30results about How to "Improve authentication strength" patented technology

An electronic storage apparatus comprises a biometrics information inputting section, a collation section for comparing and collating collation biometrics characteristic information and reference biometrics characteristic information with each other, an authentication result retention section for retaining, where it is recognized that the collation biometrics characteristic information is that of an owner, the result of the authentication, a secret information outputting section capable of outputting secret information of the owner stored in a secret information storage section to the outside, and an authentication result deletion section for deleting, when an unused state detection section detect that the secret information outputting section is in an unused state, the result of authentication retained by the authentication result retention section, whereby the security strength of a card type storage medium is raised and the electronic storage apparatus can be used more easily by a user.

The invention relates to the technical field of security authentication, and provides a Windows system login authentication method and system. The method comprises the following steps that: a Windowssystem terminal performs first verification authentication on a user name and a password, and transmits the user name, the password and a terminal IP (Internet Protocol) address to a server when the verification authentication is passed; the server acquires a third-party authentication account, and transmits Windows system terminal login confirmation information to a mobile terminal in which the third-party authentication account logs; the mobile terminal transmits information indicating whether login confirmation is performed or not to the server, and the server forwards the information indicating whether login confirmation is performed or not to the Windows system terminal; and the Windows system terminal resolves the information indicating whether login confirmation is performed or not,and determines whether a user is allowed to log into a Windows system or not. Through adoption of the Windows system login authentication method and system, combination of dual authentication of theWindows system is realized; the authentication strength is enhanced; the security is improved; and unified management of a system account is realized.

The invention discloses a mobile terminal uniqueness authentication method based on a software digital certificate, which belongs to the technical field of computer and information security, and is specifically as follows: (1) The mobile terminal installs a security client, generates a certificate request associated with device information, and sends a request to the server register. The server issues a digital certificate to the mobile terminal to realize the association between the digital certificate and the device. (2) When in use, the server sends random information to the mobile terminal, the security client receives the information, uses the private key of the digital certificate of the machine to sign the random information, and sends the signed data to the server. The application server uses the digital certificate public key to verify the signature and confirm the identity of the communication peer. The invention can well verify the mobile terminal, and enhances the strength of the verification without adding hardware verification devices.

The invention provides a method for confirming a signer of an electronic contract with a digital signature combined with a handwritten signature. The method firstly performs real-name authentication and contract creation, and secondly, both parties sign the contract to sign the contract, and generate a contract signature feature and a digital signature, and then The supervision system verifies the contract signature features and digital signatures, and then performs special processing on the verified contracts, and finally puts the specially processed contracts on the blockchain for on-chain storage, and both parties to the contract can check the contract parameters by decrypting them. Contract, on the basis of confirming the identity of the contract signer through the traditional digital signature, the present invention increases the user's handwritten signature feature, enhances the identity authentication strength of the contract signer, increases the difficulty of contract forgery, and combines new blockchain technology as a contract. The storage platform ensures that the contract cannot be tampered with, forged and denied.

The present application discloses a user identity card authentication method and device, and a non-volatile storage medium. The method includes: receiving an authentication request initiated by a mobile terminal to authenticate a user identity card, wherein the authentication request includes: an encryption certificate of the mobile terminal; obtaining a timestamp generated by a timestamp server, and analyzing the mobile terminal's The public key encryption time stamp obtained by the encryption certificate is obtained, and the ciphertext time stamp is obtained; the ciphertext time stamp and the server's encryption certificate are sent to the mobile terminal; the authentication information sent by the mobile terminal is received, and the user identity card is authenticated according to the authentication information. , wherein the authentication information is obtained by the mobile terminal based on the information of the user identity card, the encryption certificate of the server and the ciphertext timestamp. The present application solves the technical problems of low verification intensity and low safety factor in the existing SIM card authentication technology.

The invention provides a steganography-based key transmission and key updating method, which is applied to the field of information safety. The method comprises the steps that a communication party A sets a communication type, an encryption algorithm an steganography algorithm, selects a steganography carrier and generates a communication identifier and then performs the updating of a transmission key or the transmission process of a conversion key; a new transmission key is selected when in updating, a time stamp and a signature are generated to encrypt and steganograph the transmission key, the key updating information is generated to be transmitted to a communication party B, and the communication party B performs the verification, de-staganography and deciphering to obtain the transmission key; and the conversion key is selected in transmission to generate a time stamp and a signature so as to encrypt and steganograph the conversion key, the key transmission information is generated to be transmitted to the communication party B, and the communication party B performs the verification, de-steganography and deciphering to obtain the conversation key. The key is concealed by utilizing the steganography, so that an encrypted data format in the key transmission process and the key updating process can be effectively protected, and the safety transmission of multiple encryption and decryption algorithm conversation keys can be realized.

The invention discloses a WebService security certification access control method based on a software digital certificate and a timestamp. The method specifically comprises the steps of (1) generating a client credit certificate through a WebService client; (2) creating a WebService request through the client, and signing the WebService request data through a device certificate; (3) calling the timestamp through the client, acquiring stand time from a time source through a timestamp server, and signing and issuing the timestamp to the WebService data through a timestamp server private key; (4) sending the original request text, the device certificate of the WebService client, a signature message and the timestamp information to the server side by the client through a WebService interface after packaging; (5) receiving the WebService request through the server side, sequentially verifying the client device certificate, the digital signature data and the timestamp information, then processing the WebService request, and returning the processing result to the WebService client. With the adoption of the method, the credible access control certification can be performed for all WebService services; in addition, the validity of the request can be determined through the time, and the time can be accessed.

The invention relates to a guide file credible check based on mobile TPM. The check comprises the following steps: the mobile TPM is initialized; relevant authentication information and check information in a guide process are set; a driving module for the mobile TPM before the start of an operating system at the guide stage is designed and implemented; the driving module is tested according to the operating environment of a DOS operating system; a Part 1 code is arranged at the 0 sector position of a hard disk; an original MBR of the system is moved to a second sector of the hard disk; a Part2 code is arranged at a third sector of the hard disk and a subsequent position thereof; the Part2 code comprises the driving module and a calling interface of the mobile TPM; the credible check is implemented on the reading function of an NEFS file system and files to be read; after the file check is succeeded, the execution is changed from Part2 to an original MBR code. An original process of the system is started for the operation. And the Windows system is ensured to be clean and credible.

The invention relates to an operational application technology combining short message transmission and computer database, in particular to a method for protecting the security of an account. The method is characterized in that: user login and server verification are required to be performed twice respectively, and passwords for the user login of each time are both dynamic passwords; in the login of the first time, the dynamic password A and the user account are input, and the dynamic password A becomes invalid instantly when the dynamic password A and the user account pass the verification; a dynamic identification code is displayed in a login interface in which the dynamic password A and the user account pass the verification; the user is required to compare the dynamic identification code in the login interface with the dynamic identification code in a received mobile phone short message, and then enters the login step of inputting the dynamic password B and a static password after confirming the two groups of dynamic identification codes are completely the same; and after the successful login of the user, the dynamic identification code and the dynamic password B become invalid instantly. By the method provided by the invention, attacks of account stealing Trojans can be effectively prevented, the phishing attacks of phishing sites to the users can be prevented, and the method is simple and intuitive for the user to operate and easy to master.