作业5身份认证(Job 5 identity authentication)

题目:

今天校园里到处是快递小哥,同学们也经常帮别人取快递,快递小哥不会很细致的核实身份,就允许代领,存在很多不安全因素。设计一款基于手机的app,用于快递小哥验证身份,顾客领取快递。具体认证方法不限,简单易行。(1)给出:app包含哪些部分(可加图示),每部分的功能;(2)模仿kerberos的写法,描述交互过程,并加说明。

答:

(1)

app从三大部分组成,分别从管理平台、快递小哥和顾客三方面入手。

①管理平台:

a.给顾客发送快递信息和领取码

b.给快递小哥发送顾客的快递信息和领取码

②快递小哥:

a.跟踪快递信息,反馈给平台

b.可以与用户进行核对的领取码

③顾客:

a.跟踪快递信息

b.实时更新的二维领取码

(2)

第一阶段:  平台实时更新顾客的领取码和快递信息

平台—>顾客:IDc || IDtgs ||  Ekc[QRcode]

平台—>快递小哥:IDc || IDtgs 

注:顾客可以通过自己设置的密码解密平台发送的经过加密的QRcode

第二阶段:  顾客和快递小哥的交互

顾客—>快递小哥:IDc || QRcode

注:一旦顾客给快递小哥的二维码经过验证和顾客的ID一致,则可以取走快递

第三阶段:顾客、快递小哥和平台的交互

顾客—>平台:IDc || IDtgs

快递小哥—>平台:IDc || IDtgs

注:告知平台物流的状况签收结果。

————————

Title:

Today, the campus is full of express brothers, and students often help others get express. The express brother will not carefully verify his identity and will be allowed to receive on behalf of others. There are many unsafe factors. Design a mobile phone based app for the courier brother to verify his identity and the customer to receive the express. The specific authentication methods are not limited and simple. (1) Give: which parts of the app (can be illustrated) and the functions of each part; (2) Imitate the writing method of Kerberos, describe the interaction process and explain it.

Answer:

(1)

< strong > app is composed of three parts: management platform, express brother and customers

① Management platform:

a. Send express information and receiving code to customers

b. Send the customer’s express information and receiving code to the express brother

② Express brother:

a. Track the express information and feed it back to the platform

b. Receiving code that can be checked with the user

③ Customer:

a. Tracking express information

b. Real time updated QR code

(2)

Phase I: the platform updates the customer’s receiving code and express information in real time

Platform — & gt; Customer: IDC | idtgs | EKC [QRcode]

Platform — & gt; Express brother: IDC | idtgs

Note: customers can send encrypted QRcode through their own password decryption platform

Stage 2: interaction between customers and express delivery brother

Customers — & gt; Express brother: IDC | QRcode

Note: once the QR code given by the customer to the express brother is verified to be consistent with the customer’s ID, the express can be taken away

The third stage: interaction between customers, express brothers and the platform

Customers — & gt; Platform: IDC | idtgs

Express brother — & gt; Platform: IDC | idtgs

Note: inform the platform of logistics status and sign in results.