CN112380509A - Identity information generation and verification method, device and readable storage medium - Google Patents
Identity information generation and verification method, device and readable storage medium Download PDFInfo
- Publication number
- CN112380509A CN112380509A CN202011281929.8A CN202011281929A CN112380509A CN 112380509 A CN112380509 A CN 112380509A CN 202011281929 A CN202011281929 A CN 202011281929A CN 112380509 A CN112380509 A CN 112380509A
- Authority
- CN
- China
- Prior art keywords
- identity information
- verification
- certificate
- user
- industry
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/33—User authentication using certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3226—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3263—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
- H04L9/3268—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements using certificate validation, registration, distribution or revocation, e.g. certificate revocation list [CRL]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
- Collating Specific Patterns (AREA)
Abstract
The application provides an identity information generation and verification method, an identity information generation and verification device and a readable storage medium. The identity authentication method comprises the following steps: when the signature certificate of the user to be verified is determined to be a valid signature certificate, analyzing the valid signature certificate to acquire first business identity information of the user to be verified; the signature certificate is used for representing the digital identity of the user to be verified; acquiring legal identity information of the user to be verified, and determining second industry identity information through the legal identity information; determining whether the industry identity information of the user to be verified passes verification according to the first industry identity information and the second industry identity information; when the industry identity information of the user to be verified is confirmed to pass verification, verifying the legal identity information; and when the legal identity information is confirmed to pass the authentication, confirming that the user to be authenticated passes the authentication. The method is used for realizing effective and reliable identity authentication.
Description
Technical Field
The present application relates to the field of information security technologies, and in particular, to a method and an apparatus for generating and verifying identity information, and a readable storage medium.
Background
When transacting business, various businesses including online business, offline business and the like need to perform identity authentication in order to ensure the safety of business transaction.
In the prior art, a single authentication mode is adopted during authentication. Such as: legal identity authentication based on face recognition; industry identity verification based on industry custom identity; verification of PKI (Public Key Infrastructure, Public Key cryptography) digital identities. However, a single authentication method cannot achieve effective and reliable authentication, such as: the single legal identity authentication can only verify legal identity, and the industry identity authentication cannot be realized; the single industry identity authentication can only verify the industry identity, cannot verify the legal identity, and cannot trace whether the industry identity is falsely used by other people (for example, other people modify the industry identity); the single PKI digital identity has tracing function, but can not verify legal identity and industry identity.
Disclosure of Invention
Embodiments of the present invention provide an identity information generating and verifying method, an identity information generating and verifying device, and a readable storage medium, so as to implement effective and reliable identity verification.
In a first aspect, an embodiment of the present application provides an identity authentication method, including: when the signature certificate of the user to be verified is determined to be a valid signature certificate, analyzing the valid signature certificate to acquire first business identity information of the user to be verified; the signature certificate is used for representing the digital identity of the user to be verified; acquiring legal identity information of the user to be verified, and determining second industry identity information through the legal identity information; determining whether the industry identity information of the user to be verified passes verification according to the first industry identity information and the second industry identity information; when the industry identity information of the user to be verified is confirmed to pass verification, verifying the legal identity information; and when the legal identity information is confirmed to pass the authentication, confirming that the user to be authenticated passes the authentication.
In the embodiment of the application, when identity authentication is carried out, when a signature certificate (equivalent to a digital identity of a user) of a user to be authenticated is determined to be a valid signature certificate, first industry identity information of the user to be authenticated is obtained, on one hand, the digital identity information and the industry identity information have a binding relationship, so that the industry identity information has traceability; on the other hand, when the digital identity passes the verification, further identity verification is carried out. And then, determining second industry information through the legal identity information of the user to be verified, verifying the industry identity of the user based on the first industry information and the second industry information, wherein the legal identity information and the industry identity information also have a binding relationship, so that the reliable verification of the industry identity information is realized by combining the two binding relationships of the industry identity information, the legal identity information and the digital identity information. And finally, carrying out legal identity verification, wherein after the legal identity verification is passed, the user to be verified passes the identity verification. Therefore, the three identities are combined to carry out identity verification, and the triple identities have corresponding binding relations, so that the verification of the triple identities of the digital identity, the industrial identity and the legal identity can be finally realized, and the effective and reliable identity verification is ensured.
As a possible implementation manner, before the analyzing the valid signature certificate and acquiring the first business identity information of the user to be verified when the signature certificate of the user to be verified is determined to be the valid signature certificate, the method further includes: acquiring a signature certificate of the user to be verified; generating a certificate verification request based on the signed certificate; sending the certificate verification request to a third party certificate verification system; receiving a certificate validity verification result fed back by the third-party certificate verification system; and determining whether the signature certificate is a valid signature certificate according to the certificate validity verification result.
In the embodiment of the application, the validity of the signature certificate of the user to be verified is verified through the third-party certificate verification system, so that the digital identity of the user to be verified is verified.
As a possible implementation manner, before the determining whether the signed certificate is a valid signed certificate according to the certificate validity verification result, the method further includes: verifying whether the certificate validity verification result is a valid result; correspondingly, the determining whether the signature certificate is a valid signature certificate according to the certificate validity verification result includes: and when the certificate validity verification result is determined to be a valid result, determining whether the signature certificate is a valid signature certificate according to the certificate validity verification result.
In the embodiment of the application, the certificate validity verification result fed back by the third-party certificate verification system is also at risk of being tampered in the sending process, so that the validity verification result is also verified, and the reliability of the verification result of the digital identity is ensured.
As a possible implementation manner, the determining the second industry identity information by the legal identity information includes: generating a query request according to the legal identity information; sending the query request to an education ESN generation system; and receiving second education ESN information corresponding to the legal identity information fed back by the education ESN generation system, wherein the second education ESN information is the second industry identity information.
In the embodiment of the application, for the education industry, the industry identity information can be requested to the education ESN generation system through the legal identity information, and the effective acquisition of the industry identity information based on the legal identity information is realized.
As one possible implementation, the verifying the legal identity information includes: generating a legal identity information verification request according to the legal identity information; sending the legal identity authentication request to a public security face authentication service system; receiving a legal identity information verification result returned by the public security face verification service system; and determining whether the legal identity information passes the verification according to the legal identity information verification result.
In the embodiment of the application, the legal identity information is verified through the public security face verification service system, so that the reliable and effective verification of the legal identity information is realized.
As one possible implementation, before the determining whether the statutory identity information is verified according to the statutory identity information verification result, the method further comprises: verifying whether the legal identity information verification result is a valid result or not; correspondingly, the determining whether the legal identity information passes the verification according to the legal identity information verification result comprises: and when the legal identity information verification result is determined to be a valid result, determining whether the legal identity information passes the verification according to the legal identity information verification result.
In the embodiment of the application, the legal identity information verification result fed back by the public security face verification service system is also at risk of being tampered in the feedback process, so that the verification result is also subjected to validity verification, and the reliability of the verification result of the legal identity is ensured.
In a second aspect, an embodiment of the present application provides an identity information generating method, including: when the legal identity information of the user is confirmed to pass verification, the industry identity information of the user is confirmed and stored according to the legal identity information; generating a signature public key; generating an application request of a signature certificate according to the industry identity information and the signature public key; the signing certificate is for representing a digital identity of the user; sending the application request to a third-party CA system; and receiving the signed certificate issued by the third-party CA system.
In the embodiment of the application, when the identity information is generated, the industry identity information of a user is determined according to the legal identity information passing the verification; then, generating digital identity information (namely a signature certificate) of the user based on the industry identity information; the binding generation of the triple identity information is realized, and further, when identity authentication is carried out, the more reliable and more effective identity authentication can be realized based on the binding generation relationship of the triple identity information.
As a possible implementation manner, before determining and storing the industry identity information of the user according to the legal identity information when the legal identity information of the user is determined to be verified, the method further includes: collecting legal identity information of a user; generating a legal identity information verification request of the user according to the legal identity information; receiving a legal identity information verification result fed back by the public security face verification service system; and determining whether the legal identity information passes the verification according to the legal identity information verification result.
In the embodiment of the application, the collected legal identity information is verified through the public security face verification service system, so that the reliability and the effectiveness of the collected legal identity information are ensured.
As one possible implementation, before the determining whether the statutory identity information is verified according to the statutory identity information verification result, the method further comprises: acquiring certificate data of a public security face verification service system; verifying whether the legal identity information verification result is a valid result or not according to the certificate data; correspondingly, the determining whether the legal identity information passes the verification according to the legal identity information verification result comprises: and when the legal identity information verification result is determined to be a valid result, determining whether the legal identity information passes the verification according to the legal identity information verification result.
In the embodiment of the application, the legal identity information verification result fed back by the public security face verification service system is also at risk of being tampered in the feedback process, so that the verification result is also subjected to validity verification, and the reliability of the verification result of the legal identity information is ensured.
As an optional implementation manner, the industry identity information is education ESN information, and the determining and storing the industry identity information of the user according to the legal identity information includes: generating a generation request of the education ESN information according to the legal identity information; sending the generation request to an educational ESN generation system; and receiving and storing the unique education ESN information fed back by the education ESN generation system.
In the embodiment of the application, for the education industry, the industry identity information can be requested to the education ESN generation system through the legal identity information, and the effective acquisition of the industry identity information based on the legal identity information is realized.
In a third aspect, an embodiment of the present application further provides an identity information verification apparatus, which includes a functional module configured to implement the method described in the first aspect and any one of the possible implementation manners of the first aspect.
In a fourth aspect, an embodiment of the present application further provides an identity information generating apparatus, which includes a functional module for implementing the method described in the second aspect and any one of the possible implementation manners of the second aspect.
In a fifth aspect, this embodiment of the present application further provides a readable storage medium, where a computer program is stored on the readable storage medium, and the computer program is executed by a computer to perform the method as described in the first aspect and any one of the possible implementation manners of the first aspect, and the second aspect and any one of the possible implementation manners of the second aspect.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings that are required to be used in the embodiments of the present application will be briefly described below, it should be understood that the following drawings only illustrate some embodiments of the present application and therefore should not be considered as limiting the scope, and that those skilled in the art can also obtain other related drawings based on the drawings without inventive efforts.
Fig. 1 is a flowchart of an identity information generation method provided in an embodiment of the present application;
fig. 2 is a schematic view of an actual application flow of the identity information generation method provided in the embodiment of the present application;
fig. 3 is a flowchart of an identity information verification method according to an embodiment of the present application;
fig. 4 is a schematic view of an actual application flow of the identity information verification method according to the embodiment of the present application;
fig. 5 is a functional block diagram of an identity information generating apparatus according to an embodiment of the present application;
fig. 6 is a functional block diagram of an identity information verification apparatus according to an embodiment of the present application.
Icon: 300-identity information generating means; 301-a first processing module; 302-a second processing module; 400-identity information verification means; 401-a first authentication module; 402-a second authentication module.
Detailed Description
The technical solutions in the embodiments of the present application will be described below with reference to the drawings in the embodiments of the present application.
The technical scheme provided by the embodiment of the application can be applied to user identity verification in various industries, such as the education industry; in application scenarios of various industries, when a user executes a certain service, authentication is usually required, and after the authentication is performed, the corresponding service can be continuously executed. Such as: in the education industry, the online correction of test paper is related, and teachers who correct the test paper online need to perform identity verification firstly, so that the teachers are allowed to correct the test paper online after the teachers have the authority of correcting the test paper.
It can be understood that to implement the authentication of the identity information, the identity information needs to be generated first, and the generated identity information is used as a pass when the user executes the service, and is used as an authentication basis when the authentication system performs the identity authentication. The verification and generation of the identity information may be two independent implementation processes, and the hardware main bodies executing the two independent implementation processes may be the same hardware main body or different hardware main bodies. Such as: the verification of the identity information is executed by an identity information verification system (which can be a business system of various industries), and the generation of the identity information is executed by an identity information generation system; (the following embodiments are introduced in separate embodiments) both the identity information verification system and the identity information generation system may include a front end (electronic devices such as a computer and a mobile phone) and a back end (server), and the end executing the verification or generation process is the back end. For another example: the authentication and generation of the identity information are both performed by an identity information management system, which may also include a front end and a back end, with the process of performing identity information management (including authentication and generation) being the back end. Therefore, the technical scheme of the embodiment of the application can be applied to the server side of the identity information verification/generation/management system. Further, the front-end and back-end architectures may be C/S (client-server) architectures or B/S (browser-server) architectures. For convenience of understanding, in the following embodiments, a generation process of the identity information is described first, and then a verification process of the identity information is described.
Referring to fig. 1, a flowchart of an identity information generating method provided in an embodiment of the present application is shown, where the method includes:
step 101: and when the legal identity information of the user is confirmed to pass the verification, determining the industry identity information of the user according to the legal identity information and storing the industry identity information.
Step 102: and generating a signature public key.
Step 103: and generating an application request of the signature certificate according to the industry identity information and the signature public key. The signed certificate is used to represent the digital identity of the user.
Step 104: the application request is sent to a third party CA (Certificate Authority) system.
Step 105: and receiving a signed certificate issued by a third-party CA system.
In the embodiment of the application, when the identity information is generated, the industry identity information of a user is determined according to the legal identity information passing the verification; then, generating digital identity information (namely a signature certificate) of the user based on the industry identity information; the binding generation of the triple identity information is realized, and further, when identity authentication is carried out, the more reliable and more effective identity authentication can be realized based on the binding generation relationship of the triple identity information.
A detailed implementation of steps 101-105 is described next.
In step 101, the user refers to a user for which identity information is to be generated. For example, a user initiates a registration request of identity information at the front end, then the front end sends the registration request to the back end, and the back end interacts with the front end based on the registration request to complete a subsequent execution process. It will be appreciated that step 101 is defined to be performed upon determining that the user's legal identity information is verified, step 101. Generally, when a user registers identity information, legal identity information is input first, and the legal identity information includes personal basic information of the user: identity card information (including name, identification card number, issuing organization, etc.) and living human face data of the user, etc. Therefore, in order to ensure the validity and reliability of the subsequently generated industry identity information and digital identity information, the legal identity information is verified before step 101, the industry identity information is determined only when the legal identity information is verified, and step 101 is not executed if the legal identity information is not verified.
As an alternative embodiment, the process of verifying the statutory identity information comprises: collecting legal identity information of a user; generating a legal identity information verification request of the user according to the legal identity information; receiving a legal identity information verification result fed back by the public security face verification service system; and determining whether the legal identity information passes the verification according to the verification result of the legal identity information.
For example, assuming that the user is a student in the education industry, the legal identity information of the student may include: the name, the identity card information, the student status information and the living body face information collected by the camera are input by the student. During collection, the name, the identification card information and the student status information can be collected through the front end, namely, the student inputs the corresponding information at the front end. Of course, the name and the identification card information may also be obtained by uploading a shot identification card photo by a student or scanning the identification card photo by a camera, and the like, which is not limited in the embodiment of the present application.
After the legal identity information of the user is collected, a legal identity verification request can be generated according to the legal identity information and then sent to a public security face verification service system for verification. The public security face authentication service system can be understood as a third-party authentication system, belongs to the existing authentication system, can directly complete the authentication of legal identity information, and is generally provided with a third-party service interface when in application, and the interaction with the public security face authentication service system can be realized by calling the third-party service interface. The implementation of the public security face authentication service system for authentication of legal identity belongs to the conventional technical means in the field, and is not specifically described here, for example: the public security face verification service system is provided with a large database, the most authoritative legal identity information of each user is stored in the large database, and the legal identity information to be verified is compared with the authoritative legal identity information in the database, so that a verification result can be obtained.
For the public security face verification service system, after the verification result is obtained, the verification result can be directly fed back; the verification result can be signed and then fed back. If the public security face verification service system feeds back the signed result, before determining whether the legal identity information passes the verification according to the legal identity information verification result, the method further comprises the following steps: acquiring certificate data of a public security face verification service system; verifying whether the legal identity information verification result is a valid result or not according to the certificate data; correspondingly, determining whether the legal identity information passes the verification according to the legal identity information verification result comprises the following steps: and when the legal identity information verification result is determined to be a valid result, determining whether the legal identity information passes the verification according to the legal identity information verification result.
In this embodiment, when verifying whether the statutory authentication result is a valid result based on the certificate data, two verification processes are included, the first verification process verifying whether the certificate is a valid certificate, and the second verification process verifying the statutory authentication result based on the valid certificate. In the first authentication procedure, the authentication procedure may be performed with reference to the standard X509 certificate authentication method (which is well known in the art). In the second verification process, it can be understood that the public security face verification service system performs signature by the private key of the digital certificate thereof when performing signature, so that, during verification, the public key of the valid certificate can be firstly used for decrypting the signature to obtain a result, then a result is obtained by calculation based on specific data in the verification result, the two results are compared, if the two results are consistent, the verification is passed, and if the two results are not consistent, the verification is not passed. In addition, if the certificate verification result represents that the certificate is not a valid certificate in the first verification process, a second verification process is not needed; if the certificate verification result in the first verification process represents that the certificate is a valid certificate, the second verification process is performed. In the second authentication process, if the authentication result is determined to be a valid result, the authentication result is used as the authentication result of the legal identity information, such as: and if the verification result indicates that the legal identity information passes the verification, determining that the legal identity information passes the verification.
In the embodiment of the application, the collected legal identity information is verified through the public security face verification service system, so that the reliability and the effectiveness of the collected legal identity information are ensured. The legal identity information verification result fed back by the public security face verification service system is also subjected to tampering in the feedback process, so that the verification result is also subjected to validity verification, and the reliability of the verification result of the legal identity information is ensured.
For the industry identity information, the industry identity information may have different identification modes in different industries, for example, in the Education industry, the industry identity information is identified by an ESN (Education Security Number); in the medical industry, industry identity information is identified by various standards established in medicine, and the like.
As an alternative implementation, taking the educational industry as an example, step 101 includes: generating a generation request of education ESN information according to legal identity information; sending the generation request to an education ESN generation system; and receiving and storing the unique education ESN information fed back by the education ESN generation system.
In this embodiment, by means of the third-party education ESN generation system of the education industry, the legal identity information is sent to the generation system, and the generation system can automatically generate the corresponding education ESN, and the corresponding education ESN is the only education ESN information corresponding to the legal identity information, so that the education ESN can be directly stored as the industry identity information.
In the embodiment of the application, for the education industry, the industry identity information can be requested to the education ESN generation system through the legal identity information, and the effective acquisition of the industry identity information based on the legal identity information is realized.
For other industries, such a third party platform is usually provided for providing identification of industry identity information, and therefore, for other industries, the implementation manner of step 101 is similar to that of the third party platform to generate industry identity information. Of course, if other industries do not have such a third-party platform, the identity information generation system may also formulate a generation rule of the industry identity information according to the corresponding industry, and then generate the industry identity information based on the pre-formulated generation rule by the identity information generation system.
After the step 101 is completed, the generation of legal identity information and the generation of industry identity information are equivalently completed, and at this time, the step 102 is executed to generate a signature public key, which can be understood as a process of setting a password and is generated by a back end according to a preset rule or standard.
After the public signature key is generated in step 102, step 103 is executed to generate an application request of a signature certificate according to the industry identity information and the public signature key. The certificate may include other information required for applying for a certificate, in addition to the industry identity information and the public signature key, which is not limited herein. The signed certificate is used to represent the digital identity of the user, which step may also be understood as an application request for generating the digital identity.
After the application request is generated in step 103, step 104 is executed to transmit the application request to a third party CA (Certificate Authority) system. After the third-party CA system receives the application request of the certificate, a signature certificate is generated based on the industry identity information and the signature public key and then sent to the back end, and the back end receives and stores the integer signed and sent by the third-party CA system, namely the generation of the digital identity is completed.
With reference to fig. 2, an implementation flow diagram of the process shown in fig. 1 in practical application (application in the educational industry) is shown, and in the process of fig. 2:
firstly, the education identity generation system stores names, identity card information, student status information and living body face information acquired by a camera, which are input by a user, and provides basic data for subsequent identity generation.
Then, the public security face authentication service system is requested to acquire certificate data (to prepare for signature verification of legal identity information authentication result data), the validity of the certificate is verified (by referring to a standard X509 certificate verification method), and data storage is performed after the validity of the certificate is verified.
And then, the name, the identity card information and the living body face data are obtained from the personal basic data, the face verification is requested from a public security face verification service system, the public security face verification service system verifies and verifies the received information, the verification result is signed, and the verification result and the result signature value are returned to the credible education digital identity generating system.
Then, the education identity generation system analyzes the returned result of the public security face verification, namely 'YES'/'NO'; returning a result of NO to represent that the legal identity authentication of the current user fails, directly quitting, and generating an education identity failure; and returning to the result of YES, continuously verifying the attached signature value, representing that the legal identity verification of the current user is successful if the signature verification is successful, and continuing the subsequent steps.
Further, the ESN (education security number) information is requested to be generated from the ESN generating system using statutory identity information (identification number, type, name), and the ESN generating system generates a unique ESN as the industry identity information based on the statutory identity information.
Further, the educational identity generating system applies for a signature certificate to a third party CA system using the generated ESN, the generated public signature key, and other information required for certificate application.
And finally, the third party CA verifies the information of the applicant and then issues a related signature certificate, wherein the signature certificate represents the digital identity and serves as a service application certificate of the service system.
It can be seen from the above implementation flow that after the generation process of the identity information is completed, the final generated result is the digital identity, in the subsequent application process, the user only needs to use the digital identity as the service application certificate of the service system, and the authentication system of the service system performs the authentication of the identity based on the certificate.
Referring to fig. 3, a flowchart of an authentication method provided in an embodiment of the present application is shown, where the method is applicable to an authentication system, and the method includes:
step 201: when the signature certificate of the user to be verified is determined to be a valid signature certificate, the valid signature certificate is analyzed, and first business identity information of the user to be verified is obtained. The signature certificate is used for representing the digital identity of the user to be verified.
Step 202: and acquiring legal identity information of the user to be authenticated, and determining second industry identity information through the legal identity information.
Step 203: and determining whether the industry identity information of the user to be verified passes the verification or not according to the first industry identity information and the second industry identity information.
Step 204: and when the industry identity information of the user to be verified is confirmed to pass the verification, verifying the legal identity information.
Step 205: and when the legal identity information is confirmed to pass the authentication, confirming that the user to be authenticated passes the authentication.
In the embodiment of the application, when identity authentication is carried out, when a signature certificate (equivalent to a digital identity of a user) of a user to be authenticated is determined to be a valid signature certificate, first industry identity information of the user to be authenticated is obtained, on one hand, the digital identity information and the industry identity information have a binding relationship, so that the industry identity information has traceability; on the other hand, when the digital identity passes the verification, further identity verification is carried out. And then, determining second industry information through the legal identity information of the user to be verified, verifying the industry identity of the user based on the first industry information and the second industry information, wherein the legal identity information and the industry identity information also have a binding relationship, so that the reliable verification of the industry identity information is realized by combining the two binding relationships of the industry identity information, the legal identity information and the digital identity information. And finally, carrying out legal identity verification, wherein after the legal identity verification is passed, the user to be verified passes the identity verification. Therefore, the three identities are combined to carry out identity verification, and the triple identities have corresponding binding relations, so that the verification of the triple identities of the digital identity, the industrial identity and the legal identity can be finally realized, and the effective and reliable identity verification is ensured.
The detailed implementation of step 201-step 205 will be described next.
In step 201, the execution condition is defined that the signature certificate of the user to be verified is a valid signature certificate, in other words, the signature certificate represents the digital identity of the user, and when the signature certificate is valid, the digital identity of the user is proved to be verified. Based on the process of generating identity information in the foregoing embodiment, it can be seen that the final generated result is a digital identity, and legal identity information and industry identity information can be traced back only by the digital identity, so that it is required to ensure that the digital identity of the user to be authenticated is authenticated first, and then subsequent authentication of the identity information can be performed. If the signature certificate of the user to be verified is not a valid signature certificate, subsequent identity information verification is not needed, and the identity verification of the user is directly judged to be failed.
Therefore, before step 201, the method further includes a validity verification process for the signed certificate, and as an optional implementation, the verification process for the signed certificate includes: acquiring a signature certificate of a user to be verified; generating a certificate verification request based on the signed certificate; sending the certificate verification request to a third party certificate verification system; receiving a certificate validity verification result fed back by a third party certificate verification system; and determining whether the signature certificate is a valid signature certificate according to the certificate validity verification result.
When a user has a service requirement, a request is initiated on a service system, the request is attached with a signature certificate (namely digital identity information) of the user, the service system requests a verification system to perform verification, and the verification system can acquire the signature certificate of the user from the request. In practical applications, the verification system and the service system may be different system modules of the same system, and in the embodiment of the present application, for differentiation, they are described separately. Then, the verification system generates a certificate verification request based on the signed certificate and sends the certificate verification request to a third-party certificate verification system, and the third-party certificate verification system is a platform specially used for verifying the validity of the certificate. The process of validity verification comprises the following steps: CRL (Certificate Revocation List) List verification, Certificate validity period verification, Certificate authority verification. The specific authentication process involved is common knowledge in the art and will not be described herein. And after the third-party certificate verification system completes verification, feeding back a verification result to the verification system.
When the third-party certificate verification system feeds back the verification result, the third-party certificate verification system usually signs the verification result and sends the signed result to the verification system. Therefore, as an optional implementation manner for the verification system, before determining the validity of the signature certificate according to the verification result, the method further includes: verifying whether the certificate validity verification result is a valid result; correspondingly, determining whether the signature certificate is a valid signature certificate according to the certificate validity verification result comprises: and when the certificate validity verification result is determined to be a valid result, determining whether the signature certificate is a valid signature certificate according to the certificate validity verification result.
In this embodiment, in order to ensure the reliability of the final certificate verification result, the validity of the certificate verification result may be verified by obtaining the signature certificate of the third-party certificate verification system, and the verification process is the same as the verification process for the verification result of the third-party certificate verification system described in the foregoing embodiment, and will not be described again here.
Correspondingly, if the validity verification result of the certificate verification result is valid, the validity of the user's signature certificate indicated in the certificate verification result is the validity of the user's signature certificate. Such as: and the certificate verification result shows that the signature certificate of the user is a valid certificate, and the signature certificate is determined to be the valid certificate. If the validity verification result of the certificate verification result is invalid, the certificate verification result is not available, and at the moment, re-verification can be requested, or other third-party verification systems can be requested to re-verify.
In the embodiment of the application, the validity of the signature certificate of the user to be verified is verified through the third-party certificate verification system, so that the digital identity of the user to be verified is verified. The certificate validity verification result fed back by the third-party certificate verification system is also at risk of being tampered in the sending process, so that the validity verification result is also verified, and the reliability of the verification result of the digital identity is ensured.
And when the signature certificate of the user to be verified is determined not to be the valid signature certificate, directly feeding back verification failure to the user, and not executing subsequent processes. When the signature certificate of the user to be verified is determined to be a valid certificate, step 101 is executed to analyze the valid signature certificate and obtain the industry identity information in the signature certificate. It can be understood that when the signature certificate is generated, the signature certificate is issued by the third-party system based on the industry identity information, so that the industry identity information and the signature certificate have a corresponding relationship, and the first acquired industry identity information is the industry identity information bound with the signature certificate.
After step 101, step 102 is executed to obtain legal identity information of the user to be authenticated, and determine second industry identity information through the legal identity information. As described in the foregoing embodiments, the corresponding industry identity information can also be obtained based on the legal identity information, and thus, the determined second industry identity information is the industry identity information bound with the legal identity information.
Continuing with the example of educational industry identity information, where the first industry identity information is a first educational ESN information, as an alternative implementation, step 102 includes: generating a query request according to the legal identity information; sending the query request to an education ESN generation system; and receiving second education ESN information corresponding to legal identity information fed back by the education ESN generation system, wherein the second education ESN information is second industry identity information. It is understood that this embodiment is the same as the embodiment for determining the industry identity information based on the statutory identity information described in the previous embodiment, and a detailed description thereof will not be repeated here.
In the embodiment of the application, for the education industry, the industry identity information can be requested to the education ESN generation system through the legal identity information, and the effective acquisition of the industry identity information based on the legal identity information is realized.
Further, after the second industry identity information is determined in step 102, step 103 is executed to determine whether the industry identity information of the user to be authenticated passes the authentication according to the first industry identity information and the second industry identity information. As an alternative embodiment, step 103 includes: and comparing the first industry identity information with the second industry identity information, and if the first industry identity information is consistent with the second industry identity information, the industry identity information passes the verification. And if the first industry identity information is inconsistent with the second industry identity information, the industry identity information is not verified.
It can be understood that the first identity information is information bound with the signature certificate, the second identity information is information bound with the legal identity information, if the two are not identical, and on the premise that the signature certificate is a valid certificate, it is stated that the information bound with the signature certificate is possibly tampered, or the validity of the legal identity information is possibly in question, and in any case, it can be determined that the industry identity information is not verified, but in the second case, the industry identity information is not verified due to the legal identity information.
Further, if it is determined in step 103 that the industry identity information of the user to be authenticated is authenticated, step 104 is executed to authenticate the legal identity information. As an alternative embodiment, step 104 includes: generating a legal identity information verification request according to the legal identity information; sending the legal identity authentication request to a public security face authentication service system; receiving a legal identity information verification result returned by the public security face verification service system; and determining whether the legal identity information passes the verification according to the verification result of the legal identity information.
Before determining whether the legal identity information passes the verification according to the legal identity information verification result, the method further comprises the following steps: verifying whether the legal identity information verification result is a valid result or not; correspondingly, determining whether the legal identity information passes the verification according to the legal identity information verification result comprises the following steps: and when the legal identity information verification result is determined to be a valid result, determining whether the legal identity information passes the verification according to the legal identity information verification result.
In the embodiment of the present application, the verification process of the statutory authentication in the authentication phase is the same as the verification process of the statutory authentication in the authentication phase, so the implementation details of this embodiment are described with reference to the foregoing embodiment, and will not be described again here.
In step 104, if the legal identity information passes the authentication, step 105 is executed to determine that the user to be authenticated passes the authentication, the authentication system feeds back the authentication result to the service system, and the service system can perform subsequent service flow operations for the user. And if the legal identity information is not verified, determining that the user to be verified is not verified, not executing subsequent service flow operation, feeding back a verification failure result to the service system, and feeding back the result to the user by the service system.
With reference to fig. 4, an alternative implementation flow of the flow shown in fig. 3 in practical application (applied to the education industry) is shown in combination with the above description of the embodiment, and the implementation flow generally includes:
firstly, the education identity verification system (hereinafter referred to as verification system) calls a certificate verification interface provided by a third-party CA certificate verification system to verify the validity information of the certificate representing the education digital identity (hereinafter referred to as signature certificate), wherein the validity information of the certificate representing the education digital identity comprises a CRL list of the certificate, the validity period of the certificate and a certificate issuing authority.
And then, the verification system receives a result returned by the certificate verification service of the third-party CA, the signature verification is carried out on the signature result by using the public key of the certificate after the verification is passed, the digital identity verification is completed, the signature verification is directly quitted if the signature verification fails, and the subsequent identity verification step is continued after the signature verification succeeds.
And then, the certificate validity and the signature validity are verified, and the signature certificate is analyzed to obtain and store the ESN information.
Further, the verification system requests the education ESN generation system to inquire the ESN using the personal basic information (identification card information) from the service system, and the ESN generation system returns its corresponding ESN information according to the inputted personal basic information.
Further, the verification system completes education identity verification by comparing whether the certificate ESN is consistent with the certificate ESN from the ESN generation system; and if the ESNs are not consistent, directly quitting, and if the ESNs are consistent, performing the subsequent identity verification step.
And finally, the verification system uses the living body face information and the personal basic information of the service system to request legal identity verification from the public security face verification service system, and returns a final verification result to the service system to finish the verification of the credible education digital identity.
According to the technical scheme provided by the embodiment of the application, the user identity comprises a legal identity, an industry identity and a digital network triple identity, and the triple identities are mutually associated through generation, use and verification of the triple identities, so that the problem existing in single identity verification is solved, and the reliability and the effectiveness of identity information are ensured.
Based on the same inventive concept, please refer to fig. 5, an embodiment of the present application further provides an identity information generating apparatus 300, including: a first processing module 301 and a second processing module 302.
The first processing module 301 is configured to determine and store industry identity information of a user according to legal identity information when it is determined that the legal identity information of the user passes authentication; a second processing module 302, configured to generate a public signature key; generating an application request of a signature certificate according to the industry identity information and the signature public key; the signing certificate is for representing a digital identity of the user; sending the application request to a third-party CA system; and receiving the signed certificate issued by the third-party CA system.
Optionally, the identity information generating apparatus 300 further includes a third processing module, configured to collect legal identity information of the user; generating a legal identity information verification request of the user according to the legal identity information; receiving a legal identity information verification result fed back by the public security face verification service system; and determining whether the legal identity information passes the verification according to the legal identity information verification result.
Optionally, the third processing module is further configured to: acquiring certificate data of a public security face verification service system; verifying whether the legal identity information verification result is a valid result or not according to the certificate data; and the system is specifically used for determining whether the legal identity information passes the verification according to the legal identity information verification result when the legal identity information verification result is determined to be a valid result.
Optionally, the first processing module 301 is specifically configured to: generating a generation request of the education ESN information according to the legal identity information; sending the generation request to an educational ESN generation system; and receiving and storing the unique education ESN information fed back by the education ESN generation system.
Based on the same inventive concept, please refer to fig. 6, an embodiment of the present application further provides an identity information verification apparatus 400, including: a first authentication module 401 and a second authentication module 402.
The first verification module 401 is configured to, when it is determined that the signature certificate of the user to be verified is a valid signature certificate, parse the valid signature certificate, and obtain first business identity information of the user to be verified; acquiring legal identity information of the user to be verified, and determining second industry identity information through the legal identity information; and determining whether the industry identity information of the user to be verified passes verification according to the first industry identity information and the second industry identity information. A second verification module 402, configured to verify the legal identity information when it is determined that the industry identity information of the user to be verified passes verification; and when the legal identity information is confirmed to pass the authentication, confirming that the user to be authenticated passes the authentication.
Optionally, the identity information verification apparatus 400 further includes a third verification module, configured to: acquiring a signature certificate of the user to be verified; generating a certificate verification request based on the signed certificate; sending the certificate verification request to a third party certificate verification system; receiving a certificate validity verification result fed back by the third-party certificate verification system; and determining whether the signature certificate is a valid signature certificate according to the certificate validity verification result.
Optionally, the third verification module is further configured to: verifying whether the certificate validity verification result is a valid result; and in particular for: and when the certificate validity verification result is determined to be a valid result, determining whether the signature certificate is a valid signature certificate according to the certificate validity verification result.
Optionally, the first verification module 401 is specifically configured to: generating a query request according to the legal identity information; sending the query request to an education ESN generation system; and receiving second education ESN information corresponding to the legal identity information fed back by the education ESN generation system, wherein the second education ESN information is the second industry identity information.
Optionally, the second verifying module 402 is specifically configured to generate a statutory identity information verification request according to the statutory identity information; sending the legal identity authentication request to a public security face authentication service system; receiving a legal identity information verification result returned by the public security face verification service system; and determining whether the legal identity information passes the verification according to the legal identity information verification result.
Optionally, the second verifying module 402 is further configured to verify whether the legal identity information verification result is a valid result; and in particular for: and when the legal identity information verification result is determined to be a valid result, determining whether the legal identity information passes the verification according to the legal identity information verification result.
The embodiments and specific examples in the identity generation method and the identity verification method shown in fig. 1 and fig. 3 in the foregoing embodiments are respectively and equally applicable to the apparatuses in fig. 5 and fig. 6, and the implementation methods of the apparatuses in fig. 5 and fig. 6 can be clearly known by those skilled in the art through the foregoing detailed descriptions of the identity generation method and the identity verification method, so for the brevity of the description, detailed descriptions are omitted here.
Based on the same inventive concept, embodiments of the present application further provide a readable storage medium, where a computer program is stored on the readable storage medium, and the computer program is executed by a computer to perform the identity verification method and/or the identity generation method of any of the above embodiments.
In the embodiments provided in the present application, it should be understood that the disclosed apparatus and method may be implemented in other ways. The above-described embodiments of the apparatus are merely illustrative, and for example, the division of the units is only one logical division, and there may be other divisions when actually implemented, and for example, a plurality of units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection of devices or units through some communication interfaces, and may be in an electrical, mechanical or other form.
In addition, units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
Furthermore, the functional modules in the embodiments of the present application may be integrated together to form an independent part, or each module may exist separately, or two or more modules may be integrated to form an independent part.
In this document, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions.
The above description is only an example of the present application and is not intended to limit the scope of the present application, and various modifications and changes may be made by those skilled in the art. Any modification, equivalent replacement, improvement and the like made within the spirit and principle of the present application shall be included in the protection scope of the present application.
Claims (10)
1. An identity information verification method, comprising:
when the signature certificate of the user to be verified is determined to be a valid signature certificate, analyzing the valid signature certificate to acquire first business identity information of the user to be verified; the signature certificate is used for representing the digital identity of the user to be verified;
acquiring legal identity information of the user to be verified, and determining second industry identity information through the legal identity information;
determining whether the industry identity information of the user to be verified passes verification according to the first industry identity information and the second industry identity information;
when the industry identity information of the user to be verified is confirmed to pass verification, verifying the legal identity information;
and when the legal identity information is confirmed to pass the authentication, confirming that the user to be authenticated passes the authentication.
2. The method according to claim 1, wherein before the parsing the valid signature certificate and obtaining the first business identity information of the user to be verified when the signature certificate of the user to be verified is determined to be a valid signature certificate, the method further comprises:
acquiring a signature certificate of the user to be verified;
generating a certificate verification request based on the signed certificate;
sending the certificate verification request to a third party certificate verification system;
receiving a certificate validity verification result fed back by the third-party certificate verification system;
and determining whether the signature certificate is a valid signature certificate according to the certificate validity verification result.
3. The method of claim 1, wherein the first industry identity information is a first educational ESN information, and wherein determining a second industry identity information from the statutory identity information comprises:
generating a query request according to the legal identity information;
sending the query request to an education ESN generation system;
and receiving second education ESN information corresponding to the legal identity information fed back by the education ESN generation system, wherein the second education ESN information is the second industry identity information.
4. The method of claim 1, wherein said verifying said statutory identity information comprises:
generating a legal identity information verification request according to the legal identity information;
sending the legal identity authentication request to a public security face authentication service system;
receiving a legal identity information verification result returned by the public security face verification service system;
and determining whether the legal identity information passes the verification according to the legal identity information verification result.
5. The method of claim 4, wherein prior to said determining whether said statutory identity information is verified based on said statutory identity information verification result, said method further comprises:
verifying whether the legal identity information verification result is a valid result or not;
correspondingly, the determining whether the legal identity information passes the verification according to the legal identity information verification result comprises:
and when the legal identity information verification result is determined to be a valid result, determining whether the legal identity information passes the verification according to the legal identity information verification result.
6. An identity information generation method, comprising:
when the legal identity information of the user is confirmed to pass verification, the industry identity information of the user is confirmed and stored according to the legal identity information;
generating a signature public key;
generating an application request of a signature certificate according to the industry identity information and the signature public key; the signing certificate is for representing a digital identity of the user;
sending the application request to a third-party CA system;
and receiving the signed certificate issued by the third-party CA system.
7. The method of claim 6, wherein the industry identity information is educational ESN information, and wherein determining and storing the industry identity information of the user based on the statutory identity information comprises:
generating a generation request of the education ESN information according to the legal identity information;
sending the generation request to an educational ESN generation system;
and receiving and storing the unique education ESN information fed back by the education ESN generation system.
8. An identity information verification apparatus, comprising:
the first verification module is used for analyzing the valid signature certificate to acquire first business identity information of the user to be verified when the signature certificate of the user to be verified is determined to be the valid signature certificate;
the first verification module is further used for acquiring legal identity information of the user to be verified and determining second industry identity information through the legal identity information;
the first verification module is further used for determining whether the industry identity information of the user to be verified passes verification according to the first industry identity information and the second industry identity information;
the second verification module is used for verifying the legal identity information when the industry identity information of the user to be verified is confirmed to pass verification;
and when the legal identity information is confirmed to pass the authentication, confirming that the user to be authenticated passes the authentication.
9. An identity information generation apparatus, comprising:
the first processing module is used for determining and storing the industry identity information of the user according to the legal identity information when the legal identity information of the user is verified;
the second processing module is used for generating a signature public key;
the second processing module is further configured to: generating an application request of a signature certificate according to the industry identity information and the signature public key; the signing certificate is for representing a digital identity of the user; sending the application request to a third-party CA system; and receiving the signed certificate issued by the third-party CA system.
10. A readable storage medium, having stored thereon a computer program which, when executed by a computer, performs the method of any one of claims 1-7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011281929.8A CN112380509A (en) | 2020-11-16 | 2020-11-16 | Identity information generation and verification method, device and readable storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011281929.8A CN112380509A (en) | 2020-11-16 | 2020-11-16 | Identity information generation and verification method, device and readable storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN112380509A true CN112380509A (en) | 2021-02-19 |
Family
ID=74585538
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011281929.8A Pending CN112380509A (en) | 2020-11-16 | 2020-11-16 | Identity information generation and verification method, device and readable storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112380509A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115941199A (en) * | 2022-11-11 | 2023-04-07 | 南方电网数字电网研究院有限公司 | Identity information verification method, apparatus, device, storage medium, and program product |
| CN115941199B (en) * | 2022-11-11 | 2024-06-25 | 南方电网数字电网研究院有限公司 | Identity information verification method, apparatus, device, storage medium and program product |
Citations (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP2012208855A (en) * | 2011-03-30 | 2012-10-25 | Nomura Research Institute Ltd | Identity confirmation system and identity confirmation method |
| CN103856478A (en) * | 2012-12-06 | 2014-06-11 | 阿里巴巴集团控股有限公司 | Certificate signing and issuing method of trusted network, attestation method of trusted network and corresponding devices |
| CN106469261A (en) * | 2015-08-21 | 2017-03-01 | 阿里巴巴集团控股有限公司 | A kind of auth method and device |
| CN106603532A (en) * | 2016-12-16 | 2017-04-26 | 南方城墙信息安全科技有限公司 | Composite education finance card authentication method and system |
| CN108683646A (en) * | 2018-04-28 | 2018-10-19 | 厦门美图之家科技有限公司 | A kind of authentication method and computing device |
| US20190173873A1 (en) * | 2017-12-01 | 2019-06-06 | Averon Us, Inc. | Identity verification document request handling utilizing a user certificate system and user identity document repository |
| CN110012028A (en) * | 2019-04-19 | 2019-07-12 | 福建医联康护信息技术有限公司 | Medical identity identifying method and system |
| CN110009314A (en) * | 2019-04-18 | 2019-07-12 | 武汉鼠标科技有限公司 | A kind of educational system and teaching platform of the behavioural analysis based on big data |
| CN110135992A (en) * | 2019-05-14 | 2019-08-16 | 北京智签科技有限公司 | The acquisition methods and acquisition device of block chain network Fabric-CA digital certificate |
| US20190260594A1 (en) * | 2018-02-19 | 2019-08-22 | Microsoft Technology Licensing, Llc | Identity-Based Certificate Authority System Architecture |
| WO2019196834A1 (en) * | 2018-04-11 | 2019-10-17 | 深圳技术大学 | Blockchain platform-based autonomous and supervisable digital identity authentication system |
| CN111064573A (en) * | 2018-10-16 | 2020-04-24 | 金联汇通信息技术有限公司 | Digital certificate generation method, authentication method and electronic equipment |
-
2020
- 2020-11-16 CN CN202011281929.8A patent/CN112380509A/en active Pending
Patent Citations (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP2012208855A (en) * | 2011-03-30 | 2012-10-25 | Nomura Research Institute Ltd | Identity confirmation system and identity confirmation method |
| CN103856478A (en) * | 2012-12-06 | 2014-06-11 | 阿里巴巴集团控股有限公司 | Certificate signing and issuing method of trusted network, attestation method of trusted network and corresponding devices |
| CN106469261A (en) * | 2015-08-21 | 2017-03-01 | 阿里巴巴集团控股有限公司 | A kind of auth method and device |
| CN106603532A (en) * | 2016-12-16 | 2017-04-26 | 南方城墙信息安全科技有限公司 | Composite education finance card authentication method and system |
| US20190173873A1 (en) * | 2017-12-01 | 2019-06-06 | Averon Us, Inc. | Identity verification document request handling utilizing a user certificate system and user identity document repository |
| US20190260594A1 (en) * | 2018-02-19 | 2019-08-22 | Microsoft Technology Licensing, Llc | Identity-Based Certificate Authority System Architecture |
| WO2019196834A1 (en) * | 2018-04-11 | 2019-10-17 | 深圳技术大学 | Blockchain platform-based autonomous and supervisable digital identity authentication system |
| CN108683646A (en) * | 2018-04-28 | 2018-10-19 | 厦门美图之家科技有限公司 | A kind of authentication method and computing device |
| CN111064573A (en) * | 2018-10-16 | 2020-04-24 | 金联汇通信息技术有限公司 | Digital certificate generation method, authentication method and electronic equipment |
| CN110009314A (en) * | 2019-04-18 | 2019-07-12 | 武汉鼠标科技有限公司 | A kind of educational system and teaching platform of the behavioural analysis based on big data |
| CN110012028A (en) * | 2019-04-19 | 2019-07-12 | 福建医联康护信息技术有限公司 | Medical identity identifying method and system |
| CN110135992A (en) * | 2019-05-14 | 2019-08-16 | 北京智签科技有限公司 | The acquisition methods and acquisition device of block chain network Fabric-CA digital certificate |
Non-Patent Citations (1)
| Title |
|---|
| 张潇;: "省级教育数字认证***总体规划与设计", 互联网天地, no. 01 * |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115941199A (en) * | 2022-11-11 | 2023-04-07 | 南方电网数字电网研究院有限公司 | Identity information verification method, apparatus, device, storage medium, and program product |
| CN115941199B (en) * | 2022-11-11 | 2024-06-25 | 南方电网数字电网研究院有限公司 | Identity information verification method, apparatus, device, storage medium and program product |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN107079034B (en) | Identity authentication method, terminal equipment, authentication server and electronic equipment | |
| CN108834144B (en) | Method and system for managing association of operator number and account | |
| EP3499795A1 (en) | Authentication system and method, and user equipment, authentication server, and service server for performing same method | |
| CN110098932B (en) | Electronic document signing method based on safe electronic notarization technology | |
| US20200403796A1 (en) | Platform and method of certification of an electronic contract for electronic identification and trust services (eidas) | |
| CN118069741A (en) | Method and apparatus for acquiring and recording tracking information on a blockchain | |
| CN108764848B (en) | Electronic contract signing method and system | |
| CN106850693B (en) | Real-name authentication method and real-name authentication system | |
| CN110113334B (en) | Contract processing method and device based on block chain and storage medium | |
| CN109245897B (en) | Node authentication method and device based on non-interactive zero-knowledge proof | |
| CN106713279A (en) | Video terminal identity authentication system | |
| CN110417724B (en) | Method, system, server and terminal for combined authentication of login states of application programs | |
| CN113452704B (en) | Distributed identity identification-based credible interconnection method and device for heterogeneous industrial equipment | |
| CN112905979B (en) | Electronic signature authorization method and device, storage medium and electronic device | |
| EP2262165B1 (en) | User generated content registering method, apparatus and system | |
| KR20200070124A (en) | Method for generating pki keys based on bioinformation on blockchain network and device for using them | |
| CN110445771A (en) | Intersection record evidence collecting method, device, medium and server based on block chain | |
| CN114024723B (en) | Online signing method and device based on ESOP system, equipment and medium | |
| CN114519206A (en) | Method for anonymously signing electronic contract and signature system | |
| CN106656507A (en) | Method and device for electronic authentication based on mobile terminal | |
| CN112104463B (en) | Electronic seal application method based on alliance block chain | |
| US20190052632A1 (en) | Authentication system, method and non-transitory computer-readable storage medium | |
| EP3883204B1 (en) | System and method for secure generation, exchange and management of a user identity data using a blockchain | |
| CN110535649B (en) | Data circulation method and system, service platform and first terminal device | |
| CN106559433B (en) | Method and system for fixing electronic evidence and user identity by using digital certificate |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |