CN103957105A - Use identity authentication method and SIM card - Google Patents

Use identity authentication method and SIM card Download PDF

Info

Publication number
CN103957105A
CN103957105A CN201410175618.1A CN201410175618A CN103957105A CN 103957105 A CN103957105 A CN 103957105A CN 201410175618 A CN201410175618 A CN 201410175618A CN 103957105 A CN103957105 A CN 103957105A
Authority
CN
China
Prior art keywords
dimensional code
sim card
management server
user
client
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201410175618.1A
Other languages
Chinese (zh)
Inventor
孙利
李建功
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China United Network Communications Group Co Ltd
Original Assignee
China United Network Communications Group Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China United Network Communications Group Co Ltd filed Critical China United Network Communications Group Co Ltd
Priority to CN201410175618.1A priority Critical patent/CN103957105A/en
Publication of CN103957105A publication Critical patent/CN103957105A/en
Pending legal-status Critical Current

Links

Landscapes

  • Medical Treatment And Welfare Office Work (AREA)

Abstract

本发明提供一种用户身份认证方法和SIM卡,该方法包括:SIM卡接收用户在需要使用身体检测仪器时通过客户端输入的登录信息;采用第一预设加密算法对登录信息和管理服务器的标识信息进行加密生成验证码;根据验证码生成二维码并将二维码发送给管理服务器,以使管理服务器在确定接收到的二维码存在时开启身体检测仪器供用户使用。通过SIM卡实时生成二维码,避免承载于单独卡片上二维码始终处于暴露状态易被获取的缺陷,并且,由于SIM卡本身的安全性,以及二维码生成的参数涉及用户的信息和管理身体检测仪器的管理服务器的信息,进一步提高了二维码生成过程以及生成的二维码的安全性,并且,SIM卡承载于用户手持终端中,方便携带。

The present invention provides a user identity authentication method and a SIM card. The method includes: the SIM card receives the login information input by the user through the client when the user needs to use a body detection instrument; The identification information is encrypted to generate a verification code; a two-dimensional code is generated according to the verification code and the two-dimensional code is sent to the management server, so that the management server turns on the body detection device for the user to use when it determines that the received two-dimensional code exists. The two-dimensional code is generated in real time through the SIM card, avoiding the defect that the two-dimensional code carried on a separate card is always exposed and easy to obtain, and, due to the security of the SIM card itself, and the parameters generated by the two-dimensional code involve user information and The information of the management server that manages the body detection instrument further improves the security of the two-dimensional code generation process and the generated two-dimensional code, and the SIM card is carried in the user's hand-held terminal, which is convenient to carry.

Description

用户身份认证方法和SIM卡User authentication method and SIM card

技术领域technical field

本发明属于信息安全技术领域,具体是涉及一种用户身份认证方法和SIM卡。The invention belongs to the technical field of information security, and in particular relates to a user identity authentication method and a SIM card.

背景技术Background technique

在医疗健康系统中,当用户需要使用某检测仪器进行相应的身体检查时,首先需要对该用户的身份进行认证。In the medical and health system, when a user needs to use a testing instrument for a corresponding physical examination, the user's identity needs to be authenticated first.

现有的身份认证过程中,用户的身份认证信息,比如姓名、手机号码等信息一般会以诸如条形码、二维条码等形式承载于一个独立的卡片中,比如IC卡、身份证。当卡片丢失时,由于用户的身份认证信息固化暴露在该卡片中,其他人很容易获取到该用户的身份认证信息来启动相应的检测仪器,安全性低,且需携带卡片给用户带来了不便。In the existing identity authentication process, the user's identity authentication information, such as name, mobile phone number and other information, is usually carried in an independent card in the form of barcode, two-dimensional barcode, etc., such as IC card or ID card. When the card is lost, because the user's identity authentication information is solidified and exposed in the card, other people can easily obtain the user's identity authentication information to start the corresponding detection equipment, which is low in security and needs to carry the card to the user. inconvenient.

发明内容Contents of the invention

针对现有技术中存在的问题,本发明提供一种用户身份认证方法和SIM卡,用以克服现有技术中身份认证信息承载于独立的卡片中导致的安全性低、便携性差的缺陷。Aiming at the problems existing in the prior art, the present invention provides a user identity authentication method and a SIM card to overcome the defects of low security and poor portability caused by identity authentication information carried in an independent card in the prior art.

本发明提供了一种用户身份认证方法,包括:The invention provides a user identity authentication method, comprising:

SIM卡接收用户在需要使用身体检测仪器时通过客户端输入的登录信息;The SIM card receives the login information entered by the user through the client when the user needs to use the physical detection instrument;

所述SIM卡采用第一预设加密算法对所述登录信息和预先获得的管理服务器的标识信息进行加密,生成验证码;The SIM card uses a first preset encryption algorithm to encrypt the login information and the pre-acquired identification information of the management server to generate a verification code;

所述SIM卡根据所述验证码生成二维码,并将所述二维码发送给所述管理服务器,以使所述管理服务器在根据本地存储的二维码数据库确定接收到的所述二维码存在时开启所述身体检测仪器供所述用户使用。The SIM card generates a two-dimensional code according to the verification code, and sends the two-dimensional code to the management server, so that the management server determines the received two-dimensional code according to the locally stored two-dimensional code database. When the two-dimensional code exists, the body detection instrument is turned on for use by the user.

本发明提供了一种SIM卡,包括:The invention provides a SIM card, comprising:

第一接收模块,用于接收用户在需要使用身体检测仪器时通过客户端输入的登录信息;The first receiving module is used to receive the login information input by the user through the client when the user needs to use the body detection instrument;

第一处理模块,用于采用第一预设加密算法对所述登录信息和预先获得的管理服务器的标识信息进行加密,生成验证码;The first processing module is configured to encrypt the login information and the pre-acquired identification information of the management server by using a first preset encryption algorithm to generate a verification code;

第二处理模块,用于根据所述验证码生成二维码,并将所述二维码发送给所述管理服务器,以使所述管理服务器在根据本地存储的二维码数据库确定接收到的所述二维码存在时开启所述身体检测仪器供所述用户使用。The second processing module is configured to generate a two-dimensional code according to the verification code, and send the two-dimensional code to the management server, so that the management server determines the received two-dimensional code according to the locally stored two-dimensional code database. When the two-dimensional code exists, the body detection instrument is turned on for use by the user.

本发明提供的用户身份认证方法和SIM卡,SIM卡在接收到用户输入的登录信息后,根据该登录信息和预先获得的管理服务器的标识信息生成验证码,进而根据该验证码生成用于对该用户的身份进行认证的二维码,In the user identity authentication method and the SIM card provided by the present invention, after the SIM card receives the login information input by the user, it generates a verification code according to the login information and the pre-acquired identification information of the management server, and then generates a verification code based on the verification code. The QR code for authenticating the user's identity,

以使得管理身体检测仪器的管理服务器基于该二维码对该用户进行身份验In order to make the management server that manages the body detection instrument perform identity verification on the user based on the two-dimensional code

证,在验证通过时开启相应的身体检测仪器供用户使用。通过SIM卡实时生成二维码,避免现有技术中承载于单独卡片上二维码始终处于暴露状态,易被他人获取的缺陷,并且,由于SIM卡本身的安全性,以及二维码生成的参数涉及当前操作用户的信息和管理身体检测仪器的管理服务器的信息,进一步提高了二维码生成过程以及生成的二维码的安全性,并且,SIM卡承载于用户手持终端中,方便携带。When the verification is passed, the corresponding body detection equipment is turned on for the user to use. The two-dimensional code is generated in real time through the SIM card, avoiding the defect that the two-dimensional code carried on a separate card in the prior art is always exposed and easy to be obtained by others, and, due to the security of the SIM card itself and the generation of the two-dimensional code The parameters relate to the information of the current operating user and the information of the management server that manages the body detection instrument, which further improves the security of the two-dimensional code generation process and the generated two-dimensional code, and the SIM card is carried in the user's hand-held terminal, which is convenient to carry.

附图说明Description of drawings

图1为本发明用户身份认证方法实施例一的流程图;FIG. 1 is a flow chart of Embodiment 1 of the user identity authentication method of the present invention;

图2为本发明用户身份认证方法实施例二的流程图;FIG. 2 is a flow chart of Embodiment 2 of the user identity authentication method of the present invention;

图3为本发明SIM卡实施例一的结构示意图;Fig. 3 is the structural representation of SIM card embodiment 1 of the present invention;

图4为本发明SIM卡实施例二的结构示意图。FIG. 4 is a schematic structural diagram of Embodiment 2 of the SIM card of the present invention.

具体实施方式Detailed ways

图1为本发明用户身份认证方法实施例一的流程图,如图1所示,本实施例提供的所述方法可以由用户手持终端例如手机中的SIM卡来执行。该方法具体包括如下步骤:FIG. 1 is a flow chart of Embodiment 1 of the user identity authentication method of the present invention. As shown in FIG. 1 , the method provided in this embodiment can be executed by a user's handheld terminal such as a SIM card in a mobile phone. The method specifically includes the following steps:

步骤101、SIM卡接收用户在需要使用身体检测仪器时通过客户端输入的登录信息;Step 101, the SIM card receives the login information input by the user through the client when the user needs to use the body detection instrument;

举例来说,比如某用户进入医院,其想要使用某身体检测仪器比如血压测量仪时,首先通过手机中的应用客户端即上述的客户端输入登录信息,该登录信息中比如包括用户名、密码、联系方式等信息。该客户端将用户输入的该登录信息发送给手机SIM卡,以使SIM卡生成该用户的身份认证信息,并将生成的身份认证信息发送给管理服务器,使得管理服务器对该用户进行身份认证,只有在认证通过的时候该用户才能使用该身体检测仪器。For example, when a user enters a hospital and wants to use a certain body detection instrument such as a blood pressure measuring instrument, he first enters login information through the application client in the mobile phone, that is, the above-mentioned client. The login information includes, for example, a user name, Password, contact information and other information. The client sends the login information input by the user to the SIM card of the mobile phone, so that the SIM card generates the identity authentication information of the user, and sends the generated identity authentication information to the management server, so that the management server performs identity authentication on the user, Only when the authentication is passed, the user can use the body detection instrument.

步骤102、所述SIM卡采用第一预设加密算法对所述登录信息和预先获得的管理服务器的标识信息进行加密,生成验证码;Step 102, the SIM card uses a first preset encryption algorithm to encrypt the login information and the pre-acquired identification information of the management server to generate a verification code;

步骤103、所述SIM卡根据所述验证码生成二维码,并将所述二维码发送给所述管理服务器,以使所述管理服务器在根据本地存储的二维码数据库确定接收到的所述二维码存在时开启所述身体检测仪器供所述用户使用。Step 103, the SIM card generates a two-dimensional code according to the verification code, and sends the two-dimensional code to the management server, so that the management server determines the received two-dimensional code according to the locally stored two-dimensional code database. When the two-dimensional code exists, the body detection instrument is turned on for use by the user.

手机SIM卡首先采用第一预设加密算法对所述登录信息和预先获得的管理服务器的标识信息进行加密,生成验证码,其中该第一预设加密算法可以是现有技术中SIM卡内通常使用的某种加密算法,或者是现有技术中其他常用加密算法,具体采用什么加密算法视实际应用条件决定。其中,管理服务器的标识信息,例如为该管理服务器的名称、设备序列号等。该管理服务器用于对所有的身体检测仪器进行集中管理,比如对用户是否可以使用某身体检测仪器进行身份认证、对用户使用某身体检测仪器产生的检测数据进行保存等。值得说明的是,本实施例中,如果某用户通过了管理服务器对其的身份认证,则该用户即可使用该管理服务器管理的所有身体检测仪器,也就是说,当某用户想要使用某一身体检测仪器时,在经过了管理服务器的身份认证后,意味着该用户不仅可以使用其想要使用的某一身体检测仪器,还可以使用其他的身体检测仪器。The mobile phone SIM card first uses a first preset encryption algorithm to encrypt the login information and the pre-acquired identification information of the management server to generate a verification code, wherein the first preset encryption algorithm can be the usual An encryption algorithm to be used, or other commonly used encryption algorithms in the prior art, the specific encryption algorithm to be used depends on actual application conditions. Wherein, the identification information of the management server is, for example, the name of the management server, the serial number of the device, and the like. The management server is used for centralized management of all physical testing instruments, such as whether a user can use a certain physical testing instrument for identity authentication, saving the testing data generated by a user using a certain physical testing instrument, and so on. It is worth noting that in this embodiment, if a user has passed the identity authentication of the management server, the user can use all the physical testing instruments managed by the management server, that is, when a user wants to use a certain For a body detection device, after being authenticated by the management server, it means that the user can not only use a certain body detection device he wants to use, but also use other body detection devices.

但是,可以理解的是,可以根据实际应用的需要设定各个用户的使用权限。因为很有可能某些身体检测仪器的操作过于复杂,或者操作错误会对使用者产生严重伤害,此时,应该设置用户对各身体检测仪器的使用权限。相应的,在验证码的生成参数中还应该包含用户需要使用的身体检测仪器的标识信息。However, it can be understood that the use authority of each user can be set according to the needs of actual applications. Because it is very likely that the operation of some body detection instruments is too complicated, or the wrong operation will cause serious harm to the user, at this time, the user's access to each body detection instrument should be set. Correspondingly, the identification information of the body detection device that the user needs to use should also be included in the generation parameters of the verification code.

进而,该手机SIM卡根据生成的所述验证码生成二维码,并将所述二维码发送给所述管理服务器,以使管理服务器在根据本地存储的二维码数据库确定接收到的所述二维码存在时开启所述身体检测仪器供所述用户使用。本实施例中,用户的身份认证信息以二维码的形式存储,该二维码例如可以是SIM卡采用另一不同于上述第一预设加密算法的加密算法对生成的所述验证码加密获得的,或者,是对验证码进行了某种运算后获得的。Furthermore, the mobile phone SIM card generates a two-dimensional code according to the generated verification code, and sends the two-dimensional code to the management server, so that the management server determines the received two-dimensional code according to the locally stored two-dimensional code database. When the two-dimensional code exists, the body detection instrument is turned on for use by the user. In this embodiment, the user's identity authentication information is stored in the form of a two-dimensional code. The two-dimensional code can be, for example, that the SIM card uses another encryption algorithm different from the above-mentioned first preset encryption algorithm to encrypt the generated verification code. obtained, or obtained after performing certain operations on the verification code.

一般来说,该手机SIM卡在获得用于对用户身份进行认证的二维码之后,可以将该二维码通过客户端发送给管理服务器,以使管理服务器在本地存储的二维码数据库中查找是否存在与接收到的二维码一致的二维码,如果存在,说明该用户通过了认证,可以使用相应的身体检测仪器,则该管理服务器启动相应的身体检测仪器供该用户使用。Generally speaking, after the mobile phone SIM card obtains the two-dimensional code used to authenticate the user's identity, it can send the two-dimensional code to the management server through the client, so that the management server can store the two-dimensional code in the locally stored two-dimensional code database. Check whether there is a QR code that is consistent with the received QR code. If it exists, it means that the user has passed the authentication and can use the corresponding physical testing equipment, and then the management server starts the corresponding physical testing equipment for the user to use.

本实施例中,SIM卡在接收到用户输入的登录信息后,根据该登录信息和预先获得的管理服务器的标识信息生成验证码,进而根据该验证码生成用于对该用户的身份进行认证的二维码,以基于该二维码对该用户进行身份验证。通过SIM卡实时生成二维码,避免现有技术中承载于单独卡片上二维码始终处于暴露状态,易被他人获取的缺陷,并且,由于SIM卡本身的安全性,以及二维码生成的参数涉及当前操作用户的信息和管理身体检测仪器的管理服务器的信息,进一步提高了二维码生成过程以及生成的二维码的安全性,并且,SIM卡承载于用户手持终端中,方便携带。In this embodiment, after receiving the login information input by the user, the SIM card generates a verification code according to the login information and the pre-acquired identification information of the management server, and then generates a verification code for authenticating the user's identity according to the verification code. QR code to authenticate the user based on the QR code. The two-dimensional code is generated in real time through the SIM card, avoiding the defect that the two-dimensional code carried on a separate card in the prior art is always exposed and easy to be obtained by others, and, due to the security of the SIM card itself and the generation of the two-dimensional code The parameters relate to the information of the current operating user and the information of the management server that manages the body detection instrument, which further improves the security of the two-dimensional code generation process and the generated two-dimensional code, and the SIM card is carried in the user's hand-held terminal, which is convenient to carry.

图2为本发明用户身份认证方法实施例二的流程图,如图2所示,该方法包括:Fig. 2 is a flow chart of Embodiment 2 of the user identity authentication method of the present invention. As shown in Fig. 2, the method includes:

步骤201、所述SIM卡接收所述客户端发送的所述管理服务器的标识信息,所述管理服务器的标识信息为所述管理服务器在接收到所述客户端上传的所述用户输入的注册信息后发送给所述客户端的;Step 201, the SIM card receives the identification information of the management server sent by the client, and the identification information of the management server is the registration information input by the user uploaded by the management server after receiving the client sent to the client afterward;

本实施例中,在用户想要通过应用客户端来自动完成自身的身份认证以便使用某身体检测仪器前,需要通过该客户端完成用户注册的过程。在用户注册的过程中,用户在客户端的用户注册界面中输入注册信息,比如用户名、年龄、密码、住址、联系方式等,客户端将用户输入的该注册信息发送给管理服务器,管理服务器保存该用户注册信息的同时,将自身的标识信息发送给该客户端,从而该客户端可以随即将该管理服务器的标识信息发送给该用户的手机SIM卡,以使得当该SIM卡接收到客户端发送给其的用户登录信息时,根据该管理服务器的标识信息和用户登录信息生成验证码。可选的,该客户端也可以暂时保存该管理服务器的标识信息,并在接收到用户输入的登录信息时,连同登录信息一起发送给手机SIM卡。In this embodiment, before the user wants to automatically complete his own identity authentication through the application client in order to use a certain body detection instrument, he needs to complete the user registration process through the client. In the process of user registration, the user enters registration information in the user registration interface of the client, such as user name, age, password, address, contact information, etc., the client sends the registration information entered by the user to the management server, and the management server saves the registration information. While the user registers the information, it sends its own identification information to the client, so that the client can immediately send the identification information of the management server to the user's mobile phone SIM card, so that when the SIM card receives the client When sending the user login information to it, a verification code is generated according to the identification information of the management server and the user login information. Optionally, the client can also temporarily save the identification information of the management server, and when receiving the login information input by the user, send it to the SIM card of the mobile phone together with the login information.

步骤202、SIM卡接收用户在需要使用身体检测仪器时通过客户端输入的登录信息;Step 202, the SIM card receives the login information input by the user through the client when the user needs to use the physical testing instrument;

步骤203、所述SIM卡采用第二预设加密算法对所述登录信息、预先获得的管理服务器的标识信息和所述SIM卡的标识信息进行加密,生成验证码;Step 203, the SIM card uses a second preset encryption algorithm to encrypt the login information, the pre-obtained identification information of the management server and the identification information of the SIM card to generate a verification code;

本实施例中,手机SIM卡生成的验证码,不仅考虑了用户的登录信息和管理服务器的标识信息,还考虑了该SIM卡的标识信息,比如集成电路卡识别码(Integrate Circuit Card Identity,以下简称ICCID),可选的,还可以包括待使用身体检测仪器的标识信息。相当于该验证码综合考虑了操作用户、管理服务器和手机终端这几方面的因素,即对管理服务器和手机终端都相当于进行了认证。In this embodiment, the verification code generated by the SIM card of the mobile phone not only considers the user's login information and the identification information of the management server, but also considers the identification information of the SIM card, such as an integrated circuit card identification code (Integrate Circuit Card Identity, hereinafter ICCID for short), optionally, may also include identification information of the body detection instrument to be used. It is equivalent to that the verification code comprehensively considers the factors of the operating user, the management server and the mobile terminal, that is, both the management server and the mobile terminal are equivalent to authentication.

步骤204、所述SIM卡采用第三预设加密算法对所述验证码进行加密,生成二维码;Step 204, the SIM card uses a third preset encryption algorithm to encrypt the verification code to generate a two-dimensional code;

可选的,生成的二维码还可以是由客户端生成的,即SIM卡将所述验证码发送给所述客户端,以使所述客户端采用所述第三预设加密算法对所述验证码进行加密,生成所述二维码。Optionally, the generated two-dimensional code may also be generated by the client, that is, the SIM card sends the verification code to the client, so that the client uses the third preset encryption algorithm to The verification code is encrypted to generate the two-dimensional code.

可选的,也可以对验证码进行其他运算以获得二维码,比如与预设二进制序列进行异或运算等。Optionally, other operations may be performed on the verification code to obtain the two-dimensional code, such as XOR operation with a preset binary sequence.

本实施例中,用于用户身份认证的二维码既可以是由该用户的手机SIM卡生成的,也可以是由上述客户端生成的。优选地,采用客户端生成二维码的方式,即SIM卡将所述验证码发送给所述客户端,以使所述客户端采用所述第三预设加密算法对所述验证码进行加密,生成所述二维码。In this embodiment, the two-dimensional code used for user identity authentication can be generated by the user's mobile phone SIM card, or by the above-mentioned client. Preferably, the client generates a two-dimensional code, that is, the SIM card sends the verification code to the client, so that the client uses the third preset encryption algorithm to encrypt the verification code , to generate the QR code.

之所以优选客户端来生成二维码是考虑实际应用中尽力降低SIM卡的处理负载。另外,对验证码进行加密来生成二维码,相当于是对生成验证码的用户登录信息中包含的用户名、联系方式,以及管理服务器标识信息等的再一次加密保护,进一步保证了用户信息的安全性。The reason why the client is preferred to generate the two-dimensional code is to consider trying to reduce the processing load of the SIM card in practical applications. In addition, encrypting the verification code to generate a two-dimensional code is equivalent to re-encrypting the user name, contact information, and management server identification information contained in the user login information that generates the verification code, which further ensures the security of user information. safety.

步骤205、所述SIM卡将所述二维码发送给所述客户端进行二维码图像显示,以使所述客户端通过与所述身体检测仪器连接的图像扫描枪将所述二维码图像扫描发送给所述管理服务器,以使所述管理服务器根据本地存储的二维码数据库确定接收到的所述二维码存在时开启所述身体检测仪器供所述用户使用。Step 205, the SIM card sends the two-dimensional code to the client to display the two-dimensional code image, so that the client can scan the two-dimensional code through the image scanning gun connected to the body detection instrument The scanned image is sent to the management server, so that the management server turns on the body detection instrument for use by the user when determining that the received two-dimensional code exists according to the locally stored two-dimensional code database.

本实施例中,如果是手机SIM卡采用所述第三预设加密算法对验证码进行加密,生成二维码,那么之后该手机SIM卡将生成的二维码发送给客户端,在客户端界面上对所述二维码进行二维码图像显示。一般地,各身体检测仪器上可以连接由二维码图像扫描枪,可以通过用户需要使用的身体检测仪器上的二维码图像扫描枪来扫描客户端界面上显示的二维码图像,从而通过该扫描枪将二维码图像上传给管理各身体检测仪器的管理服务器,以使管理服务器根据本地存储的二维码数据库确定接收到的所述二维码存在时开启所述身体检测仪器供所述用户使用。In this embodiment, if the SIM card of the mobile phone uses the third preset encryption algorithm to encrypt the verification code to generate a two-dimensional code, then the SIM card of the mobile phone sends the generated two-dimensional code to the client. The two-dimensional code is displayed on the interface as a two-dimensional code image. Generally, a two-dimensional code image scanning gun can be connected to each body detection instrument, and the two-dimensional code image displayed on the client interface can be scanned by the two-dimensional code image scanning gun on the body detection instrument that the user needs to use, so as to pass The scanning gun uploads the two-dimensional code image to the management server that manages each body detection instrument, so that the management server determines that the received two-dimensional code exists according to the locally stored two-dimensional code database. user described above.

可以理解的是,该客户端也可以通过无线网络将二维码发送给管理服务器,具体采用何种方式受限于实际应用环境。It can be understood that the client can also send the two-dimensional code to the management server through the wireless network, and the specific method is limited by the actual application environment.

本实施例中,SIM卡根据用户的登录信息、管理服务器的标识信息以及SIM卡的标识信息生成验证码,进而根据该验证码生成用于对该用户的身份进行认证的二维码,使得在生成二维码的过程中实现了对用户终端和管理服务器的认证,从而更加保证了生成的二维码的安全性,另外,由客户端生成二维码,降低了SIM卡的处理负载。In this embodiment, the SIM card generates a verification code according to the user's login information, the identification information of the management server, and the identification information of the SIM card, and then generates a two-dimensional code for authenticating the user's identity according to the verification code, so that in In the process of generating the two-dimensional code, the authentication of the user terminal and the management server is realized, thereby further ensuring the security of the generated two-dimensional code. In addition, the client generates the two-dimensional code, which reduces the processing load of the SIM card.

图3为本发明SIM卡实施例一的结构示意图,如图3所示,该SIM卡包括:Fig. 3 is a schematic structural diagram of Embodiment 1 of the SIM card of the present invention. As shown in Fig. 3, the SIM card includes:

第一接收模块11,用于接收用户在需要使用身体检测仪器时通过客户端输入的登录信息;The first receiving module 11 is used to receive the login information input by the user through the client when the user needs to use the body detection instrument;

第一处理模块12,用于采用第一预设加密算法对所述登录信息和预先获得的管理服务器的标识信息进行加密,生成验证码;The first processing module 12 is configured to encrypt the login information and the pre-acquired identification information of the management server by using a first preset encryption algorithm to generate a verification code;

第二处理模块13,用于根据所述验证码生成二维码,并将所述二维码发送给所述管理服务器,以使所述管理服务器在根据本地存储的二维码数据库确定接收到的所述二维码存在时开启所述身体检测仪器供所述用户使用。The second processing module 13 is configured to generate a two-dimensional code according to the verification code, and send the two-dimensional code to the management server, so that the management server determines that the two-dimensional code received according to the locally stored two-dimensional code database When the two-dimensional code exists, the body detection instrument is turned on for use by the user.

本实施例的SIM卡可以用于执行图1所示方法实施例的技术方案,其实现原理和技术效果类似,此处不再赘述。The SIM card of this embodiment can be used to execute the technical solution of the method embodiment shown in FIG. 1 , and its implementation principle and technical effect are similar, and will not be repeated here.

图4为本发明SIM卡实施例二的结构示意图,如图4所示,本实施例中的所述SIM卡在图3所示实施例的基础上,所述第一处理模块12,具体用于:Fig. 4 is a schematic structural diagram of the second embodiment of the SIM card of the present invention. As shown in Fig. 4, the SIM card in this embodiment is based on the embodiment shown in Fig. 3, and the first processing module 12 is specifically used At:

采用第二预设加密算法对所述登录信息、预先获得的管理服务器的标识信息和所述SIM卡的标识信息进行加密,生成验证码。Encrypting the login information, the pre-acquired identification information of the management server, and the identification information of the SIM card by using a second preset encryption algorithm to generate a verification code.

进一步地,所述第二处理模块13,具体用于:Further, the second processing module 13 is specifically used for:

采用第三预设加密算法对所述验证码进行加密,生成二维码。The verification code is encrypted by using a third preset encryption algorithm to generate a two-dimensional code.

进一步地,所述第二处理模块13,还用于:Further, the second processing module 13 is also used for:

将所述二维码发送给所述客户端进行二维码图像显示,以使所述客户端通过与所述身体检测仪器连接的图像扫描枪将所述二维码图像扫描发送给所述管理服务器,以使所述管理服务器根据本地存储的二维码数据库确定接收到的所述二维码存在时开启所述身体检测仪器供所述用户使用。Send the two-dimensional code to the client to display the two-dimensional code image, so that the client scans the two-dimensional code image and sends it to the management through the image scanning gun connected to the body detection instrument server, so that the management server determines that the received two-dimensional code exists according to the locally stored two-dimensional code database, and turns on the body detection instrument for the user to use.

进一步地,所述SIM卡还包括:Further, the SIM card also includes:

第二接收模块21,用于接收所述客户端发送的所述管理服务器的标识信息,所述管理服务器的标识信息为所述管理服务器在接收到所述客户端上传的所述用户输入的注册信息后发送给所述客户端的。The second receiving module 21 is configured to receive the identification information of the management server sent by the client, where the identification information of the management server is the registration information input by the user uploaded by the management server upon receiving the client. The information is then sent to the client.

本实施例的SIM卡可以用于执行图2所示方法实施例的技术方案,其实现原理和技术效果类似,此处不再赘述。The SIM card of this embodiment can be used to implement the technical solution of the method embodiment shown in FIG. 2 , and its implementation principle and technical effect are similar, and will not be repeated here.

本领域普通技术人员可以理解:实现上述方法实施例的全部或部分步骤可以通过程序指令相关的硬件来完成,前述的程序可以存储于一计算机可读取存储介质中,该程序在执行时,执行包括上述方法实施例的步骤;而前述的存储介质包括:ROM、RAM、磁碟或者光盘等各种可以存储程序代码的介质。Those of ordinary skill in the art can understand that all or part of the steps for realizing the above-mentioned method embodiments can be completed by hardware related to program instructions, and the aforementioned program can be stored in a computer-readable storage medium. When the program is executed, the It includes the steps of the above method embodiments; and the aforementioned storage medium includes: ROM, RAM, magnetic disk or optical disk and other various media that can store program codes.

最后应说明的是:以上各实施例仅用以说明本发明的技术方案,而非对其限制;尽管参照前述各实施例对本发明进行了详细的说明,本领域的普通技术人员应当理解:其依然可以对前述各实施例所记载的技术方案进行修改,或者对其中部分或者全部技术特征进行等同替换;而这些修改或者替换,并不使相应技术方案的本质脱离本发明各实施例技术方案的范围。Finally, it should be noted that: the above embodiments are only used to illustrate the technical solutions of the present invention, rather than limiting them; although the present invention has been described in detail with reference to the foregoing embodiments, those of ordinary skill in the art should understand that: It is still possible to modify the technical solutions described in the foregoing embodiments, or perform equivalent replacements for some or all of the technical features; and these modifications or replacements do not make the essence of the corresponding technical solutions deviate from the technical solutions of the various embodiments of the present invention. scope.

Claims (10)

1.一种用户身份认证方法,其特征在于,包括:1. A user identity authentication method, characterized in that, comprising: SIM卡接收用户在需要使用身体检测仪器时通过客户端输入的登录信息;The SIM card receives the login information entered by the user through the client when the user needs to use the physical detection instrument; 所述SIM卡采用第一预设加密算法对所述登录信息和预先获得的管理服务器的标识信息进行加密,生成验证码;The SIM card uses a first preset encryption algorithm to encrypt the login information and the pre-acquired identification information of the management server to generate a verification code; 所述SIM卡根据所述验证码生成二维码,并将所述二维码发送给所述管理服务器,以使所述管理服务器在根据本地存储的二维码数据库确定接收到的所述二维码存在时开启所述身体检测仪器供所述用户使用。The SIM card generates a two-dimensional code according to the verification code, and sends the two-dimensional code to the management server, so that the management server determines the received two-dimensional code according to the locally stored two-dimensional code database. When the two-dimensional code exists, the body detection instrument is turned on for use by the user. 2.根据权利要求1所述的方法,其特征在于,所述SIM卡采用第一预设加密算法对所述登录信息和预先获得的管理服务器的标识信息进行加密,生成验证码,包括:2. The method according to claim 1, wherein the SIM card uses a first preset encryption algorithm to encrypt the login information and the pre-acquired identification information of the management server to generate a verification code, including: 所述SIM卡采用第二预设加密算法对所述登录信息、预先获得的管理服务器的标识信息和所述SIM卡的标识信息进行加密,生成验证码。The SIM card encrypts the login information, the pre-obtained identification information of the management server and the identification information of the SIM card by using a second preset encryption algorithm to generate a verification code. 3.根据权利要求1所述的方法,其特征在于,所述SIM卡根据所述验证码生成二维码,包括:3. The method according to claim 1, wherein the SIM card generates a two-dimensional code according to the verification code, comprising: 所述SIM卡采用第三预设加密算法对所述验证码进行加密,生成二维码。The SIM card uses a third preset encryption algorithm to encrypt the verification code to generate a two-dimensional code. 4.根据权利要求3所述的方法,其特征在于,所述SIM卡将所述二维码发送给所述管理服务器,以使所述管理服务器在根据本地存储的二维码数据库确定接收到的所述二维码存在时开启所述身体检测仪器供所述用户使用,包括:4. The method according to claim 3, wherein the SIM card sends the two-dimensional code to the management server, so that the management server determines that the two-dimensional code is received according to the locally stored two-dimensional code database. When the two-dimensional code exists, the body detection instrument is turned on for the user to use, including: 所述SIM卡将所述二维码发送给所述客户端进行二维码图像显示,以使所述客户端通过与所述身体检测仪器连接的图像扫描枪将所述二维码图像扫描发送给所述管理服务器,以使所述管理服务器在根据本地存储的二维码数据库确定接收到的所述二维码存在时开启所述身体检测仪器供所述用户使用。The SIM card sends the two-dimensional code to the client to display the two-dimensional code image, so that the client scans and sends the two-dimensional code image through the image scanning gun connected to the body detection instrument to the management server, so that the management server turns on the body detection instrument for use by the user when it determines that the received two-dimensional code exists according to the locally stored two-dimensional code database. 5.根据权利要求1~4中任一项所述的方法,其特征在于,所述SIM卡接收用户在需要使用身体检测仪器时通过客户端输入的登录信息之前,还包括:5. The method according to any one of claims 1 to 4, characterized in that, before the SIM card receives the login information input by the user through the client when the user needs to use the body detection instrument, the method further includes: 所述SIM卡接收所述客户端发送的所述管理服务器的标识信息,所述管理服务器的标识信息为所述管理服务器在接收到所述客户端上传的所述用户输入的注册信息后发送给所述客户端的。The SIM card receives the identification information of the management server sent by the client, and the identification information of the management server is sent to the management server after receiving the registration information input by the user uploaded by the client. of the client. 6.一种SIM卡,其特征在于,包括:6. A SIM card, characterized in that, comprising: 第一接收模块,用于接收用户在需要使用身体检测仪器时通过客户端输入的登录信息;The first receiving module is used to receive the login information input by the user through the client when the user needs to use the body detection instrument; 第一处理模块,用于采用第一预设加密算法对所述登录信息和预先获得的管理服务器的标识信息进行加密,生成验证码;The first processing module is configured to encrypt the login information and the pre-acquired identification information of the management server by using a first preset encryption algorithm to generate a verification code; 第二处理模块,用于根据所述验证码生成二维码,并将所述二维码发送给所述管理服务器,以使所述管理服务器在根据本地存储的二维码数据库确定接收到的所述二维码存在时开启所述身体检测仪器供所述用户使用。The second processing module is configured to generate a two-dimensional code according to the verification code, and send the two-dimensional code to the management server, so that the management server determines the received two-dimensional code according to the locally stored two-dimensional code database. When the two-dimensional code exists, the body detection instrument is turned on for use by the user. 7.根据权利要求6所述的SIM卡,其特征在于,所述第一处理模块,具体用于:7. The SIM card according to claim 6, wherein the first processing module is specifically used for: 采用第二预设加密算法对所述登录信息、预先获得的管理服务器的标识信息和所述SIM卡的标识信息进行加密,生成验证码。Encrypting the login information, the pre-acquired identification information of the management server, and the identification information of the SIM card by using a second preset encryption algorithm to generate a verification code. 8.根据权利要求6所述的SIM卡,其特征在于,所述第二处理模块,具体用于:8. The SIM card according to claim 6, wherein the second processing module is specifically used for: 采用所述第三预设加密算法对所述验证码进行加密,生成二维码。Using the third preset encryption algorithm to encrypt the verification code to generate a two-dimensional code. 9.根据权利要求8所述的SIM卡,其特征在于,所述第二处理模块,还用于:9. The SIM card according to claim 8, wherein the second processing module is also used for: 将所述二维码发送给所述客户端进行二维码图像显示,以使所述客户端通过与所述身体检测仪器连接的图像扫描枪将所述二维码图像扫描发送给所述管理服务器,以使所述管理服务器在根据本地存储的二维码数据库确定接收到的所述二维码存在时开启所述身体检测仪器供所述用户使用。Send the two-dimensional code to the client to display the two-dimensional code image, so that the client scans the two-dimensional code image and sends it to the management through the image scanning gun connected to the body detection instrument server, so that the management server turns on the body detection instrument for use by the user when it is determined according to the locally stored two-dimensional code database that the received two-dimensional code exists. 10.根据权利要求6~9中任一项所述的SIM卡,其特征在于,还包括:10. The SIM card according to any one of claims 6-9, further comprising: 第二接收模块,用于接收所述客户端发送的所述管理服务器的标识信息,所述管理服务器的标识信息为所述管理服务器在接收到所述客户端上传的所述用户输入的注册信息后发送给所述客户端的。The second receiving module is configured to receive the identification information of the management server sent by the client, where the identification information of the management server is the registration information input by the user uploaded by the management server after receiving the client. and then sent to the client.
CN201410175618.1A 2014-04-28 2014-04-28 Use identity authentication method and SIM card Pending CN103957105A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201410175618.1A CN103957105A (en) 2014-04-28 2014-04-28 Use identity authentication method and SIM card

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201410175618.1A CN103957105A (en) 2014-04-28 2014-04-28 Use identity authentication method and SIM card

Publications (1)

Publication Number Publication Date
CN103957105A true CN103957105A (en) 2014-07-30

Family

ID=51334335

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201410175618.1A Pending CN103957105A (en) 2014-04-28 2014-04-28 Use identity authentication method and SIM card

Country Status (1)

Country Link
CN (1) CN103957105A (en)

Cited By (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105357225A (en) * 2015-12-10 2016-02-24 成都工百利自动化设备有限公司 Virtual SIM/USIM card authentication management cloud platform
CN105871935A (en) * 2016-06-21 2016-08-17 珠海市魅族科技有限公司 Mobile communication method and device
CN106100850A (en) * 2016-06-17 2016-11-09 公安部第三研究所 Intelligent and safe chip signing messages transmission method based on Quick Response Code and system
CN106162520A (en) * 2015-04-28 2016-11-23 中国移动通信集团公司 Health and fitness information processing method, health and fitness information collecting device, terminal unit and system
CN108229127A (en) * 2016-12-21 2018-06-29 英业达科技有限公司 Verification data are generated in advance to distinguish the system and method for client
CN108769981A (en) * 2018-06-09 2018-11-06 深圳市宝尔爱迪科技有限公司 A kind of a kind of personal information protecting method for after the encryption SIM card of terminal device and SIM card loss based on encryption
TWI651656B (en) * 2017-03-29 2019-02-21 楊建綱 Multidimensional barcode action identity authentication method, digital certificate device
CN110555693A (en) * 2018-06-04 2019-12-10 紫光同芯微电子有限公司 system and method for realizing two-dimensional code security by using SIM card
TWI700643B (en) * 2017-03-29 2020-08-01 楊建綱 Multi-dimensional barcode mobile identity authentication method
US10902408B2 (en) 2017-03-29 2021-01-26 Chien-Kang Yang Mobile payment method using a barcode, device and server for implementing the method
CN113094671A (en) * 2021-04-14 2021-07-09 广州炒米信息科技有限公司 Authorization method and device of personal cloud storage equipment and personal cloud storage equipment
TWI758574B (en) * 2017-03-29 2022-03-21 楊建綱 Multidimensional barcode mobile payment method and payment server system
CN115603898A (en) * 2021-07-07 2023-01-13 中移(杭州)信息技术有限公司(Cn) Verification code generation method, verification code generation device, terminal and storage medium
CN116684111A (en) * 2022-02-23 2023-09-01 中移动金融科技有限公司 Two-dimension code identity authentication method, device and system

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1298571A1 (en) * 2000-03-08 2003-04-02 Masaki Wakamoto Charge system for use of two-dimensional code
CN1777101A (en) * 2005-11-22 2006-05-24 大连理工大学 Real-time identity authentication method based on mobile phone, bluetooth and two-dimensional barcode
JP2008305117A (en) * 2007-06-07 2008-12-18 Baazu Joho Kagaku Kenkyusho:Kk Approval application processing system and approval application processing method
CN102842081A (en) * 2011-06-23 2012-12-26 上海易悠通信息科技有限公司 Method for generating two-dimensional code and implementing mobile payment by mobile phone
CN103401880A (en) * 2013-08-15 2013-11-20 西南大学 Automatic login industrial control system and control method

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1298571A1 (en) * 2000-03-08 2003-04-02 Masaki Wakamoto Charge system for use of two-dimensional code
CN1777101A (en) * 2005-11-22 2006-05-24 大连理工大学 Real-time identity authentication method based on mobile phone, bluetooth and two-dimensional barcode
JP2008305117A (en) * 2007-06-07 2008-12-18 Baazu Joho Kagaku Kenkyusho:Kk Approval application processing system and approval application processing method
CN102842081A (en) * 2011-06-23 2012-12-26 上海易悠通信息科技有限公司 Method for generating two-dimensional code and implementing mobile payment by mobile phone
CN103401880A (en) * 2013-08-15 2013-11-20 西南大学 Automatic login industrial control system and control method

Cited By (20)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106162520A (en) * 2015-04-28 2016-11-23 中国移动通信集团公司 Health and fitness information processing method, health and fitness information collecting device, terminal unit and system
CN106162520B (en) * 2015-04-28 2019-10-15 中国移动通信集团公司 Health information processing method, health information collection equipment, terminal equipment and system
CN105357225A (en) * 2015-12-10 2016-02-24 成都工百利自动化设备有限公司 Virtual SIM/USIM card authentication management cloud platform
CN106100850B (en) * 2016-06-17 2019-07-05 公安部第三研究所 Intelligent and safe chip signing messages transmission method and system based on two dimensional code
CN106100850A (en) * 2016-06-17 2016-11-09 公安部第三研究所 Intelligent and safe chip signing messages transmission method based on Quick Response Code and system
CN105871935A (en) * 2016-06-21 2016-08-17 珠海市魅族科技有限公司 Mobile communication method and device
CN108229127A (en) * 2016-12-21 2018-06-29 英业达科技有限公司 Verification data are generated in advance to distinguish the system and method for client
TWI758574B (en) * 2017-03-29 2022-03-21 楊建綱 Multidimensional barcode mobile payment method and payment server system
TWI651656B (en) * 2017-03-29 2019-02-21 楊建綱 Multidimensional barcode action identity authentication method, digital certificate device
TWI700643B (en) * 2017-03-29 2020-08-01 楊建綱 Multi-dimensional barcode mobile identity authentication method
US10902408B2 (en) 2017-03-29 2021-01-26 Chien-Kang Yang Mobile payment method using a barcode, device and server for implementing the method
US10979421B2 (en) 2017-03-29 2021-04-13 Chien-Kang Yang Identity authentication using a barcode
CN114186985A (en) * 2017-03-29 2022-03-15 杨建纲 Multidimensional barcode mobile payment method and payment server
CN110555693A (en) * 2018-06-04 2019-12-10 紫光同芯微电子有限公司 system and method for realizing two-dimensional code security by using SIM card
CN110555693B (en) * 2018-06-04 2023-09-12 紫光同芯微电子有限公司 System and method for realizing two-dimension code safety by using SIM card
CN108769981A (en) * 2018-06-09 2018-11-06 深圳市宝尔爱迪科技有限公司 A kind of a kind of personal information protecting method for after the encryption SIM card of terminal device and SIM card loss based on encryption
CN113094671A (en) * 2021-04-14 2021-07-09 广州炒米信息科技有限公司 Authorization method and device of personal cloud storage equipment and personal cloud storage equipment
CN113094671B (en) * 2021-04-14 2023-09-29 广州炒米信息科技有限公司 Authorization method and device of personal cloud storage device and personal cloud storage device
CN115603898A (en) * 2021-07-07 2023-01-13 中移(杭州)信息技术有限公司(Cn) Verification code generation method, verification code generation device, terminal and storage medium
CN116684111A (en) * 2022-02-23 2023-09-01 中移动金融科技有限公司 Two-dimension code identity authentication method, device and system

Similar Documents

Publication Publication Date Title
CN103957105A (en) Use identity authentication method and SIM card
JP5859953B2 (en) Biometric authentication system, communication terminal device, biometric authentication device, and biometric authentication method
US10454913B2 (en) Device authentication agent
US8862888B2 (en) Systems and methods for three-factor authentication
CN107079034B (en) Identity authentication method, terminal equipment, authentication server and electronic equipment
US11539690B2 (en) Authentication system, authentication method, and application providing method
CN107004077B (en) Method and system for providing secure and independently operable biometric authentication
CN106709963B (en) The method and apparatus of the authentication image true and false
JP6284088B2 (en) Identity verification and anti-theft system and method using a one-time random key
US20180357638A1 (en) Identity information authentication method, user terminal, service terminal, authentication server, and service system
TWI529641B (en) System for verifying data displayed dynamically by mobile and method thereof
CN103210607B (en) The method and apparatus that the service provided by WEB server is carried out secure registration
CN110336832B (en) An information encryption and decryption method, device and terminal
WO2017067201A1 (en) Wi-fi connection method, terminal, and system
US9465974B2 (en) Electronic device providing downloading of enrollment finger biometric data via short-range wireless communication
CN104660589A (en) Method and system for controlling encryption of information and analyzing information as well as terminal
JP5805874B2 (en) Apparatus and method for connecting a removable module to an access terminal
WO2015039589A1 (en) User identity authorization system and authorization method based on bar codes
CN111344702B (en) Biometric Template Processing Involving Key Carrying Devices
CN106778285A (en) For method, the device upgraded to equipment
CN104618356B (en) Auth method and device
CN105631271A (en) Unlocking method, unlocking device, wearable intelligent equipment and terminal
US20150124969A1 (en) Method and Device for Obtaining a Security Key
WO2017028595A1 (en) Payment verification method, terminal, and server
CN109815666B (en) Identity authentication method and device based on FIDO protocol, storage medium and electronic equipment

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20140730

RJ01 Rejection of invention patent application after publication