CN-122027288-A - Access authentication method, device, equipment, storage medium and program product

Abstract

The invention discloses an access authentication method, device, equipment, storage medium and program product, wherein the method comprises the steps of performing operation risk identification on access operation initiated by a user after the user logs in a client, displaying verification text on an interactive interface to prompt the user to read the verification text under the condition that the access operation is identified to belong to dangerous operation, collecting first audio information and first video information in the process that the user reads the verification text, and authenticating the access operation according to the first audio information, the first video information and the verification text.

Inventors

• ZHAO MIN
• FENG YAO
• TANG YU
• XU XIAN

Assignees

• 中移(苏州)软件技术有限公司
• 中国移动通信集团有限公司

Dates

Publication Date

20260512

Application Date

20260212

Claims (10)

1. 1. An access authentication method, comprising: After a user logs in a client, performing operation risk identification on access operation initiated by the user; Displaying a verification text on an interactive interface under the condition that the access operation is recognized to belong to dangerous operation, so as to prompt the user to read the verification text; and collecting first audio information and first video information in the process of reading the verification text by the user, and authenticating the access operation according to the first audio information, the first video information and the verification text.
2. 2. The access authentication method of claim 1, wherein authenticating the access operation based on the first audio information, the first video information, and the verification text comprises: preprocessing the first audio information, and extracting tone characteristics and voice semantic characteristics of a first user; preprocessing the first video information, and extracting first user face features and image time sequence features; Performing text coding on the verification text to obtain text semantic features; and performing multi-mode authentication on the access operation according to the tone color feature, the voice semantic feature, the first user face feature, the image time sequence feature and the text semantic feature of the first user.
3. 3. The access authentication method of claim 2, wherein performing the multi-modal authentication of the access operation based on the first user tone color feature, the speech semantic feature, the first user face feature, the image timing feature, and the text semantic feature comprises: according to the tone color feature, the voice semantic feature, the first user face feature, the image time sequence feature and the text semantic feature of the first user, the following verification operation is executed: Performing tone matching verification on the tone characteristics of the first user and pre-stored registered tone characteristics; performing face matching verification on the first user face features and pre-stored registered face features; Performing text matching verification on the voice semantic features and the text semantic features; Performing audio-video synchronous verification on the voice semantic features and the image time sequence features; Consistency verification is carried out on a first user identifier matched with the tone color feature of the first user and a second user identifier matched with the face feature of the first user; In the event that all verification operations pass, determining that the access operation is authenticated to allow the access operation to be performed.
4. 4. The access authentication method of claim 1, wherein the method further comprises: Under the condition that the access operation is identified to be normal operation, acquiring second audio information and/or second video information of the user; And authenticating the access operation according to the second audio information and/or the second video information.
5. 5. The access authentication method according to claim 4, wherein authenticating the access operation based on the second audio information and/or the second video information comprises: extracting a second user tone characteristic from the second audio information and/or extracting a second user face characteristic from the second video information; and executing at least one of the following verification operations according to the tone color characteristics of the second user and/or the face characteristics of the second user: Performing tone matching verification on the tone characteristics of the second user and pre-stored registered tone characteristics; Performing face matching verification on the face features of the second user and pre-stored registered face features; and in the case that tone matching verification and/or face matching verification are/is passed, determining that the access operation is authenticated to be passed, so as to allow the access operation to be executed.
6. 6. The access authentication method of claim 1, wherein the method further comprises: Before a user logs in a client, a network tunnel is opened for the user based on a single-packet authentication mechanism of a software defined boundary, and the network tunnel is used for providing a dedicated communication channel for the user in the process of logging in the client.
7. 7. An access authentication apparatus, comprising: The operation risk identification module is used for carrying out operation risk identification on access operation initiated by a user after the user logs in the client; The text reading prompting module is used for displaying a verification text on an interactive interface under the condition that the access operation is recognized to belong to dangerous operation so as to prompt the user to read the verification text; And the access operation authentication module is used for acquiring first audio information and first video information in the process of reading the verification text by the user, and authenticating the access operation according to the first audio information, the first video information and the verification text.
8. 8. An access authentication device comprising a processor, a memory and a computer program stored in the memory and configured to be executed by the processor, the processor implementing the access authentication method according to any one of claims 1 to 6 when executing the computer program.
9. 9. A computer readable storage medium, characterized in that the computer readable storage medium stores a computer program, wherein the computer program when run controls a device in which the computer readable storage medium is located to perform the access authentication method according to any one of claims 1 to 6.
10. 10. A computer program product comprising a computer program or instructions which, when executed by a processor, implements the access authentication method of any one of claims 1 to 6.

Description

Access authentication method, device, equipment, storage medium and program product Technical Field The present invention relates to the field of security authentication technologies, and in particular, to an access authentication method, apparatus, device, storage medium, and program product. Background Authentication refers to verifying whether a user has rights to access a system. Traditional authentication is verified by a password, but it requires that each user who obtains the password be authorized in advance. When an account is established for a user, a password can be allocated to the user, and the password can be specified by an administrator or can be applied by the user. At present, in order to improve the convenience of authentication and reduce the risk of incapability of logging in caused by the fact that a user loses a password, after the user successfully logs in based on the password, the user can utilize biological feature identification to perform password-free logging in. However, authentication based on biometric identification still has various risks, such as login by using photos/recordings, accessing resources, etc., biometric information such as photos/recordings is easy to copy or imitate, and once revealed, cannot be changed like a password, so that a security mechanism relying on the biometric is destroyed, and the security of login and resource access is affected. Disclosure of Invention Aiming at the problems existing in the prior art, the embodiment of the invention provides an access authentication method, an access authentication device, a storage medium and a program product, which are based on a login authentication mechanism of multi-mode information and can effectively improve the security of login and resource access. In a first aspect, an embodiment of the present invention provides an access authentication method, including: After a user logs in a client, performing operation risk identification on access operation initiated by the user; Displaying a verification text on an interactive interface under the condition that the access operation is recognized to belong to dangerous operation, so as to prompt the user to read the verification text; and collecting first audio information and first video information in the process of reading the verification text by the user, and authenticating the access operation according to the first audio information, the first video information and the verification text. As an improvement of the above solution, authenticating the access operation according to the first audio information, the first video information, and the verification text includes: preprocessing the first audio information, and extracting tone characteristics and voice semantic characteristics of a first user; preprocessing the first video information, and extracting first user face features and image time sequence features; Performing text coding on the verification text to obtain text semantic features; and performing multi-mode authentication on the access operation according to the tone color feature, the voice semantic feature, the first user face feature, the image time sequence feature and the text semantic feature of the first user. As an improvement of the above solution, performing multi-modal authentication on the access operation according to the first user tone characteristic, the voice semantic characteristic, the first user face characteristic, the image timing characteristic, and the text semantic characteristic, includes: according to the tone color feature, the voice semantic feature, the first user face feature, the image time sequence feature and the text semantic feature of the first user, the following verification operation is executed: Performing tone matching verification on the tone characteristics of the first user and pre-stored registered tone characteristics; performing face matching verification on the first user face features and pre-stored registered face features; Performing text matching verification on the voice semantic features and the text semantic features; Performing audio-video synchronous verification on the voice semantic features and the image time sequence features; Consistency verification is carried out on a first user identifier matched with the tone color feature of the first user and a second user identifier matched with the face feature of the first user; In the event that all verification operations pass, determining that the access operation is authenticated to allow the access operation to be performed. As an improvement of the above solution, the method further includes: Under the condition that the access operation is identified to be normal operation, acquiring second audio information and/or second video information of the user; And authenticating the access operation according to the second audio information and/or the second video information. As an improvement of the above solution, authenticating the acc