CN103576946A - Display device, authentication system including same and authentication method - Google Patents
Display device, authentication system including same and authentication method Download PDFInfo
- Publication number
- CN103576946A CN103576946A CN201210250502.0A CN201210250502A CN103576946A CN 103576946 A CN103576946 A CN 103576946A CN 201210250502 A CN201210250502 A CN 201210250502A CN 103576946 A CN103576946 A CN 103576946A
- Authority
- CN
- China
- Prior art keywords
- authentication
- data
- signature
- character data
- touch
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/32—User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Collating Specific Patterns (AREA)
- User Interface Of Digital Computer (AREA)
Abstract
The invention discloses a display device. The display device comprises a display processing and driving circuit, a touch acquiring and processing circuit and a display screen, wherein the display processing and driving circuit is used for receiving and displaying a handwriting window display command and handwriting window display data, and receiving touch track data from the touch acquiring and processing circuit and driving the display screen for displaying; the touch acquiring and processing circuit is used for acquiring touch data, sending the touch track data to the display processing and driving circuit for displaying; the display device may further comprise an authentication unit for signing by utilizing a handwriting way. A touch identification system is solidified in the display device and is artfully combined with a display processing circuit of the display device in the technical scheme of the invention, so that an isolate island mode is formed in the signing and handwriting input process, the input characters or signature information is not associated with a host, better confidentiality is achieved by using the signature authentication, and credit-card consumption is more convenient and faster.
Description
Technical field
The present invention relates to touch-screen field, relate in particular to a kind of have safe the obtain display device with touch function of signed data and the Verification System that comprises this display device.
Background technology
The application of touch-screen is more and more extensive, touch-screen is to provide the requisite device of human-computer interaction, current touch-screen is except providing common touch command function, also there is the functions such as word input, even occur utilizing touch-screen to carry out the technology of signature authentication, a kind of right discriminating system of touch screen terminal is disclosed in Chinese patent document CN101483871A, but its scheme is mainly for mobile subscriber terminal, this patent documentation only provided one roughly utilize the sign thinking of authentication of touch-screen, how concrete being connected with terminal and designing do not have openly, those skilled in the art also do not know and how to go to realize this scheme.A kind of system and method for the authentication based on pressure for the signature on touch-screen is disclosed in Chinese patent open source literature CN102483784A, the document is mainly openly applicable to computing machine, server, mobile device, ATM (automatic teller machine), the Signature Authentication System of the electronic equipment of credit card reader and cashier's machine and so on, this Signature Authentication System comprises touch-screen, touch panel control circuit, processing module, input equipment and data storage elements, main technical schemes is the structure of transformation touch-screen, become pressure-sensitive touch screen, signature tonogram based on obtained is determined signed data, wherein processing module is equivalent to the core processor of a terminal.Chinese patent open source literature CN101242273A discloses a kind of signature data generation system of mobile terminal, comprises acquisition module, for gather signature track data from touch-screen; Image generation module, for generating signature image file according to described signature track data; Acquisition module, user obtains personal code work; Signature data generation module, for described personal code work being inserted into described signature image file, generates signature data.Above-mentioned prior art is all carried out the Graphics Processing of signed data and authentication etc. in the primary processor (or MCU or main frame) of an equipment, and the primary processor of an equipment is very dangerous, such as trojan horse program etc., allow individual signing messages have easily stolen threat, and the number of times of signed data sending and receiving is more frequent, danger is also just higher; Especially can not be used in important Verification System the fields such as hand-written information input of having relatively high expectations such as signature authentication or other confidentiality of financial field.
Summary of the invention
Technical matters to be solved by this invention is to provide a kind of very safe and reliable display device with touch function, and the demonstration of signed data or handwriting input does not need the transmitting-receiving processing procedure through main frame or the processor that is connected with display device.The present invention also provides the Verification System that comprises this display device.
For solving the problems of the technologies described above, the technical solution used in the present invention is as follows:
, comprise Graphics Processing and driving circuit, touch sampling and processing circuit, display screen,
Described Graphics Processing and driving circuit, show data and show for receiving hand-written window idsplay order and hand-written window; And, from described touch sampling and processing circuit, receive touch track data and drive display screen to show;
Touch sampling and processing circuit, for gathering touch data, touch track data are sent to described Graphics Processing and driving circuit shows.
Preferably, also comprise the authentication ' unit being connected with touch sampling and processing circuit and the storer being connected with authentication ' unit, wherein storer is used to authentication ' unit that the signature character data of comparison use are provided; Described hand-written window idsplay order and hand-written window show that data are respectively signature window idsplay order and signature window shows data, the touch data of described touch sampling and processing circuit collection is signed data, touching sampling and processing circuit processes the complete signed data of signing each time to generate signature character data, and the signature character data for authenticating are sent to authentication ' unit authenticate, after described authentication ' unit has authenticated, authentication result is fed back to described touch sampling and processing circuit and/or other circuit.
Preferably, described signature character data at least comprise the velocity characteristic of the complete trajectory feature of once signed, the bulk velocity feature of track and/or each segmentation of track.
Preferably, if the authentication result of authentication ' unit feedback is authentification failure, touch sampling and processing circuit and send control command to Graphics Processing and driving circuit, Graphics Processing and driving circuit are done following processing: the prompting of authentification failure is processed and/or shown to the demonstration data that main frame do not sent.
Preferably, described touch sampling and processing unit, after receiving the authentication request of main frame, sends to main frame by authentication result.
Preferably, described authentication ' unit authentication method is:
Authentication ' unit will contrast from touching the track of the pre-stored signature character data of the track of the signature character data that sampling and processing circuit receives and described storer, if in pre-stored signature character data, at least exist one with from touching signature character data that sampling and processing circuit receives, in track similarity, belong to and be less than 100% and be greater than the scope of certain similarity threshold, authentication success, otherwise authentification failure.
Preferably, described authentication ' unit also comprises further authentication:
The bulk velocity feature in signed data relatively, if bulk velocity in predetermined threshold range, authentication success, otherwise authentification failure.
Preferably, described authentication ' unit also comprises further authentication: the segmentation feature data of the track of relatively signing, the similarity of corresponding segmentation feature data is also just thought authentication success in predetermined scope.
Preferably, described touch sampling and processing circuit sends at least two of the signature character data that authentication ' unit authenticates, and the ratio of success identity is greater than certain threshold value and just represents authentication success.
, comprise main frame, the display device being connected with main frame and security system, wherein, described display device comprises Graphics Processing and driving circuit, touch sampling and processing circuit, display screen,
Main frame, the authentication request of reception security system, sends to described touch sampling and processing circuit by signature character data acquisition instruction; Receive and touch the signature character data for authenticating that sampling and processing circuit sends, be forwarded to described security system;
Described Graphics Processing and driving circuit, show data and drive display screen to show for receiving signature window idsplay order and signature window; And, from described touch sampling and processing circuit, receive touch track data and drive display screen to show;
Touch sampling and processing circuit, the signature character data acquisition instruction sending for Receiving Host, collection signed data, sends to described Graphics Processing by signature track data and driving circuit shows; The complete signed data of signing is each time processed and generated signature character data, the signature character data for authenticating are sent to main frame;
Security system, sends authentication request to main frame, authenticates after receiving the signature character data that main frame sends with pre-stored signature character data.
Preferably, described display device also comprises ciphering unit, described ciphering unit is connected with described touch sampling and processing circuit, described security system has corresponding decipher function, described touch sampling and processing circuit is before sending to main frame by described signature character data, first send to described ciphering unit and be encrypted, the signature character data after the encryption of ciphering unit feedback are sent to main frame.
Signature and a disposal route, wherein this display device comprises Graphics Processing and driving circuit, touch sampling and processing circuit, display screen, concrete grammar is as follows:
Step 3, touch sampling and processing circuit and gather signed data, and the track data of signing in signed data is sent to Graphics Processing and driving circuit drives display screen to show.
Preferably, described display device also comprises storer and authentication ' unit, after described step 3, also comprises:
Preferably, after described step 5, also comprise:
Preferably, described signature character data at least comprise the velocity characteristic of the track characteristic of once signed, the bulk velocity feature of track and/or each segmentation of track.
An authentication method for Verification System, comprises main frame, the display device being connected with main frame and security system, and wherein, described display device comprises Graphics Processing and driving circuit, touch sampling and processing circuit, display screen, and concrete steps are as follows:
Step 3, Graphics Processing and driving circuit are according to signature window idsplay order and show that data-driven display screen shows;
Preferably, described display device also comprises ciphering unit, described security system has corresponding decipher function, in described step 4, touched sampling and processing circuit before described signature character data are sent to main frame, first send to described ciphering unit and be encrypted, the signature character data after the encryption of ciphering unit feedback are sent to main frame; In described step 5, before authenticating, security system first the signature character data of encryption are decrypted.
Preferably, described signature character data at least comprise the velocity characteristic of the complete trajectory feature of once signed, the bulk velocity feature of track and/or each segmentation of track.
Preferably, the method that described security system authenticates is as follows:
The track of the track of signature character data and pre-stored signature character data is contrasted, if in pre-stored signature character data, at least exist one with from touching signature character data that sampling and processing circuit receives, in track similarity, belong to and be less than 100% and be greater than the scope of certain similarity threshold, authentication success, otherwise authentification failure.
Preferably, described security system also comprises further authentication:
The bulk velocity feature in signed data relatively, if bulk velocity in predetermined threshold range, authentication success, otherwise authentification failure.
Preferably, described security system also comprises further authentication: the segmentation feature data of the track of relatively signing, the similarity of corresponding segmentation feature data is also just thought authentication success in predetermined scope.
Preferably, described touch sampling and processing circuit sends to by main frame at least two of the signature character data that security system authenticates, and the ratio of security system success identity is greater than certain threshold value and just represents authentication success.
Preferably, described security system is network system of bank.
In technique scheme of the present invention, touch recognition system is cured in display device, and carry out combination with the Graphics Processing circuit of display device cleverly, make signature and handwriting input process form an island mode, word or the signing messages of input do not have associated with main frame, fundamentally solve information security issue, can effectively be applied to the area of security such as bank, military affairs.
Accompanying drawing explanation
Fig. 1 is the structural representation of display device of the present invention;
Fig. 2 is the display device structure schematic diagram that the present invention has local authentication function;
Fig. 3 is local authentication process flow diagram;
Fig. 4 is the display device structure schematic diagram that the present invention adopts optical sensor touch-screen;
Fig. 5 is the structural representation of a kind of Verification System of the present invention;
Fig. 6 is the Verification System structural representation that the present invention has encrypted transmission function.
Embodiment
Below in conjunction with embodiment and accompanying drawing, technical scheme of the present invention is clearly and completely described.
The first embodiment:
As shown in Figure 1, display device 1 in the present embodiment (can be also other display to have the liquid crystal indicator of infrared touch identification function, for example plasma, LED and cathode-ray tube display) be example, comprise Graphics Processing and driving circuit and touch sampling and processing circuit, wherein Graphics Processing and driving circuit comprise display interface 6, show microprocessor 2, liquid crystal display panel drive circuit 7, liquid crystal indicator also comprises display screen, for example liquid crystal panel (LCD plate) 8; Touching sampling and processing circuit comprises touch micro-control unit 3 and touches sweep circuit 10; Touch micro-control unit except adopting USB interface and main frame communicate, can also communicate by com interface and main frame.Display interface can be arbitrary interface in VGA, DVI, HDMI, Display Port.
Base conditioning flow process is as follows:
1, touch micro-control unit 3 to showing that microprocessor 2 sends hand-written window idsplay order and hand-written window shows data; Hand-written window shows that data comprise hand-written window data, is used to form a hand-written window, and this window can be provided with background colour, such as green, blueness, white and black etc.; The region of hand-written window limit is for signature or inputting word information;
2, show that microprocessor shows that according to hand-written window idsplay order and hand-written window Data Control liquid crystal display panel drive circuit shows on LCD plate; At least comprise a handwriting area, can also comprise hand-written viewing area and menu; Handwriting area and hand-written viewing area can be positioned at different regions, also can be positioned at same area or two regions have overlapping;
3, touch micro-control unit and receive the scan-data that touches sweep circuit 10 transmissions, identification touch track also sends to touch track data and shows that microprocessor shows.
If by above-mentioned scheme for signature, above-mentioned process description signature track procedure for displaying, do not need to forward by main frame, allow signature process independently be present in display device.
The purposes of signing in display device is except can be used as authentication use, can also there is other purposes, for example can play exercise signature, repeat signature and also can not be illegally accessed signature vestige, except signature, can also be as a kind of input method of secret Word message, the word of input can store to be used as him by touching micro-control unit, for example in display device, increase encrypting module, after encryption, send to special network or confidentiality and require in high server.Such as military information etc.Can guarantee complete hand-written information, except the information of literal expression, also there is handwriting characteristic.
As a kind of preferred implementation, display device 1 also comprises storer 5 and authentication ' unit 4, for local authentication, as shown in Figure 2, wherein touches communicating by letter between micro-control unit and, storer, authentication ' unit and demonstration microprocessor and can adopt I
2c bus or alternate manner communication.The pre-stored signed data that is useful on comparison use in storer, below identifying procedure is remarked additionally (complete local authentication flow process is referring to Fig. 3), after described step 3, also comprises:
4, touch micro-control unit and detect after signature move each time, according to all data (all successive frames) that relate in signature each time, process generation signature character data; (signature character data at least comprise the complete trajectory feature of once signed, also comprise the bulk velocity feature of track and/or the velocity characteristic of each segmentation of track), the signature character data for authenticating are sent to authentication ' unit and authenticate;-
The identification of signed data and processing comprise following several mode:
Mode one, from touch action being detected first, to the touch action of all touches between the schedule time, all regarding is signature action, predetermined time can be for example 3 seconds, or more.According to individual custom, signing the time can also be as a menu item as setting.Choose from touch action being detected and start to carry out the calculating of signature character data to all signature frames in the time of setting;
Mode two, in touch recognition process, if the difference between the end time of a track and the initial time of another track is in threshold range, can thinks and also belong in signature process; If after a track finishes, exceeded a threshold range, regard as and from this track end time, start whole signature process and finish;
Above-mentioned two kinds of processing modes are selects the related frame of signature, last according to certain algorithm, compute signature characteristic;
Show that microprocessor can be synchronous to the demonstration of track characteristic, the vestige that simultaneous display finger or signature stroke are crossed; This is not synchronously temporal synchronization, and the touch track showing is after all at least also the track that former frame is identified, and the technology of this simultaneous display handwriting trace is very ripe in existing mobile phone and the computer field with hand-write input function;
5, authentication ' unit authenticates backward touch micro-control unit feedback authentication result; According to actual design demand, authentication ' unit can also be directly to showing microprocessor feedback authentication result, for showing the prompting of microprocessor display authentication result;
6, touch the authentication result that micro-control unit receives authentication ' unit feedback, can also process according to authentication result: if authentification failure, can be to showing that microprocessor sends control command, locked display device is controlled the prompting that liquid crystal display panel drive circuit shows authentification failure on display panel simultaneously.Or can cut off from display interface and receive the data that show use, or the demonstration data that receive from display interface are not carried out to Graphics Processing etc.Can also by the time touch micro-control unit after receiving the authentication request of main frame, authentication result is fed back to main frame.Main frame receives after authentication result, and whether normal operation that can main control system.
After described step 5, touching micro-control unit can also send a message to and show that microprocessor shows according to corresponding authentication result, the result that prompting user authenticates.
In described step 3, the identification of carrying out touch action comprises the touch action of identifying non-signature, and touch action comprises signature and two types of instructions; Identify while being the touch action of signature, corresponding scan-data is processed, (common MCU all carries buffer memory to generate signature character data buffer memory, certainly, according to actual conditions, also can utilize external memorizer to carry out buffer memory, just do not do specific restriction here); When identifying instruction touch action, for example instruction is " signature submit to ", the signature character data of buffer memory is before sent to authentication ' unit and authenticates; Still if " signature again ", the signature track that before removing, the signature character data of buffer memory and removing show.Can be according to need to expanding various functions of using.
The signature character data that are used for authenticating can be signature character data, also can be a plurality of signature character data, for example increase the instruction of " signature effectively ", touch after micro-control unit is received this instruction the signature character data of the last buffer memory are denoted as to one of signature valid data, in order to the use of authentication.Utilize this repeatedly signature, extract a plurality of signed datas of confirming through user, after confirming to submit to, a plurality of signature character data of confirming are sent to certificate server or authentication ' unit is carried out simultaneous verification; The number of signature, also can be used as a hiding password, according to user's oneself wish, sets.Identification touch type can be identified according to the region touching, and adhere to separately in different regions from signature region the viewing area of menu.
In described step 4, verification process is as follows: authentication ' unit is received after signature character data, the original signature characteristic for comparing pre-stored in itself and storage unit is contrasted, if compared successfully, to touching micro-control unit, feed back the successful message of authentication, otherwise feedback authentication failure.The method of authentication can also have a lot, referring to detailed description below.
The original signature characteristic for identity verification prestoring, can utilize special chip erasing apparatus to carry out typing, and it writes and delete and can utilize encryption and decryption means to control, and avoids original signature characteristic illegally to be write and clash.Also can adopt one-time write storer, can not rewrite and re-enter, for example read only memory ROM.
Above-mentioned the first embodiment is a verification process that touches micro-control unit ACTIVE CONTROL, can after display starts, just start to perform step 1.As another preferred version, the process of initiating authentication can be main frame after startup, to touching micro-control unit, initiate authentication request, touch micro-control unit and receive after the authentication request of main frame, just start to perform step 1.The first embodiment is usingd infrared touch panel as signature identification, in fact all touch-screens can be used for realizing technique scheme, for example touch screens, capacitance plate, ultrasonic screen and optical panel, can accurately identify touch and calculate the signature character data for authenticating as long as touch micro-control unit.
Although above-described embodiment goes with the more concrete constitutive characteristic of Graphics Processing and driving circuit and touch sampling and processing circuit the explanation of carrying out, but because the basic framework of Graphics Processing and driving circuit and sampling and processing circuit is all known, for example adopt the display device structure of optical sensor touch-screen as shown in Figure 4, change touch sweep circuit 10 into graph data collecting unit 10 ', change touch frame 9 into optical sensor element 9 ', wherein image data acquiring unit 10 ' and optical sensor element 9 ' are all prior aries, therefore, according to detailed description those skilled in the art of above-described embodiment, just can realize and utilize alternate manner to realize technical scheme of the present invention.Therefore when requiring, general right do not need to adopt more concrete feature yet.According to the function of Graphics Processing and driving circuit and touch sampling and processing circuit, those of ordinary skills can realize.
The second embodiment: remote authentication-----be take banking as example
Fig. 5 is the structural representation of Verification System, system is except comprising the structure in the first embodiment, also comprise by the access server of communication network and main-machine communication the certificate server of communicating by letter with access server, the banking processor system of communicating by letter with certificate server.Emphasis of the present invention does not lie in the concrete formation of bank service network, for access server, certificate server and banking system, between three, is no matter what connection and communication sequence, can merge into network system of bank.
In banking system, common flow process is that user passes through terminal (main frame) and sends a service request, the certificate server of bank's access server or banking system notifying bank network-side sends authentication request to main frame, main frame is pointed out user's input authentication information by display device, user is by input media input authentication information, main frame sends to certificate server by authentication information, and certificate server authenticates.Whole identifying procedure utilizes encryption and decryption means to carry out secret communication conventionally.Above-mentioned flow process is more ripe prior art, here just no longer carefully state, for host side, no matter which type of whole operation flow is, do not affect and receive authentication information acquisition instructions and gather authentication information and the flow process of feedback, the first step of flow process is that main frame initiatively sends authentication request certainly; In the present embodiment, at main frame or display end, do not authenticate, so display end does not comprise authentication ' unit and storer.
Identifying procedure: 1, main frame sends signature character data acquisition instruction to touching micro-control unit; Signature character data are as authentication information;
2, touch after micro-control unit is received described signature character data acquisition instruction and sign window idsplay order and show data to showing that microprocessor sends; Here " by hand-written window idsplay order " makes " signature window idsplay order " more suitable, because handwriting input also has other effect except signature, different window idsplay orders can be set for different effects and show data, to meet concrete requirement;
3, show microprocessor according to signature window idsplay order and show that Data Control liquid crystal display panel drive circuit shows on LCD plate;
4, touch micro-control unit and receive the scan-data that touches sweep circuit transmission, identify touch track and send to and show that microprocessor shows, after signature being detected each time and move, according to all successive frames that relate in signature each time, process generation signature character data; Signature character data for authenticating are sent to main frame;
5, main frame sends to certificate server by described signature character data and authenticates; If have access server between main frame and certificate server, main frame sends to certificate server by access server or access network by described signature character data and authenticates.
After completing as for authentication, how carrying out other business is not the emphasis that the present invention will set forth, the treatment scheme of banking is quite ripe prior art, only enumerate once being listed as and repeat no more below: if authentication is passed through, the message that certificate server passes through authentication sends to banking system and carries out business processing; Otherwise certificate server sends to main frame by authentification failure message by access server, main frame sends the information indicating of authentification failure by display interface.Certificate server and banking system may be incorporated in a system, and certificate server and banking system also can all be connected on access server, by access server, communicate.
Although in the present embodiment, only have remote authentication, do not get rid of can display and main frame on also increase the link that has authentication, this combination is that those skilled in the art are apparent.
The explanation that the banking system of take in above-described embodiment is carried out as example, can also have other system that need to authenticate, such as the higher office block of confidentiality, government offices etc.We can be referred to as security system by the network system of authentication section.
The process of authentication can comprise:
Certificate server or authentication ' unit receive signature character data, and the signature character data pre-stored with this locality contrast, if track similarity belongs to, are less than 100% and be greater than the scope of certain similarity threshold (for example 95%), authentication success.Being less than 100% object is in order to get rid of false signature, because can not there is identical signature.
As a preferred embodiment, because signature sometimes has larger gap, therefore certificate server can all prestore the larger several signature notes of difference to, in authentication, choosing the immediate signed data of trajectory shape compares, if belonging to, similarity is less than 100% and be greater than the scope of certain similarity threshold (for example 95%), authentication success.
Except the similarity of track relatively, can also be further the bulk velocity feature in signed data relatively, if bulk velocity (for example 0-3 second) in predetermined threshold range, authentication success, otherwise authentification failure.
In order to strengthen further authenticating effect, after bulk velocity feature authentication success, can also further authenticate:
Relatively the sign segmentation feature data of track, segmentation feature data can be any one section of tracks in signature track, in order to carry out correct contrast, local segmentation feature data and the mode that generates segmentation feature data in touching micro-control unit of generating will guarantee identically, and the characteristic of generation just has comparability like this.
For a higher preferred embodiment of authentication difficulty, for the situation that once sends a plurality of signature character data and authenticate, can carry out repeatedly authentication determination, the ratio of success identity is greater than certain threshold value (for example 5 signatures have three above authentication successs), just can represent the authentication success to user.
The 3rd embodiment:
In the present embodiment, on the basis of the second embodiment, increased enciphering/deciphering unit.
In order to improve the security performance that touches signature, in display device, increased " enciphering/deciphering unit ", as shown in Figure 6, touch micro-control unit and to main frame, sending message for example before signature character data, first signature character data being sent to enciphering/deciphering unit is encrypted, encryption technology can utilize encription algorithms approved by the State Password Administration Committee Office chip to carry out encription algorithms approved by the State Password Administration Committee Office, also can adopt the private key in RAS digital signature technology that described signature character data are encrypted; Can also adopt dynamic password to carry out encryption and decryption, guarantee that information is not stolen.If display apparatus side only needs to encrypt, display device only need to increase ciphering unit, has corresponding deciphering module in certificate server.If need two-way authentication, two ends all adopt the enciphering/deciphering unit with encryption and decryption function.Because encryption and decryption transmission is a kind of prior art of maturation, be not just described in detail the detailed process of encryption and decryption here, in the present embodiment, adopt remote authentication, therefore, corresponding enciphering/deciphering module can be increased in certificate server.As preferred embodiment, in order to stop, illegally utilize main frame to display, to send the instruction that requires signature, or stop the directly illegal instruction that sends requirement signature to display, avoid signing stolen or imitate, the mode of employing two-way authentication is carried out the enciphering/deciphering transmission of data and instruction.
The enciphering/deciphering unit of display device is except providing enciphering/deciphering for remote authentication, communication between main frame and touch micro-control unit also can all adopt coded communication, touch micro-control unit and receive the encrypted packets receiving from main frame and all send to enciphering/deciphering unit and be decrypted, according to information recognition instruction and/or the data after deciphering; Meanwhile, touch the information that micro-control unit sends to main frame, if need to encrypt, first send to enciphering/deciphering unit and be encrypted, then the data after the encryption of enciphering/deciphering unit feedback are sent.Touch the information that micro-control unit sends to main frame, can all encrypt, also can important data be encrypted, for example the information of some identifications or cipher type is encrypted, unessential touch instruction is not encrypted to transmission, and those skilled in the art can set according to demand flexibly.For safest transmitting procedure, must be that all information is all encrypted transmission.
In order to prevent illegal person from main frame and to touch the USB(USB (universal serial bus) between micro-control unit) transmission line carries out stealing of data, can, adopting hardware encryption module to be positioned at the two ends of USB transmission line (or COM transmission line), be packaged in casing the bi-directional data on USB transmission line is encrypted to transmission.
Idiographic flow is as follows:
1, main frame sends signature authentication instruction to touching micro-control unit;
2, touch after micro-control unit is received described signature authentication instruction and sign window idsplay order and show data to showing that microprocessor sends;
3, show microprocessor according to signature window idsplay order and show that Data Control liquid crystal display panel drive circuit shows on LCD plate;
4, touch micro-control unit and receive the scan-data that touches sweep circuit transmission, identify touch track and send to and show that microprocessor shows, after signature being detected each time and move, according to all successive frames that relate in signature each time, process generation signature character data; Signature character data for authenticating are sent to enciphering/deciphering unit, and enciphering/deciphering unit feeds back to described touch micro-control unit after described signature character data are encrypted;
5, touch micro-control unit the signature character data after encrypting are sent to main frame;
6, main frame sends to certificate server by described signature character data and authenticates; If have access server between main frame and certificate server, main frame authenticates after described signature character data being sent to certificate server deciphering by access server or access network.
In the above embodiment of the present invention, touch recognition system is cured in display device, and carry out combination with the Graphics Processing circuit of display device cleverly, make signature and handwriting input process form an island mode, word or the signing messages of input do not have associated with main frame, fundamentally solve information security issue, can effectively be applied to the area of security such as bank, military affairs.
Obviously, those skilled in the art can carry out various changes and modification and not depart from the spirit and scope of the present invention the present invention.Like this, if within of the present invention these are revised and modification belongs to the scope of the claims in the present invention and equivalent technology thereof, the present invention is also intended to comprise these changes and modification interior.
Claims (29)
1. a display device, comprises Graphics Processing and driving circuit, touch sampling and processing circuit, display screen, it is characterized in that,
Described Graphics Processing and driving circuit, show data and show for receiving hand-written window idsplay order and hand-written window; And, from described touch sampling and processing circuit, receive touch track data and drive display screen to show;
Touch sampling and processing circuit, for gathering touch data, touch track data are sent to described Graphics Processing and driving circuit shows.
2. a kind of display device according to claim 1, it is characterized in that, also comprise the authentication ' unit being connected with touch sampling and processing circuit and the storer being connected with authentication ' unit, wherein storer is used to authentication ' unit that the signature character data of comparison use are provided; Described hand-written window idsplay order and hand-written window show that data are respectively signature window idsplay order and signature window shows data, the touch data of described touch sampling and processing circuit collection is signed data, touching sampling and processing circuit processes the complete signed data of signing each time to generate signature character data, and the signature character data for authenticating are sent to authentication ' unit authenticate, after described authentication ' unit has authenticated, authentication result is fed back to described touch sampling and processing circuit and/or other circuit.
3. a kind of display device according to claim 2, is characterized in that, described signature character data at least comprise the velocity characteristic of the complete trajectory feature of once signed, the bulk velocity feature of track and/or each segmentation of track.
4. a kind of display device according to claim 2, it is characterized in that, if the authentication result of authentication ' unit feedback is authentification failure, touch sampling and processing circuit and send control command to Graphics Processing and driving circuit, Graphics Processing and driving circuit are done following processing: the prompting of authentification failure is processed and/or shown to the demonstration data that main frame do not sent.
5. a kind of display device according to claim 2, is characterized in that, described touch sampling and processing unit, after receiving the authentication request of main frame, sends to main frame by authentication result.
6. a kind of display device according to claim 3, is characterized in that, described authentication ' unit authentication method is:
Authentication ' unit will contrast from touching the track of the pre-stored signature character data of the track of the signature character data that sampling and processing circuit receives and described storer, if in pre-stored signature character data, at least exist one with from touching signature character data that sampling and processing circuit receives, in track similarity, belong to and be less than 100% and be greater than the scope of certain similarity threshold, authentication success, otherwise authentification failure.
7. a kind of display device according to claim 6, is characterized in that, described authentication ' unit also comprises further authentication:
The bulk velocity feature in signed data relatively, if bulk velocity in predetermined threshold range, authentication success, otherwise authentification failure.
8. a kind of display device according to claim 7, it is characterized in that, described authentication ' unit also comprises further authentication: the segmentation feature data of the track of relatively signing, the similarity of corresponding segmentation feature data is also just thought authentication success in predetermined scope.
9. a kind of display device according to claim 2, is characterized in that, described touch sampling and processing circuit sends at least two of the signature character data that authentication ' unit authenticates, and the ratio of success identity is greater than certain threshold value and just represents authentication success.
10. a Verification System, comprises main frame, the display device being connected with main frame and security system, and wherein, described display device comprises Graphics Processing and driving circuit, touch sampling and processing circuit, display screen, it is characterized in that,
Main frame, the authentication request of reception security system, sends to described touch sampling and processing circuit by signature character data acquisition instruction; Receive and touch the signature character data for authenticating that sampling and processing circuit sends, be forwarded to described security system;
Described Graphics Processing and driving circuit, show data and drive display screen to show for receiving signature window idsplay order and signature window; And, from described touch sampling and processing circuit, receive touch track data and drive display screen to show;
Touch sampling and processing circuit, the signature character data acquisition instruction sending for Receiving Host, collection signed data, sends to described Graphics Processing by signature track data and driving circuit shows; The complete signed data of signing is each time processed and generated signature character data, the signature character data for authenticating are sent to main frame;
Security system, sends authentication request to main frame, authenticates after receiving the signature character data that main frame sends with pre-stored signature character data.
11. Verification Systems according to claim 10, it is characterized in that, described display device also comprises ciphering unit, described ciphering unit is connected with described touch sampling and processing circuit, described security system has corresponding decipher function, described touch sampling and processing circuit, before described signature character data are sent to main frame, first sends to described ciphering unit and is encrypted, and the signature character data after the encryption of ciphering unit feedback are sent to main frame.
12. Verification Systems according to claim 10, is characterized in that, described signature character data at least comprise the velocity characteristic of the complete trajectory feature of once signed, the bulk velocity feature of track and/or each segmentation of track.
13. Verification Systems according to claim 10, is characterized in that, the method that described security system authenticates is as follows:
The track of the track of signature character data and pre-stored signature character data is contrasted, if in pre-stored signature character data, at least exist one with from touching signature character data that sampling and processing circuit receives, in track similarity, belong to and be less than 100% and be greater than the scope of certain similarity threshold, authentication success, otherwise authentification failure.
14. Verification Systems according to claim 13, is characterized in that, described security system also comprises further authentication:
The bulk velocity feature in signed data relatively, if bulk velocity in predetermined threshold range, authentication success, otherwise authentification failure.
15. Verification Systems according to claim 14, it is characterized in that, described security system also comprises further authentication: the segmentation feature data of the track of relatively signing, the similarity of corresponding segmentation feature data is also just thought authentication success in predetermined scope.
16. Verification Systems according to claim 10, is characterized in that,
Described touch sampling and processing circuit sends to by main frame at least two of the signature character data that security system authenticates, and the ratio of success identity is greater than certain threshold value and just represents authentication success.
17. according to claim 10 to the Verification System described in any one in 16, and described security system is network system of bank.
The signature of 18. 1 kinds of display device and disposal route, wherein this display device comprises Graphics Processing and driving circuit, touch sampling and processing circuit, display screen, concrete grammar is as follows:
Step 1, touch sampling and processing circuit send signature window idsplay order and signature window demonstration data to Graphics Processing and driving circuit;
Step 2, Graphics Processing and driving circuit show that according to signature window idsplay order and signature window data-driven display screen shows;
Step 3, touch sampling and processing circuit and gather signed data, and the track data of signing in signed data is sent to Graphics Processing and driving circuit drives display screen to show.
The signature of 19. a kind of display device according to claim 18 and disposal route, is characterized in that, described display device also comprises storer and authentication ' unit, after described step 3, also comprises:
Step 4, touch sampling and processing circuit are processed and are generated signature character data according to all data that relate in signing each time, these signature character data are sent to authentication ' unit and authenticate;
Step 5, authentication ' unit authenticate backward touch sampling and processing circuit feedback authentication result.
The signature of 20. a kind of display device according to claim 19 and disposal route, is characterized in that, after described step 5, also comprises:
Step 6, touch the authentication result that sampling and processing circuit receives authentication ' unit feedback, according to authentication result, main frame and/or Graphics Processing and driving circuit are controlled.
21. signature and disposal routes according to claim 18 to a kind of display device described in any one in 20, it is characterized in that, described signature character data at least comprise the velocity characteristic of the track characteristic of once signed, the bulk velocity feature of track and/or each segmentation of track.
The authentication method of 22. 1 kinds of Verification Systems, comprises main frame, the display device being connected with main frame and security system, and wherein, described display device comprises Graphics Processing and driving circuit, touch sampling and processing circuit, display screen, and concrete steps are as follows:
Step 1, main frame send signature character data acquisition instruction to touching sampling and processing circuit;
Step 2, touch sampling and processing circuit send signature window idsplay order and show data to Graphics Processing and driving circuit after receiving described signature character data acquisition instruction;
Step 3, Graphics Processing and driving circuit are according to signature window idsplay order and show that data-driven display screen shows;
Step 4, touch sampling and processing circuit and gather signed data, and signature track data is sent to Graphics Processing and driving circuit drives display screen to show, according to all data that relate in signature each time, process generation signature character data; Signature character data are sent to main frame;
Step 5, main frame send to security system by described signature character data and authenticate.
The authentication method of 23. a kind of Verification Systems according to claim 22, it is characterized in that, described display device also comprises ciphering unit, described security system has corresponding decipher function, in described step 4, touched sampling and processing circuit before described signature character data are sent to main frame, first send to described ciphering unit and be encrypted, the signature character data after the encryption of ciphering unit feedback are sent to main frame; In described step 5, before authenticating, security system first the signature character data of encryption are decrypted.
The authentication method of 24. a kind of Verification Systems according to claim 22, is characterized in that, described signature character data at least comprise the velocity characteristic of the complete trajectory feature of once signed, the bulk velocity feature of track and/or each segmentation of track.
The authentication method of 25. a kind of Verification Systems according to claim 22, is characterized in that, the method that described security system authenticates is as follows:
The track of the track of signature character data and pre-stored signature character data is contrasted, if in pre-stored signature character data, at least exist one with from touching signature character data that sampling and processing circuit receives, in track similarity, belong to and be less than 100% and be greater than the scope of certain similarity threshold, authentication success, otherwise authentification failure.
The authentication method of 26. a kind of Verification Systems according to claim 25, is characterized in that, described security system also comprises further authentication:
The bulk velocity feature in signed data relatively, if bulk velocity in predetermined threshold range, authentication success, otherwise authentification failure.
The authentication method of 27. a kind of Verification Systems according to claim 26, it is characterized in that, described security system also comprises further authentication: the segmentation feature data of the track of relatively signing, the similarity of corresponding segmentation feature data is also just thought authentication success in predetermined scope.
The authentication method of 28. a kind of Verification Systems according to claim 22, is characterized in that,
Described touch sampling and processing circuit sends to by main frame at least two of the signature character data that security system authenticates, and the ratio of security system success identity is greater than certain threshold value and just represents authentication success.
29. according to the authentication method of a kind of Verification System described in any one in claim 22 to 28, and described security system is network system of bank.
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201210250502.0A CN103576946A (en) | 2012-07-19 | 2012-07-19 | Display device, authentication system including same and authentication method |
PCT/CN2013/075382 WO2014012392A1 (en) | 2012-07-19 | 2013-05-09 | Display device, authentication system comprising display device and authentication method |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201210250502.0A CN103576946A (en) | 2012-07-19 | 2012-07-19 | Display device, authentication system including same and authentication method |
Publications (1)
Publication Number | Publication Date |
---|---|
CN103576946A true CN103576946A (en) | 2014-02-12 |
Family
ID=49948239
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201210250502.0A Pending CN103576946A (en) | 2012-07-19 | 2012-07-19 | Display device, authentication system including same and authentication method |
Country Status (2)
Country | Link |
---|---|
CN (1) | CN103576946A (en) |
WO (1) | WO2014012392A1 (en) |
Cited By (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103853340A (en) * | 2014-03-28 | 2014-06-11 | 广东华大集成技术有限责任公司 | Touch keyword using national cipher SM1 encryption chip and encryption method thereof |
CN107729728A (en) * | 2016-08-12 | 2018-02-23 | 京瓷办公信息系统株式会社 | Authentication device, image processing apparatus and authentication method |
CN107817964A (en) * | 2017-11-30 | 2018-03-20 | 北京集创北方科技股份有限公司 | Electronic equipment, display system and its integrated control device |
CN107831945A (en) * | 2017-11-30 | 2018-03-23 | 北京集创北方科技股份有限公司 | Electronic equipment, display system and its integrated control device, safe verification method |
CN107895106A (en) * | 2017-11-30 | 2018-04-10 | 北京集创北方科技股份有限公司 | Electronic equipment, display system and its integrated control device, safe verification method |
CN107992736A (en) * | 2017-11-30 | 2018-05-04 | 北京集创北方科技股份有限公司 | Electronic equipment, display system and its integrated control device, authentication method |
CN108009433A (en) * | 2017-11-30 | 2018-05-08 | 北京集创北方科技股份有限公司 | Electronic equipment, display system and its integrated control device, control method |
CN109951460A (en) * | 2019-03-07 | 2019-06-28 | 成都麦动信息技术有限公司 | Safety information system |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101242273A (en) * | 2008-02-21 | 2008-08-13 | 宇龙计算机通信科技(深圳)有限公司 | Signature data generation method, system and mobile terminal for mobile terminal |
CN201167364Y (en) * | 2008-01-30 | 2008-12-17 | 深圳市戴文科技有限公司 | Mobile terminal with identification verification function |
CN101483871A (en) * | 2009-01-20 | 2009-07-15 | 深圳市同洲电子股份有限公司 | Touch screen terminal, authentication method and system thereof |
CN201985894U (en) * | 2011-03-07 | 2011-09-21 | 大连民族学院 | Remote processing device of on-line signature data |
-
2012
- 2012-07-19 CN CN201210250502.0A patent/CN103576946A/en active Pending
-
2013
- 2013-05-09 WO PCT/CN2013/075382 patent/WO2014012392A1/en active Application Filing
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN201167364Y (en) * | 2008-01-30 | 2008-12-17 | 深圳市戴文科技有限公司 | Mobile terminal with identification verification function |
CN101242273A (en) * | 2008-02-21 | 2008-08-13 | 宇龙计算机通信科技(深圳)有限公司 | Signature data generation method, system and mobile terminal for mobile terminal |
CN101483871A (en) * | 2009-01-20 | 2009-07-15 | 深圳市同洲电子股份有限公司 | Touch screen terminal, authentication method and system thereof |
CN201985894U (en) * | 2011-03-07 | 2011-09-21 | 大连民族学院 | Remote processing device of on-line signature data |
Cited By (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103853340A (en) * | 2014-03-28 | 2014-06-11 | 广东华大集成技术有限责任公司 | Touch keyword using national cipher SM1 encryption chip and encryption method thereof |
CN107729728A (en) * | 2016-08-12 | 2018-02-23 | 京瓷办公信息系统株式会社 | Authentication device, image processing apparatus and authentication method |
CN107817964A (en) * | 2017-11-30 | 2018-03-20 | 北京集创北方科技股份有限公司 | Electronic equipment, display system and its integrated control device |
CN107831945A (en) * | 2017-11-30 | 2018-03-23 | 北京集创北方科技股份有限公司 | Electronic equipment, display system and its integrated control device, safe verification method |
CN107895106A (en) * | 2017-11-30 | 2018-04-10 | 北京集创北方科技股份有限公司 | Electronic equipment, display system and its integrated control device, safe verification method |
CN107992736A (en) * | 2017-11-30 | 2018-05-04 | 北京集创北方科技股份有限公司 | Electronic equipment, display system and its integrated control device, authentication method |
CN108009433A (en) * | 2017-11-30 | 2018-05-08 | 北京集创北方科技股份有限公司 | Electronic equipment, display system and its integrated control device, control method |
CN107895106B (en) * | 2017-11-30 | 2019-01-11 | 北京集创北方科技股份有限公司 | Electronic equipment, display system and its integrated control device, safe verification method |
CN109951460A (en) * | 2019-03-07 | 2019-06-28 | 成都麦动信息技术有限公司 | Safety information system |
Also Published As
Publication number | Publication date |
---|---|
WO2014012392A1 (en) | 2014-01-23 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN103576946A (en) | Display device, authentication system including same and authentication method | |
US10218506B1 (en) | Cross-device authentication | |
US10643210B2 (en) | Secure transactions using a personal device | |
CN102035654B (en) | Identity authentication method, identity authentication equipment, server and identity authentication-based encryption method | |
AU2022204797B2 (en) | Raw sensor input encryption for passcode entry security | |
CN103679448B (en) | Password inputting method and password inputting system | |
CN101447010B (en) | Login system and method for logging in | |
US20140324708A1 (en) | Raw sensor input encryption for passcode entry security | |
US20070067634A1 (en) | System and method for restricting access to a terminal | |
US20040024710A1 (en) | Secure input pad partition | |
US20180240100A1 (en) | Method for securing a transaction from a non-secure terminal | |
CN107209821A (en) | Method for digitally signing an electronic document and authentication method | |
CN103824033A (en) | Touch display device for safely inputting password information and password input method | |
CN104978512A (en) | Password input and confirmation method and system thereof | |
CN104463147A (en) | Method and device for achieving handwritten signature verification | |
CN104103132A (en) | Mobile uKey [USB (universal serial bus) Key] and card-less cash withdrawal System and mobile uKey and card-less cash withdrawal method | |
CN104021322A (en) | Electronic signature method, electronic signature equipment and electronic signature client | |
CN203243360U (en) | Identity registration system | |
CN103294943A (en) | Encrypted signature handwriting device and method | |
CN103150520A (en) | Security encryption method and electronic device | |
US9633234B2 (en) | System and method for a secure display module | |
CN207051904U (en) | A kind of hand-written screen system for supporting authentication and data encryption feature | |
CN111552983B (en) | Electronic signature method based on single chip microcomputer | |
CN114531236A (en) | Key processing method and device and electronic equipment | |
CN105323752A (en) | Mobile device, and method of authenticating user |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20140212 |