系人的特定属性信息;或者
    所述终端的特定交互行为包括所述终端访问所述终端的音视频文件的行为,所述第一类认证信息和所述第二类认证信息为音视频文件的特定属性信息;或者
    所述终端的特定交互行为包括所述终端访问所述终端的应用的行为,所述第一类认证信息和所述第二类认证信息为应用的特定属性信息;或者
    所述终端的特定交互行为包括所述终端访问网站的行为,所述第一类认证信息和所述第二类认证信息为网站的特定属性信息;或者
    所述终端的特定交互行为包括所述终端访问所述终端的图片的行为,所述第一类认证信息和所述第二类认证信息为图片的特定属性信息;或者
    所述终端的特定交互行为包括所述终端访问所述终端的电子书的行为,所述第一类认证信息和所述第二类认证信息为电子书的特定属性信息;或者
    所述终端的特定交互行为包括所述终端与所述终端外设备通信的行为,所述第一类认证信息和所述第二类认证信息为所述终端与所述终端外设备通信时所处的地理区域的信息。
  31. 如权利要求25至30任一项所述的终端,其特征在于,
    所述处理器还用于配置所述预定时间、所述预定范围以及对所述终端的用户进行认证所需要识别的第一类认证信息的条数N;
    在用于根据所述识别结果中所述第一类认证信息的识别正确率确定认证结果的过程中,所述处理器具体用于:如果所述识别结果中所述终端的用户识别的所述第一类认证信息的条数不小于N条,则确定对所述终端的用户的认证通过,或者,如果所述识别结果中所述终端的用户识别的所述第一类认证信息的条数小于N条,则确定对所述终端的用户的认证不通过。
  32. 如权利要求31所述的终端,其特征在于,
    所述预定时间和所述预定范围越大,则所述第一类认证信息的集合越大,所述对所述终端的用户的认证的安全强度越大;
    所述对所述终端的用户进行认证所需要识别的第一类认证信息的条数N越大,则通过对所述终端的用户的认证时所需要的所述识别结果中所述第一类认证信息的识别正确率越大,所述对所述终端的用户的认证的安全强度越大。
  33. 如权利要求25至32任一项所述的终端,其特征在于,所述预定范围为所述终端的特定交互行为所对应的交互对象的特定属性信息中在预定时间内发生次数在预定次数以上的范围,或者所述终端的特定交互行为所对应的交互对象的特定属性信息中在预定时间内发生次数在总发生次数的预定比例以上的范围,或者终端的特定交互行为所对应的交互对象的特定属性信息中在预定时间内发生次数排名在预定名次以内的范围,或者所述终端的特定交互行为所对应的交互对象的特定属性信息中在预定时间内发生次数排名在预定比例以内的范围。
  34. 如权利要求25至33任一项所述的终端,其特征在于,所述处理器还用于配置所述终端的排除认证信息集合,其中所述排除认证信息集合中的认证信息不允许作为所述第一类认证信息;
    在用于确定所述终端的第一类认证信息的过程中,所述处理器具体用于确定所述终端的特定交互行为所对应的交互对象的特定属性信息中在预定时间内发生频度为预定范围且不属于所述排除认证集合的特定属性信息为所述第一类认证信息。
  35. 如权利要求25至34任一项所述的终端,其特征在于,所述处理器还用于根据所述终端的所述第一类认证信息和所述第二类认证信息生成所述第一认证挑战集合,以便向所述终端的用户呈现所述第一认证挑战集合。
  36. 如权利要求25至35任一项所述的终端,其特征在于,所述终端包括智能手机、平板电脑、个人计算机、服务器或工作站。
  37. 如权利要求25至36任一项所述的终端,其特征在于,
    所述显示设备和所述输入设备为所述终端中同时具备显示和输入功能的同一设备;或者
    所述显示设备和所述输入设备为所述终端中不同的设备。
PCT/CN2014/093910 2014-04-17 2014-12-16 用户认证方法、认证装置和终端 WO2015158148A1 (zh)

Priority Applications (5)

Application Number Priority Date Filing Date Title
EP17210729.4A EP3361671A1 (en) 2014-04-17 2014-12-16 User authentication method, authentication apparatus, and terminal
EP14886670.0A EP2963856B1 (en) 2014-04-17 2014-12-16 User authentication method and device and terminal
JP2016528350A JP6137658B2 (ja) 2014-04-17 2014-12-16 ユーザ認証方法、認証装置、および端末
KR1020157034386A KR101808215B1 (ko) 2014-04-17 2014-12-16 사용자 인증 방법, 인증 장치, 및 단말기
US14/885,381 US10089450B2 (en) 2014-04-17 2015-10-16 User authentication method, authentication apparatus, and terminal

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201410153707.6 2014-04-17
CN201410153707.6A CN105099674B (zh) 2014-04-17 2014-04-17 用户认证方法、认证装置和终端

Related Child Applications (1)

Application Number Title Priority Date Filing Date
US14/885,381 Continuation US10089450B2 (en) 2014-04-17 2015-10-16 User authentication method, authentication apparatus, and terminal

Publications (1)

Publication Number Publication Date
WO2015158148A1 true WO2015158148A1 (zh) 2015-10-22

Family

ID=54323459

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2014/093910 WO2015158148A1 (zh) 2014-04-17 2014-12-16 用户认证方法、认证装置和终端

Country Status (6)

Country Link
US (1) US10089450B2 (zh)
EP (2) EP3361671A1 (zh)
JP (1) JP6137658B2 (zh)
KR (1) KR101808215B1 (zh)
CN (1) CN105099674B (zh)
WO (1) WO2015158148A1 (zh)

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10223549B2 (en) * 2015-01-21 2019-03-05 Onion ID Inc. Techniques for facilitating secure, credential-free user access to resources
US9935927B2 (en) * 2015-10-16 2018-04-03 Quanta Computer Inc. System and method for low energy double authentication between mobile device and server nodes
EP3200112B1 (en) * 2016-02-01 2020-04-29 Tata Consultancy Services Limited Usage based authentication system
FR3062501B1 (fr) * 2017-02-02 2019-03-15 Idemia France Procede pour la securite d'une operation electronique
CN109067791B (zh) * 2018-09-25 2020-05-12 阿里巴巴集团控股有限公司 网络中用户身份认证方法和装置

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101110667A (zh) * 2006-07-19 2008-01-23 华为技术有限公司 用户认证方法和用户认证系统
US20130091559A1 (en) * 2011-10-06 2013-04-11 Sap Ag Computer-Implemented Method for Mobile Authentication and Corresponding Computer System
CN103455965A (zh) * 2012-05-30 2013-12-18 北京小米科技有限责任公司 一种基于验证图片的验证方法、装置及服务器

Family Cites Families (20)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1658593B1 (en) 2003-08-29 2008-12-24 Nokia Corporation Method and device for customized picture-based user identification and authentication
WO2006072978A1 (ja) * 2005-01-05 2006-07-13 Fujitsu Limited 携帯情報処理装置を用いた情報処理端末における認証システム
JP2008059182A (ja) * 2006-08-30 2008-03-13 Matsushita Electric Ind Co Ltd 認証装置および認証方法
US8272033B2 (en) * 2006-12-21 2012-09-18 International Business Machines Corporation User authentication for detecting and controlling fraudulent login behavior
US9027119B2 (en) * 2007-11-19 2015-05-05 Avaya Inc. Authentication frequency and challenge type based on application usage
US8978117B2 (en) * 2007-11-19 2015-03-10 Avaya Inc. Authentication frequency and challenge type based on environmental and physiological properties
US8355698B2 (en) 2009-03-30 2013-01-15 Microsoft Corporation Unlock screen
CN102035649B (zh) * 2009-09-29 2013-08-21 国际商业机器公司 认证方法和装置
US20110283241A1 (en) 2010-05-14 2011-11-17 Google Inc. Touch Gesture Actions From A Device's Lock Screen
US9449026B2 (en) 2010-08-31 2016-09-20 Microsoft Technology Licensing, Llc Sketch-based image search
CN102487415A (zh) 2010-12-03 2012-06-06 上海晨兴希姆通电子科技有限公司 手机屏幕的解锁方法
US8346217B2 (en) * 2011-02-21 2013-01-01 Knowledge Solutions, LLC Systems, methods and apparatus for controlling access to mobile devices
JP5646403B2 (ja) * 2011-07-08 2014-12-24 日本電信電話株式会社 認証装置、認証方法及び認証プログラム
US20130036461A1 (en) 2011-08-01 2013-02-07 Apple Inc. Image-based authentication
WO2013032187A1 (en) 2011-09-01 2013-03-07 Samsung Electronics Co., Ltd. Mobile terminal for performing screen unlock based on motion and method thereof
CN102520857B (zh) 2011-12-07 2014-01-01 广东欧珀移动通信有限公司 一种手机屏幕解锁装置及其解锁方法
JP2013242661A (ja) * 2012-05-18 2013-12-05 Nakayo Telecommun Inc 使用者認証機能を有する電話装置
CN103701757B (zh) * 2012-09-27 2017-05-10 中国电信股份有限公司 业务接入的身份认证方法与系统
US9223950B2 (en) * 2013-03-05 2015-12-29 Intel Corporation Security challenge assisted password proxy
CN103516518B (zh) * 2013-07-03 2016-09-28 北京百纳威尔科技有限公司 安全验证方法和装置

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101110667A (zh) * 2006-07-19 2008-01-23 华为技术有限公司 用户认证方法和用户认证系统
US20130091559A1 (en) * 2011-10-06 2013-04-11 Sap Ag Computer-Implemented Method for Mobile Authentication and Corresponding Computer System
CN103455965A (zh) * 2012-05-30 2013-12-18 北京小米科技有限责任公司 一种基于验证图片的验证方法、装置及服务器

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See also references of EP2963856A4 *

Also Published As

Publication number Publication date
EP2963856A4 (en) 2016-05-04
JP6137658B2 (ja) 2017-05-31
CN105099674A (zh) 2015-11-25
US10089450B2 (en) 2018-10-02
CN105099674B (zh) 2018-09-07
JP2016525324A (ja) 2016-08-22
KR20160005091A (ko) 2016-01-13
KR101808215B1 (ko) 2017-12-12
EP3361671A1 (en) 2018-08-15
US20160042163A1 (en) 2016-02-11
EP2963856B1 (en) 2018-03-14
EP2963856A1 (en) 2016-01-06

Similar Documents

Publication Publication Date Title
US11119627B2 (en) Information display method, device, apparatus and storage medium
EP3834115B1 (en) Automated access control policy generation for computer resources
US20210319091A1 (en) Multiple device credential sharing
CN109643357B (zh) 针对存储在存储服务处的数据的保护特征
CN107431924B (zh) 将设备标识符和用户标识符相关联的设备盗窃防护
WO2015158148A1 (zh) 用户认证方法、认证装置和终端
RU2667713C2 (ru) Селективное обеспечение соблюдения целостности кода, обеспечиваемое менеджером виртуальной машины
US20160232374A1 (en) Permission control method and apparatus
US20160261586A1 (en) Identity Authentication Method And Device And Storage Medium
US10621189B2 (en) In-application history search
JP2010049420A (ja) 情報処理装置、情報処理方法、情報処理プログラムおよび情報処理システム
CN103427990A (zh) 权限认证的方法及终端设备
CN107729765B (zh) 多媒体数据的管理方法、装置、存储介质及电子设备
JP6196740B2 (ja) ダウンロードに利用可能なアプリケーションについてユーザに知らせるためのシステム及び方法
JP5264813B2 (ja) 評価装置、評価方法及び評価プログラム
CN108228776A (zh) 数据处理方法、装置、存储介质及电子设备
US9348999B2 (en) User terminal, reliability management server, and method and program for preventing unauthorized remote operation
JP2019020794A (ja) 文書管理装置、文書管理システム及びプログラム
US20140041054A1 (en) Attestation of possession of media content items using fingerprints
EP3528151A1 (en) Method and apparatus for user authentication
CN106156646B (zh) 一种信息调用方法及电子设备
US20160357763A1 (en) Application view index and search
US10380614B1 (en) User reset voting to identify unwanted settings values in client software
CN108632366B (zh) 文件下载方法、装置及终端设备
CN107016266B (zh) 基于内容的认证

Legal Events

Date Code Title Description
WWE Wipo information: entry into national phase

Ref document number: 2014886670

Country of ref document: EP

121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 14886670

Country of ref document: EP

Kind code of ref document: A1

ENP Entry into the national phase

Ref document number: 20157034386

Country of ref document: KR

Kind code of ref document: A

ENP Entry into the national phase

Ref document number: 2016528350

Country of ref document: JP

Kind code of ref document: A

NENP Non-entry into the national phase

Ref country code: DE