信息网络安全 ›› 2015, Vol. 15 ›› Issue (3): 48-53.doi: 10.3969/j.issn.1671-1122.2015.03.010

• 技术研究 • 上一篇    下一篇

eID移动身份认证系统的研究与实现

范月1,2(), 许晋1,2, 高宇童3   

  1. 1.北京邮电大学可信分布式计算与服务教育部重点实验室,北京 100876
    2.北京邮电大学计算机学院,北京 100876
    3.东北大学软件学院,辽宁沈阳 110189
  • 收稿日期:2015-02-01 出版日期:2015-03-10 发布日期:2015-05-08
  • 作者简介:

    作者简介: 范月(1990-),女,河南,硕士研究生,主要研究方向:情报信息技术与可信计算;许晋(1990-),男,山东,博士研究生,主要研究方向:情报信息技术与可信计算;高宇童(1992-),男,吉林,本科,主要研究方向:嵌入式系统技术。

  • 基金资助:
    国家高技术研究发展计划[2012AA01A404]

Research and Implementation of eID-Based Identity Authentication System

FAN Yue1,2(), XU Jin1,2, GAO Yu-tong3   

  1. 1. Key Laboratory of Trustworthy Distributed Computing and Service (BUPT) Ministry of Education, Beijing 100876, China
    2. School of Computer Science, Beijing University of Posts and Telecommunications, Beijing 100876, China
    3. Software College of Northeastern University, Shenyang Liaoning 110189, China
  • Received:2015-02-01 Online:2015-03-10 Published:2015-05-08

摘要:

现有移动身份认证方式缺乏对用户的普适保护,导致用户隐私信息泄露问题时发。网络电子身份证eID(electronic identity)在确保个人身份真实可信的前提下,可有效避免用户身份信息被保留在各种网络运营商处时曝光和泄露的风险。然而,常规的eID终端载体仅支持USB端口的使用方式,无法适用于很少支持USB端口的移动终端设备。文章提出一种基于网络电子身份证eID的移动身份认证系统,通过NFC(near field communication)技术将eID与应用系统认证过程相结合,充分发挥NFC技术耗能低、通信高效且安全的优势,利用eID的隐私保护、高度可信以及安全可靠等特点,设计并实现了eID移动身份认证流程。在移动端完成用户真实身份的有效认证,保障用户身份安全可信的同时有效保护用户隐私,实现了前端虚名、后台实名的认证机制。实验证明该方法具有普适高效性,可以有效解决移动互联网使用eID身份认证的问题。

关键词: 移动身份认证, eID, NFC, 个人信息隐私

Abstract:

The existing mobile identity authentication methods lack of universal protection for users, leading to user privacy information disclosure issue often occurs. Network electronic identity (eID) can ensure credibility of their personal identity. The user identity information isn’t retained to a variety of network operator; the risk of leaks can be effectively avoided. However, the regular eID terminal supports USB port only are used. Mobile terminals cannot be applied. This paper proposes a mobile identity authentication system based on network electronic identity abbreviated as eID, achieving the design and implementation of eID authentication process, resulting from combination of eID and application systems authentication through NFC (near field communication) technology. The NFC technology advantages that low energy consumption, traffic efficiency and safety are into full play. The features of eID that privacy, highly credible, as well as safety and reliability are used. The practical application shows that the system is effective and feasible, which implementing the user real identity authentication in mobile terminal effectively. Thus guaranteeing safe and reliable user identity as well as protecting user privacy effectively.

Key words: mobile identity authentication, eID, NFC, personal information privacy

中图分类号: