WO2011035549A1 - Method for managing citizen information - Google Patents

Abstract

A method for managing citizen information, relates to the contents: exchanging and managing information between enterprises, public institutions, social organizations, and state organs, collectively called the units, and the citizens, etc. The method includes: establishing a national citizen information management platform, including a citizen information management system, an information service system, and an email box system. The management platform has the management functions: integration, classification, indexing, and statistics of the information of the citizens and the units, etc, provides the application services: inquiry, check, presentation, identity authentication, and retrieval of the information of the citizens and the units, etc, and has the functions of email box, online exchange, social investigation, issuing proclamations, and issuing advertisements. The management platform assigns an email box, uniformly coded and freely used for life, and its address account number, to each citizen and each unit, and gives the email box the function of "collecting and distributing base" of information, achieving the inquiry, check, and presentation of their own information for the citizens and the units and the convenient, quick, and real information exchange between each other.

Description

 - Citizen information management methods I. Technical areas:

 Adopt WAN technology, communication technology, W E B technology, and large database management technology.

Two' technical background:

 The world has entered the information age. All administrative departments and numerous enterprises and institutions in China have developed their own independent websites and database systems under the wave of informationization. Citizens' personal identity information and information on finance, real estate, insurance, finance and taxation, transportation, health care, water and electricity costs, etc., are often scattered in the business system databases of separate departments or units. Citizens have the need to inquire about and present to others about their personal information, as well as the need to examine other people's personal information. State organs, enterprises, institutions, social organizations and other legal persons or unincorporated organizations (hereinafter collectively referred to as units) also have information about their own information stored in other departments or units, as well as inquiries about their own information. And the need to show other units or individuals, the need to check other units or personal information. There is a large amount of information exchange between units, between units and citizens, and between citizens. The full realization of these demands will greatly promote social development and economic prosperity. The current situation is that, because these information about citizens or units are separated from each other, there is no correlation, and inquiries, inspections, and displays are severely constrained and inefficient. As communication channels are not smooth, information exchange is also severely constrained. For example: I want to contact a classmate who I haven't seen for many years, but I can't because I lost my contact information. I want to consult an expert question but I don't find the business card he left. I have to give up. The legal documents of the court or administrative agency can't find the defendant or the administrative relative. People have to "announce" to serve, announcements and "not up" are often the case, and it is obviously unfair to most units or citizens who are "announced"; between state organs, social public units and citizens The paper letter is mainly based on postal communication, which not only costs too much postage, but also causes unnecessary losses due to delay, misfeeding and missing.

 With the rapid development of e-commerce, network security issues have become increasingly prominent, the most important of which is the identification problem. Fraud due to the virtualization of network identities can be described as endless. There are authentication issues for both the unit and the citizen. As a main body of social activities, the unit has its own business sector and competent authorities to disclose its identity information, and it is relatively easy for others to verify their true identity. However, if the unit wants to conduct business online, it needs to take the initiative to identify its identity to other citizens, units or other systems. Under the existing information system, the limitations are very large.

Citizenship verification has always been a major social problem. The key point is that the identity card fraud has not been completely resolved. Although the country has basically replaced the second-generation ID card with higher technology content and better anti-counterfeiting performance by the end of 2008, the ID card fraud has not stopped. The key technology for better anti-counterfeiting performance of the second-generation ID card is that the ID card contains the IC card, and the identity information stored therein is encrypted by data. Only the special ID card reader can read the information contained in the IC card. The authenticity of the ID card can be checked only by the ID card reader. Many bank credit card fraud cases show that there has been a new trend in identity card fraud: first stealing, stealing or defrauding a citizenship information, and then creating a The citizen ID card contains the same information or is just a fake ID card replacement. What's more, the IC card of the real ID card is replaced or copied into the fake ID card. The surface information of the fake ID card is consistent with the readable information of the IC card, and only the portrait is replaced. This kind of identity card fraud is very deceptive. As long as a certain part of the authentication process is not in place, for example, if the verification procedure is not strictly followed (the system is very common), or if the photo is not carefully checked, it will be deceived. From a long-term perspective, the data encryption system is not unbreakable, because all encryption algorithms are public, and once the attacker obtains the key, the ciphertext data can be decrypted and the corresponding plaintext value is directly obtained. There are many ways to obtain a key. The most straightforward method is to seek a key management vulnerability. The method of obtaining a key through cryptanalysis is something that can be done by personal strength. If the key of the digital anti-counterfeiting system is cracked or stolen, an IC card is also built in the fake ID card, and the real identity information identical to the visual reading information is input or the input is only the real information of the other identity information of the photo, so that it can be The ordinary ID card reader reads and displays, ie the ID card "clone". Such "clone" ID card, video reading, machine reading is basically not recognized. For the "clone" ID card, which is identical to the personal photo, the current technology can not find the abnormality of the fake ID card even if it is queried through the Internet. If the criminals defraud the real ID card to copy the ID card, make a fake ID card, or directly steal someone's real ID card to use it, the machine-readable or network inquiry will be invalid. At this time, the only thing that can be checked is the conformity of the image to the human face. However, since an ID card can be used for 20 years or even longer, the earlier photographs are only visually distinguished from the real person by the naked eye, and are judged by others' work mentality, responsibility, discriminating ability, and being identified. The influence of people's clothing and dressing, the accuracy rate is very unstable. In other words, the risk of being cheated exists objectively. Especially in the case that other identity information is checked and even the network verification information is consistent, the naked eye often "naturally" thinks that the film has no problem. Therefore, once this high-tech ID card fraud occurs, the security risks are huge.

 The "National Citizen ID Card Number Service Center", which was established by the Ministry of Public Security at the end of 2006, can check whether the citizen's name and ID card number are consistent, and then verify the authenticity of the ID card. Mobile or Unicom users can query for 5 yuan. When the information is consistent, you can also view the photos with the password in the SMS. On the surface, this kind of query satisfies the verification requirements for ID cards. However, if the fake ID card is used to make a fake ID card, it is obviously not enough to judge the authenticity of the ID card by simply relating the name to the identity card number. If the photo on the real ID card is so long that it is difficult to distinguish between the fake and the false witnesses, the inquiry method can not only verify the authenticity of the ID card, but also put a layer on the fake ID card. Big camouflage. Furthermore, the logical chain relationship of the ID card number, name and photo information allows any person to easily inquire without distinction, and obviously lacks caution. It is difficult to ensure that some of the bad-hearted people illegally use it. After all, the Resident Identity Card Act also imposes strict restrictions on the police's inspection of citizenship ID cards. The ideal situation is: Through institutional arrangements and technical design, it is possible to distinguish between “legitimate” and “unfair” requirements for checking the authenticity of a particular citizen's identity card, and to block “unfair” checking requirements from the information checking process. For "justified" check requirements, it should be completely public and free.

Judging from the fraudulent situation of the above-mentioned citizen ID card, it is an important aspect to block the fraud of identity cards and prevent the leakage of citizenship information. There are two major problems with the current second-generation ID card information structure: First, two copies are required when copying an ID card. Copying, wasting resources. Second, after the identity card was copied, all the personal identity information was completely exposed, which provided convenience for the criminals to steal personal information. The real identity information is easy to obtain, and it is closely related to the fact that the information on the ID card is completely exposed without any obscuration or distinction.

 In view of the above problems, the existing WAN technology, computer technology, communication technology, database management technology, etc., to propose an integrated solution for information networking, there is no technical obstacle. The proposal, implementation and operation of such an information networked overall solution will surely achieve huge economic and social benefits.

 The exchange and full use of citizen information is inseparable from the participation of the unit. The information exchange and full use of the unit involve a wider range of issues, and the relationship is more complicated and the problems to be solved are more. The system constructed by the invention patent is based on the identity card and account management system of the public security department, and is intended to facilitate the implementation of the patent. The unit information problem involved is solved or should be solved by the system framework, and it can be solved. If it cannot be solved, it will be simplified or avoided. This is also why the invention patent mainly solves the problem of citizen information needs, and also involves the information inquiry, inspection, display and information exchange and identity verification of the unit. However, the patent of the invention is still based on "a citizen information management system method". Name, not the reason for using a larger concept.

III. SUMMARY OF THE INVENTION

 (1) The overall concept of the technical solution of the present invention

 In view of the above situation, the object of the present invention is to propose a comprehensive solution to the above problems by means of a computer network system, so as to realize the identity verification of a citizen or a unit, the citizen or unit information including its identity information can be queried, identifiable, and displayable. The real, convenient and fast information communication and use of citizens or units, and improve the efficiency of the use of information resources by citizens or units.

 A close examination of the aforementioned problems to be solved reveals that citizens or units (hereinafter collectively referred to as subjects) are both the producers of information and the recipients and users of information. The information environment in which each subject is located is composed of various information systems of different levels and sizes. Various types of information systems (which can be understood as various database systems of various departments, industries, and units) generate or change information related to the subject or related to the subject every day. The information related to the subject in various information systems and the information generated by the subject itself are collectively referred to as subject information, and the collection of all subject information constitutes the subject information resource. Each subject forms a many-to-many information exchange relationship with each other with the subject information resource as the object.

The technical solution realized by the invention is based on the existing public security organ citizenship ID card and household registration management information system, and establishes a national citizen information management platform (hereinafter referred to as "citizen information platform"), including citizen information management system and information service. System and email system. The Citizen Information Management System manages ID card related business and e-mail distribution. The information service system has management functions such as integration, classification, indexing, statistics, etc. of citizens or unit information, and application services such as query, inspection, display, identity verification, and retrieval for providing citizen or unit information. The e-mail system provides e-mail, online communication, social surveys, announcements, and advertisements through e-mail websites. The Citizen Information Management System assigns each citizen a legal e-mail that is free to use from birth for a lifetime, and its e-mail address is used to send and receive e-mails. E-mail account number, the same as below) is set as the citizen ID number, can not be changed, its e-mail login account (refers to the e-mail account dedicated to open e-mail, the same below) is initially set to the citizen ID number, but the account can be changed . As a "distribution base" for citizens' personal information, citizen e-mail integrates various systems including banks, social security, medical care, housing, transportation, water and electricity, etc., which are distributed outside the citizen information platform through the link service provided by the information service system. (hereinafter referred to as the external system) The various personal information resources about itself are presented in the form of various personal information documents (substantially links of various types of personal information), and citizens can carry out various types of personal information documents for them. Review or external display operations. The Citizen Information Management System also sets up free use of legal e-mails for all types of units to facilitate information exchange between various units, between citizens and between units and citizens. The mailbox sending and receiving account and email login account of the unit are initially set to the national unified organization code number. After the unit mailbox is opened, the email receiving and sending account number is always fixed, and the email login account can be changed. The legal e-mail address of the unit is essentially the same as that of the citizen e-mail. It can also become the "distribution base" of the unit's own information. It can also provide the link service provided by the information service system. The integration unit is dispersed in the identity, bank, housing, and transportation. Various types of unit information resources in various external systems, such as hydropower, and various unit information documents (substantially links to various types of unit information, unit information documents and personal information documents in the aforementioned citizen mailboxes are collectively referred to as user information). The form of the document, the same below) is presented in the mailbox, and the unit can view or display the various information of its own. The e-mail system has a graphic seal associated with the content of the e-mail, and a letter stamped with a graphic seal, any change in its content causes a significant change in the seal graphic. The second-generation ID card layout has been improved, two ID card verification codes have been added, and some ID card information displays have been re-arranged. The ID card is loaded into an ID card information protection sleeve, so that it can be pressed. Basic ", "normal" and "complete" three levels of ID card information display. The ID card IC card reader has also been improved accordingly. For the three levels of ID card information, the readers are divided into three basic ID card functions: "basic", "normal" and "complete". There are three types, and each type has an ID card verification code, an ID card password, an ID card network verification number information comparison, and a human body fingerprint recognition function. The ic card contained in the ID card stores the ID card information in three areas according to the above three read permissions to suit its needs in three levels. In addition, the ID card also stores the ID card serial number and ID card. The password and the fingerprint information of the two human hands, and the information of the ID card network verification times performed by the ID card reader and the reader are respectively stored according to the type of the reader, wherein the home address, the ID card password and the two human hand fingerprint information can pass According to the statutory authorization modification, the information of the ID card network verification times performed by the ID card reader and the file stored separately according to the type of the reader is refreshed as the number of network verification times increases, and other identity information cannot be modified. The ID card IC card also reserves information storage space, which can expand the work permit, driver's license, bus card, medical card, social security card, bank card and other applications, so that one card can be used. Each citizen or unit can directly apply for the digital certificate U shield (the digital certificate containing the basic information of citizens or unit identity) from the citizen information platform management institution to apply for various types of identity verification in the citizen information platform. The constructed citizen information platform can realize the following twelve functions: (1) Information exchange function, that is, mail, or real-time two-way, multi-directional communication or visual communication between units, citizens, and units and citizens through the network. (2) Information inquiry function, that is, the unit or citizen can query the information about himself in other information systems in his own email address in the citizen information platform; (3) information display function, that is, unit or citizen By invoking and displaying other information about the identity, credit, assets, etc. of other information systems independent of itself to other units or citizens, to achieve third-party certification of their true identity, credit, assets and other information; The authentication function, that is, the identity network verification of the information service system in the citizen information platform or the ID card network verification based on the ID card reader, can directly verify the authenticity or verify the authenticity of the identity card and whether the holder is an identity The owner of the card; (5) business operations function, unit or citizen in their own email address, The information service system links with the external system to handle related business operations, such as realizing fund transfer for the business operation of the fund account; (6) Information statistics functions, such as the number and composition of various units or citizens at different times and places Statistics of other indicators; (7) The online survey function can make a special survey to all respondents one-to-many, and change the limitations of traditionally only sample surveys; (8) Find functions, through the citizen information platform, all All types of e-mail addresses named after the name of the unit and the name of the citizen can be found in the legal e-mail address book published on the platform;

(9) The function of publishing advertisements can fully utilize the advantages of the unit and natural person resources unique to the citizen information platform, and set up advertising and publishing areas according to the administrative regional level or community type; (10) Information publishing function, that is, various social management institutions can The information platform of the e-mail system in the platform can be used to publish information to specific or non-specific objects. The Citizen Information Platform can provide a variety of information publishing services; (11) Real-time dynamic monitoring function, under the authority of the law, through the background of the citizen information platform The system can monitor the movement trajectory of specific citizens, thus providing convenience for public security organs to arrest suspects; (12) Decision-making auxiliary function, citizen information platform uses advanced data fusion, data warehouse, data mining and other technologies, for citizens or units of information resources The system's data information is deeply analyzed and mined to provide support for national macro and micro management decisions. On the basis of the above functions, we can develop various network platform services, such as e-commerce services, news reports and video services for film and television works, with the unique advantages of national units and all citizens.

The citizen information management system, the information service system, and the e-mail system included in the citizen information management platform adopt a centralized structure and a unified management method. The citizen information management system has the functions of mining, categorizing, analyzing, processing, and summarizing surveys, statistics, and related data information, and providing auxiliary management support for national macro or micro decision-making. The citizen information management system builds a citizenship information database based on the citizen's ID card and household registration information system of the public security organ. When appropriate, the unit identity information database can be amplified, and the citizen ID card information, the fingerprint information of the human hands and fingers, and the household registration information can be stored. When the time is appropriate, the basic identity information of various units is also stored, and the identity verification information of the citizen or the unit is recorded. The information service system links information about citizens or units in various systems based on citizen and unit information data, establishes various index databases of citizens or unit information, provides information retrieval, identity verification, and information on citizens or units through an e-mail system. Query, inspection, display services. The e-mail system provides citizen or unit mailbox service and mailbox address book through the e-mail website. Service and online communication information services. In order to ensure the data independence, confidentiality and security of the citizen information platform and other external information systems, security measures such as internet firewall, access rights and passwords should be established between the citizen information platform and other types of external information systems. Advanced encryption and decryption methods are used to prevent leaks during data transmission.

 (2) Improved design of ID card and its included IC card

 The real identity information is easy to obtain, and the criminals often use the real identity information to make a fake identity card. The invention patent envisages distinguishing the ID card information into basic identity information and relatively confidential identity information. With the help of the e-mail website, in general, only the basic identity information needs to be displayed, so that the purpose of verifying the real identity can be satisfied. In special cases, the relatively confidential identity information such as the ID card verification code and the home address is supplemented. For units that are necessary and have the right to examine relatively confidential identity information, they should have strict rules for preventing confidentiality of the confidentiality system for identity information. In this way, it is more difficult for criminals to obtain a complete real identity information, thus preventing identity fraud at the source. To this end, it is necessary to improve the design of the existing ID card layout.

 Based on the existing second-generation ID card (the length, width, shape, pattern, texture, font, font and size of the ID card, material and IC card packaging method remain unchanged), two ID cards have been added. ID card verification code information, add the word "resident ID card" above the photo ID position, and name, gender, date of birth, nationality, ID card number, issuing authority, date of issue and expiration date, etc. The items are printed on the front of the ID card, and the home address and two ID card verification code information are printed on the opposite side of the ID card. The home address and the two ID card verification code information are masked by special tapes that can be matched with the ID card (can be repeatedly uncovered and shaded). The back of the special tape can be printed with the position information of the masked information, so that the three identityes When the information is unnecessary, it will not be displayed or copied. If you do not use special tape to cover, you can also insert the ID card into an ID card protection cover for the same purpose. The ID card information cover is a transparent ID card security bag made of transparent plastic material with anti-wear, anti-fouling, waterproof and fireproof functions. There are three positions on the surface of the protective cover facing the ID card verification code and home address. The opaque tape can be repeatedly peeled off and covered so that the three pieces of identity information are not displayed or copied when they are unnecessary. When the three pieces of identity information need to be displayed or copied, the ID card does not need to be extracted from the protective cover. The opaque tape on the surface of the protective cover is peeled off; the opaque tape on the surface of the protective cover is printed with a text indication of the position of the masked information.

 Through the above new design of the ID card layout, the ID card information can be displayed in three levels of information: "complete", "normal" and "basic". "Complete" information refers to the display of the explicit information of the ID card other than the second group ID card verification code. The "normal" information refers to the ID information displayed in addition to the ID card verification code information, "basic" information, Display ID information other than ID card verification code and home address.

The date and validity period of the issuance of the identity card on the front of the ID card is expressed in 7-digit code, immediately after the name of the issuing authority; the year, month and day are represented by two digits in total, and another digit indicates the period of use; 9 The following years are indicated directly by numbers. The capital letter X indicates 10 years, Y indicates 20 years, and Z indicates long-term. The ID card verification code has two groups, each group of 9 digits, 8 digits of verification code plus one verification code, which is automatically generated by the citizen information management system each time a new ID card is issued or replaced. The first set of ID card verification codes can be used for identity network verification of the information service system and ID card network verification based on the ID card reader. The second set of ID card verification codes is only used for identity network verification of the information service system. The method for generating the ID card verification code is to generate the 16-digit number by the asymmetric encryption algorithm by the ID number and the random number generated when the card is issued, and the first 8 digits are subjected to the check operation to obtain a check code to be added to the 8-digit number. After the formation of the first group of ID card verification code of 9 digits, the latter 8 digits are subjected to a check operation to obtain a check digit added to the 8 digits to form a 9 digit second digit ID card verification code. The usual identity network verification, such as online game real name verification, ticket real name verification, only use the first set of verification codes; in the financial, customs, airport and other application systems, the second set of verification codes is needed for identity network verification. Since the second group of verification codes is used less frequently, and the ID card reader cannot be displayed, the degree of confidentiality will be higher than the first group of verification codes, thereby achieving the classification and confidentiality effect of the ID card verification code.

 ID card IC card can store identity information and extended application information within 10 or less. The fingerprint information in the identity information includes two commonly used hand fingerprint data, which can be replaced with other hand fingerprint data when requested by the citizen information platform management organization if necessary. The home address and ID card information in the identity information can also be modified by applying to the Citizen Information Platform Authority. The ID card IC card can read one of the three levels of ID card information according to different authorizations and can only be read by the Citizen Information Platform Management Organization according to the three types of authorized ID card readers. The extended application information can be installed. Read by the corresponding application system management authority authorization module.

 (3) Verification of the authenticity of the identity card and verification of the legality of the holder

 In line with the new design of the ID card layout, the ID card IC card reader has also been improved accordingly. For the three levels of ID card information, the readers are classified according to "basic", "normal" and "complete". ID card IC card reading permissions are divided into three types: "basic", "normal" and "complete". Each reader can only display one of the three ID information levels for different industries and different occasions. The identity information collection needs, the "complete" type displays the ID information in addition to the second group ID card verification code, and the "normal" type displays the ID card ex-visual information in addition to the ID card verification code information, the "basic" type. Displaying the ID information in addition to the ID card verification code and home address; In addition to the three levels of ID card information, the ID card IC card can not be displayed by the ID card reader.

In accordance with the "basic", "normal" and "complete" display levels of the ID card in the ID card, three ICs of "Basic", "Normal" and "Complete" are set in the ID card. Card reading permission, in addition to the ID card verification code 2, the ID information is stored in the ID card IC card in three areas with different permissions, the first area to store the ID card "basic" information, can be " The basic ", "normal" and "complete" permissions are read. The second area stores the contents of the "normal" information in the "normal" information except for the "basic" information of the ID card. It can be "normal" and "complete". The permission is read, and the third area stores the contents of the "complete" information of the ID card except for the "normal" information of the ID card, which can be read by the "complete" permission. The ID card reader has built-in multiple encryption and authorization module interfaces, and can install the ID card reading and writing authorization module, so that the ID card reader can read and write the ID card information according to one of the three levels. The ID card reading and writing authorization module is issued by the public security department. The authorization module of the extended application system can also be installed, so that the identity card can be extended to be applied to other business systems, and the authorization module of the extended application system is authorized by the corresponding management department of other business systems to be issued by the public security department.

 When the ID card reader is offline (refer to not connected to the information service system), the verification steps for the authenticity of the ID card are:

(1) Whether the ID card can be read and displayed, it can indicate that the information read from the ID card IC card has passed the verification of the ID card information authorization module in the reader/writer; (2) The reader displays the information and the corresponding identity. Whether the appearance information of the certificate is consistent. That is to check the consistency in the identity card, to prevent malicious "replacement" behavior on the ID card. "Change core" is the most difficult to identify an ID card fraud, that is, the surface information of the ID card is true or only the photo is fake, and the IC card contained in the ID card uses another real person's real ID IC card. Or its copy card replacement.

 The method for verifying the legality of ID card readers in the offline state is as follows: (1) The eye-to-eye comparison of the ID card surface image, the reader display photo and the real person; 2) Whether the ID card password input to the reader/writer can be verified by the password of the ID card IC card; (3) Whether the human body fingerprint information input to the reader/writer is matched with the human body fingerprint information in the ID card IC card. The above three verification functions of the ID card reader for the legality of the holder are independent of each other and can be used alone or in combination.

 The information service system sets up ID card network verification times counters for three types of ID card readers, and the number of verifications of the corresponding type is increased by 1 each time after ID card reader verification by one type of ID card reader/writer. The IC card also stores the current value of the ID card network verification times based on each type of ID card reader, and the ID card network verification method by the ID card reader is: any type of ID card reader The information contained in the ID card IC card is read, including the ID card information displayed by the reader/writer, the human body fingerprint information, and the current value of the verification number counter sent to the information service system for authenticity verification of the ID card, and the information is the same as the comparison content. The corresponding type counter of the service system is incremented by 1 and the value of the same type of network verification number in the ID card IC card is refreshed.

 For the life of the ID card IC card repeated reading and writing, by distributing the scattered storage space in the IC card.

 The network verification method for ID card holder legality by ID card reader is (1) the ID card password input to the reader/writer is sent to the information service system for ID card password verification; (2) Input to read and write The human body fingerprint information is sent to the information service system to perform human body fingerprint information matching. The human hand fingerprint information may be any one of the ten fingers or all ten fingers.

The difference between the ID card network verification by the ID card reader and the ID card verification by the offline ID card reader based on the Citizen Information Platform system is that the former can find the counterfeit in time by setting up the ID card network verification counter. The cloning or theft of a citizen ID card IC card, thereby fundamentally eliminating the forgery, cloning or misappropriation of the citizen ID card. If the ID card is lost or the ID card is copied, you only need to go to the Citizen Information Platform Management Agency to report the ID card loss and receive a new ID card. The original ID card cannot be verified by the ID card network, so you cannot continue to use it. If someone else uses the real identity information to fake or copy an ID card and its included IC card, but because the ID card network verification times information is stored in the information service system, the counterfeiter cannot know that the ID card cannot be verified by the network. . Even in the most extreme cases, the counterfeiter has all the identity information such as identity information, ID card password, ID card network verification number, etc. The true and false ID cards are exactly the same at a certain time and cannot be distinguished. Then the true and false ID cards are in them. After a network verification, after changing the ID card network verification times information, the other one must not be verified by the network. The result is that, or the real ID card can always be verified through the network, and the fake ID card has not been verified by the network, or the fake ID card has passed the network verification, and the real ID card is legal if the network verification fails. The certificate holder will promptly report the loss and report the use of the fake ID card in the shortest time. Although it is relatively easy to grasp personally identifiable information (after the ID card verification code is added to the ID card, it is not easy to master the verification code), but it is almost impossible to grasp the ID card network verification times information, which makes the above ID card IC card anti-counterfeiting technology is very safe.

 As for the verification of the legality of the ID card holder, in the case of high security requirements, the ID card password verification may be required, and the human body fingerprint information verification is required. It should be noted that the application scope of human fingerprint information in the ID card IC card should be strictly regulated by administrative regulations or administrative regulations. For business operations such as bank cash withdrawals and remittances, the ID card password verification should be mainly used. It can cooperate with the identification and verification of human fingerprint information, and can never use human fingerprint information verification separately. This is mainly due to the consideration of personal fingerprint information confidentiality and personal safety.

 (4) Identity network verification

 The newly activated ID card should be the initial identity information of the ID card (including the name, ID chip IC card chip serial number, ID card number, ID card verification code, current value ID card network verification number) at the same time in the citizen information platform. And the ID card is saved in the IC card, and the identity information called ID card is initialized before it can be officially used. If you want to enable the ID card password and the two hand fingerprint information comparison functions in the ID card, you should manage it through the citizen information platform. The two functions of the application for the application and review can be opened separately or simultaneously.

 The modification of the ID card password should be carried out through the ID card reader of the networked information service system. The operation steps are as follows: (1) verify the old password; (2) set the new password, the new password is input to the reader and the same test, read and write The device applies for password modification to the citizen information platform through the information service system. After the password is successfully modified, the reader writes the new password into the ID card.

If the accidental situation such as power failure suddenly occurs when the ID card password is changed, the ID card password is written and the information service system password is saved at one end, and one end is invalid. The ID card will not be verified online. In this case, the license holder should To the public security organs at the county level or above (or the citizen information platform management agency), to handle the identity information initialization business of the identity card, the ID card can be used frequently by JH. Through the identity verification interface of the information service system, the unit identity network verification can be performed. The method is as follows: Use the unit digital certificate U shield, and input the "unit full name or unit mailbox receiving and sending account + unit digital certificate U shield password", that is, the unit can be completed. Authentication.

 Through the identity verification interface of the information service system, there are three ways to perform citizenship network verification. One is input.

"Name or ID number + ID card verification code 1" and "ID card password", the second is to enter "name or ID number + ID card verification code 2" and "ID card password", the third is to use the citizen digital certificate U Shield, enter "name or ID number +. citizen digital certificate ϋ 密码 password", that can complete the citizenship network verification; in the banking, telecommunications and other application systems can be embedded in the identity verification interface of the information service system for identity network verification After the verification is passed, the application system can obtain citizenship information suitable for the application system according to rules such as administrative regulations, administrative regulations or authorization of the owner of the personal information.

 The type of citizenship information obtained by the application system from the citizen information platform may be one of three levels of identity card information, or may be comprehensive information including work permits, driver's licenses, professional titles, academic qualifications, household registration information, etc., suitable for application. The system needs and is subject to the consent of the owner of the personal information or the authorization of administrative regulations and administrative regulations. Therefore, each application system can use personal information in a standardized and reasonable manner, so that personal information is not abused or illegally used. It is convenient to carry out real-name system of various businesses, such as real-name mobile phone system, real-name system of online games, and real-name system of ticket.

 The identity verification service is embedded in various business systems to achieve close cooperation with various business systems. The entire verification process is completed automatically when the business is handled. No manual intervention is required, and the business processes and habits of each system are not changed. , can greatly improve the efficiency of business processes of various systems.

 The above methods for inquiring and verifying identity information are legally authorized to display or on the basis of the citizen's own authorization, thus ensuring the legitimacy, necessity and legitimacy of identity information inquiry in terms of system and technology. It overcomes the shortcomings in the society based on the "National Citizenship Information System" database, which makes the ID card information easy to check, charge inquiry, and excessive inquiry through the network or mobile phone. The method of inspection also covers the identification of basic identity information and the identification of special identity information (such as driver's licenses, various professional licenses, qualifications, credits, etc.). Thus, the proof of the basic identity and the proof of the special identity are completely solved, that is, the problem of "who is the holder" and "who is" is solved. This provides technical support for the “acceptance” of the honest society.

The banking system adopts the above-mentioned ID card network inspection method for the account opening, report loss and access review, and sends the notification message of the processed business to the citizen's mobile phone and e-mail, and notifies the mailbox user at the first time. It can eliminate the use of other people's ID cards to open or report losses and fraudulent deposits, thus avoiding all kinds of fraud activities related to this. Open or report lost accounts and other businesses to carry out such network ID check, the mailbox users can know the use of their ID cards in the first time, whether they are fraudulently used by others, and if they find an abnormality, they will report the case immediately, which can effectively prevent the identity. The occurrence of various illegal activities caused by fraudulent use. This ID card network verification method will completely deny the financial institutions such as banks The card can only be used as an excuse to review the authenticity of the authenticity of the certificate, which can ensure the deposit and withdrawal of the depositor and the loss of the report. The application of the ID card network inspection method in the banking system ensures the implementation of the real name system of the bank account. , to ensure that the bank account funds are all traceable, and will not be invisible because of the account name.

 (v) Information service system

 The information service system connects various external systems that provide unit or personal information, including information resource systems and business application systems, and establishes various information item index or classification index databases for various units or personal information for unit or personal identity information retrieval. And statistical services; providing unit or individual identity verification through the citizen information management system; providing unit or personal information classification query, classification inspection, and classification display service through the email system; through the application system for the information service demand side (including this The platform's email system) provides an information service embedded module to provide the aforementioned information services. For example, in the banking application system, the identity verification module is embedded, and the identity network verification is performed, and the business for bank account opening and account cancellation is carried out.

 (6) E-mail system

 The e-mail system provides a separate network storage space for the mailbox users. The user can set up a hierarchical directory to store various documents (hereinafter referred to as user documents) set by the user; the user documents or user information documents in the mailbox can be provided as needed The user establishes a password autonomously, and the user document and the user information document can establish a related link. The user information document can be opened through an associated link built on the user document, and the associated user document can be opened through the associated link on the user information document. In this way, the mailbox user can put the summary of the content of the user information document, edit, and the like into the user document for reference.

 The e-mail user can determine the required user information document to display the document, number it, and set the display password; when the mailbox user needs to display the user information document, in the unit or personal information display interface in the e-mail system, first You can view or display the unit or personal information (including identity information) by performing identity network verification on the organization or citizen, and then entering "document number, display password". The method can be completed by using a computer to access the Internet or a mobile phone. When content such as personal identification information needs to be displayed, the citizen can implement the email without opening the email, and the other information of the mailbox can be avoided. In the case of an individual who forgot to bring an ID card, he can prove his true identity by this method. This has greatly facilitated the accommodation of tourist hotels.

 In the e-mail system, after the unit or citizen logs in to the mailbox, the user information document can be selected, and after checking the identity, the user information document link with the set time is provided to the unit in the mailbox system through the e-mail system. Or the target mailbox of the personal information requester, the user information document link can also be forwarded to the designated other target mailbox. For example, the authorization to send a citizen's ID card information to the court through the citizen information platform provides conditions for the court to receive complaints online and file a case online. This method of authorizing the inspection unit or personal information provided by the Citizen Information Platform as a third party can prevent cyber fraud to the greatest extent.

An online information exchange system is embedded in the e-mail address, except for the general chat system, which can be used for one-on-one private chat or application. Friends group chat, it is characterized by the opening of units, communities and chat rooms set up by industry, and there are special person management according to the administrative level. All the people who participate in the chat room have real names and are added to each other as mailboxes. You can authorize your personal information (check the box in the optional box of a user information document) to let the other party view their own information (including their own identity information) in the chat system.

 E-mails sent and received in the e-mail system can be specified as "online reading" and "download reading". The sender of the e-mail can specify that the e-mail to be sent is one of the two forms. The recipient can receive the message as "download and read" when receiving. Designated as one of the two forms; "Read Online" messages can only be read through the email system's dedicated email management software, and cannot be downloaded for reading; messages designated as "download and read" can be managed by dedicated email Software or general email management software is downloaded to local storage and reading. In this way, for some mails with high confidentiality requirements, by selecting the "online reading" mode, the risk of mail leakage can be better prevented.

 Each e-mail is provided with various letter templates for writing various types of application letters. For e-mails with legal documents, they should conform to the written requirements of laws and regulations, that is, they can tangibly express the contents, and It can be retrieved at any time; it can accurately represent the content that was originally generated, sent or received; it can reliably guarantee that the content remains intact and unchanged from the time of final formation, but the letter can exist during forwarding, storage and display. Formal changes such as changes in the attributes of the letter; any changes in the content and form of the letter can be found. Specifically, e-mails of a legal document nature are transmitted in cipher text during the process of sending and receiving. The letters received by the receiving party are consistent with the content, layout and paper type generated by the sender, and the e-mail can be stamped with the content of the letter. The associated graphic seal, which is pre-stored in the e-mail system, any changes in the content of the letter will directly lead to significant changes in the stamp pattern; the received letter contains the text, logo and receipt of the citizen information platform. The sending and receiving account number of the sending party and the sending time and receiving time of the mail; The e-mail will be automatically saved after being sent successfully, and can be downloaded or displayed, printed, saved letter content, layout and paper type and the citizen information platform on it. The text, logo, and the email address of the receiving and sending party and the time when the letter is sent cannot be changed. Otherwise, the stamp pattern will be changed significantly. E-mail E-mails can be classified and archived as needed.

In the e-mail system, two types of E-mails, A and B, have been set up. The E-type mailboxes are owned by the administrative departments of the state organs or the Citizen Information Platform. They cannot receive e-mails from other websites, and only receive this e-mail. The mail sent by the mailbox in the mailbox system to the sender's mail marked as "blacklist" by the special mailbox will directly enter the trash in the mailbox, and will be automatically cleared after the set period, and a prompt will be sent back. The party’s mail is placed in the trash can. The Class A mailbox has all the target mailboxes to the administrative area or authorized area of the jurisdiction - the function of sending letters or SMS messages to one or one-to-many, beyond the administrative area or authorization of its jurisdiction. The regional target mailbox can only send letters or SMS messages one-on-one. The target mailbox is unconditionally received, and will automatically return a receipt of "letter received"; the B-type mailbox is owned by a unit or citizen other than the class A mailbox user. . Class B mailbox receiving mail status can be divided into six types: "receive all information" -, "receive system information", "receive small group sending information", "receive non-group sending information", "receive friend information";"receive all information""It means receiving all mails from outside the system and within the system. "Receiving information in the system" means receiving only all the mails in the system, including mass mailings. "Receiving small group sending information" means receiving only the mail in the system. Exclude more than a specified number of non-friend group mailings, "Receive non-mass mail information" means receiving only in-system mail, not receiving non-friends group mail, "receiving friend information" means receiving only friends in the system, including friends Mass mailings.

 B-type mailbox users can send or send mobile phone short messages to the mailbox users in the system through the e-mail system, but they are restricted by the receiving status of the target e-mail. When the receiving status of the target e-mail is "receive all information", "receive system information" The mailbox user can receive a single or group mobile phone short message of the mailbox user in the system; when the receiving status is "receive small group sending information", the mailbox user can receive the mobile phone short message sent by the mailbox user in the system, and the specified number is excluded. The above non-friend group sends a text message; when the receiving status is "receive non-broadcast information", the mailbox user can receive the mobile phone short message of the mailbox user in the system, but does not receive the non-friend group mobile phone short message; when the receiving status is "received" When the friend information is ", only the mobile phone text message of the friend mailbox user in the system is received, including the group's mobile phone text message.

 The first opening of the citizen's e-mail address should be handled through the application and review of the citizen information platform. The citizen e-mail account includes the e-mail login account and the e-mail account. The two types of e-mail accounts are initially set to the citizen ID number. After the mailbox is opened, the email receiving and sending account is always fixed as the citizen ID number, and the email login account (mainly composed of English letters, numbers, and Chinese characters) can be changed by the email user application; once the email login account is successfully changed, the original email login account is changed. That is to say, if you lose your utility, you can only use the newly established email login account and password to log in to the mailbox. As such, each citizen's email address is relatively confidential.

 The first opening of the e-mail address of the unit should be processed through the application and review of the Citizen Information Platform. The e-mail account of the unit includes the e-mail login account and the e-mail account. The initial number is set to the national unified organization code number. After the unit mailbox is opened, the email receiving and dispatching account is always fixed to the organization code number, and the email login account (mainly composed of English letters, numbers, and Chinese characters) can be changed by the application of the user's mailbox. After the email login account is successfully changed, the original The email login account is invalid. You can only use the newly created email login account and password to log in to the email address.

The e-mail system can set a unique "legal representative mailbox" representing the unit under each unit's e-mail directory, which is the full name of the unit. After the application, the department can set up multiple levels of departmental mailboxes. A certain number of post mailboxes can be set up according to the needs; the e-mails of all levels of the unit can be applied to the management agency of the e-mail system to be named by the unit with the corresponding name of the department. The legal e-mail and department e-mail are both a tool for external communication and a public platform for information exchange within the unit; the supervisor can mobilize, the department or post mailbox is unchanged, and the work information in the mailbox is permanently saved, and the department or position is stored in the department. Historical archives online. The e-mail address book service provided by the e-mail system publicizes the e-mail address of the unit or citizen in the form of name or name on the e-mail website of the Citizen Information Platform, that is, each e-mail address is the real name or name of the e-mail user. "Binding" with the corresponding mailbox receiving and dispatching account, so that the e-mail communication directory is directly displayed by unit name or citizen name, forming a national public e-mail address book; the unit's e-mail address is in accordance with state organs and enterprise units (including legal persons and unincorporated persons) The sequence of enterprises, individual industrial and commercial households, institutions, social organizations (including legal persons or unincorporated organizations) shall be arranged according to the administrative regions of the central, provincial (including municipalities, autonomous regions, and the following), cities, counties, and townships (towns); The citizen's e-mail address book collects the legal e-mails of all citizens according to the law, according to the administrative area where the citizen's household registration is located, that is, the administrative area of the province, city, county, township (town), street or administrative village to which the citizenship is located. Orchestration, for part not willing to Citizens who publish too specific places of residence may apply to the citizen information platform management agency to arrange e-mail address records according to their surnames at the county or city level. Citizens may choose one of two arrangements, the default is the first arrangement; Citizen's e-mail address book can also be arranged according to the unit. Each unit can apply to the e-mail system to combine the legal e-mail address of the new and old employees of the unit under the same unit e-mail communication directory. The employee's e-mail address can be externally The display may also be limited to the display of employees of the unit, hidden from the outside, and the display mode shall be determined by the employees of the unit; if the citizen moves to a different administrative area, or transfers the work to a new unit, the legal e-mail address will follow the new household registration place. Or the new unit is arranged in the new e-mail communication directory, but the e-mail still exists in the original communication directory list and can receive the mail normally, but the words "has been moved" or "transferred" are marked. The mailbox in the mailbox directory is the same as the receiving and sending account, still pointing The only e-mail address; E-mail system provides e-mail public address book arranged by industry, professional and other classification methods for the unit, and provides e-mail public address book for citizens according to industry, profession, professional title and other classification methods, each unit Or citizens can submit their application to join a certain category of mailbox address book by submitting relevant supporting documents, which is designed to facilitate the exchange of information between units and people in the same category.

 In the above e-mail public address book arrangement method, each unit or citizen can conveniently find the e-mail address of the relevant administrative agency in an administrative area, which brings great convenience for the unit or citizen to handle relevant administrative affairs. For example, when online fraud occurs, you can make a complaint or report by simply finding the e-mail address of the public security organ or industrial and commercial organization in the administrative area. When you need to pay taxes, you only need to log in to the tax hall through the website link of the tax authorities in the administrative area. This makes the virtual network world and the real world realize the real connection, realizing the virtual world.

 The unit or citizen e-mail address may be attached to the introductory information of the e-mail user, but the content shall be approved by the public information platform management organization, and the unit e-mail address may be linked to the external website of the unit.

 There are two methods for opening a unit or citizen e-mail: First, open the e-mail by entering the e-mail login system and adding the e-mail login password to the e-mail system interface. The second is to use the unit or personal digital U-Shield. + Digital U Shield Password "Open the mailbox after verification.

The Citizen Information Platform has a mobile phone SMS notification function with a "bind" number for the mailbox, which is used to publish announcements or Real-time email login and ID network verification information, the unit or citizen can choose to open all or part of the SMS notification service.

 Before each mailbox is opened by a computer and opened without password, no other computer can open the mailbox by password. If a computer tries to open an open mailbox with a password, if the password is entered correctly, the system will The prompt "Someone is using the mailbox", and this information will be sent to the phone of the mailbox user who has passed the SMS service to alert.

 The e-mail system can authenticate the identity network through the authentication service embedding module from the information service system. The unit or citizen mailbox user who authenticates the identity network can restore the initial mailbox login account or retrieve the current mailbox login account, email password recovery or The reset operation allows the user to enable or disable the function in the mailbox; the unit or citizen can apply to the management agency of the citizen information platform, restore the initial email login account or retrieve the current email login account according to certain procedures. , mailbox password recovery or reset business.

 (7) Operation log and ID card verification

 The operation log and the ID verification log are set in the citizen information platform. The operation log includes the login record of the mailbox and the operation record of the user information in the mailbox. The login record includes the total number of login mailboxes and the IP address and login time of the login computer. The mobile phone number is recorded, and the user can check the operation log to find the abnormal login mailbox in time, and the operation record of the user information in the mailbox, including the modification of the mailbox password, the inquiry, the inspection and the display of the user information; the ID verification log includes The number of ID card verifications corresponding to the three ID card readers and the IP address and login time of the registered computer. By checking the ID card verification log, the e-mail user can find out whether the ID card has been stolen or "cloned" by others; Operational logs and ID verification logs enable tracking of the "action trajectory" of a particular citizen.

 The Citizen Information Platform has a special account for the statutory authority to view logs (operation log and ID verification log) and citizenship information. Only statutory bodies (usually public security organs or procuratorates above the provincial level) pass the system procedures for specific posts. The written authorization of the member can be opened, and the scope of the legal authority of different types and levels is open to the law.

 The beneficial effects of the invention can easily and quickly query, inspect, display, verify the identity card and exchange information of the citizen or unit information realized, prevent the disclosure of identity information, and eliminate the goal of forging identity cards to see social and economic benefits. It is very huge. By implementing the above-mentioned 12 major functions of the mailbox website, integrating existing systems, and building a platform for information sharing and exchange between citizens and units, it is actually a basic project for building national information. Provide network environment support to accelerate information construction and various business innovations. It has a strong impetus to the information exchange and information sharing, social integrity construction, population management, social security, information construction of all walks of life and the elimination of redundant construction of information resources. The economic and social benefits are enormous.

BRIEF DESCRIPTION OF THE DRAWINGS Figure 1 is a schematic diagram of the structure of the citizen information management platform. The citizen information management system manages the identity information of citizens (units). The information service system provides an authentication service. E-mail system (including e-mail website) Provides mailbox management and online communication. Business management systems at all levels mainly manage the issuance of ID cards and the distribution of e-mail addresses. An application system refers to various application systems that use an authentication service. The network terminal refers to various terminals that can be logged into the mailbox website.

 Figure 2 is a schematic diagram showing the structure of the main view of the ID card protection cover. Including the cover sheet plastic material part 1, the cover sheet tongue waterproof tape part 2, the protective sleeve insertion port 3, the protective cover front 4. Among them, the cover tongue plastic material part 1 with the cover sheet tongue waterproof tape part 2 can completely seal the protective cover, so that it has waterproof function. The protective cover insertion port 3 is an ID card insertion port. The front of the case 4. Fully transparent, the front view of the ID card can be fully displayed and copied.

 Figure 3 is a structural diagram of the sealed state of the rear view of the ID card cover. Including the reverse side of the protective cover 5, home address masking tape 6, ID card verification code 1 masking tape 7, ID card verification code 2 masking tape 8. Among them, the reverse side of the protective cover 5 is a part of the cover card that can transparently display the identity card information. Home address masking tape 6, indicating the location of the home address. ID card verification code 1 masking tape 7 and ID card verification code 2 masking tape 8 indicates the display position of the ID card verification code. Three pieces of tape can be uncovered and covered separately.

 Figure 4 is a schematic diagram of the use status of the ID card cover. The front information of the ID card is displayed and can be copied.

 Figure 5 is a schematic diagram of the use status of the ID card cover. The reverse side of the ID card is displayed and can be copied. Figure 6 is a schematic diagram of the use state of the rear view of the ID card cover. The information on the ID card opposite to the ID card verification code and the home address was blocked by three tapes.

 Figure 7, is the structure of the ID card reader. It includes a radio frequency unit, a display unit, a storage unit, a keyboard unit, a fingerprint unit, a security unit, a communication unit, and a control unit.

 RF unit: The wireless information exchange with the IC card contained in the ID card is realized by RF.

 Not only 兀: Use color LCD to display ID information and other information.

 Storage unit: A storage font for reading character dot matrix information when a display unit displays characters.

 Keyboard unit: You can enter a value or password.

 Fingerprint unit - can collect human fingerprints and can be used for human hand fingerprint comparison.

 Security unit: Various authorization cards can be installed.

 Communication unit: Used to connect to a computer.

 Control unit: Manage other units, mainly to read identity information, authenticate offline, and connect to network authentication through a computer.

 V. Specific implementation methods

The Citizen Information Platform Management Organization integrates the original citizen ID card and household registration information management organization of the public security organ, and is managed hierarchically by the central, provincial, municipal, county, and community. The management agencies at or above the county level apply the corresponding business management system to manage the issuance of ID cards. Maintenance, ID card reader, authorization module issuance and email distribution. Community organizations can apply community-level business management systems, empower community workers to manage various group chat rooms, and conduct business or social management services such as announcements, advertisements, and social surveys in IP days.

 The phenomenon of personal information being sold, sold and leaked is very serious in the country, which has aroused widespread concern of the Chinese people, but has never found a cure. The existing channels for protecting personal information are mainly legal protection and self-discipline protection, and lack of preventive (or technical) protection. The invention fills the blank of preventive protection by reforming the three display methods of the new design of the ID card and the ID card reader. In the legislation, the “Resident Identity Card Law” should be amended, especially the ID card information and layout design and ID card IC card information should be adjusted as shown in the present invention. It is necessary to legislate through the Citizenship Information Protection Law as soon as possible to regulate the registration, inspection and use of citizenship information. It is stipulated in the legislation that all places and occasions that require registration, registration, and certification with a personal name should register their real name and ID number.

 The construction and promotion of the citizen information management platform and its e-mail website are divided into four stages: The first stage is based on the existing public security organ's citizen ID card and household registration information system, and establishes a citizen information management platform and its e-mail website. Establish a citizen information management system and provide e-mail service; In the second stage, build an information service system to carry out citizenship verification services; and in the third stage, use e-mail system to conduct information services such as access, inspection and display of citizen information; In the stage, improve the citizen information management system, gradually stop the operation of the original public security organ's citizen ID card and household registration information system. In the fifth stage, improve the functions of various parts of the citizen information management platform, including establishing legal e-mails of various units, and realizing the unit. Information exchange between, between citizens and between units and citizens. At each stage, the pilots were started from local counties and cities, and gradually extended to the whole country. Through the strong promotion of administrative means and the market-oriented operation based on the unique advantages of the citizen information platform e-mail website, the citizen information management platform can achieve successful operation.

Claims

Claim 1. A citizen information management system method, including information exchange, information inquiry, inspection, display, identity verification and information statistics between enterprises, institutions, social organizations, state organs (collectively referred to as units) and citizens, It is characterized by the establishment of a national citizen information management platform (hereinafter referred to as "citizen information platform") based on the existing public security agency citizenship ID card and household registration management information system, including citizen information management system, information service system and e-mail address. System and e-mail website; Citizen information management system manages ID card related business and e-mail address distribution. The information service system has management functions such as integration, classification, indexing, statistics, etc. of citizens or unit information, and provides inquiry and inspection of citizens or unit information. Application services such as display, authentication, retrieval, etc. The e-mail system provides e-mail, online communication, social survey, announcement, advertisement and other services through the e-mail website; the citizen information platform management agency assigns each citizen a birth from birth. Life free The legal e-mail address, its e-mail receiving and receiving account number (refers to the e-mail account dedicated to sending and receiving e-mail, the same below) is set as the citizen ID number, can not be changed, its e-mail login account (refers to the e-mail account dedicated to open e-mail, the same below The initial setting is the citizen ID number, but the account can be changed. The citizen's e-mail is used as a "distribution base" for citizens' personal information. Through the link service provided by the information service system, each citizen is integrated outside the citizen information platform. Including various types of personal information resources in the various systems (hereinafter referred to as external systems) including banks, social security, medical care, housing, transportation, water and electricity, etc., with various types of personal information documents (substantially links to various types of personal information) The form is presented in the mailbox. Citizens can view or display various types of personal information documents. The e-mail system also sets up freely used legal e-mails for all types of units. The e-mail receiving and receiving accounts and e-mail login accounts are initially set. The number of the organization code that is designated as a national unit, unit After the box is opened, the mailbox receiving and sending account number is always fixed, and the mailbox login account can be changed. The unit legal e-mail can also become the "distribution base" of the unit's own information. It can also be linked through the information service system. In various types of external systems including identity, banking, housing, transportation, water and electricity, various types of unit information resources, with various unit information documents (substantially links to various types of unit information, unit information documents and the aforementioned citizen mailboxes) The personal information documents in the form of the user information documents are collectively presented in the form of a mailbox, and the unit can view or display the various information of the individual information; the electronic mail system has a graphic seal associated with the content of the electronic mail. The letter with the graphic seal, any changes in the content will cause significant changes in the seal graphic; the second generation ID card layout has been improved, two ID card verification codes have been added and some ID information display has been re-displayed. Arranged, put the ID card into an ID card In the protection sleeve, it can display the ID card information of "basic", "normal" and "complete"; the ID card reader is also improved accordingly, and the ID card is displayed for three levels. Information, the readers are divided into three types according to the "basic", "normal" and "complete" ID card IC card reading permissions, and each type has added ID card verification code, ID card password And the ID card network verification times information comparison and human fingerprint identification function; the IC card contained in the ID card stores the ID card information in accordance with the above three read permissions to be adapted to the area It is displayed in three levels. In addition, the ID card IC card also stores the ID card serial number, ID card password and two human hand fingerprint information, and stores the ID card reader based on the reader type. ID card network verification times information, wherein the home address, ID card password and two human hand fingerprint information can be modified by legal authorization, and the ID card network based on the ID card reader is stored separately according to the type of reader/writer. The number of verification times is refreshed as the number of network verifications increases, and other identity information cannot be modified. The ID card IC card also reserves information storage space, which can expand work permit, driver's license, bus card, medical card, social security card, bank card. Such applications can realize multi-use of one card; each citizen or unit can apply its digital certificate u shield (ie digital certificate containing basic information of citizen or unit identity) directly from the citizen information platform management institution through certain procedures. Various types of authentication in the Citizen Information Platform.  2. A citizen information management system method according to claim 1, characterized in that on the basis of the existing second generation resident identity card (the length and width dimensions, shape, pattern, texture, font, font shape and The size, material and IC card packaging method are unchanged.) Two ID card verification code information is added to the ID card. The word "resident ID card" is added above the photo ID position, and the name, gender, and birth are added. Items such as year, month, day, nationality, ID card number, issuing authority, date of issue and expiration date are printed on the front of the ID card, and the home address and two ID card verification code information are printed on the opposite side of the ID card, while the home address and the second The ID card verification code information is masked by a special tape with a texture pattern matching the ID card (can be repeatedly uncovered, masked), and the back of the special tape can be printed with the position information of the masked information, so that the three pieces of identity information are unnecessary. It does not display and cannot be copied.  3. The citizen information management system method according to claim 2, wherein: the date and the expiration date of the issuance issued on the front side of the identity card are represented by a 7-digit code, which is displayed immediately after the name of the issuing authority; The day of the month is represented by a two-digit total of six digits, and another digit indicates the period of use; 9 the following years are directly represented by numbers, the uppercase letter X indicates 10 years, Y indicates 20 years, and Z indicates long-term.  The citizen information management system method according to claim 1, wherein: the ID card verification code has two groups, each group of 9 digits, 8 digit verification code plus one verification code, The citizen information management system automatically generates each time a new ID card is issued or replaced; the first ID card verification code can be used for the identity network verification of the information service system and the ID card reader-based ID card network verification, The second group ID card verification code is only used for the identity network verification of the information service system; the ID card verification code is generated by the method of generating the 16 digits by the asymmetric encryption algorithm by the ID number and the random number generated during card issuance, taking the first 8 After the bit number is verified, a check code is added to the 8-digit number to form a 9-digit first ID card verification code, and the last 8 digits are subjected to a check operation to obtain a check code to be added to the 8-digit number. After that, a 9-digit second ID card verification code is formed. The citizen information management system method according to claim 1, wherein the ID card IC card can store identity information and 10 extended application information; the hand fingerprint information in the identity information includes two commonly used hands. Fingerprint data, if necessary, can be replaced with other hand fingerprint data by applying to the citizen information platform management agency; The address and ID card password information can also be modified by applying to the Citizen Information Platform Management Agency; the ID card IC card can read one of the three levels of ID card information according to different authorizations and can only be used by the Citizen Information Platform Management Agency. The type of authorized ID card reader reads, and the extended application information can be read by a card reader equipped with an authorization module of the corresponding application system management authority.  6. The citizen information management system method according to claim 1 or 2, wherein the ID card information protection sleeve is made of transparent plastic material and has anti-wear, anti-fouling, waterproof and fireproof functions. The transparent ID card security pocket has three opaque tapes on the surface of the protective cover facing the ID card verification code and the home address. It can be repeatedly uncovered and hidden so that the three identity information are not displayed and cannot be copied. When you need to display or copy these three identity information, the ID card does not need to be extracted from the protective cover, just remove the opaque tape on the surface of the protective cover; the back of the opaque tape on the surface of the protective cover is covered with shadow A textual indication of the location of the message.  7. A citizen information management system method according to claim 1 or 2, characterized in that it is adapted to the new design of the ID card layout, and the ID card reader/writer is also improved accordingly, for three levels of ID card information, the readers are divided into three types: "basic", "normal" and "complete" according to the "basic", "normal" and "complete" ID card IC card reading rights. The device can only display one of the three ID card information levels to apply to the identity information collection needs of different industries and different occasions. The "complete" type displays the ID information in addition to the second group ID card verification code, " The "normal" type displays the ID information in addition to the ID card verification code information. The "Basic" type displays the ID information in addition to the ID card verification code and the home address. The ID card IC card has three levels of ID cards. Other information contained in the information cannot be displayed by the ID card reader.  8. The citizen information management system method according to claim 7, characterized in that it is adapted to the "basic", "normal" and "complete" display levels of the identity card information in the ID card, in the identity The IC card sets the "basic", "normal" and "complete" IC card reading permissions, and the ID information except the ID card verification code 2 is stored in the ID card IC card in three The area with different permissions, the first area stores the "basic" information of the ID card, which can be read by the "basic", "normal" and "complete" permissions. The second area stores the identity of the "normal" information in addition to the identity. The contents other than the "basic" information can be read by the "normal" and "complete" rights. The third area stores the contents of the "complete" information in the ID card. In addition to the "normal" information of the ID card, it can be " Complete "one permission read. 9. The citizen information management system method according to claim 1, wherein the ID card reader and the built-in interface of the plurality of encryption authorization modules are installed, and the ID card read/write authorization module can be installed, so that the ID card reader is in accordance with three One of the levels is to read and write ID card information, and the ID card reading and writing authorization module is issued by the public security department; the authorization module of the extended application system can also be installed, so that the ID card can be extended to be applied to other business systems, and the authorization module of the extended application system is The corresponding management departments of other business systems are authorized by the public security department. 10 . The citizen information management system method according to claim 1 , wherein the citizen information platform stores the complete identity card information of the citizen, and the stored human body fingerprint information includes fingerprint data of the human hands and fingers, and is further stored. There are household registration information such as citizens, their immediate family members, including spouses, children, parents and other information.  1 . The citizen information management system method according to claim 1 , wherein the verification step of the ID card reader in the offline state (which is not connected to the information service system) is: (1) Whether the ID card can be read and displayed, (2) Whether the information displayed by the reader/writer and the corresponding ID card appearance information are consistent.  12. The citizen information management system method according to claim 1, wherein the method for verifying the legality of the ID card reader in the offline state is: (1) visually comparing the identity (1) Whether the ID card password input to the reader/writer can be verified by the ID card of the ID card; (3) Input to the reader/writer Whether the human fingerprint information matches the human fingerprint information in the ID card IC card.  13. The citizen information management system method according to claim 1, wherein the information service system separately sets an ID card network verification number counter for each of three types of ID card readers, each time passing a type of identity. After the ID card reader performs ID card network verification, the corresponding type of verification times is increased by 1. The ID card IC card also stores the current value of the ID card network verification times based on each type of ID card reader, respectively, and reads through the ID card. The ID card network verification method of the writer is: any type of ID card reader reads the ID card, and the information contained in the ID card includes the ID card information displayed by the reader, the human body fingerprint information, and the current value of the verification number counter. Go to the information service system for the authenticity of the ID card. If the content is the same, then the corresponding type counter of the information service system is incremented by 1 and the value of the same type of network verification in the ID card IC card is refreshed.  14. The citizen information management system method according to claim 1, wherein the network verification method for the legality of the ID card holder by the ID card reader is (1) the ID card input to the reader/writer The password is sent to the information service system for ID card password verification; (2) The human body fingerprint information input to the reader/writer is sent to the information service system to perform human body fingerprint information matching.  15. A citizen information management system method according to claim 1, characterized in that the newly activated identity card should have the initial identity information of the identity card (including the name, the chip serial number and the identity card number included in the ID card). , ID card verification code, ID card network verification number of the current value) is also saved in the IC card of the citizen information platform and ID card, and the identity information of the ID card is initialized before it can be used officially; if you want to enable identity in the ID card The verification password and the two-fingerprint information comparison function shall be opened separately or simultaneously by applying to the management agency of the Citizen Information Platform for the application and review. 16. A citizen information management system method according to claim 1 or 5, wherein the modification of the ID card password is performed by an ID card reader of the networked information service system, and the operation steps are: (1) verifying the old Password; (2) The new password is set, and the new password is input to the reader for the same test. The reader applies for the password modification to the citizen information platform through the information service system. After the password is successfully modified, the reader writes the new password into the ID card.  17. The citizen information management system method according to claim 1, wherein the identity verification network is verified by the identity verification interface of the information service system, and the method is: using the unit digital certificate U shield, inputting “unit” The full name or unit mailbox receiving and sending account + unit digital certificate U shield password", that is, the unit's identity verification can be completed.  18. The citizen information management system method according to claim 1, wherein the method for verifying the citizenship network through the identity verification interface of the information service system has three methods: one is inputting "name or identity card number + identity". Certificate code 1" and "ID card password", the second is to enter "name or ID number + ID card verification code 2" and "ID card password", the third is to use the citizen digital certificate U shield, enter "name or ID card The number + citizen digital certificate U shield password", can complete the citizenship network verification; in the banking, telecommunications and other application systems can be embedded in the identity verification interface of the information service system, the identity network verification, after the verification is passed, the application system can obtain Citizenship information appropriate to the needs of the application system, as defined by administrative regulations, administrative regulations, or personal information authorization.  19. A citizen information management system method according to claim 1, wherein the information service system is coupled to various external systems providing unit or personal information, including an information resource system and a business application system, for various units or individuals. Information to establish a variety of information project index or classification index database for unit or personal identity information retrieval and statistics services; provide identity verification for units or individuals through the citizen information platform; provide unit or personal information classification query through the email system, Classification inspection and classification display service; providing the aforementioned information service by providing an information service embedding module for the application system of the information service demander (including the e-mail system of the platform).  20. The citizen information management system method according to claim 1, wherein the email system provides an independent network storage space for the mailbox user, and the user can set a hierarchical directory to store various documents set by the user. (hereinafter referred to as user documentation); User documents or user information documents in the mailbox can be set up by the user as needed. The user document and the user information document can be associated with each other. The user information document can be opened by the associated link built on the user document. The associated user document can be smashed through the associated link on the user information document.  21. A citizen information management system method according to claim 1, 17, 18, 19 or 20, wherein the e-mail user can determine the required user information document to display the document, number it, and set the display. Password; When the user needs to display the user information document, in the unit or personal information display interface in the email system, first authenticate the identity network of the unit or citizen, and then input the "document number, display password", then View or display organizational or personal information (including identity information). 22. A citizen information management system method according to claim 1, 17, 8, 18 or 20, wherein in the e-mail system, after the unit or citizen logs in to the mailbox, the user information document can be selected. After being authenticated, the user information document link set by the mailbox user is provided to the mailbox system through the email system or through the email system. The target mailbox of the unit or personal information requester, the user information document link can also be forwarded to the designated other target mailbox.  23. The citizen information management system method according to claim 1, wherein the electronic mail box is embedded with an online information exchange system, and the general chat system can have one-to-one private chat or apply for a group chat. It is characterized by the opening of units, communities and chat rooms set up by industry. It is managed by special personnel according to the administrative level. All the people who participate in the chat room have real names, and the users who are "added as friends" can put their own individuals. Information authorization (tick in the optional box of a user information document) In the chat system, let the other party view their own information (including their own identity information).  24. A citizen information management system method according to claim 1, wherein the mail sent and received in the email system can be designated as "online reading" and "download reading", and the sender of the mail can specify that the mail is sent. In one of the two forms, the recipient can designate the mail for "download reading" as one of the two forms; the "read online" mail can only be read by the dedicated email management software of the email system. You cannot download and read; messages that are designated as "download and read" can be downloaded to local storage and reading by dedicated email management software or general email management software.  25. The citizen information management system method according to claim 1, wherein each email mailbox is provided with various letter templates for writing various types of application letters, and for electronic letters having legal documents, The sending and receiving process is transmitted in cipher text, and the letter received by the receiving party is consistent with the content, layout and paper type generated by the sender, and the electronic seal can be stamped with a graphic seal associated with the content of the letter, the graphic seal is pre- Stored in the e-mail system, any changes in the content of the letter will directly lead to significant changes in the stamp pattern; the received letter contains the text, logo and receipt of the Citizen Information Platform, and the sender's e-mail address and mailing Time and receiving time; e-mail will be automatically saved after successful sending, can be downloaded to save or display, print, saved letter content, layout and paper type and the text, logo and receiving and sending side of the citizen information platform The mailbox sending and receiving account number and the time when the letter is sent cannot be changed. Otherwise, it will directly result in significant changes in the graphic cover seal; e-mail can be sorted for archiving e-mail received in accordance with needs.  26. The citizen information management system method according to claim 1, wherein in the e-mail system, two types of E-mails, A and B, are set up, and the E-type mailbox is a national government unit or a citizen information platform. The management department has the right to receive emails from mailboxes on other websites, and only receive emails sent to them by the mailboxes in the mailbox system. For senders whose mailboxes are marked as "blacklists" by special mailboxes, they will directly enter the mailbox. The garbage bin in the middle is automatically cleared after the set period, and returns a receipt that prompts the sender to put the mail in the trash can. The class A mailbox has one-to-one correspondence to all target mailboxes in the administrative area or authorized area under the jurisdiction. Or one-to-many function of sending letters or text messages, the target mailbox beyond the administrative area or authorized area of its jurisdiction can only send one-to-one letters or mobile phone text messages, the target mailbox is unconditionally received, and will automatically return a "letter has been Receive "receipts; Class B mailboxes are owned by units or citizens other than Class A mailbox users. 27. A citizen information management system method according to claim 1 or 26, wherein the status of the B-type mailbox receiving mail can be divided into six types: "receiving all information", "receiving information in the system", " Receiving small group messaging information, "receiving non-group Sending information ", "receiving friend information";"receiving all information" means being able to receive all mails from outside the system and within the system. "Receiving information in the system" means receiving only all mails in the system, including mass mailings. "Receiving small group sending messages" means receiving only in-system mails, excluding more than a specified number of non-friend group mailings, "receiving non-mass mailing information" means receiving only in-system mails, not receiving non-friends group mailings, "receiving "Friend information" means receiving only the emails of friends in the system, including group emails of friends.  28. The citizen information management system method according to claim 27, wherein the B-type mailbox user can send or send a mobile phone short message to the mailbox user in the system through the email system, but is restricted by the target mailbox receiving status. When the receiving status of the target mailbox is "receive all information" and "receive system information", the mailbox user can receive a single or group mobile phone short message of the mailbox user in the system; when the receiving status is "receive small group sending information" The mailbox user can receive the mobile phone short message sent by the mailbox user in the system, and exclude the non-buddy group sending more than a specified number of text messages; when the receiving status is "receive non-group sending information", the mailbox user can receive the mailbox user in the system. Mobile phone text message, but does not receive non-friends group mobile phone text messages; When the receiving status is "receive friend information", only the mobile phone text message of the friend mailbox user in the system is received, including the group's group mobile phone text message.  29. The citizen information management system method according to claim 1, characterized in that the first opening of the citizen e-mail address should be through the activation procedure of the application and the review to the management department of the citizen information platform, and the citizen e-mail account number includes the e-mail login. The account number and email address are sent and received. The two types of email accounts are initially set to the citizen ID number. After the mailbox is opened, the email receiving and sending account is always fixed as the citizen ID number, and the email login account (mainly composed of English letters, numbers, Chinese characters) ) can be changed by email user application; once the email login account is successfully changed, the original email login account will be invalid, and you can only use the newly established email login account and password to log in to the mailbox.  30. A citizen information management system method according to claim 1, wherein the first opening of the unit e-mail address is performed by applying to the management department of the citizen information platform for the application and auditing, and the e-mail account of the unit includes the e-mail login. The account number and email receiving and receiving account are initially set to the national unified organization code number. After the unit mailbox is opened, the email receiving and sending account number is always fixed to the organization code number, and the email login account number (mainly by English letters, numbers, Chinese) The composition of Chinese characters can be changed by the application of the user's mailbox. Once the email login account is successfully changed, the original email login account will be invalid. You can only use the newly established email login account and password to log in to the mailbox.  31. A citizen information management system method according to claim 30, wherein the e-mail system can set a unique "legal representative mailbox" representing the unit under each unit e-mail directory. The full name of the unit, through the application of the unit can set up multiple levels of departmental mailboxes, each level of departments can set up a certain number of post mailboxes according to needs; the unit's mailboxes at all levels can apply to the citizen information platform management agency to apply for a self-owned crown Take the corresponding name of the department. 32. A citizen information management system method according to claim 1, 29, 30, 31, characterized in that the electronic The e-mail address book service provided by the e-mail system exposes the e-mail address of the unit or citizen to the e-mail website of the Citizen Information Platform by name or name, that is, each e-mail address is the real name or name of the e-mail user, and The corresponding mailbox receiving and receiving account is "bound", so that the e-mail communication directory is directly displayed by unit name or citizen name, forming a national public e-mail address book; the unit's e-mail address is in accordance with state organs and enterprise units (including legal persons and unincorporated enterprises). , individual industrial and commercial households), institutions, social organizations (including legal persons or unincorporated organizations), according to the central, provincial (including municipalities, autonomous regions, the same below), city, county, township (town) administrative areas; The e-mail address book collects the legal e-mails of all citizens according to the law, according to the administrative area where the citizen's household registration is located, that is, according to the administrative area of the province, city, county, township (town), street or administrative village to which the citizenship is located. For those who are unwilling to announce Citizens who are too specific to the place of residence may apply to the citizen information platform management agency to arrange the e-mail address book according to the surname of the county or city. Citizens may choose one of two arrangements, the default is the first arrangement; The e-mail address book can also be arranged according to the unit. Each unit can apply to the e-mail system to combine the legal e-mails of the new and old employees of the unit under the same unit e-mail communication directory. The employee's e-mail can be displayed externally. It may also be limited to exhibiting to employees of the unit, hiding it from the outside, and the unit staff shall decide the display mode independently; if the citizen moves to a different administrative area, or transfers the work to a new unit, the legal e-mail address will be in accordance with the new household registration place or The new unit is arranged in the new e-mail communication directory, but the e-mail still exists in the original communication directory list and can receive the mail normally. It is marked with the words "has been relocated" or "has been transferred". The mailbox in the mailbox directory has the same account receiving and sending account, still pointing to the unique one. E-mail address; E-mail system for the unit to provide e-mail public address book by industry, professional and other classification methods, for citizens to provide e-mail public address book by industry, profession, job title and other classification methods, each unit or citizen The Citizen Information Platform Management Authority may apply to join a certain category of mailbox address book by submitting relevant supporting documents.  33. The citizen information management system method according to claim 32, wherein the unit or citizen e-mail address can be attached to the introductory information of the mailbox user, but the content thereof should be approved by the citizen information platform management institution. For the unit e-mail, you can also apply to link the unit's external website.  34. A citizen information management system method according to claim 1, wherein the unit or citizen e-mail has two methods: one is to input the e-mail login system and the e-mail login password in the e-mail system interface. After opening the mailbox, the second is to use the unit or personal digital U shield, open the mailbox by entering the "mailbox login account + digital U shield password" verification.  35. The citizen information management system method according to claim 1, wherein the citizen information platform is provided with a mobile phone short message notification function that is “bound” with the mailbox, and is used for system announcement or real-time email login and ID card network verification information, the unit or citizen can choose to open all or part of the SMS notification service. 36. A citizen information management system method according to claim 1, wherein each mailbox is in a Before the computer is opened with a password and it is not closed, no other computer can open the mailbox with a password. If a computer attempts to open an already opened mailbox with a password, if the password is entered correctly, the system will prompt "Someone is using the mailbox. ", and this information will be sent to the phone of the mailbox user who opened the SMS service to alert.  37. A citizen information management system method according to claim, wherein the email system can perform identity network verification through an identity verification service embedding module from the information service system, and the identity network authentication unit or citizen mailbox user You can restore the initial mailbox login account or retrieve the current email login account, email password recovery or reset operation. Users can enable or disable this function in the mailbox; the unit or citizen can pass the management agency to the citizen information platform. Apply, follow the formalities to restore the initial email login account or retrieve the current email login account, email password recovery or reset business.  38. The system according to claim 1, characterized in that the operation log and the ID verification log are set in the citizen information platform, and the operation log includes the mailbox login record and the operation record of the user information in the mailbox, and the login record includes the total number of login mailboxes and the login. Computer IP address and login time. If the mobile phone logs in online, record the mobile phone number. The mailbox user can check the operation log to find the abnormal login mailbox in time, and the user information operation record in the mailbox, including the password modification of the mailbox and the query of the user information. Display and other operations; ID verification log contains the number of ID verifications corresponding to the three ID card readers and verify the IP address and login time of the registered computer. The mailbox user can check the ID card by checking the ID card. Not being stolen or "cloned" by others.  39. A citizen information management system method according to claim 1 or claim 38, wherein the citizen information platform is provided with a special account for viewing the log (operation log and ID verification log) and citizenship information for the statutory authority. Only statutory bodies (usually public security organs or procuratorial organs at the provincial level or above) can be opened by written authorization of programmers of specific post systems, and the scope of the right to open by different types and levels of statutory organs is stipulated by law.  40. A citizen information management system method according to claim 1, wherein the citizen information platform management institution integrates the original citizenship identity card and the household registration information management organization of the public security organ, according to the central, provincial, municipal, county, and community. Hierarchical management; The above-mentioned management agencies apply the corresponding business management system to manage ID card issuance, maintenance, ID card reader, authorization module issuance and e-mail distribution; Community organizations apply community-level business management systems, empower community work Personnel manages various group chat rooms based on email accounts, and can conduct business or social management services such as posting notices, advertisements, and conducting social surveys in chat rooms.