摘要： 用户身份认证方案是一种利用服务器验证用户身份是否真实的一种机制，基于生物特征的采用智能卡的认证机制未考虑用户的角色和访问权限问题以及注册用户注销/终止问题。为此，给出一个安全、有效的和基于生物特征采用智能卡的用户认证机制，该机制增加了一次注册、可自由选择合适角色、享受不同权限和终止闲置合法用户等功能。安全分析和比较结果表明，该方案是一种更为有效和安全的认证方案。

关键词: 智能卡, 生物特征, 角色, 用户认证, 安全性

Abstract: User authentication scheme is a mechanism which allows a server to identity a user. Proposed a biometrics-based user authentication scheme using smart cards. The scheme didn’t consider the problem of acting role, accessing authority and terminating user. This paper gives a safe and effective user authentication mechanism based on biological characteristics using smart cards, which adds new functions of once registered, freely to choose different roles, enjoying different right, terminating unused legitimate user. Security analysis and comparison results show that this scheme is a more effective and safe scheme.

Key words: smart cards, biometrics, role, user authentication, security

中图分类号: 

• TP393