CN104361278A - Computer user identity authentication method - Google Patents
Computer user identity authentication method Download PDFInfo
- Publication number
- CN104361278A CN104361278A CN201410575821.8A CN201410575821A CN104361278A CN 104361278 A CN104361278 A CN 104361278A CN 201410575821 A CN201410575821 A CN 201410575821A CN 104361278 A CN104361278 A CN 104361278A
- Authority
- CN
- China
- Prior art keywords
- user
- card reader
- password
- master routine
- chip
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/34—User authentication involving the use of external additional devices, e.g. dongles or smart cards
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a computer user identity authentication method, relates to a technology for performing user identity authentication on a remotely accessed computer by an inner network, and aims at solving the problems that the operation is inconvenient and a card is easily broken due to frequent use of an intelligent IC (integrated card) during identity authentication of a user. A user inserts the intelligent IC into a real card reader when a main program is operated for the first time, and sets a group of commands for identity confirmation; the main program stores the commands and information in the card into an SRM (shift register memory) chip; when an application program is operated, a virtual card reader is actively accessed so as to read information of the IC; the main program compares a command input by the user with a password stored in the SRM chip; if the command input by the user is consistent with the password stored in the SRM chip, the virtual card reader provides the application program for identity authentication. The user does not need to insert the intelligent IC into the real card reader at each time, so that the operation is simple, and the damage probability to the IC is reduced. The computer user identity authentication method is suitable for identity authentication on the remotely accessed computer by the inner network of an enterprise.
Description
Technical field
The present invention relates to Intranet carries out authenticating user identification technology to the computing machine of long-range access.
Background technology
In order to ensure internal network security, need using the user of the long-range access intranet of notebook computer to carry out authentication.More effective authentication means is that the information read when each network login on intellective IC card chip is compared with backstage storage at present.This mode requires that intellective IC card will be inserted card reader when logging in internal network at every turn by user, operates very inconvenient.And often can forget intellective IC card taking-up after using notebook computer, add unsafe factor on the contrary.Most card reader insertion card all can reserve a part of card later and give prominence in outside, is also easy to forget that the card of taking-up fractures when notebook is loaded into computer package.
Summary of the invention
The object of the invention is to solve when using the user of the long-range access intranet of notebook computer to carry out authentication, owing to frequently using intellective IC card, cause operation inconvenience and the problem of intellective IC card frangibility, a kind of computer user is provided identity identifying method.
Computer user of the present invention identity identifying method, when first time runs master routine, in the virtual card reader of operation system driver layer building, intellective IC card is inserted true card reader, and one group of password is set for identity validation, after information in intellective IC card reads by master routine, cryptographic storage is in the SRM chip of computer motherboard, is stored in described SRM chip using described password as password simultaneously;
Described computer user's identity identifying method comprises the following steps:
Step one, when needing the application program of authentication to run, initiatively accesses virtual card reader; Perform step 2;
Read requests is sent to master routine by step 2, virtual card reader; Perform step 3;
Step 3, master routine eject dialog box and require that user inputs password; Perform step 4;
Step 4, master routine judge that whether the password that user inputs is consistent with the password stored in SRM chip, if judged result is yes, perform step 5; Otherwise, return execution step 3;
The intellective IC card information stored in SRM chip is returned to virtual card reader by step 5, master routine; Perform step 6;
The intellective IC card information that master routine returns by step 6, plan card reader is supplied to application program and carries out authentication; So far, completing user authentication.
Information in intellective IC card is stored in the SRM chip of computing machine by the present invention, in use procedure afterwards, do not need all to use intellective IC card to carry out authenticating user identification at every turn, but have employed SRM chip combined with virtual card reader and verify, the security of IC-card authentication can be guaranteed, can be user-friendly to again, decrease the probability of damage of IC-card.
Accompanying drawing explanation
Fig. 1 is the principle schematic of computer user of the present invention identity identifying method;
Fig. 2 is the process flow diagram of computer user of the present invention identity identifying method.
Embodiment
Embodiment one: composition graphs 1 and Fig. 2 illustrate present embodiment, computer user's identity identifying method described in present embodiment, its first time is when running master routine, in the virtual card reader of operation system driver layer building, intellective IC card is inserted true card reader, and one group of password is set for identity validation, after the information in intellective IC card reads by master routine, cryptographic storage is in the SRM chip of computer motherboard, is stored in described SRM chip using described password as password simultaneously;
Described computer user's identity identifying method comprises the following steps:
Step one, when needing the application program of authentication to run, initiatively accesses virtual card reader; Perform step 2;
Read requests is sent to master routine by step 2, virtual card reader; Perform step 3;
Step 3, master routine eject dialog box and require that user inputs password; Perform step 4;
Step 4, master routine judge that whether the password that user inputs is consistent with the password stored in SRM chip, if judged result is yes, perform step 5; Otherwise, return execution step 3;
The intellective IC card information stored in SRM chip is returned to virtual card reader by step 5, master routine; Perform step 6;
The intellective IC card information that master routine returns by step 6, plan card reader is supplied to application program and carries out authentication; So far, completing user authentication.
Virtual card reader is that master routine is in the virtual card reader out of operation system driver layer.SRM chip and true card reader have been the standard configurations of most computers mainboard.User, when first time runs master routine, needs intellective IC card to insert true card reader, and after the information in intellective IC card being read by master routine, cryptographic storage is in SRM chip.Arrange one group of password for identity validation by user, this group password is stored in SRM chip equally simultaneously.When needing the application program of authentication to run, initiatively accesses virtual card reader IC card information can be read.At this moment read requests can be sent to master routine by virtual card reader.Master routine ejects dialog box and requires that user inputs the initial password arranged.The password that user inputs by master routine is compared with the password stored in SRM chip, judges, unanimously, the IC card information stored in SRM chip is returned to virtual card reader.The IC card information that master routine returns by virtual card reader is supplied to application program and carries out authentication.
Need to read the information in real intelligence IC card chip when system first time is arranged, ensure that the identity reality set user information.Can guarantee that each user is user in conjunction with user password.All be stored in due to IC card information and user password in the SRM chip in computer hardware, enciphered message is bound with this computer hardware current, and other people cannot carry out steal information by data copy.As long as user protects the physical security of good hand's Computer hardware, system can provide and be equivalent to insert the same identity security of intellective IC card at every turn.Need to insert except true IC-card except first time is arranged, intellective IC card just need not be inserted true card reader at every turn carry out authentication by user time used in everyday.Convenient for users, decrease the probability of damage of IC-card.
Embodiment two: present embodiment is the further restriction to the computer user's identity identifying method described in embodiment one: in step 4, when judged result is no, master routine prompting user " password mistake please be re-entered ", and perform step 3 simultaneously.
Claims (2)
1. computer user's identity identifying method, it is characterized in that: when first time runs master routine, in the virtual card reader of operation system driver layer building, intellective IC card is inserted true card reader, and one group of password is set for identity validation, after information in intellective IC card reads by master routine, cryptographic storage is in the SRM chip of computer motherboard, is stored in described SRM chip using described password as password simultaneously;
Described computer user's identity identifying method comprises the following steps:
Step one, when needing the application program of authentication to run, initiatively accesses virtual card reader; Perform step 2;
Read requests is sent to master routine by step 2, virtual card reader; Perform step 3;
Step 3, master routine eject dialog box and require that user inputs password; Perform step 4;
Step 4, master routine judge that whether the password that user inputs is consistent with the password stored in SRM chip, if judged result is yes, perform step 5; Otherwise, return execution step 3;
The intellective IC card information stored in SRM chip is returned to virtual card reader by step 5, master routine; Perform step 6;
The intellective IC card information that master routine returns by step 6, plan card reader is supplied to application program and carries out authentication; So far, completing user authentication.
2. computer user according to claim 1 identity identifying method, is characterized in that: in step 4, when judged result is no, and master routine prompting user " password mistake please be re-entered ", and perform step 3 simultaneously.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410575821.8A CN104361278A (en) | 2014-10-25 | 2014-10-25 | Computer user identity authentication method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410575821.8A CN104361278A (en) | 2014-10-25 | 2014-10-25 | Computer user identity authentication method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN104361278A true CN104361278A (en) | 2015-02-18 |
Family
ID=52528537
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410575821.8A Pending CN104361278A (en) | 2014-10-25 | 2014-10-25 | Computer user identity authentication method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104361278A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110968882A (en) * | 2019-12-04 | 2020-04-07 | 楚天龙股份有限公司 | IC card remote operation system and method |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101136112A (en) * | 2007-09-07 | 2008-03-05 | 北京兆维科技股份有限公司 | Gate inhibition system using palmar metacarpal veins mark recognition technology to substitute IC card |
| CN101512540A (en) * | 2006-09-29 | 2009-08-19 | 富士通株式会社 | Information processing apparatus and information management method |
| CN102610043A (en) * | 2012-02-09 | 2012-07-25 | 于梦媛 | Mobile terminal with virtual card-swiping function |
-
2014
- 2014-10-25 CN CN201410575821.8A patent/CN104361278A/en active Pending
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101512540A (en) * | 2006-09-29 | 2009-08-19 | 富士通株式会社 | Information processing apparatus and information management method |
| CN101136112A (en) * | 2007-09-07 | 2008-03-05 | 北京兆维科技股份有限公司 | Gate inhibition system using palmar metacarpal veins mark recognition technology to substitute IC card |
| CN102610043A (en) * | 2012-02-09 | 2012-07-25 | 于梦媛 | Mobile terminal with virtual card-swiping function |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110968882A (en) * | 2019-12-04 | 2020-04-07 | 楚天龙股份有限公司 | IC card remote operation system and method |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US20190089810A1 (en) | Resource access method, apparatus, and system | |
| US9582656B2 (en) | Systems for validating hardware devices | |
| US9230081B2 (en) | User authorization and presence detection in isolation from interference from and control by host central processing unit and operating system | |
| US9197629B2 (en) | Remote direct memory access authentication of a device | |
| US9245131B2 (en) | Multi-user universal serial bus (USB) key with customizable file sharing permissions | |
| CN100557617C (en) | SD storage card by hardware to identifying identification | |
| CN103069384A (en) | Host device and method for securely booting the host device with operating system code loaded from a storage device | |
| CN102521165A (en) | Security U disk and recognition method and device thereof | |
| US20080120726A1 (en) | External storage device | |
| CN103488481A (en) | Application program control method, terminal equipment and remote control system | |
| CN103714295A (en) | Financial integrated circuit card personalized data detecting method and system | |
| CN101520854A (en) | Smart memory card, data safety control system and method thereof | |
| CN102654849A (en) | Method for hiding and reading by partitions | |
| CN105303093A (en) | Token verification method for cryptographic smart token | |
| CN103810440B (en) | Access system and method | |
| KR20240026922A (en) | Cryptographic authentication to control access to storage devices | |
| CN106980800B (en) | Measurement method and system for authentication partition of encrypted solid state disk | |
| WO2018045917A1 (en) | Authorization system, method, and card | |
| CN103617127A (en) | Memory device with subareas and memorizer area dividing method | |
| WO2024036832A1 (en) | Method for realizing smart token cryptography application interface on basis of tpm | |
| CN105871840A (en) | Certificate management method and system | |
| CN104361278A (en) | Computer user identity authentication method | |
| CN112445705B (en) | Software running system, method and device based on trusted verification and computer equipment | |
| CN109872148A (en) | Trust data processing method, device and mobile terminal based on TUI | |
| CN103248487A (en) | Near field communication authentication method, certificate authorization center and near field communication equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| WD01 | Invention patent application deemed withdrawn after publication | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20150218 |