CN118018185A - Network configuration method, device, equipment and readable medium based on biological characteristics - Google Patents
Network configuration method, device, equipment and readable medium based on biological characteristics Download PDFInfo
- Publication number
- CN118018185A CN118018185A CN202311788449.4A CN202311788449A CN118018185A CN 118018185 A CN118018185 A CN 118018185A CN 202311788449 A CN202311788449 A CN 202311788449A CN 118018185 A CN118018185 A CN 118018185A
- Authority
- CN
- China
- Prior art keywords
- information
- network configuration
- network
- key
- user
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 61
- 238000012795 verification Methods 0.000 claims abstract description 43
- 238000004891 communication Methods 0.000 claims description 32
- 238000012545 processing Methods 0.000 claims description 17
- 239000000284 extract Substances 0.000 claims description 8
- 238000004590 computer program Methods 0.000 claims description 6
- 230000006870 function Effects 0.000 description 9
- 210000000554 iris Anatomy 0.000 description 9
- 230000008569 process Effects 0.000 description 9
- 230000001815 facial effect Effects 0.000 description 6
- 238000010586 diagram Methods 0.000 description 4
- 238000000605 extraction Methods 0.000 description 4
- 230000009471 action Effects 0.000 description 3
- 238000010606 normalization Methods 0.000 description 3
- 210000000697 sensory organ Anatomy 0.000 description 3
- 230000005540 biological transmission Effects 0.000 description 2
- 238000006243 chemical reaction Methods 0.000 description 2
- 210000000887 face Anatomy 0.000 description 2
- 239000003550 marker Substances 0.000 description 2
- 238000010295 mobile communication Methods 0.000 description 2
- 230000002093 peripheral effect Effects 0.000 description 2
- 239000007787 solid Substances 0.000 description 2
- 238000013500 data storage Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000000802 evaporation-induced self-assembly Methods 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 230000010354 integration Effects 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 239000013307 optical fiber Substances 0.000 description 1
- 230000001151 other effect Effects 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
- 230000009466 transformation Effects 0.000 description 1
Landscapes
- Small-Scale Networks (AREA)
Abstract
The embodiment of the invention provides a network configuration method, a device, equipment and a readable medium based on biological characteristics, which are applied to equipment to be distributed, wherein the method comprises the following steps: acquiring preset encrypted network configuration information issued by user equipment; collecting biological verification information provided by a user; generating decryption information based on the biometric authentication information and a preset key generation algorithm; decrypting the encrypted network configuration information by adopting the decryption information; obtaining network configuration information under the condition that the decryption information is correct; and accessing the network by adopting the network configuration information. By encrypting the network configuration information based on the biological characteristics of the user, the biological verification information provided by the user needs to be acquired during decryption, so that the network configuration information can be effectively prevented from being acquired by suspicious equipment, and the network security is prevented from being influenced.
Description
Technical Field
The present invention relates to the field of network technologies, and in particular, to a network configuration method based on biological characteristics, a network configuration device based on biological characteristics, an electronic device, and a computer readable medium.
Background
In the prior art, when a user needs to configure a device to access a network, network configuration information can be transmitted to different devices. In the data transmission process, if the network configuration information is transmitted to the wrong device, or the network configuration information is intercepted by other devices in the data transmission process, information leakage of the user may be caused, so that the suspicious device can access the network of the user, and the security risk exists in the device in the network of the user. Particularly, in the case that smart home devices such as security cameras, voice assistants, smart televisions and the like exist in a user network, privacy information of a user may be further revealed.
Disclosure of Invention
The embodiment of the invention provides a network configuration method, a network configuration device, electronic equipment and a computer readable storage medium based on biological characteristics, so as to solve the problem of security of equipment access to a network.
The embodiment of the invention discloses a network configuration method based on biological characteristics, which is applied to equipment to be distributed with a network, and comprises the following steps:
Acquiring preset encrypted network configuration information issued by user equipment;
Collecting biological verification information provided by a user;
Generating decryption information based on the biometric authentication information and a preset key generation algorithm;
decrypting the encrypted network configuration information by adopting the decryption information;
Obtaining network configuration information under the condition that the decryption information is correct;
And accessing the network by adopting the network configuration information.
Optionally, the step of generating decryption information based on the biometric authentication information and a preset key generation algorithm includes:
extracting first key feature information from the biometric information;
And generating decryption information based on the first key characteristic information and a preset key generation algorithm.
Optionally, the step of generating decryption information based on the first key feature information and a preset key generation algorithm includes:
Converting the first key feature information into a digital form to represent the first digital feature information by adopting a preset key generation algorithm;
and generating decryption information by adopting the first digital characteristic information.
Optionally, the method further comprises:
the user equipment acquires biological characteristic information of a user;
The user equipment generates key information by adopting the biological characteristic information and the key generation algorithm;
and the user equipment encrypts preset network configuration information by adopting the key information to obtain encrypted network configuration information.
Optionally, the step of generating key information by the user equipment using the biometric information and the key generation algorithm includes:
The user equipment extracts second key feature information from the biological feature information;
And the user equipment generates key information based on the second key characteristic information and the key generation algorithm.
Optionally, the step of generating, by the user equipment, key information based on the second key feature information and the key generation algorithm includes:
the user equipment performs standardization processing on the second key feature information to obtain standardized feature information;
And the user equipment adopts the standardized characteristic information and the key generation algorithm to generate key information.
Optionally, the method further comprises:
And deleting the collected biological verification information under the condition of confirming successful access to the network.
The embodiment of the invention also provides a network configuration device based on biological characteristics, which is applied to the equipment to be configured with the network, and the device comprises:
The encryption information acquisition module is used for acquiring encryption network configuration information issued by preset user equipment;
the biological information acquisition module is used for acquiring biological verification information provided by a user;
the decryption information generation module is used for generating decryption information based on the biological verification information and a preset key generation algorithm;
The decryption module is used for decrypting the encrypted network configuration information by adopting the decryption information;
the network configuration acquisition module is used for acquiring network configuration information under the condition that the decryption information is correct;
and the network access module is used for accessing the network by adopting the network configuration information.
Optionally, the decryption information generation module includes:
the first key feature extraction sub-module is used for extracting first key feature information from the biological verification information;
and the decryption information generation sub-module is used for generating decryption information based on the first key characteristic information and a preset key generation algorithm.
Optionally, the decryption information generation submodule includes:
The first characteristic information conversion unit is used for converting the first key characteristic information into a digital form to represent first digital characteristic information by adopting a preset key generation algorithm;
and the decryption information generating unit is used for generating decryption information by adopting the first digital characteristic information.
Optionally, the apparatus further comprises:
The biological characteristic information acquisition module is used for acquiring biological characteristic information of a user by the user equipment;
The key information generation module is used for generating key information by the user equipment through the biological characteristic information and the key generation algorithm;
And the encrypted network configuration information generation module is used for encrypting the preset network configuration information by the user equipment by adopting the key information to obtain encrypted network configuration information.
Optionally, the key information generating module includes:
The second key feature extraction sub-module is used for extracting second key feature information from the biological feature information by the user equipment;
And the key information generation sub-module is used for generating key information by the user equipment based on the second key characteristic information and the key generation algorithm.
Optionally, the key information generating submodule includes:
The standardized unit is used for carrying out standardized processing on the second key characteristic information by the user equipment to obtain standardized characteristic information;
And the key information generating unit is used for generating key information by the user equipment by adopting the standardized characteristic information and the key generation algorithm.
Optionally, the apparatus further comprises:
and the deleting module is used for deleting the collected biological verification information under the condition of confirming successful access to the network.
The embodiment of the invention also discloses electronic equipment, which comprises a processor, a communication interface, a memory and a communication bus, wherein the processor, the communication interface and the memory are communicated with each other through the communication bus;
The memory is used for storing a computer program;
the processor is configured to implement the method according to the embodiment of the present invention when executing the program stored in the memory.
Embodiments of the invention also disclose one or more computer-readable media having instructions stored thereon, which when executed by one or more processors, cause the processors to perform the methods described in the embodiments of the invention.
The embodiment of the invention has the following advantages:
The network configuration method based on the biological characteristics provided by the embodiment of the invention is used for acquiring the encrypted network configuration information issued by the preset user equipment; collecting biological verification information provided by a user; generating decryption information based on the biometric authentication information and a preset key generation algorithm; decrypting the encrypted network configuration information by adopting the decryption information; obtaining network configuration information under the condition that the decryption information is correct; and accessing the network by adopting the network configuration information. By encrypting the network configuration information based on the biological characteristics of the user, the biological verification information provided by the user needs to be acquired during decryption, so that the network configuration information can be effectively prevented from being acquired by suspicious equipment, and the network security is prevented from being influenced. Meanwhile, for a user, the network configuration of the equipment to be distributed can be safely and conveniently finished only by simply providing biological verification information, and the network configuration method has good usability.
Drawings
FIG. 1 is a flow chart of steps of a method for biometric-based network configuration provided in an embodiment of the present invention;
FIG. 2 is a flow chart of steps of another method for biometric-based network configuration provided in an embodiment of the present invention;
FIG. 3 is a block diagram of a network configuration device based on biological features according to an embodiment of the present invention;
FIG. 4 is a block diagram of an electronic device provided in an embodiment of the invention;
Fig. 5 is a schematic diagram of a computer readable medium provided in an embodiment of the invention.
Detailed Description
In order that the above-recited objects, features and advantages of the present invention will become more readily apparent, a more particular description of the invention will be rendered by reference to the appended drawings and appended detailed description.
Referring to fig. 1, a step flowchart of a network configuration method based on biological characteristics provided in an embodiment of the present invention is shown, where the method is applied to a device to be configured with a network, and the method specifically may include the following steps:
Step 101, obtaining encryption network configuration information issued by preset user equipment;
In the embodiment of the invention, the device to be configured can be a device which needs to be connected to a network such as a wireless network, a wired network, a mobile communication network, an internet of things and the like. The network equipment to be configured can comprise equipment such as a smart phone, a tablet computer, a notebook computer, a desktop computer, a router and the like. The intelligent control system can also be applied to intelligent home, various household appliances and equipment which can be connected to the Internet and have intelligent control functions, such as intelligent bulbs, intelligent sockets, intelligent door locks, intelligent cameras, intelligent sound boxes, intelligent air conditioners, intelligent televisions and the like.
In general, a network device to be configured needs to be connected to a network when initial setting is performed. When connecting to a network, the user may be requested to select a network name, enter a network password. Or other devices of the user can transmit information related to the network configuration such as a network name, a network password and the like to the device to be configured by adopting modes such as Bluetooth communication, NFC (Near field communication) communication, local wireless network communication and the like, so that the user can quickly complete the network configuration of the device to be configured by other devices without manually configuring the network of the device to be configured.
In the embodiment of the invention, a user can hold a user device, and the user device can be an electronic device capable of running an application program, such as a smart phone, a tablet computer, a notebook computer, a desktop computer and the like. In the user equipment, a network allocation application program for managing network configuration can be set, and in the case that the network equipment to be allocated needs to be accessed to the network, the user can configure the network for the network equipment to be allocated through the network allocation application program. Specifically, the network configuration application program can establish communication connection with the network device to be configured in a manner such as bluetooth communication, NFC communication, local wireless network communication, etc. based on the operation of the user, and send the network configuration information to the network device to be configured, so that the network device to be configured can be added into the network of the user based on the network configuration information. The network configuration information may generally describe information about the configuration of the network, such as a network name, a network password, and the like.
In order to improve the security of the data, the network configuration information issued by the user equipment may be encrypted, the network configuration information to be configured cannot be directly decrypted by the network equipment to be configured, and further operations are required by the user to provide the decrypted information for the network equipment to be configured, so that the network equipment to be configured can extract the correct network configuration information from the encrypted network configuration information.
Step 102, collecting biological verification information provided by a user;
In the embodiment of the invention, in order to improve the security of the network configuration information, the network configuration information can be encrypted based on the biological characteristic information of the user, such as fingerprint, face, iris and the like. In this case, the network device to be configured may collect biometric information provided by the user in order to decrypt the encrypted network configuration information. Wherein the biometric authentication information may be a biometric provided by the user for decrypting the encrypted network configuration information.
In a specific implementation, the to-be-distributed network device can be provided with a biological feature acquisition module, such as a camera, a fingerprint reader and the like, which can acquire biological features of a user. Under the condition that the network equipment to be distributed needs to decrypt the encrypted network configuration information, a user can be requested to provide biological characteristics such as fingerprints, faces, irises and the like as biological verification information through the biological characteristic acquisition module.
Meanwhile, generally, if the network device to be distributed needs to obtain the biometric information provided by the user, the network device to be distributed needs to be located at the user's side, and the user needs to agree to actively provide the biometric information. In this case, the network device to be provisioned can be generally considered as a device that the user can trust. Therefore, by collecting the biological verification information provided by the user, the possibility that the equipment to be distributed is suspicious equipment held by a non-user can be reduced, and the security of network configuration for the equipment to be distributed can be improved to a certain extent.
Step 103, generating decryption information based on the biological verification information and a preset key generation algorithm;
in the embodiment of the present invention, in the case that the network device to be distributed belongs to a compliant electronic device, a key generation algorithm may be preset, and the key generation algorithm may be used to process the biometric authentication information into a key as decryption information.
Specifically, the biometric information may generally have feature information, for example, a fingerprint feature may be extracted from a fingerprint image. The facial overall features and the five sense organs features can be extracted from the facial images. Iris shape features may be extracted from iris images. Thus, the network equipment to be distributed can further extract the characteristic information from the biological verification information, convert the characteristic information into a specific character string representation based on a key generation algorithm, and take the character string as decryption information.
Step 104, decrypting the encrypted network configuration information by adopting the decryption information;
In the embodiment of the invention, after obtaining the decryption information, the network equipment to be distributed can adopt the decryption information to attempt to decrypt the encrypted network configuration information, and under the conditions that the obtained correct biological verification information and the key generation algorithm are correct, the decryption information obtained by the network equipment to be distributed is also correct, and at the moment, the network equipment to be distributed can correctly decrypt the encrypted network configuration information. Under the condition that the biological characteristic information acquired by the network equipment to be distributed or a preset key generation algorithm is wrong, the network equipment to be distributed cannot correctly decrypt the encrypted network configuration information at the moment, so that the condition that the network equipment to be distributed is suspicious can be effectively avoided, the possibility that the suspicious equipment is accessed to a user network is avoided, and the security of network configuration is improved.
Step 105, obtaining network configuration information under the condition that the decryption information is correct;
And under the condition that the decryption information is correct, the network equipment to be configured can successfully decrypt the encrypted network configuration information to obtain unencrypted network configuration information.
And step 106, accessing the network by adopting the network configuration information.
After the network configuration information is obtained by the network configuration equipment, the network configuration information can be used for accessing the network. Specifically, the network configuration information may record information related to network configuration, such as a network name, a network password, etc., and may send a network access request to a corresponding network by using the network configuration information, where the network password is correct, and the network may be successfully accessed. Thus, the user can complete the network configuration of the network equipment to be configured quickly and safely by filling in the network configuration information manually and providing the biological verification information through the network configuration application program arranged in the user equipment.
The network configuration method based on the biological characteristics provided by the embodiment of the invention is used for acquiring the encrypted network configuration information issued by the preset user equipment; collecting biological verification information provided by a user; generating decryption information based on the biometric authentication information and a preset key generation algorithm; decrypting the encrypted network configuration information by adopting the decryption information; obtaining network configuration information under the condition that the decryption information is correct; and accessing the network by adopting the network configuration information. By encrypting the network configuration information based on the biological characteristics of the user, the biological verification information provided by the user needs to be acquired during decryption, so that the network configuration information can be effectively prevented from being acquired by suspicious equipment, and the network security is prevented from being influenced. Meanwhile, for a user, the network configuration of the equipment to be distributed can be safely and conveniently finished only by simply providing biological verification information, and the network configuration method has good usability.
Referring to fig. 2, a flowchart of steps of a network configuration method based on biological features provided in an embodiment of the present invention is shown, where the method is applied to a device to be configured with a network, and the method specifically may include the following steps:
step 201, obtaining encryption network configuration information issued by preset user equipment;
In the embodiment of the invention, the device to be configured can be a device which needs to be connected to a network such as a wireless network, a wired network, a mobile communication network, an internet of things and the like. The network equipment to be configured can comprise equipment such as a smart phone, a tablet computer, a notebook computer, a desktop computer, a router and the like. The intelligent control system can also be applied to intelligent home, various household appliances and equipment which can be connected to the Internet and have intelligent control functions, such as intelligent bulbs, intelligent sockets, intelligent door locks, intelligent cameras, intelligent sound boxes, intelligent air conditioners, intelligent televisions and the like.
In general, a network device to be configured needs to be connected to a network when initial setting is performed. When connecting to a network, the user may be requested to select a network name, enter a network password. Or other devices of the user can transmit information related to the configuration network, such as a network name, a network password and the like, to the device to be configured by adopting modes such as Bluetooth communication, NFC communication, local wireless network communication and the like, so that the user can quickly complete the network configuration of the device to be configured by the other devices without manually configuring the network of the device to be configured.
In the embodiment of the invention, a user can hold a user device, and the user device can be an electronic device capable of running an application program, such as a smart phone, a tablet computer, a notebook computer, a desktop computer and the like. In the user equipment, a network allocation application program for managing network configuration can be set, and in the case that the network equipment to be allocated needs to be accessed to the network, the user can configure the network for the network equipment to be allocated through the network allocation application program. Specifically, the network configuration application program can establish communication connection with the network device to be configured in a manner such as bluetooth communication, NFC communication, local wireless network communication, etc. based on the operation of the user, and send the network configuration information to the network device to be configured, so that the network device to be configured can be added into the network of the user based on the network configuration information. The network configuration information may generally describe information about the configuration of the network, such as a network name, a network password, and the like.
In order to improve the security of the data, the network configuration information issued by the user equipment may be encrypted, the network configuration information to be configured cannot be directly decrypted by the network equipment to be configured, and further operations are required by the user to provide the decrypted information for the network equipment to be configured, so that the network equipment to be configured can extract the correct network configuration information from the encrypted network configuration information.
In one embodiment of the present invention, the method further comprises:
s11, the user equipment acquires the biological characteristic information of the user;
specifically, in order to encrypt the network configuration information, the user device may first determine a key corresponding to the user based on the biometric of the user. Thus, the user device may first acquire biometric information of the user. The biometric information may be a biometric of the user, such as a fingerprint, face, iris, etc.
In a specific implementation, the user device may be provided with a biometric acquisition module, such as a camera, fingerprint reader, etc., that may acquire the user's biometric characteristics. The distribution network application program in the user equipment can acquire the biological characteristic information of the user through the biological characteristic acquisition module under the condition of user agreement.
Alternatively, the user may first log in his personal account in the distribution network application before acquiring the biometric information. After the user completes the personal account login, the network information that needs to be configured may be further determined. Specifically, the user can select the network name of the network to be configured from the network distribution application program and input the network password of the network, so that the network distribution application program can acquire the network information to be configured. Under the condition that the user equipment stores the network information corresponding to the network to be configured, the network information can be directly obtained from the user equipment under the condition of user agreement.
Then, the user can configure corresponding biometric information for the network configuration information of at least one network according to actual needs. Therefore, the user can select at least one network needing to be associated with the biological characteristic information according to the guidance of the distribution network application program, and provide the biological characteristic information to complete the association between the biological characteristic information and the network configuration information of the network. The present invention is not limited to this, and a plurality of networks may be associated with the same business feature information, or different networks may be associated with different biometric information.
S12, the user equipment adopts the biological characteristic information and the key generation algorithm to generate key information;
After the user equipment obtains the biometric information, the obtained biometric information and a preset key generation algorithm can be adopted to generate key information required for encrypting the network configuration information. Wherein the key generation algorithm may be used to process the biometric information as a key as key information.
Specifically, the biometric information may generally have feature information that is different from other users, for example, a fingerprint feature may be extracted from a fingerprint image. The facial overall features and the five sense organs features can be extracted from the facial images. Iris shape features may be extracted from iris images. Thus, the user device can extract the characteristic information different from other users from the biometric information, convert the characteristic information into a specific character string representation based on the key generation algorithm, and take the character string as key information.
S13, the user equipment encrypts preset network configuration information by adopting the key information to obtain encrypted network configuration information.
And then, under the condition that the network configuration information needs to be transmitted, the distribution network application program in the user equipment can adopt the key information to encrypt the network configuration information, so as to obtain the encrypted network configuration information.
In a specific implementation, the network configuration application program can store network configuration information and biological characteristic information of a user in advance, and under the condition that the network configuration information needs to be transmitted, the biological characteristic information is adopted to generate key information, the network configuration information is encrypted, and the encrypted network configuration information is obtained and then sent to the network equipment to be configured. The network configuration application program can also be used for acquiring the network configuration information when the user needs to perform network configuration in a safe biological characteristic database, generating key information by adopting the prestored biological characteristic information, encrypting the network configuration information, obtaining the encrypted network configuration information and then sending the encrypted network configuration information to the network equipment to be configured. In order to further improve the security, the distribution network application program can store network configuration information in advance, and under the condition that the network configuration information needs to be transmitted, the user is requested to provide biological characteristic information, the biological characteristic information is immediately adopted to generate key information, the network configuration information is encrypted, and after the encryption is finished, the biological characteristic information of the user is deleted, so that the biological characteristic information of the user is prevented from being revealed. The distribution network application may also obtain the stored network configuration information and the biometric information of the user in advance, and encrypt the network configuration information into encrypted network configuration information based on the biometric information of the user. And deleting the network configuration information and the biological characteristic information of the user so as to avoid the leakage of the biological characteristic information of the user and the network configuration information of the plaintext.
In one embodiment of the present invention, the step of generating key information by the user equipment using the biometric information and the key generation algorithm includes:
s21, the user equipment extracts second key feature information from the biological feature information;
In particular, the biometric information may generally have feature information that is different from other users. Meanwhile, in these feature information distinguished from other users, feature points more representative of other features may exist. For example, for a fingerprint image, feature points in which the overall shape, bifurcation point, end point, shape and trend of ridges and valleys, etc., of fingerprint lines are involved are more representative than other feature points. For the facial image, feature points in which the positions of the five sense organs and the overall facial contour are involved are more representative than other feature points. Thus, representative features can be extracted from the biometric information as second key feature information. The second key characteristic information is extracted, so that the data volume can be reduced, the subsequent generation of key information is facilitated, meanwhile, the second key characteristic information is obtained based on the biological characteristic information of the user, and the second key characteristic information can effectively represent the personal identity of the user, so that the subsequent generation of key information can be ensured to have higher security.
And S22, the user equipment generates key information based on the second key characteristic information and the key generation algorithm.
Specifically, after obtaining the second key feature information, the user equipment may use a key generation algorithm to convert the second key feature information into key information, so that key information for encrypting the network configuration information may be obtained.
In a specific implementation, the second key feature information may be subjected to operation processing by adopting a key generation algorithm, so as to obtain second digital feature information based on digital representation, and the second digital feature information is used as key information.
As a specific example of the present invention, for a fingerprint image, first, a bifurcation point and an end point may be extracted from the fingerprint image as feature points, thereby obtaining second key feature information. The bifurcation point may be a position where fingerprint lines are separated, and the end point may be a position where fingerprint lines start or end. Thereafter, a two-dimensional coordinate system can be constructed according to a key generation algorithm, and coordinates of the marker feature points are expressed as x and y. Meanwhile, angle information is adopted, and the direction from the characteristic point to the other characteristic point connected through the fingerprint lines is marked. The coordinates of the feature points and the extending direction of the feature points can be spliced into a long vector by the plurality of groups of vector information according to the fingerprint line growth route, so that second digital feature information expressed in a digital form can be obtained and used as key information.
Alternatively, in order to further improve the security of the key information, a hash function such as MD5, SHA-1, SHA-256, or the like may be used to convert the second digital characteristic information into a fixed-length character string as the key information. Therefore, the safety of the user biological characteristic information can be further improved, and the leakage of the user biological characteristic information is avoided. Meanwhile, due to small input difference, the operation result of the hash function can be obviously changed, so that the safety of key information can be further improved.
Optionally, in order to further improve the security of the key information, after the hash data is used to convert the second digital feature information into a character string with a fixed length, the character string may be hashed again to obtain the key information. Or, instead of using the complete character string as key information, only the character at a specific position in the character string is used to reconstruct a new character string as key information. For example, the first 10-bit characters in the character string may be used as key information, and the characters of 1, 3, 5, 7, 9, 10-bit characters in the character string may be used as key information, etc., which is not limited in the present invention.
In one embodiment of the present invention, the step of generating key information by the user equipment based on the second key feature information and the key generation algorithm includes:
s31, the user equipment performs standardization processing on the second key feature information to obtain standardized feature information;
Specifically, when the user characteristic information is collected, the user characteristic information may be affected by factors such as the collection progress of the device, the shooting angle, the fingerprint placement angle, and external light, so that a certain difference may exist in the collected user biological characteristic information, and a certain difference may also exist in the second key characteristic information. In this case, in order to make the second key feature information unified, the key generation result is prevented from being affected due to errors in the acquisition process. Before generating the key information, the second key feature information may be subjected to normalization processing to obtain normalized feature information.
Specifically, the normalization process may be to adjust the coordinate scale of the second key feature information, or adjust the rotation angle of the second key feature information, or redetermine the position of the two-dimensional coordinate system corresponding to the second key feature information, or align the second key feature information with a standard feature information, which is not limited in the present invention.
And S32, the user equipment adopts the standardized characteristic information and the key generation algorithm to generate key information.
After the normalization processing of the key information is completed, standardized characteristic information is obtained, a key generation algorithm can be adopted again to convert the standardized characteristic information into second digital characteristic information which is represented by numbers, and then the second digital characteristic information is used as the key information.
Step 202, collecting biological verification information provided by a user;
In the embodiment of the invention, in order to improve the security of the network configuration information, the network configuration information can be encrypted based on the biological characteristic information of the user, such as fingerprint, face, iris and the like. In this case, the network device to be configured may collect biometric information provided by the user in order to decrypt the encrypted network configuration information. Wherein the biometric authentication information may be a biometric provided by the user for decrypting the encrypted network configuration information.
In a specific implementation, the to-be-distributed network device can be provided with a biological feature acquisition module, such as a camera, a fingerprint reader and the like, which can acquire biological features of a user. Under the condition that the network equipment to be distributed needs to decrypt the encrypted network configuration information, a user can be requested to provide biological characteristics such as fingerprints, faces, irises and the like as biological verification information through the biological characteristic acquisition module.
Meanwhile, generally, if the network device to be distributed needs to obtain the biometric information provided by the user, the network device to be distributed needs to be located at the user's side, and the user needs to agree to actively provide the biometric information. In this case, the network device to be provisioned can be generally considered as a device that the user can trust. Therefore, by collecting the biological verification information provided by the user, the possibility that the equipment to be distributed is suspicious equipment held by a non-user can be reduced, and the security of network configuration for the equipment to be distributed can be improved to a certain extent.
Step 203, extracting first key feature information from the biological verification information;
Specifically, the biometric information may generally include characteristic information that is different from other users. Meanwhile, in these feature information distinguished from other users, feature points more representative of other features may exist. Thus, representative features can be extracted from the biometric information as first key feature information.
Step 204, generating decryption information based on the first key feature information and a preset key generation algorithm;
in the embodiment of the present invention, in the case that the network device to be distributed belongs to a compliant electronic device, a key generation algorithm may be preset, and the key generation algorithm may be used to process the biometric authentication information into a key as decryption information.
Specifically, after the first key feature information is obtained, the network to be configured may use a key generation algorithm to convert the first key feature information into decryption information, so that decryption information for decrypting the network configuration information may be obtained, where the decryption information may be the same as the key information for encrypting the network configuration information.
In one embodiment of the present invention, the step of generating decryption information based on the first key feature information and a preset key generation algorithm includes:
s41, converting the first key feature information into a digital form to represent the first digital feature information by adopting a preset key generation algorithm;
in a specific implementation, the first key feature information may be subjected to operation processing by adopting a key generation algorithm, so as to obtain first digital feature information based on digital representation.
As a specific example of the present invention, for a fingerprint image, first, a bifurcation point and an end point may be extracted from the fingerprint image as feature points, thereby obtaining first key feature information. The bifurcation point may be a position where fingerprint lines are separated, and the end point may be a position where fingerprint lines start or end. Thereafter, a two-dimensional coordinate system can be constructed according to a key generation algorithm, and coordinates of the marker feature points are expressed as x and y. Meanwhile, angle information is adopted, and the direction from the characteristic point to the other characteristic point connected through the fingerprint lines is marked. The coordinates of the feature points and the extending direction of the feature points can be spliced into a long vector by the plurality of groups of vector information according to the fingerprint line growth route, so that first digital feature information expressed in a digital form can be obtained.
Optionally, when the user characteristic information is collected, the collected biometric information of the user may have a certain difference due to the influence of factors such as the device collection progress, the shooting angle, the fingerprint placement angle, the external light, and the like, so that the first key characteristic information may also have a certain difference. In this case, in order to unify the first key feature information, the influence on the decryption information generation result due to errors in the acquisition process is avoided. The first key feature information may be normalized before the decryption information is generated.
S42, generating decryption information by using the first digital characteristic information.
In a specific implementation, the first digital characteristic information may be directly used as decryption information. And in the case where the key information is obtained by hash function processing based on the second digital feature, or is obtained by hash-transforming again after hash function processing or reconstructing a new character string using the character at a specific position in the character string. The same generation manner as the key information may be adopted at this time to perform hash function processing on the first digital feature information, or after the hash function processing, hash transformation may be performed again or a new character string may be reconstructed using the characters at the specific positions in the character string to obtain decryption information.
Step 205, decrypting the encrypted network configuration information by using the decryption information;
In the embodiment of the invention, after obtaining the decryption information, the network equipment to be distributed can adopt the decryption information to attempt to decrypt the encrypted network configuration information, and under the conditions that the obtained correct biological verification information and the key generation algorithm are correct, the decryption information obtained by the network equipment to be distributed is also correct, and at the moment, the network equipment to be distributed can correctly decrypt the encrypted network configuration information. Under the condition that the biological characteristic information acquired by the network equipment to be distributed or a preset key generation algorithm is wrong, the network equipment to be distributed cannot correctly decrypt the encrypted network configuration information at the moment, so that the condition that the network equipment to be distributed is suspicious can be effectively avoided, the possibility that the suspicious equipment is accessed to a user network is avoided, and the security of network configuration is improved.
Step 206, obtaining network configuration information under the condition that the decryption information is correct;
And under the condition that the decryption information is correct, the network equipment to be configured can successfully decrypt the encrypted network configuration information to obtain unencrypted network configuration information.
And step 207, accessing the network by adopting the network configuration information.
After the network configuration information is obtained by the network configuration equipment, the network configuration information can be used for accessing the network. Specifically, the network configuration information may record information related to network configuration, such as a network name, a network password, etc., and may send a network access request to a corresponding network by using the network configuration information, where the network password is correct, and the network may be successfully accessed. Thus, the user can complete the network configuration of the network equipment to be configured quickly and safely by filling in the network configuration information manually and providing the biological verification information through the network configuration application program arranged in the user equipment.
In one embodiment of the present invention, the method further comprises:
And S51, deleting the collected biological verification information under the condition of confirming successful access to the network.
Specifically, in the case that the network to be configured is successfully accessed to the network, it can be confirmed that the network to be configured has successfully acquired the correct network configuration information. In this case, the biometric information input by the user may have no other effect, and the biometric information collected may be deleted in order to secure the user's private data, avoiding the possibility of leakage of the biometric information.
The network configuration method based on the biological characteristics provided by the embodiment of the invention is used for acquiring the encrypted network configuration information issued by the preset user equipment; collecting biological verification information provided by a user; extracting first key feature information from the biometric information; generating decryption information based on the first key feature information and a preset key generation algorithm; decrypting the encrypted network configuration information by adopting the decryption information; obtaining network configuration information under the condition that the decryption information is correct; and accessing the network by adopting the network configuration information. By encrypting the network configuration information based on the biological characteristics of the user, the biological verification information provided by the user needs to be acquired during decryption, so that the network configuration information can be effectively prevented from being acquired by suspicious equipment, and the network security is prevented from being influenced. Meanwhile, for a user, the network configuration of the equipment to be distributed can be safely and conveniently finished only by simply providing biological verification information, and the network configuration method has good usability.
It should be noted that, for simplicity of description, the method embodiments are shown as a series of acts, but it should be understood by those skilled in the art that the embodiments are not limited by the order of acts, as some steps may occur in other orders or concurrently in accordance with the embodiments. Further, those skilled in the art will appreciate that the embodiments described in the specification are presently preferred embodiments, and that the acts are not necessarily required by the embodiments of the invention.
Referring to fig. 3, a block diagram of a network configuration device based on biological characteristics, which is applied to a network device to be configured, provided in an embodiment of the present invention, may specifically include the following modules:
The encryption information acquisition module 301 is configured to acquire preset encryption network configuration information issued by the user equipment;
a biological information acquisition module 302, configured to acquire biological verification information provided by a user;
A decryption information generation module 303, configured to generate decryption information based on the biometric authentication information and a preset key generation algorithm;
a decryption module 304, configured to decrypt the encrypted network configuration information using the decryption information;
a network configuration obtaining module 305, configured to obtain network configuration information when the decryption information is correct;
A network access module 306, configured to access a network using the network configuration information.
Optionally, the decryption information generation module includes:
the first key feature extraction sub-module is used for extracting first key feature information from the biological verification information;
and the decryption information generation sub-module is used for generating decryption information based on the first key characteristic information and a preset key generation algorithm.
Optionally, the decryption information generation submodule includes:
The first characteristic information conversion unit is used for converting the first key characteristic information into a digital form to represent first digital characteristic information by adopting a preset key generation algorithm;
and the decryption information generating unit is used for generating decryption information by adopting the first digital characteristic information.
Optionally, the apparatus further comprises:
The biological characteristic information acquisition module is used for acquiring biological characteristic information of a user by the user equipment;
The key information generation module is used for generating key information by the user equipment through the biological characteristic information and the key generation algorithm;
And the encrypted network configuration information generation module is used for encrypting the preset network configuration information by the user equipment by adopting the key information to obtain encrypted network configuration information.
Optionally, the key information generating module includes:
The second key feature extraction sub-module is used for extracting second key feature information from the biological feature information by the user equipment;
And the key information generation sub-module is used for generating key information by the user equipment based on the second key characteristic information and the key generation algorithm.
Optionally, the key information generating submodule includes:
The standardized unit is used for carrying out standardized processing on the second key characteristic information by the user equipment to obtain standardized characteristic information;
And the key information generating unit is used for generating key information by the user equipment by adopting the standardized characteristic information and the key generation algorithm.
Optionally, the apparatus further comprises:
and the deleting module is used for deleting the collected biological verification information under the condition of confirming successful access to the network.
The network configuration device based on the biological characteristics provided by the embodiment of the invention acquires the encrypted network configuration information issued by the preset user equipment; collecting biological verification information provided by a user; generating decryption information based on the biometric authentication information and a preset key generation algorithm; decrypting the encrypted network configuration information by adopting the decryption information; obtaining network configuration information under the condition that the decryption information is correct; and accessing the network by adopting the network configuration information. By encrypting the network configuration information based on the biological characteristics of the user, the biological verification information provided by the user needs to be acquired during decryption, so that the network configuration information can be effectively prevented from being acquired by suspicious equipment, and the network security is prevented from being influenced. Meanwhile, for a user, the network configuration of the equipment to be distributed can be safely and conveniently finished only by simply providing biological verification information, and the network configuration method has good usability.
For the device embodiments, since they are substantially similar to the method embodiments, the description is relatively simple, and reference is made to the description of the method embodiments for relevant points.
In addition, the embodiment of the invention also provides an electronic device, as shown in fig. 4, which comprises a processor 401, a communication interface 402, a memory 403 and a communication bus 404, wherein the processor 401, the communication interface 402 and the memory 403 complete communication with each other through the communication bus 404,
A memory 403 for storing a computer program;
Processor 1301, when executing the program stored in memory 1303, implements the following steps:
Acquiring preset encrypted network configuration information issued by user equipment;
Collecting biological verification information provided by a user;
Generating decryption information based on the biometric authentication information and a preset key generation algorithm;
decrypting the encrypted network configuration information by adopting the decryption information;
Obtaining network configuration information under the condition that the decryption information is correct;
And accessing the network by adopting the network configuration information.
Optionally, the step of generating decryption information based on the biometric authentication information and a preset key generation algorithm includes:
extracting first key feature information from the biometric information;
And generating decryption information based on the first key characteristic information and a preset key generation algorithm.
Optionally, the step of generating decryption information based on the first key feature information and a preset key generation algorithm includes:
Converting the first key feature information into a digital form to represent the first digital feature information by adopting a preset key generation algorithm;
and generating decryption information by adopting the first digital characteristic information.
Optionally, the method further comprises:
the user equipment acquires biological characteristic information of a user;
The user equipment generates key information by adopting the biological characteristic information and the key generation algorithm;
and the user equipment encrypts preset network configuration information by adopting the key information to obtain encrypted network configuration information.
Optionally, the step of generating key information by the user equipment using the biometric information and the key generation algorithm includes:
The user equipment extracts second key feature information from the biological feature information;
And the user equipment generates key information based on the second key characteristic information and the key generation algorithm.
Optionally, the step of generating, by the user equipment, key information based on the second key feature information and the key generation algorithm includes:
the user equipment performs standardization processing on the second key feature information to obtain standardized feature information;
And the user equipment adopts the standardized characteristic information and the key generation algorithm to generate key information.
Optionally, the method further comprises:
And deleting the collected biological verification information under the condition of confirming successful access to the network.
The communication bus mentioned by the above terminal may be a peripheral component interconnect standard (PERIPHERAL COMPONENT INTERCONNECT, abbreviated as PCI) bus or an extended industry standard architecture (Extended Industry Standard Architecture, abbreviated as EISA) bus, etc. The communication bus may be classified as an address bus, a data bus, a control bus, or the like. For ease of illustration, the figures are shown with only one bold line, but not with only one bus or one type of bus.
The communication interface is used for communication between the terminal and other devices.
The memory may include random access memory (Random Access Memory, RAM) or may include non-volatile memory (non-volatile memory), such as at least one disk memory. Optionally, the memory may also be at least one memory device located remotely from the aforementioned processor.
The processor may be a general-purpose processor, including a central processing unit (Central Processing Unit, abbreviated as CPU), a network processor (Network Processor, abbreviated as NP), etc.; but may also be a digital signal processor (DIGITAL SIGNAL Processing, DSP), application Specific Integrated Circuit (ASIC), field-Programmable gate array (FPGA) or other Programmable logic device, discrete gate or transistor logic device, discrete hardware components.
In yet another embodiment provided by the present invention, as shown in fig. 5, there is further provided a computer readable storage medium 501 having instructions stored therein, which when run on a computer, cause the computer to perform the method for configuring a network based on biological characteristics described in the above embodiment.
In yet another embodiment of the present invention, a computer program product containing instructions, which when run on a computer, causes the computer to perform the method of biometric-based network configuration described in the above embodiments is also provided.
In the above embodiments, it may be implemented in whole or in part by software, hardware, firmware, or any combination thereof. When implemented in software, may be implemented in whole or in part in the form of a computer program product. The computer program product includes one or more computer instructions. When loaded and executed on a computer, produces a flow or function in accordance with embodiments of the present invention, in whole or in part. The computer may be a general purpose computer, a special purpose computer, a computer network, or other programmable apparatus. The computer instructions may be stored in or transmitted from one computer-readable storage medium to another, for example, by wired (e.g., coaxial cable, optical fiber, digital Subscriber Line (DSL)), or wireless (e.g., infrared, wireless, microwave, etc.). The computer readable storage medium may be any available medium that can be accessed by a computer or a data storage device such as a server, data center, etc. that contains an integration of one or more available media. The usable medium may be a magnetic medium (e.g., floppy disk, hard disk, tape), an optical medium (e.g., DVD), or a semiconductor medium (e.g., solid state disk Solid STATE DISK (SSD)), etc.
It is noted that relational terms such as first and second, and the like are used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Moreover, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising one … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.
In this specification, each embodiment is described in a related manner, and identical and similar parts of each embodiment are all referred to each other, and each embodiment mainly describes differences from other embodiments. In particular, for system embodiments, since they are substantially similar to method embodiments, the description is relatively simple, as relevant to see a section of the description of method embodiments.
The foregoing description is only of the preferred embodiments of the present invention and is not intended to limit the scope of the present invention. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of the present invention are included in the protection scope of the present invention.
Claims (10)
1. A network configuration method based on biological characteristics, which is applied to a network device to be configured, the method comprising:
Acquiring preset encrypted network configuration information issued by user equipment;
Collecting biological verification information provided by a user;
Generating decryption information based on the biometric authentication information and a preset key generation algorithm;
decrypting the encrypted network configuration information by adopting the decryption information;
Obtaining network configuration information under the condition that the decryption information is correct;
And accessing the network by adopting the network configuration information.
2. The method of claim 1, wherein the step of generating decryption information based on the biometric authentication information and a preset key generation algorithm comprises:
extracting first key feature information from the biometric information;
And generating decryption information based on the first key characteristic information and a preset key generation algorithm.
3. The method according to claim 2, wherein the step of generating decryption information based on the first key feature information and a preset key generation algorithm comprises:
Converting the first key feature information into a digital form to represent the first digital feature information by adopting a preset key generation algorithm;
and generating decryption information by adopting the first digital characteristic information.
4. The method according to claim 1, wherein the method further comprises:
the user equipment acquires biological characteristic information of a user;
The user equipment generates key information by adopting the biological characteristic information and the key generation algorithm;
and the user equipment encrypts preset network configuration information by adopting the key information to obtain encrypted network configuration information.
5. The method of claim 1, wherein the step of the user device generating key information using the biometric information and the key generation algorithm comprises:
The user equipment extracts second key feature information from the biological feature information;
And the user equipment generates key information based on the second key characteristic information and the key generation algorithm.
6. The method of claim 5, wherein the step of the user device generating key information based on the second key feature information and the key generation algorithm comprises:
the user equipment performs standardization processing on the second key feature information to obtain standardized feature information;
And the user equipment adopts the standardized characteristic information and the key generation algorithm to generate key information.
7. The method according to claim 1, wherein the method further comprises:
And deleting the collected biological verification information under the condition of confirming successful access to the network.
8. A network configuration device based on biological characteristics, which is applied to a network equipment to be configured, the device comprising:
The encryption information acquisition module is used for acquiring encryption network configuration information issued by preset user equipment;
the biological information acquisition module is used for acquiring biological verification information provided by a user;
the decryption information generation module is used for generating decryption information based on the biological verification information and a preset key generation algorithm;
The decryption module is used for decrypting the encrypted network configuration information by adopting the decryption information;
the network configuration acquisition module is used for acquiring network configuration information under the condition that the decryption information is correct;
and the network access module is used for accessing the network by adopting the network configuration information.
9. An electronic device comprising a processor, a communication interface, a memory and a communication bus, wherein the processor, the communication interface and the memory communicate with each other via the communication bus;
The memory is used for storing a computer program;
the processor is configured to implement the method according to any one of claims 1-7 when executing a program stored on a memory.
10. One or more computer-readable media having instructions stored thereon that, when executed by one or more processors, cause the processors to perform the method of any of claims 1-7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311788449.4A CN118018185A (en) | 2023-12-22 | 2023-12-22 | Network configuration method, device, equipment and readable medium based on biological characteristics |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311788449.4A CN118018185A (en) | 2023-12-22 | 2023-12-22 | Network configuration method, device, equipment and readable medium based on biological characteristics |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN118018185A true CN118018185A (en) | 2024-05-10 |
Family
ID=90957194
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202311788449.4A Pending CN118018185A (en) | 2023-12-22 | 2023-12-22 | Network configuration method, device, equipment and readable medium based on biological characteristics |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN118018185A (en) |
-
2023
- 2023-12-22 CN CN202311788449.4A patent/CN118018185A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| KR102328725B1 (en) | Method of using one device to unlock another device | |
| US9832016B2 (en) | Methods, systems and computer program product for providing verification code recovery and remote authentication | |
| CN110049016B (en) | Data query method, device, system, equipment and storage medium of block chain | |
| CN106330442B (en) | Identity authentication method, device and system | |
| TWI578749B (en) | Methods and apparatus for migrating keys | |
| US9118662B2 (en) | Method and system for distributed off-line logon using one-time passwords | |
| EP3595258B1 (en) | Authentication method for realising access network, authentication device and user equipment | |
| US7787661B2 (en) | Method, system, personal security device and computer program product for cryptographically secured biometric authentication | |
| CN109145628B (en) | Data acquisition method and system based on trusted execution environment | |
| CN111989672B (en) | Method, device and storage device for generating a new password for accessing a user account in a multi-domain environment | |
| CN108989331B (en) | Use authentication method of data storage device, device and storage medium thereof | |
| CN116709325B (en) | Mobile equipment security authentication method based on high-speed encryption algorithm | |
| CN113779534A (en) | Personal information providing method and service platform based on digital identity | |
| CN112948857A (en) | Document processing method and device | |
| WO2018043466A1 (en) | Data extraction system, data extraction method, registration device, and program | |
| CN118018185A (en) | Network configuration method, device, equipment and readable medium based on biological characteristics | |
| CN112533204B (en) | User identification card configuration method, device, computer equipment and storage medium | |
| CN112182628B (en) | Privacy information security access method and device | |
| CN114007218B (en) | Authentication method, authentication system, terminal and digital identity authentication functional entity | |
| WO2023141864A1 (en) | Conference data transmission method, apparatus and system, electronic device and readable medium | |
| CN112533204A (en) | User identification card configuration method and device, computer equipment and storage medium | |
| CN114598466A (en) | Production data processing method and device, computer equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |