A kind of network identification system based on iris recognitionTechnical field
The present invention relates to technical field of network information security certification.More particularly, to a kind of net based on iris recognitionNetwork identity authorization system.
Background technology
Iris is located at after cornea, before crystalline lens, the annular visual film between sclera and pupil, includes lineMultiple fine features such as reason, blood vessel and spot.Because it has generality, uniqueness, stability, reliability, non-property invaded etc.Feature, therefore iris recognition technology turns into the focus that identity differentiates in recent years.
At present, domestic and foreign scholars have carried out deeply extensive research, and achieve larger progress to iris recognition technology.Product with iris identifying function emerges in an endless stream, and its application scenario is also more and more.With the continuous development of information technology, netNetwork space plays more and more important role in the life of people.Network is also brought while bringing convenientMany negative effects.In cyberspace, people need to remember the password account name of various websites and application program, if protectingPipe is not good at causing password loss, leakage, can also cause loss economically or the leakage of individual privacy.Therefore, it is empty in networkBetween how accurately and quickly to differentiate that a person's identity becomes further important.Iris recognition is with its accuracy, stability and workThe features such as body identifies, is developed rapidly, is approved by more and more users.Iris recognition system on the market at presentSystem is unit operation or run in the Small-scale LAN of composition, can not meet the needs of user network authentication.
Therefore need to provide a kind of network identification system based on iris recognition, solve in current cyberspace, useFamily needs to remember the sensitive informations such as the password of various websites and program, once information is stolen economic loss etc. can be caused to askTopic.
The content of the invention
The purpose of the present invention is to be directed at least one of problem above, there is provided a kind of network identity based on iris recognition is recognizedCard system, the Verification System can quickly and accurately identify user identity using iris feature in cyberspace, solve meshThe problem of preceding user needs to remember various account numbers and password in network, and password leakage easily causes privacy compromise, economic loss.
In order to solve the above technical problems, the present invention uses following technical proposals:
A kind of network identification system based on iris recognition, including iris information harvester, client and serviceDevice end.The client includes iris information Registering modules, application program interactive module, authentication module.
When carrying out iris information registration, the client is by iris information Registering modules to iris information harvesterOutput carries out the control instruction of iris information collection, and the iris information harvester receives the control instruction, carries out irisCollection, coding and the encryption of image, and export the iris-encoding of encryption and the equipment mark code information of iris information harvester;Client is by iris information Registering modules by the iris-encoding and equipment mark code information transfer to server end;ServerEnd stores to iris-encoding and equipment mark code information, establishes iris database.
When application program interactive module, which is employed routine call, enters line program login, the client passes through authenticationModule exports the control instruction for carrying out iris information collection to iris information harvester, and the iris information harvester receivesThe control instruction, carries out collection, coding and the encryption of iris image, and exports iris-encoding and the iris information collection of encryptionThe equipment mark code information of device;Client is by authentication module by the iris-encoding and equipment mark code information transferTo server end.Server end carries out the matching certification of iris-encoding, and authentication result is returned into application program interactive module,If certification success, application program will automatic jump to the personal account of the user.
Preferably, the packing forms of the application program interactive module include activex controls, dll document forms, respectivelyFor completing to interact with the application program of B/S, C/S framework.
Preferably, the iris information harvester further comprises:Iris information acquisition module, for gathering iris figurePicture;Iris information coding module, for iris image to be converted into iris-encoding;Data communication module, for receiving clientThe control instruction of the carry out iris information collection of output, by the iris-encoding and the equipment mark code of iris information harvesterInformation is encrypted and exported to client.
Preferably, the server end further comprises iris information matching module and memory module;Carrying out iris letterDuring breath registration, the iris information matching module receives the iris-encoding of iris information Registering modules output, equipment mark code letterBreath and subscriber identity information, and memory module is transmitted it to, memory module receives and stores iris-encoding, equipment mark code letterBreath and subscriber identity information, establish iris information database;It is employed routine call in application program interactive module and enters line programDuring login, the iris information matching module receives the iris-encoding and equipment mark code information of authentication module output, fromMemory module extraction database in iris-encoding information carry out iris-encoding matching certification, and by authentication result export to shouldWith program interaction module.
Preferably, the matching certification detailed process of the iris information matching module progress iris-encoding is:
S1:The iris information matching module analyzing device identification code information, and will be same in the iris-encoding and databaseThe iris-encoding of one equipment mark code is matched;If the match is successful, into step S2;If it fails to match, into stepS3;
S2:The identity information of the user is transmitted to application program interactive module;
S3:The iris-encoding is matched with the iris-encoding of same equipment mark code in database;If there is success,Return to step S2;If it fails to match, into step S4;
S4:The iris-encoding is matched with the iris-encoding of same equipment mark code in database;If there is success,Return to step S2;If it fails to match, into step S5;
S5:The iris-encoding is matched with the iris-encoding of miscellaneous equipment identification code in database;If there is success,Return to step S2;If all matching fails, to application program interactive module authentication output failure result.
Preferably, the network identification system includes at least two clients.
Preferably, the server end also includes load balancing management module, and the access for managing multiple client pleaseAsk.
Beneficial effects of the present invention are as follows:
1st, the iris information harvester of the network identification system provided by the invention based on iris recognition has onlyOne equipment mark code, and in collection image every time, meeting optional equipment identification code transmits in the lump.Server end is receiving irisWhen coding carries out encoding ratio pair, can the iris-encoding of the same equipment mark code of prioritizing selection go to compare, in the case of large database concept,1:N identification problem is converted to 1:1 validation problem, drastically increase iris recognition efficiency.
2nd, the iris database of the network identification system provided by the invention based on iris recognition is in server endCentralized management, and encrypted transmission is used in transmitting procedure, ensure the safety of client iris data.
3rd, it is provided by the invention based on the network identification system of iris recognition using iris recognition technology as core, can be withThe login control of existing any application program in cyberspace is realized, had both improved system safe class, and pole is brought to userConvenience, solving current user needs to remember various account numbers and password in network, and password leakage easily cause privacy compromise,The problem of economic loss.
4th, the network identification system provided by the invention based on iris recognition uses distributed structure/architecture, and its front end isThe function of iris image acquiring coding is realized, the core link of all iris recognitions is completed in server end, is easy to core to calculateThe upgrade maintenance of method.
Brief description of the drawings
The embodiment of the present invention is described in further detail below in conjunction with the accompanying drawings.
Fig. 1 shows the structural frames of the network identification system based on iris recognition in a kind of preferred embodiment of the present inventionFigure.
Embodiment
In description given below, for purposes of illustration, in order to provide comprehensive reason to one or more embodimentSolution, elaborates many details.It may be evident, however, that these realities can also be realized in the case of these no detailsApply mode.In order to illustrate more clearly of the present invention, with reference to preferred embodiments and drawings, the present invention is described further.Similar part is indicated with identical reference in accompanying drawing.It will be appreciated by those skilled in the art that specifically retouch belowThe content stated is illustrative and be not restrictive, and should not be limited the scope of the invention with this.
It is unit operation based on iris authentication system in the prior art or is run in the Small-scale LAN of composition, nothingMethod meets the needs of user network authentication, and the present invention provides a kind of network identification system based on iris recognition, shouldVerification System can quickly and accurately identify user identity using iris feature in cyberspace, and solving current user needsRemember various account numbers and password in network, and the problem of password leakage easily causes privacy compromise, economic loss.
Specifically, it is described in detail with reference to accompanying drawing.Fig. 1 shows based on iris to know in a kind of preferred embodiment of the present inventionOther network identification system structured flowchart.
Recognize as shown in figure 1, providing a kind of network identity based on iris recognition in a kind of preferred embodiment of the present inventionCard system, including iris information harvester 1, client 2 and server end 3.
The iris information harvester 1 further comprises:Iris information acquisition module 11, for gathering iris image;Iris information coding module 12, for iris image to be converted into iris-encoding;Data communication module 13, for receiving clientThe control instruction of the carry out iris information collection of 2 outputs, by the device identification of the iris-encoding and iris information harvester 1Code information is encrypted and exported to client 2.
The client further comprises iris information Registering modules 23, application program interactive module 22, authentication mouldBlock 21;The iris information Registering modules 23 are used for the user identity of the iris-encoding, equipment mark code information and inputInformation is sent to server end 3;The application program interactive module 22 is used for the calling for receiving application program, and output carries out identityThe control instruction of certification, or the iris-encoding authentication result for being exported according to server end 3, to application program export log in orForbid the control instruction logged in;Preferably, the packing forms of the application program interactive module 22 include activex controls, dllDocument form, be respectively utilized to complete makes the scope of application of the identity authorization system with interacting for the application program of B/S, C/S frameworkTo extensive.The control that the authentication module 21 is used to receive the progress authentication of the output of application program interactive module 22 refers toOrder, and complete the control instruction between client 2 and iris information harvester 1, client 2 and server end 3, iris-encodingWith the transmission of equipment mark code information.
The server end 3 further comprises iris information matching module 32 and memory module 33;Carrying out iris informationDuring registration, the iris information matching module 32 receives the iris-encoding of the output of iris information Registering modules 23, equipment mark codeInformation and subscriber identity information, and memory module 33 is transmitted it to, memory module 33 receives and stores iris-encoding, equipment markKnow code information and subscriber identity information, establish iris information database;It is employed routine call in application program interactive module 22When entering line program login, the iris information matching module 32 receives the iris-encoding and equipment mark that authentication module 21 exportsKnow code information, from memory module 33 extract database information carry out iris-encoding matching certification, and by authentication result export toApplication program interactive module 22.
The network identification system has some following clear superiority compared to prior art:Using distributed structure/architecture,Its front end is the function of realizing iris image acquiring coding, and the core link of all iris recognitions is completed in server end,It is easy to the upgrade maintenance of core algorithm;The iris database of network identification system provided by the invention based on iris recognitionManaged concentratedly in server end, and encrypted transmission is used in transmitting procedure, ensured the safety of client iris data;SimultaneouslyThe Verification System is using iris recognition technology as core, it is possible to achieve the login control of existing any application program in cyberspace,Both improved system safe class, again bringing great advantage to the user property, solve current user need to remember it is various in networkAccount number and password, and the problem of password leakage easily causes privacy compromise, economic loss.
In this preferred embodiment, the network identification system includes a client 2.In its of the present inventionIn its embodiment, the server end 3 can form one-to-many relation with the client 2, i.e. a server end 3 is sameWhen respond the requests of more clients 2.Specifically, the network identification system can include two or more clientsEnd 2, ground is corresponded, the server end 3 includes load balancing management module 31, for managing the visit of multiple client 2Request is asked, increases the throughput of system, shortens the response time.
The network identification system course of work of the invention based on iris recognition is specific as follows:
When carrying out iris information registration, user is first by the iris information Registering modules 23 of client 2 in registration pageFill in subscriber identity information, and self-help registration individual's iris information.It is described by iris information Registering modules 23 to iris informationThe output of harvester 1 carries out the control instruction of iris information collection, and the iris information acquisition module 11 carries out iris imageCollection, the iris information coding module 12 carry out the coding of iris information, the data communication module 13 to iris-encoding andEquipment mark code information is encrypted, and then exports the iris-encoding of encryption and the equipment mark code letter of iris information harvesterBreath;User's body that client 2 is inputted iris-encoding, equipment mark code information and user by iris information Registering modules 23Part information transfer is to server end 3;Server end 3 is by memory module 33 to iris-encoding, equipment mark code information and userIdentity information is stored, and establishes iris database.
When user needs to open some application program, the application program only need to be clicked on mouse, the application program can be adjustedWith the application program interactive module 22 of client 2, next application program interactive module 22 can start authentication module 21, bodyPart authentication module 21 sends the control instruction of iris information collection to data communication module 13, and iris information acquisition module 11 startsClient iris information is gathered, iris image is converted to iris-encoding by iris information coding module 12, and data communication module 13 willThe equipment mark code information of the iris-encoding and iris information harvester 1 is encrypted and exported to the identity of client 2The iris-encoding of the encryption received, equipment mark code information are sent to server by authentication module 21, authentication module 21End 3.Iris information matching module 32 parses the equipment mark code information received, and the iris-encoding is set with same in databaseThe iris-encoding of standby identification code is matched;If the match is successful, the identity information of the user is transmitted to application program and interactedModule 22, after application program interactive module 22 receives the identity information of user, the identity information of the user is sent to using journeySequence, application program and then the personal account for automatic jumping to the user, so as to complete whole login process;If it fails to match,Then the authentication failure message received can be fed back to application program by application program interactive module 22, and application program forbids user to log inAnd send the prompting of login failure.
Specifically, the matching verification process of the progress of iris information matching module 32 iris-encoding is:
S1:The analyzing device identification code information of iris information matching module 32, and by the iris-encoding and databaseThe iris-encoding of same equipment mark code is matched;If the match is successful, into step S2;If it fails to match, enter stepRapid S3;
S2:The identity information of the user is transmitted to application program interactive module 22;
S3:The iris-encoding is matched with the iris-encoding of same equipment mark code in database;If there is success,Return to step S2;If it fails to match, into step S4;
S4:The iris-encoding is matched with the iris-encoding of same equipment mark code in database;If there is success,Return to step S2;If it fails to match, into step S5;
S5:The iris-encoding is matched with the iris-encoding of miscellaneous equipment identification code in database;If there is success,Return to step S2;If all matching fails, to the authentication output failure result of application program interactive module 22.
The present invention network identification system carry out iris-encoding matching certification the advantages of be:Each iris informationHarvester has unique equipment mark code, and in collection iris image every time, meeting optional equipment identification code transmits in the lump.Server end when receiving iris-encoding and carrying out encoding ratio pair, can the iris-encoding of the same equipment mark code of prioritizing selection go to compareRight, in the case of large database concept, one-to-many identification problem is converted to man-to-man validation problem, drastically increases iris knowledgeOther efficiency.Certainly, user according to self-demand and actual conditions, can also set the strategy of iris information comparison, be not limited to thisA kind of alignments.
Obviously, the above embodiment of the present invention is only intended to clearly illustrate example of the present invention, and is not pairThe restriction of embodiments of the present invention, for those of ordinary skill in the field, may be used also on the basis of the above descriptionTo make other changes in different forms, all embodiments can not be exhaustive here, it is every to belong to this hairRow of the obvious changes or variations that bright technical scheme is extended out still in protection scope of the present invention.