WO2020125260A1 - Identity authentication method and device, storage medium, and electronic apparatus - Google Patents

Identity authentication method and device, storage medium, and electronic apparatus Download PDF

Info

Publication number
WO2020125260A1
WO2020125260A1 PCT/CN2019/116368 CN2019116368W WO2020125260A1 WO 2020125260 A1 WO2020125260 A1 WO 2020125260A1 CN 2019116368 W CN2019116368 W CN 2019116368W WO 2020125260 A1 WO2020125260 A1 WO 2020125260A1
Authority
WO
WIPO (PCT)
Prior art keywords
user
dna data
target object
similarity
permission
Prior art date
Application number
PCT/CN2019/116368
Other languages
French (fr)
Chinese (zh)
Inventor
黄晓庆
郭潮波
骆磊
Original Assignee
深圳前海达闼云端智能科技有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 深圳前海达闼云端智能科技有限公司 filed Critical 深圳前海达闼云端智能科技有限公司
Publication of WO2020125260A1 publication Critical patent/WO2020125260A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
    • GPHYSICS
    • G16INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
    • G16BBIOINFORMATICS, i.e. INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR GENETIC OR PROTEIN-RELATED DATA PROCESSING IN COMPUTATIONAL MOLECULAR BIOLOGY
    • G16B50/00ICT programming tools or database systems specially adapted for bioinformatics

Definitions

  • the present disclosure relates to the technical field of equipment security, and in particular, to an identity authentication method, device, storage medium, and electronic equipment.
  • the current fingerprint recognition or facial recognition it is easily affected by the environment, for example, the face is easily affected by the brightness of the ambient light, and the recognition rate will be significantly reduced in a low-brightness environment. In addition, it will also be affected by the angle of the face influences.
  • the current identity authentication methods still have some security problems. For example, there is a possibility of forgery for fingerprint recognition or facial recognition. Especially for fingerprint recognition, the difficulty of forgery is lower, and it is easier to forge, so the security is lower.
  • the purpose of the present disclosure is to provide an identity authentication method, device, storage medium, and electronic equipment for solving the problems that the existing identity authentication technology is easily affected by the environment and has low security.
  • an identity authentication method includes:
  • the opening of corresponding usage rights for the target object according to the user level of the first user includes:
  • the corresponding use authority is opened for the target object according to the highest authority level
  • the corresponding object is opened for the target object Use permissions.
  • the target is based on the similarity between the first DNA data and the DNA data of the highest-ranking user among all DNA data in the database.
  • the object opens corresponding usage rights, including:
  • each target DNA data and the first DNA data are obtained from the similarity between each DNA data in the database and the first DNA data Similarity, the target DNA data is the DNA data corresponding to the highest level user in the database;
  • the method further includes: when the second DNA data does not exist in all DNA data in the database, determining that the target object is the first authentication;
  • opening corresponding usage rights for the target object includes:
  • the target DNA data is the DNA data corresponding to the highest level user in the database
  • the second permission level corresponding to the second similarity interval in which the highest similarity is located in multiple similarity intervals as the permission of the target object Level, the multiple similarity intervals respectively correspond to multiple preset permission levels, and the multiple permission levels are lower than the highest permission level;
  • the corresponding use permission is opened for the target object.
  • the method further includes: dividing the value range between the first threshold and the second threshold to obtain multiple consecutive intervals as the multiple similarity intervals;
  • the opening of corresponding use rights for the target object according to the permission level of the target object includes:
  • the corresponding use permission is opened for the target object.
  • the opening of corresponding use rights for the target object according to the permission level of the target object includes:
  • the corresponding use permission is opened for the target object.
  • the opening of corresponding usage rights for the target object according to the user level of the first user includes:
  • the corresponding use permission is opened for the target object.
  • the target object corresponds to the second DNA data Of the first users, including:
  • the target object is the first user.
  • an identity authentication device including:
  • the collection module is used to obtain the first DNA data of the target object to be verified
  • a comparison module configured to compare the first DNA data with all DNA data in a database to obtain the similarity between each DNA data in the database and the first DNA data;
  • the user confirmation module is configured to determine that the target object is the second when all DNA data in the database has second DNA data whose similarity to the first DNA data is greater than or equal to a first threshold The first user corresponding to the DNA data;
  • the first authorization module is configured to open corresponding usage rights for the target object according to the user level of the first user.
  • the first authorization module is used to:
  • the corresponding use authority is opened for the target object according to the highest authority level
  • the corresponding object is opened for the target object Use permissions.
  • the first authorization module includes:
  • the first similarity recognition submodule is used to obtain each of the similarities between each DNA data in the database and the first DNA data when the first user is not the user with the highest rank
  • the similarity between the target DNA data and the first DNA data, the target DNA data is the DNA data corresponding to the highest level user in the database
  • a first similarity determination submodule configured to determine the highest similarity among the similarities between each target DNA data and the first DNA data
  • the first permission confirmation submodule is used to determine the first permission level corresponding to the first similarity interval in which the highest similarity is located in multiple similarity intervals, and the multiple similarity intervals are respectively different from the preset Corresponding to multiple permission levels, the multiple permission levels are lower than the highest permission level;
  • the first authorization submodule is configured to open corresponding usage rights for the target object according to the first authority level.
  • the device further includes:
  • a determining module configured to determine that the target object is the first authentication when the second DNA data does not exist in all DNA data in the database
  • the second authorization module is configured to open corresponding usage rights for the target object based on the similarity between the first DNA data and the DNA data of the user with the highest rank among all the DNA data in the database.
  • the second authorization module includes:
  • An identity verification submodule configured to determine that the target object is the highest level user when it is determined that the target object has the credential of the highest level user;
  • a second permission confirmation submodule configured to determine the permission level of the target object as the highest permission level
  • the second similarity recognition sub-module is used to obtain each target from the similarity between each DNA data in the database and the first DNA data when it is determined that the target object does not have the credential
  • the similarity between the DNA data and the first DNA data, and the target DNA data is the DNA data corresponding to the highest level user in the database;
  • a second similarity determination submodule configured to determine the highest similarity among the similarities between each target DNA data and the first DNA data
  • a second authorization submodule configured to determine that the target object has not passed authentication when the highest similarity is less than the second threshold
  • the second permission confirmation submodule is configured to determine, when the highest similarity is greater than or equal to a second threshold, the second similarity interval in which the highest similarity is located among multiple similarity intervals Two permission levels, which are the permission levels of the target object, the multiple similarity intervals correspond to preset multiple permission levels, and the multiple permission levels are lower than the highest permission level;
  • the second authorization sub-module is also used to open corresponding usage rights for the target object according to the permission level of the target object.
  • the device further includes:
  • An interval dividing module configured to divide the value range between the first threshold and the second threshold to obtain multiple consecutive intervals as the multiple similarity intervals
  • the correlation module is configured to correspond the multiple similarity intervals to the multiple permission levels, and the permission levels of the multiple permission levels are positively related to the value range of the multiple similarity intervals.
  • the second authorization submodule is used to:
  • the corresponding use permission is opened for the target object.
  • the second authorization submodule is used to:
  • the corresponding use permission is opened for the target object.
  • the first authorization module includes:
  • An information acquisition submodule configured to acquire the user authority indication information corresponding to the first user and stored during the first authentication of the first user;
  • a permission acquisition sub-module for acquiring the permission level of the first user according to the user permission instruction information corresponding to the first user;
  • the third authorization submodule is configured to open corresponding usage rights for the target object according to the authority level of the first user.
  • the user confirmation module includes:
  • the user determination sub-module is used to determine the first corresponding to the second DNA data when there is second DNA data whose similarity to the first DNA data is greater than or equal to a first threshold in all the DNA data user;
  • the user confirmation sub-module determines that the target object is the first user when the first biological feature matches the second biological feature.
  • a computer-readable storage medium on which a computer program is stored, and when the computer program is executed by a processor, the steps of the method of the first aspect described above are implemented.
  • an electronic device including: a memory on which a computer program is stored;
  • a processor is configured to execute the computer program in the memory to implement the steps of the method in the first aspect.
  • the first DNA data of the target object to be verified by acquiring the first DNA data of the target object to be verified; the first DNA data is compared with all the DNA data in the database to obtain each DNA data in the database and the first DNA data and Similarity; when there is second DNA data whose similarity to the first DNA data is greater than or equal to the first threshold in all DNA data in the database, determine that the target object is the first user corresponding to the second DNA data; The user level of the first user is to open corresponding usage rights for the target object.
  • identity authentication can be realized through the collected DNA data of the target object, which can reduce the influence of environmental factors on the authentication process, and because the DNA is not forged, the security of the authentication process can be improved.
  • FIG. 1 is a schematic flowchart of an identity authentication method according to an exemplary embodiment of the present disclosure.
  • Fig. 2 is a schematic flowchart of a method for determining authority according to an exemplary embodiment of the present disclosure.
  • Fig. 3 is a schematic flowchart of another method for determining authority according to an exemplary embodiment of the present disclosure.
  • FIG. 4 is a schematic flowchart of another identity authentication method according to an exemplary embodiment of the present disclosure.
  • FIG. 5 is a schematic flowchart of still another identity authentication method according to an exemplary embodiment of the present disclosure.
  • FIG. 6 is a schematic flowchart of still another method for determining authority according to an exemplary embodiment of the present disclosure.
  • FIG. 7 is a schematic flowchart of a user determination method according to an exemplary embodiment of the present disclosure.
  • Fig. 8 is a block diagram of an identity authentication device according to an exemplary embodiment of the present disclosure.
  • Fig. 9 is a block diagram of a first authorization module according to an exemplary embodiment of the present disclosure.
  • Fig. 10 is a block diagram of another identity authentication device according to an exemplary embodiment of the present disclosure.
  • Fig. 11 is a block diagram of a second authorization module according to an exemplary embodiment of the present disclosure.
  • Fig. 12 is a block diagram of another first authorization module according to an exemplary embodiment of the present disclosure.
  • Fig. 13 is a block diagram of a user confirmation module according to an exemplary embodiment of the present disclosure.
  • Fig. 14 is a block diagram of an electronic device according to an exemplary embodiment.
  • FIG. 1 is a schematic flowchart of an identity authentication method according to an exemplary embodiment of the present disclosure. The method may be applied to an electronic device. As shown in FIG. 1, the method may include the following steps:
  • Step 101 Obtain first DNA data of a target object to be verified.
  • the aforementioned electronic device may be, for example, a robot, and the robot is provided with a device capable of detecting DNA, such as a DNA detection sensor.
  • a device capable of detecting DNA such as a DNA detection sensor.
  • Current DNA detection sensors can collect DNA data through any tissue containing cells, such as hair, dander, sweat, saliva, etc. can be used as samples to identify and collect DNA data.
  • the robot may also be provided with a cleaning device (the cleaning device and the DNA detection sensor may be an integrated device, used to prevent the residual substances from the previous detection from affecting the accuracy of the next detection, or may be a one-time one Device).
  • the DNA detection sensor can detect any substance in the target object's hair, dander, sweat, or saliva to obtain the target object's DNA data.
  • Step 102 Compare the first DNA data with all the DNA data in the database to obtain the similarity between each DNA data in the database and the first DNA data.
  • one or more DNA data may be recorded in the database, and the one or more DNA data may be obtained by the electronic device and stored in the database when the user who has previously used the electronic device authenticates for the first time Yes, when there are multiple DNA data in the database, it means that there have been multiple different users who have completed the authentication.
  • the currently collected first DNA data can be compared with all the DNA data in the database to obtain the similarity between each DNA data in the database and the first DNA data.
  • Step 103 When there is second DNA data whose similarity to the first DNA data is greater than or equal to the first threshold in all DNA data in the database, it is determined that the target object is the first user corresponding to the second DNA data.
  • the first threshold should be set to a higher value, for example, the first threshold should be a threshold that can be regarded as the same person in genetic biology, for example, the first threshold is set to 99.999% (the threshold can also be based on safety sexual needs further increase or decrease), if there is second DNA data with a similarity to the first DNA data greater than or equal to 99.999%, it can be considered that the target object with the first DNA data currently being authenticated is the second The first user corresponding to the DNA data.
  • Step 104 According to the user level of the first user, open corresponding usage rights for the target object.
  • the current authority level of the target object can be determined according to the information related to the user level that has been determined when the first user is authenticated for the first time To open corresponding usage rights for them.
  • FIG. 2 is a schematic flowchart of a method for determining authority according to an exemplary embodiment of the present disclosure. As shown in FIG. 2, in the first implementation, step 104 is based on the user level of the first user. The steps for the object to open the corresponding use rights may include the following steps:
  • Step 1041 When the first user is the highest-level user, the highest authority level is opened for the target object.
  • step 1042 when the first user is not the highest-ranking user, the corresponding usage right is opened for the target object according to the similarity between the first DNA data and the DNA data of the highest-ranking user among all DNA data.
  • multiple permission levels can be set, and users of different levels have different permission levels, and the higher the permission level, the more functions of the electronic device can be used.
  • the highest authority level can use all the functions of the electronic device.
  • Below the highest authority level there can be multiple authority levels with lower rights. Some functions of the electronic device can be used. As the level decreases, the lower the permission level, the fewer functions can be used.
  • the user with the highest permission level can use all the functions of the electronic device, such as the administrator in the Windows system or the root in the Linux system.
  • the first user when the first user is the highest-level user in the system, that is, a super user, it means that the current target object is a super user, so the highest permission level can be opened for the target object.
  • the first user when the first user is not the highest user, that is, not a super user, it can be determined according to the similarity between the first DNA data and the DNA data belonging to the super user in the database, because the similarity of the DNA data can reflect the relationship of bleeding Therefore, the blood relationship between the current target object and the super user can be determined according to the similarity between the first DNA data and the DNA data of the super user, so that part of the access rights are opened for the target object according to the distance of the blood relationship.
  • FIG. 3 is a schematic flowchart of another method for determining authority according to an exemplary embodiment of the present disclosure.
  • the step of opening the corresponding use right for the target object is OK, and may include the following steps:
  • Step 10421 when the first user is not the user with the highest rank, the similarity between each target DNA data and the first DNA data is acquired from the similarity between each DNA data in the database and the first DNA data, the target DNA The data is the DNA data in the database corresponding to the highest level user.
  • Step 10422 Determine the highest similarity among the similarities between each target DNA data and the first DNA data.
  • Step 10423 Determine the first permission level corresponding to the first similarity interval in which the highest similarity is among the multiple similarity intervals.
  • the multiple similarity intervals correspond to preset multiple permission levels, and the multiple permission levels are lower than the highest permission level.
  • the correspondence between the above multiple similarity intervals and the multiple permission levels can be set in the following manner:
  • the value range between the first threshold and the second threshold is divided to obtain multiple consecutive intervals, which are used as the multiple similarity intervals.
  • the second threshold may be a DNA data similarity threshold determined according to genetic biology and having no blood relationship or a long blood relationship, that is, if the similarity of two DNA data is lower than the second threshold, the two DNAs The two persons corresponding to the data do not have a blood relationship or are far away.
  • the multiple similarity intervals are respectively corresponding to the multiple permission levels, wherein the permission levels of the multiple permission levels are positively related to the value range of the multiple similarity intervals. That is, it can be understood that the higher the value of the similarity interval value range, the higher the permission level corresponding to the similarity interval.
  • Step 10424 Open the corresponding usage rights for the target object according to the first authority level.
  • the DNA data belonging to the super user in all DNA data of the database can be determined, and the similarity between each DNA data from the database and the first DNA data (in step 102 In the determination), the similarity between the DNA data of each super user in the database and the first DNA data is obtained, and thereby the maximum similarity between the first DNA data and the DNA data of the super user is further obtained.
  • the first threshold may be X1%
  • the second threshold may be X4%
  • multiple intermediate thresholds X2% and X3% may be set, where X1% is greater than X2%, X2% is greater than X3%, and X3% is greater than X4%.
  • X1% and X4% are similarity intervals, such as [X4%, X3%), [X3%, X2%), [X2%, X1%).
  • the range greater than X1% and the range less than X4% can be divided into [0%, X4%), [X4%, X3%), [X3%, X2%), [X2%, X1%) and [X1%, 100%] five similarity intervals, corresponding to five levels of authority, of which [X1%, 100%] corresponds to the highest authority level, [X2%, X1%), [X3%, X2%), [X4%, X3%) and [0%, X4%) the corresponding permission levels of the four intervals decrease one by one.
  • the highest similarity is [X1%, 100%], you can use all the functions of the electronic device, in [X2%, X1%) you can use most of the functions of the electronic device, in [X3%, X2%) you can use a small part of the electronic device Functions, in [X4%, X3%), you can use the most basic functions of the electronic device, in [0%, X4%), there is no permission to use.
  • the above-mentioned "all functions”, “most functions”, “a few functions”, “basic functions” can be understood as the preset usable range corresponding to different permission levels, and the corresponding usable functions The number decreases one by one, and the number of specific functions that can be used in "All functions”, “Most functions”, “Small functions”, “Most basic functions”, and the specific functions that can be used in electronic devices can be based on actual needs To set, there is no limit here.
  • the current authority level of the target object can be determined according to the correspondence between the similarity interval and the authority. For example, if the highest similarity between the first DNA data and the DNA data of each super user is at [X2%, X1%), the permission level of the target object is the permission level corresponding to [X2%, X1%). The similarity at [X2%, X1%) indicates that the target object has a close blood relationship with a super user, and the target object can be allowed to use most functions of the electronic device.
  • the target object to be authenticated has not been authenticated on the electronic device, it can be authenticated through the blood relationship, so that one person can be authenticated and used by the whole family, so under the condition of ensuring high security,
  • the certification process is greatly simplified, making the certification process of electronic devices easier and faster.
  • FIG. 4 is a schematic flowchart of another identity authentication method according to an exemplary embodiment of the present disclosure.
  • the user level according to the first user in step 104 is The steps of opening the corresponding usage rights for the target object may include the following steps:
  • Step 1043 Obtain the user authority indication information corresponding to the first user stored during the first authentication of the first user.
  • the permission level of the first user may be the highest permission level or any permission level lower than the highest permission level, where the permission level of the first user is the highest permission when the first user is the highest level user Level; when the first user is not the highest level user, the permission level of the first user is based on the DNA data of the highest level user among the first DNA data and all DNA data in the database when the first user authenticates for the first time Similarity is determined.
  • the method of determining the permission level during the first authentication refer to steps 1046 to 1047 described below.
  • Step 1044 Acquire the permission level of the first user according to the user permission instruction information corresponding to the first user.
  • Step 1045 According to the permission level of the first user, open corresponding usage permissions for the target object.
  • the use permission of all functions of the electronic device may be opened for the target object. If the permission level of the first user is not the highest permission level, the corresponding permission to use some functions of the electronic device is opened.
  • the functions of some functions can be determined by referring to the method described in step 10424.
  • FIG. 5 is a schematic flowchart of yet another identity authentication method according to an exemplary embodiment of the present disclosure. As shown in FIG. 5, the method may further include:
  • Step 1046 when the second DNA data does not exist in all DNA data in the database, it is determined that the target object is the first authentication.
  • the target object is the first authentication.
  • Step 1047 According to the similarity between the first DNA data and the DNA data belonging to the user of the highest level among all the DNA data, the corresponding use right is opened for the target object.
  • FIG. 6 is a schematic flowchart of still another method for determining authority according to an exemplary embodiment of the present disclosure.
  • step 1047 according to the first DNA data and all DNA data belong to the highest level The similarity of the user's DNA data, the step of opening the corresponding usage rights for the target object, may include the following steps:
  • Step 10461 when it is determined that the target object has the credential of the user of the highest level, it is determined that the target object is the user of the highest level.
  • Step 10462 Determine the permission level of the target object as the highest permission level.
  • the target object since this is the first time that the target object is authenticated, if the target object can be registered as the highest-level user, the target object has the highest permission level, if the target object fails to register as the highest-level user, then The third authority level corresponding to the target object needs to be determined according to the implementation method of steps 10461 to 10464 above. Among them, whether it can be registered as the highest-level user can be based on whether the target object has the credential of the highest-level user at the time of authentication.
  • the credential may include, for example, the username and password corresponding to the highest-level user, or the key/password, Or connect to external hardware used to authenticate the highest-level user (such as external hardware with a mobile certificate, digital certificate, or electronic key, such as Ukey), or the current authentication is a verification code generated by the invitation of another highest-level user, or in the electronic After the reset button on the device is triggered, the target object acts as the first authenticated user, and so on.
  • external hardware used to authenticate the highest-level user such as external hardware with a mobile certificate, digital certificate, or electronic key, such as Ukey
  • the current authentication is a verification code generated by the invitation of another highest-level user, or in the electronic
  • the target object acts as the first authenticated user, and so on.
  • the above-mentioned credential or method for authenticating the highest-level user is only exemplary, including but not limited to.
  • Step 10463 when it is determined that the target object does not have the credential, the similarity between each target DNA data and the first DNA data is acquired from the similarity between each DNA data in the database and the first DNA data, the target The DNA data is the DNA data in the database corresponding to the user of the highest level.
  • Step 10464 Determine the highest similarity among the similarities between each target DNA data and the first DNA data.
  • Step 10465 when the highest similarity is less than the second threshold, it is determined that the target object has not passed the authentication.
  • Step 10466 When the highest similarity is greater than or equal to the second threshold, determine the second authority level corresponding to the second similarity interval in which the highest similarity is located among the multiple similarity intervals as the authority level of the target object.
  • the multiple similarity intervals correspond to preset multiple permission levels, and the multiple permission levels are lower than the highest permission level, which are the same as the multiple similarity intervals shown in step 10423.
  • the degree interval is a plurality of continuous intervals obtained by dividing the value range between the first threshold and the second threshold, and the authority levels of the multiple permission levels here are positively related to the value ranges of the multiple similarity intervals.
  • Step 10467 According to the permission level of the target object, open the corresponding use permission for the target object.
  • the implementation method of the above steps 10463 to 10466 is the same as the method shown in the above steps 10421 to 10424, and refer to the steps 10421 to 10424.
  • the above multiple similarity intervals can be exhibited in [X4%, X3%), [X3%, X2%), [X2%, shown in step 10424 X1%). Since the target object has not been authenticated, there will be no DNA data with a similarity exceeding X1% in the database, so there is no [X1%, 100%] interval.
  • the obtained highest similarity belongs to [0%, X4%), [X4%, X3%), [X3%, X2%), [X2%, X1%) and [X1%, 100%] which similarity interval, suppose the highest similarity is in [ X2%, X1%), the third authority level is the authority level corresponding to the interval [X2%, X1%).
  • the current authority level of the target object can be determined according to the correspondence between the similarity interval and the authority. For example, if the highest similarity between the first DNA data and the DNA data of each super user is at [X2%, X1%), the third authority level of the target object is the authority level corresponding to [X2%, X1%), according to The description in step 10424, since the similarity of DNA data at [X2%, X1%) indicates that the target object has a close blood relationship with a super user, it can allow the target object to use most functions of the electronic device.
  • the permission level corresponding to [X2%, X1%) is second only to the highest permission level.
  • the target object can use most functions of the electronic device.
  • the highest similarity is less than the second threshold, that is, in the interval [0%, X4%)
  • step of opening corresponding usage rights for the target object according to the permission level of the target object in step 10467 may include:
  • Step 1a register the target object as the second user.
  • Step 2a Store the correspondence between the second user and the first DNA data, user indication information, and highest similarity in the database.
  • the user level indication information is used to indicate whether the second user is the highest level user.
  • registration and storage can be performed according to the above steps 1a to 3a, so that based on the user level indication information, when the same user is authenticated again, the user’s
  • the above information identifies whether the user is the highest level user. For example, when step 1042 or 1046 is executed again, it can be confirmed which DNA data in the database belongs to the user of the highest level according to the above-mentioned corresponding relationship between the DNA data of each user recorded in the database and the user instruction information.
  • Step 3a According to the permission level of the target object, open the corresponding use permission for the target object.
  • steps 1a-2a and step 3a there is no fixed execution order between steps 1a-2a and step 3a, and one of them may be executed first, or they may be executed simultaneously.
  • the step of opening corresponding usage rights for the target object according to the permission level of the target object in step 10467 may include:
  • Step 1b register the target object as the second user.
  • Step 2b Store the correspondence between the second user and the first DNA data and user permission indication information in the database, where the user permission indication information is used to indicate the permission level the second user has.
  • Step 3b According to the permission level of the target object, open the corresponding use permission for the target object.
  • steps 1b-2b and step 3b there is no fixed execution order between steps 1b-2b and step 3b, and one of them may be executed first, or they may be executed simultaneously.
  • registration and storage can be performed according to the above steps 1b to 3b, so that when the same user performs authentication again, the user can be directly obtained based on the above information of the user stored in the database Whether it is the highest level user, and the user's authority level.
  • the user's authority level can be confirmed according to the correspondence between each user's DNA data and user authority instruction information recorded in the database.
  • other information corresponding to the DNA data such as user name, gender, etc., may also be enriched during authentication or during subsequent use.
  • FIG. 7 is a user determination method according to an exemplary embodiment of the present disclosure.
  • the corresponding steps of the first user may include the following steps:
  • Step 1031 Acquire the first biological characteristic of the target object.
  • the first biometrics may include: at least one of biometrics such as fingerprints, facial features, irises, voiceprints and the like.
  • Step 1032 when there is second DNA data whose similarity to the first DNA data is greater than or equal to the first threshold value in all DNA data, determine the first user corresponding to the second DNA data.
  • Step 1033 Obtain the second biometrics of the first user stored in the database.
  • Step 1034 when the first biometric and the second biometric match, it is determined that the target object is the first user.
  • the target object matches any existing user's DNA data and biological characteristics, it can be identified as the user himself, thereby further improving the security of the authentication process.
  • FIG. 8 is a block diagram of an identity authentication device according to an exemplary embodiment of the present disclosure. As shown in FIG. 8, the device 800 may include:
  • the collection module 801 is used to obtain the first DNA data of the target object to be verified
  • the comparison module 802 is used to compare the first DNA data with all the DNA data in the database to obtain the similarity between each DNA data in the database and the first DNA data;
  • the user confirmation module 803 is used to determine that the target object is the first user corresponding to the second DNA data when there is second DNA data with similarity to the first DNA data greater than or equal to the first threshold in all DNA data in the database ;
  • the first authorization module 804 is configured to open corresponding usage rights for the target object according to the user level of the first user.
  • the first authorization module 804 may be used for:
  • the corresponding user authority is opened for the target object according to the highest authority level
  • the corresponding usage rights are opened for the target object according to the similarity between the first DNA data and the DNA data of the highest-ranking user among all DNA data in the database.
  • FIG. 9 is a block diagram of a first authorization module according to an exemplary embodiment of the present disclosure.
  • the first authorization module 804 may include:
  • the first similarity recognition sub-module 8041 is used to obtain each target DNA data and the first DNA from the similarity between each DNA data in the database and the first DNA data when the first user is not the highest level user
  • the similarity of the data, the target DNA data is the DNA data corresponding to the highest level user in the database
  • the first similarity determination submodule 8042 is used to determine the highest similarity of the similarity between each target DNA data and the first DNA data;
  • the first permission confirmation sub-module 8043 is used to determine the first permission level corresponding to the first similarity interval in which the highest similarity is located in multiple similarity intervals, and the multiple similarity intervals are respectively different from the preset multiple Corresponding to the authority level, the multiple authority levels are lower than the highest authority level;
  • the first authorization submodule 8044 is configured to open corresponding usage rights for the target object according to the first authority level.
  • FIG. 10 is a block diagram of another identity authentication device according to an exemplary embodiment of the present disclosure.
  • the device 800 may further include:
  • the determining module 805 is configured to determine that the target object is the first authentication when the second DNA data does not exist in all DNA data in the database;
  • the second authorization module 806 is configured to open corresponding usage rights for the target object according to the similarity between the first DNA data and the DNA data of the highest-level user among all the DNA data in the database.
  • FIG. 11 is a block diagram of a second authorization module according to an exemplary embodiment of the present disclosure.
  • the second authorization module 806 may include:
  • the identity verification sub-module 8061 is used to determine that the target object is the highest level user when it is determined that the target object has the credentials of the highest level user;
  • the second permission confirmation submodule 8062 is used to determine the permission level of the target object as the highest permission level
  • the second similarity recognition sub-module 8063 is configured to acquire each target DNA data and the first from the similarity between each DNA data in the database and the first DNA data when it is determined that the target object does not have the above-mentioned credentials Similarity of DNA data, the target DNA data is the DNA data corresponding to the highest level user in the database;
  • the second similarity determination submodule 8064 is used to determine the highest similarity among the similarities between each target DNA data and the first DNA data;
  • the second authorization submodule 8065 is configured to determine that the target object has not passed the authentication when the highest similarity is less than the second threshold.
  • the second permission confirmation sub-module 8062 is used to determine the second permission level corresponding to the second similarity interval where the highest similarity is in a plurality of similarity intervals when the highest similarity is greater than or equal to the second threshold, as For the permission level of the target object, the above-mentioned multiple similarity intervals respectively correspond to preset multiple permission levels, and the multiple permission levels are lower than the highest permission level;
  • the second authorization sub-module 8065 is also used to open corresponding usage rights for the target object according to the permission level of the target object.
  • the device 800 further includes: an interval dividing module 807, configured to divide the value range between the first threshold and the second threshold to obtain multiple consecutive intervals as the multiple similarities Degree interval
  • the correlation module 808 is configured to correspond the multiple similarity intervals to the multiple permission levels, and the permission levels of the multiple permission levels are positively related to the value range of the multiple similarity intervals.
  • the second authorization submodule 8065 is used to: register the target object as a second user;
  • the corresponding use permission is opened for the target object.
  • the second authorization submodule 8065 is used to: register the target object as the second user;
  • the corresponding use permission is opened for the target object.
  • FIG. 12 is a block diagram of a first authorization module according to an exemplary embodiment of the present disclosure.
  • the first authorization module 804 may include:
  • the information obtaining sub-module 8045 is used to obtain the user authority indication information corresponding to the first user stored during the first authentication of the first user;
  • the rights acquisition submodule 8046 is configured to obtain the rights level of the first user according to the user rights indication information corresponding to the first user;
  • the third authorization submodule 8047 is configured to open corresponding usage rights for the target object according to the authority level of the first user.
  • FIG. 13 is a block diagram of a user confirmation module according to an exemplary embodiment of the present disclosure.
  • the user confirmation module 803 may include:
  • the biometrics obtaining sub-module 8031 is used to obtain the first biometrics of the target object
  • the user determination submodule 8032 is configured to determine the first user corresponding to the second DNA data when there is second DNA data with similarity to the first DNA data greater than or equal to the first threshold in all DNA data;
  • a reading sub-module 8033 which is used to obtain the second biometrics of the first user stored in the database
  • the user confirmation sub-module 8034 determines that the target object is the first user when the first biometric and the second biometric match.
  • Fig. 14 is a block diagram of an electronic device according to an exemplary embodiment.
  • the electronic device 1400 may include a processor 1401 and a memory 1402.
  • the electronic device 1400 may also include one or more of a multimedia component 1403, an input/output (I/O) interface 1404, and a communication component 1405.
  • the electronic device may be a robot, such as a home robot.
  • the processor 1401 is used to control the overall operation of the electronic device 1400 to complete all or part of the steps in the above-mentioned identity authentication method.
  • the memory 1402 is used to store various types of data to support operation on the electronic device 1400, and the data may include, for example, instructions for any application programs or methods operating on the electronic device 1400, and application-related data, For example, contact data, messages sent and received, pictures, audio, video, etc.
  • the memory 1402 may be implemented by any type of volatile or non-volatile storage device or a combination thereof, such as static random access memory (Static Random Access Memory, SRAM for short), electrically erasable programmable read-only memory ( Electrically Erasable Programmable Read-Only Memory (EEPROM for short), erasable programmable read-only memory (Erasable Programmable Read-Only Memory (EPROM), Programmable Read-Only Memory (PROM), Read-Only Memory (ROM), magnetic memory, flash memory, magnetic disk or optical disk.
  • the multimedia component 1403 may include a screen and an audio component.
  • the screen may be, for example, a touch screen, and the audio component is used to output and/or input audio signals.
  • the audio component may include a microphone for receiving external audio signals.
  • the received audio signal may be further stored in the memory 1402 or transmitted through the communication component 1405.
  • the audio component also includes at least one speaker for outputting audio signals.
  • the I/O interface 1404 provides an interface between the processor 1401 and other interface modules.
  • the other interface modules may be a keyboard, a mouse, a button, and so on. These buttons can be virtual buttons or physical buttons.
  • the communication component 1405 is used for wired or wireless communication between the electronic device 1400 and other devices. Wireless communication, such as Wi-Fi, Bluetooth, Near Field Communication (NFC), 2G, 3G, or 4G, or a combination of one or more of them, so the corresponding communication component 1405 may include: Wi-Fi module, Bluetooth module, NFC module.
  • the electronic device 1400 may be used by one or more application specific integrated circuits (Application Specific Integrated Circuit (ASIC), Digital Signal Processor (DSP), Digital Signal Processing Device (DSPD), Programmable Logic Device (PLD), on-site Programmable gate array (Field Programmable Gate Array, FPGA for short), controller, microcontroller, microprocessor or other electronic components are used to implement the above-mentioned identity authentication method.
  • ASIC Application Specific Integrated Circuit
  • DSP Digital Signal Processor
  • DSPD Digital Signal Processing Device
  • PLD Programmable Logic Device
  • FPGA field Programmable Gate Array
  • a computer-readable storage medium including program instructions is also provided.
  • the program instructions are executed by a processor, the steps of the foregoing identity authentication method are implemented.
  • the computer-readable storage medium may be the above-mentioned memory 1402 including program instructions, which may be executed by the processor 1401 of the electronic device 1400 to complete the above-mentioned identity authentication method.

Abstract

The present application relates to an identity authentication method and device, a storage medium, and an electronic apparatus. The method comprises: obtaining first DNA data of a target object to be verified; comparing the first DNA data with every DNA data item in a database so as to obtain a similarity between each DNA data item in the database and the first DNA data; if each DNA data item in the database contains second DNA data having a similarity to the first DNA data greater than or equal to a first threshold, determining that the target object is a first user corresponding to the second DNA data; and granting, according to a user level of the first user, a corresponding use permission to the target object. Identity authentication can be achieved by means of the collected DNA data of the target object, thereby reducing influences of environmental factors on an authentication process, and improving the security of the process.

Description

身份认证方法、装置、存储介质和电子设备Identity authentication method, device, storage medium and electronic equipment 技术领域Technical field
本公开涉及设备安全技术领域,具体地,涉及一种身份认证方法、装置、存储介质和电子设备。The present disclosure relates to the technical field of equipment security, and in particular, to an identity authentication method, device, storage medium, and electronic equipment.
背景技术Background technique
目前,对于一些类型的电子设备大多不对用户进行辨认,例如家庭机器人,不管谁发号施令,都会相同的方式去执行,智能性不足。而对于有些电子设备,会采用一定的鉴权方式来对用户身份进行认证,只有通过认证的用户才具有该电子设备的使用权。例如,目前较流行的采用指纹识别,或者面部识别的方法对用户进行鉴权。因为可以辨认出不同用户,所以就能够根据每个用户采用区分的方式进行处理,用户体验得以获得较大的提升。At present, most types of electronic devices do not recognize users. For example, home robots, regardless of who gives orders, will be executed in the same way, lacking intelligence. For some electronic devices, a certain authentication method is used to authenticate the user's identity, and only the authenticated user has the right to use the electronic device. For example, fingerprint recognition or facial recognition methods are currently popular to authenticate users. Because different users can be identified, each user can be processed in a differentiated manner, and the user experience can be greatly improved.
但是,目前所采用的指纹识别或者面部识别依然存在不足的地方,例如容易受到环境影响,比如面部容易受环境光线亮度的影响,低亮度环境下识别率会明显降低,此外还会受到面部角度的影响。另外,目前的身份认证方法还存在一些安全问题,例如对于指纹识别或者面部识别,存在伪造的可能性,特别是对于指纹识别而言,伪造难度较低,比较容易伪造,因此安全性较低。However, there are still some shortcomings in the current fingerprint recognition or facial recognition, for example, it is easily affected by the environment, for example, the face is easily affected by the brightness of the ambient light, and the recognition rate will be significantly reduced in a low-brightness environment. In addition, it will also be affected by the angle of the face influences. In addition, the current identity authentication methods still have some security problems. For example, there is a possibility of forgery for fingerprint recognition or facial recognition. Especially for fingerprint recognition, the difficulty of forgery is lower, and it is easier to forge, so the security is lower.
发明内容Summary of the invention
本公开的目的是提供一种身份认证方法、装置、存储介质和电子设备,用于解决现有的身份认证技术容易受环境影响,以及安全性较低的问题。The purpose of the present disclosure is to provide an identity authentication method, device, storage medium, and electronic equipment for solving the problems that the existing identity authentication technology is easily affected by the environment and has low security.
为了实现上述目的,本公开的第一方面,提供一种身份认证方法,所述方法包括:To achieve the above objective, in a first aspect of the present disclosure, an identity authentication method is provided. The method includes:
获取待验证的目标对象的第一DNA数据;Obtain the first DNA data of the target object to be verified;
将所述第一DNA数据与数据库中的所有DNA数据进行对比,以获取所述数据库中的每个DNA数据与所述第一DNA数据与的相似度;Comparing the first DNA data with all DNA data in the database to obtain the similarity between each DNA data in the database and the first DNA data;
当所述数据库中的所有DNA数据中存在与所述第一DNA数据的相似度大于或等于第一阈值的第二DNA数据时,确定所述目标对象为所述第二DNA数据对应的第一用户;When there is second DNA data whose similarity to the first DNA data is greater than or equal to a first threshold in all DNA data in the database, it is determined that the target object is the first corresponding to the second DNA data user;
根据所述第一用户的用户等级为所述目标对象开放对应的使用权限。According to the user level of the first user, corresponding usage rights are opened for the target object.
可选地,所述根据所述第一用户的用户等级为所述目标对象开放对应的使用权限,包括:Optionally, the opening of corresponding usage rights for the target object according to the user level of the first user includes:
当所述第一用户为最高等级用户时,按照最高权限等级为所述目标对象开放对应的使用权限;When the first user is the user with the highest level, the corresponding use authority is opened for the target object according to the highest authority level;
当所述第一用户非所述最高等级用户时,根据所述第一DNA数据与所述数据库中的所有DNA数据中属于最高等级用户的DNA数据的相似度,为所述目标对象开放对应的使用权限。When the first user is not the highest-ranking user, according to the similarity between the first DNA data and the DNA data belonging to the highest-ranking user among all DNA data in the database, the corresponding object is opened for the target object Use permissions.
可选地,当所述第一用户非所述最高等级用户时,根据所述第一DNA数据与所述数据库中的所有DNA数据中属于最高等级用户的DNA数据的相似度,为所述目标对象开放对应的使用权限,包括:Optionally, when the first user is not the highest-ranking user, the target is based on the similarity between the first DNA data and the DNA data of the highest-ranking user among all DNA data in the database. The object opens corresponding usage rights, including:
当所述第一用户非所述最高等级用户时,从所述数据库中的每个DNA数据与所述第一DNA数据与的相似度中,获取每个目标DNA数据与所述第一DNA数据的相似度,所述目标DNA数据为所述数据库中对应于最高等级用户的DNA数据;When the first user is not the highest-ranking user, each target DNA data and the first DNA data are obtained from the similarity between each DNA data in the database and the first DNA data Similarity, the target DNA data is the DNA data corresponding to the highest level user in the database;
确定所述每个目标DNA数据与所述第一DNA数据的相似度中的最高相似度;Determining the highest similarity among the similarities between each target DNA data and the first DNA data;
确定所述最高相似度在多个相似度区间中所处的第一相似度区间所对应的第一权限等级,所述多个相似度区间分别与预设的多个权限等级对应,所述多个权限等级低于所述最高权限等级;Determining the first permission level corresponding to the first similarity interval in which the highest similarity is located in multiple similarity intervals, the multiple similarity intervals corresponding to preset multiple permission levels, respectively, The permission level is lower than the highest permission level;
按照所述第一权限等级为所述目标对象开放对应的使用权限。According to the first permission level, corresponding use permissions are opened for the target object.
可选地,所述方法还包括:当所述数据库中的所有DNA数据中不存在所述第二DNA数据时,确定所述目标对象为首次认证;Optionally, the method further includes: when the second DNA data does not exist in all DNA data in the database, determining that the target object is the first authentication;
根据所述第一DNA数据与所述数据库中的所有DNA数据中属于最高等级用户的DNA数据的相似度,为所述目标对象开放对应的使用权限。According to the similarity between the first DNA data and the DNA data belonging to the user of the highest level among all the DNA data in the database, corresponding usage rights are opened for the target object.
可选地,所述根据所述第一DNA数据与所述数据库中的所有DNA数据中属于最高等级用户的DNA数据的相似度,为所述目标对象开放对应的使用权限,包括:Optionally, according to the similarity between the first DNA data and the DNA data of the highest-ranking user among all the DNA data in the database, opening corresponding usage rights for the target object includes:
当确定所述目标对象具有最高等级用户的凭证时,确定所述目标对象为所述最高等级用户;When it is determined that the target object has the credential of the user of the highest level, it is determined that the target object is the user of the highest level;
将所述目标对象的权限等级确定为最高权限等级;或者,Determine the permission level of the target object as the highest permission level; or,
当确定所述目标对象不具备所述凭证时,从所述数据库中的每个DNA数据与所述第一DNA数据与的相似度中,获取每个目标DNA数据与所述第一DNA数据的相似度,所述目标DNA数据为所述数据库中对应于最高等级用户的DNA数据;When it is determined that the target object does not have the voucher, from the similarity between each DNA data in the database and the first DNA data, obtain the data of each target DNA data and the first DNA data Similarity, the target DNA data is the DNA data corresponding to the highest level user in the database;
确定所述每个目标DNA数据与所述第一DNA数据的相似度中的最高相似度;Determining the highest similarity among the similarities between each target DNA data and the first DNA data;
当所述最高相似度小于所述第二阈值时,确定所述目标对象未通过认证;When the highest similarity is less than the second threshold, it is determined that the target object has not passed authentication;
当所述最高相似度大于或等于第二阈值时,确定所述最高相似度在多个相似度区间中所处的第二相似度区间所对应的第二权限等级,作为所述目标对象的权限等级,所述多个相似度区间分别与预设的多个权限等级对应,所述多个权限等级低于所述最高权限等级;When the highest similarity is greater than or equal to the second threshold, determine the second permission level corresponding to the second similarity interval in which the highest similarity is located in multiple similarity intervals, as the permission of the target object Level, the multiple similarity intervals respectively correspond to multiple preset permission levels, and the multiple permission levels are lower than the highest permission level;
按照所述目标对象的权限等级为所述目标对象开放对应的使用权限。According to the permission level of the target object, the corresponding use permission is opened for the target object.
可选地,所述方法还包括:将所述第一阈值与第二阈值之间的取值范围进行划分,以得到多个连续的区间,作为所述多个相似度区间;Optionally, the method further includes: dividing the value range between the first threshold and the second threshold to obtain multiple consecutive intervals as the multiple similarity intervals;
将所述多个相似度区间分别与所述多个权限等级进行对应,所述多个权限等级的权限高低与所述多个相似度区间的取值范围大小正相关。Corresponding the plurality of similarity intervals to the plurality of permission levels respectively, and the permission levels of the plurality of permission levels are positively related to the value range of the plurality of similarity intervals.
可选地,所述按照所述目标对象的权限等级为所述目标对象开放对应的使用权限,包括:Optionally, the opening of corresponding use rights for the target object according to the permission level of the target object includes:
将所述目标对象注册为第二用户;Register the target object as a second user;
将所述第二用户与所述第一DNA数据、用户指示信息以及所述最高相似度之间的对应关系存储至所述数据库中,所述用户等级指示信息用于指示所述第二用户是否为所述最高等级用户;Storing the correspondence between the second user and the first DNA data, user indication information, and the highest similarity degree in the database, and the user level indication information is used to indicate whether the second user Is the highest level user;
按照所述目标对象的权限等级为所述目标对象开放对应的使用权限。According to the permission level of the target object, the corresponding use permission is opened for the target object.
可选地,所述按照所述目标对象的权限等级为所述目标对象开放对应的使用权限,包括:Optionally, the opening of corresponding use rights for the target object according to the permission level of the target object includes:
将所述目标对象注册为第二用户;Register the target object as a second user;
将所述第二用户与所述第一DNA数据、用户权限指示信息之间的对应关系存储至所述数据库中,所述用户权限指示信息用于指示所述第二用户具有的权限等级;Storing the correspondence between the second user, the first DNA data, and user permission indication information in the database, where the user permission indication information is used to indicate the permission level that the second user has;
按照所述目标对象的权限等级为所述目标对象开放对应的使用权限。According to the permission level of the target object, the corresponding use permission is opened for the target object.
可选地,所述根据所述第一用户的用户等级为所述目标对象开放对应的使用权限,包括:Optionally, the opening of corresponding usage rights for the target object according to the user level of the first user includes:
获取在所述第一用户在首次认证时存储的与所述第一用户对应的用户权限指示信息;Acquiring user authority indication information corresponding to the first user stored during the first authentication of the first user;
根据所述第一用户对应的用户权限指示信息,获取所述第一用户的权限等级;Acquiring the permission level of the first user according to the user permission instruction information corresponding to the first user;
按照所述第一用户的权限等级为所述目标对象开放对应的使用权限。According to the permission level of the first user, the corresponding use permission is opened for the target object.
可选的,所述当所述所有DNA数据中存在与所述第一DNA数据的相似度大于或等于第一阈值的第二DNA数据时,确定所述目标对象为所述第二DNA数据对应的第一用户,包括:Optionally, when there is second DNA data whose similarity to the first DNA data is greater than or equal to a first threshold in all the DNA data, it is determined that the target object corresponds to the second DNA data Of the first users, including:
获取所述目标对象的第一生物特征;Acquiring the first biological characteristic of the target object;
当所述所有DNA数据中存在与所述第一DNA数据的相似度大于或等于第一阈值的第二DNA数据时,确定所述第二DNA数据所对应的第一用户;When there is second DNA data whose similarity to the first DNA data is greater than or equal to a first threshold in all the DNA data, determine the first user corresponding to the second DNA data;
获取所述数据库中存储的所述第一用户的第二生物特征;Acquiring the second biometrics of the first user stored in the database;
当所述第一生物特征与所述第二生物特征匹配时,确定所述目标对象为所述第一用户。When the first biometric matches the second biometric, it is determined that the target object is the first user.
第二方面,提供一种身份认证装置,所述装置包括:In a second aspect, an identity authentication device is provided, the device including:
采集模块,用于获取待验证的目标对象的第一DNA数据;The collection module is used to obtain the first DNA data of the target object to be verified;
对比模块,用于将所述第一DNA数据与数据库中的所有DNA数据进行对比,以获取所述数据库中的每个DNA数据与所述第一DNA数据与的相似度;A comparison module, configured to compare the first DNA data with all DNA data in a database to obtain the similarity between each DNA data in the database and the first DNA data;
用户确认模块,用于当所述数据库中的所有DNA数据中存在与所述第一DNA数据的相似度大于或等于第一阈值的第二DNA数据时,确定所述目标对象为所述第二DNA数据对应的第一用户;The user confirmation module is configured to determine that the target object is the second when all DNA data in the database has second DNA data whose similarity to the first DNA data is greater than or equal to a first threshold The first user corresponding to the DNA data;
第一授权模块,用于根据所述第一用户的用户等级为所述目标对象开放对应的使用权限。The first authorization module is configured to open corresponding usage rights for the target object according to the user level of the first user.
可选地,所述第一授权模块,用于:Optionally, the first authorization module is used to:
当所述第一用户为最高等级用户时,按照最高权限等级为所述目标对象开放对应的使用权限;When the first user is the user with the highest level, the corresponding use authority is opened for the target object according to the highest authority level;
当所述第一用户非所述最高等级用户时,根据所述第一DNA数据与所述数据库中的所有DNA数据中属于最高等级用户的DNA数据的相似度,为所述目标对象开放对应的使用权限。When the first user is not the highest-ranking user, according to the similarity between the first DNA data and the DNA data belonging to the highest-ranking user among all DNA data in the database, the corresponding object is opened for the target object Use permissions.
可选地,所述第一授权模块,包括:Optionally, the first authorization module includes:
第一相似度识别子模块,用于当所述第一用户非所述最高等级用户时,从所述数据库中的每个DNA数据与所述第一DNA数据与的相似度中,获取每个目标DNA数据与所述第一DNA数据的相似度,所述目标DNA数据为所述数据库中对应于最高等级用户的DNA数据;The first similarity recognition submodule is used to obtain each of the similarities between each DNA data in the database and the first DNA data when the first user is not the user with the highest rank The similarity between the target DNA data and the first DNA data, the target DNA data is the DNA data corresponding to the highest level user in the database;
第一相似度确定子模块,用于确定所述每个目标DNA数据与所述第一DNA数据的相似度中的最高相似度;A first similarity determination submodule, configured to determine the highest similarity among the similarities between each target DNA data and the first DNA data;
第一权限确认子模块,用于确定所述最高相似度在多个相似度区间中所处的第一相似度区间所对应的第一权限等级,所述多个相似度区间分别与预设的多个权限等级对应,所述多个权限等级低于所述最高权限等级;The first permission confirmation submodule is used to determine the first permission level corresponding to the first similarity interval in which the highest similarity is located in multiple similarity intervals, and the multiple similarity intervals are respectively different from the preset Corresponding to multiple permission levels, the multiple permission levels are lower than the highest permission level;
第一授权子模块,用于按照所述第一权限等级为所述目标对象开放对应的使用权限。The first authorization submodule is configured to open corresponding usage rights for the target object according to the first authority level.
可选地,所述装置还包括:Optionally, the device further includes:
确定模块,用于当所述数据库中的所有DNA数据中不存在所述第二DNA数据时,确定所述目标对象为首次认证;A determining module, configured to determine that the target object is the first authentication when the second DNA data does not exist in all DNA data in the database;
第二授权模块,用于根据所述第一DNA数据与所述数据库中的所有DNA数据中属于最高等级用户的DNA数据的相似度,为所述目标对象开放对应的使用权限。The second authorization module is configured to open corresponding usage rights for the target object based on the similarity between the first DNA data and the DNA data of the user with the highest rank among all the DNA data in the database.
可选地,所述第二授权模块,包括:Optionally, the second authorization module includes:
身份验证子模块,用于当确定所述目标对象具有最高等级用户的凭证时,确定所述目标对象为所述最高等级用户;An identity verification submodule, configured to determine that the target object is the highest level user when it is determined that the target object has the credential of the highest level user;
第二权限确认子模块,用于将所述目标对象的权限等级确定为最高权限等级;A second permission confirmation submodule, configured to determine the permission level of the target object as the highest permission level;
第二相似度识别子模块,用于当确定所述目标对象不具备所述凭证时,从所述数据库中的每个DNA数据与所述第一DNA数据与的相似度中,获取每个目标DNA数据与所述第一DNA数据的相似度,所述目标DNA数据为所述数据库中对应于最高等级用户的DNA数据;The second similarity recognition sub-module is used to obtain each target from the similarity between each DNA data in the database and the first DNA data when it is determined that the target object does not have the credential The similarity between the DNA data and the first DNA data, and the target DNA data is the DNA data corresponding to the highest level user in the database;
第二相似度确定子模块,用于确定所述每个目标DNA数据与所述第一DNA数据的相似度中的最高相似度;A second similarity determination submodule, configured to determine the highest similarity among the similarities between each target DNA data and the first DNA data;
第二授权子模块,用于当所述最高相似度小于所述第二阈值时,确定所述目标对象未通过认证;A second authorization submodule, configured to determine that the target object has not passed authentication when the highest similarity is less than the second threshold;
所述第二权限确认子模块,用于当所述最高相似度大于或等于第二阈值时,确定所述最高相似度在多个相似度区间中所处的第二相似度区间所对应的第二权限等级,作为所述目标对象的权限等级,所述多个相似度区间分别与预设的多个权限等级对应,所述多个权限等级低于所述最高权限等级;The second permission confirmation submodule is configured to determine, when the highest similarity is greater than or equal to a second threshold, the second similarity interval in which the highest similarity is located among multiple similarity intervals Two permission levels, which are the permission levels of the target object, the multiple similarity intervals correspond to preset multiple permission levels, and the multiple permission levels are lower than the highest permission level;
所述第二授权子模块,还用于按照所述目标对象的权限等级为所述目标对象开放对应的使用权限。The second authorization sub-module is also used to open corresponding usage rights for the target object according to the permission level of the target object.
可选地,所述装置还包括:Optionally, the device further includes:
区间划分模块,用于将所述第一阈值与第二阈值之间的取值范围进行划分,以得到多个连续的区间,作为所述多个相似度区间;An interval dividing module, configured to divide the value range between the first threshold and the second threshold to obtain multiple consecutive intervals as the multiple similarity intervals;
关联模块,用于将所述多个相似度区间分别与所述多个权限等级进行对应,所述多个权限等级的权限高低与所述多个相似度区间的取值范围大小正相关。The correlation module is configured to correspond the multiple similarity intervals to the multiple permission levels, and the permission levels of the multiple permission levels are positively related to the value range of the multiple similarity intervals.
可选地,所述第二授权子模块,用于:Optionally, the second authorization submodule is used to:
将所述目标对象注册为第二用户;Register the target object as a second user;
将所述第二用户与所述第一DNA数据、用户指示信息以及所述最高相似度之间的对应关系存储至所述数据库中,所述用户等级指示信息用于指示所述第二用户是否为所述最高等级用户;Storing the correspondence between the second user and the first DNA data, user indication information, and the highest similarity degree in the database, and the user level indication information is used to indicate whether the second user Is the highest level user;
按照所述目标对象的权限等级为所述目标对象开放对应的使用权限。According to the permission level of the target object, the corresponding use permission is opened for the target object.
可选地,所述第二授权子模块,用于:Optionally, the second authorization submodule is used to:
将所述目标对象注册为第二用户;Register the target object as a second user;
将所述第二用户与所述第一DNA数据、用户权限指示信息之间的对应关系存储至所述数据库中,所述用户权限指示信息用于指示所述第二用户具有的权限等级;Storing the correspondence between the second user, the first DNA data, and user permission indication information in the database, where the user permission indication information is used to indicate the permission level that the second user has;
按照所述目标对象的权限等级为所述目标对象开放对应的使用权限。According to the permission level of the target object, the corresponding use permission is opened for the target object.
可选地,所述第一授权模块,包括:Optionally, the first authorization module includes:
信息获取子模块,用于获取在所述第一用户在首次认证时存储的与所述第一用户对应的用户权限指示信息;An information acquisition submodule, configured to acquire the user authority indication information corresponding to the first user and stored during the first authentication of the first user;
权限获取子模块,用于根据所述第一用户对应的用户权限指示信息,获取所述第一用户的权限等级;A permission acquisition sub-module for acquiring the permission level of the first user according to the user permission instruction information corresponding to the first user;
第三授权子模块,用于按照所述第一用户的权限等级为所述目标对象开放对应的使用权限。The third authorization submodule is configured to open corresponding usage rights for the target object according to the authority level of the first user.
可选地,所述用户确认模块,包括:Optionally, the user confirmation module includes:
生物特征获取子模块,用于获取所述目标对象的第一生物特征;A biometrics acquisition sub-module for acquiring the first biometrics of the target object;
用户确定子模块,用于当所述所有DNA数据中存在与所述第一DNA数据的相似度大于或等于第一阈值的第二DNA数据时,确定所述第二DNA数据所对应的第一用户;The user determination sub-module is used to determine the first corresponding to the second DNA data when there is second DNA data whose similarity to the first DNA data is greater than or equal to a first threshold in all the DNA data user;
读取子模块,用于获取所述数据库中存储的所述第一用户的第二生物特征;A reading sub-module for acquiring the second biometrics of the first user stored in the database;
用户确认子模块,当所述第一生物特征与所述第二生物特征匹配时,确定所述目标对象为所述第一用户。The user confirmation sub-module determines that the target object is the first user when the first biological feature matches the second biological feature.
第三方面,提供一种计算机可读存储介质,其上存储有计算机程序,所述计算机程序被处理器执行时实现上述第一方面所述方法的步骤。In a third aspect, a computer-readable storage medium is provided on which a computer program is stored, and when the computer program is executed by a processor, the steps of the method of the first aspect described above are implemented.
第四方面,提供一种电子设备,包括:存储器,其上存储有计算机程序;In a fourth aspect, an electronic device is provided, including: a memory on which a computer program is stored;
处理器,用于执行所述存储器中的所述计算机程序,以实现上述第一方面所述方法的步骤。A processor is configured to execute the computer program in the memory to implement the steps of the method in the first aspect.
在上述技术方案中,通过获取待验证的目标对象的第一DNA数据;将第一DNA数据与数据库中的所有DNA数据进行对比,以获取数据库中的每个DNA数据与第一DNA数据与的相似度;当数据库中的所有DNA数据中存在与第一DNA数据的相似度大于或等于第一阈值的第二DNA数据时,确定目标对象为所述第二DNA数据对应的第一用户;根据第一用户的用户等级为目标对象开放对应的使用权限。通过上述技术方案,能够通过所采集到的目标对象的DNA数据实现身份认证,能够降低环境因素对认证过程的影响,并且由于DNA不以伪造的特性,能够提高认证过程的安全性。In the above technical solution, by acquiring the first DNA data of the target object to be verified; the first DNA data is compared with all the DNA data in the database to obtain each DNA data in the database and the first DNA data and Similarity; when there is second DNA data whose similarity to the first DNA data is greater than or equal to the first threshold in all DNA data in the database, determine that the target object is the first user corresponding to the second DNA data; The user level of the first user is to open corresponding usage rights for the target object. Through the above technical solution, identity authentication can be realized through the collected DNA data of the target object, which can reduce the influence of environmental factors on the authentication process, and because the DNA is not forged, the security of the authentication process can be improved.
本公开的其他特征和优点将在随后的具体实施方式部分予以详细说明。Other features and advantages of the present disclosure will be described in detail in the detailed description section that follows.
附图说明BRIEF DESCRIPTION
附图是用来提供对本公开的进一步理解,并且构成说明书的一部分,与下面的具体实施方式一起用于解释本公开,但并不构成对本公开的限制。在附图中:The drawings are used to provide a further understanding of the present disclosure, and constitute a part of the specification, together with the following specific embodiments to explain the present disclosure, but do not constitute a limitation of the present disclosure. In the drawings:
图1是根据本公开一示例性实施例示出的一种身份认证方法的流程示意图。FIG. 1 is a schematic flowchart of an identity authentication method according to an exemplary embodiment of the present disclosure.
图2是根据本公开一示例性实施例示出的一种权限确定方法的流程示意图。Fig. 2 is a schematic flowchart of a method for determining authority according to an exemplary embodiment of the present disclosure.
图3是根据本公开一示例性实施例示出的另一种权限确定方法的流程示意图。Fig. 3 is a schematic flowchart of another method for determining authority according to an exemplary embodiment of the present disclosure.
图4是根据本公开一示例性实施例示出的另一种身份认证方法的流程示意图。FIG. 4 is a schematic flowchart of another identity authentication method according to an exemplary embodiment of the present disclosure.
图5是根据本公开一示例性实施例示出的又一种身份认证方法的流程示意图。FIG. 5 is a schematic flowchart of still another identity authentication method according to an exemplary embodiment of the present disclosure.
图6是根据本公开一示例性实施例示出的又一种权限确定方法的流程示意图。FIG. 6 is a schematic flowchart of still another method for determining authority according to an exemplary embodiment of the present disclosure.
图7是根据本公开一示例性实施例示出的一种用户确定方法的流程示意图。7 is a schematic flowchart of a user determination method according to an exemplary embodiment of the present disclosure.
图8是根据本公开一示例性实施例示出的一种身份认证装置的框图。Fig. 8 is a block diagram of an identity authentication device according to an exemplary embodiment of the present disclosure.
图9是根据本公开一示例性实施例示出的一种第一授权模块的框图。Fig. 9 is a block diagram of a first authorization module according to an exemplary embodiment of the present disclosure.
图10是根据本公开一示例性实施例示出的另一种身份认证装置的框图。Fig. 10 is a block diagram of another identity authentication device according to an exemplary embodiment of the present disclosure.
图11是根据本公开一示例性实施例示出的一种第二授权模块的框图。Fig. 11 is a block diagram of a second authorization module according to an exemplary embodiment of the present disclosure.
图12是根据本公开一示例性实施例示出的另一种第一授权模块的框图。Fig. 12 is a block diagram of another first authorization module according to an exemplary embodiment of the present disclosure.
图13是根据本公开一示例性实施例示出的一种用户确认模块的框图。Fig. 13 is a block diagram of a user confirmation module according to an exemplary embodiment of the present disclosure.
图14是根据一示例性实施例示出的一种电子设备的框图。Fig. 14 is a block diagram of an electronic device according to an exemplary embodiment.
具体实施方式detailed description
以下结合附图对本公开的具体实施方式进行详细说明。应当理解的是,此处所描述的具体实施方式仅用于说明和解释本公开,并不用于限制本公开。The specific embodiments of the present disclosure will be described in detail below with reference to the drawings. It should be understood that the specific embodiments described herein are only used to illustrate and explain the present disclosure, and are not intended to limit the present disclosure.
图1是根据本公开一示例性实施例示出的一种身份认证方法的流程示意图,该方法可以应用于电子设备,如图1所示,该方法可以包括如下步骤:FIG. 1 is a schematic flowchart of an identity authentication method according to an exemplary embodiment of the present disclosure. The method may be applied to an electronic device. As shown in FIG. 1, the method may include the following steps:
步骤101,获取待验证的目标对象的第一DNA数据。Step 101: Obtain first DNA data of a target object to be verified.
示例性的,上述的电子设备例如可以是机器人,该机器人上设置有能够检测DNA的装置,如DNA检测传感器。相比最初的需要通过血液分析进行比对验证,并需要等待较长时间的技术。当前的DNA检测传感器能够通过任何含有细胞的组织实现DNA数据的采集,例如头发、皮屑、汗水、唾液等均可作为样本进行DNA数据的识别和采集。对应的,该机器人还可以设置有清洁装置(该清洁装置与DNA检测传感器可以为一体化的装置,用于防止上一次检测的残留物质影响下一次检测的准确性,也可以是某种一次性装置)。Exemplarily, the aforementioned electronic device may be, for example, a robot, and the robot is provided with a device capable of detecting DNA, such as a DNA detection sensor. Compared with the original technology, blood analysis is needed for comparison and verification, and a longer waiting time is required. Current DNA detection sensors can collect DNA data through any tissue containing cells, such as hair, dander, sweat, saliva, etc. can be used as samples to identify and collect DNA data. Correspondingly, the robot may also be provided with a cleaning device (the cleaning device and the DNA detection sensor may be an integrated device, used to prevent the residual substances from the previous detection from affecting the accuracy of the next detection, or may be a one-time one Device).
当目标对象,例如某个人想要使用该机器人时,可以通过该DNA检测传感器对该目标对象的头发、皮屑、汗水或唾液中的任意一种物质进行检测,即可获取该目标对象的DNA数据。When a target object, such as a person wants to use the robot, the DNA detection sensor can detect any substance in the target object's hair, dander, sweat, or saliva to obtain the target object's DNA data.
步骤102,将第一DNA数据与数据库中的所有DNA数据进行对比,以获取数据库中的每个DNA数据与第一DNA数据与的相似度。Step 102: Compare the first DNA data with all the DNA data in the database to obtain the similarity between each DNA data in the database and the first DNA data.
示例的,在该数据库中可以记录有一个或多个DNA数据,该一个或多个DNA数据可以是之前使用过该电子设备的用户在首次认证时,由该电子设备获取并且存储至该数据库中的,当数据库中的DNA数据有多个时,说明曾经有多个不同的用户完成过认证。For example, one or more DNA data may be recorded in the database, and the one or more DNA data may be obtained by the electronic device and stored in the database when the user who has previously used the electronic device authenticates for the first time Yes, when there are multiple DNA data in the database, it means that there have been multiple different users who have completed the authentication.
因此,可以将当前采集到的第一DNA数据与数据库中的所有DNA数据进行对比,即可获得数据库中的每个DNA数据与第一DNA数据与的相似度。Therefore, the currently collected first DNA data can be compared with all the DNA data in the database to obtain the similarity between each DNA data in the database and the first DNA data.
步骤103,当数据库中的所有DNA数据中存在与第一DNA数据的相似度大于或等于第一阈值的第二DNA数据时,确定目标对象为第二DNA数据对应的第一用户。Step 103: When there is second DNA data whose similarity to the first DNA data is greater than or equal to the first threshold in all DNA data in the database, it is determined that the target object is the first user corresponding to the second DNA data.
其中,如果存在该第二DNA数据,与当前的目标对象的第一DNA数据的相似度达到该第一阈值,则可以说明该目标对象不是第一次进行认证,并且可以认为,当前的目标对象就是第二DNA数据对应的第一用户本人。因此,该第一阈值应当设置为一个较高的值,如该第一阈值应当为在遗传生物学上能够认为是同一个人的阈值,例如第一阈值设置为99.999%(该阈值还可以根据安全性需求进一步提高或降低),则如果存在与第一DNA数据相似度大于或等于99.999%的第二DNA数据时,可以认为当前正在认证的具备该第一DNA数据的目标对象,就是该第二DNA数据对应的第一用户本人。Wherein, if the second DNA data exists, the similarity with the first DNA data of the current target object reaches the first threshold, it may indicate that the target object is not the first authentication, and it can be considered that the current target object It is the first user corresponding to the second DNA data. Therefore, the first threshold should be set to a higher value, for example, the first threshold should be a threshold that can be regarded as the same person in genetic biology, for example, the first threshold is set to 99.999% (the threshold can also be based on safety Sexual needs further increase or decrease), if there is second DNA data with a similarity to the first DNA data greater than or equal to 99.999%, it can be considered that the target object with the first DNA data currently being authenticated is the second The first user corresponding to the DNA data.
步骤104,根据第一用户的用户等级为目标对象开放对应的使用权限。Step 104: According to the user level of the first user, open corresponding usage rights for the target object.
由于当存在上述的第二DNA数据时,该第一用户不是首次认证,因此可以根据在该第一用户首次认证时就已经确定的与用户等级相关的信息,来确定当前的目标对象的权限等级,从而为其开放对应的使用权限。Since the first user is not the first authentication when the above-mentioned second DNA data exists, the current authority level of the target object can be determined according to the information related to the user level that has been determined when the first user is authenticated for the first time To open corresponding usage rights for them.
在上述技术方案中,通过获取待验证的目标对象的第一DNA数据;将第一DNA数据与数据库中的所有DNA数据进行对比,以获取所有DNA数据中的每个DNA数据与第一DNA数据与的相似度;当所有DNA数据中存在与第一DNA数据的相似度大于或等于第一阈值的第二DNA数据时,确定目标对象为所述第二DNA数据对应的第一用户;根据第一用户的用户等级为目标对象开放对应的使用权限。通过上述技术方案,能够通过所采集到的目标对象的DNA数据实现身份认证,能够降低环境因素对认证过程的影响,并且由于DNA不以伪造的特性,能够提高认证过程的安全性。In the above technical solution, by acquiring the first DNA data of the target object to be verified; comparing the first DNA data with all the DNA data in the database to obtain each DNA data and the first DNA data of all the DNA data Similarity to; when all DNA data has second DNA data whose similarity to the first DNA data is greater than or equal to the first threshold, determine that the target object is the first user corresponding to the second DNA data; according to the A user's user level opens corresponding usage rights for the target object. Through the above technical solution, identity authentication can be realized through the collected DNA data of the target object, which can reduce the influence of environmental factors on the authentication process, and because the DNA is not forged, the security of the authentication process can be improved.
图2是根据本公开一示例性实施例示出的一种权限确定方法的流程示意图,如图2所示,在第一种实现方式中,步骤104所述的根据第一用户的用户等级为目标对象开放对应的使用权限的步骤,可以包括以下步骤:FIG. 2 is a schematic flowchart of a method for determining authority according to an exemplary embodiment of the present disclosure. As shown in FIG. 2, in the first implementation, step 104 is based on the user level of the first user. The steps for the object to open the corresponding use rights may include the following steps:
步骤1041,当第一用户为最高等级用户时,为目标对象开放最高权限等级。Step 1041: When the first user is the highest-level user, the highest authority level is opened for the target object.
步骤1042,当第一用户非最高等级用户时,根据第一DNA数据与所有DNA数据中属于最高等级用户的DNA数据的相似度,为目标对象开放对应的使用权限。In step 1042, when the first user is not the highest-ranking user, the corresponding usage right is opened for the target object according to the similarity between the first DNA data and the DNA data of the highest-ranking user among all DNA data.
其中,在电子设备的系统中,可以设置有多个权限等级,不同级别的用户具备不同的权限等级,并且权限等级越高,能够使用的该电子设备的功能就越多。例如,最高权限等级可以使用该电子设备的所有功能,最高权限等级之下,可以有多个权项更低的权限等级,可以使用该电子设备的部分功能,并且多个权限等级的权限高低逐级递减,权限等级越低,能够使用的功能就越少。Among them, in the system of the electronic device, multiple permission levels can be set, and users of different levels have different permission levels, and the higher the permission level, the more functions of the electronic device can be used. For example, the highest authority level can use all the functions of the electronic device. Below the highest authority level, there can be multiple authority levels with lower rights. Some functions of the electronic device can be used. As the level decreases, the lower the permission level, the fewer functions can be used.
由于数据库中可能已经存在了多个用户的数据,并且这多个不同的用户中可能会存在一个或者多个最高等级用户,具有最高权限等级,也就是我们通常所说的超级用户,或者超级管理员(下文称为超级用户),具有该最高权限等级的用户能够使用该电子设备的全部功能,比如Windows系统中的administrator,或者Linux系统中的root。Because the data of multiple users may already exist in the database, and there may be one or more users of the highest level among these different users, with the highest permission level, which is what we usually call super users, or super management Administrator (hereinafter referred to as the super user), the user with the highest permission level can use all the functions of the electronic device, such as the administrator in the Windows system or the root in the Linux system.
示例的,当第一用户为系统中的最高等级用户,即超级用户时,说明当前的目标对象就是超级用户,因此可以为该目标对象开放最高权限等级。当第一用户非最高等级用户时,也就是不是超级用户时,可以根据第一DNA数据与数据库中属于超级用户的DNA数据的相似度来确定,因为DNA数据的相似度,能够体现出血缘关系的远近,因此可以根据第一DNA数据与超级用户的DNA数据的相似度来确定当前的目标对象与超级用户的血缘关系,从而依据血缘关系的远近,来为该目标对象开放部分使用权限。Exemplarily, when the first user is the highest-level user in the system, that is, a super user, it means that the current target object is a super user, so the highest permission level can be opened for the target object. When the first user is not the highest user, that is, not a super user, it can be determined according to the similarity between the first DNA data and the DNA data belonging to the super user in the database, because the similarity of the DNA data can reflect the relationship of bleeding Therefore, the blood relationship between the current target object and the super user can be determined according to the similarity between the first DNA data and the DNA data of the super user, so that part of the access rights are opened for the target object according to the distance of the blood relationship.
进一步的,图3是根据本公开一示例性实施例示出的另一种权限确定方法的流程示意图,如图3所示,步骤1042所述的当第一用户非最高等级用户时,根据第一DNA数据与所有DNA数据中属于最高等级用户的DNA数据的相似度,为目标对象开放对应的使用权限的步骤可以,可以包括以下步骤:Further, FIG. 3 is a schematic flowchart of another method for determining authority according to an exemplary embodiment of the present disclosure. As shown in FIG. 3, when the first user is not the highest-level user according to step 1042, according to the first The similarity between the DNA data and the DNA data belonging to the highest-level user among all DNA data, the step of opening the corresponding use right for the target object is OK, and may include the following steps:
步骤10421,当第一用户非最高等级用户时,从数据库中的每个DNA数据与第一DNA数据与的相似度中,获取每个目标DNA数据与第一DNA数据的相似度,该目标DNA数据为数据库中对应于最高等级用户的DNA数据。Step 10421, when the first user is not the user with the highest rank, the similarity between each target DNA data and the first DNA data is acquired from the similarity between each DNA data in the database and the first DNA data, the target DNA The data is the DNA data in the database corresponding to the highest level user.
步骤10422,确定每个目标DNA数据与第一DNA数据的相似度中的最高相似度。Step 10422: Determine the highest similarity among the similarities between each target DNA data and the first DNA data.
步骤10423,确定最高相似度在多个相似度区间中所处的第一相似度区间所对应的第一权限等级。Step 10423: Determine the first permission level corresponding to the first similarity interval in which the highest similarity is among the multiple similarity intervals.
其中,上述多个相似度区间分别与预设的多个权限等级对应,该多个权限等级低于最高权限等级。其中上述多个相似度区间与该多个权限等级的对应关系可以通过以下方式设置:Wherein, the multiple similarity intervals correspond to preset multiple permission levels, and the multiple permission levels are lower than the highest permission level. The correspondence between the above multiple similarity intervals and the multiple permission levels can be set in the following manner:
首先,将第一阈值与第二阈值之间的取值范围进行划分,以得到多个连续的区间,作为上述的多个相似度区间。其中,该第二阈值可以是依据遗传生物学确定的不存在血缘关系或血缘关系很远的DNA数据相似度阈值,即如果两个DNA数据的相似度低于第二阈值,则这两个DNA数据所对应的两个人不存在血缘关系或者血缘关系很远。First, the value range between the first threshold and the second threshold is divided to obtain multiple consecutive intervals, which are used as the multiple similarity intervals. Wherein, the second threshold may be a DNA data similarity threshold determined according to genetic biology and having no blood relationship or a long blood relationship, that is, if the similarity of two DNA data is lower than the second threshold, the two DNAs The two persons corresponding to the data do not have a blood relationship or are far away.
其次,将该多个相似度区间分别与该多个权限等级进行对应,其中该多个权限等级的权限高低与该多个相似度区间的取值范围大小正相关。即可以理解为相似度区间的取值范围的值越高,该相似度区间所对应的权限等级也就越高。Secondly, the multiple similarity intervals are respectively corresponding to the multiple permission levels, wherein the permission levels of the multiple permission levels are positively related to the value range of the multiple similarity intervals. That is, it can be understood that the higher the value of the similarity interval value range, the higher the permission level corresponding to the similarity interval.
步骤10424,按照第一权限等级为目标对象开放对应的使用权限。Step 10424: Open the corresponding usage rights for the target object according to the first authority level.
示例的,当第一用户不是超级用户时,可以确定数据库的所有DNA数据中属于超级用户的DNA数据,并从数据库的每个DNA数据与第一DNA数据与的相似度(在步骤102中已确定)中,获取数据库中的每个超级用户的DNA数据与该第一DNA数据的相似度,并以此进一步获取第一DNA数据与超级用户的DNA数据的最高相似度。For example, when the first user is not a super user, the DNA data belonging to the super user in all DNA data of the database can be determined, and the similarity between each DNA data from the database and the first DNA data (in step 102 In the determination), the similarity between the DNA data of each super user in the database and the first DNA data is obtained, and thereby the maximum similarity between the first DNA data and the DNA data of the super user is further obtained.
举例来说,第一阈值可以为X1%,第二阈值可以为X4%,则可以再设置多个中间阈值X2%、X3%,其中X1%大于X2%,X2%大于X3%,X3%大于X4%。以将X1%至X4%之间的范围划分为多个相似度区间,如[X4%, X3%), [X3%, X2%), [X2%, X1%)。从而加上大于X1%的范围以及小于X4%的范围,实际上系统中可以划分为[0%, X4%), [X4%, X3%), [X3%, X2%), [X2%, X1%)以及[X1%, 100%]这五个相似度区间,分别对应五个权限等级,其中[X1%, 100%]对应最高权限等级,[X2%, X1%),[X3%, X2%),[X4%, X3%)和[0%, X4%)四个区间所对应的权限等级逐个递减。例如该最高相似度在[X1%, 100%],则可以使用该电子设备的全部功能,在[X2%, X1%)则可以使用该电子设备的大部分功能,在[X3%, X2%)则可以使用该电子设备的少部分功能,在[X4%, X3%)则可以使用该电子设备的最基础的功能,在[0%, X4%)则无使用权限。其中,上述的“全部功能”、“大部分功能”、“少部分功能”、“最基础的功能”可以理解为预先设置的与不同权限等级对应的能够使用范围,所对应的能够使用的功能数量逐个递减,并且“全部功能”、“大部分功能”、“少部分功能”、“最基础的功能”具体能够使用的功能数量,以及具体能够使用电子设备中的那种功能可以根据实际需求来设置,这里不做限制。For example, the first threshold may be X1%, and the second threshold may be X4%, then multiple intermediate thresholds X2% and X3% may be set, where X1% is greater than X2%, X2% is greater than X3%, and X3% is greater than X4%. To divide the range between X1% and X4% into multiple similarity intervals, such as [X4%, X3%), [X3%, X2%), [X2%, X1%). In addition, the range greater than X1% and the range less than X4% can be divided into [0%, X4%), [X4%, X3%), [X3%, X2%), [X2%, X1%) and [X1%, 100%] five similarity intervals, corresponding to five levels of authority, of which [X1%, 100%] corresponds to the highest authority level, [X2%, X1%), [X3%, X2%), [X4%, X3%) and [0%, X4%) the corresponding permission levels of the four intervals decrease one by one. For example, the highest similarity is [X1%, 100%], you can use all the functions of the electronic device, in [X2%, X1%) you can use most of the functions of the electronic device, in [X3%, X2%) you can use a small part of the electronic device Functions, in [X4%, X3%), you can use the most basic functions of the electronic device, in [0%, X4%), there is no permission to use. Among them, the above-mentioned "all functions", "most functions", "a few functions", "basic functions" can be understood as the preset usable range corresponding to different permission levels, and the corresponding usable functions The number decreases one by one, and the number of specific functions that can be used in "All functions", "Most functions", "Small functions", "Most basic functions", and the specific functions that can be used in electronic devices can be based on actual needs To set, there is no limit here.
可以理解的是,不同的相似度区间,实际对应的是血缘关系的远近。例如相似度在[X1%, 100%]的范围内,则可以认为是本人,相似度在[X2%, X1%)的范围内则可以认为是直系亲属,比如父母、子女,相似度在[X3%, X2%)的范围内则可以认为是兄弟、姐妹,相似度在[X4%, X3%)则可以认为是旁系血亲,比如姑、舅、叔、伯,或者表(堂)兄弟姐妹,而相似度在[0%, X4%)的范围内的,则可以认为是血缘关系过于远,或者无血缘关系。其中,上述的X1%、X2%、X3%和X4%可以依据遗传生物学理论来确定,并且区间的数量也可以根据实际需要来增加或减少,本公开中不做具体限定。It is understandable that different similarity intervals actually correspond to the distance of blood relationship. For example, if the similarity is in the range of [X1%, 100%], it can be considered as the person, and if the similarity is in the range of [X2%, X1%), it can be considered as an immediate relative, such as parents and children, and the similarity is in [ X3%, X2%) can be regarded as brothers and sisters, and the similarity of [X4%, X3%) can be regarded as side blood relatives, such as aunt, uncle, uncle, uncle, or cousin Sisters, and the similarity is in the range of [0%, X4%), it can be considered that the blood relationship is too far, or there is no blood relationship. Among them, the above X1%, X2%, X3% and X4% can be determined according to the genetic biology theory, and the number of intervals can also be increased or decreased according to actual needs, which is not specifically limited in the present disclosure.
因此,在获取到第一DNA数据与各个超级用户的DNA数据的最高相似度后,即可根据上述的相似度区间与权限的对应关系,确定当前的目标对象的权限等级。例如,如果第一DNA数据与各个超级用户的DNA数据的最高相似度位于[X2%, X1%),则该目标对象的权限等级为[X2%, X1%)对应的权限等级,由于DNA数据相似度在[X2%, X1%)说明目标对象与某个超级用户具有很近的血缘关系,则可以允许该目标对象使用该电子设备的大部分功能。通过上述方法,即使待认证的该目标对象没有在该电子设备上认证过,也能够通过血缘关系通过认证,从而可以做到一人认证,全家使用,因此在保证高安全性的情况下,还能大大简化认证过程,使电子设备的认证过程更简便、快捷。Therefore, after obtaining the highest similarity between the first DNA data and the DNA data of each super user, the current authority level of the target object can be determined according to the correspondence between the similarity interval and the authority. For example, if the highest similarity between the first DNA data and the DNA data of each super user is at [X2%, X1%), the permission level of the target object is the permission level corresponding to [X2%, X1%). The similarity at [X2%, X1%) indicates that the target object has a close blood relationship with a super user, and the target object can be allowed to use most functions of the electronic device. Through the above method, even if the target object to be authenticated has not been authenticated on the electronic device, it can be authenticated through the blood relationship, so that one person can be authenticated and used by the whole family, so under the condition of ensuring high security, The certification process is greatly simplified, making the certification process of electronic devices easier and faster.
图4是根据本公开一示例性实施例示出的另一种身份认证方法的流程示意图,如图4所示,在第一种实现方式中,步骤104所述的根据第一用户的用户等级为目标对象开放对应的使用权限的步骤,可以包括以下步骤:FIG. 4 is a schematic flowchart of another identity authentication method according to an exemplary embodiment of the present disclosure. As shown in FIG. 4, in the first implementation, the user level according to the first user in step 104 is The steps of opening the corresponding usage rights for the target object may include the following steps:
步骤1043,获取在该第一用户在首次认证时存储的与该第一用户对应的用户权限指示信息。Step 1043: Obtain the user authority indication information corresponding to the first user stored during the first authentication of the first user.
示例的,该第一用户的权限等级可能为最高权限等级也可能是低于最高权限等级的任意权限等级,其中,当第一用户为最高等级用户时,该第一用户的权限等级为最高权限等级;当该第一用户非最高等级用户时,该第一用户的权限等级是第一用户在首次认证时,根据第一DNA数据与数据库中的所有DNA数据中属于最高等级用户的DNA数据的相似度确定的。其中,首次认证时确定权限等级的方法可参照下文所述的步骤1046至步骤1047。Exemplarily, the permission level of the first user may be the highest permission level or any permission level lower than the highest permission level, where the permission level of the first user is the highest permission when the first user is the highest level user Level; when the first user is not the highest level user, the permission level of the first user is based on the DNA data of the highest level user among the first DNA data and all DNA data in the database when the first user authenticates for the first time Similarity is determined. Among them, for the method of determining the permission level during the first authentication, refer to steps 1046 to 1047 described below.
步骤1044,根据该第一用户对应的用户权限指示信息,获取该述第一用户的权限等级。Step 1044: Acquire the permission level of the first user according to the user permission instruction information corresponding to the first user.
步骤1045,按照该第一用户的权限等级为该目标对象开放对应的使用权限。Step 1045: According to the permission level of the first user, open corresponding usage permissions for the target object.
示例的,当第一用户的权限等级为最高权限等级时,则可以为目标对象开放该电子设备的全部功能的使用权限。如果该第一用户的权限等级不是最高权限等级,则对应的开放该电子设备的部分功能的使用权限。其中部分功能的功能多少可以参照步骤10424中所述的方法来确定。Exemplarily, when the permission level of the first user is the highest permission level, the use permission of all functions of the electronic device may be opened for the target object. If the permission level of the first user is not the highest permission level, the corresponding permission to use some functions of the electronic device is opened. The functions of some functions can be determined by referring to the method described in step 10424.
图5是根据本公开一示例性实施例示出的又一种身份认证方法的流程示意图,如图5所示,该方法还可以包括:FIG. 5 is a schematic flowchart of yet another identity authentication method according to an exemplary embodiment of the present disclosure. As shown in FIG. 5, the method may further include:
步骤1046,当数据库中的所有DNA数据中不存在第二DNA数据时,确定目标对象为首次认证。Step 1046, when the second DNA data does not exist in all DNA data in the database, it is determined that the target object is the first authentication.
不存在上述的第二DNA数据,也就是说不存在与该第一DNA数据的相似度达到该第一阈值的DNA数据,因此可以说明数据库中没有当前的目标对象本人的DNA数据,故可以确认该目标对象是首次认证。There is no second DNA data mentioned above, that is, there is no DNA data whose similarity to the first DNA data reaches the first threshold, so it can be explained that there is no current DNA data of the target object in the database, so it can be confirmed The target object is the first authentication.
步骤1047,根据第一DNA数据与所有DNA数据中属于最高等级用户的DNA数据的相似度,为目标对象开放对应的使用权限。Step 1047: According to the similarity between the first DNA data and the DNA data belonging to the user of the highest level among all the DNA data, the corresponding use right is opened for the target object.
进一步的,图6是根据本公开一示例性实施例示出的又一种权限确定方法的流程示意图,如图6所示,步骤1047所述的根据第一DNA数据与所有DNA数据中属于最高等级用户的DNA数据的相似度,为目标对象开放对应的使用权限的步骤,可以包括以下步骤:Further, FIG. 6 is a schematic flowchart of still another method for determining authority according to an exemplary embodiment of the present disclosure. As shown in FIG. 6, step 1047 according to the first DNA data and all DNA data belong to the highest level The similarity of the user's DNA data, the step of opening the corresponding usage rights for the target object, may include the following steps:
步骤10461,当确定目标对象具有最高等级用户的凭证时,确定目标对象为最高等级用户。Step 10461, when it is determined that the target object has the credential of the user of the highest level, it is determined that the target object is the user of the highest level.
步骤10462,将目标对象的权限等级确定为最高权限等级。Step 10462: Determine the permission level of the target object as the highest permission level.
示例性的,由于此时是该目标对象首次认证,因此,如果该目标对象可以被注册为最高等级用户,则该目标对象具有最高权限等级,如果该目标对象未能注册为最高等级用户,则需要依据上述步骤10461至10464的实现方法,来确定该目标对象所对应的第三权限等级。其中,是否可以被注册为最高等级用户,可以依据该目标对象在进行认证时,是否具有最高等级用户的凭证,该凭证例如可以包括:最高等级用户对应的用户名和密码,或者密钥/口令,或者接入用于认证最高等级用户的外接硬件(例如具有移动证书、数字证书或电子钥匙的外接硬件,比如Ukey),或者当前认证是经由其他最高等级用户邀请产生的验证码,或者在该电子设备上的重置按键(reset)被触发后,该目标对象作为首个认证的用户,等等。上述用于认证最高等级用户的凭证或方法仅为示例性的,包括但不限于。Exemplarily, since this is the first time that the target object is authenticated, if the target object can be registered as the highest-level user, the target object has the highest permission level, if the target object fails to register as the highest-level user, then The third authority level corresponding to the target object needs to be determined according to the implementation method of steps 10461 to 10464 above. Among them, whether it can be registered as the highest-level user can be based on whether the target object has the credential of the highest-level user at the time of authentication. The credential may include, for example, the username and password corresponding to the highest-level user, or the key/password, Or connect to external hardware used to authenticate the highest-level user (such as external hardware with a mobile certificate, digital certificate, or electronic key, such as Ukey), or the current authentication is a verification code generated by the invitation of another highest-level user, or in the electronic After the reset button on the device is triggered, the target object acts as the first authenticated user, and so on. The above-mentioned credential or method for authenticating the highest-level user is only exemplary, including but not limited to.
或者,执行步骤10463至10467:Or, perform steps 10463 to 10467:
步骤10463,当确定目标对象不具备所述凭证时,从数据库中的每个DNA数据与第一DNA数据与的相似度中,获取每个目标DNA数据与第一DNA数据的相似度,该目标DNA数据为数据库中对应于最高等级用户的DNA数据。Step 10463, when it is determined that the target object does not have the credential, the similarity between each target DNA data and the first DNA data is acquired from the similarity between each DNA data in the database and the first DNA data, the target The DNA data is the DNA data in the database corresponding to the user of the highest level.
步骤10464,确定每个目标DNA数据与第一DNA数据的相似度中的最高相似度。Step 10464: Determine the highest similarity among the similarities between each target DNA data and the first DNA data.
步骤10465,当该最高相似度小于第二阈值时,确定目标对象未通过认证。Step 10465, when the highest similarity is less than the second threshold, it is determined that the target object has not passed the authentication.
步骤10466,当最高相似度大于或等于第二阈值时,确定最高相似度在多个相似度区间中所处的第二相似度区间所对应的第二权限等级,作为目标对象的权限等级。Step 10466: When the highest similarity is greater than or equal to the second threshold, determine the second authority level corresponding to the second similarity interval in which the highest similarity is located among the multiple similarity intervals as the authority level of the target object.
其中,该上述多个相似度区间分别与预设的多个权限等级对应,该多个权限等级低于最高权限等级,与步骤10423中所示的多个相似度区间相同,这里的多个相似度区间是将该第一阈值与第二阈值之间的取值范围进行划分得到的多个连续的区间,这里的多个权限等级的权限高低与该多个相似度区间的取值范围大小正相关。Wherein, the multiple similarity intervals correspond to preset multiple permission levels, and the multiple permission levels are lower than the highest permission level, which are the same as the multiple similarity intervals shown in step 10423. The degree interval is a plurality of continuous intervals obtained by dividing the value range between the first threshold and the second threshold, and the authority levels of the multiple permission levels here are positively related to the value ranges of the multiple similarity intervals. Related.
步骤10467,按照目标对象的权限等级为目标对象开放对应的使用权限。Step 10467: According to the permission level of the target object, open the corresponding use permission for the target object.
其中,上述步骤10463至10466的实现方法与上述步骤10421至10424所示的方法相同,可参照步骤10421至10424。示例的,上述的多个相似度区间可以参展步骤10424中所示的[X4%, X3%), [X3%, X2%), [X2%, X1%)。由于该目标对象尚未认证过,因此数据库中不会存在与其相似度超过X1%的DNA数据,因此不存在[X1%, 100%]这个区间。因此,可以判断获取到的该最高相似度属于[0%, X4%), [X4%, X3%), [X3%, X2%), [X2%, X1%)以及[X1%, 100%]中的哪一个相似度区间,假设该最高相似度处于[X2%, X1%),则该第三权限等级为区间[X2%, X1%)所对应的权限等级。Among them, the implementation method of the above steps 10463 to 10466 is the same as the method shown in the above steps 10421 to 10424, and refer to the steps 10421 to 10424. For example, the above multiple similarity intervals can be exhibited in [X4%, X3%), [X3%, X2%), [X2%, shown in step 10424 X1%). Since the target object has not been authenticated, there will be no DNA data with a similarity exceeding X1% in the database, so there is no [X1%, 100%] interval. Therefore, it can be judged that the obtained highest similarity belongs to [0%, X4%), [X4%, X3%), [X3%, X2%), [X2%, X1%) and [X1%, 100%] which similarity interval, suppose the highest similarity is in [ X2%, X1%), the third authority level is the authority level corresponding to the interval [X2%, X1%).
因此,在获取到第一DNA数据与各个超级用户的DNA数据的最高相似度后,即可根据上述的相似度区间与权限的对应关系,确定当前的目标对象的权限等级。例如,如果第一DNA数据与各个超级用户的DNA数据的最高相似度位于[X2%, X1%),则该目标对象的第三权限等级为[X2%, X1%)对应的权限等级,根据步骤10424中的描述,由于DNA数据相似度在[X2%, X1%)说明目标对象与某个超级用户具有很近的血缘关系,则可以允许该目标对象使用该电子设备的大部分功能。而[X2%, X1%)对应的权限等级仅次于最高权限等级,因此按照第三权限等级为目标对象开放使用权限后,该目标对象即可使用该电子设备的大部分功能。而当该最高相似度小于第二阈值时,即处于区间[0%, X4%)时,说明目标对象与所有的超级用户的血缘关系都很远或没有血缘关系,此时可以判定目标对象未通过认证,拒绝其使用该电子设备。Therefore, after obtaining the highest similarity between the first DNA data and the DNA data of each super user, the current authority level of the target object can be determined according to the correspondence between the similarity interval and the authority. For example, if the highest similarity between the first DNA data and the DNA data of each super user is at [X2%, X1%), the third authority level of the target object is the authority level corresponding to [X2%, X1%), according to The description in step 10424, since the similarity of DNA data at [X2%, X1%) indicates that the target object has a close blood relationship with a super user, it can allow the target object to use most functions of the electronic device. The permission level corresponding to [X2%, X1%) is second only to the highest permission level. Therefore, after the use permission is opened for the target object according to the third permission level, the target object can use most functions of the electronic device. When the highest similarity is less than the second threshold, that is, in the interval [0%, X4%), it means that the target object is far away from all super users or there is no blood relationship. At this time, it can be determined that the target object is not Pass the authentication and refuse to use the electronic device.
其中,步骤10467所述的按照目标对象的权限等级为目标对象开放对应的使用权限的步骤可以包括:Wherein, the step of opening corresponding usage rights for the target object according to the permission level of the target object in step 10467 may include:
步骤1a,将目标对象注册为第二用户。Step 1a, register the target object as the second user.
步骤2a,将第二用户与所述第一DNA数据、用户指示信息以及最高相似度之间的对应关系存储至数据库中,该用户等级指示信息用于指示该第二用户是否为最高等级用户。针对每个首次认证的目标对象,均可以按照上述的步骤1a-步骤3a进行注册和存储,从而基于该用户等级指示信息,当同一用户再次进行认证时,即可根据数据库中存储的该用户的上述信息,识别出该用户是否为最高等级用户。例如当再次执行步骤1042或1046时,即可根据数据库中记录的每个用户的DNA数据与用户指示信息的上述对应关系,确认出数据库中的哪些DNA数据是属于最高等级用户的。Step 2a: Store the correspondence between the second user and the first DNA data, user indication information, and highest similarity in the database. The user level indication information is used to indicate whether the second user is the highest level user. For each target object for the first authentication, registration and storage can be performed according to the above steps 1a to 3a, so that based on the user level indication information, when the same user is authenticated again, the user’s The above information identifies whether the user is the highest level user. For example, when step 1042 or 1046 is executed again, it can be confirmed which DNA data in the database belongs to the user of the highest level according to the above-mentioned corresponding relationship between the DNA data of each user recorded in the database and the user instruction information.
步骤3a,按照该目标对象的权限等级为目标对象开放对应的使用权限。Step 3a: According to the permission level of the target object, open the corresponding use permission for the target object.
其中,步骤1a-2a和步骤3a之间没有固定的执行顺序,可以先执行其中一者,也可以同时执行。Among them, there is no fixed execution order between steps 1a-2a and step 3a, and one of them may be executed first, or they may be executed simultaneously.
或者,在另一种实现方式中,步骤10467所述的按照目标对象的权限等级为目标对象开放对应的使用权限的步骤可以包括:Or, in another implementation manner, the step of opening corresponding usage rights for the target object according to the permission level of the target object in step 10467 may include:
步骤1b,将目标对象注册为第二用户。Step 1b, register the target object as the second user.
步骤2b,将第二用户与第一DNA数据、用户权限指示信息之间的对应关系存储至数据库中,该用户权限指示信息用于指示该第二用户具有的权限等级。Step 2b: Store the correspondence between the second user and the first DNA data and user permission indication information in the database, where the user permission indication information is used to indicate the permission level the second user has.
步骤3b,按照目标对象的权限等级为目标对象开放对应的使用权限。Step 3b: According to the permission level of the target object, open the corresponding use permission for the target object.
其中,步骤1b-2b和步骤3b之间没有固定的执行顺序,可以先执行其中一者,也可以同时执行。针对每个首次认证的目标对象,均可以按照上述的步骤1b-步骤3b进行注册和存储,从而当同一用户再次进行认证时,即可根据数据库中存储的该用户的上述信息,直接获取该用户是否为最高等级用户,以及该用户的权限等级。例如当再次执行步骤1043-1044时,即可根据数据库中记录的每个用户的DNA数据、用户权限指示信息之间的对应关系确认用户的权限等级。可选的,对于上述步骤1a-3a,1b-3b,还可以在认证时,或者后续使用过程中丰富DNA数据对应的其他信息,例如用户姓名,性别等等。Among them, there is no fixed execution order between steps 1b-2b and step 3b, and one of them may be executed first, or they may be executed simultaneously. For each target object for the first authentication, registration and storage can be performed according to the above steps 1b to 3b, so that when the same user performs authentication again, the user can be directly obtained based on the above information of the user stored in the database Whether it is the highest level user, and the user's authority level. For example, when steps 1043-1044 are executed again, the user's authority level can be confirmed according to the correspondence between each user's DNA data and user authority instruction information recorded in the database. Optionally, for the above steps 1a-3a, 1b-3b, other information corresponding to the DNA data, such as user name, gender, etc., may also be enriched during authentication or during subsequent use.
另外,为了进一步地提高认证过程的安全性,可以考虑在进行认证时将DNA数据与其他生物特征信息进行联合验证,例如,图7是根据本公开一示例性实施例示出的一种用户确定方法的流程示意图,如图7所示,步骤103所述的当所有DNA数据中存在与第一DNA数据的相似度大于或等于第一阈值的第二DNA数据时,确定目标对象为第二DNA数据对应的第一用户的步骤,可以包括以下步骤:In addition, in order to further improve the security of the authentication process, it may be considered to jointly verify the DNA data and other biometric information during authentication. For example, FIG. 7 is a user determination method according to an exemplary embodiment of the present disclosure. The schematic diagram of the process, as shown in FIG. 7, when there is second DNA data with similarity to the first DNA data greater than or equal to the first threshold in all DNA data described in step 103, determine that the target object is the second DNA data The corresponding steps of the first user may include the following steps:
步骤1031,获取目标对象的第一生物特征。其中,第一生物特征可以包括:指纹、面部特征、虹膜、声纹等生物特征中的至少一者。Step 1031: Acquire the first biological characteristic of the target object. Wherein, the first biometrics may include: at least one of biometrics such as fingerprints, facial features, irises, voiceprints and the like.
步骤1032,当所有DNA数据中存在与第一DNA数据的相似度大于或等于第一阈值的第二DNA数据时,确定第二DNA数据所对应的第一用户。Step 1032, when there is second DNA data whose similarity to the first DNA data is greater than or equal to the first threshold value in all DNA data, determine the first user corresponding to the second DNA data.
步骤1033,获取数据库中存储的第一用户的第二生物特征。Step 1033: Obtain the second biometrics of the first user stored in the database.
步骤1034,当第一生物特征与第二生物特征匹配时,确定目标对象为所述第一用户。Step 1034, when the first biometric and the second biometric match, it is determined that the target object is the first user.
即通过上述方法,当目标对象与已存在的任一用户的DNA数据与生物特征均匹配时,才能够被认定为是这个用户本人,从而能够进一步提高认证过程的安全性。That is, through the above method, when the target object matches any existing user's DNA data and biological characteristics, it can be identified as the user himself, thereby further improving the security of the authentication process.
在上述技术方案中,通过获取待验证的目标对象的第一DNA数据;将第一DNA数据与数据库中的所有DNA数据进行对比,以获取所有DNA数据中的每个DNA数据与第一DNA数据与的相似度;当所有DNA数据中存在与第一DNA数据的相似度大于或等于第一阈值的第二DNA数据时,确定目标对象为所述第二DNA数据对应的第一用户;根据第一用户的用户等级为目标对象开放对应的使用权限。通过上述技术方案,能够通过所采集到的目标对象的DNA数据实现身份认证,能够降低环境因素对认证过程的影响,并且由于DNA不以伪造的特性,能够提高认证过程的安全性。In the above technical solution, by acquiring the first DNA data of the target object to be verified; comparing the first DNA data with all the DNA data in the database to obtain each DNA data and the first DNA data of all the DNA data Similarity to; when all DNA data has second DNA data whose similarity to the first DNA data is greater than or equal to the first threshold, determine that the target object is the first user corresponding to the second DNA data; according to the A user's user level opens corresponding usage rights for the target object. Through the above technical solution, identity authentication can be realized through the collected DNA data of the target object, which can reduce the influence of environmental factors on the authentication process, and because the DNA is not forged, the security of the authentication process can be improved.
图8是根据本公开一示例性实施例示出的一种身份认证装置的框图,如图8所示,该装置800可以包括:FIG. 8 is a block diagram of an identity authentication device according to an exemplary embodiment of the present disclosure. As shown in FIG. 8, the device 800 may include:
采集模块801,用于获取待验证的目标对象的第一DNA数据;The collection module 801 is used to obtain the first DNA data of the target object to be verified;
对比模块802,用于将第一DNA数据与数据库中的所有DNA数据进行对比,以获取数据库中的每个DNA数据与第一DNA数据与的相似度;The comparison module 802 is used to compare the first DNA data with all the DNA data in the database to obtain the similarity between each DNA data in the database and the first DNA data;
用户确认模块803,用于当数据库中的所有DNA数据中存在与第一DNA数据的相似度大于或等于第一阈值的第二DNA数据时,确定目标对象为第二DNA数据对应的第一用户;The user confirmation module 803 is used to determine that the target object is the first user corresponding to the second DNA data when there is second DNA data with similarity to the first DNA data greater than or equal to the first threshold in all DNA data in the database ;
第一授权模块804,用于根据第一用户的用户等级为目标对象开放对应的使用权限。The first authorization module 804 is configured to open corresponding usage rights for the target object according to the user level of the first user.
可选的,该第一授权模块804,可以用于:Optionally, the first authorization module 804 may be used for:
当第一用户为最高等级用户时,按照最高权限等级为目标对象开放对应的使用权限;When the first user is the user with the highest level, the corresponding user authority is opened for the target object according to the highest authority level;
当第一用户非所述最高等级用户时,根据第一DNA数据与数据库中的所有DNA数据中属于最高等级用户的DNA数据的相似度,为目标对象开放对应的使用权限。When the first user is not the highest-ranking user, the corresponding usage rights are opened for the target object according to the similarity between the first DNA data and the DNA data of the highest-ranking user among all DNA data in the database.
可选的,图9是根据本公开一示例性实施例示出的一种第一授权模块的框图,如图9所示,该第一授权模块804,可以包括:Optionally, FIG. 9 is a block diagram of a first authorization module according to an exemplary embodiment of the present disclosure. As shown in FIG. 9, the first authorization module 804 may include:
第一相似度识别子模块8041,用于当第一用户非最高等级用户时,从数据库中的每个DNA数据与第一DNA数据与的相似度中,获取每个目标DNA数据与第一DNA数据的相似度,该目标DNA数据为数据库中对应于最高等级用户的DNA数据;The first similarity recognition sub-module 8041 is used to obtain each target DNA data and the first DNA from the similarity between each DNA data in the database and the first DNA data when the first user is not the highest level user The similarity of the data, the target DNA data is the DNA data corresponding to the highest level user in the database;
第一相似度确定子模块8042,用于确定每个目标DNA数据与第一DNA数据的相似度中的最高相似度;The first similarity determination submodule 8042 is used to determine the highest similarity of the similarity between each target DNA data and the first DNA data;
第一权限确认子模块8043,用于确定最高相似度在多个相似度区间中所处的第一相似度区间所对应的第一权限等级,该多个相似度区间分别与预设的多个权限等级对应,该多个权限等级低于最高权限等级;The first permission confirmation sub-module 8043 is used to determine the first permission level corresponding to the first similarity interval in which the highest similarity is located in multiple similarity intervals, and the multiple similarity intervals are respectively different from the preset multiple Corresponding to the authority level, the multiple authority levels are lower than the highest authority level;
第一授权子模块8044,用于按照第一权限等级为目标对象开放对应的使用权限。The first authorization submodule 8044 is configured to open corresponding usage rights for the target object according to the first authority level.
可选的,图10是根据本公开一示例性实施例示出的另一种身份认证装置的框图,如图10所示,该装置800可以还包括:Optionally, FIG. 10 is a block diagram of another identity authentication device according to an exemplary embodiment of the present disclosure. As shown in FIG. 10, the device 800 may further include:
确定模块805,用于当数据库中的所有DNA数据中不存在上述第二DNA数据时,确定目标对象为首次认证;The determining module 805 is configured to determine that the target object is the first authentication when the second DNA data does not exist in all DNA data in the database;
第二授权模块806,用于根据第一DNA数据与数据库中的所有DNA数据中属于最高等级用户的DNA数据的相似度,为该目标对象开放对应的使用权限。The second authorization module 806 is configured to open corresponding usage rights for the target object according to the similarity between the first DNA data and the DNA data of the highest-level user among all the DNA data in the database.
可选的,图11是根据本公开一示例性实施例示出的一种第二授权模块的框图,如图11所示,该第二授权模块806,可以包括:Optionally, FIG. 11 is a block diagram of a second authorization module according to an exemplary embodiment of the present disclosure. As shown in FIG. 11, the second authorization module 806 may include:
身份验证子模块8061,用于当确定目标对象具有最高等级用户的凭证时,确定目标对象为最高等级用户;The identity verification sub-module 8061 is used to determine that the target object is the highest level user when it is determined that the target object has the credentials of the highest level user;
第二权限确认子模块8062,用于将目标对象的权限等级确定为最高权限等级;The second permission confirmation submodule 8062 is used to determine the permission level of the target object as the highest permission level;
第二相似度识别子模块8063,用于当确定目标对象不具备上述凭证时,从该数据库中的每个DNA数据与第一DNA数据与的相似度中,获取每个目标DNA数据与第一DNA数据的相似度,该目标DNA数据为数据库中对应于最高等级用户的DNA数据;The second similarity recognition sub-module 8063 is configured to acquire each target DNA data and the first from the similarity between each DNA data in the database and the first DNA data when it is determined that the target object does not have the above-mentioned credentials Similarity of DNA data, the target DNA data is the DNA data corresponding to the highest level user in the database;
第二相似度确定子模块8064,用于确定每个目标DNA数据与第一DNA数据的相似度中的最高相似度;The second similarity determination submodule 8064 is used to determine the highest similarity among the similarities between each target DNA data and the first DNA data;
第二授权子模块8065,用于当最高相似度小于第二阈值时,确定目标对象未通过认证。The second authorization submodule 8065 is configured to determine that the target object has not passed the authentication when the highest similarity is less than the second threshold.
第二权限确认子模块8062,用于当最高相似度大于或等于第二阈值时,确定最高相似度在多个相似度区间中所处的第二相似度区间所对应的第二权限等级,作为该目标对象的权限等级,上述的多个相似度区间分别与预设的多个权限等级对应,该述多个权限等级低于最高权限等级;The second permission confirmation sub-module 8062 is used to determine the second permission level corresponding to the second similarity interval where the highest similarity is in a plurality of similarity intervals when the highest similarity is greater than or equal to the second threshold, as For the permission level of the target object, the above-mentioned multiple similarity intervals respectively correspond to preset multiple permission levels, and the multiple permission levels are lower than the highest permission level;
第二授权子模块8065,还用于按照该目标对象的权限等级为目标对象开放对应的使用权限。The second authorization sub-module 8065 is also used to open corresponding usage rights for the target object according to the permission level of the target object.
可选的,该装置800还包括:区间划分模块807,用于将上述第一阈值与上述第二阈值之间的取值范围进行划分,以得到多个连续的区间,作为上述的多个相似度区间;Optionally, the device 800 further includes: an interval dividing module 807, configured to divide the value range between the first threshold and the second threshold to obtain multiple consecutive intervals as the multiple similarities Degree interval
关联模块808,用于将该多个相似度区间分别与该多个权限等级进行对应,该多个权限等级的权限高低与该多个相似度区间的取值范围大小正相关。The correlation module 808 is configured to correspond the multiple similarity intervals to the multiple permission levels, and the permission levels of the multiple permission levels are positively related to the value range of the multiple similarity intervals.
可选的,该第二授权子模块8065,用于:将目标对象注册为第二用户;Optionally, the second authorization submodule 8065 is used to: register the target object as a second user;
将第二用户与第一DNA数据、用户指示信息以及最高相似度之间的对应关系存储至数据库中,用户等级指示信息用于指示该第二用户是否为最高等级用户;Store the correspondence between the second user and the first DNA data, user indication information, and the highest similarity in the database, and the user level indication information is used to indicate whether the second user is the highest level user;
按照目标对象的权限等级为目标对象开放对应的使用权限。According to the permission level of the target object, the corresponding use permission is opened for the target object.
或者,第二授权子模块8065,用于:将目标对象注册为第二用户;Or, the second authorization submodule 8065 is used to: register the target object as the second user;
将第二用户与第一DNA数据、用户权限指示信息之间的对应关系存储至数据库中,该用户权限指示信息用于指示该第二用户具有的权限等级;Store the correspondence between the second user, the first DNA data, and the user permission indication information in the database, where the user permission indication information is used to indicate the permission level that the second user has;
按照该目标对象的权限等级为该目标对象开放对应的使用权限。According to the permission level of the target object, the corresponding use permission is opened for the target object.
可选的,图12是根据本公开一示例性实施例示出的一种第一授权模块的框图,如图12所示,在另一种实现方式中,该第一授权模块804,可以包括:Optionally, FIG. 12 is a block diagram of a first authorization module according to an exemplary embodiment of the present disclosure. As shown in FIG. 12, in another implementation manner, the first authorization module 804 may include:
信息获取子模块8045,用于获取在第一用户在首次认证时存储的与第一用户对应的用户权限指示信息;The information obtaining sub-module 8045 is used to obtain the user authority indication information corresponding to the first user stored during the first authentication of the first user;
权限获取子模块8046,用于根据该第一用户对应的用户权限指示信息,获取第一用户的权限等级;The rights acquisition submodule 8046 is configured to obtain the rights level of the first user according to the user rights indication information corresponding to the first user;
第三授权子模块8047,用于按照该第一用户的权限等级为该目标对象开放对应的使用权限。The third authorization submodule 8047 is configured to open corresponding usage rights for the target object according to the authority level of the first user.
可选的,图13是根据本公开一示例性实施例示出的一种用户确认模块的框图,如图13所示,该用户确认模块803,可以包括:Optionally, FIG. 13 is a block diagram of a user confirmation module according to an exemplary embodiment of the present disclosure. As shown in FIG. 13, the user confirmation module 803 may include:
生物特征获取子模块8031,用于获取目标对象的第一生物特征;The biometrics obtaining sub-module 8031 is used to obtain the first biometrics of the target object;
用户确定子模块8032,用于当所有DNA数据中存在与第一DNA数据的相似度大于或等于第一阈值的第二DNA数据时,确定第二DNA数据所对应的第一用户;The user determination submodule 8032 is configured to determine the first user corresponding to the second DNA data when there is second DNA data with similarity to the first DNA data greater than or equal to the first threshold in all DNA data;
读取子模块8033,用于获取数据库中存储的第一用户的第二生物特征;A reading sub-module 8033, which is used to obtain the second biometrics of the first user stored in the database;
用户确认子模块8034,当第一生物特征与第二生物特征匹配时,确定目标对象为所述第一用户。The user confirmation sub-module 8034 determines that the target object is the first user when the first biometric and the second biometric match.
在上述技术方案中,通过获取待验证的目标对象的第一DNA数据;将第一DNA数据与数据库中的所有DNA数据进行对比,以获取所有DNA数据中的每个DNA数据与第一DNA数据与的相似度;当所有DNA数据中存在与第一DNA数据的相似度大于或等于第一阈值的第二DNA数据时,确定目标对象为所述第二DNA数据对应的第一用户;根据第一用户的用户等级为目标对象开放对应的使用权限。通过上述技术方案,能够通过所采集到的目标对象的DNA数据实现身份认证,能够降低环境因素对认证过程的影响,并且由于DNA不以伪造的特性,能够提高认证过程的安全性。In the above technical solution, by acquiring the first DNA data of the target object to be verified; comparing the first DNA data with all the DNA data in the database to obtain each DNA data and the first DNA data of all the DNA data Similarity to; when all DNA data has second DNA data whose similarity to the first DNA data is greater than or equal to the first threshold, determine that the target object is the first user corresponding to the second DNA data; according to the A user's user level opens corresponding usage rights for the target object. Through the above technical solution, identity authentication can be realized through the collected DNA data of the target object, which can reduce the influence of environmental factors on the authentication process, and because the DNA is not forged, the security of the authentication process can be improved.
关于上述实施例中的装置,其中各个模块执行操作的具体方式已经在有关该方法的实施例中进行了详细描述,此处将不做详细阐述说明。Regarding the device in the above embodiment, the specific manner in which each module performs operations has been described in detail in the embodiment related to the method, and will not be elaborated here.
图14是根据一示例性实施例示出的一种电子设备的框图。如图14所示,该电子设备1400可以包括:处理器1401,存储器1402。该电子设备1400还可以包括多媒体组件1403,输入/输出(I/O)接口1404,以及通信组件1405中的一者或多者。该电子设备可以是机器人,例如家庭机器人。Fig. 14 is a block diagram of an electronic device according to an exemplary embodiment. As shown in FIG. 14, the electronic device 1400 may include a processor 1401 and a memory 1402. The electronic device 1400 may also include one or more of a multimedia component 1403, an input/output (I/O) interface 1404, and a communication component 1405. The electronic device may be a robot, such as a home robot.
其中,处理器1401用于控制该电子设备1400的整体操作,以完成上述的身份认证方法中的全部或部分步骤。存储器1402用于存储各种类型的数据以支持在该电子设备1400的操作,这些数据例如可以包括用于在该电子设备1400上操作的任何应用程序或方法的指令,以及应用程序相关的数据,例如联系人数据、收发的消息、图片、音频、视频等等。该存储器1402可以由任何类型的易失性或非易失性存储设备或者它们的组合实现,例如静态随机存取存储器(Static Random Access Memory,简称SRAM),电可擦除可编程只读存储器(Electrically Erasable Programmable Read-Only Memory,简称EEPROM),可擦除可编程只读存储器(Erasable Programmable Read-Only Memory,简称EPROM),可编程只读存储器(Programmable Read-Only Memory,简称PROM),只读存储器(Read-Only Memory,简称ROM),磁存储器,快闪存储器,磁盘或光盘。多媒体组件1403可以包括屏幕和音频组件。其中屏幕例如可以是触摸屏,音频组件用于输出和/或输入音频信号。例如,音频组件可以包括一个麦克风,麦克风用于接收外部音频信号。所接收的音频信号可以被进一步存储在存储器1402或通过通信组件1405发送。音频组件还包括至少一个扬声器,用于输出音频信号。I/O接口1404为处理器1401和其他接口模块之间提供接口,上述其他接口模块可以是键盘,鼠标,按钮等。这些按钮可以是虚拟按钮或者实体按钮。通信组件1405用于该电子设备1400与其他设备之间进行有线或无线通信。无线通信,例如Wi-Fi,蓝牙,近场通信(Near Field Communication,简称NFC),2G、3G或4G,或它们中的一种或几种的组合,因此相应的该通信组件1405可以包括:Wi-Fi模块,蓝牙模块,NFC模块。The processor 1401 is used to control the overall operation of the electronic device 1400 to complete all or part of the steps in the above-mentioned identity authentication method. The memory 1402 is used to store various types of data to support operation on the electronic device 1400, and the data may include, for example, instructions for any application programs or methods operating on the electronic device 1400, and application-related data, For example, contact data, messages sent and received, pictures, audio, video, etc. The memory 1402 may be implemented by any type of volatile or non-volatile storage device or a combination thereof, such as static random access memory (Static Random Access Memory, SRAM for short), electrically erasable programmable read-only memory ( Electrically Erasable Programmable Read-Only Memory (EEPROM for short), erasable programmable read-only memory (Erasable Programmable Read-Only Memory (EPROM), Programmable Read-Only Memory (PROM), Read-Only Memory (ROM), magnetic memory, flash memory, magnetic disk or optical disk. The multimedia component 1403 may include a screen and an audio component. The screen may be, for example, a touch screen, and the audio component is used to output and/or input audio signals. For example, the audio component may include a microphone for receiving external audio signals. The received audio signal may be further stored in the memory 1402 or transmitted through the communication component 1405. The audio component also includes at least one speaker for outputting audio signals. The I/O interface 1404 provides an interface between the processor 1401 and other interface modules. The other interface modules may be a keyboard, a mouse, a button, and so on. These buttons can be virtual buttons or physical buttons. The communication component 1405 is used for wired or wireless communication between the electronic device 1400 and other devices. Wireless communication, such as Wi-Fi, Bluetooth, Near Field Communication (NFC), 2G, 3G, or 4G, or a combination of one or more of them, so the corresponding communication component 1405 may include: Wi-Fi module, Bluetooth module, NFC module.
在一示例性实施例中,电子设备1400可以被一个或多个应用专用集成电路(Application Specific Integrated Circuit,简称ASIC)、数字信号处理器(Digital Signal Processor,简称DSP)、数字信号处理设备(Digital Signal Processing Device,简称DSPD)、可编程逻辑器件(Programmable Logic Device,简称PLD)、现场可编程门阵列(Field Programmable Gate Array,简称FPGA)、控制器、微控制器、微处理器或其他电子元件实现,用于执行上述的身份认证方法。In an exemplary embodiment, the electronic device 1400 may be used by one or more application specific integrated circuits (Application Specific Integrated Circuit (ASIC), Digital Signal Processor (DSP), Digital Signal Processing Device (DSPD), Programmable Logic Device (PLD), on-site Programmable gate array (Field Programmable Gate Array, FPGA for short), controller, microcontroller, microprocessor or other electronic components are used to implement the above-mentioned identity authentication method.
在另一示例性实施例中,还提供了一种包括程序指令的计算机可读存储介质,该程序指令被处理器执行时实现上述的身份认证方法的步骤。例如,该计算机可读存储介质可以为上述包括程序指令的存储器1402,上述程序指令可由电子设备1400的处理器1401执行以完成上述的身份认证方法。In another exemplary embodiment, a computer-readable storage medium including program instructions is also provided. When the program instructions are executed by a processor, the steps of the foregoing identity authentication method are implemented. For example, the computer-readable storage medium may be the above-mentioned memory 1402 including program instructions, which may be executed by the processor 1401 of the electronic device 1400 to complete the above-mentioned identity authentication method.
以上结合附图详细描述了本公开的优选实施方式,但是,本公开并不限于上述实施方式中的具体细节,在本公开的技术构思范围内,可以对本公开的技术方案进行多种简单变型,这些简单变型均属于本公开的保护范围。The preferred embodiments of the present disclosure have been described in detail above with reference to the accompanying drawings. However, the present disclosure is not limited to the specific details in the above embodiments. Within the scope of the technical concept of the present disclosure, various simple modifications can be made to the technical solutions of the present disclosure. These simple modifications all fall within the protection scope of the present disclosure.
另外需要说明的是,在上述具体实施方式中所描述的各个具体技术特征,在不矛盾的情况下,可以通过任何合适的方式进行组合,为了避免不必要的重复,本公开对各种可能的组合方式不再另行说明。In addition, it should be noted that the specific technical features described in the above specific embodiments can be combined in any suitable manner without contradictions. In order to avoid unnecessary repetition, the present disclosure The combination method will not be explained separately.
此外,本公开的各种不同的实施方式之间也可以进行任意组合,只要其不违背本公开的思想,其同样应当视为本公开所公开的内容。In addition, various combinations of various embodiments of the present disclosure can also be arbitrarily combined, as long as it does not violate the idea of the present disclosure, it should also be regarded as what is disclosed in the present disclosure.

Claims (22)

  1. 一种身份认证方法,其特征在于,所述方法包括:An identity authentication method, characterized in that the method includes:
    获取待验证的目标对象的第一DNA数据;Obtain the first DNA data of the target object to be verified;
    将所述第一DNA数据与数据库中的所有DNA数据进行对比,以获取所述数据库中的每个DNA数据与所述第一DNA数据与的相似度;Comparing the first DNA data with all DNA data in the database to obtain the similarity between each DNA data in the database and the first DNA data;
    当所述数据库中的所有DNA数据中存在与所述第一DNA数据的相似度大于或等于第一阈值的第二DNA数据时,确定所述目标对象为所述第二DNA数据对应的第一用户;When there is second DNA data whose similarity to the first DNA data is greater than or equal to a first threshold in all DNA data in the database, it is determined that the target object is the first corresponding to the second DNA data user;
    根据所述第一用户的用户等级为所述目标对象开放对应的使用权限。According to the user level of the first user, corresponding usage rights are opened for the target object.
  2. 根据权利要求1所述的方法,其特征在于,所述根据所述第一用户的用户等级为所述目标对象开放对应的使用权限,包括:The method according to claim 1, wherein the opening of corresponding usage rights for the target object according to the user level of the first user includes:
    当所述第一用户为最高等级用户时,按照最高权限等级为所述目标对象开放对应的使用权限;When the first user is the user with the highest level, the corresponding use authority is opened for the target object according to the highest authority level;
    当所述第一用户非所述最高等级用户时,根据所述第一DNA数据与所述数据库中的所有DNA数据中属于最高等级用户的DNA数据的相似度,为所述目标对象开放对应的使用权限。When the first user is not the highest-ranking user, according to the similarity between the first DNA data and the DNA data belonging to the highest-ranking user among all DNA data in the database, the corresponding object is opened for the target object Use permissions.
  3. 根据权利要求2所述的方法,其特征在于,当所述第一用户非所述最高等级用户时,根据所述第一DNA数据与所述数据库中的所有DNA数据中属于最高等级用户的DNA数据的相似度,为所述目标对象开放对应的使用权限,包括:The method according to claim 2, wherein when the first user is not the highest-ranking user, the DNA belonging to the highest-ranking user among the first DNA data and all DNA data in the database The similarity of the data to open corresponding usage rights for the target object includes:
    当所述第一用户非所述最高等级用户时,从所述数据库中的每个DNA数据与所述第一DNA数据与的相似度中,获取每个目标DNA数据与所述第一DNA数据的相似度,所述目标DNA数据为所述数据库中对应于最高等级用户的DNA数据;When the first user is not the highest-ranking user, each target DNA data and the first DNA data are obtained from the similarity between each DNA data in the database and the first DNA data Similarity, the target DNA data is the DNA data corresponding to the highest level user in the database;
    确定所述每个目标DNA数据与所述第一DNA数据的相似度中的最高相似度;Determining the highest similarity among the similarities between each target DNA data and the first DNA data;
    确定所述最高相似度在多个相似度区间中所处的第一相似度区间所对应的第一权限等级,所述多个相似度区间分别与预设的多个权限等级对应,所述多个权限等级低于所述最高权限等级;Determining the first permission level corresponding to the first similarity interval in which the highest similarity is located in multiple similarity intervals, the multiple similarity intervals corresponding to preset multiple permission levels, respectively, The permission level is lower than the highest permission level;
    按照所述第一权限等级为所述目标对象开放对应的使用权限。According to the first permission level, corresponding use permissions are opened for the target object.
  4. 根据权利要求1所述的方法,其特征在于,所述方法还包括:The method according to claim 1, wherein the method further comprises:
    当所述数据库中的所有DNA数据中不存在所述第二DNA数据时,确定所述目标对象为首次认证;When the second DNA data does not exist in all DNA data in the database, it is determined that the target object is the first authentication;
    根据所述第一DNA数据与所述数据库中的所有DNA数据中属于最高等级用户的DNA数据的相似度,为所述目标对象开放对应的使用权限。According to the similarity between the first DNA data and the DNA data belonging to the user of the highest level among all the DNA data in the database, corresponding usage rights are opened for the target object.
  5. 根据权利要求4所述的方法,其特征在于,所述根据所述第一DNA数据与所述数据库中的所有DNA数据中属于最高等级用户的DNA数据的相似度,为所述目标对象开放对应的使用权限,包括:The method according to claim 4, characterized in that, based on the similarity between the first DNA data and the DNA data of the highest-ranking user among all the DNA data in the database, open correspondence is provided for the target object Usage rights, including:
    当确定所述目标对象具有最高等级用户的凭证时,确定所述目标对象为所述最高等级用户;When it is determined that the target object has the credential of the user of the highest level, it is determined that the target object is the user of the highest level;
    将所述目标对象的权限等级确定为最高权限等级;或者,Determine the permission level of the target object as the highest permission level; or,
    当确定所述目标对象不具备所述凭证时,从所述数据库中的每个DNA数据与所述第一DNA数据与的相似度中,获取每个目标DNA数据与所述第一DNA数据的相似度,所述目标DNA数据为所述数据库中对应于最高等级用户的DNA数据;When it is determined that the target object does not have the voucher, from the similarity between each DNA data in the database and the first DNA data, obtain the data of each target DNA data and the first DNA data Similarity, the target DNA data is the DNA data corresponding to the highest level user in the database;
    确定所述每个目标DNA数据与所述第一DNA数据的相似度中的最高相似度;Determining the highest similarity among the similarities between each target DNA data and the first DNA data;
    当所述最高相似度小于所述第二阈值时,确定所述目标对象未通过认证;When the highest similarity is less than the second threshold, it is determined that the target object has not passed authentication;
    当所述最高相似度大于或等于第二阈值时,确定所述最高相似度在多个相似度区间中所处的第二相似度区间所对应的第二权限等级,作为所述目标对象的权限等级,所述多个相似度区间分别与预设的多个权限等级对应,所述多个权限等级低于所述最高权限等级;When the highest similarity is greater than or equal to the second threshold, determine the second permission level corresponding to the second similarity interval in which the highest similarity is located in multiple similarity intervals, as the permission of the target object Level, the multiple similarity intervals respectively correspond to multiple preset permission levels, and the multiple permission levels are lower than the highest permission level;
    按照所述目标对象的权限等级为所述目标对象开放对应的使用权限。According to the permission level of the target object, the corresponding use permission is opened for the target object.
  6. 根据权利要求3或5所述的方法,其特征在于,所述方法还包括:The method according to claim 3 or 5, wherein the method further comprises:
    将所述第一阈值与第二阈值之间的取值范围进行划分,以得到多个连续的区间,作为所述多个相似度区间;Dividing the value range between the first threshold and the second threshold to obtain multiple consecutive intervals as the multiple similarity intervals;
    将所述多个相似度区间分别与所述多个权限等级进行对应,所述多个权限等级的权限高低与所述多个相似度区间的取值范围大小正相关。Corresponding the plurality of similarity intervals to the plurality of permission levels respectively, and the permission levels of the plurality of permission levels are positively related to the value range of the plurality of similarity intervals.
  7. 根据权利要求5所述的方法,其特征在于,所述按照所述目标对象的权限等级为所述目标对象开放对应的使用权限,包括:The method according to claim 5, wherein the opening of the corresponding use rights for the target object according to the permission level of the target object includes:
    将所述目标对象注册为第二用户;Register the target object as a second user;
    将所述第二用户与所述第一DNA数据、用户指示信息以及所述最高相似度之间的对应关系存储至所述数据库中,所述用户等级指示信息用于指示所述第二用户是否为所述最高等级用户;Storing the correspondence between the second user and the first DNA data, user indication information, and the highest similarity degree in the database, and the user level indication information is used to indicate whether the second user Is the highest level user;
    按照所述目标对象的权限等级为所述目标对象开放对应的使用权限。According to the permission level of the target object, the corresponding use permission is opened for the target object.
  8. 根据权利要求5所述的方法,其特征在于,所述按照所述目标对象的权限等级为所述目标对象开放对应的使用权限,包括:The method according to claim 5, wherein the opening of the corresponding use rights for the target object according to the permission level of the target object includes:
    将所述目标对象注册为第二用户;Register the target object as a second user;
    将所述第二用户与所述第一DNA数据、用户权限指示信息之间的对应关系存储至所述数据库中,所述用户权限指示信息用于指示所述第二用户具有的权限等级;Storing the correspondence between the second user, the first DNA data, and user permission indication information in the database, where the user permission indication information is used to indicate the permission level that the second user has;
    按照所述目标对象的权限等级为所述目标对象开放对应的使用权限。According to the permission level of the target object, the corresponding use permission is opened for the target object.
  9. 根据权利要求8所述的方法,其特征在于,所述根据所述第一用户的用户等级为所述目标对象开放对应的使用权限,包括:The method according to claim 8, wherein the opening of the corresponding usage rights for the target object according to the user level of the first user includes:
    获取在所述第一用户在首次认证时存储的与所述第一用户对应的用户权限指示信息;Acquiring user authority indication information corresponding to the first user stored during the first authentication of the first user;
    根据所述第一用户对应的用户权限指示信息,获取所述第一用户的权限等级;Acquiring the permission level of the first user according to the user permission instruction information corresponding to the first user;
    按照所述第一用户的权限等级为所述目标对象开放对应的使用权限。According to the permission level of the first user, the corresponding use permission is opened for the target object.
  10. 根据权利要求1所述的方法,其特征在于,所述当所述所有DNA数据中存在与所述第一DNA数据的相似度大于或等于第一阈值的第二DNA数据时,确定所述目标对象为所述第二DNA数据对应的第一用户,包括:The method according to claim 1, wherein the target is determined when there is second DNA data having a similarity to the first DNA data greater than or equal to a first threshold value in all the DNA data The object is the first user corresponding to the second DNA data, including:
    获取所述目标对象的第一生物特征;Acquiring the first biological characteristic of the target object;
    当所述所有DNA数据中存在与所述第一DNA数据的相似度大于或等于第一阈值的第二DNA数据时,确定所述第二DNA数据所对应的第一用户;When there is second DNA data whose similarity to the first DNA data is greater than or equal to a first threshold in all the DNA data, determine the first user corresponding to the second DNA data;
    获取所述数据库中存储的所述第一用户的第二生物特征;Acquiring the second biometrics of the first user stored in the database;
    当所述第一生物特征与所述第二生物特征匹配时,确定所述目标对象为所述第一用户。When the first biometric matches the second biometric, it is determined that the target object is the first user.
  11. 一种身份认证装置,其特征在于,所述装置包括:An identity authentication device, characterized in that the device includes:
    采集模块,用于获取待验证的目标对象的第一DNA数据;The collection module is used to obtain the first DNA data of the target object to be verified;
    对比模块,用于将所述第一DNA数据与数据库中的所有DNA数据进行对比,以获取所述数据库中的每个DNA数据与所述第一DNA数据与的相似度;A comparison module, configured to compare the first DNA data with all DNA data in a database to obtain the similarity between each DNA data in the database and the first DNA data;
    用户确认模块,用于当所述数据库中的所有DNA数据中存在与所述第一DNA数据的相似度大于或等于第一阈值的第二DNA数据时,确定所述目标对象为所述第二DNA数据对应的第一用户;The user confirmation module is configured to determine that the target object is the second when all DNA data in the database has second DNA data whose similarity to the first DNA data is greater than or equal to a first threshold The first user corresponding to the DNA data;
    第一授权模块,用于根据所述第一用户的用户等级为所述目标对象开放对应的使用权限。The first authorization module is configured to open corresponding usage rights for the target object according to the user level of the first user.
  12. 根据权利要求11所述的装置,其特征在于,所述第一授权模块,用于:The device according to claim 11, wherein the first authorization module is configured to:
    当所述第一用户为最高等级用户时,按照最高权限等级为所述目标对象开放对应的使用权限;When the first user is the user with the highest level, the corresponding use authority is opened for the target object according to the highest authority level;
    当所述第一用户非所述最高等级用户时,根据所述第一DNA数据与所述数据库中的所有DNA数据中属于最高等级用户的DNA数据的相似度,为所述目标对象开放对应的使用权限。When the first user is not the highest-ranking user, according to the similarity between the first DNA data and the DNA data belonging to the highest-ranking user among all DNA data in the database, the corresponding object is opened for the target object Use permissions.
  13. 根据权利要求12所述的装置,其特征在于,所述第一授权模块,包括:The apparatus according to claim 12, wherein the first authorization module comprises:
    第一相似度识别子模块,用于当所述第一用户非所述最高等级用户时,从所述数据库中的每个DNA数据与所述第一DNA数据与的相似度中,获取每个目标DNA数据与所述第一DNA数据的相似度,所述目标DNA数据为所述数据库中对应于最高等级用户的DNA数据;The first similarity recognition submodule is used to obtain each of the similarities between each DNA data in the database and the first DNA data when the first user is not the user with the highest rank The similarity between the target DNA data and the first DNA data, the target DNA data is the DNA data corresponding to the highest level user in the database;
    第一相似度确定子模块,用于确定所述每个目标DNA数据与所述第一DNA数据的相似度中的最高相似度;A first similarity determination submodule, configured to determine the highest similarity among the similarities between each target DNA data and the first DNA data;
    第一权限确认子模块,用于确定所述最高相似度在多个相似度区间中所处的第一相似度区间所对应的第一权限等级,所述多个相似度区间分别与预设的多个权限等级对应,所述多个权限等级低于所述最高权限等级;The first permission confirmation submodule is used to determine the first permission level corresponding to the first similarity interval in which the highest similarity is located in multiple similarity intervals, and the multiple similarity intervals are respectively different from the preset Corresponding to multiple permission levels, the multiple permission levels are lower than the highest permission level;
    第一授权子模块,用于按照所述第一权限等级为所述目标对象开放对应的使用权限。The first authorization submodule is configured to open corresponding usage rights for the target object according to the first authority level.
  14. 根据权利要求11所述的装置,其特征在于,所述装置还包括:The device according to claim 11, wherein the device further comprises:
    确定模块,用于当所述数据库中的所有DNA数据中不存在所述第二DNA数据时,确定所述目标对象为首次认证;A determining module, configured to determine that the target object is the first authentication when the second DNA data does not exist in all DNA data in the database;
    第二授权模块,用于根据所述第一DNA数据与所述数据库中的所有DNA数据中属于最高等级用户的DNA数据的相似度,为所述目标对象开放对应的使用权限。The second authorization module is configured to open corresponding usage rights for the target object based on the similarity between the first DNA data and the DNA data of the user with the highest rank among all the DNA data in the database.
  15. 根据权利要求14所述的装置,其特征在于,所述第二授权模块,包括:The device according to claim 14, wherein the second authorization module comprises:
    身份验证子模块,用于当确定所述目标对象具有最高等级用户的凭证时,确定所述目标对象为所述最高等级用户;An identity verification submodule, configured to determine that the target object is the highest level user when it is determined that the target object has the credential of the highest level user;
    第二权限确认子模块,用于将所述目标对象的权限等级确定为最高权限等级;A second permission confirmation submodule, configured to determine the permission level of the target object as the highest permission level;
    第二相似度识别子模块,用于当确定所述目标对象不具备所述凭证时,从所述数据库中的每个DNA数据与所述第一DNA数据与的相似度中,获取每个目标DNA数据与所述第一DNA数据的相似度,所述目标DNA数据为所述数据库中对应于最高等级用户的DNA数据;The second similarity recognition sub-module is used to obtain each target from the similarity between each DNA data in the database and the first DNA data when it is determined that the target object does not have the credential The similarity between the DNA data and the first DNA data, and the target DNA data is the DNA data corresponding to the highest level user in the database;
    第二相似度确定子模块,用于确定所述每个目标DNA数据与所述第一DNA数据的相似度中的最高相似度;A second similarity determination submodule, configured to determine the highest similarity among the similarities between each target DNA data and the first DNA data;
    第二授权子模块,用于当所述最高相似度小于所述第二阈值时,确定所述目标对象未通过认证;A second authorization submodule, configured to determine that the target object has not passed authentication when the highest similarity is less than the second threshold;
    所述第二权限确认子模块,用于当所述最高相似度大于或等于第二阈值时,确定所述最高相似度在多个相似度区间中所处的第二相似度区间所对应的第二权限等级,作为所述目标对象的权限等级,所述多个相似度区间分别与预设的多个权限等级对应,所述多个权限等级低于所述最高权限等级;The second permission confirmation submodule is configured to determine, when the highest similarity is greater than or equal to a second threshold, the second similarity interval in which the highest similarity is located among multiple similarity intervals Two permission levels, which are the permission levels of the target object, the multiple similarity intervals correspond to preset multiple permission levels, and the multiple permission levels are lower than the highest permission level;
    所述第二授权子模块,还用于按照所述目标对象的权限等级为所述目标对象开放对应的使用权限。The second authorization sub-module is also used to open corresponding usage rights for the target object according to the permission level of the target object.
  16. 根据权利要求13或15所述的装置,其特征在于,所述装置还包括:The device according to claim 13 or 15, wherein the device further comprises:
    区间划分模块,用于将所述第一阈值与第二阈值之间的取值范围进行划分,以得到多个连续的区间,作为所述多个相似度区间;An interval dividing module, configured to divide the value range between the first threshold and the second threshold to obtain multiple consecutive intervals as the multiple similarity intervals;
    关联模块,用于将所述多个相似度区间分别与所述多个权限等级进行对应,所述多个权限等级的权限高低与所述多个相似度区间的取值范围大小正相关。The correlation module is configured to correspond the multiple similarity intervals to the multiple permission levels, and the permission levels of the multiple permission levels are positively related to the value range of the multiple similarity intervals.
  17. 根据权利要求15所述的装置,其特征在于,所述第二授权子模块,用于:The apparatus according to claim 15, wherein the second authorization submodule is configured to:
    将所述目标对象注册为第二用户;Register the target object as a second user;
    将所述第二用户与所述第一DNA数据、用户指示信息以及所述最高相似度之间的对应关系存储至所述数据库中,所述用户等级指示信息用于指示所述第二用户是否为所述最高等级用户;Storing the correspondence between the second user and the first DNA data, user indication information, and the highest similarity degree in the database, and the user level indication information is used to indicate whether the second user Is the highest level user;
    按照所述目标对象的权限等级为所述目标对象开放对应的使用权限。According to the permission level of the target object, the corresponding use permission is opened for the target object.
  18. 根据权利要求15所述的装置,其特征在于,所述第二授权子模块,用于:The apparatus according to claim 15, wherein the second authorization submodule is configured to:
    将所述目标对象注册为第二用户;Register the target object as a second user;
    将所述第二用户与所述第一DNA数据、用户权限指示信息之间的对应关系存储至所述数据库中,所述用户权限指示信息用于指示所述第二用户具有的权限等级;Storing the correspondence between the second user, the first DNA data, and user permission indication information in the database, where the user permission indication information is used to indicate the permission level that the second user has;
    按照所述目标对象的权限等级为所述目标对象开放对应的使用权限。According to the permission level of the target object, the corresponding use permission is opened for the target object.
  19. 根据权利要求18所述的装置,其特征在于,所述第一授权模块,包括:The apparatus according to claim 18, wherein the first authorization module comprises:
    信息获取子模块,用于获取在所述第一用户在首次认证时存储的与所述第一用户对应的用户权限指示信息;An information acquisition submodule, configured to acquire the user authority indication information corresponding to the first user and stored during the first authentication of the first user;
    权限获取子模块,用于根据所述第一用户对应的用户权限指示信息,获取所述第一用户的权限等级;A permission acquisition sub-module for acquiring the permission level of the first user according to the user permission instruction information corresponding to the first user;
    第三授权子模块,用于按照所述第一用户的权限等级为所述目标对象开放对应的使用权限。The third authorization submodule is configured to open corresponding usage rights for the target object according to the authority level of the first user.
  20. 根据权利要求11所述的装置,其特征在于,所述用户确认模块,包括:The device according to claim 11, wherein the user confirmation module comprises:
    生物特征获取子模块,用于获取所述目标对象的第一生物特征;A biometrics acquisition sub-module for acquiring the first biometrics of the target object;
    用户确定子模块,用于当所述所有DNA数据中存在与所述第一DNA数据的相似度大于或等于第一阈值的第二DNA数据时,确定所述第二DNA数据所对应的第一用户;The user determination sub-module is used to determine the first corresponding to the second DNA data when there is second DNA data whose similarity to the first DNA data is greater than or equal to a first threshold in all the DNA data user;
    读取子模块,用于获取所述数据库中存储的所述第一用户的第二生物特征;A reading sub-module for acquiring the second biometrics of the first user stored in the database;
    用户确认子模块,当所述第一生物特征与所述第二生物特征匹配时,确定所述目标对象为所述第一用户。The user confirmation sub-module determines that the target object is the first user when the first biological feature matches the second biological feature.
  21. 一种计算机可读存储介质,其上存储有计算机程序,其特征在于,所述计算机程序被处理器执行时实现权利要求1-10中任一项所述方法的步骤。A computer-readable storage medium on which a computer program is stored, characterized in that when the computer program is executed by a processor, the steps of the method according to any one of claims 1-10 are implemented.
  22. 一种电子设备,其特征在于,包括:An electronic device, characterized in that it includes:
    存储器,其上存储有计算机程序;Memory, on which computer programs are stored;
    处理器,用于执行所述存储器中的所述计算机程序,以实现权利要求1-10中任一项所述方法的步骤。A processor, configured to execute the computer program in the memory, to implement the steps of the method according to any one of claims 1-10.
PCT/CN2019/116368 2018-12-17 2019-11-07 Identity authentication method and device, storage medium, and electronic apparatus WO2020125260A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201811543599.8 2018-12-17
CN201811543599.8A CN109766679B (en) 2018-12-17 2018-12-17 Identity authentication method and device, storage medium and electronic equipment

Publications (1)

Publication Number Publication Date
WO2020125260A1 true WO2020125260A1 (en) 2020-06-25

Family

ID=66451962

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2019/116368 WO2020125260A1 (en) 2018-12-17 2019-11-07 Identity authentication method and device, storage medium, and electronic apparatus

Country Status (2)

Country Link
CN (1) CN109766679B (en)
WO (1) WO2020125260A1 (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109766679B (en) * 2018-12-17 2021-04-09 达闼机器人有限公司 Identity authentication method and device, storage medium and electronic equipment

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103077339A (en) * 2012-12-28 2013-05-01 广东欧珀移动通信有限公司 Data protection method and device
CN105404805A (en) * 2015-11-19 2016-03-16 小米科技有限责任公司 Verification method and apparatus
US20170329777A1 (en) * 2016-05-16 2017-11-16 Cubic Corporation Implicitly trusted travel token authentication
CN109766679A (en) * 2018-12-17 2019-05-17 深圳前海达闼云端智能科技有限公司 Identity authentication method and device, storage medium and electronic equipment

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8200980B1 (en) * 2001-09-21 2012-06-12 Open Invention Network, Llc System and method for enrolling in a biometric system
WO2013163720A1 (en) * 2012-05-02 2013-11-07 University Of Manitoba User identity detection on interactive surfaces
CN103678981B (en) * 2013-12-06 2017-12-29 北京奇虎科技有限公司 The method and device at different interfaces is realized for different user
CN105321018A (en) * 2014-07-18 2016-02-10 中国农业科学院作物科学研究所 Automatic DNA sequencing management system
CN106778160A (en) * 2016-11-28 2017-05-31 上海摩软通讯技术有限公司 Data item display methods and device
US10681024B2 (en) * 2017-05-31 2020-06-09 Konica Minolta Laboratory U.S.A., Inc. Self-adaptive secure authentication system

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103077339A (en) * 2012-12-28 2013-05-01 广东欧珀移动通信有限公司 Data protection method and device
CN105404805A (en) * 2015-11-19 2016-03-16 小米科技有限责任公司 Verification method and apparatus
US20170329777A1 (en) * 2016-05-16 2017-11-16 Cubic Corporation Implicitly trusted travel token authentication
CN109766679A (en) * 2018-12-17 2019-05-17 深圳前海达闼云端智能科技有限公司 Identity authentication method and device, storage medium and electronic equipment

Also Published As

Publication number Publication date
CN109766679A (en) 2019-05-17
CN109766679B (en) 2021-04-09

Similar Documents

Publication Publication Date Title
US11783018B2 (en) Biometric authentication
US11210884B2 (en) Electronic device operation using remote user biometrics
US6810480B1 (en) Verification of identity and continued presence of computer users
US8955069B1 (en) Event-based biometric authentication using mobile device
US11503021B2 (en) Mobile enrollment using a known biometric
US11270544B2 (en) Access control for access restricted domains using first and second biometric data
JP2003186845A (en) Biometrics authentication system and method
KR20220115507A (en) method and system for seamless biometric system self-enrollment
JP5903257B2 (en) Authentication system, registration device, and authentication device
WO2020125260A1 (en) Identity authentication method and device, storage medium, and electronic apparatus
US20230334136A1 (en) Adhoc enrollment process
KR20000030122A (en) user identification method using multi-biometric information and system thereof
KR101926709B1 (en) Control apparatus for biometric and method thereof
WO2016095564A1 (en) Identity verification method and device
JP2011118561A (en) Personal identification device and personal identification method
CN108875340B (en) Electronic device operation using remote user biometrics
KR101906141B1 (en) Apparatus and Method for Multi-level Iris Scan in Mobile Communication Terminal
KR20200096164A (en) method and apparatus for processing authentication information and user terminal including the same
CN116721486A (en) Control method and device for intelligent face recognition door lock
JP2023048093A (en) System and method for verifying user identity based on chain of events
KR20100012117A (en) Method and system for managing connect using face recognition for programs or folders

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 19898532

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 19898532

Country of ref document: EP

Kind code of ref document: A1