信息网络安全 ›› 2014, Vol. 14 ›› Issue (10): 86-91.doi: 10.3969/j.issn.1671-1122.2014.10.016

• 理论研究 • 上一篇    

基于面部认证的涉密文档阅读器设计

张立朝, 朱坤崧, 杨宇航, 许纪钧   

  1. 解放军信息工程大学密码工程学院,河南郑州 450001
  • 收稿日期:2014-06-17 出版日期:2014-10-01
  • 作者简介:张立朝(1979-),男,河北,讲师,博士研究生,主要研究方向:信息安全;朱坤崧(1992-),男,江西,硕士研究生,主要研究方向:信息安全;杨宇航(1991-),男,河南,硕士研究生,主要研究方向:信息安全;许纪钧(1993-),男,河南,硕士研究生,主要研究方向:信息安全。
  • 基金资助:
    国家自然科学基金[61302107]

Design of the Classified Document Reader Based on Face Authentication

ZHANG Li-chao, ZHU Kun-song, YANG Yu-hang, XU Ji-jun   

  1. Institute of Cryptography Engineering, PLA Information Engineering University, Zhengzhou Henan 450001, China
  • Received:2014-06-17 Online:2014-10-01

摘要: 随着信息化社会的不断发展,文档的电子化成为大势所趋。电子文档在给我们提供便利的同时,也带来了诸多安全隐患。涉密电子文档面临的安全威胁有非授权访问、知密范围难控和泄密主体难追踪等,而目前关于涉密电子文档的解决方案仅满足了身份认证、访问控制等安全需求,未能实现对用户身份的实时认证和涉密文档的有效控制。针对以上安全威胁及用户需求,通过对面部认证、单向传输和眼球追踪等技术的研究,文章设计了一款基于面部认证的涉密文档阅读器。使用OpenCV实现的面部认证技术用于完成对用户的身份认证和阅读权限的实时认证,可有效防止非授权访问、偷窥等行为,实现可靠的访问控制。专用接口提供对USB移动存储数据的安全处理,提供单向数据传输功能,通过专用接口向涉密文档阅读器单向传输涉密文档,可有效解决阅读器丢失、拷贝复制等造成的安全隐患。文中设计的阅读器在提高数据安全性和可靠性的同时,为用户提供一个安全便携的涉密文档阅读平台。系统采用技术手段弥补制度上的漏洞,实现涉密电子文档管控的安全性和实用性的平衡。

关键词: 涉密文档, 面部认证, 实时认证, 专用接口, 单向传输

Abstract: With the continuous development of information society, electronic documents become a trend. Electronic documents bring a lot of security risks at the time of providing convenience to us. Security threats faced by classified electronic documents have unauthorized access, difficult to control the scope of people who know the secret, difficult to tracking the one who leaking secrets, etc., while the current solution on classified electronic documents only meet the security requirements of identity authentication, access control, etc., failed to achieve the real-time authentication of the user and effective control of classified document. Aiming at the security risk of classified electronic document and users’ need, after the research on the face authentication, unidirectional transmission and eye tracking technology, a classified document reader based on face authentication is designed. Through face authentication technology using OpenCV used to real-time authenticate the identity and permission of the user, can effectively prevent unauthorized access, peeping behavior, to achieve a reliable access control. The special interface provides a safe treatment on USB removable storage data and the classified document can be only unidirectional transmitted to readers via the special interface, thus solving potential safety hazard caused by the loss of reader or copy effectively. Classified document reader provides a safe and portable reading platform for users at the same time improved data security and reliability. This system use technical means to make up for the loopholes in regulation to achieve the balance between security and practicability of classified electronic document management.

Key words: classified document, face authentication, real-time authentication, special interface, unidirectional transmission

中图分类号: