[go: up one dir, main page]

CN107818255A - A kind of method based on fingerprint recognition encryption strengthening system safety - Google Patents

A kind of method based on fingerprint recognition encryption strengthening system safety Download PDF

Info

Publication number
CN107818255A
CN107818255A CN201711251499.3A CN201711251499A CN107818255A CN 107818255 A CN107818255 A CN 107818255A CN 201711251499 A CN201711251499 A CN 201711251499A CN 107818255 A CN107818255 A CN 107818255A
Authority
CN
China
Prior art keywords
user
password
fingerprint recognition
terminal
encryption lock
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201711251499.3A
Other languages
Chinese (zh)
Other versions
CN107818255B (en
Inventor
张国磊
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Suzhou Metabrain Intelligent Technology Co Ltd
Original Assignee
Zhengzhou Yunhai Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Zhengzhou Yunhai Information Technology Co Ltd filed Critical Zhengzhou Yunhai Information Technology Co Ltd
Priority to CN201711251499.3A priority Critical patent/CN107818255B/en
Publication of CN107818255A publication Critical patent/CN107818255A/en
Application granted granted Critical
Publication of CN107818255B publication Critical patent/CN107818255B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • H04L9/3231Biological data, e.g. fingerprint, voice or retina

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • General Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Software Systems (AREA)
  • Signal Processing (AREA)
  • Health & Medical Sciences (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • General Health & Medical Sciences (AREA)
  • Biomedical Technology (AREA)
  • Biodiversity & Conservation Biology (AREA)
  • Life Sciences & Earth Sciences (AREA)
  • Databases & Information Systems (AREA)
  • Bioethics (AREA)
  • Storage Device Security (AREA)

Abstract

本发明提供一种基于指纹识别加密增强系统安全的方法,终端操作系统将指纹识别加密锁分别与用户名及密码进行匹配;当指纹识别加密锁分别与用户名及密码匹配成功时,确定用户登录成功。用户在登陆时增加指纹识别加密锁,以及分别与指纹识别加密锁相匹配的用户名和密码,提高系统的安全性。用户注册的个人信息不存储在终端内,可以保证个人信息的安全。在终端内不存储用户的个人信息,用完即在终端内擦除,保证用户的个人信息安全。

The invention provides a method for enhancing system security based on fingerprint identification and encryption. The terminal operating system matches the fingerprint identification encryption lock with the user name and password respectively; success. When the user logs in, add a fingerprint identification encryption lock, and a user name and password that match the fingerprint identification encryption lock respectively, so as to improve the security of the system. The personal information registered by the user is not stored in the terminal, which can ensure the security of personal information. The user's personal information is not stored in the terminal, and it will be erased in the terminal after use to ensure the security of the user's personal information.

Description

一种基于指纹识别加密增强系统安全的方法A Method of Enhancing System Security Based on Fingerprint Identification and Encryption

技术领域technical field

本发明涉及操作系统安全领域,尤其涉及一种基于指纹识别加密增强系统安全的方法。The invention relates to the field of operating system security, in particular to a method for enhancing system security based on fingerprint identification and encryption.

背景技术Background technique

随着信息技术的发展,信息化程度的不断提高,信息安全越来越受到广泛关注,特别是服务器的安全。服务器在管理过程中,通过远程管理是普遍采用的一种方式,为了增强现行方式的安全性。With the development of information technology and the continuous improvement of informatization, information security has attracted more and more attention, especially the security of servers. In the process of server management, remote management is a commonly used method, in order to enhance the security of the current method.

现有技术中,在linux操作系统登陆过程中,保证系统安全的方式是使用用户名和密码进行登陆,这样安全手段较为单一,而且容易破解密码,给系统及用户使用带来安全隐患,而且也容易对用户的个人信息造成泄露。In the prior art, in the login process of the linux operating system, the way to ensure system security is to log in with a user name and password. This way, the security means are relatively single, and it is easy to crack the password, which brings security risks to the system and users, and is also easy to use. Disclosure of personal information of users.

发明内容Contents of the invention

为了克服上述现有技术中的不足,本发明提供一种基于指纹识别加密增强系统安全的方法,包括:终端,终端安装有操作系统,方法包括:In order to overcome the deficiencies in the above-mentioned prior art, the present invention provides a method for enhancing system security based on fingerprint identification and encryption, including: a terminal, the terminal is installed with an operating system, and the method includes:

用户通过操作系统客户端向终端发起登录请求,登录请求包括:指纹识别加密锁以及分别与指纹识别加密锁相匹配的用户名和密码;The user initiates a login request to the terminal through the operating system client, and the login request includes: a fingerprint recognition dongle and a user name and password that match the fingerprint recognition dongle;

终端识别指纹识别加密锁,并提供用户输入用户名及密码的端口;The terminal recognizes the fingerprint recognition encryption lock, and provides a port for the user to input the user name and password;

终端操作系统将指纹识别加密锁分别与用户名及密码进行匹配;The terminal operating system matches the fingerprint identification encryption lock with the user name and password respectively;

当指纹识别加密锁分别与用户名及密码匹配成功时,确定用户登录成功。When the fingerprint recognition encryption lock matches the user name and the password successfully, it is determined that the user logs in successfully.

优选地,步骤操作系统将指纹识别加密锁分别与用户名及密码进行匹配之后还包括:当指纹识别加密锁与用户名不匹配,或指纹识别加密锁与密码不匹配,或指纹识别加密锁与用户名及密码均不匹配时,锁定系统,禁止用户登录。Preferably, after the operating system matches the fingerprint recognition dongle with the user name and password, it also includes: when the fingerprint recognition dongle does not match the user name, or the fingerprint recognition dongle does not match the password, or the fingerprint recognition dongle does not match the password. When the user name and password do not match, the system is locked and the user is prohibited from logging in.

优选地,用户通过操作系统客户端向终端发起登录请求之前还包括:用户预先在终端的操作系统中保存指纹识别加密锁以及,分别与指纹识别加密锁相匹配的用户名和密码。Preferably, before the user initiates a login request to the terminal through the operating system client, the user further includes: the user saves the fingerprint identification dongle in advance in the operating system of the terminal, and the user name and password respectively matched with the fingerprint identification dongle.

优选地,包括:与终端数据通信的信息注册服务器;Preferably, it includes: an information registration server for data communication with the terminal;

步骤用户通过操作系统客户端向终端发起登录请求之前还包括:用户访问信息注册服务器,注册个人信息,指纹识别加密锁信息,用户名和密码;并将指纹识别加密锁信息分别与注册个人信息,用户名和密码相绑定;Before the user initiates a login request to the terminal through the operating system client, it also includes: user access information registration server, registration of personal information, fingerprint identification encryption lock information, user name and password; and fingerprint identification encryption lock information with registered personal information, user Name and password are bound;

注册完成后,信息注册服务器向用户发出唯一的指纹识别加密锁信息,用户名和密码;After the registration is completed, the information registration server sends the user a unique fingerprint identification encryption lock information, user name and password;

信息注册服务器将用户的个人信息、存储于信息注册服务器的数据库中。The information registration server stores the user's personal information in the database of the information registration server.

优选地,用户通过操作系统客户端向终端发起登录请求;Preferably, the user initiates a login request to the terminal through the operating system client;

终端收到登录请求后,在本地检索用户的指纹识别加密锁,同时终端识别指纹识别加密锁,并提供用户输入用户名及密码的端口;After receiving the login request, the terminal retrieves the user's fingerprint recognition dongle locally, and at the same time, the terminal recognizes the fingerprint recognition dongle and provides a port for the user to input the user name and password;

用户名及密码是否存在,若不存在,则访问信息注册服务器,在信息注册服务器中获取用户的指纹识别加密锁,用户名及密码;Whether the user name and password exist, if not, access the information registration server, and obtain the user's fingerprint identification encryption lock, user name and password in the information registration server;

终端操作系统将指纹识别加密锁分别与用户名及密码进行匹配;当指纹识别加密锁分别与用户名及密码匹配成功时,确定用户登录成功。The terminal operating system matches the fingerprint recognition encryption lock with the user name and password respectively; when the fingerprint recognition encryption lock is successfully matched with the user name and password respectively, it is determined that the user login is successful.

优选地,确定用户登录成功后,信息注册服务器擦除终端获取的用户指纹识别加密锁,用户名及密码;Preferably, after determining that the user logs in successfully, the information registration server erases the user's fingerprint identification encryption lock, user name and password acquired by the terminal;

当指纹识别加密锁与用户名不匹配,或指纹识别加密锁与密码不匹配,或指纹识别加密锁与用户名及密码均不匹配时,锁定系统,禁止用户登录;When the fingerprint recognition encryption lock does not match the user name, or the fingerprint recognition encryption lock does not match the password, or the fingerprint recognition encryption lock does not match the user name and password, the system is locked and the user is prohibited from logging in;

信息注册服务器擦除终端获取的用户指纹识别加密锁,用户名及密码。The information registration server erases the user fingerprint identification encryption lock, user name and password acquired by the terminal.

优选地,用户登录成功后,Preferably, after the user logs in successfully,

终端接收到用户再次输入的指纹识别加密锁后,终端为提供用户输入用户名及密码的端口;After the terminal receives the fingerprint identification encryption lock input by the user again, the terminal provides a port for the user to enter the user name and password;

用户输入与指纹识别加密锁匹配的用户名及密码,终端存储指纹识别加密锁以及分别与指纹识别加密锁相匹配的用户名和密码;The user enters the user name and password matching the fingerprint recognition dongle, and the terminal stores the fingerprint recognition dongle and the user name and password respectively matching the fingerprint recognition dongle;

用户再次输入用户名及密码后,对用户名及密码进行查询。After the user enters the user name and password again, the user name and password are queried.

优选地,用户登录成功后,用户对用户名及密码进行修改;Preferably, after the user logs in successfully, the user modifies the username and password;

终端根据用户的指纹识别加密锁以及分别与指纹识别加密锁相匹配的用户名和密码,生成第一随机数列,将第一随机数列分别与用户名和密码进行组合;The terminal generates a first random number sequence according to the user's fingerprint recognition dongle and the username and password respectively matched with the fingerprint recognition dongle, and combines the first random number sequence with the username and password respectively;

终端向信息注册服务器发送通信密钥请求,获取一所述用户的通信密钥;The terminal sends a communication key request to the information registration server to obtain a communication key of the user;

终端将得到所述用户的通信密钥,再分别与具有第一随机数列的用户名和密码进行组合加密,并形成数字签名纪要;The terminal will obtain the user's communication key, and then combine and encrypt it with the user name and password with the first random number sequence respectively, and form a digital signature summary;

终端中的数字签名纪要采用RSA算法分别对具有通信密钥及第一随机数列的用户名和密码进行组合进行数字签名,并将加密后用户名和密码及其数字签名纪要发送到信息注册服务器;The digital signature summary in the terminal uses the RSA algorithm to digitally sign the combination of the user name and password with the communication key and the first random number sequence, and sends the encrypted user name and password and their digital signature summary to the information registration server;

信息注册服务器接收到信息后,对接收到的数据进行验签和解密,并将解密后的账户用户名和密码保存。After the information registration server receives the information, it verifies and decrypts the received data, and saves the decrypted account user name and password.

从以上技术方案可以看出,本发明具有以下优点:As can be seen from the above technical solutions, the present invention has the following advantages:

终端操作系统将指纹识别加密锁分别与用户名及密码进行匹配;当指纹识别加密锁分别与用户名及密码匹配成功时,确定用户登录成功。用户在登陆时增加指纹识别加密锁,以及分别与指纹识别加密锁相匹配的用户名和密码,提高系统的安全性。The terminal operating system matches the fingerprint recognition encryption lock with the user name and password respectively; when the fingerprint recognition encryption lock is successfully matched with the user name and password respectively, it is determined that the user login is successful. When the user logs in, add a fingerprint identification encryption lock, and a user name and password that match the fingerprint identification encryption lock respectively, so as to improve the security of the system.

本发明中,用户注册的个人信息不存储在终端内,可以保证个人信息的安全。在终端内不存储用户的个人信息,用完即在终端内擦除,保证用户的个人信息安全。而且用户在修改指纹识别加密锁匹配的用户名及密码后,再将修改后的指纹识别加密锁匹配的用户名及密码上传至信息注册服务器。本发明涉及了一套具有保密设置的通信过程,保证了通信保密性。In the present invention, the personal information registered by the user is not stored in the terminal, which can ensure the safety of the personal information. The user's personal information is not stored in the terminal, and it will be erased in the terminal after use to ensure the security of the user's personal information. Moreover, after the user modifies the user name and password matched by the fingerprint recognition dongle, the modified user name and password matched by the fingerprint recognition dongle are uploaded to the information registration server. The invention relates to a set of communication process with security setting, which ensures the communication security.

附图说明Description of drawings

为了更清楚地说明本发明的技术方案,下面将对描述中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图仅仅是本发明的一些实施例,对于本领域普通技术人员来讲,在不付出创造性劳动的前提下,还可以根据这些附图获得其他的附图。In order to illustrate the technical solution of the present invention more clearly, the accompanying drawings that need to be used in the description will be briefly introduced below. Obviously, the accompanying drawings in the following description are only some embodiments of the present invention. As far as people are concerned, other drawings can also be obtained based on these drawings on the premise of not paying creative work.

图1为基于指纹识别加密增强系统安全的方法流程图。Fig. 1 is a flowchart of a method for enhancing system security based on fingerprint identification and encryption.

具体实施方式Detailed ways

为使得本发明的发明目的、特征、优点能够更加的明显和易懂,下面将运用具体的实施例及附图,对本发明保护的技术方案进行清楚、完整地描述,显然,下面所描述的实施例仅仅是本发明一部分实施例,而非全部的实施例。基于本专利中的实施例,本领域普通技术人员在没有做出创造性劳动前提下所获得的所有其它实施例,都属于本专利保护的范围。In order to make the purpose, features and advantages of the present invention more obvious and understandable, the technical solutions protected by the present invention will be clearly and completely described below using specific embodiments and accompanying drawings. Obviously, the implementation described below Examples are only some embodiments of the present invention, but not all embodiments. Based on the embodiments in this patent, all other embodiments obtained by persons of ordinary skill in the art without creative efforts fall within the protection scope of this patent.

本发明提供一种基于指纹识别加密增强系统安全的方法,包括:终端,终端安装有操作系统,如图1所示,方法包括:The present invention provides a method for enhancing system security based on fingerprint identification and encryption, including: a terminal, the terminal is installed with an operating system, as shown in Figure 1, the method includes:

S1,用户通过操作系统客户端向终端发起登录请求,登录请求包括:指纹识别加密锁以及分别与指纹识别加密锁相匹配的用户名和密码;S1, the user initiates a login request to the terminal through the operating system client, and the login request includes: a fingerprint identification dongle and a user name and password respectively matching with the fingerprint identification dongle;

S2,终端识别指纹识别加密锁,并提供用户输入用户名及密码的端口;S2, the terminal recognizes the fingerprint recognition encryption lock, and provides a port for the user to input the user name and password;

S3,终端操作系统将指纹识别加密锁分别与用户名及密码进行匹配;S3, the terminal operating system matches the fingerprint identification encryption lock with the user name and password respectively;

S4,当指纹识别加密锁分别与用户名及密码匹配成功时,确定用户登录成功。S4. When the fingerprint recognition dongle is successfully matched with the user name and the password respectively, it is determined that the user logs in successfully.

其中,步骤操作系统将指纹识别加密锁分别与用户名及密码进行匹配之后还包括:当指纹识别加密锁与用户名不匹配,或指纹识别加密锁与密码不匹配,或指纹识别加密锁与用户名及密码均不匹配时,锁定系统,禁止用户登录。Wherein, after the operating system matches the fingerprint identification dongle with the user name and password respectively, it also includes: when the fingerprint identification encryption lock does not match the user name, or the fingerprint identification encryption lock does not match the password, or the fingerprint identification encryption lock does not match the user name. If the username and password do not match, the system will be locked and the user will not be able to log in.

用户通过操作系统客户端向终端发起登录请求之前还包括:用户预先在终端的操作系统中保存指纹识别加密锁以及,分别与指纹识别加密锁相匹配的用户名和密码。Before the user initiates a login request to the terminal through the operating system client, it also includes: the user saves the fingerprint identification dongle in the terminal operating system in advance, and the user name and password respectively matched with the fingerprint identification dongle.

本发明还有一实施例包括:与终端数据通信的信息注册服务器;Still another embodiment of the present invention includes: an information registration server for data communication with the terminal;

步骤用户通过操作系统客户端向终端发起登录请求之前还包括:用户访问信息注册服务器,注册个人信息,指纹识别加密锁信息,用户名和密码;并将指纹识别加密锁信息分别与注册个人信息,用户名和密码相绑定;注册完成后,信息注册服务器向用户发出唯一的指纹识别加密锁信息,用户名和密码;信息注册服务器将用户的个人信息、存储于信息注册服务器的数据库中。这样用户注册的个人信息不存储在终端内,可以保证个人信息的安全。Before the user initiates a login request to the terminal through the operating system client, it also includes: user access information registration server, registration of personal information, fingerprint identification encryption lock information, user name and password; and fingerprint identification encryption lock information with registered personal information, user After the registration is completed, the information registration server sends the user a unique fingerprint identification encryption lock information, user name and password; the information registration server stores the user's personal information in the database of the information registration server. In this way, the personal information registered by the user is not stored in the terminal, which can ensure the security of the personal information.

本实施例中,用户通过操作系统客户端向终端发起登录请求;终端收到登录请求后,在本地检索用户的指纹识别加密锁,同时终端识别指纹识别加密锁,并提供用户输入用户名及密码的端口;In this embodiment, the user initiates a login request to the terminal through the operating system client; after receiving the login request, the terminal retrieves the user's fingerprint recognition dongle locally, and at the same time, the terminal recognizes the fingerprint recognition dongle and provides the user with a username and password the port;

用户名及密码是否存在,若不存在,则访问信息注册服务器,在信息注册服务器中获取用户的指纹识别加密锁,用户名及密码;Whether the user name and password exist, if not, access the information registration server, and obtain the user's fingerprint identification encryption lock, user name and password in the information registration server;

终端操作系统将指纹识别加密锁分别与用户名及密码进行匹配;当指纹识别加密锁分别与用户名及密码匹配成功时,确定用户登录成功。The terminal operating system matches the fingerprint recognition encryption lock with the user name and password respectively; when the fingerprint recognition encryption lock is successfully matched with the user name and password respectively, it is determined that the user login is successful.

确定用户登录成功后,信息注册服务器擦除终端获取的用户指纹识别加密锁,用户名及密码;After confirming that the user logs in successfully, the information registration server erases the user's fingerprint identification encryption lock, user name and password acquired by the terminal;

当指纹识别加密锁与用户名不匹配,或指纹识别加密锁与密码不匹配,或指纹识别加密锁与用户名及密码均不匹配时,锁定系统,禁止用户登录;信息注册服务器擦除终端获取的用户指纹识别加密锁,用户名及密码。When the fingerprint recognition encryption lock does not match the user name, or the fingerprint recognition encryption lock does not match the password, or the fingerprint recognition encryption lock does not match the user name and password, the system is locked and the user is prohibited from logging in; the information registration server erases the terminal acquisition User fingerprint identification encryption lock, user name and password.

这样在终端内不存储用户的个人信息,用完即在终端内擦除,保证用户的个人信息安全。In this way, the user's personal information is not stored in the terminal, and will be erased in the terminal after use, ensuring the safety of the user's personal information.

本实施例中,用户登录成功后,终端接收到用户再次输入的指纹识别加密锁后,终端为提供用户输入用户名及密码的端口;In this embodiment, after the user logs in successfully, after the terminal receives the fingerprint recognition encryption lock input by the user again, the terminal provides a port for the user to input the user name and password;

用户输入与指纹识别加密锁匹配的用户名及密码,终端存储指纹识别加密锁以及分别与指纹识别加密锁相匹配的用户名和密码;用户再次输入用户名及密码后,对用户名及密码进行查询。The user enters the user name and password that match the fingerprint recognition dongle, and the terminal stores the fingerprint recognition dongle and the user name and password that match the fingerprint recognition dongle respectively; after the user enters the user name and password again, the user name and password are queried .

当用户确定终端的安全性后,可以将指纹识别加密锁匹配的用户名及密码储存在终端内。After the user confirms the security of the terminal, the user name and password matched by the fingerprint identification dongle can be stored in the terminal.

本实施例中,用户可以通过终端对指纹识别加密锁匹配的用户名及密码进行修改,查询。其中修改过程为,用户登录成功后,用户对用户名及密码进行修改;In this embodiment, the user can modify and query the user name and password matched by the fingerprint identification dongle through the terminal. The modification process is that after the user logs in successfully, the user modifies the user name and password;

终端根据用户的指纹识别加密锁以及分别与指纹识别加密锁相匹配的用户名和密码,生成第一随机数列,将第一随机数列分别与用户名和密码进行组合;The terminal generates a first random number sequence according to the user's fingerprint recognition dongle and the username and password respectively matched with the fingerprint recognition dongle, and combines the first random number sequence with the username and password respectively;

终端向信息注册服务器发送通信密钥请求,获取一所述用户的通信密钥;The terminal sends a communication key request to the information registration server to obtain a communication key of the user;

终端将得到所述用户的通信密钥,再分别与具有第一随机数列的用户名和密码进行组合加密,并形成数字签名纪要;The terminal will obtain the user's communication key, and then combine and encrypt it with the user name and password with the first random number sequence respectively, and form a digital signature summary;

终端中的数字签名纪要采用RSA算法分别对具有通信密钥及第一随机数列的用户名和密码进行组合进行数字签名,并将加密后用户名和密码及其数字签名纪要发送到信息注册服务器;The digital signature summary in the terminal uses the RSA algorithm to digitally sign the combination of the user name and password with the communication key and the first random number sequence, and sends the encrypted user name and password and their digital signature summary to the information registration server;

信息注册服务器接收到信息后,对接收到的数据进行验签和解密,并将解密后的账户用户名和密码保存。After the information registration server receives the information, it verifies and decrypts the received data, and saves the decrypted account user name and password.

这样用户在通过终端修改指纹识别加密锁匹配的用户名及密码后,再将修改后的指纹识别加密锁匹配的用户名及密码上传至信息注册服务器。In this way, after the user modifies the user name and password matched by the fingerprint identification dongle through the terminal, the modified user name and password matched by the fingerprint identification dongle are uploaded to the information registration server.

本说明书中各个实施例采用递进的方式描述,每个实施例重点说明的都是与其他实施例的不同之处,各个实施例之间相同相似部分互相参考即可。Each embodiment in this specification is described in a progressive manner, each embodiment focuses on the difference from other embodiments, and the same and similar parts of each embodiment can be referred to each other.

对所公开的实施例的上述说明,使本领域专业技术人员能够实现或使用本发明。对这些实施例的多种修改对本领域的专业技术人员来说将是显而易见的,本文中所定义的一般原理可以在不脱离本发明的精神或范围的情况下,在其它实施例中实现。因此,本发明将不会被限制于本文所示的这些实施例,而是要符合与本文所公开的原理和新颖特点相一致的最宽的范围。The above description of the disclosed embodiments is provided to enable any person skilled in the art to make or use the invention. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the general principles defined herein may be implemented in other embodiments without departing from the spirit or scope of the invention. Therefore, the present invention will not be limited to the embodiments shown herein, but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.

Claims (8)

1. a kind of method based on fingerprint recognition encryption strengthening system safety, including:Terminal, terminal are provided with operating system, its It is characterised by, method includes:
User initiates logging request by operating system client to terminal, and logging request includes:Fingerprint recognition encryption lock and The username and password to match respectively with fingerprint recognition encryption lock;
Terminal recognition fingerprint recognition encryption lock, and the port that user inputs user name and password is provided;
Terminal operating system is matched fingerprint recognition encryption lock with user name and password respectively;
When fingerprint recognition encryption lock succeeds with user name and password match respectively, determine that user logins successfully.
2. the method according to claim 1 based on fingerprint recognition encryption strengthening system safety, it is characterised in that
Step operation system also includes after fingerprint recognition encryption lock is matched with user name and password respectively:When fingerprint is known Other encryption lock mismatches with user name, or fingerprint recognition encryption lock mismatches with password, or fingerprint recognition encryption lock and user name And password locking system, forbids user to log in when mismatching.
3. the method according to claim 1 based on fingerprint recognition encryption strengthening system safety, it is characterised in that
User initiates also to include before logging request by operating system client to terminal:User is in advance in the operation system of terminal In system preserve fingerprint recognition encryption lock and, the username and password to match respectively with fingerprint recognition encryption lock.
4. the method according to claim 1 based on fingerprint recognition encryption strengthening system safety, it is characterised in that including: The information registering server to be communicated with terminal data;
Step user initiates also to include before logging request by operating system client to terminal:User access information registration clothes Business device, register personal information, fingerprint recognition encryption lock information, username and password;And fingerprint recognition encryption lock information is distinguished With registering personal information, username and password is mutually bound;
After the completion of registration, information registering server issues the user with unique fingerprint recognition encryption lock information, username and password;
Information registering server by the personal information of user, be stored in the database of information registering server.
5. the method according to claim 4 based on fingerprint recognition encryption strengthening system safety, it is characterised in that
User initiates logging request by operating system client to terminal;
After terminal receives logging request, in the fingerprint recognition encryption lock of locally retrieval user, while terminal recognition fingerprint recognition adds Close lock, and the port that user inputs user name and password is provided;
User name and password whether there is, if being not present, access information registrar, be obtained in information registering server The fingerprint recognition encryption lock of user, user name and password;
Terminal operating system is matched fingerprint recognition encryption lock with user name and password respectively;When fingerprint recognition encryption lock point When not with user name and password match success, determine that user logins successfully.
6. the method according to claim 5 based on fingerprint recognition encryption strengthening system safety, it is characterised in that
After determining that user logins successfully, the user fingerprints that information registering server erasing terminal obtains identify encryption lock, user name And password;
When fingerprint recognition encryption lock and user name mismatch, or fingerprint recognition encryption lock add with password mismatch, or fingerprint recognition When close lock mismatches with user name and password, locking system, user is forbidden to log in;
The user fingerprints identification encryption lock that information registering server erasing terminal obtains, user name and password.
7. the method according to claim 5 based on fingerprint recognition encryption strengthening system safety, it is characterised in that Yong Hudeng After recording successfully,
After terminal receives the fingerprint recognition encryption lock that user inputs again, terminal is to provide user to input user name and password Port;
The user name and password, terminal storage fingerprint recognition encryption lock and difference that user's input matches with fingerprint recognition encryption lock The username and password to match with fingerprint recognition encryption lock;
After user inputs user name and password again, user name and password are inquired about.
8. the method according to claim 7 based on fingerprint recognition encryption strengthening system safety, it is characterised in that
After user logins successfully, user to user name and password are modified;
Terminal according to the fingerprint recognition encryption lock of user and the username and password to match respectively with fingerprint recognition encryption lock, The first random number series is generated, the first random number series is combined with username and password respectively;
Terminal sends communication key request to information registering server, obtains the communication key of a user;
Terminal will obtain the communication key of the user, then carry out group with the username and password with the first random number series respectively Encryption is closed, and forms digital signature summary;
Digital signature summary in terminal using RSA Algorithm respectively to the user name with communication key and the first random number series and Password, which is combined, to be digitally signed, and username and password after encryption and its digital signature summary are sent into information registering Server;
After information registering server receives information, the data that receive are carried out with sign test and decryption, and by the account after decryption Username and password preserves.
CN201711251499.3A 2017-12-01 2017-12-01 Method for enhancing system security based on fingerprint identification encryption Active CN107818255B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201711251499.3A CN107818255B (en) 2017-12-01 2017-12-01 Method for enhancing system security based on fingerprint identification encryption

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201711251499.3A CN107818255B (en) 2017-12-01 2017-12-01 Method for enhancing system security based on fingerprint identification encryption

Publications (2)

Publication Number Publication Date
CN107818255A true CN107818255A (en) 2018-03-20
CN107818255B CN107818255B (en) 2020-08-18

Family

ID=61606526

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201711251499.3A Active CN107818255B (en) 2017-12-01 2017-12-01 Method for enhancing system security based on fingerprint identification encryption

Country Status (1)

Country Link
CN (1) CN107818255B (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110147658A (en) * 2019-04-16 2019-08-20 平安科技(深圳)有限公司 User information encipher-decipher method, system and computer equipment
CN110620781A (en) * 2019-09-27 2019-12-27 深圳市大头互动文化传播有限公司 User registration login management system based on game platform
CN115529163A (en) * 2022-08-25 2022-12-27 江苏电力信息技术有限公司 A login identification and encryption method for digital business halls of electric power systems

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20120331156A1 (en) * 2011-06-21 2012-12-27 Colpitts Cameron Wireless control system, methods and apparatus
CN103701774A (en) * 2013-12-03 2014-04-02 乐视网信息技术(北京)股份有限公司 Login method and device
CN103957202A (en) * 2014-04-22 2014-07-30 中国工商银行股份有限公司 Safety login method and system
CN105207992A (en) * 2015-08-17 2015-12-30 上海斐讯数据通信技术有限公司 Fingerprint management account system and method
US9253192B1 (en) * 2009-12-21 2016-02-02 Emc Corporation Pluggable login architecture and dynamic resource recognition

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9253192B1 (en) * 2009-12-21 2016-02-02 Emc Corporation Pluggable login architecture and dynamic resource recognition
US20120331156A1 (en) * 2011-06-21 2012-12-27 Colpitts Cameron Wireless control system, methods and apparatus
CN103701774A (en) * 2013-12-03 2014-04-02 乐视网信息技术(北京)股份有限公司 Login method and device
CN103957202A (en) * 2014-04-22 2014-07-30 中国工商银行股份有限公司 Safety login method and system
CN105207992A (en) * 2015-08-17 2015-12-30 上海斐讯数据通信技术有限公司 Fingerprint management account system and method

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110147658A (en) * 2019-04-16 2019-08-20 平安科技(深圳)有限公司 User information encipher-decipher method, system and computer equipment
CN110620781A (en) * 2019-09-27 2019-12-27 深圳市大头互动文化传播有限公司 User registration login management system based on game platform
CN115529163A (en) * 2022-08-25 2022-12-27 江苏电力信息技术有限公司 A login identification and encryption method for digital business halls of electric power systems

Also Published As

Publication number Publication date
CN107818255B (en) 2020-08-18

Similar Documents

Publication Publication Date Title
US10680808B2 (en) 1:N biometric authentication, encryption, signature system
US11949785B1 (en) Biometric authenticated biometric enrollment
US11556617B2 (en) Authentication translation
JP6882254B2 (en) Safety verification methods based on biological characteristics, client terminals, and servers
CN108965222B (en) Identity authentication method, system and computer readable storage medium
JP5710439B2 (en) Template delivery type cancelable biometric authentication system and method
WO2017071493A1 (en) Identification, service processing and biometric information processing method and device
CN105959287A (en) Biological feature based safety certification method and device
EP3206329B1 (en) Security check method, device, terminal and server
CN114257376B (en) Digital certificate updating method, device, computer equipment and storage medium
WO1999012144A1 (en) Digital signature generating server and digital signature generating method
TW202541048A (en) Generating and maintaining digital tokens on a blockchain using physical device identifiers
CN105635075A (en) Method of registering cloud terminal, cloud terminal, cloud server and cloud system
WO2022042745A1 (en) Key management method and apparatus
CN108121904B (en) Unlocking method, device, electronic equipment and server
US11120120B2 (en) Method and system for secure password storage
CN112039665A (en) A key management method and device
CN107818255A (en) A kind of method based on fingerprint recognition encryption strengthening system safety
US20190288833A1 (en) System and Method for Securing Private Keys Behind a Biometric Authentication Gateway
CN109584421A (en) A kind of intelligent door lock authentication administrative system based on domestic safety chip
CN110035032A (en) Unlocked by fingerprint method and unlocked by fingerprint system
CN113792272A (en) Method and device for managing and controlling password library, storage medium and electronic equipment
KR101936941B1 (en) Electronic approval system, method, and program using biometric authentication
CN107920097A (en) A kind of method and device of unlock
JPH1188322A (en) Digital signature generation method

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
TA01 Transfer of patent application right
TA01 Transfer of patent application right

Effective date of registration: 20200722

Address after: 215100 No. 1 Guanpu Road, Guoxiang Street, Wuzhong Economic Development Zone, Suzhou City, Jiangsu Province

Applicant after: SUZHOU LANGCHAO INTELLIGENT TECHNOLOGY Co.,Ltd.

Address before: 450000 Henan province Zheng Dong New District of Zhengzhou City Xinyi Road No. 278 16 floor room 1601

Applicant before: ZHENGZHOU YUNHAI INFORMATION TECHNOLOGY Co.,Ltd.

GR01 Patent grant
GR01 Patent grant
CP03 Change of name, title or address
CP03 Change of name, title or address

Address after: Building 9, No.1, guanpu Road, Guoxiang street, Wuzhong Economic Development Zone, Wuzhong District, Suzhou City, Jiangsu Province

Patentee after: Suzhou Yuannao Intelligent Technology Co.,Ltd.

Country or region after: China

Address before: Building 9, No.1, guanpu Road, Guoxiang street, Wuzhong Economic Development Zone, Wuzhong District, Suzhou City, Jiangsu Province

Patentee before: SUZHOU LANGCHAO INTELLIGENT TECHNOLOGY Co.,Ltd.

Country or region before: China