WO2020133026A1 - Dynamic matching method and apparatus for biometric information, and biometric identification system - Google Patents

Dynamic matching method and apparatus for biometric information, and biometric identification system Download PDF

Info

Publication number
WO2020133026A1
WO2020133026A1 PCT/CN2018/124162 CN2018124162W WO2020133026A1 WO 2020133026 A1 WO2020133026 A1 WO 2020133026A1 CN 2018124162 W CN2018124162 W CN 2018124162W WO 2020133026 A1 WO2020133026 A1 WO 2020133026A1
Authority
WO
WIPO (PCT)
Prior art keywords
user
mobile terminal
database
dynamic
biometric
Prior art date
Application number
PCT/CN2018/124162
Other languages
French (fr)
Chinese (zh)
Inventor
李镇旭
徐华斌
郑耀
Original Assignee
青岛海泰新光科技股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 青岛海泰新光科技股份有限公司 filed Critical 青岛海泰新光科技股份有限公司
Priority to PCT/CN2018/124162 priority Critical patent/WO2020133026A1/en
Publication of WO2020133026A1 publication Critical patent/WO2020133026A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints

Definitions

  • the present disclosure relates to a dynamic data processing method, a dynamic data processing device, a biometric information dynamic matching method, a biometric information dynamic matching device, and a biometric identification system.
  • the biometric matching system based on feature points has high accuracy, but because the similarity between the extracted feature points is measured mathematically, it requires absolute calculation (processing) time to calculate the similarity. In order to improve the accuracy of matching and improve the evaluation criteria, it may increase the execution time.
  • DB database
  • I/O master data input/output
  • Query data query
  • 1:1 matching based on Verification is: information input ⁇ user information search ⁇ comparison ⁇ result output, which is only a comparison of the similarity of feature points.
  • the identification of the users who have the corresponding biometric information among all users is as follows: input the user's biometric information ⁇ compare with all users ⁇ output the results, and the time of the comparison operation is different based on the total number of users. In the field of recognition, the speed of comparison operations has a great impact on the entire system. In the case of a DB with a small total number of users (1:10000 level, 1 is the user to be identified, and 10000 is the total number of users), no large equipment investment is required, and data processing/classification can be used to maximize performance . However, if the number of users is expanded to medium/large scale (1:50,000 or more), equipment investment is required to ensure the desired performance.
  • the explanation is based on the 1/4000 second of the palm vein matching system.
  • 4000 users can be identified in one second.
  • a quad-core CPU When a quad-core CPU is used, it can be developed as a parallel processing method. It uses a multi-thread method to run four operations simultaneously on the quad-core CPU. However, even with parallel processing, a maximum of 16,000 people can be processed in 1 second.
  • the CPU is 100% used for matching processing, but in actual situations, the operating system (OS), server (Server), database, and application (APP), etc., will consume CPU resources, so the actual time of 1 second is not It is possible to identify 16,000 users. If you use a quad-core CPU, it takes at least 6 to 8 seconds to get a 1:100,000 matching result.
  • biometrics The main use of biometrics is technology that is expected to quickly identify users. It is mainly used to record attendance (Time Attendance, hereinafter referred to as TA) of user attendance records and access control (Access) (hereinafter referred to as AC) for granting access rights to specific locations or routes.
  • TA Time Attendance
  • AC access control
  • both applications there will be a flow of people. If there is a problem with the execution or the time is too long, congestion will occur. When the execution time is more than 6 seconds, it will be a very long time for these applications.
  • the comparison results are usually obtained within 1 second. Therefore, in the AC/TA of medium/large biometrics In application, it is necessary to add equipment to meet the requirements.
  • each server may have 4 to 16 CPUs.
  • the CPU operation of the server is not only used for the biometric comparison operation, but as the total number of users increases, the scale of the device also increases proportionally.
  • the expansion of the equipment means increased construction and maintenance costs.
  • the first method is that the user's biological information is directly stored in the user's ID card or mobile phone, the stored biological information is read when authentication is required, and the read biological information is compared with the currently acquired user's biological information.
  • the biggest problem in this method is that the biological information held by the user needs to be transmitted through the biometric terminal.
  • the communication method of the ID card or mobile phone and the identification terminal is still low speed, and errors often occur, and the transmission takes a long time. .
  • a series of processes of authorization and encryption may be required to transmit important personal sensitive information through wireless. If encryption or security is not guaranteed, the data may be intercepted by wireless hackers.
  • the second method is based on the proximity of the mobile terminal to perform AC/TA technology.
  • the biggest problem with this method is maximum availability, but the security is relatively weak.
  • the present disclosure provides a dynamic data processing method, a dynamic data processing device, a biometric information dynamic matching method, a biometric information dynamic matching device, and a biometric identification system.
  • a dynamic data processing method includes: configuring a static database that stores relevant data of all users; determining users satisfying predetermined conditions as specific users; and configuring a dynamic database when When a user satisfying a predetermined condition is determined to be a specific user, relevant data of the specific user is transferred from the static database to the dynamic database for storage in the dynamic database.
  • the method further includes: when the specific user no longer satisfies the predetermined condition, deleting related data of the specific user from the dynamic database.
  • the method further includes: receiving input information of the specific user, and comparing the input information with user-related data stored in the dynamic database.
  • the predetermined condition is a predetermined location range or a predetermined user, and a user who is in the predetermined location range or a user who is a predetermined user is determined as a specific user.
  • the predetermined user is a reserved user or a registered user.
  • a dynamic data processing apparatus includes: a static database module that stores relevant data of all users; a determination module for determining a user who meets predetermined conditions as a specific user; and A dynamic database module, when the determination module determines that a user who meets a predetermined condition is a specific user, the dynamic database receives and stores data about the specific user from the static database.
  • the data related to the specific user stored in the dynamic database is deleted.
  • the device further includes: a receiving module for receiving input information of the specific user; and a comparison module for comparing the input information with user-related data stored in the dynamic database.
  • the predetermined condition is a predetermined location or a predetermined user, and a user who is in the predetermined location range or a user who is a predetermined user is determined as a specific user.
  • the predetermined user is a reserved user or a registered user.
  • a method for dynamically matching biometric information includes: configuring a static database that stores relevant data of all users, the relevant data including biometric information of the user; predetermined conditions will be satisfied Users are determined to be specific users; configure a dynamic database, and when a user who meets a predetermined condition is determined to be a specific user, transfer relevant data of the specific user from the static database to the dynamic database for storage to the dynamic database In; receiving the input biometric information of the specific user; and comparing the input biometric information and the biometric information stored in the dynamic database, if the two are consistent, it is judged as a match.
  • the method further includes: when the specific user no longer satisfies the predetermined condition, deleting related data of the specific user from the dynamic database.
  • the predetermined condition is a preset position range
  • a user in the preset position range is regarded as a specific user.
  • the input biometric information of the specific user is received through a biometric identification terminal, and the preset position range is a predetermined distance range from the biometric identification terminal.
  • the mobile terminal is a BLE/Beacon-based mobile terminal, and the mobile terminal periodically transmits a signal, and the biometric identification terminal is used to receive the signal transmitted by the mobile terminal.
  • the signal transmitted by the mobile terminal includes inherent information of the mobile terminal, and the inherent information includes at least one of the IMEI, UUID, Bluetooth address, WLAN MAC address, serial number, and phone number of the mobile terminal And the relevant data of the user includes the inherent information of the mobile terminal.
  • a plurality of the biometric identification terminals are provided to confirm the number of mobile terminals around the biometric identification terminal.
  • the distance of each mobile terminal in the surroundings is measured by a plurality of the biometric recognition terminals, so as to determine the time and/or probability of the user carrying the mobile terminal to perform the biometric recognition.
  • the predetermined condition is a predetermined user, and when the user is a predetermined user, the user is regarded as a specific user.
  • the predetermined user is a reserved user or a registered user.
  • a device for dynamically matching biometric information includes: a static database module that stores relevant data of all users, and the relevant data includes biometric information of the user; A user who meets a predetermined condition is determined as a specific user; a dynamic database module, when a user who meets a predetermined condition is determined as a specific user, transfers the relevant data of the specific user from the static database to the dynamic database for storage to all The dynamic database; a biometrics identification module that receives the input biometric information of the specific user; and a comparison module for comparing the input biometric information with the biometric information stored in the dynamic database, if the two are consistent, It is judged as a match.
  • the apparatus further includes: when the specific user no longer satisfies the predetermined condition, deleting the relevant data of the specific user from the dynamic database.
  • the predetermined condition is a preset position range
  • a user in the preset position range is regarded as a specific user.
  • the mobile terminal carried by the user is detected by the biometric identification module to determine whether the user is in the preset position range.
  • the mobile terminal is a BLE/Beacon-based mobile terminal, and the mobile terminal periodically transmits a signal, and the biometric identification module is used to receive the signal transmitted by the mobile terminal.
  • the signal transmitted by the mobile terminal includes inherent information of the mobile terminal, and the inherent information includes at least one of the IMEI, UUID, Bluetooth address, WLAN MAC address, serial number, and phone number of the mobile terminal And the relevant data of the user includes the inherent information of the mobile terminal.
  • a plurality of the biometric identification modules are provided to confirm the number of mobile terminals around the biometric identification module.
  • the distance of each mobile terminal in the surrounding is measured by a plurality of the biometric identification modules, so as to determine the time and/or probability of biometric identification by the user carrying the mobile terminal.
  • the predetermined condition is a predetermined user, and when the user is a predetermined user, the user is regarded as a specific user.
  • the predetermined user is a reserved user or a registered user.
  • the determination module, the biometric identification module, and the comparison module are located in the biometric identification terminal.
  • the dynamic database module is located in the biometrics terminal, or in the local network, or in the server where the static database module is located, or in a different server from where the static database module is located. In a server.
  • a biometric identification system includes the biometric information dynamic matching device as described above.
  • FIG. 1 is a schematic flowchart of a dynamic data processing method according to an embodiment of the present disclosure.
  • FIG. 2 is a schematic diagram of a list form of user data according to an embodiment of the present disclosure.
  • FIG. 3 is a schematic diagram of a dynamic data processing device according to an embodiment of the present disclosure.
  • FIG. 4 is a schematic diagram of a dynamic data processing device according to an embodiment of the present disclosure.
  • FIG. 5 is a schematic flowchart of a method for dynamically matching biometric information according to an embodiment of the present disclosure.
  • FIG. 6 is a schematic diagram of a configuration of a biometric terminal according to an embodiment of the present disclosure.
  • FIG. 7 is a schematic diagram of a biometric terminal detecting a user position according to an embodiment of the present disclosure.
  • FIG. 8 is a schematic flowchart of configuring a dynamic database according to an embodiment of the present disclosure.
  • FIG. 9 is a schematic flowchart of a biometrics identification method according to an embodiment of the present disclosure.
  • FIG. 1 shows a dynamic data processing method according to the first embodiment of the present disclosure.
  • the dynamic data processing method may include: step S10, configuring a static database; step S20, determining a specific user; and step S30, configuring a dynamic database.
  • the static database is configured so that the static database stores relevant data of all users.
  • a static database refers to a database that stores relevant data of all registered users.
  • the relevant data may include the user's basic information and biometric information, and may also include the unique information of the mobile terminal owned by the user, such data includes: user name, ID number, phone number , IMEI (International Mobile Terminal Identification Code), UUID (Universal Unique Identification Code) of mobile terminal, Bluetooth address, WLAN MAC address, terminal serial number, biometric information, etc.
  • IMEI International Mobile Terminal Identification Code
  • UUID Universal Unique Identification Code
  • Figure 2 shows the list format of user data stored in a static database. Those skilled in the art should understand that although the user shown in FIG. 2 may correspond to unique information of multiple registered mobile terminals.
  • the user's basic information can be input through the input terminal, and the user's mobile terminal information can be extracted and input, and the user's biometric information can be collected through the biometric terminal to form a corresponding list form.
  • step S20 it is used to determine a specific user, where the determination can be made by whether a predetermined condition is satisfied.
  • a biometric terminal or other form of receiver is used to monitor whether the mobile terminal carried by the user is within a predetermined location range, and if it is within the predetermined location range, the user is determined to be a specific user.
  • all user information is registered subway users, which may be more than 5 million or even 10 million users.
  • these users are determined as Specific users.
  • the selection of the specific user may also be based on the reserved user who made a reservation for an event at a specific time (today, tomorrow, the day after tomorrow), and the reservation is determined as the specific user.
  • the user who can reserve a certain day As a specific user on that day.
  • the registered user may also be regarded as a specific user.
  • the registered user may be regarded as a specific user.
  • step S30 when the user satisfying the predetermined condition is determined to be the specific user, the relevant data of the specific user is transferred from the static database to the dynamic database for storage in the dynamic database.
  • a dynamic database refers to a database that receives and stores data related to a specific user stored in static data.
  • the content of the dynamic database will vary according to the specific user.
  • a user previously identified as a specific user no longer satisfies the predetermined condition, he cannot continue to be confirmed as a specific user, and the user's relevant data stored in the dynamic database can be deleted.
  • the deletion operation may be real-time or delayed for a period of time, and those skilled in the art may set it according to actual conditions.
  • the above method may further include step S40, receiving user input information.
  • biometric information input by a specific user may be received through the biometric terminal.
  • the above method may further include step S50, which is used to compare the biometric information input during biometric authentication with the biometric information of the user stored in the dynamic database, and if they match, the user authentication is passed.
  • the dynamic data processing apparatus may include a static database module 1, a dynamic database module 2, and a determination module 3.
  • the static server 1 is used to store data about all users.
  • the format and storage method of the data may be the same as the first embodiment.
  • the determination module 3 is used to determine a user who meets a predetermined condition as a specific user, and the predetermined condition and the determination manner may be the same as the first embodiment.
  • the dynamic database module 2 is used to receive the specific user's data from the static database module 3 according to the specific user determined by the determination module 3 and store it.
  • the operation mode of the dynamic database module 2 may be the same as the first embodiment. For example, when a specific user is no longer a specific user before, the data of the dynamic database module 2 may be deleted from the dynamic database module 2.
  • the dynamic data processing device may further include an input module 4 and a comparison module 5.
  • the input module 4 may be in the form of a biometric terminal as described above, and may be used to perform the above step S40.
  • the comparison module 5 can be used to perform the above step S50.
  • the static database module 3 is used to store relevant data of all users, which is not directly used for biometric comparison, but only acts as a data center for all users.
  • the dynamic database module 2 changes according to the change of a specific user, so it can be regarded as a temporary database module.
  • the dynamic database module 2 can be located in the biometric terminal, it can be located on the local network, or it can be a sub-database of the server system where the static database module 3 is located, or even a server system specifically built for the dynamic database module 2.
  • the present disclosure does not limit the structure of the dynamic database module 2.
  • the one dynamic database module may be formed for multiple biometric terminals.
  • the dynamic data processing apparatus may include a plurality of receiving modules, and the plurality of receiving modules may correspond to the determination module/comparison module in one-to-one correspondence or in one-to-one correspondence.
  • the plurality of receiving modules may correspond to the determination module/comparison module in one-to-one correspondence or in one-to-one correspondence.
  • multiple biometrics terminals can be installed according to the actual application location.
  • the dynamic database module 2 the determination module 3, the receiving module 4 and the comparison module 5 described above can all be implemented in the biometric terminal, and the static database module 1 can be implemented in the remote server.
  • a method for dynamically matching biometric information is provided.
  • FIG. 5 shows a schematic flowchart of a method for dynamically matching biometric information according to the present disclosure.
  • a static database is configured, and the static database stores relevant data of all users, and the relevant data includes biometric information of the user.
  • a user satisfying a predetermined condition is determined as a specific user.
  • a dynamic database is configured, and when a user who meets a predetermined condition is determined to be a specific user, related data of the specific user is transferred from the static database to the dynamic database for storage in the dynamic database.
  • the input biometric information of a specific user is received; and in step S500, the input biometric information is compared with the biometric information stored in the dynamic database, and if the two are consistent, it is judged as a match.
  • the specific implementation manners of steps S100-S500 in this embodiment may be the same as or similar to steps S10-S50 in the first embodiment, respectively.
  • a device for dynamically matching biometric information including: a static database module that stores relevant data of all users, and the relevant data includes biometric information of the user; The user who meets the predetermined condition is determined as the specific user; the dynamic database module, when the user who meets the predetermined condition is determined as the specific user, transfers the relevant data of the specific user from the static database to the dynamic database for storage in the dynamic database; The feature recognition module receives the input biometric information of a specific user; and the comparison module is used to compare the input biometric information with the biometric information stored in the dynamic database. If the two are consistent, it is judged as a match.
  • the biometric terminal determines whether the registered mobile terminal is within a predetermined location range.
  • it can be achieved by the biometric terminal scanning and detecting the proximity of the mobile terminal.
  • the present disclosure applies the proximity detection technology of the mobile terminal described in the prior art.
  • Bluetooth technology before version 4.0 requires pairing (Pairing) between two devices, which means that only identifiable and authenticated devices can communicate normally.
  • BLE Bluetooth Low Energy
  • Broadcasting makes it possible to search and identify peripheral devices without pairing, send and receive simple information, measure communication response time, and estimate Information about the physical distance from the device. Based on this, the technology that can be used like a small logo is Beacon (beacon).
  • a typical example of using BLE technology is the recent Huawei Internet of Things (IOT) device.
  • IOT Internet of Things
  • the mobile phone's BLE function is used to search for the device, read the device information and incorporate it into the user environment. simple.
  • the process of entering and registering network information on the equipment had to be completed.
  • other input devices and display screens were required.
  • BLE/Beacon can simply search these parts by broadcasting. The power consumption of this communication method is very low. Now you can easily use small sensors without buttons and inexpensive devices.
  • Beacon can take various forms, such as iBeacon (Apple) and URIBeacon (Google), and the inherent inherent information used may be different depending on the use of the mobile terminal.
  • a mobile terminal using BLE/Beacon technology can continuously and periodically send out signals in the form of advertising packets, transmit the inherent information of the mobile terminal through the broadcast packets, and the biometric identification terminal works as a receiver To receive the unique information of the mobile terminal.
  • the default detection distance of BLE/Beacon is 50 meters. However, the final performance depends on the construction environment, and the detection distance can be expanded/concentrated through various methods.
  • the core capability here is that the biometric identification terminal confirms the number of surrounding mobile terminals in this way, and a preliminary list of users who may try biometric identification can be created.
  • the detection environment is constructed through multiple biometric recognition terminals, as shown in FIG. 6.
  • the position of each mobile terminal can be measured, so that the biometric authentication attempt time and probability can be predicted by referring to the position.
  • C1 to C4 in FIG. 7 represent the first to fourth biometric recognition terminals
  • d1 to d4 represent the distance of the mobile terminal from each biometric recognition terminal terminal.
  • the biometrics identification terminal or other devices can dynamically configure a database required for biometric authentication, that is, a dynamic database.
  • a database required for biometric authentication that is, a dynamic database.
  • the dynamic configuration refers to a configuration in which the dynamic database is changed based on the existing dynamic database.
  • the method of dynamic configuration includes the following steps:
  • step S301 the biometric identification terminal detects surrounding mobile terminals and collects mobile terminal information, which can be detected and obtained device information through the above-mentioned BLE/Beacon technology.
  • Step S302 comparing and determining the collected mobile terminal information with the mobile terminal information stored in the dynamic database.
  • Step S303 when certain mobile terminal information stored in the dynamic database is not included in the collected mobile terminal information, delete the mobile terminal information stored in the dynamic database. At this time, it may indicate that the user holding the mobile terminal was previously within the predetermined location range, but is currently not within the predetermined location range, and it may not perform subsequent biometric authentication, so for this type of user, you can remove its information from the dynamic database delete.
  • Step S304 when the mobile terminal information stored in the dynamic database does not contain some or some collected mobile terminal information, it is regarded as that a new mobile terminal is detected. That is to say, the user who holds the mobile terminal was not in the predetermined location range before, but is currently in the predetermined location range, and it may perform the subsequent biometric authentication.
  • step S305 for the user who holds the mobile terminal determined in step S304, the information of the detected new mobile terminal can be used to perform a query in a static database to find data information matching the user.
  • step S306 relevant information including biometric information of the user of the new mobile terminal is transmitted from the static database.
  • Step S307 the dynamic database receives and adds the information of the user of the new mobile terminal. In this way, this information is stored in the dynamic database for possible future biometric authentication.
  • FIG. 9 shows a schematic flow chart when a user performs biometric authentication.
  • the user inputs biometric information at the biometric terminal.
  • the biometric information received by the terminal is compared with the biometric information stored in the currently configured dynamic database. If they match, the verification is passed, and if they are not, the verification fails.
  • the location where the dynamic database is located can be set as needed.
  • a user does not need to operate a mobile terminal, and can quickly use a required service using only biometrics. There is no need to remove the card separately, nor to open the phone and run the application. And it also has the effect of cross-validating the user's mobile terminal and biological information without any notification from the user.
  • the advantage of this method is not only to speed up the implementation of biometrics and reduce equipment investment costs, but also to maximize biometric authentication performance itself. Since the biometrics technology uses a probability-based technology to compare feature points caused by biological information that changes each time a biometric is acquired, it is difficult to achieve a technology with an error rate of 0%. To overcome these limitations, there is a 2-factor (two-factor) authentication method. This is because when various biometric authentication methods such as fingerprint + palm vein, fingerprint + face, palm vein + face are used in combination, the probability of authentication failure is reduced to A ⁇ B (A and B are the failure of the two methods respectively Probability). This method is 2-factor (two-factor) authentication based on mobile terminal technology and biometric technology mentioned in the prior art.
  • the 2-factor two-factor cannot be authenticated, that is, the mobile terminal is not around or lost.
  • you can use your own identification number such as your ID card number or mobile phone number
  • you can also enter possible duplicate information such as name and date of birth.
  • the number of users with the same name and the same date of birth is limited, and the biometric authentication comparison operation can be performed by inputting information into the dynamic database and transmitting the user's biometric information from the static database to the dynamic database. In this way, the input information will not be deleted directly in the dynamic database, and it can also be used continuously for a specific period.
  • the actual biometric comparison operation of a large database including users of more than one million levels can be performed by a small-scale database of less than ten thousand levels. And without the investment of other equipment, biometrics can also be carried out quickly. In order to obtain higher performance, it is also possible to construct a dynamic database through another computer or software for comparison. Because these devices can handle more than 10,000 people in one second even under the performance of ordinary computers, the existing devices that require medium/large server systems have the advantage of being cheap.
  • the biometric data must be queried in the static database, and the overall network traffic seems to increase.
  • the total traffic is the same as the direct comparison using a static database. The only difference is whether the data is uploaded to a static database or downloaded to a dynamic database.
  • the biometric comparison is performed in a local network or terminal, no additional traffic is required, and it is not affected by other networks. Ultimately, users can experience much faster than in the past.
  • first and second are used for description purposes only, and cannot be understood as indicating or implying relative importance or implicitly indicating the number of indicated technical features.
  • the features defined as “first” and “second” may include at least one of the features explicitly or implicitly.
  • the meaning of “plurality” is at least two, such as two, three, etc., unless otherwise specifically limited.

Abstract

A dynamic matching method for biometric information, a dynamic matching apparatus for biometric information, a dynamic data processing method, a dynamic data processing apparatus and a biometric identification system. The dynamic matching method for biometric information comprises: configuring a static database, wherein the static database stores relevant data of all users, and the relevant data comprises biometric information of the users (S100); determining a user meeting a predetermined condition to be a specific user (S200); configuring a dynamic database, and when the user meeting the predetermined condition is determined to be the specific user, transmitting relevant data of the specific user from the static database to the dynamic database so as to store the relevant data in the dynamic database (S300); receiving input biometric information of the specific user (S400); and comparing the input biometric information with biometric information stored in the dynamic database, and if the input biometric information is consistent with the biometric information stored in the dynamic database, determining that same match (S500).

Description

生物特征信息动态匹配方法、装置及生物特征识别系统Biometric information dynamic matching method, device and biometric identification system 技术领域Technical field
本公开涉及一种动态数据处理方法、动态数据处理装置、生物特征信息动态匹配方法、生物特征信息动态匹配装置及生物特征识别系统。The present disclosure relates to a dynamic data processing method, a dynamic data processing device, a biometric information dynamic matching method, a biometric information dynamic matching device, and a biometric identification system.
背景技术Background technique
以特征点为基础的生物识匹配别系统虽然有很高的准确度,但是因为在数学上测量提取的特征点之间的相似度,因此需要绝对计算(处理)时间来计算相似度。为了提升匹配的准确性及提高评估标准可能会增加执行时间。Although the biometric matching system based on feature points has high accuracy, but because the similarity between the extracted feature points is measured mathematically, it requires absolute calculation (processing) time to calculate the similarity. In order to improve the accuracy of matching and improve the evaluation criteria, it may increase the execution time.
例如,在掌静脉匹配系统的情况下,需要至少1/4000秒来比较特征点之间的相似性。这是除数据库(DB)配置,主数据输入/输出(I/O),认证用户的数据查询(Query)和结果传输的过程之外的时间。如果考虑所有需要花费的时间,总匹配时间将更长。For example, in the case of a palm vein matching system, it takes at least 1/4000 second to compare the similarity between feature points. This is in addition to the database (DB) configuration, master data input/output (I/O), the data query (Query) of the authenticated user, and the transmission of results. If you consider all the time it takes, the total matching time will be longer.
在匹配系统中,基于验证(Verification)的1:1匹配为:信息输入→用户信息搜索→比较→结果输出,这仅是一个特征点相似性的比较。在所有用户中找到具有相应生物信息的用户的识别(Identification)为:输入用户的生物识别信息→与所有用户比较运算→结果输出,该比较操作的时间基于总用户数量的不同而不同。在识别领域,比较运算的速度对整个系统产生很大的影响。在用户总数较小的DB(1:10000级别,1为待识别的用户,10000为总用户数量)的情况下,不需大的设备投资,可以通过数据处理/分类等来来使性能最大化。但是如果用户数量扩大到中/大规模(1:50000或更高),为了确保期望的性能是需要进行设备投资的。In the matching system, 1:1 matching based on Verification is: information input→user information search→comparison→result output, which is only a comparison of the similarity of feature points. The identification of the users who have the corresponding biometric information among all users is as follows: input the user's biometric information → compare with all users → output the results, and the time of the comparison operation is different based on the total number of users. In the field of recognition, the speed of comparison operations has a great impact on the entire system. In the case of a DB with a small total number of users (1:10000 level, 1 is the user to be identified, and 10000 is the total number of users), no large equipment investment is required, and data processing/classification can be used to maximize performance . However, if the number of users is expanded to medium/large scale (1:50,000 or more), equipment investment is required to ensure the desired performance.
以掌静脉匹配系统的1/4000秒为基准进行说明。在单核CPU的情况下,1秒内可以识别4000名用户,当使用四核CPU时,可以将其开发 为并行处理方式,其使用多线程方法在该四核CPU上同时运行四个操作。但是,即使进行并行处理,1秒内最多只能处理16000人。这里,假设CPU是100%用于匹配处理,但是在实际情况中,操作系统(OS)、服务器(Server)、数据库和应用程序(APP)等会消耗CPU资源,因此实际上1秒的时间不可能识别16000名用户。如果使用一个四核CPU,则至少需要6~8秒才能获得1:100000的匹配结果。The explanation is based on the 1/4000 second of the palm vein matching system. In the case of a single-core CPU, 4000 users can be identified in one second. When a quad-core CPU is used, it can be developed as a parallel processing method. It uses a multi-thread method to run four operations simultaneously on the quad-core CPU. However, even with parallel processing, a maximum of 16,000 people can be processed in 1 second. Here, it is assumed that the CPU is 100% used for matching processing, but in actual situations, the operating system (OS), server (Server), database, and application (APP), etc., will consume CPU resources, so the actual time of 1 second is not It is possible to identify 16,000 users. If you use a quad-core CPU, it takes at least 6 to 8 seconds to get a 1:100,000 matching result.
生物识别技术的主要用途是期望快速识别用户的技术。它主要应用于记录用户出勤记录的考勤(Time Attendance,以下简称TA)和用于授予特定地点或路线的出入权限的访问控制(Access Control,以下简称AC)。在这两种应用中均会存在人流,如果执行出现问题或时间太长,则会发生拥堵。执行时间在6秒以上时,对于这些应用而言将会是一个很长的时间,AC/TA应用中通常是1秒内得出比较运算结果,因此,在中/大型生物识别的AC/TA应用中,就必须要增加设备来满足要求。The main use of biometrics is technology that is expected to quickly identify users. It is mainly used to record attendance (Time Attendance, hereinafter referred to as TA) of user attendance records and access control (Access) (hereinafter referred to as AC) for granting access rights to specific locations or routes. In both applications, there will be a flow of people. If there is a problem with the execution or the time is too long, congestion will occur. When the execution time is more than 6 seconds, it will be a very long time for these applications. In AC/TA applications, the comparison results are usually obtained within 1 second. Therefore, in the AC/TA of medium/large biometrics In application, it is necessary to add equipment to meet the requirements.
为了提高执行速度,可以使用服务器计算技术并行连接四核CPU的方式。即,通过CPU内核的并行扩展,增加同时执行次数的方法,每个服务器可能有4到16个CPU。如上所述,服务器的CPU操作不仅仅用于生物识别比较这一操作,随着用户总数的增加,设备的规模也成比例增加。设备的扩建意味着搭建和维护成本的增加。In order to improve the execution speed, you can use the server computing technology to connect the four-core CPU in parallel. That is, through the parallel expansion of CPU cores and the method of increasing the number of simultaneous executions, each server may have 4 to 16 CPUs. As mentioned above, the CPU operation of the server is not only used for the biometric comparison operation, but as the total number of users increases, the scale of the device also increases proportionally. The expansion of the equipment means increased construction and maintenance costs.
特别是,在需要明确认证是否本人的中/大规模大学、医院、地铁/铁路等场景下,越多人使用的系统,越是需要快速的认证,这样才能保证顺畅运营。为了顺畅运营,则需要1秒内得到认证结果,这样搭建/管理费用会急剧增加。在不到1秒的时间内处理大规模的1:1000000的匹配系统至少需要80个四核CPU,而且还需要提供数据的分散、流量控制、管理的附加服务器系统和网络设备。In particular, in scenarios such as medium/large-scale universities, hospitals, subways, and railways that need to clearly identify whether they are themselves, the more people use the system, the more rapid authentication is required to ensure smooth operation. In order to operate smoothly, you need to get the certification result within 1 second, so the construction/management cost will increase sharply. Processing a large-scale 1:1000000 matching system in less than 1 second requires at least 80 quad-core CPUs, and additional server systems and network equipment to provide data dispersion, flow control, and management.
为了克服上述问题,现有技术中大致存在以下两种方式。In order to overcome the above problems, the following two methods generally exist in the prior art.
第一种方式是用户的生物信息直接存储在用户的ID卡或手机中,在需要认证时读取存储的生物信息,并将读取的生物信息与当前获取的用户生物信息进行比较。但是这种方式中最大的问题是需要将用户所持有的生物信息通过生物识别终端来传送数据,ID卡或手机与识别终端的通信方式仍然低速,且经常出现错误,传输需要相当长的时间。并且可能 需要授权和加密的一系列过程,通过无线传输重要的个人敏感信息,如果加密或安全性没有保证,则可能被无线黑客拦截数据。当执行数据加密以防止这种情况时,需要额外的过程,例如密钥交换和加密/解密,因此,再次增加执行时间并可能需要增加设备。另外如果用户丢失了手机或ID卡时,则不能进行生物特征认证。The first method is that the user's biological information is directly stored in the user's ID card or mobile phone, the stored biological information is read when authentication is required, and the read biological information is compared with the currently acquired user's biological information. However, the biggest problem in this method is that the biological information held by the user needs to be transmitted through the biometric terminal. The communication method of the ID card or mobile phone and the identification terminal is still low speed, and errors often occur, and the transmission takes a long time. . And a series of processes of authorization and encryption may be required to transmit important personal sensitive information through wireless. If encryption or security is not guaranteed, the data may be intercepted by wireless hackers. When data encryption is performed to prevent this, additional processes are required, such as key exchange and encryption/decryption, and therefore, the execution time is increased again and the equipment may need to be added. In addition, if the user loses the mobile phone or ID card, biometric authentication cannot be performed.
第二种方式是基于手机终端的接近性来执行AC/TA的技术。这种方法的最大问题是可用性最大化,但安全性相对较弱。即手机认证方式的最大问题在于,因为它是基于“你持有注册手机=本人”的前提,所以可能与AC/TA行业的核心“自我认证”的本质存在一些差异。The second method is based on the proximity of the mobile terminal to perform AC/TA technology. The biggest problem with this method is maximum availability, but the security is relatively weak. The biggest problem with the mobile phone authentication method is that because it is based on the premise that "you hold a registered mobile phone = yourself", there may be some differences from the essence of the core "self-certification" of the AC/TA industry.
发明内容Summary of the invention
为了解决上述技术问题中的至少一个,本公开提供了动态数据处理方法、动态数据处理装置、生物特征信息动态匹配方法、生物特征信息动态匹配装置及生物特征识别系统。In order to solve at least one of the above technical problems, the present disclosure provides a dynamic data processing method, a dynamic data processing device, a biometric information dynamic matching method, a biometric information dynamic matching device, and a biometric identification system.
根据本公开的第一方面,一种动态数据处理方法,包括:配置静态数据库,所述静态数据库存储有所有用户的相关数据;将满足预定条件的用户确定为特定用户;以及配置动态数据库,当满足预定条件的用户确定为特定用户时,将所述特定用户的相关数据从所述静态数据库传输至所述动态数据库,以存储至所述动态数据库中。According to a first aspect of the present disclosure, a dynamic data processing method includes: configuring a static database that stores relevant data of all users; determining users satisfying predetermined conditions as specific users; and configuring a dynamic database when When a user satisfying a predetermined condition is determined to be a specific user, relevant data of the specific user is transferred from the static database to the dynamic database for storage in the dynamic database.
根据本公开的一个实施方式,该方法还包括:当所述特定用户不再满足所述预定条件时,将所述特定用户的相关数据从所述动态数据库中删除。According to an embodiment of the present disclosure, the method further includes: when the specific user no longer satisfies the predetermined condition, deleting related data of the specific user from the dynamic database.
根据本公开的一个实施方式,该方法还包括:接收所述特定用户的输入信息,并且将所述输入信息与所述动态数据库存储的用户的相关数据进行比较。According to an embodiment of the present disclosure, the method further includes: receiving input information of the specific user, and comparing the input information with user-related data stored in the dynamic database.
根据本公开的一个实施方式,所述预定条件为预定位置范围或预定用户,将处于所述预定位置范围的用户或作为预定用户的用户确定为特定用户。According to an embodiment of the present disclosure, the predetermined condition is a predetermined location range or a predetermined user, and a user who is in the predetermined location range or a user who is a predetermined user is determined as a specific user.
根据本公开的一个实施方式,所述预定用户为预约用户或登记用户。According to an embodiment of the present disclosure, the predetermined user is a reserved user or a registered user.
根据本公开的第二方面,一种动态数据处理装置,包括:静态数据库模块,所述静态数据库存储有所有用户的相关数据;确定模块,用于将满足预定条件的用户确定为特定用户;以及动态数据库模块,当所述确定模块确定满足预定条件的用户作为特定用户时,所述动态数据库接收并存储来自所述静态数据库的所述特定用户的相关数据。According to a second aspect of the present disclosure, a dynamic data processing apparatus includes: a static database module that stores relevant data of all users; a determination module for determining a user who meets predetermined conditions as a specific user; and A dynamic database module, when the determination module determines that a user who meets a predetermined condition is a specific user, the dynamic database receives and stores data about the specific user from the static database.
根据本公开的一个实施方式,当所述特定用户不再满足所述预定条件时,所述动态数据库中存储的所述特定用户的相关数据被删除。According to an embodiment of the present disclosure, when the specific user no longer satisfies the predetermined condition, the data related to the specific user stored in the dynamic database is deleted.
根据本公开的一个实施方式,该装置还包括:接收模块,用于接收所述特定用户的输入信息;以及比较模块,用于比较所述输入信息与所述动态数据库存储的用户的相关数据。According to an embodiment of the present disclosure, the device further includes: a receiving module for receiving input information of the specific user; and a comparison module for comparing the input information with user-related data stored in the dynamic database.
根据本公开的一个实施方式,所述预定条件为预定位置或预定用户,将处于所述预定位置范围的用户或作为预定用户的用户确定为特定用户。According to an embodiment of the present disclosure, the predetermined condition is a predetermined location or a predetermined user, and a user who is in the predetermined location range or a user who is a predetermined user is determined as a specific user.
根据本公开的一个实施方式,所述预定用户为预约用户或登记用户。According to an embodiment of the present disclosure, the predetermined user is a reserved user or a registered user.
根据本公开的第三方面,一种生物特征信息动态匹配方法,包括:配置静态数据库,所述静态数据库存储有所有用户的相关数据,所述相关数据包括用户的生物特征信息;将满足预定条件的用户确定为特定用户;配置动态数据库,当满足预定条件的用户确定为特定用户时,将所述特定用户的相关数据从所述静态数据库传输至所述动态数据库,以存储至所述动态数据库中;接收所述特定用户的输入生物特征信息;以及比较所述输入生物特征信息与所述动态数据库存储的生物特征信息,如果二者一致,则判断为匹配。According to a third aspect of the present disclosure, a method for dynamically matching biometric information includes: configuring a static database that stores relevant data of all users, the relevant data including biometric information of the user; predetermined conditions will be satisfied Users are determined to be specific users; configure a dynamic database, and when a user who meets a predetermined condition is determined to be a specific user, transfer relevant data of the specific user from the static database to the dynamic database for storage to the dynamic database In; receiving the input biometric information of the specific user; and comparing the input biometric information and the biometric information stored in the dynamic database, if the two are consistent, it is judged as a match.
根据本公开的一个实施方式,该方法还包括:当所述特定用户不再满足所述预定条件时,将所述特定用户的相关数据从所述动态数据库中删除。According to an embodiment of the present disclosure, the method further includes: when the specific user no longer satisfies the predetermined condition, deleting related data of the specific user from the dynamic database.
根据本公开的一个实施方式,所述预定条件为预设位置范围,将处于所述预设位置范围的用户作为特定用户。According to an embodiment of the present disclosure, the predetermined condition is a preset position range, and a user in the preset position range is regarded as a specific user.
根据本公开的一个实施方式,通过检测用户所携带的移动终端来确定该用户是否处于所述预设位置范围中。According to an embodiment of the present disclosure, it is determined whether the user is in the preset position range by detecting the mobile terminal carried by the user.
根据本公开的一个实施方式,通过生物特征识别终端来接收所述特定用户的输入生物特征信息,并且所述预设位置范围为距离所述生物特征识别终端的预定距离范围。According to an embodiment of the present disclosure, the input biometric information of the specific user is received through a biometric identification terminal, and the preset position range is a predetermined distance range from the biometric identification terminal.
根据本公开的一个实施方式,所述移动终端为基于BLE/Beacon的移动终端,并且所述移动终端周期性发射信号,所述生物特征识别终端用于接收所述移动终端发射的信号。According to an embodiment of the present disclosure, the mobile terminal is a BLE/Beacon-based mobile terminal, and the mobile terminal periodically transmits a signal, and the biometric identification terminal is used to receive the signal transmitted by the mobile terminal.
根据本公开的一个实施方式,所述移动终端发射的信号包括移动终端的固有信息,所述固有信息包括移动终端的IMEI、UUID、蓝牙地址、WLAN MAC地址、序列号、电话号码中的至少一种,并且用户的所述相关数据包括移动终端的所述固有信息。According to an embodiment of the present disclosure, the signal transmitted by the mobile terminal includes inherent information of the mobile terminal, and the inherent information includes at least one of the IMEI, UUID, Bluetooth address, WLAN MAC address, serial number, and phone number of the mobile terminal And the relevant data of the user includes the inherent information of the mobile terminal.
根据本公开的一个实施方式,设置多个所述生物特征识别终端,来确认所述生物特征识别终端的周围的移动终端的数量。According to an embodiment of the present disclosure, a plurality of the biometric identification terminals are provided to confirm the number of mobile terminals around the biometric identification terminal.
根据本公开的一个实施方式,通过多个所述生物特征识别终端来测量周围的每个移动终端的距离,从而确定携带移动终端的用户进行生物识别的时间和/或概率。According to an embodiment of the present disclosure, the distance of each mobile terminal in the surroundings is measured by a plurality of the biometric recognition terminals, so as to determine the time and/or probability of the user carrying the mobile terminal to perform the biometric recognition.
根据本公开的一个实施方式,所述预定条件为预定用户,当用户为预定用户时,将该用户作为特定用户。According to an embodiment of the present disclosure, the predetermined condition is a predetermined user, and when the user is a predetermined user, the user is regarded as a specific user.
根据本公开的一个实施方式,所述预定用户为预约用户或登记用户。According to an embodiment of the present disclosure, the predetermined user is a reserved user or a registered user.
根据本公开的第四方面,一种生物特征信息动态匹配装置,包括:静态数据库模块,所述静态数据库存储有所有用户的相关数据,所述相关数据包括用户的生物特征信息;确定模块,将满足预定条件的用户确定为特定用户;动态数据库模块,当满足预定条件的用户确定为特定用户时,将所述特定用户的相关数据从所述静态数据库传输至所述动态数据库,以存储至所述动态数据库中;生物特征识别模块,接收所述特定用户的输入生物特征信息;以及比较模块,用于比较所述输入生物特征信息与所述动态数据库存储的生物特征信息,如果二者一致,则判断为匹配。According to a fourth aspect of the present disclosure, a device for dynamically matching biometric information includes: a static database module that stores relevant data of all users, and the relevant data includes biometric information of the user; A user who meets a predetermined condition is determined as a specific user; a dynamic database module, when a user who meets a predetermined condition is determined as a specific user, transfers the relevant data of the specific user from the static database to the dynamic database for storage to all The dynamic database; a biometrics identification module that receives the input biometric information of the specific user; and a comparison module for comparing the input biometric information with the biometric information stored in the dynamic database, if the two are consistent, It is judged as a match.
根据本公开的一个实施方式,该装置还包括:当所述特定用户不再满足所述预定条件时,将所述特定用户的相关数据从所述动态数据 库中删除。According to an embodiment of the present disclosure, the apparatus further includes: when the specific user no longer satisfies the predetermined condition, deleting the relevant data of the specific user from the dynamic database.
根据本公开的一个实施方式,所述预定条件为预设位置范围,将处于所述预设位置范围的用户作为特定用户。According to an embodiment of the present disclosure, the predetermined condition is a preset position range, and a user in the preset position range is regarded as a specific user.
根据本公开的一个实施方式,通过所述生物特征识别模块检测用户所携带的移动终端来确定该用户是否处于所述预设位置范围中。According to an embodiment of the present disclosure, the mobile terminal carried by the user is detected by the biometric identification module to determine whether the user is in the preset position range.
根据本公开的一个实施方式,所述移动终端为基于BLE/Beacon的移动终端,并且所述移动终端周期性发射信号,所述生物特征识别模块用于接收所述移动终端发射的信号。According to an embodiment of the present disclosure, the mobile terminal is a BLE/Beacon-based mobile terminal, and the mobile terminal periodically transmits a signal, and the biometric identification module is used to receive the signal transmitted by the mobile terminal.
根据本公开的一个实施方式,所述移动终端发射的信号包括移动终端的固有信息,所述固有信息包括移动终端的IMEI、UUID、蓝牙地址、WLAN MAC地址、序列号、电话号码中的至少一种,并且用户的所述相关数据包括移动终端的所述固有信息。According to an embodiment of the present disclosure, the signal transmitted by the mobile terminal includes inherent information of the mobile terminal, and the inherent information includes at least one of the IMEI, UUID, Bluetooth address, WLAN MAC address, serial number, and phone number of the mobile terminal And the relevant data of the user includes the inherent information of the mobile terminal.
根据本公开的一个实施方式,设置多个所述生物特征识别模块,来确认所述生物特征识别模块的周围的移动终端的数量。According to an embodiment of the present disclosure, a plurality of the biometric identification modules are provided to confirm the number of mobile terminals around the biometric identification module.
根据本公开的一个实施方式,通过多个所述生物特征识别模块来测量周围的每个移动终端的距离,从而确定携带移动终端的用户进行生物识别的时间和/或概率。According to one embodiment of the present disclosure, the distance of each mobile terminal in the surrounding is measured by a plurality of the biometric identification modules, so as to determine the time and/or probability of biometric identification by the user carrying the mobile terminal.
根据本公开的一个实施方式,所述预定条件为预定用户,当用户为预定用户时,将该用户作为特定用户。According to an embodiment of the present disclosure, the predetermined condition is a predetermined user, and when the user is a predetermined user, the user is regarded as a specific user.
根据本公开的一个实施方式,所述预定用户为预约用户或登记用户。According to an embodiment of the present disclosure, the predetermined user is a reserved user or a registered user.
根据本公开的一个实施方式,所述确定模块、生物特征识别模块及比较模块位于生物特征识别终端中。According to an embodiment of the present disclosure, the determination module, the biometric identification module, and the comparison module are located in the biometric identification terminal.
根据本公开的一个实施方式,所述动态数据库模块位于生物特征识别终端中、或者位于本地网络中、或者位于静态数据库模块所处的服务器中、或者位于与静态数据库模块所处的服务器不同的另一服务器中。According to an embodiment of the present disclosure, the dynamic database module is located in the biometrics terminal, or in the local network, or in the server where the static database module is located, or in a different server from where the static database module is located. In a server.
根据本公开的第五方面,一种生物特征识别系统,包括如上述的生物特征信息动态匹配装置。According to a fifth aspect of the present disclosure, a biometric identification system includes the biometric information dynamic matching device as described above.
附图说明BRIEF DESCRIPTION
附图示出了本公开的示例性实施方式,并与其说明一起用于解释本公开的原理,其中包括了这些附图以提供对本公开的进一步理解,并且附图包括在本说明书中并构成本说明书的一部分。The drawings illustrate exemplary embodiments of the present disclosure and are used to explain the principles of the present disclosure together with their descriptions. These drawings are included to provide a further understanding of the present disclosure, and the drawings are included in this specification and constitute the present Part of the manual.
图1是根据本公开一个实施方式的动态数据处理方法的流程示意图。FIG. 1 is a schematic flowchart of a dynamic data processing method according to an embodiment of the present disclosure.
图2是根据本公开一个实施方式的用户数据的列表形式的示意图。2 is a schematic diagram of a list form of user data according to an embodiment of the present disclosure.
图3是根据本公开一个实施方式的动态数据处理装置的示意图。3 is a schematic diagram of a dynamic data processing device according to an embodiment of the present disclosure.
图4是根据本公开一个实施方式的动态数据处理装置的示意图。4 is a schematic diagram of a dynamic data processing device according to an embodiment of the present disclosure.
图5是根据本公开一个实施方式的生物特征信息动态匹配方法的流程示意图。5 is a schematic flowchart of a method for dynamically matching biometric information according to an embodiment of the present disclosure.
图6是根据本公开一个实施方式的生物识别终端配置的示意图。6 is a schematic diagram of a configuration of a biometric terminal according to an embodiment of the present disclosure.
图7是根据本公开一个实施方式的生物识别终端检测用户位置的示意图。7 is a schematic diagram of a biometric terminal detecting a user position according to an embodiment of the present disclosure.
图8是根据本公开一个实施方式的配置动态数据库的流程示意图。8 is a schematic flowchart of configuring a dynamic database according to an embodiment of the present disclosure.
图9是根据本公开一个实施方式的生物识别方式的流程示意图。9 is a schematic flowchart of a biometrics identification method according to an embodiment of the present disclosure.
具体实施方式detailed description
下面结合附图和实施方式对本公开作进一步的详细说明。可以理解的是,此处所描述的具体实施方式仅用于解释相关内容,而非对本公开的限定。另外还需要说明的是,为了便于描述,附图中仅示出了与本公开相关的部分。The disclosure will be further described in detail below with reference to the drawings and embodiments. It can be understood that the specific embodiments described herein are only used for explaining related contents, rather than limiting the present disclosure. It should also be noted that, for ease of description, only the parts related to the present disclosure are shown in the drawings.
需要说明的是,在不冲突的情况下,本公开中的实施方式及实施方式中的特征可以相互组合。下面将参考附图并结合实施方式来详细说明本公开。It should be noted that the embodiments in the present disclosure and the features in the embodiments can be combined with each other without conflict. The disclosure will be described in detail below with reference to the drawings and in conjunction with the embodiments.
首先图1示出了根据本公开的第一实施方式的动态数据处理方法。First, FIG. 1 shows a dynamic data processing method according to the first embodiment of the present disclosure.
如图1所示,该动态数据处理方法可以包括:步骤S10,配置静态数据库;步骤S20,确定特定用户;以及步骤S30,配置动态数据库。As shown in FIG. 1, the dynamic data processing method may include: step S10, configuring a static database; step S20, determining a specific user; and step S30, configuring a dynamic database.
在步骤S10中,配置静态数据库以使得静态数据库中存储所有用户的相关数据。本公开中,静态数据库是指存储有所有注册用户的相关数 据的数据库。In step S10, the static database is configured so that the static database stores relevant data of all users. In this disclosure, a static database refers to a database that stores relevant data of all registered users.
在此,以生物识别应用为例,相关数据可以包括用户的基本信息及生物识别信息,并且还可以包括用户拥有的移动终端的唯一信息,这些数据例如包括:用户名、身份证号、电话号码、移动终端的IMEI(国际移动终端识别码)、UUID(通用唯一识别码)、蓝牙地址、WLAN MAC地址、终端序列号、生物特征信息等。在必要情况下,一个用户可以注册多个信息和多个移动终端,并且对要注册的设备类型和数量也没有限制,例如可以是便携电话、智能手表、平板等移动终端。Here, taking a biometric application as an example, the relevant data may include the user's basic information and biometric information, and may also include the unique information of the mobile terminal owned by the user, such data includes: user name, ID number, phone number , IMEI (International Mobile Terminal Identification Code), UUID (Universal Unique Identification Code) of mobile terminal, Bluetooth address, WLAN MAC address, terminal serial number, biometric information, etc. When necessary, a user can register multiple information and multiple mobile terminals, and there is no limit to the type and number of devices to be registered, for example, mobile terminals such as portable phones, smart watches, and tablets.
图2示出了静态数据库中存储的用户数据的列表形式。本领域的技术人员应当理解,虽然在图2中所示的用户可以对应于多个注册移动终端的唯一信息。Figure 2 shows the list format of user data stored in a static database. Those skilled in the art should understand that although the user shown in FIG. 2 may correspond to unique information of multiple registered mobile terminals.
在登录用户的相关数据时,可以通过输入终端输入用户的基本信息,并且提取输入该用户的移动终端信息,且通过生物识别终端采集用户的生物特征信息,形成对应的列表形式。When logging in the user's relevant data, the user's basic information can be input through the input terminal, and the user's mobile terminal information can be extracted and input, and the user's biometric information can be collected through the biometric terminal to form a corresponding list form.
在步骤S20中,用于确定特定用户,其中该确定可通过是否满足预定条件的方式来进行。例如,通过生物识别终端或其他形式的接收器来监测用户所携带的移动终端是否处于预定的位置范围中,如果处于预定的位置范围内,则将该用户确定为特定用户。例如,在地铁认证系统中使用时,所有的用户信息为已经注册的地铁用户,其可能是超过500万甚至1000万的用户量,当某些用户进入预定识别范围中时,将这些用户确定为特定用户。其中该特定用户的选择也可以基于在特定时间(今天、明天、后天)的对某事件预约的预约用户,将预约者确定为特定用户,例如在预约的场景下,可以将某天预约的用户在该天作为特定用户。也可以将进行了登记的用户作为特定用户,例如,在酒店、医院或展会等的场景下,将已经登记的用户作为特定用户。In step S20, it is used to determine a specific user, where the determination can be made by whether a predetermined condition is satisfied. For example, a biometric terminal or other form of receiver is used to monitor whether the mobile terminal carried by the user is within a predetermined location range, and if it is within the predetermined location range, the user is determined to be a specific user. For example, when used in the subway authentication system, all user information is registered subway users, which may be more than 5 million or even 10 million users. When some users enter the predetermined recognition range, these users are determined as Specific users. The selection of the specific user may also be based on the reserved user who made a reservation for an event at a specific time (today, tomorrow, the day after tomorrow), and the reservation is determined as the specific user. For example, in the scenario of reservation, the user who can reserve a certain day As a specific user on that day. The registered user may also be regarded as a specific user. For example, in a scene of a hotel, hospital, or exhibition, the registered user may be regarded as a specific user.
在步骤S30中,当满足预定条件的用户确定为特定用户时,将特定用户的相关数据从静态数据库传输至动态数据库,以存储至动态数据库中。In step S30, when the user satisfying the predetermined condition is determined to be the specific user, the relevant data of the specific user is transferred from the static database to the dynamic database for storage in the dynamic database.
在本公开中,动态数据库是指接收且存储静态数据中存储的特定用户的相关数据的数据库。该动态数据库根据特定用户的不同,存储 的内容将会有所变化。尤其是当之前被认定为特定用户的用户目前不再满足预定条件时,则不能继续将其确认为特定用户,其在动态数据库中存储的该用户的相关数据可以进行删除。该删除操作可以为实时的,也可以延迟一段时间,本领域的技术人员可以根据实际情况来进行设定。In the present disclosure, a dynamic database refers to a database that receives and stores data related to a specific user stored in static data. The content of the dynamic database will vary according to the specific user. In particular, when a user previously identified as a specific user no longer satisfies the predetermined condition, he cannot continue to be confirmed as a specific user, and the user's relevant data stored in the dynamic database can be deleted. The deletion operation may be real-time or delayed for a period of time, and those skilled in the art may set it according to actual conditions.
根据上述方法,对于中大型静态数据库,例如百万级的数据库,通过根据特定用户来建立动态数据库,并且基于动态数据库来针对特定用户进行数据处理,可以有效的加快处理速度。因为对于满足条件的用户,其数量通常为万级以下。这样数据的处理可以有小规模的动态数据库来完成,在不需增加设备投资的情况下极大地加快了速度。According to the above method, for medium and large-scale static databases, such as million-level databases, by establishing a dynamic database according to a specific user and performing data processing for the specific user based on the dynamic database, the processing speed can be effectively accelerated. Because the number of users who meet the conditions is usually below 10,000. Such data processing can be completed with a small-scale dynamic database, which greatly speeds up the speed without increasing equipment investment.
在可选实施例中,上述方法还可以包括步骤S40,接收用户的输入信息。例如,在需要生物识别认证时,可以通过生物识别终端来接收特定用户输入的生物特征信息。上述方法进一步还可以包括步骤S50,其用于将生物识别认证时输入的生物特征信息与动态数据库中存储的用户的生物特征信息进行比较,如果一致,则用户认证通过。In an alternative embodiment, the above method may further include step S40, receiving user input information. For example, when biometric authentication is required, biometric information input by a specific user may be received through the biometric terminal. The above method may further include step S50, which is used to compare the biometric information input during biometric authentication with the biometric information of the user stored in the dynamic database, and if they match, the user authentication is passed.
根据本公开的第二实施方式,还提供了一种与第一实施方式的方法相对应的动态数据处理装置。下面参照图3来进行详细说明。According to the second embodiment of the present disclosure, there is also provided a dynamic data processing device corresponding to the method of the first embodiment. Detailed description will be given below with reference to FIG. 3.
首先应当说明的是,本公开描述的或附图中所示的,分离的不同模块并不意味着其在不同的物理设备中实现,结合的物理模块也不意味着其在相同的物理设备中实现。下面的各个模块的划分仅仅是根据实现的功能来进行划分,与实际物理设备的划分无关。First, it should be noted that, as described in this disclosure or shown in the drawings, separate different modules do not mean that they are implemented in different physical devices, nor do combined physical modules mean that they are in the same physical device achieve. The division of each module below is only based on the implemented functions, and has nothing to do with the division of actual physical devices.
如图2所示,该动态数据处理装置可以包括静态数据库模块1、动态数据库模块2及确定模块3。静态服务器1用于存储所有用户的相关数据。该数据的形式及存储方式可以与第一实施方式相同。确定模块3用于将满足预定条件的用户确定为特定用户,预定条件及确定方式可以与第一实施方式相同。动态数据库模块2用于根据确定模块3所确定的特定用户,用于从静态数据库模块3中接收特定用户的相关数据并进行存储。动态数据库模块2的操作方式可以与第一实施方式相同,例如,当之前特定用户目前不再是特定用户时,其数据可以从动态数据库模块2中删除。As shown in FIG. 2, the dynamic data processing apparatus may include a static database module 1, a dynamic database module 2, and a determination module 3. The static server 1 is used to store data about all users. The format and storage method of the data may be the same as the first embodiment. The determination module 3 is used to determine a user who meets a predetermined condition as a specific user, and the predetermined condition and the determination manner may be the same as the first embodiment. The dynamic database module 2 is used to receive the specific user's data from the static database module 3 according to the specific user determined by the determination module 3 and store it. The operation mode of the dynamic database module 2 may be the same as the first embodiment. For example, when a specific user is no longer a specific user before, the data of the dynamic database module 2 may be deleted from the dynamic database module 2.
该动态数据处理装置还可以包括输入模块4及比较模块5。在生物特征信息认证的过程中,输入模块4可以是如上所述的生物识别终端的形式,并且可以用于执行上述的步骤S40。比较模块5则可以用于执行上述的步骤S50。The dynamic data processing device may further include an input module 4 and a comparison module 5. In the process of biometric information authentication, the input module 4 may be in the form of a biometric terminal as described above, and may be used to perform the above step S40. The comparison module 5 can be used to perform the above step S50.
例如在生物识别认证的场景下,静态数据库模块3是用于存储所有用户的相关数据,其不直接用于生物识别比较,而是仅仅充当所有用户的数据中心。而动态数据库模块2则是根据特定用户的变化而进行变化,因此其可以认为是一个临时的数据库模块。动态数据库模块2可以位于生物识别终端中,可以位于本地网络上,也可以是静态数据库模块3所处的服务器系统的一个子数据库,甚至是一个专门为动态数据库模块2而构建的服务器系统。本公开对动态数据库模块2的构成方式不进行限定。另外还可以针对多个生物识别终端而构成该一个动态数据库模块。For example, in the scenario of biometric authentication, the static database module 3 is used to store relevant data of all users, which is not directly used for biometric comparison, but only acts as a data center for all users. The dynamic database module 2 changes according to the change of a specific user, so it can be regarded as a temporary database module. The dynamic database module 2 can be located in the biometric terminal, it can be located on the local network, or it can be a sub-database of the server system where the static database module 3 is located, or even a server system specifically built for the dynamic database module 2. The present disclosure does not limit the structure of the dynamic database module 2. In addition, the one dynamic database module may be formed for multiple biometric terminals.
在本公开中,该动态数据处理装置可以包括多个接收模块,并且多个接收模块可以与确定模块/比较模块一一对应或者多一对应。例如在生物识别领域,可以根据实际的应用地点来设置多个生物识别终端。In the present disclosure, the dynamic data processing apparatus may include a plurality of receiving modules, and the plurality of receiving modules may correspond to the determination module/comparison module in one-to-one correspondence or in one-to-one correspondence. For example, in the field of biometrics, multiple biometrics terminals can be installed according to the actual application location.
为了更好地说明本公开的各个模块设置的多样性。以生物识别应用为例,上面描述的动态数据库模块2、确定模块3、接收模块4及比较模块5均可以在生物识别终端中实现,而静态数据库模块1则可以在远程服务器中实现。In order to better illustrate the diversity of the various module settings of the present disclosure. Taking the biometrics application as an example, the dynamic database module 2, the determination module 3, the receiving module 4 and the comparison module 5 described above can all be implemented in the biometric terminal, and the static database module 1 can be implemented in the remote server.
根据本公开的第三实施方式,提供了一种生物特征信息动态匹配方法。According to a third embodiment of the present disclosure, a method for dynamically matching biometric information is provided.
图5示出了根据本公开的生物特征信息动态匹配方法的示意性流程图。FIG. 5 shows a schematic flowchart of a method for dynamically matching biometric information according to the present disclosure.
在步骤S100中,配置静态数据库,静态数据库存储有所有用户的相关数据,相关数据包括用户的生物特征信息。在步骤S200中,将满足预定条件的用户确定为特定用户。在步骤S300中,配置动态数据库,当满足预定条件的用户确定为特定用户时,将特定用户的相关数据从静态数据库传输至动态数据库,以存储至动态数据库中。在步骤S400中,接收特定用户的输入生物特征信息;以及在步骤S500中比较输入 生物特征信息与动态数据库存储的生物特征信息,如果二者一致,则判断为匹配。其中,本实施方式中的步骤S100~S500的具体实现方式可以分别与第一实施方式中的步骤S10~S50相同或相似。In step S100, a static database is configured, and the static database stores relevant data of all users, and the relevant data includes biometric information of the user. In step S200, a user satisfying a predetermined condition is determined as a specific user. In step S300, a dynamic database is configured, and when a user who meets a predetermined condition is determined to be a specific user, related data of the specific user is transferred from the static database to the dynamic database for storage in the dynamic database. In step S400, the input biometric information of a specific user is received; and in step S500, the input biometric information is compared with the biometric information stored in the dynamic database, and if the two are consistent, it is judged as a match. The specific implementation manners of steps S100-S500 in this embodiment may be the same as or similar to steps S10-S50 in the first embodiment, respectively.
另外,根据本公开的第四实施方式,还提供了一种生物特征信息动态匹配装置,包括:静态数据库模块,存储有所有用户的相关数据,相关数据包括用户的生物特征信息;确定模块,将满足预定条件的用户确定为特定用户;动态数据库模块,当满足预定条件的用户确定为特定用户时,将特定用户的相关数据从静态数据库传输至动态数据库,以存储至所述动态数据库中;生物特征识别模块,接收特定用户的输入生物特征信息;以及比较模块,用于比较输入生物特征信息与动态数据库存储的生物特征信息,如果二者一致,则判断为匹配。In addition, according to the fourth embodiment of the present disclosure, there is also provided a device for dynamically matching biometric information, including: a static database module that stores relevant data of all users, and the relevant data includes biometric information of the user; The user who meets the predetermined condition is determined as the specific user; the dynamic database module, when the user who meets the predetermined condition is determined as the specific user, transfers the relevant data of the specific user from the static database to the dynamic database for storage in the dynamic database; The feature recognition module receives the input biometric information of a specific user; and the comparison module is used to compare the input biometric information with the biometric information stored in the dynamic database. If the two are consistent, it is judged as a match.
下面将基于通过用户携带的移动终端来进行用户判断的方式为例来对第三和第四实施方式进行说明。In the following, the third and fourth embodiments will be described based on an example of a method of performing user judgment through a mobile terminal carried by the user.
在静态数据库中需要注册存储移动终端的唯一信息,例如上述的电话号码、移动终端的IMEI(国际移动终端识别码)、UUID(通用唯一识别码)、蓝牙地址、WLAN MAC地址、终端序列号,以及将这些信息与用户名、身份证号及生物特征信息对应的建立关系。如上所述,一个用户可以对应于多个移动终端。It is necessary to register and store the unique information of the mobile terminal in the static database, such as the above-mentioned phone number, IMEI (International Mobile Terminal Identification Code), UUID (Universal Unique Identification Code), Bluetooth address, WLAN MAC address, terminal serial number of the mobile terminal, And establish the relationship between these information and the user name, ID number and biometric information. As described above, one user can correspond to multiple mobile terminals.
生物特征识别终端判断注册的移动终端是否处于预定的位置范围内。这里,可以通过生物特征识别终端扫描和检测移动终端的接近性来实现。本公开应用的是,现有技术中描述的移动终端的接近检测技术。4.0版本之前的蓝牙技术需要两个设备之间配对(Pairing),这意味着只有可识别和经过身份验证的设备才能正常通信。但是,由于蓝牙4.0及之后版本添加了BLE(低功耗蓝牙),广播(Broadcasting)使得可以在不配对的情况下搜索和识别周边设备,可以发送和接收简单信息、测量通信响应时间、以及估计与设备的物理距离信息。基于此,能像小型标志一样使用的技术是Beacon(信标)。使用BLE技术的典型示例是最近的小米物联网(IOT)设备,当购买新的设备注册时,使用移动电话的BLE功能搜索设备,读取设备信息并将其编入到用户环境中的过程非常简单。而在过去,要在WIFI环境中包含新设备,必须完成在设备上输入和注册 网络信息的过程,为此,需要有其他输入装置和显示屏。但是BLE/Beacon可以把这些部分用广播方式进行简单地搜索,这种通信方式功耗非常低,现在可以轻松利用没有按钮的小型传感器和廉价的设备。Beacon可以有各种形式,如iBeacon(Apple)和URIBeacon(Google),使用的固有固有信息可能因移动终端的不用而不同。The biometric terminal determines whether the registered mobile terminal is within a predetermined location range. Here, it can be achieved by the biometric terminal scanning and detecting the proximity of the mobile terminal. The present disclosure applies the proximity detection technology of the mobile terminal described in the prior art. Bluetooth technology before version 4.0 requires pairing (Pairing) between two devices, which means that only identifiable and authenticated devices can communicate normally. However, due to the addition of BLE (Bluetooth Low Energy) in Bluetooth 4.0 and later, Broadcasting makes it possible to search and identify peripheral devices without pairing, send and receive simple information, measure communication response time, and estimate Information about the physical distance from the device. Based on this, the technology that can be used like a small logo is Beacon (beacon). A typical example of using BLE technology is the recent Xiaomi Internet of Things (IOT) device. When a new device is purchased for registration, the mobile phone's BLE function is used to search for the device, read the device information and incorporate it into the user environment. simple. In the past, to include new equipment in the WIFI environment, the process of entering and registering network information on the equipment had to be completed. For this, other input devices and display screens were required. However, BLE/Beacon can simply search these parts by broadcasting. The power consumption of this communication method is very low. Now you can easily use small sensors without buttons and inexpensive devices. Beacon can take various forms, such as iBeacon (Apple) and URIBeacon (Google), and the inherent inherent information used may be different depending on the use of the mobile terminal.
使用BLE/Beacon技术的移动终端可以通过广播包(Advertising Packet)的形式连续地并且周期性地向外发送信号,通过广播包传输移动终端的固有信息,并且生物特征识别终端作为接收器来进行工作,以接收移动终端的固有信息。A mobile terminal using BLE/Beacon technology can continuously and periodically send out signals in the form of advertising packets, transmit the inherent information of the mobile terminal through the broadcast packets, and the biometric identification terminal works as a receiver To receive the unique information of the mobile terminal.
BLE/Beacon的默认检测距离为50米。然而,最终性能取决于构造环境,并且可以通过各种方法扩展/集中检测距离。这里的核心能容是生物特征识别终端通过这种方法确认周边移动终端的数量,可以创建可能尝试生物识别的用户的初步列表。例如,通过多个生物特征识别终端来构建检测环境,如图6所示。此外,也可以通过如图7的方式安装多个生物特征识别终端终端作为接收器时,可以测量每个移动终端的位置,从而参考该位置可以预测生物认证尝试时间和概率。图7中的C1~C4表示第一至第四生物特征识别终端,并且d1~d4表示移动终端距离各个生物特征识别终端终端的距离。The default detection distance of BLE/Beacon is 50 meters. However, the final performance depends on the construction environment, and the detection distance can be expanded/concentrated through various methods. The core capability here is that the biometric identification terminal confirms the number of surrounding mobile terminals in this way, and a preliminary list of users who may try biometric identification can be created. For example, the detection environment is constructed through multiple biometric recognition terminals, as shown in FIG. 6. In addition, when a plurality of biometric identification terminal terminals are installed as receivers in the manner as shown in FIG. 7, the position of each mobile terminal can be measured, so that the biometric authentication attempt time and probability can be predicted by referring to the position. C1 to C4 in FIG. 7 represent the first to fourth biometric recognition terminals, and d1 to d4 represent the distance of the mobile terminal from each biometric recognition terminal terminal.
通过上述生成的初步列表,生物特征识别终端或其他设备可以动态地配置生物认证所需的数据库,即动态数据库。当然也可以仅根据附近的用户,来构建该动态数据库。Through the preliminary list generated above, the biometrics identification terminal or other devices can dynamically configure a database required for biometric authentication, that is, a dynamic database. Of course, it is also possible to construct the dynamic database only based on nearby users.
对于该动态配置,下面将参照图8来进行说明。该动态配置是指在已有的动态数据库的基础上使得动态数据库进行变化的配置。This dynamic configuration will be described below with reference to FIG. 8. The dynamic configuration refers to a configuration in which the dynamic database is changed based on the existing dynamic database.
该动态配置的方法包括以下步骤:The method of dynamic configuration includes the following steps:
步骤S301,生物特征识别终端检测周边移动终端及收集移动终端信息,其可以通过上述BLE/Beacon技术来进行检测并获取设备信息。In step S301, the biometric identification terminal detects surrounding mobile terminals and collects mobile terminal information, which can be detected and obtained device information through the above-mentioned BLE/Beacon technology.
步骤S302,比较判断收集的移动终端信息与动态数据库中存储的移动终端信息。Step S302, comparing and determining the collected mobile terminal information with the mobile terminal information stored in the dynamic database.
步骤S303,当动态数据库中存储的某个或某些移动终端信息不包含在收集的移动终端信息中时,将动态数据库中存储的该某个或某些移动 终端信息删除。这时可能表明持有移动终端的用户之前处于预定位置范围内,但是目前已经不处于预定位置范围内,其可能不进行之后的生物认证,因此对于该类用户,可以将其信息从动态数据库中删除。Step S303, when certain mobile terminal information stored in the dynamic database is not included in the collected mobile terminal information, delete the mobile terminal information stored in the dynamic database. At this time, it may indicate that the user holding the mobile terminal was previously within the predetermined location range, but is currently not within the predetermined location range, and it may not perform subsequent biometric authentication, so for this type of user, you can remove its information from the dynamic database delete.
步骤S304,当动态数据库中存储的移动终端信息不包含某个或某些收集的移动终端信息时,则视为检测到新的移动终端。也就是说,持有移动终端的用户之前未处于预定位置范围内,但是目前已经处于预定位置范围内,其可能将进行之后的生物认证。Step S304, when the mobile terminal information stored in the dynamic database does not contain some or some collected mobile terminal information, it is regarded as that a new mobile terminal is detected. That is to say, the user who holds the mobile terminal was not in the predetermined location range before, but is currently in the predetermined location range, and it may perform the subsequent biometric authentication.
步骤S305,对于持有步骤S304判断出的移动终端的用户,可以使用检测到的新移动终端的信息,在静态数据库中进行查询,以找到与该用户相匹配的数据信息。In step S305, for the user who holds the mobile terminal determined in step S304, the information of the detected new mobile terminal can be used to perform a query in a static database to find data information matching the user.
步骤S306,从静态数据库传输新的移动终端的用户的包括生物识别信息的相关信息。In step S306, relevant information including biometric information of the user of the new mobile terminal is transmitted from the static database.
步骤S307,动态数据库接收且添加新的移动终端的用户的信息。这样动态数据库中通过存储该信息以备之后可能的生物认证使用。Step S307, the dynamic database receives and adds the information of the user of the new mobile terminal. In this way, this information is stored in the dynamic database for possible future biometric authentication.
图9示出了用户进行生物认证时的流程示意图。首先,用户在生物识别终端输入生物特征信息。然后将终端接收的生物识别信息与当前配置的动态数据库中存储的生物识别信息相比对,如果一致,则验证通过,如果不一致,则验证不通过。FIG. 9 shows a schematic flow chart when a user performs biometric authentication. First, the user inputs biometric information at the biometric terminal. Then, the biometric information received by the terminal is compared with the biometric information stored in the currently configured dynamic database. If they match, the verification is passed, and if they are not, the verification fails.
另外,如上面实施方式中所描述的,可以根据需要来设置动态数据库所处的位置。In addition, as described in the above embodiment, the location where the dynamic database is located can be set as needed.
根据本公开的实施方式,用户无需操作移动终端,可以仅用生物识别快速使用所需服务。无需单独取出卡,也不需要打开手机并运行应用程序。并且还具有交叉验证用户的移动终端和生物信息的效果,而无需用户的任何通知。According to an embodiment of the present disclosure, a user does not need to operate a mobile terminal, and can quickly use a required service using only biometrics. There is no need to remove the card separately, nor to open the phone and run the application. And it also has the effect of cross-validating the user's mobile terminal and biological information without any notification from the user.
这种方法的优点是不仅加快生物识别的执行速度和降低设备投资成本,还可以最大化生物识别认证性能本身。由于生物识别技术使用基于概率的技术来比较由于每次获取生物特征时改变的生物信息引起的特征点,因此难以实现0%的错误率的技术。为了克服这些限制,存在2-factor(双因素)认证方法。这是因为当组合使用如指纹+掌静脉,指纹+人脸,掌静脉+人脸的各种生物认证手段时,认证失败的概率降低到A×B(A、 B分别为两种方式的失败概率)。该方法是现有技术中提到的基于移动终端的技术和生物识别技术的2-factor(双因素)认证。就是说现有的技术是拥有终端/卡的是“本人”的假设要成立,生物特征认证具有FAR(认假率)/FRR(据真率)的错误概率,因此当这两个组合变为A&B时,可以最小化两种方法中可能出现的错误。这是一种证明“有这张卡/终端的肯定是我”的方法,可以大幅度提高安全性。The advantage of this method is not only to speed up the implementation of biometrics and reduce equipment investment costs, but also to maximize biometric authentication performance itself. Since the biometrics technology uses a probability-based technology to compare feature points caused by biological information that changes each time a biometric is acquired, it is difficult to achieve a technology with an error rate of 0%. To overcome these limitations, there is a 2-factor (two-factor) authentication method. This is because when various biometric authentication methods such as fingerprint + palm vein, fingerprint + face, palm vein + face are used in combination, the probability of authentication failure is reduced to A×B (A and B are the failure of the two methods respectively Probability). This method is 2-factor (two-factor) authentication based on mobile terminal technology and biometric technology mentioned in the prior art. That is to say, the assumption that the existing technology owns the terminal/card is the "person". The biometric authentication has an error probability of FAR (false recognition rate)/FRR (according to the true rate), so when these two combinations become In A&B, you can minimize errors that may occur in both methods. This is a method to prove that "the one who has this card/terminal must be me" can greatly improve security.
最后,2-factor(双因素)无法认证的情况下,即移动终端不在身边或丢失等情况进行描述。在这种情况下,使用生物识别前可以利用其他的移动终端来输入用户信息。虽然可以使用本人的身份证号或手机号之类的固有识别号码,也可以输入姓名和出生日期等可能重复的信息。具有相同姓名和相同出生日期的用户的数量是有限的,并且可以通过将信息输入到动态数据库中,并且将该用户的生物识别信息从静态数据库传输至动态数据库,来执行生物认证比较操作。这样输入的信息不会在动态数据库中直接删除,也可以维持特定期间的持续使用。Finally, the case where the 2-factor (two-factor) cannot be authenticated, that is, the mobile terminal is not around or lost is described. In this case, you can use other mobile terminals to enter user information before using biometrics. Although you can use your own identification number such as your ID card number or mobile phone number, you can also enter possible duplicate information such as name and date of birth. The number of users with the same name and the same date of birth is limited, and the biometric authentication comparison operation can be performed by inputting information into the dynamic database and transmitting the user's biometric information from the static database to the dynamic database. In this way, the input information will not be deleted directly in the dynamic database, and it can also be used continuously for a specific period.
根据本公开,可以将包括百万级以上的用户的大型数据库的实际生物识别比较运算可以由万级以下的小规模数据库来运行。并且不需要其他设备投资,也可以快速进行生物识别。为了获得更高的性能,还可以通过另外的用于比较的计算机或软件来构建动态数据库。因为这些设备即使在普通电脑性能下也可以在1秒内处理超过10000人,现有的需要中/大型服务器系统的设备进行比较的话,有着廉价的优点。According to the present disclosure, the actual biometric comparison operation of a large database including users of more than one million levels can be performed by a small-scale database of less than ten thousand levels. And without the investment of other equipment, biometrics can also be carried out quickly. In order to obtain higher performance, it is also possible to construct a dynamic database through another computer or software for comparison. Because these devices can handle more than 10,000 people in one second even under the performance of ordinary computers, the existing devices that require medium/large server systems have the advantage of being cheap.
另外,根据本公开,每次在构成动态数据库的终端/电脑中新检测到用户时,必须在静态数据库中查询生物识别数据,整体的网络通讯量似乎有所增加。但是,假设接近的用户都有潜在的生物识别及生物识别终端为目的来接近,总通讯量与直接使用静态数据库比较的方式相同。唯一的区别是是将数据上传到静态数据库还是将数据下载到动态数据库。此外,如果在本地网络或终端中执行生物特征比较,则不需要额外的通讯量,并且不受其他网络的影响。最终,用户可以体验的速度比过去快得多。In addition, according to the present disclosure, every time a user is newly detected in the terminal/computer constituting the dynamic database, the biometric data must be queried in the static database, and the overall network traffic seems to increase. However, assuming that users who are close have potential biometrics and biometric terminals for the purpose of approaching, the total traffic is the same as the direct comparison using a static database. The only difference is whether the data is uploaded to a static database or downloaded to a dynamic database. In addition, if the biometric comparison is performed in a local network or terminal, no additional traffic is required, and it is not affected by other networks. Ultimately, users can experience much faster than in the past.
在本说明书的描述中,参考术语“一个实施例/方式”、“一些实施例/方式”、“示例”、“具体示例”、或“一些示例”等的描述意指结合该实施例/ 方式或示例描述的具体特征、结构、材料或者特点包含于本申请的至少一个实施例/方式或示例中。在本说明书中,对上述术语的示意性表述不必须针对的是相同的实施例/方式或示例。而且,描述的具体特征、结构、材料或者特点可以在任一个或多个实施例/方式或示例中以合适的方式结合。此外,在不相互矛盾的情况下,本领域的技术人员可以将本说明书中描述的不同实施例/方式或示例以及不同实施例/方式或示例的特征进行结合和组合。In the description of this specification, reference to the descriptions of the terms "one embodiment/mode", "some embodiments/modes", "examples", "specific examples", or "some examples" means to incorporate the embodiment/mode The specific features, structures, materials or characteristics described in the examples are included in at least one embodiment/mode or example of the present application. In this specification, the schematic expressions of the above terms do not necessarily refer to the same embodiment/mode or example. Moreover, the specific features, structures, materials, or characteristics described may be combined in any suitable manner in any one or more embodiments/modes or examples. In addition, without contradicting each other, those skilled in the art may combine and combine different embodiments/modes or examples and features of the different embodiments/modes or examples described in this specification.
此外,术语“第一”、“第二”仅用于描述目的,而不能理解为指示或暗示相对重要性或者隐含指明所指示的技术特征的数量。由此,限定有“第一”、“第二”的特征可以明示或者隐含地包括至少一个该特征。在本申请的描述中,“多个”的含义是至少两个,例如两个,三个等,除非另有明确具体的限定。In addition, the terms "first" and "second" are used for description purposes only, and cannot be understood as indicating or implying relative importance or implicitly indicating the number of indicated technical features. Thus, the features defined as "first" and "second" may include at least one of the features explicitly or implicitly. In the description of this application, the meaning of "plurality" is at least two, such as two, three, etc., unless otherwise specifically limited.
本领域的技术人员应当理解,上述实施方式仅仅是为了清楚地说明本公开,而并非是对本公开的范围进行限定。对于所属领域的技术人员而言,在上述公开的基础上还可以做出其它变化或变型,并且这些变化或变型仍处于本公开的范围内。Those skilled in the art should understand that the above-mentioned embodiments are only for clearly illustrating the present disclosure, rather than limiting the scope of the present disclosure. For those skilled in the art, other changes or modifications can be made on the basis of the above disclosure, and these changes or modifications are still within the scope of the present disclosure.

Claims (34)

  1. 一种动态数据处理方法,其特征在于,包括:A dynamic data processing method, which includes:
    配置静态数据库,所述静态数据库存储有所有用户的相关数据;A static database is configured, and the static database stores relevant data of all users;
    将满足预定条件的用户确定为特定用户;以及Identify users who meet predetermined conditions as specific users; and
    配置动态数据库,当满足预定条件的用户确定为特定用户时,将所述特定用户的相关数据从所述静态数据库传输至所述动态数据库,以存储至所述动态数据库中。Configure a dynamic database, and when a user who meets a predetermined condition is determined to be a specific user, transfer the relevant data of the specific user from the static database to the dynamic database for storage in the dynamic database.
  2. 如权利要求1所述的方法,其特征在于,还包括:当所述特定用户不再满足所述预定条件时,将所述特定用户的相关数据从所述动态数据库中删除。The method of claim 1, further comprising: when the specific user no longer satisfies the predetermined condition, deleting related data of the specific user from the dynamic database.
  3. 如权利要求1或2所述的方法,其特征在于,还包括:接收所述特定用户的输入信息,并且将所述输入信息与所述动态数据库存储的用户的相关数据进行比较。The method according to claim 1 or 2, further comprising: receiving input information of the specific user, and comparing the input information with user-related data stored in the dynamic database.
  4. 如权利要求1至3中任一项所述的方法,其特征在于,所述预定条件为预定位置范围或预定用户,将处于所述预定位置范围的用户或作为预定用户的用户确定为特定用户。The method according to any one of claims 1 to 3, wherein the predetermined condition is a predetermined location range or a predetermined user, and a user in the predetermined location range or a user who is a predetermined user is determined as a specific user .
  5. 如权利要求4所述的方法,其特征在于,所述预定用户为预约用户或登记用户。The method according to claim 4, wherein the predetermined user is a reserved user or a registered user.
  6. 一种动态数据处理装置,其特征在于,包括:A dynamic data processing device, characterized in that it includes:
    静态数据库模块,所述静态数据库存储有所有用户的相关数据;A static database module, where the static database stores relevant data of all users;
    确定模块,用于将满足预定条件的用户确定为特定用户;以及A determination module for determining a user satisfying a predetermined condition as a specific user; and
    动态数据库模块,当所述确定模块确定满足预定条件的用户作为特定用户时,所述动态数据库接收并存储来自所述静态数据库的所述特定用户的相关数据。A dynamic database module, when the determination module determines that a user who meets a predetermined condition is a specific user, the dynamic database receives and stores data about the specific user from the static database.
  7. 如权利要求6所述的装置,其特征在于,当所述特定用户不再满足所述预定条件时,所述动态数据库中存储的所述特定用户的相关数据被删除。The apparatus according to claim 6, wherein when the specific user no longer satisfies the predetermined condition, the data related to the specific user stored in the dynamic database is deleted.
  8. 如权利要求6或7所述的装置,其特征在于,还包括:The device according to claim 6 or 7, further comprising:
    接收模块,用于接收所述特定用户的输入信息;以及A receiving module, configured to receive input information of the specific user; and
    比较模块,用于比较所述输入信息与所述动态数据库存储的用户的相关数据。A comparison module is used to compare the input information with the user-related data stored in the dynamic database.
  9. 如权利要求6至8中任一项所述的装置,其特征在于,所述预定条件为预定位置或预定用户,将处于所述预定位置范围的用户或作为预定用户的用户确定为特定用户。The device according to any one of claims 6 to 8, wherein the predetermined condition is a predetermined location or a predetermined user, and a user who is within the predetermined location range or is a predetermined user is determined as a specific user.
  10. 如权利要求9所述的装置,其特征在于,所述预定用户为预约用户或登记用户。The apparatus of claim 9, wherein the predetermined user is a reserved user or a registered user.
  11. 一种生物特征信息动态匹配方法,其特征在于,包括:A method for dynamically matching biometric information, characterized in that it includes:
    配置静态数据库,所述静态数据库存储有所有用户的相关数据,所述相关数据包括用户的生物特征信息;A static database is configured, and the static database stores relevant data of all users, and the relevant data includes biometric information of the user;
    将满足预定条件的用户确定为特定用户;Identify users who meet predetermined conditions as specific users;
    配置动态数据库,当满足预定条件的用户确定为特定用户时,将所述特定用户的相关数据从所述静态数据库传输至所述动态数据库,以存储至所述动态数据库中;Configure a dynamic database, and when a user who meets a predetermined condition is determined to be a specific user, transfer relevant data of the specific user from the static database to the dynamic database for storage in the dynamic database;
    接收所述特定用户的输入生物特征信息;以及Receiving input biometric information of the specific user; and
    比较所述输入生物特征信息与所述动态数据库存储的生物特征信息,如果二者一致,则判断为匹配。Comparing the input biometric information with the biometric information stored in the dynamic database, if the two are consistent, it is determined to be a match.
  12. 如权利要求11所述的方法,其特征在于,还包括:当所述特定用户不再满足所述预定条件时,将所述特定用户的相关数据从所述 动态数据库中删除。The method of claim 11, further comprising: when the specific user no longer satisfies the predetermined condition, deleting related data of the specific user from the dynamic database.
  13. 如权利要求11或12所述的方法,其特征在于,所述预定条件为预设位置范围,将处于所述预设位置范围的用户作为特定用户。The method according to claim 11 or 12, wherein the predetermined condition is a preset position range, and a user in the preset position range is regarded as a specific user.
  14. 如权利要求13所述的方法,其特征在于,通过检测用户所携带的移动终端来确定该用户是否处于所述预设位置范围中。The method according to claim 13, wherein the mobile terminal carried by the user is detected to determine whether the user is in the preset position range.
  15. 如权利要求14所述的方法,其特征在于,通过生物特征识别终端来接收所述特定用户的输入生物特征信息,并且所述预设位置范围为距离所述生物特征识别终端的预定距离范围。The method of claim 14, wherein the input biometric information of the specific user is received through a biometric identification terminal, and the preset position range is a predetermined distance range from the biometric identification terminal.
  16. 如权利要求15所述的方法,其特征在于,所述移动终端为基于BLE/Beacon的移动终端,并且所述移动终端周期性发射信号,所述生物特征识别终端用于接收所述移动终端发射的信号。The method of claim 15, wherein the mobile terminal is a BLE/Beacon-based mobile terminal, and the mobile terminal periodically transmits a signal, and the biometric terminal is used to receive the mobile terminal transmission signal of.
  17. 如权利要求16所述的方法,其特征在于,所述移动终端发射的信号包括移动终端的固有信息,所述固有信息包括移动终端的IMEI、UUID、蓝牙地址、WLAN MAC地址、序列号、电话号码中的至少一种,并且用户的所述相关数据包括移动终端的所述固有信息。The method according to claim 16, wherein the signal transmitted by the mobile terminal includes inherent information of the mobile terminal, and the inherent information includes the IMEI, UUID, Bluetooth address, WLAN MAC address, serial number, telephone number of the mobile terminal At least one of the numbers, and the relevant data of the user includes the inherent information of the mobile terminal.
  18. 如权利要求15至17中任一项所述的方法,其特征在于,设置多个所述生物特征识别终端,来确认所述生物特征识别终端的周围的移动终端的数量。The method according to any one of claims 15 to 17, wherein a plurality of the biometric identification terminals are provided to confirm the number of mobile terminals around the biometric identification terminal.
  19. 如权利要求18所述的方法,其特征在于,通过多个所述生物特征识别终端来测量周围的每个移动终端的距离,从而确定携带移动终端的用户进行生物识别的时间和/或概率。The method according to claim 18, wherein the distance of each mobile terminal in the surrounding is measured by a plurality of the biometric identification terminals, so as to determine the time and/or probability of biometric identification by the user carrying the mobile terminal.
  20. 如权利要求11或12所述的方法,其特征在于,所述预定条件 为预定用户,当用户为预定用户时,将该用户作为特定用户。The method according to claim 11 or 12, wherein the predetermined condition is a predetermined user, and when the user is a predetermined user, the user is regarded as a specific user.
  21. 如权利要求20所述的方法,其特征在于,所述预定用户为预约用户或登记用户。The method of claim 20, wherein the predetermined user is a reserved user or a registered user.
  22. 一种生物特征信息动态匹配装置,其特征在于,包括:A biometric information dynamic matching device, characterized in that it includes:
    静态数据库模块,所述静态数据库存储有所有用户的相关数据,所述相关数据包括用户的生物特征信息;A static database module, the static database stores relevant data of all users, and the relevant data includes biometric information of the user;
    确定模块,将满足预定条件的用户确定为特定用户;The determination module determines users who meet predetermined conditions as specific users;
    动态数据库模块,当满足预定条件的用户确定为特定用户时,将所述特定用户的相关数据从所述静态数据库传输至所述动态数据库,以存储至所述动态数据库中;The dynamic database module, when a user satisfying a predetermined condition is determined to be a specific user, transfers relevant data of the specific user from the static database to the dynamic database for storage in the dynamic database;
    生物特征识别模块,接收所述特定用户的输入生物特征信息;以及A biometric identification module, receiving input biometric information of the specific user; and
    比较模块,用于比较所述输入生物特征信息与所述动态数据库存储的生物特征信息,如果二者一致,则判断为匹配。The comparison module is used to compare the input biometric information with the biometric information stored in the dynamic database, and if the two are consistent, it is judged as a match.
  23. 如权利要求22所述的装置,其特征在于,还包括:当所述特定用户不再满足所述预定条件时,将所述特定用户的相关数据从所述动态数据库中删除。The apparatus of claim 22, further comprising: when the specific user no longer satisfies the predetermined condition, deleting related data of the specific user from the dynamic database.
  24. 如权利要求22或23所述的装置,其特征在于,所述预定条件为预设位置范围,将处于所述预设位置范围的用户作为特定用户。The device according to claim 22 or 23, wherein the predetermined condition is a preset position range, and a user within the preset position range is regarded as a specific user.
  25. 如权利要求24所述的装置,其特征在于,通过所述生物特征识别模块检测用户所携带的移动终端来确定该用户是否处于所述预设位置范围中。The apparatus of claim 24, wherein the biometric identification module detects the mobile terminal carried by the user to determine whether the user is in the preset location range.
  26. 如权利要求25所述的装置,其特征在于,所述移动终端为基于BLE/Beacon的移动终端,并且所述移动终端周期性发射信号,所 述生物特征识别模块用于接收所述移动终端发射的信号。The apparatus of claim 25, wherein the mobile terminal is a BLE/Beacon-based mobile terminal, and the mobile terminal periodically transmits a signal, and the biometric identification module is configured to receive the mobile terminal transmission signal of.
  27. 如权利要求26所述的装置,其特征在于,所述移动终端发射的信号包括移动终端的固有信息,所述固有信息包括移动终端的IMEI、UUID、蓝牙地址、WLAN MAC地址、序列号、电话号码中的至少一种,并且用户的所述相关数据包括移动终端的所述固有信息。The apparatus of claim 26, wherein the signal transmitted by the mobile terminal includes inherent information of the mobile terminal, and the inherent information includes the IMEI, UUID, Bluetooth address, WLAN MAC address, serial number, and phone number of the mobile terminal At least one of the numbers, and the relevant data of the user includes the inherent information of the mobile terminal.
  28. 如权利要求25至27中任一项所述的装置,其特征在于,设置多个所述生物特征识别模块,来确认所述生物特征识别模块的周围的移动终端的数量。The device according to any one of claims 25 to 27, wherein a plurality of the biometric identification modules are provided to confirm the number of mobile terminals around the biometric identification module.
  29. 如权利要求28所述的装置,其特征在于,通过多个所述生物特征识别模块来测量周围的每个移动终端的距离,从而确定携带移动终端的用户进行生物识别的时间和/或概率。The apparatus according to claim 28, wherein a plurality of the biometric identification modules are used to measure the distance of each mobile terminal in the vicinity, so as to determine the time and/or probability of biometric identification by the user carrying the mobile terminal.
  30. 如权利要求22或23所述的装置,其特征在于,所述预定条件为预定用户,当用户为预定用户时,将该用户作为特定用户。The device according to claim 22 or 23, wherein the predetermined condition is a predetermined user, and when the user is a predetermined user, the user is regarded as a specific user.
  31. 如权利要求30所述的装置,其特征在于,所述预定用户为预约用户或登记用户。The apparatus of claim 30, wherein the predetermined user is a reserved user or a registered user.
  32. 如权利要求22至31中任一项所述的装置,其特征在于,所述确定模块、生物特征识别模块及比较模块位于生物特征识别终端中。The device according to any one of claims 22 to 31, wherein the determination module, the biometric identification module, and the comparison module are located in a biometric identification terminal.
  33. 如权利要求22至32中任一项所述的装置,其特征在于,所述动态数据库模块位于生物特征识别终端中、或者位于本地网络中、或者位于静态数据库模块所处的服务器中、或者位于与静态数据库模块所处的服务器不同的另一服务器中。The device according to any one of claims 22 to 32, wherein the dynamic database module is located in the biometric terminal, or in the local network, or in the server where the static database module is located, or in In another server that is different from the server where the static database module is located.
  34. 一种生物特征识别系统,其特征在于,包括如权利要求22至 33中任一项所述的生物特征信息动态匹配装置。A biometric identification system, characterized by comprising the biometric information dynamic matching device according to any one of claims 22 to 33.
PCT/CN2018/124162 2018-12-27 2018-12-27 Dynamic matching method and apparatus for biometric information, and biometric identification system WO2020133026A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/CN2018/124162 WO2020133026A1 (en) 2018-12-27 2018-12-27 Dynamic matching method and apparatus for biometric information, and biometric identification system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2018/124162 WO2020133026A1 (en) 2018-12-27 2018-12-27 Dynamic matching method and apparatus for biometric information, and biometric identification system

Publications (1)

Publication Number Publication Date
WO2020133026A1 true WO2020133026A1 (en) 2020-07-02

Family

ID=71127396

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2018/124162 WO2020133026A1 (en) 2018-12-27 2018-12-27 Dynamic matching method and apparatus for biometric information, and biometric identification system

Country Status (1)

Country Link
WO (1) WO2020133026A1 (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20150040203A1 (en) * 2013-08-01 2015-02-05 Huawei Technologies Co., Ltd. Authentication method of wearable device and wearable device
CN105681254A (en) * 2014-11-18 2016-06-15 阿里巴巴集团控股有限公司 User identity authentication method and apparatus
CN108038179A (en) * 2017-12-07 2018-05-15 泰康保险集团股份有限公司 Identity information authentication method and device
CN108346056A (en) * 2017-01-24 2018-07-31 阿里巴巴集团控股有限公司 The authentication method and device of group's situation
CN108696602A (en) * 2018-05-15 2018-10-23 北京华大智宝电子系统有限公司 A kind of client's recognition methods and system

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20150040203A1 (en) * 2013-08-01 2015-02-05 Huawei Technologies Co., Ltd. Authentication method of wearable device and wearable device
CN105681254A (en) * 2014-11-18 2016-06-15 阿里巴巴集团控股有限公司 User identity authentication method and apparatus
CN108346056A (en) * 2017-01-24 2018-07-31 阿里巴巴集团控股有限公司 The authentication method and device of group's situation
CN108038179A (en) * 2017-12-07 2018-05-15 泰康保险集团股份有限公司 Identity information authentication method and device
CN108696602A (en) * 2018-05-15 2018-10-23 北京华大智宝电子系统有限公司 A kind of client's recognition methods and system

Similar Documents

Publication Publication Date Title
US11842803B2 (en) Strong authentication via distributed stations
US20230154262A1 (en) Decentralized virtual trustless database for access control
EP3087773B1 (en) Extending user authentication across a trust group of smart devices
US20180063313A1 (en) Method and device for providing function of mobile terminal
US10333980B2 (en) Personal device network for user identification and authentication
US20160054962A1 (en) Method of setting wireless connection via near field communication function and image forming apparatus for performing the method
US11010488B2 (en) Systems and methods for dynamic queue control using machine learning techniques
TW201502969A (en) Mobile computing device technology and systems and methods utilizing the same
JP2022511545A (en) Proximity field information authentication method, proximity field information authentication device, electronic device and computer storage medium
US10341114B2 (en) Providing device, terminal device, providing method, non-transitory computer readable storage medium, and authentication processing system
US20230353555A1 (en) Iot device and method for onboarding iot device to server
CN114694226B (en) Face recognition method, system and storage medium
US20130332725A1 (en) Information processing apparatus, information processing system, information processing method, and program
KR20200056604A (en) System for managing entrance and exit and thereof method
CN109543391B (en) Biological characteristic information dynamic matching method and device and biological characteristic identification system
US10033721B2 (en) Credential translation
CN111567023B (en) Method of providing notification and electronic device supporting the same
WO2020133026A1 (en) Dynamic matching method and apparatus for biometric information, and biometric identification system
KR102077662B1 (en) Method and Apparatus for Providing Authentication in Home Network
JP6947529B2 (en) Judgment device, judgment method and judgment program
JP6218226B2 (en) Terminal device, authentication method, and program
US10432732B2 (en) Terminal device providing normal and security modes for access to online services
US20230041559A1 (en) Apparatus and methods for multifactor authentication
US11086976B2 (en) Identification preprocessing
KR20230073666A (en) Entry information management server using wifi and entry information management mathod

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 18944860

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 18944860

Country of ref document: EP

Kind code of ref document: A1