[go: up one dir, main page]

CN107818248A - Authentication module and authentication method - Google Patents

Authentication module and authentication method Download PDF

Info

Publication number
CN107818248A
CN107818248A CN201610817242.9A CN201610817242A CN107818248A CN 107818248 A CN107818248 A CN 107818248A CN 201610817242 A CN201610817242 A CN 201610817242A CN 107818248 A CN107818248 A CN 107818248A
Authority
CN
China
Prior art keywords
data
authentication
acquisition unit
authentication data
physiological
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201610817242.9A
Other languages
Chinese (zh)
Inventor
杜宗颖
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Individual
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Priority to CN201610817242.9A priority Critical patent/CN107818248A/en
Publication of CN107818248A publication Critical patent/CN107818248A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F1/00Details not covered by groups G06F3/00 - G06F13/00 and G06F21/00
    • G06F1/26Power supply means, e.g. regulation thereof
    • G06F1/32Means for saving power
    • G06F1/3203Power management, i.e. event-based initiation of a power-saving mode
    • G06F1/3234Power saving characterised by the action undertaken
    • G06F1/329Power saving characterised by the action undertaken by task scheduling

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Measurement Of The Respiration, Hearing Ability, Form, And Blood Characteristics Of Living Organisms (AREA)

Abstract

An authentication module and an authentication method are suitable for an electronic device; the authentication module comprises a data acquisition unit and a control unit; the control unit is coupled with the data acquisition unit; the data acquisition unit is used for acquiring one or more physiological data and generating authentication data according to the physiological data; the control unit is used for receiving the authentication data, judging whether the authentication data conforms to preset data or not, and generating a starting signal when the authentication data conforms to the preset data; the data acquisition unit and the control unit receive standby power to operate in a power-off state of the electronic device, and the electronic device is powered on according to the starting signal. The invention can directly judge whether the electronic device is started or not through the biological characteristic authentication of the user before the electronic device is started, saves the power consumption, provides good user experience and ensures the data security.

Description

认证模块与认证方法Authentication modules and authentication methods

技术领域technical field

本发明涉及一种认证模块与认证方法,尤其是涉及一种运用生理数据及控制数据访问权限来进行开机的认证模块与认证方法。The invention relates to an authentication module and an authentication method, in particular to an authentication module and an authentication method for booting up by using physiological data and control data access rights.

背景技术Background technique

在现有运用指纹辨识技术的开机过程中,电子装置需要先行被开机,才会于后续驱动相关的指纹辨识模块,以进行用户的身分认证。因此,在尚未成功通过指纹认证时,即需要额外花费电力来开机,造成能源的浪费。此外,使用者需要分别执行”开机”与”指纹辨识”两个操作,此过程亦缺乏良好的使用者体验。In the current booting process using the fingerprint identification technology, the electronic device needs to be powered on first, and then the related fingerprint identification module will be driven subsequently, so as to authenticate the identity of the user. Therefore, when the fingerprint authentication has not been successfully passed, it needs to spend extra power to start the machine, resulting in a waste of energy. In addition, the user needs to perform two operations of "booting on" and "fingerprint identification" respectively, and this process also lacks a good user experience.

再者,现有指纹辨识模块所撷取的感测数据往往需要经由标准规格来传输至另一端。因此,在感测数据的传输路径上或者是传输路径的另一端,皆有可能遭到有心人士通过此标准规格于中途拦截信号,进而破解,成为安全上的一大漏洞。Furthermore, the sensing data captured by the existing fingerprint identification module often needs to be transmitted to the other end through standard specifications. Therefore, on the transmission path of the sensing data or at the other end of the transmission path, it is possible for interested parties to intercept the signal midway through this standard specification, and then crack it, which becomes a major security loophole.

除此之外,现行辨识模块的取样标准相度易于仿照。举例来说,有心人士可能通过指纹采集技术来进一步生产伪造的指印。因此,现有的做法无法有效正确判读辨别体本身是否为有效的生命体。In addition, the sampling standard of the current identification module is easy to imitate. For example, interested people may further produce fake fingerprints through fingerprint collection technology. Therefore, existing methods cannot effectively and correctly judge whether the identification body itself is an effective life body.

发明内容Contents of the invention

本发明所要解决的技术问题在于,针对现有技术的不足提供一种认证模块与认证方法,借此解决上述问题。The technical problem to be solved by the present invention is to provide an authentication module and an authentication method to solve the above problems.

本发明所要解决的技术问题是通过如下技术方案实现的:The technical problem to be solved by the present invention is achieved through the following technical solutions:

本发明提出一种认证模块,适用于一电子装置,所述认证模块包括一数据撷取单元与一控制单元。控制单元耦接数据撷取单元。数据撷取单元用来撷取一生理数据,且根据生理数据产生一认证数据。控制单元用来接收认证数据,并判断认证数据是否符合一预设数据,当认证数据符合预设数据时,则产生一启动信号。其中,数据撷取单元与控制单元在电子装置的一关机状态下接收一待命电力而运作,电子装置根据启动信号而开机。The invention proposes an authentication module suitable for an electronic device, and the authentication module includes a data acquisition unit and a control unit. The control unit is coupled to the data acquisition unit. The data acquisition unit is used for acquiring a physiological data, and generating authentication data according to the physiological data. The control unit is used for receiving the authentication data, and judging whether the authentication data conforms to a preset data, and generates an activation signal when the authentication data conforms to the preset data. Wherein, the data acquisition unit and the control unit receive a standby power to operate when the electronic device is in a shutdown state, and the electronic device is powered on according to the start signal.

在本发明一实施例中,数据撷取单元更进一步通过一加密算法将生理数据加密,以产生认证数据,并通过一序列周边接口来传输认证数据至控制单元。In an embodiment of the present invention, the data acquisition unit further encrypts the physiological data through an encryption algorithm to generate authentication data, and transmits the authentication data to the control unit through a serial peripheral interface.

在本发明另一实施例中,控制单元更进一步通过一解密算法将所接收的认证数据解密,再判断解密后的认证数据是否符合预设数据。In another embodiment of the present invention, the control unit further decrypts the received authentication data through a decryption algorithm, and then judges whether the decrypted authentication data conforms to the preset data.

在本发明另一实施例中,所述认证模块更包括一输入单元。输入单元耦接数据撷取单元。输入单元用来经由一输入操作而从一第一状态改变至一第二状态时,则产生一输入信号。其中数据撷取单元更进一步根据输入信号与生理数据产生认证数据,输入单元为一按钮,输入操作为一按压动作,且生理数据在按压动作执行的过程中被数据撷取单元撷取。In another embodiment of the present invention, the authentication module further includes an input unit. The input unit is coupled to the data acquisition unit. The input unit is used to generate an input signal when changing from a first state to a second state through an input operation. The data acquisition unit further generates authentication data according to the input signal and physiological data, the input unit is a button, the input operation is a pressing action, and the physiological data is acquired by the data acquisition unit during the pressing action.

在本发明另一实施例中,生理数据关联于选自一指纹特征、一心跳特征和一肤质特征所组成的群组。In another embodiment of the present invention, the physiological data is associated with a group selected from a fingerprint characteristic, a heartbeat characteristic and a skin texture characteristic.

本发明提出一种认证方法,适用于一电子装置,所述认证方法包括下列步骤。于电子装置的一关机状态下,撷取一生理数据。根据生理数据产生一认证数据。判断认证数据是否符合一预设数据。当认证数据符合预设数据时,则产生一启动信号,借此使电子装置根据启动信号而开机。The invention proposes an authentication method suitable for an electronic device, and the authentication method includes the following steps. When the electronic device is in a power-off state, a piece of physiological data is captured. An authentication data is generated according to the physiological data. It is judged whether the authentication data conforms to a preset data. When the authentication data matches the preset data, an activation signal is generated, so that the electronic device is started according to the activation signal.

进一步地,所述认证方法更包括:通过一加密算法将该生理数据加密,以产生该认证数据;以及通过一序列周边接口总线的一第一端传输该认证数据。Further, the authentication method further includes: encrypting the physiological data through an encryption algorithm to generate the authentication data; and transmitting the authentication data through a first end of a serial peripheral interface bus.

进一步地,所述认证方法更包括:通过该序列周边接口总线的一第二端接收该认证数据;通过一解密算法将所接收的该认证数据解密;以及判断解密后的该认证数据是否符合该预设数据。Further, the authentication method further includes: receiving the authentication data through a second end of the serial peripheral interface bus; decrypting the received authentication data through a decryption algorithm; and judging whether the decrypted authentication data conforms to the preset data.

进一步地,所述认证方法更包括:当一输入单元经由一输入操作而从一第一状态改变至一第二状态时,接收对应所产生的一输入信号;以及根据该输入信号与该生理数据产生该认证数据;其中该输入单元为一按钮,该输入操作为一按压动作,且该生理数据在该按压动作执行的过程中被撷取。Further, the authentication method further includes: when an input unit changes from a first state to a second state through an input operation, receiving an input signal correspondingly generated; and according to the input signal and the physiological data The authentication data is generated; wherein the input unit is a button, the input operation is a pressing action, and the physiological data is captured during the pressing action.

进一步地,该生理数据关联于选自一指纹特征、一心跳特征和一肤质特征所组成的群组。Further, the physiological data is associated with a group selected from a fingerprint feature, a heartbeat feature and a skin quality feature.

如上所述,本发明于电子装置的关机状态下,将所撷取的生理数据加密来产生认证数据,并通过序列周边接口来传输认证数据至控制单元,若经判断符合预设数据,则控制单元产生启动信号来对电子装置开机。如此一来,在电子装置尚未开机之前,即可直接通过用户的生物特征认证来判断是否开机,节省电力消耗,也提供良好的使用者体验,更保障了数据的安全性。As mentioned above, the present invention encrypts the captured physiological data to generate authentication data when the electronic device is turned off, and transmits the authentication data to the control unit through the serial peripheral interface. The unit generates an activation signal to power on the electronic device. In this way, before the electronic device is turned on, it can directly determine whether to turn it on through the user's biometric authentication, which saves power consumption, provides a good user experience, and ensures data security.

以上的关于本发明内容的说明及以下的实施方式的说明都是用来示范与解释本发明的精神与原理,并且为本发明的保护范围提供更进一步的解释。The above descriptions about the content of the present invention and the following descriptions of the embodiments are used to demonstrate and explain the spirit and principle of the present invention, and provide further explanations for the protection scope of the present invention.

附图说明Description of drawings

图1为本发明一实施例的认证模块的方块示意图;FIG. 1 is a schematic block diagram of an authentication module according to an embodiment of the present invention;

图2为本发明另一实施例的认证模块的方块示意图;2 is a schematic block diagram of an authentication module according to another embodiment of the present invention;

图3为本发明一实施例的输入单元的示意图;3 is a schematic diagram of an input unit according to an embodiment of the present invention;

图4为本发明一实施例的认证方法的流程图。Fig. 4 is a flowchart of an authentication method according to an embodiment of the present invention.

【附图标记说明】[Description of Reference Signs]

100、200 认证模块100, 200 authentication modules

110、210 数据撷取单元110, 210 data acquisition unit

120、220 控制单元120, 220 control unit

230 输入单元230 input unit

240 通信单元240 communication unit

250 图像传感器250 image sensors

300 电子装置300 electronic devices

S410~S440 认证方法的步骤Steps of S410~S440 authentication method

具体实施方式Detailed ways

以下在实施方式中详细叙述本发明的详细特征以及优点,其内容足以使本领域技术人员了解本发明的技术内容并据以实施,且根据本说明书所公开的内容、保护范围及说明书附图,本领域技术人员可轻易地理解本发明相关的目的及优点。以下的实施例为进一步详细说明本发明的观点,但非以任何观点限制本发明的保护范围。The detailed features and advantages of the present invention are described in detail below in the embodiments, the content of which is sufficient for those skilled in the art to understand the technical content of the present invention and implement it accordingly, and according to the content disclosed in this specification, the protection scope and the accompanying drawings, The related objects and advantages of the present invention can be easily understood by those skilled in the art. The following examples are to further describe the present invention in detail, but not to limit the protection scope of the present invention in any way.

图1为本发明一实施例的认证模块100的方块示意图。认证模块100适用于电子装置300。如图1所示,认证模块100包括一数据撷取单元110与一控制单元120。控制单元120耦接数据撷取单元110。数据撷取单元110例如可以是指纹传感器、心跳传感器、肤质特征传感器或者是其他类型生物数据传感器,也可以是结合至少上述两种传感器功能的传感器,在此不加以限制。控制单元120例如可以是微控制器(Micro Controller Unit,MCU)、键盘控制器(keyboard controller,KBC)、嵌入式控制器(Embed Controller,EC)或者是其他微处理器,在此不加以限制。FIG. 1 is a schematic block diagram of an authentication module 100 according to an embodiment of the present invention. The authentication module 100 is suitable for the electronic device 300 . As shown in FIG. 1 , the authentication module 100 includes a data acquisition unit 110 and a control unit 120 . The control unit 120 is coupled to the data capture unit 110 . The data acquisition unit 110 may be, for example, a fingerprint sensor, a heartbeat sensor, a skin texture sensor, or other types of biological data sensors, or a sensor that combines at least the functions of the above two sensors, which is not limited here. The control unit 120 may be, for example, a microcontroller (Micro Controller Unit, MCU), a keyboard controller (keyboard controller, KBC), an embedded controller (Embed Controller, EC) or other microprocessors, which is not limited here.

应注意到的是,数据撷取单元110与控制单元120可接收电子装置300所供应的待命电力(Standby Power),例如5伏特(V)、0.7安培(A)的待命电力。因此在电子装置300处于关机状态下时,数据撷取单元110与控制单元120依然可以正常运作。举例来说,当用户欲对电子装置300执行开机时,则在本发明的开机与认证机制中,数据撷取单元110与控制单元120的作动如下:It should be noted that the data acquisition unit 110 and the control unit 120 can receive the standby power supplied by the electronic device 300 , for example, the standby power of 5 volts (V) and 0.7 ampere (A). Therefore, when the electronic device 300 is turned off, the data capture unit 110 and the control unit 120 can still operate normally. For example, when the user intends to boot the electronic device 300, in the boot and authentication mechanism of the present invention, the actions of the data capture unit 110 and the control unit 120 are as follows:

数据撷取单元110用来撷取一生理数据,且根据生理数据产生一认证数据。在本发明实施例中,所述生理数据系选自指纹特征、心跳特征和肤质特征所组成的群组。所述生理数据也可以是从生物体所撷取的其他参考特征,在此不加以限制。在本发明实施例中,数据撷取单元110可更进一步通过一加密算法将生理数据加密,以产生认证数据,并通过一序列周边接口(Serial Peripheral Interface,SPI)来传输认证数据至控制单元120。也就是从一序列周边接口总线的第一端(如数据撷取单元110的一输出端)传输认证数据至第二端(如控制单元120的一输入端)。所述加密算法例如可以是通过执行特定软件模块来实现,也可以是借助特定硬件来实现,在此不加以限制。The data capturing unit 110 is used for capturing a piece of physiological data, and generating authentication data according to the physiological data. In the embodiment of the present invention, the physiological data is selected from the group consisting of fingerprint features, heartbeat features and skin texture features. The physiological data may also be other reference features extracted from the living body, which is not limited here. In the embodiment of the present invention, the data acquisition unit 110 can further encrypt the physiological data through an encryption algorithm to generate authentication data, and transmit the authentication data to the control unit 120 through a serial peripheral interface (Serial Peripheral Interface, SPI) . That is, the authentication data is transmitted from a first end of a serial peripheral interface bus (such as an output end of the data acquisition unit 110 ) to a second end (such as an input end of the control unit 120 ). The encryption algorithm may be implemented, for example, by executing a specific software module, or by using specific hardware, which is not limited here.

在本发明另一实施例中,生理数据可以是复合性的。举例来说,可于第一阶段中撷取指纹特征,于第二阶段中进一步撷取心跳特征,再将指纹特征与心跳特征合成与加密,产生认证数据。如此一来,可通过心跳特征来判定所接收感测的物体是否为有效生命体,以避免有心人士使用伪造的指印来进行认证,也可以解决传统仅检测物体的导电与否所可能产生的误判。In another embodiment of the present invention, the physiological data may be complex. For example, the fingerprint feature can be extracted in the first stage, and the heartbeat feature can be further extracted in the second stage, and then the fingerprint feature and the heartbeat feature can be synthesized and encrypted to generate authentication data. In this way, the heartbeat characteristics can be used to determine whether the object received and sensed is a valid living body, so as to avoid the use of fake fingerprints for authentication by interested people, and it can also solve the possible errors caused by the traditional detection of only the conductivity of the object. sentenced.

控制单元120用来接收认证数据,并判断认证数据是否符合一预设数据,当认证数据符合预设数据时,则产生一启动信号。在本发明实施例中,控制单元120更进一步通过一解密算法将所接收的认证数据解密,再判断解密后的认证数据是否符合预设数据。所述预设数据,例如可以是,但不限于,使用者在第一次使用电子装置300时,通过数据撷取单元110所感测到的指纹,以于后续再度开机时做为比对之用。所述解密算法例如可以是通过执行特定软件模块来实现,也可以是借助特定硬件来实现,在此不加以限制。所述启动信号可以是用来对电子装置300开机的一脉冲信号。The control unit 120 is used for receiving the authentication data, and judging whether the authentication data conforms to a preset data, and generates an activation signal when the authentication data conforms to the preset data. In the embodiment of the present invention, the control unit 120 further decrypts the received authentication data through a decryption algorithm, and then judges whether the decrypted authentication data conforms to the preset data. The preset data, for example, may be, but not limited to, the fingerprint sensed by the data capture unit 110 when the user uses the electronic device 300 for the first time, so as to be used for comparison when the user turns on the device again later. . The decryption algorithm may be implemented, for example, by executing a specific software module, or by using specific hardware, which is not limited here. The start signal may be a pulse signal used to start the electronic device 300 .

如此一来,电子装置300便可以根据启动信号而开机。此外,由于用来传输于序列周边接口总线的认证数据已经过加密,因此,就算是电子装置300遭窃,窃贼无法通过序列周边接口总线中途拦截认证数据而辨别出电子装置300的拥有者的生理数据。即使是在控制单元120的这一端,窃贼也无法通过LPC(Low pin count)总线、集成电路总线(Inter-Integrated Circuit,I2 C)总线等通用接口破解认证数据,进而避免盗用。In this way, the electronic device 300 can be powered on according to the activation signal. In addition, since the authentication data transmitted on the serial peripheral interface bus has been encrypted, even if the electronic device 300 is stolen, the thief cannot identify the physical identity of the owner of the electronic device 300 by intercepting the authentication data through the serial peripheral interface bus. data. Even at this end of the control unit 120, thieves cannot decipher the authentication data through common interfaces such as LPC (Low pin count) bus and integrated circuit bus (Inter-Integrated Circuit, I 2 C) bus, thereby avoiding embezzlement.

图2为本发明另一实施例的认证模块200的方块示意图。认证模块200适用于电子装置300。如图2所示,认证模块200包括一数据撷取单元210与一控制单元220、一输入单元230、一通信单元240以及一图像传感器250。控制单元220耦接数据撷取单元210、通信单元240以及图像传感器250。输入单元230耦接数据撷取单元210。FIG. 2 is a schematic block diagram of an authentication module 200 according to another embodiment of the present invention. The authentication module 200 is suitable for the electronic device 300 . As shown in FIG. 2 , the authentication module 200 includes a data acquisition unit 210 and a control unit 220 , an input unit 230 , a communication unit 240 and an image sensor 250 . The control unit 220 is coupled to the data acquisition unit 210 , the communication unit 240 and the image sensor 250 . The input unit 230 is coupled to the data capture unit 210 .

输入单元230用来经由一输入操作而从一第一状态改变至一第二状态时,则产生一输入信号。数据撷取单元210更进一步根据输入信号与生理数据产生认证数据。在本发明实施例中,输入单元230为一按钮,输入操作为一按压动作,且生理数据在按压动作执行的过程中被数据撷取单元210撷取。The input unit 230 is used to generate an input signal when changing from a first state to a second state through an input operation. The data acquisition unit 210 further generates authentication data according to the input signal and the physiological data. In the embodiment of the present invention, the input unit 230 is a button, and the input operation is a pressing action, and the physiological data is captured by the data acquisition unit 210 during the pressing action.

图3为本发明一实施例的输入单元的示意图。如图3所示,输入单元230可以是计算机键盘上其中一个预设的按键。而数据撷取单元210设置于此按键的上表面,电子装置300可以是键盘所连接的计算机。当用户欲对计算机进行开机时,可以直接以手指按压预设按键。当预设按键从原始位置被压沉至另一位置时,则产生对应的一输入信号。例如为对应按键的字符信号。于此手指按压按键的过程中,手指指纹的特征也会被数据撷取单元210撷取。再于后续连同输入信号经加密后,产生认证数据而传输至控制单元220。若经控制单元220解密且判别可符合预设数据,则可代表确实为原计算机主人触发计算机开机,借此送出启动信号至计算机。上述输入单元230的配置也可运用于可携式电子装置或其他类型的装置中,在此不加以限制。FIG. 3 is a schematic diagram of an input unit according to an embodiment of the present invention. As shown in FIG. 3 , the input unit 230 may be one of preset keys on a computer keyboard. The data capture unit 210 is disposed on the upper surface of the key, and the electronic device 300 may be a computer connected to the key. When the user wants to start the computer, he can directly press the preset button with his finger. When the default key is depressed from the original position to another position, a corresponding input signal is generated. For example, it is a character signal corresponding to a key. During the process of pressing the button with the finger, the features of the fingerprint of the finger will also be captured by the data capture unit 210 . After subsequent encryption together with the input signal, authentication data is generated and transmitted to the control unit 220 . If it is decrypted by the control unit 220 and judged to be consistent with the preset data, it means that the original computer owner triggers the computer to start up, thereby sending an activation signal to the computer. The above-mentioned configuration of the input unit 230 can also be applied to portable electronic devices or other types of devices, and is not limited here.

应注意到的是,上述所述的开机一般指的是让计算机进入操作系统。如此一来,上述键盘的按键即可取代传统设置于机箱上的电源开关按钮,因此可省去传统电源开关按钮的设置成本。然而本发明的输入单元230可以有各种不同的变化,在此不加以限制。It should be noted that the above-mentioned booting generally refers to allowing the computer to enter the operating system. In this way, the keys of the above-mentioned keyboard can replace the traditional power switch button arranged on the chassis, thus saving the installation cost of the traditional power switch button. However, the input unit 230 of the present invention can have various changes, which are not limited here.

在本发明实施例中,若于后续判断数据撷取单元210所截取的指纹特征不符合预设值时,则通信单元240可将此指纹特征经由网络发送给警察局的通报系统,做为报案的依据。在本发明实施例中,每当上述输入信号产生时,也可通过图像传感器250来撷取用户的面部图像,当所截取的指纹特征不符合预设值时,则可将疑似窃贼的面部图像发送至远程的另一装置。同样地,通信单元240与图像传感器250皆可在该电子装置的关机状态下接收待命电力而运作。通信单元240例如可以是具有通信功能的处理器,图像传感器250例如可以是CMOS传感器(CMOS Image Sensor,CIS)或者是感光耦合组件(Charge-coupledDevice,CCD)。In the embodiment of the present invention, if the fingerprint feature intercepted by the data acquisition unit 210 does not meet the preset value in the subsequent judgment, the communication unit 240 can send the fingerprint feature to the notification system of the police station via the network as a report basis. In the embodiment of the present invention, whenever the above-mentioned input signal is generated, the image sensor 250 can also be used to capture the user's facial image, and when the captured fingerprint features do not meet the preset values, the suspected thief's facial image can be sent to to another remote device. Likewise, both the communication unit 240 and the image sensor 250 can receive standby power to operate when the electronic device is in a power-off state. The communication unit 240 may be, for example, a processor with a communication function, and the image sensor 250 may be, for example, a CMOS sensor (CMOS Image Sensor, CIS) or a charge-coupled device (Charge-coupled Device, CCD).

本发明所提出的上述开机与认证机制,除了可运用于一般常见的个人计算机与可携式电子装置,也可运用于小型卡片上,例如电子防盗门锁感应卡、小额支付卡、悠游卡、在线支付卡或者是其他类型的识别证等。举例来说,所述电子装置可以是设置有近场通信模块(NFC)芯片的卡片。当卡片被使用时,设置于卡片上的数据撷取单元可以撷取用户的指纹,并经加密产生认证数据后,让卡片上的控制单元判断是否可符合原卡片用户所对应的预设数据。当认证成功后,NFC芯片才会启动而工作,或者是让相关NFC模块运作。如此一来,可避免卡片被盗用。The above boot-up and authentication mechanism proposed by the present invention can be applied to common personal computers and portable electronic devices, and can also be applied to small cards, such as electronic anti-theft door lock induction cards, small payment cards, and leisure cards. , online payment card or other types of identification cards, etc. For example, the electronic device may be a card provided with a Near Field Communication (NFC) chip. When the card is used, the data capture unit installed on the card can capture the user's fingerprint, and after encryption to generate authentication data, let the control unit on the card judge whether it can meet the preset data corresponding to the original card user. After the authentication is successful, the NFC chip will start to work, or allow the related NFC module to operate. In this way, the card can be prevented from being stolen.

图4为本发明一实施例的认证方法的流程图。所述认证方法包括下列步骤。Fig. 4 is a flowchart of an authentication method according to an embodiment of the present invention. The authentication method includes the following steps.

在步骤S410中,于电子装置的一关机状态下,数据撷取单元撷取一生理数据。In step S410, the data capture unit captures a piece of physiological data in a power-off state of the electronic device.

在步骤S420中,数据撷取单元根据生理数据产生一认证数据。In step S420, the data acquisition unit generates authentication data according to the physiological data.

在步骤S430中,控制单元判断认证数据是否符合一预设数据。In step S430, the control unit determines whether the authentication data conforms to a preset data.

在步骤S440中,当认证数据符合预设数据时,则控制单元产生一启动信号,借此使电子装置根据启动信号而开机。In step S440, when the authentication data matches the preset data, the control unit generates an activation signal, so that the electronic device is powered on according to the activation signal.

有关本实施例步骤的细节以详述于上述实施例中,于此不再赘述。Details about the steps of this embodiment are detailed in the above embodiment, and will not be repeated here.

由于本发明上述认证程序可完成于开机之前,因此网络黑客也无法在电子装置的关机状态下使用木马程序之类的软件,来窃取开机用的相关用户信息,从而增加窃取的难度,提高装置的安全性。Since the above-mentioned authentication program of the present invention can be completed before booting, network hackers cannot use software such as Trojan horse programs in the shutdown state of the electronic device to steal relevant user information for booting, thereby increasing the difficulty of stealing and improving the security of the device. safety.

综上所述,本发明于电子装置的关机状态下,将所撷取的生理数据加密来产生认证数据,并通过序列周边接口来传输认证数据至控制单元,若经判断符合预设数据,则控制单元产生启动信号来对电子装置开机。如此一来,在电子装置尚未开机之前,即可直接通过用户的生物特征认证来判断是否开机,节省电力消耗,也提供良好的使用者体验,更保障了数据的安全性。To sum up, the present invention encrypts the captured physiological data to generate authentication data when the electronic device is turned off, and transmits the authentication data to the control unit through the serial peripheral interface. If it is judged to meet the preset data, then The control unit generates a start signal to start the electronic device. In this way, before the electronic device is turned on, it can directly determine whether to turn it on through the user's biometric authentication, which saves power consumption, provides a good user experience, and ensures data security.

Claims (10)

  1. A kind of 1. authentication module, suitable for an electronic installation, it is characterised in that including:
    One data acquisition unit, for capturing a physiological data, and an authentication data is produced according to the physiological data;And
    One control unit, the data acquisition unit is coupled, for receiving the authentication data, and judge whether the authentication data meets One preset data, when the authentication data meets the preset data, then produce an enabling signal;
    Wherein, the data acquisition unit and the control unit received under an off-mode of the electronic installation one await orders electric power and Running, the electronic installation are started shooting according to the enabling signal.
  2. 2. authentication module as claimed in claim 1, it is characterised in that the data acquisition unit is further calculated by an encryption Method encrypts the physiological data, to produce the authentication data, and extremely should by a serial peripheral interface to transmit the authentication data Control unit.
  3. 3. authentication module as claimed in claim 2, it is characterised in that the control unit further will by a decipherment algorithm The authentication data decryption received, then judge whether the authentication data after decryption meets the preset data.
  4. 4. authentication module as claimed in claim 2, it is characterised in that further include:
    One input block, the data acquisition unit is coupled, for changing via an input operation from a first state to one During two-state, then an input signal is produced;
    Wherein the data acquisition unit produces the authentication data according still further to the input signal and the physiological data, the input Unit is a button, and the input operation is a push action, and the physiological data during the push action performs by this Data acquisition unit captures.
  5. 5. authentication module as claimed in claim 1, it is characterised in that the physiological data is associated with selected from a fingerprint characteristic, one The group that heartbeat feature and a skin quality feature are formed.
  6. A kind of 6. authentication method, suitable for an electronic installation, it is characterised in that including:
    Under an off-mode of the electronic installation, a physiological data is captured;
    One authentication data is produced according to the physiological data;
    Judge whether the authentication data meets a preset data;And
    When the authentication data meets the preset data, then an enabling signal is produced, make the electronic installation whereby according to the startup Signal and start shooting.
  7. 7. authentication method as claimed in claim 6, it is characterised in that further include:
    The physiological data is encrypted by an AES, to produce the authentication data;And
    The authentication data is transmitted by a first end of a serial peripheral interface bus.
  8. 8. authentication method as claimed in claim 7, it is characterised in that further include:
    The authentication data is received by one second end of the serial peripheral interface bus;
    The authentication data received is decrypted by a decipherment algorithm;And
    Judge whether the authentication data after decryption meets the preset data.
  9. 9. authentication method as claimed in claim 7, it is characterised in that further include:
    When an input block changes to second state via an input operation from a first state, receive produced by corresponding to An input signal;And
    The authentication data is produced according to the input signal and the physiological data;
    Wherein the input block is a button, and the input operation is a push action, and the physiological data is held in the push action It is subtracted in capable process.
  10. 10. authentication method as claimed in claim 6, it is characterised in that the physiological data is associated with selected from a fingerprint characteristic, one The group that heartbeat feature and a skin quality feature are formed.
CN201610817242.9A 2016-09-12 2016-09-12 Authentication module and authentication method Pending CN107818248A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610817242.9A CN107818248A (en) 2016-09-12 2016-09-12 Authentication module and authentication method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610817242.9A CN107818248A (en) 2016-09-12 2016-09-12 Authentication module and authentication method

Publications (1)

Publication Number Publication Date
CN107818248A true CN107818248A (en) 2018-03-20

Family

ID=61600582

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610817242.9A Pending CN107818248A (en) 2016-09-12 2016-09-12 Authentication module and authentication method

Country Status (1)

Country Link
CN (1) CN107818248A (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1713101A (en) * 2005-07-12 2005-12-28 中国长城计算机深圳股份有限公司 Computer power-on identity authentication system and authentication method
CN101751534A (en) * 2008-12-16 2010-06-23 联想(新加坡)私人有限公司 Computers having a biometric authentication device
EP2620839A2 (en) * 2012-01-27 2013-07-31 Sony Mobile Communications Japan, Inc. Sensor managed apparatus, method and computer program product
US20150146944A1 (en) * 2013-11-22 2015-05-28 Shenzhen Huiding Technology Co., Ltd. Secure human fingerprint sensor
CN204667408U (en) * 2015-03-27 2015-09-23 北京联云格科技有限公司 A kind of control device

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1713101A (en) * 2005-07-12 2005-12-28 中国长城计算机深圳股份有限公司 Computer power-on identity authentication system and authentication method
CN101751534A (en) * 2008-12-16 2010-06-23 联想(新加坡)私人有限公司 Computers having a biometric authentication device
EP2620839A2 (en) * 2012-01-27 2013-07-31 Sony Mobile Communications Japan, Inc. Sensor managed apparatus, method and computer program product
US20150146944A1 (en) * 2013-11-22 2015-05-28 Shenzhen Huiding Technology Co., Ltd. Secure human fingerprint sensor
CN204667408U (en) * 2015-03-27 2015-09-23 北京联云格科技有限公司 A kind of control device

Similar Documents

Publication Publication Date Title
CN100541366C (en) Vehicle information rewriting system
CN104239815A (en) Electronic document encryption and decryption method and method based on iris identification
CN203746071U (en) Security computer based on encrypted hard disc
CN103576787A (en) Panel computer with high safety performance
US10759385B2 (en) Electronic lock and key for performing an unlock operation
WO2017152815A1 (en) Identity authentication method and system
WO2005057525A1 (en) Encryption/decryption system, device, and method
CN110062933A (en) Fingerprint recognition card and the power supply operation method for utilizing fingerprint recognition card
CN105117658B (en) A kind of cryptosecurity management method and equipment based on finger print identifying
CN105447405A (en) Document encryption/decryption method and apparatus based on iris recognition and authentication
CN103581378A (en) Smart phone high in safety performance
CN107590025A (en) A kind of back-up restoring method and system
CN100500091C (en) Identification system and method based on intelligent biological feature collection and processing terminal
CN106156577A (en) A kind of safety chip, authentication method based on biological characteristic and intelligent terminal
CN105279547B (en) A kind of bio-identification IC card and its control method
CN108109242A (en) A kind of hardware encryption method unlocked based on fingerprint, system, intelligent cloud lock
CN109254661A (en) Image display method, device, storage medium and electronic equipment
CN109426713A (en) Fake biological feature filtering device for identity verification system
CN107229856A (en) Operation method of handheld device
CN104063323A (en) Mobile terminal and equipment controlling method and system thereof
WO2017177502A1 (en) Method and apparatus for controlling working state of terminal
JP2012038127A (en) Information processing device and communication system
CN107818248A (en) Authentication module and authentication method
US20230418924A1 (en) Execution device, instruction device, method executed by same, and computer program
CN106529319A (en) File protection method and device, and terminal

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
WD01 Invention patent application deemed withdrawn after publication
WD01 Invention patent application deemed withdrawn after publication

Application publication date: 20180320