CN110472390A - A method of protection computer system security - Google Patents

A method of protection computer system security Download PDF

Info

Publication number
CN110472390A
CN110472390A CN201910754331.7A CN201910754331A CN110472390A CN 110472390 A CN110472390 A CN 110472390A CN 201910754331 A CN201910754331 A CN 201910754331A CN 110472390 A CN110472390 A CN 110472390A
Authority
CN
China
Prior art keywords
user
identifying code
topic
information
type
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201910754331.7A
Other languages
Chinese (zh)
Other versions
CN110472390B (en
Inventor
董爱民
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Jiangsu Institute of Architectural Technology
Original Assignee
Jiangsu Institute of Architectural Technology
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Jiangsu Institute of Architectural Technology filed Critical Jiangsu Institute of Architectural Technology
Priority to CN201910754331.7A priority Critical patent/CN110472390B/en
Publication of CN110472390A publication Critical patent/CN110472390A/en
Application granted granted Critical
Publication of CN110472390B publication Critical patent/CN110472390B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)

Abstract

The invention particularly discloses a kind of methods for protecting computer system security, include the following steps: S1: entering user's login interface when starting the system, compare the input information and reserved information of user;S2: the vital document in system is hidden, while monitoring operation of the user in system;S3: the classification of the vital document in system is marked;S4: when user will show hiding file, the identity of user is verified by the method that dynamic ID is verified;S5: allowing user to select the type of hidden file to be shown by selection interface, after user's selection, according to the type that user selects be randomly derived with the consistent topic of the type, if user's erroneous answers, locking system.The present invention, so that user receives limitation layer by layer, while locking system when confirming failure when wanting and consulting vital document, guarantees the safety of data, so that important data will not be stolen by repeatedly confirming to user identity.

Description

A method of protection computer system security
Technical field
The present invention relates to computer field, in particular to a kind of method for protecting computer system security.
Background technique
Under the epoch of big data, the quantity of information be it is increasing, also there is information much more very externally to maintain secrecy, Thus the safety of data is then particularly important.In the company and enterprise of some large sizes, the data of some top secrets are can not To allow incoherent personnel to be consulted, general such data are all placed on a computer, then to this computer The risk for carrying out appropriate keeping, but still having data to be leaked in this way, therefore, the protection for Computer Data Security is It is very important.
Summary of the invention
The purpose of the present invention is overcoming above-mentioned problems of the prior art, a kind of protection computer system security is provided Method, by repeatedly confirming to user identity so that user want consult vital document when receive layer by layer Limitation, while locking system when confirming failure, guarantee the safety of data, so that important data will not be stolen.
The technical scheme is that a kind of method for protecting computer system security, includes the following steps:
S1: entering user's login interface when starting the system, compare the input information and reserved information of user, if with The input information at family is consistent with reserved information, then carries out S2 step, as the input information of user and reserved information are inconsistent and not Consistent number reaches the number of setting, then locking system, the reserved information have administrator to set;
S2: the vital document in system is hidden, while monitoring operation of the user in system;
S3: the classification of the vital document in system is marked, and the classification of the vital document is set by administrator It is fixed;
S4: when user will show hiding file, the identity of user is tested by the method that dynamic ID is verified Card enters S5 step, if authentication failed, locking system if being proved to be successful;
S5: allowing user to select the type of hidden file to be shown by selection interface, after user's selection, according to user The type of selection, which is randomly derived, shows the hidden file of the type if user answers correctly with the consistent topic of the type, if User's erroneous answers, then locking system.
Further, in above-mentioned steps S1, user's login interface includes text box for inputting user name and is used for Input the text box and login button of password.
Further, in step s 4, the method for the dynamic ID verifying includes the following steps:
S4-1: when user will show hiding file, identifying code is generated;
S4-2: identifying code is encrypted by Encryption Algorithm, is verified information;
S4-3: send verification information to by bluetooth the mobile phone of user;
S4-4: the verification information of user's typing is received, and is carried out the verification information of user's typing by anti-Encryption Algorithm Decoding obtains de-authentication code;
S4-5: de-authentication code and identifying code are compared, if de-authentication code is consistent with identifying code, is considered as and is proved to be successful, If de-authentication code is inconsistent with identifying code, it is considered as authentication failed.
Further, the identifying code include Digital verification code, pattern identifying code, alphabetical identifying code, Chinese character identifying code with And combine identifying code.
Further, in step s 5, include the following steps:
S5-1: computer receives the type of user's selection, and random selection goes out to set the topic of quantity in the exam pool of the type Mesh;
S5-2: topic is successively shown to user, and receives answering for user;
S5-3: the model answer of user answered with topic is compared and is carried out to misinterpretation;
S5-4: counting user answer mistake topic quantity and by user answer mistake topic quantity and setting Number of errors compares, and if more than the number of errors of setting, is considered as user's erroneous answers, if being less than or equal to number of errors, depending on It is answered for user correct.
Further, in step S5-4, the number of errors set is zero.
Further, in step S5-1, the topic includes multiple-choice question, gap-filling questions and True-False, and multiple-choice question, is filled out Sky topic and True-False according to set proportion into row stochastic extraction, in step S5-2, the multiple-choice question, gap-filling questions and True-False is successively shown in sequence.
A kind of method for protecting computer system security is provided in the embodiment of the present invention, have it is following the utility model has the advantages that
1, by repeatedly confirming to user identity, so that user receives layer by layer when wanting and consulting vital document Limitation, while confirm failure when locking system, guarantee the safety of data, so that important data will not be stolen;
2, important file is hidden, so that important data will not be appeared in directly in face of user, into The data safety that ensure that user of one step;
3, before the hiding file of display, the test of profession will be carried out to user, the identity of user is carried out further Determination and investigation.
Detailed description of the invention
Fig. 1 is a kind of overall flow schematic block diagram of the method for protection computer system security of the invention;
Fig. 2 is a kind of method method that dynamic ID is verified in step s 4 of protection computer system security of the invention Schematic process flow diagram;
Fig. 3 is a kind of schematic process flow diagram of the method for protection computer system security of the invention in step s 5.
Specific embodiment
With reference to the accompanying drawing, multiple specific embodiments of the invention are described in detail, it is to be understood that of the invention Protection scope be not limited by the specific implementation.
It is known in those skilled in the art without specific number of element types and structure in present specification The prior art, those skilled in the art can set according to the needs of actual conditions, in the embodiment of present specification Specific restriction is not done.
Embodiment 1
A kind of method for protecting computer system security is present embodiments provided, is realized by basic essential features The present invention, to solve the problems, such as that background of technology is proposed in present specification.
Specifically, as shown in Figure 1, the embodiment of the invention provides it is a kind of protect computer system security method, including Following steps:
S1: entering user's login interface when starting the system, compare the input information and reserved information of user, if with The input information at family is consistent with reserved information, then carries out S2 step, as the input information of user and reserved information are inconsistent and not Consistent number reaches the number of setting, then locking system, the reserved information have administrator to set;
In this step, it is compared by the information and reserved information that are logged in user, if the input information of user Consistent with reserved information, then explanation is that user is logged in, then carries out S2 step, such as the input information of user and reserved Information is inconsistent, then user is needed to re-start input, after input three times, still such as the input information of user and reserved letter Cease it is inconsistent in the case where, system can carry out the operation of locking system automatically.
In this step, typing is carried out using the mode of Characters such as the input information of user, meanwhile, reserved information is adopted Typing is carried out with the mode of administrator's typing, reserved information is stored in the storage hard disk of system, and the input information of user exists It is carried out in caching.
S2: the vital document in system is hidden, while monitoring operation of the user in system;
In this step, the vital document in system is passed through into the system by information of the method for change file system attributes Attribute is set as hiding, meanwhile, monitoring operation of the user in system for specific monitoring method is added in system Tracker tracks the browsing approach of user and the content of browsing, can be by recording in the technological means shielded for this technology Tracking technique realized.
S3: the classification of the vital document in system is marked, and the classification of the vital document is set by administrator It is fixed;
The step has administrator to complete, and is to be added label according to its classification to important file, specifically, mark Label addition is in the attribute of file.
S4: when user will show hiding file, the identity of user is tested by the method that dynamic ID is verified Card enters S5 step, if authentication failed, locking system if being proved to be successful;
When the step is that user will open hiding file, by method that dynamic ID is verified to the identity of user It is verified, when being proved to be successful, then can open hiding file.Dynamic ID is verified, it can be using dynamic The mode of identifying code is dynamically verified, and can also dynamically be verified using the identification technology of human body.
S5: allowing user to select the type of hidden file to be shown by selection interface, after user's selection, according to user The type of selection, which is randomly derived, shows the hidden file of the type if user answers correctly with the consistent topic of the type, if User's erroneous answers, then locking system.
The step is to show the type of hidden file, confirms whether user can check by way of allowing user to inscribe, It for the topic to be answered, is stored in the digit punch of topic, while each topic wants it to being applied to indicate its type Label, system according to the type that user selects be randomly derived with the consistent topic of the type, and show and make for user It answers, if user answers correctly, the hidden file of the type is shown, if user's erroneous answers, locking system.
In the present embodiment, in above-mentioned steps S1, user's login interface includes the text box for inputting user name With the text box and login button for inputting password.
Embodiment 2
The present embodiment is optimized based on embodiment 1 and to the embodiment in embodiment 1, so that the present embodiment is being transported More stable in capable process, performance is more good, but is not limited in a kind of embodiment party described in the present embodiment Formula.
In the present embodiment, further description is made that for the method for the dynamic ID verifying of above-described embodiment, made The file for obtaining user is safer.
Specifically, as shown in Fig. 2, in step s 4, the method for the dynamic ID verifying includes the following steps:
S4-1: when user will show hiding file, identifying code is generated;
In this step, when the attribute that user will change hiding file shows hiding file, system is raw At identifying code.Specifically, the generation of identifying code is generated by random function.
S4-2: identifying code is encrypted by Encryption Algorithm, is verified information;
In this step, it is encrypted by the random function that Encryption Algorithm generates above-mentioned steps, the letter being verified Breath;For Encryption Algorithm, those skilled in the art according to the actual needs, can use MD5 algorithm, can also be calculated using SHA1 Method can also equally use hmac algorithm.
S4-3: send verification information to by bluetooth the mobile phone of user;
It is communicated using bluetooth, so that accurate information is arrived in user's receiving, will not be generated due to the problem of communication quality The mistake of verification information.
S4-4: the verification information of user's typing is received, and is carried out the verification information of user's typing by anti-Encryption Algorithm Decoding obtains de-authentication code;
The step receives the verification information of user's typing, and is carried out the verification information of user's typing by anti-Encryption Algorithm Decoding obtains de-authentication code, anti-Encryption Algorithm with above-mentioned Encryption Algorithm be it is corresponding, the verification information of encryption is restored.
S4-5: de-authentication code and identifying code are compared, if de-authentication code is consistent with identifying code, is considered as and is proved to be successful, If de-authentication code is inconsistent with identifying code, it is considered as authentication failed.
In this step, it compares de-authentication code and identifying code is considered as and is proved to be successful if de-authentication code is consistent with identifying code, If de-authentication code is inconsistent with identifying code, it is considered as authentication failed.The identity information of user is further confirmed by identifying code.
In the present embodiment, the identifying code includes Digital verification code, pattern identifying code, alphabetical identifying code, Chinese character verifying Code and combine identifying code.
Embodiment 3
The present embodiment is optimized based on embodiment 1 and to the embodiment in embodiment 1, so that the present embodiment is being transported More stable in capable process, performance is more good, but is not limited in a kind of embodiment party described in the present embodiment Formula.
In the present embodiment, by the topic selected at random, further the identity information of user is proved, it will be amateur User exclude so that the documents of the Central Committee of system is more safe.
Specifically, as shown in figure 3, in step s 5, including the following steps:
S5-1: computer receives the type of user's selection, and random selection goes out to set the topic of quantity in the exam pool of the type Mesh;
In the step, the file type to be checked according to user, the random extraction certain amount in the exam pool of the type Topic, in general, selection three topics shown to user.
S5-2: topic is successively shown to user, and receives answering for user;
By topic successively be shown to user, user selects answer on topic, and system receives the answer of user's selection.
S5-3: the model answer of user answered with topic is compared and is carried out to misinterpretation;
The step is that the answer of user to user is carried out to wrong judgement, when the model answer one of user answered with topic When cause, user is answered questions, conversely, user answers mistake.
S5-4: counting user answer mistake topic quantity and by user answer mistake topic quantity and setting Number of errors compares, and if more than the number of errors of setting, is considered as user's erroneous answers, if being less than or equal to number of errors, depending on It is answered for user correct.
The step passes through the wrong topic quantity for judging user, confirms to the identity of user.
In the present embodiment, specifically, in step S5-4, the number of errors set is zero.
In the present embodiment, specifically, in step S5-1, the topic includes multiple-choice question, gap-filling questions and True-False, And multiple-choice question, gap-filling questions and True-False are according to set proportion into row stochastic extraction, in step S5-2, the selection Topic, gap-filling questions and True-False are successively shown in sequence.
In conclusion including the following steps: the invention particularly discloses a kind of method for protecting computer system security S1: enter user's login interface when starting the system, the input information and reserved information of user are compared, if the input of user Information is consistent with reserved information, then carries out S2 step, such as the input information of user and reserved information is inconsistent and inconsistent number Reach the number of setting, then locking system, the reserved information has administrator to set;S2: by the vital document in system It is hidden, while monitoring operation of the user in system;S3: the classification of the vital document in system is marked, described The classification of vital document is set by administrator;S4: it when user will show hiding file, is verified by dynamic ID Method verifies the identity of user, if being proved to be successful, enters S5 step, if authentication failed, locking system;S5: logical Cross the type that selection interface allows user to select hidden file to be shown, user selection after, according to user selection type with Machine obtains showing the hidden file of the type if user answers correctly with the consistent topic of the type, if user answers mistake It misses, then locking system.The present invention by repeatedly confirming to user identity so that user want consult vital document when The limitation received layer by layer, while locking system when confirming failure are waited, guarantees the safety of data, so that important data are not It can be stolen.
Disclosed above is only several specific embodiments of the invention, and still, the embodiment of the present invention is not limited to this, is appointed What what those skilled in the art can think variation should all fall into protection scope of the present invention.

Claims (7)

1. a kind of method for protecting computer system security, which comprises the steps of:
S1: entering user's login interface when starting the system, compare the input information and reserved information of user, if user It is consistent with reserved information to input information, then S2 step is carried out, as the input information of user is inconsistent and inconsistent with reserved information Number reaches the number of setting, then locking system, and the reserved information has administrator to set;
S2: the vital document in system is hidden, while monitoring operation of the user in system;
S3: the classification of the vital document in system is marked, and the classification of the vital document is set by administrator;
S4: when user will show hiding file, verifying the identity of user by the method that dynamic ID is verified, if It is proved to be successful, then enters S5 step, if authentication failed, locking system;
S5: it is selected after user's selection according to user by the type that selection interface allows user to select hidden file to be shown Type be randomly derived and the hidden file of the type shown, if user if user answers correct with the consistent topic of the type Erroneous answers, then locking system.
2. a kind of method for protecting computer system security as described in claim 1, which is characterized in that in above-mentioned steps S1, User's login interface includes the text box for inputting user name and the text box and login button for inputting password.
3. a kind of method for protecting computer system security as described in claim 1, which is characterized in that in step s 4, institute The method for stating dynamic ID verifying includes the following steps:
S4-1: when user will show hiding file, identifying code is generated;
S4-2: identifying code is encrypted by Encryption Algorithm, is verified information;
S4-3: send verification information to by bluetooth the mobile phone of user;
S4-4: the verification information of user's typing is received, and is decoded the verification information of user's typing by anti-Encryption Algorithm Obtain de-authentication code;
S4-5: de-authentication code and identifying code are compared, if de-authentication code is consistent with identifying code, is considered as and is proved to be successful, if instead Identifying code is inconsistent with identifying code, is considered as authentication failed.
4. a kind of method for protecting computer system security as claimed in claim 3, which is characterized in that the identifying code includes Digital verification code, pattern identifying code, alphabetical identifying code, Chinese character identifying code and combine identifying code.
5. a kind of method for protecting computer system security as described in claim 1, which is characterized in that in step s 5, packet Include following steps:
S5-1: computer receives the type of user's selection, and random selection goes out to set the topic of quantity in the exam pool of the type;
S5-2: topic is successively shown to user, and receives answering for user;
S5-3: the model answer of user answered with topic is compared and is carried out to misinterpretation;
S5-4: counting user answer mistake topic quantity and by user answer mistake topic quantity and setting mistake Quantity compares, and if more than the number of errors of setting, is considered as user's erroneous answers, if being less than or equal to number of errors, is considered as use Answer correct in family.
6. a kind of method for protecting computer system security as claimed in claim 5, which is characterized in that in step S5-4, The number of errors set is zero.
7. a kind of method for protecting computer system security as claimed in claim 5, which is characterized in that in step S5-1, The topic includes multiple-choice question, gap-filling questions and True-False, and multiple-choice question, gap-filling questions and True-False according to set proportion into Row stochastic extraction, in step S5-2, the multiple-choice question, gap-filling questions and True-False are successively shown in sequence.
CN201910754331.7A 2019-08-15 2019-08-15 Method for protecting computer system safety Active CN110472390B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910754331.7A CN110472390B (en) 2019-08-15 2019-08-15 Method for protecting computer system safety

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910754331.7A CN110472390B (en) 2019-08-15 2019-08-15 Method for protecting computer system safety

Publications (2)

Publication Number Publication Date
CN110472390A true CN110472390A (en) 2019-11-19
CN110472390B CN110472390B (en) 2021-09-17

Family

ID=68510898

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910754331.7A Active CN110472390B (en) 2019-08-15 2019-08-15 Method for protecting computer system safety

Country Status (1)

Country Link
CN (1) CN110472390B (en)

Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1777101A (en) * 2005-11-22 2006-05-24 大连理工大学 Real-time identity authentication method based on mobile phone, bluetooth and two-dimensional barcode
CN101459723A (en) * 2007-12-14 2009-06-17 希姆通信息技术(上海)有限公司 Secret keeping processing method for mobile phone information
CN103678962A (en) * 2012-08-30 2014-03-26 腾讯科技(深圳)有限公司 Personal information management method and device and terminal
US20140282949A1 (en) * 2013-03-15 2014-09-18 Kaarya Llc System and Method for Account Access
CN104573569A (en) * 2015-01-24 2015-04-29 浙江远望软件有限公司 File storage and access method by storage equipment generating random verification information
US9165128B1 (en) * 2012-05-10 2015-10-20 Isaac S. Daniel System and method of securing content from public display on a mobile communication device
CN107341012A (en) * 2017-06-26 2017-11-10 上海传英信息技术有限公司 The display methods and display system of a kind of applying unit
CN107392039A (en) * 2017-09-22 2017-11-24 华北理工大学 Computer hard disk data encrypting method and its device
CN107733660A (en) * 2017-11-29 2018-02-23 佛山市因诺威特科技有限公司 A kind of password method for retrieving

Patent Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1777101A (en) * 2005-11-22 2006-05-24 大连理工大学 Real-time identity authentication method based on mobile phone, bluetooth and two-dimensional barcode
CN101459723A (en) * 2007-12-14 2009-06-17 希姆通信息技术(上海)有限公司 Secret keeping processing method for mobile phone information
US9165128B1 (en) * 2012-05-10 2015-10-20 Isaac S. Daniel System and method of securing content from public display on a mobile communication device
CN103678962A (en) * 2012-08-30 2014-03-26 腾讯科技(深圳)有限公司 Personal information management method and device and terminal
US20140282949A1 (en) * 2013-03-15 2014-09-18 Kaarya Llc System and Method for Account Access
CN104573569A (en) * 2015-01-24 2015-04-29 浙江远望软件有限公司 File storage and access method by storage equipment generating random verification information
CN107341012A (en) * 2017-06-26 2017-11-10 上海传英信息技术有限公司 The display methods and display system of a kind of applying unit
CN107392039A (en) * 2017-09-22 2017-11-24 华北理工大学 Computer hard disk data encrypting method and its device
CN107733660A (en) * 2017-11-29 2018-02-23 佛山市因诺威特科技有限公司 A kind of password method for retrieving

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
智慧清理: "怎样快速隐藏和保护隐私文件", 《智慧清理官网,HTTPS://WWW.WISECLEANER.COM.CN/HOW-TO/30-怎样快速隐藏和保护隐私文件.HTML》 *
黎妹红等: "《身份认证技术及应用》", 31 March 2012, 北京邮电大学出版社 *

Also Published As

Publication number Publication date
CN110472390B (en) 2021-09-17

Similar Documents

Publication Publication Date Title
Shay et al. Designing password policies for strength and usability
US6141751A (en) User identifying method and system in computer communication network
CN101272237B (en) Method and system for automatically generating and filling login information
CN110149328A (en) Interface method for authenticating, device, equipment and computer readable storage medium
CN107563176A (en) Login authentication method and system based on USB flash disk, readable storage medium and computer
CN106790243B (en) A kind of password remapping method of safe U disc
CN106648125A (en) Fingerprint keyboard, verification system and method based on fingerprint keyboard
Kayem Graphical Passwords--A Discussion
CN107622208A (en) Note encryption and decryption method and related product
Joudaki et al. Reinforcing system-assigned passphrases through implicit learning
US8949960B2 (en) Privacy preserving knowledge and factor possession tests for persistent authentication
Lacobowitz et al. Happy Birthday Siri: Dialing in Legal Ethics for Artificial Intelligence, Smartphones, and Real Time Lawyers
Rodriguez et al. Finding the middle ground: measuring passwords for security and memorability
Shay et al. Password policy simulation and analysis
CN110472390A (en) A method of protection computer system security
CN110516427A (en) Auth method, device, storage medium and the computer equipment of terminal user
Addas et al. Geographic hints for passphrase authentication
Kaja et al. Graphical password scheme using persuasive cued click points
CN108540426A (en) A kind of method, apparatus and server for realizing data processing
Schwab et al. Picture PassDoodle: usability study
Brumen et al. A comparison of password management policies
Stobert Graphical passwords and practical password management
Hossain et al. A generic framework of three factor authentication with optional bio-metric or graphical password
Murray Improving Authentication for Users Via Better Understanding Password use and Abuse
Renzulli 7 Tips to Create a Hack-Proof Password You'll Actually Remember; Forget about all those special characters and the cute personal cues you think only you can figure out. If you really want to keep fraudsters at bay, do this instead.

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant