[go: up one dir, main page]

TWI448921B - Captcha (completely automated public test to tell computers and humans apart) data management methods and related data management systems and computer program products thereof - Google Patents

Captcha (completely automated public test to tell computers and humans apart) data management methods and related data management systems and computer program products thereof Download PDF

Info

Publication number
TWI448921B
TWI448921B TW099141418A TW99141418A TWI448921B TW I448921 B TWI448921 B TW I448921B TW 099141418 A TW099141418 A TW 099141418A TW 99141418 A TW99141418 A TW 99141418A TW I448921 B TWI448921 B TW I448921B
Authority
TW
Taiwan
Prior art keywords
data
fully automatic
human test
server
computer
Prior art date
Application number
TW099141418A
Other languages
Chinese (zh)
Other versions
TW201222320A (en
Inventor
Pai Helen
Original Assignee
F2Ware Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by F2Ware Inc filed Critical F2Ware Inc
Priority to TW099141418A priority Critical patent/TWI448921B/en
Publication of TW201222320A publication Critical patent/TW201222320A/en
Application granted granted Critical
Publication of TWI448921B publication Critical patent/TWI448921B/en

Links

Landscapes

  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)
  • Information Transfer Between Computers (AREA)

Description

全自動區分計算機和人類的測試資料管理方法與相關資料管理系統及其電腦程式產品Fully automatic computer and human test data management method and related data management system and computer program product thereof

本發明係有關於一種資料管理方法及其相關之資料管理系統,特別是有關於一種全自動區分計算機和人類的測試資料產生方法與其相關管理系統,可以加強對傳輸資料的保護。The invention relates to a data management method and a related data management system thereof, in particular to a method for automatically generating computer and human test data generation and a related management system thereof, which can strengthen the protection of transmission data.

近年來,隨著網路的應用與發展越來越成熟,使用者需要透過網路取得資訊的機會有越來越大。使用者可以利用其電子裝置如電腦系統、可攜式裝置等,透過網路進行大量服務與應用。在一些網路服務中,使用者必須對於特定服務進行註冊或對於一些資訊進行確認。在註冊或確認過程中,使用者必須檢視提供服務之伺服器端所提供的相關資訊,並依據這些資訊來進行相關輸入,以進行註冊或確認。In recent years, as the application and development of the Internet has become more and more mature, users have more and more opportunities to obtain information through the Internet. Users can use their electronic devices such as computer systems, portable devices, etc. to carry out a large number of services and applications through the network. In some web services, users must register for a particular service or confirm some information. During the registration or confirmation process, the user must view the relevant information provided by the server that provides the service and use the information to make relevant input for registration or confirmation.

傳統上,資訊在伺服器與使用者端之傳遞是經由電腦文字傳輸,容易被病毒或木馬等惡意程式竄改,即使採用虛擬鍵盤之方式,其在使用者端輸入完成後之傳遞亦是經由電腦文字傳輸。舉例來說,目前交易資料之輸入,乃藉由使用者端以鍵盤或呈現在螢幕上之虛擬鍵盤進行輸入。在使用者端選擇並傳輸時,仍藉由電子文字方法傳輸至伺服器以為交易內容之識別。Traditionally, the transmission of information between the server and the user is transmitted via computer text, which is easily falsified by malicious programs such as viruses or Trojans. Even if the virtual keyboard is used, the transmission after the user input is completed is also via the computer. Text transfer. For example, the input of the current transaction data is input by the user terminal by using a keyboard or a virtual keyboard presented on the screen. When the user selects and transmits, it is still transmitted to the server by electronic text method to identify the transaction content.

為了避免這些個人資料或操作的內容被旁人盜取,需要加強伺服器與用戶端之間的資料傳送的保密措施。In order to prevent the contents of these personal data or operations from being stolen by others, it is necessary to strengthen the confidentiality measures of data transmission between the server and the client.

因此,需要一種能夠於伺服器與用戶端之間執行任一操作時,確實保護傳送的資料的正確性的方法與系統。Therefore, there is a need for a method and system that can ensure the correctness of transmitted data when performing any operation between the server and the client.

有鑑於此,本發明提供一種基於全自動區分計算機和人類的測試資料之資料管理方法及及其相關之資料管理系統,以解決上述的問題。In view of this, the present invention provides a data management method based on a fully automatic computer and human test data and a related data management system thereof to solve the above problems.

本發明實施例提供一種全自動區分計算機和人類的測試資料管理方法,包括下列步驟。首先,一伺服器依據一第一資料產生至少一全自動區分計算機和人類的測試資料,其中第一資料係為與一操作有關之資料。接著,伺服器將全自動區分計算機和人類的測試資料藏入一對應之編碼資料。伺服器透過一第一傳輸媒介傳送編碼後之全自動區分計算機和人類的測試資料至一用戶端,致使用戶端利用編碼後之全自動區分計算機和人類的測試資料輸入一第二資料並傳送第二資料對應之一第三資料。之後,伺服器接收並解碼第三資料,以得到用戶端所輸入之資料。Embodiments of the present invention provide a method for automatically testing computer and human test data management, including the following steps. First, a server generates at least one fully automatic computer and human test data based on a first data, wherein the first data is data related to an operation. Then, the server hides the test data of the fully automatic computer and human beings into a corresponding coded data. The server transmits the encoded fully automatic computer and human test data to a user terminal through a first transmission medium, so that the user end uses the coded fully automatic computer and human test data to input a second data and transmit the first data. The second data corresponds to one of the third materials. After that, the server receives and decodes the third data to obtain the data input by the client.

本發明實施例另提供一種全自動區分計算機和人類的測試資料管理系統,至少包括一伺服器。伺服器依據一第一資料產生一全自動區分計算機和人類的測試資料、將全自動區分計算機和人類的測試資料藏入一對應之編碼資料、透過一第一傳輸媒介傳送編碼後之全自動區分計算機和人類的測試資料至一用戶端,致使用戶端利用編碼後之全自動區分計算機和人類的測試資料輸入一第二資料並傳送第二資料對應之一第三資料、以及接收並解碼第三資料,以得到用戶端所輸入之資料。其中,第一資料係為與一操作有關之資料。The embodiment of the invention further provides a test data management system for automatically distinguishing between a computer and a human, comprising at least one server. The server generates a fully automatic computer and human test data according to a first data, and hides the fully automatic computer and human test data into a corresponding coded data, and transmits the coded automatic transmission through a first transmission medium. The computer and human test data are sent to a user end, so that the user end uses the coded fully automatic computer and human test data to input a second data and transmit the second data corresponding to the third data, and receive and decode the third data. Information to get the information entered by the client. Among them, the first data is information related to an operation.

本發明上述方法可以透過程式碼方式收錄於實體媒體中。當程式碼被機器載入且執行時,機器變成用以實行本發明之裝置。The above method of the present invention can be recorded in physical media through code. When the code is loaded and executed by the machine, the machine becomes the means for practicing the invention.

為使本發明之上述和其他目的、特徵、和優點能更明顯易懂,下文特舉出較佳實施例,並配合所附圖式,作詳細說明如下。The above and other objects, features and advantages of the present invention will become more <RTIgt;

本發明實施例中提供一種基於全自動區分計算機和人類的圖靈測試(Completely Automated Public Test to tell Computers and Humans Apart,以下簡稱CAPTCHA)資料之資料管理方法及其相關之資料管理系統,用以於一伺服器(server)與一用戶端(client)之間執行一操作,其中,伺服器會依據使用者所需用到的資訊的資料集合轉換為個別的CAPTCHA資料並將CAPTCHA資料編碼後透過一傳輸媒介(例如一網路)傳送給用戶端,同時用戶端透過選擇這些接收到的CAPTCHA資料進行資料輸入,並且回傳所選擇的CAPTCHA資料所對應的編碼資料或識別資料至伺服器端進行資料驗證,以驗證資料是否為有效資料,以確認用戶端所送出的資料可被伺服器所正確接收,進而得到輸入的資料,防止傳送過程中被不當竄改。In the embodiment of the present invention, a data management method and a related data management system based on a fully-automatic computer and human-based Turing test (Completely Automated Public Test to Tell Computers and Humans Apart) (CAPTCHA) data are provided. A server (server) and a client (client) perform an operation, wherein the server converts the data into individual CAPTCHA data according to the data set used by the user, and encodes the CAPTCHA data through a The transmission medium (for example, a network) is transmitted to the user end, and the user end selects the received CAPTCHA data for data input, and returns the coded data or the identification data corresponding to the selected CAPTCHA data to the server for data. Verification, to verify whether the data is valid, to confirm that the data sent by the client can be correctly received by the server, and then the input data is obtained to prevent improper tampering during the transmission.

於實施例中,提供一種將編碼資料技術用於一操作所需的資料例如交易資訊之方法,編碼資料係可為未加密或未加密資料例如一浮水印、一數位簽章或一演算法所產生之特定密鑰等。首先,一伺服器產生人類或電腦可辨別之數位內容,其中,交易過程所需的資訊以編碼資料的技術嵌入於數位內容。其中,數位內容包含文字、圖片、聲音、影片、二維條碼等任何數位型式。接著,伺服器以傳輸媒介將嵌入編碼資料的數位內容傳送至一使用者端。使用者端可使用嵌入編碼資料的數位內容做為操作資料之輸入,以進行交易之處理,並將嵌入編碼資料的數位內容以傳輸媒介傳送至一伺服器。最後,伺服器可依據一演算法或多演算法將嵌入編碼資料的數位內容取出,以識別操作過程所需的資訊,而達到資訊安全之方法。需提醒的是,交易資訊係有別於交易傳輸,交易傳輸類似於數位憑證,使用者端得以驗證伺服端的對象。In an embodiment, a method for using encoded data technology for information such as transaction information required for an operation is provided. The encoded data may be unencrypted or unencrypted data such as a watermark, a digital signature or an algorithm. The specific key generated, etc. First, a server generates human or computer identifiable digital content, wherein the information required for the transaction process is embedded in the digital content in a technique that encodes the data. Among them, the digital content includes any digit type such as text, picture, sound, video, 2D barcode. Then, the server transmits the digital content embedded in the encoded data to a user end by using a transmission medium. The user terminal can use the digital content embedded in the encoded data as the input of the operation data to process the transaction, and transmit the digital content embedded in the encoded data to the server through the transmission medium. Finally, the server can extract the digital content embedded in the encoded data according to an algorithm or multiple algorithms to identify the information required for the operation process, and achieve the information security method. Need to be reminded that the transaction information is different from the transaction transmission, the transaction transmission is similar to the digital certificate, and the user can verify the object of the server.

第1圖顯示依據本發明實施例之資料管理系統。依據本發明實施例之資料管理系統100至少包括一伺服器110與一用戶端120,其中伺服器110可透過一傳輸媒介例如網路130與用戶端120進行資料的傳輸,於兩者之間執行一操作。傳輸媒介,舉例來說但不限於此,包括網路130。網路130可包括有線或無線網路,例如網際網路(INTERNET),但不限於此。Figure 1 shows a data management system in accordance with an embodiment of the present invention. The data management system 100 according to the embodiment of the present invention includes at least a server 110 and a client 120. The server 110 can transmit data to and from the client 120 through a transmission medium, such as the network 130. An operation. The transmission medium, for example but not limited to, includes the network 130. Network 130 may include a wired or wireless network, such as the Internet, but is not limited thereto.

伺服器110可依據所欲執行的操作的內容如資料屬性,將操作中所需用到的資訊的資料集合轉換為個別的CAPTCHA資料並且將其透過網路130傳送給用戶端120。為了避免由計算機或程式所造成大量惡意或重複性的輸入行為,CAPTCHA技術可以用來區分計算機或人類,以辨識出相關輸入係由使用者所輸入,亦或由計算機所自動產生的。一般而言,CAPTCHA係藉由要求使用者輸入一個比較不容易被一些辨識程式自動辨識出的圖片上所顯示的文字或數字,例如扭曲變形或劃線之圖片上所顯示的文字或數字來區分出相關輸入係由計算機或人類所產生。須注意的是,於本發明實施例中,係採用CAPTCHA技術的概念,提供對應於操作所需的相關資料的CAPTCHA資料。然而,於操作時,使用者可透過用戶端120所提供的使用者介面例如透過瀏覽器點選這些CAPTCHA資料來輸入資料。The server 110 can convert the data set of the information required for the operation into individual CAPTCHA data according to the content of the operation to be performed, such as the data attribute, and transmit it to the client 120 through the network 130. In order to avoid a large number of malicious or repetitive input behavior caused by a computer or program, CAPTCHA technology can be used to distinguish between computers or humans to recognize that the relevant input is input by the user or automatically generated by the computer. In general, CAPTCHA distinguishes text or numbers displayed on pictures that are not easily recognizable by some recognition programs, such as words or numbers displayed on distorted or lined pictures. The relevant input is generated by a computer or a human. It should be noted that in the embodiment of the present invention, the concept of the CAPTCHA technology is used to provide the CAPTCHA data corresponding to the relevant data required for the operation. However, during operation, the user can input the data through the user interface provided by the client 120, for example, by clicking on the CAPTCHA data through a browser.

其中,伺服器110更包括一產生模組112、一編碼模組114以及一解碼模組116。產生模組112用以依據第一資料,決定一組第一資料集合。產生模組112可依據所欲執行的操作中的一或多個第一資料決定一組第一資料集合並產生對應於第一資料集合的一組CAPTCHA資料。其中,第一資料可為與操作有關的資料,如使用者相關的資料或重要資料,例如使用者的個人身份資料、帳號、轉帳金額、地址等等。第一資料集合可包含對應於第一資料的所有可能的資料。舉例來說,當第一資料為一數字資料時,則其對應的第一資料集合可為數字0-9。因此,產生模組112可依據數字資料的特性,產生包含數字0-9的一組CAPTCHA資料,但本發明不限於此。當第一資料包括一由一或多個字元所組成的字元資料時,產生模組112可依據字元資料的特性,產生包含英文字母A-Z的一組CAPTCHA資料。The server 110 further includes a generating module 112, an encoding module 114, and a decoding module 116. The generating module 112 is configured to determine a set of first data sets according to the first data. The generating module 112 may determine a set of first data sets according to one or more first materials in the operation to be performed and generate a set of CAPTCHA data corresponding to the first data set. The first data may be information related to the operation, such as user-related data or important information, such as the user's personal identification data, account number, transfer amount, address, and the like. The first set of data may contain all possible data corresponding to the first material. For example, when the first data is a digital data, the corresponding first data set may be the numbers 0-9. Therefore, the generation module 112 can generate a set of CAPTCHA data including the numbers 0-9 according to the characteristics of the digital material, but the present invention is not limited thereto. When the first data includes a character data consisting of one or more characters, the generating module 112 can generate a set of CAPTCHA data including the English letters A-Z according to the characteristics of the character data.

舉例來說但不限於此,於一實施例中,當操作為一網銀轉帳操作時,操作時所需輸入的資料可包括帳號以及轉帳金額,因此,伺服器110將分別產生數字0-9所對應的10個CAPTCHA資料200-209,如第2圖所示。第2圖的10個CAPTCHA資料將分別被編碼後再傳送至用戶端120以供其進行資料輸入。須注意的是,在此例子中,CAPTCHA資料200-209係為一圖片。然而,在一些實施例中,除了圖片之外,CAPTCHA資料亦可以係視訊或聲音等。For example, but not limited to, in an embodiment, when the operation is a online banking transfer operation, the data input during operation may include an account number and a transfer amount, and therefore, the server 110 will generate numbers 0-9 respectively. Corresponding 10 CAPTCHA data 200-209, as shown in Figure 2. The 10 CAPTCHA data of Fig. 2 will be encoded and then transmitted to the client 120 for data input. It should be noted that in this example, the CAPTCHA data 200-209 is a picture. However, in some embodiments, in addition to the pictures, the CAPTCHA data may also be video or sound.

在產生模組112產生對應於第一資料集合的一組CAPTCHA資料之後,編碼模組114可將產生模組112所有產生的CAPTCHA資料個別藏入一對應的編碼資料。在一些實施例中,編碼資料係可為未加密資料或加密資料,例如一浮水印、一數位簽章或一演算法所產生之特定密鑰等。在一些實施例中,編碼資料係為對應於該全自動區分計算機和人類的測試資料之一識別碼。請參照第3圖,係顯示依據本發明實施例之一CAPTCHA資料示意圖。如第3圖所示,CAPTCHA資料300中更包含有一編碼資料310,此編碼資料310係可為對應於每個CAPTCHA資料的一個唯一的雜湊編號(hash number),此雜湊編號可經由一雜湊表以查表方式所產生或直接由一既定的雜湊函數所產生。After the generating module 112 generates a set of CAPTCHA data corresponding to the first data set, the encoding module 114 can individually hide all the generated CAPTCHA data of the generating module 112 into a corresponding encoded data. In some embodiments, the encoded data may be unencrypted data or encrypted data, such as a watermark, a digital signature, or a particular key generated by an algorithm. In some embodiments, the encoded data is an identification code corresponding to one of the fully automated computer and human test data. Referring to FIG. 3, a schematic diagram of a CAPTCHA data according to an embodiment of the present invention is shown. As shown in FIG. 3, the CAPTCHA data 300 further includes an encoded data 310, which may be a unique hash number corresponding to each CAPTCHA data, and the hash number may be via a hash table. Generated by look-up table or directly by a given hash function.

藏入編碼資料的CAPTCHA資料將被傳送至用戶端120,致使用戶端120利用這些產生的全自動區分計算機和人類的測試資料進行輸入,與伺服器端110進行該項操作。用戶端120其可透過網路130接收並顯示伺服器110所產生之CAPTCHA資料,並利用接收到的這些CAPTCHA資料輸入對應的資料。於操作過程中,用戶端120可先利用編碼後之全自動區分計算機和人類的測試資料輸入一第二資料,之後,將第二資料對應的一第三資料(例如:編碼資料)傳送至伺服器端110進行驗證。其中,用戶端120可更包括一解碼模組122,用以分析CAPTCHA資料得到編碼資料,再依據輸入的第二資料以及分析出的編碼資料,產生對應的第三資料。舉例來說,當CAPTCHA資料中的編碼資料為一識別碼(例如:雜湊編號)時,解碼模組122可分析CAPTCHA資料,得到其對應的識別碼,再依據輸入的第二資料以及分析出的識別碼,產生對應第二資料的識別碼(第三資料)。The CAPTCHA data stored in the encoded data will be transmitted to the client 120, causing the client 120 to use the generated fully automated computer and human test data for input, and the server terminal 110 performs the operation. The client 120 can receive and display the CAPTCHA data generated by the server 110 through the network 130, and input the corresponding data by using the received CAPTCHA data. During operation, the client 120 may first input a second data by using the coded fully automatic computer and human test data, and then transmit a third data (eg, coded data) corresponding to the second data to the servo. The terminal 110 performs verification. The client 120 may further include a decoding module 122 for analyzing the CAPTCHA data to obtain the encoded data, and then generating the corresponding third data according to the input second data and the analyzed encoded data. For example, when the encoded data in the CAPTCHA data is an identification code (for example, a hash number), the decoding module 122 can analyze the CAPTCHA data, obtain the corresponding identification code, and then according to the input second data and the analyzed The identification code generates an identification code (third data) corresponding to the second data.

解碼模組116係用以解碼用戶端120所傳送的資料,從用戶端120所傳送的第三資料中解碼出編碼資料(例如一識別碼),再依據編碼資料所表示的內容判斷資料是否與原先發出的資料相同,進而得到所輸入的資料內容。詳細的CAPTCHA資料管理方法將介紹於下。The decoding module 116 is configured to decode the data transmitted by the client 120, decode the encoded data (for example, an identification code) from the third data transmitted by the client 120, and determine whether the data is based on the content indicated by the encoded data. The original information was the same, and the content of the input was obtained. The detailed CAPTCHA data management method will be introduced below.

第4圖顯示一依據本發明實施例之CAPTCHA資料管理方法之流程圖。請同時參照第1圖與第4圖。依據本發明實施例之CAPTCHA資料管理方法可以應用於資料管理系統100上,用以輸入一操作所需的資料。Figure 4 is a flow chart showing a CAPTCHA data management method in accordance with an embodiment of the present invention. Please refer to both Figure 1 and Figure 4. The CAPTCHA data management method according to the embodiment of the present invention can be applied to the data management system 100 for inputting data required for an operation.

首先,如步驟S402,伺服器110依據操作中的資料屬性產生一或多個CAPTCHA資料並如步驟S404將所產生的一或多個CAPTCHA資料分別藏入一編碼資料。舉例來說,編碼資料可為對應於一或多個CAPTCHA資料的一識別碼。於藏入編碼資料後,如步驟S406,伺服器110透過一第一傳輸媒介(如網路130)傳送編碼後的CAPTCHA資料至用戶端120。舉例來說但不限於此,於一實施例中,當操作為一網銀轉帳操作時,操作時所需的資料可包括帳號以及轉帳金額資料,因此,伺服器110將分別產生數字0-9所對應的10個CAPTCHA資料,並分別指定每一CAPTCHA資料一識別碼。於另一實施例中,若帳號資料包括英文字母與數字的組合時,則伺服器110可分別產生字母A-Z與數字0-9所對應的36個CAPTCHA資料及賦予每一CAPTCHA資料一特定雜湊編號。First, in step S402, the server 110 generates one or more CAPTCHA data according to the data attributes in the operation and hides the generated one or more CAPTCHA data into an encoded data according to step S404. For example, the encoded material can be an identification code corresponding to one or more CAPTCHA data. After the encoded data is hidden, in step S406, the server 110 transmits the encoded CAPTCHA data to the client 120 through a first transmission medium (such as the network 130). For example, but not limited to, in an embodiment, when the operation is an online banking transfer operation, the information required for the operation may include an account number and a transfer amount data, and therefore, the server 110 will generate numbers 0-9 respectively. Corresponding 10 CAPTCHA data, and each identification code of each CAPTCHA data is specified. In another embodiment, if the account data includes a combination of English letters and numbers, the server 110 can generate 36 CAPTCHA data corresponding to the letters AZ and 0-9, respectively, and assign a specific hash number to each CAPTCHA data. .

之後,如步驟S408,用戶端120接收並顯示CAPTCHA資料,並且如步驟S410,利用CAPTCHA資料,輸入一第一資料並如步驟S412,產生對應第一資料的一第二資料。其中,第一資料可由一或多個CAPTCHA資料所組成,第二資料係可為第一資料所對應的識別資料。舉例來說,第二資料可為第一資料對應的一識別碼(例如一特定雜湊編號)、對應的CAPTCHA資料或其摘要資訊、第一資料與對應的操作結果(例如:謎語回答)或者座標資訊,但不限於此。於一實施例中,當欲執行的操作係一網銀轉帳操作時,則輸入的第一資料可包括轉帳相關資料,例如帳戶號碼、轉帳金額、交易對象的姓名、貨幣單位等等。於另一實施例中,當欲執行的操作係一登入操作時,則輸入的第一資料可包括可用以進行身份辨識的登入相關資料,例如使用者的帳號、密碼與/或其他登入所需的身份驗證資料。於此步驟中,用戶端120的解碼模組122可分析CAPTCHA資料,得到其對應的編碼資料例如一唯一的雜湊編號,再依據輸入的第一資料以及分析出的編碼資料,產生對應第一資料的編碼資料(第二資料)。Then, in step S408, the client 120 receives and displays the CAPTCHA data, and in step S410, uses the CAPTCHA data to input a first data and, as in step S412, generates a second data corresponding to the first data. The first data may be composed of one or more CAPTCHA data, and the second data may be the identification data corresponding to the first data. For example, the second data may be an identification code corresponding to the first data (eg, a specific hash number), a corresponding CAPTCHA data or its summary information, a first data and a corresponding operation result (eg, a riddle answer) or a coordinate Information, but not limited to this. In an embodiment, when the operation to be performed is an online banking transfer operation, the input first data may include transfer related materials, such as account number, transfer amount, name of the transaction object, currency unit, and the like. In another embodiment, when the operation to be performed is a login operation, the input first data may include login related information that can be used for identity identification, such as a user's account number, password, and/or other login requirements. Authentication information. In this step, the decoding module 122 of the client 120 can analyze the CAPTCHA data, obtain the corresponding encoded data, for example, a unique hash number, and generate the corresponding first data according to the input first data and the analyzed encoded data. Encoding data (second data).

於產生第二資料之後,如步驟S414,用戶端120將第二資料傳送至伺服器110。舉例來說,若一步驟為輸入金額之步驟時,使用者可透過點選對應欲輸入的金額數字的CAPTCHA資料來輸入數字,用戶端120會將對應的CAPTCHA資料或CAPTCHA資料對應的識別碼(例如雜湊編號)傳送至伺服器110,用以驗證資料是否正確傳達伺服器110,進而使伺服器110得到所輸入的資料內容。After the second data is generated, the client 120 transmits the second data to the server 110 as in step S414. For example, if a step is the step of inputting the amount, the user can input the number by clicking the CAPTCHA data corresponding to the amount of the amount to be input, and the client 120 will corresponding code corresponding to the CAPTCHA data or the CAPTCHA data ( For example, the hash number is transmitted to the server 110 to verify whether the data correctly communicates with the server 110, thereby causing the server 110 to obtain the input data content.

如步驟S416,當伺服器110接收到用戶端120傳送的第二資料時,便執行步驟S418,先判斷接收資料是否為有效資料。於一實施例中,伺服器110可依據接收資料的格式或內容進行判斷,判斷是否資料為有效。當接收資料的格式及內容均正確時,伺服器110便判斷此接收資料為有效資料,反之則為無效資料。In step S416, when the server 110 receives the second data transmitted by the client 120, step S418 is performed to determine whether the received data is valid data. In an embodiment, the server 110 may determine whether the data is valid according to the format or content of the received data. When the format and content of the received data are correct, the server 110 determines that the received data is valid data, and vice versa.

於判斷出資料為無效資料時(步驟S418的否),表示接收到的資料可能非由伺服器110所產生或非由用戶端120所傳送,資料有被更動過,因此流程結束。此時,可進一步提示使用者重新輸入或者直接禁止使用者再進行後續輸入。於判斷出資料為有效資料時(步驟S418的是),如步驟S420,伺服器110可依據接收到的資料,得到其所輸入的資料。舉例來說,當接收到的資料係為一雜湊編號時,伺服器110可由接收到的資料中得到雜湊編號,並依據雜湊編號,利用一查表方式或利用一雜湊函數來得到用戶端120所輸入之資料。When it is determined that the data is invalid data (No in step S418), it indicates that the received data may not be generated by the server 110 or transmitted by the client 120, and the data has been changed, so the process ends. At this time, the user may be further prompted to re-enter or directly prohibit the user from performing subsequent input. When it is determined that the data is valid data (YES in step S418), in step S420, the server 110 may obtain the data input according to the received data. For example, when the received data is a hash number, the server 110 may obtain a hash number from the received data, and use the lookup table or a hash function to obtain the client 120 according to the hash number. Enter the information.

之後,如步驟S422,伺服器110可繼續從用戶端120接收下一資料並且重複執行步驟S416至S422以得到輸入的資料內容,若中途發現有任何無效資料時,便停止整個流程。因此,可確保所輸入的資料不會被任意竄改,確保操作的安全性。Thereafter, in step S422, the server 110 may continue to receive the next data from the client 120 and repeat steps S416 to S422 to obtain the input material content. If any invalid data is found in the middle, the entire process is stopped. Therefore, it is ensured that the input data is not arbitrarily falsified, ensuring the safety of the operation.

於一些實施例中,編碼資料可為一唯一的識別碼。舉例來說,伺服器110可將每一產生的CAPTCHA資料指定一個唯一的雜湊編號,再傳送給用戶端120進行選擇,再藉由用戶端120所回傳的圖片的雜湊編號,利用查表方式來得到所輸入的資料內容。於一些實施例中,伺服器110也可將用戶端120所回傳的圖片的雜湊編號利用一雜湊函數,藉由函數驗證方式來得到所輸入的資料內容。In some embodiments, the encoded material can be a unique identification code. For example, the server 110 may assign a unique hash number to each generated CAPTCHA data, and then transmit it to the client 120 for selection, and then use the hash number of the image returned by the client 120 to use the lookup table. To get the content of the input data. In some embodiments, the server 110 may also use a hash function to obtain the input data content by using a hash function of the hash number of the image returned by the client 120.

如前述,CAPTCHA資料可包括一圖片、一視訊及/或一聲音。於一些實施例中,伺服器110可傳送一或一組的圖片、視訊及/或聲音至用戶端120供其選擇。用戶端120可以直接選擇圖片、視訊及/或聲音或者選擇圖片、視訊及/或聲音所對應的某一資料進行資料輸入,再將選擇的資料傳送至伺服器110。於一實施例中,伺服器110可將一或一組的圖片或一或一組的聲音傳送給用戶端120進行選擇。As mentioned above, the CAPTCHA data can include a picture, a video, and/or a sound. In some embodiments, server 110 can transmit one or a set of pictures, videos, and/or sounds to client 120 for selection. The user terminal 120 can directly select a picture, a video, and/or a sound or select a certain data corresponding to the picture, the video, and/or the voice to input the data, and then transmit the selected data to the server 110. In one embodiment, the server 110 can transmit a picture or a set of sounds to the client 120 for selection.

於一些實施例中,當CAPTCHA資料係為一圖片時,伺服器100可於圖片上產生一可點選區域,提供多個可點選的目標以供點選。舉例來說,此可點選區域可為一表示鍵盤的區塊,此鍵盤係隨機顯示於圖片的一特定區域,且輸入資料的排列方式也隨機產生。請參照第5A圖與第5B圖,係顯示依據本發明另一實施例之CAPTCHA資料示意圖。如第5A圖所示,CAPTCHA資料500中更包含有一可點選區域510,此可點選區域510係顯示於CAPTCHA資料的特定區域520且可點選區域510中的數字0-9係依序排列於特定區域中。如第5B圖所示,CAPTCHA資料500中的可點選區域510則顯示於CAPTCHA資料的特定區域530且可點選區域510中的數字鍵0-9係如圖所示的排列,而非順序的排列於鍵盤區域中。伺服器110可將包含此可點選區域510的CAPTCHA資料傳送至用戶端120。當用戶端120接收並顯示此CAPTCHA資料時,用戶端120的使用者可點選特定區域中的可點選區域510的一位置來輸入所需的資料。舉例來說,使用者可點選第5A圖的區域520的位置P9或第5B圖的區域530的位置P6來輸入數字”9”。當用戶端120接收到此選擇時,將此位置所對應的座標資訊傳送至伺服器110。因此,伺服器110接收用戶端120所傳送的座標資訊並依據座標資訊判別出該用戶端所輸入之資料。舉例來說.,假設第5A圖的區域520的位置9的座標為(x,y),則當伺服器110接收到此座標資訊時,將可依據其位置來推知其所輸入的資料內容為數字”9”。注意的是,座標資訊可以為絕對座標或相對座標(相對於某一位置的座標)。舉例來說,用戶端120可將確認鍵的座標設為座標(0,0),之候再傳送對應的一座標資訊至伺服器110,伺服器110可經由計算得到其所輸入的資料內容。須提醒的是,雖然第5A圖以及第5B圖中的可點選區域510僅顯示了數字鍵,於一些實施例中,可點選區域510也可包含所有實體鍵盤的按鍵以供用戶端120的使用者進行輸入與選擇。In some embodiments, when the CAPTCHA data is a picture, the server 100 can generate a clickable area on the picture to provide a plurality of clickable targets for clicking. For example, the clickable area may be a block representing a keyboard, the keyboard is randomly displayed in a specific area of the picture, and the arrangement of the input data is also randomly generated. Please refer to FIG. 5A and FIG. 5B for a schematic diagram of a CAPTCHA data according to another embodiment of the present invention. As shown in FIG. 5A, the CAPTCHA data 500 further includes a clickable area 510, which is displayed in a specific area 520 of the CAPTCHA material and the numbers 0-9 in the selectable area 510 are sequentially Arranged in a specific area. As shown in FIG. 5B, the clickable area 510 in the CAPTCHA material 500 is displayed in the specific area 530 of the CAPTCHA material and the number keys 0-9 in the selectable area 510 are arranged as shown in the figure, rather than in the order. Arranged in the keyboard area. The server 110 can transmit the CAPTCHA data including the clickable area 510 to the client 120. When the client 120 receives and displays the CAPTCHA data, the user of the client 120 can click a location of the clickable area 510 in the specific area to input the desired material. For example, the user can click the position P9 of the area 520 of FIG. 5A or the position P6 of the area 530 of the 5B figure to input the number "9". When the client 120 receives the selection, the coordinate information corresponding to the location is transmitted to the server 110. Therefore, the server 110 receives the coordinate information transmitted by the client 120 and determines the data input by the client according to the coordinate information. For example, if the coordinate of the position 9 of the area 520 of FIG. 5A is (x, y), when the server 110 receives the coordinate information, it can infer that the content of the data input is based on its position. The number "9". Note that the coordinate information can be absolute coordinates or relative coordinates (relative to coordinates at a certain location). For example, the client 120 can set the coordinate of the confirmation key to the coordinate (0, 0), and then transmit the corresponding one of the target information to the server 110, and the server 110 can obtain the data content input by the server 110. It should be noted that although the clickable area 510 in FIG. 5A and FIG. 5B only displays numeric keys, in some embodiments, the clickable area 510 may also include keys of all physical keyboards for the user terminal 120. Users make input and selection.

第6圖顯示依據本發明另一實施例之資料管理方法之流程圖。請同時參照第1圖與第6圖。依據本發明實施例之資料管理方法可以應用於資料管理系統100上,用以輸入一操作所需的資料。Figure 6 is a flow chart showing a data management method according to another embodiment of the present invention. Please refer to both Figure 1 and Figure 6. The data management method according to the embodiment of the present invention can be applied to the data management system 100 for inputting data required for an operation.

首先,如步驟S602,伺服器110依據操作中的資料屬性產生一CAPTCHA資料,其中,CAPTCHA資料包含一可點選區域,此可點選區域係隨機顯示於圖片的一特定區域,且輸入資料的排列方式也隨機產生(如第5A圖所示的可點選區域510)。舉例來說但不限於此,於一實施例中,當操作為一網銀轉帳操作時,操作時所需的資料可包括帳號以及轉帳金額資料,因此,伺服器110將產生包含如第5A圖的可點選區域510的CAPTCHA資料。First, in step S602, the server 110 generates a CAPTCHA data according to the data attribute in the operation, wherein the CAPTCHA data includes a clickable area, and the selectable area is randomly displayed in a specific area of the picture, and the input data is The arrangement is also randomly generated (as clickable area 510 shown in Figure 5A). For example, but not limited to, in an embodiment, when the operation is a online banking transfer operation, the information required for the operation may include an account number and a transfer amount data, and therefore, the server 110 will generate the image as shown in FIG. 5A. The CAPTCHA data of area 510 can be clicked.

之後,如步驟S604,伺服器110將包含可點選區域的CAPTCHA資料傳送至用戶端120。伺服器110可透過一第一傳輸媒介(如網路130)傳送包含可點選區域的CAPTCHA資料至用戶端120。Thereafter, in step S604, the server 110 transmits the CAPTCHA data containing the clickable area to the client 120. The server 110 can transmit the CAPTCHA data including the clickable area to the client 120 through a first transmission medium (such as the network 130).

用戶端120接收並顯示CAPTCHA資料,並且如步驟S606,用戶端120點選於特定區域的可點選區域的一特定位置(例如某一個按鍵位置),並回傳位置的座標資訊至伺服器110。於是,如步驟S608,伺服器110可依據回傳的座標資訊,得到輸入之資料。The client 120 receives and displays the CAPTCHA data, and in step S606, the client 120 selects a specific location (eg, a certain button location) of the clickable area of the specific area, and returns the coordinate information of the location to the server 110. . Then, in step S608, the server 110 can obtain the input data according to the returned coordinate information.

於一些實施例中,編碼資料可為一段文字或圖片,此段文字或圖片用以提示用戶端120執行一特定操作,致使用戶端120產生對應此特定操作的一結果給伺服器110。於一實施例中,該段文字或圖片可表示一段人類能理解的操作,例如表示一謎語或一遊戲。舉例來說,伺服器110可將表示一謎語的編碼資料附加於CAPTCHA資料後傳送給用戶端120,致使用戶端120必須回傳包含謎語對應的回答的資訊供伺服器110進行驗證。In some embodiments, the encoded material may be a piece of text or a picture that is used to prompt the client 120 to perform a specific operation, such that the client 120 generates a result corresponding to the particular operation to the server 110. In one embodiment, the piece of text or picture may represent a human understandable operation, such as representing a riddle or a game. For example, the server 110 may add the encoded data representing a riddle to the CAPTCHA data and transmit it to the client 120, so that the client 120 must return the information including the answer corresponding to the riddle for verification by the server 110.

以下列舉一實施例,用以輔助說明依據本發明之資料管理細節,但本發明並不限於此。於本實施例,假設以一操作為網路銀行的轉帳交易為例,在此項交易中的”轉帳帳號”與”金額”兩部分的資料可定義為此項交易中的輸入資料,而”轉帳帳號”與”金額”資料所對應的資料集合可為數字”0”-“9”與字母”A”-“Z”,例如,”轉帳帳號”可為”A123456”與”金額”可為”1000”,因此,數字”0”-“9”與字母”A”-“Z”即為可能的資料集合,因此依據本發明之CAPTCHA資料管理方法,伺服器110的產生模組112將分別產生0-9與A-Z的對應CAPTCHA資料。An embodiment is exemplified below to assist in explaining the details of data management in accordance with the present invention, but the present invention is not limited thereto. In this embodiment, assuming that an operation is an online banking transfer transaction, the data of the "transfer account number" and the "amount" in the transaction may be defined as input data in the transaction, and " The data set corresponding to the "transfer account" and "amount" data may be the numbers "0" - "9" and the letters "A" - "Z", for example, the "transfer account number" may be "A123456" and the "amount" may be "1000", therefore, the numbers "0"-"9" and the letters "A"-"Z" are possible data sets, so according to the CAPTCHA data management method of the present invention, the generating module 112 of the server 110 will be respectively Generate corresponding CAPTCHA data for 0-9 and AZ.

伺服器110的編碼模組114再將所有產生的CAPTCHA資料藏入一編碼資料,例如一雜湊編號。接著,便可將編碼後的CAPTCHA資料傳送至用戶端120,並利用編碼後的CAPTCHA資料進行此項交易。隨後,用戶端120可傳送所選擇的CAPTCHA資料所對應的編碼資料至伺服器110,使得伺服器110依據所接收到的資料來驗證並得到用戶端120所輸入的資料內容。The encoding module 114 of the server 110 then stores all of the generated CAPTCHA data into a coded material, such as a hash number. Then, the encoded CAPTCHA data can be transmitted to the client 120, and the encoded CAPTCHA data can be used for the transaction. Then, the client 120 can transmit the encoded data corresponding to the selected CAPTCHA data to the server 110, so that the server 110 verifies and obtains the data content input by the client 120 according to the received data.

綜上所述,依據本發明之資料管理方法及其相關之資料管理系統,可依據一項欲執行的操作中所需輸入資料的可能資料集合產生一組CAPTCHA資料,再對此組CAPTCHA資料加入一特定編碼資料例如一識別碼來進一步的保護所傳送及接收的資料,可強化現行交易方法上之安全性,在伺服器端與使用者端全程利用CAPTCHA資料(如圖片)取代較容易被病毒或木馬竄改的電腦文字,較過去完全採用電腦文字傳輸來得安全,並可將隱藏訊息的技術運用於操作內容如交易內容的傳遞,可確保用戶端與伺服器所傳送的資料的安全性,並可確保傳送過程中重要的資料不致遺失或被盜用。再者,依據本發明之資料管理方法可更進一步提供多樣性的CAPTCHA資料例如一組音訊、視訊或包含前述的可點選區域、謎語或遊戲的CAPTCHA資料,作為用戶端的輸入選擇,可更進一步透過伺服器與用戶端之間的互動式的輸入方式來避免輸入資料遭到病毒或木馬的竄改。In summary, according to the data management method and related data management system of the present invention, a set of CAPTCHA data can be generated according to a possible data set of input data required for an operation to be performed, and then the group of CAPTCHA data is added. A specific coded data, such as an identification code, to further protect the transmitted and received data, can enhance the security of the current transaction method, and use the CAPTCHA data (such as pictures) to replace the virus more easily on the server side and the user end. Or the hacked computer text is safer than the computer text transmission in the past, and can apply the hidden information technology to the operation content, such as the transmission of transaction content, to ensure the security of the data transmitted by the client and the server, and It ensures that important materials in the transmission process are not lost or stolen. Furthermore, the data management method according to the present invention can further provide a variety of CAPTCHA data such as a set of audio, video or CAPTCHA data containing the aforementioned clickable areas, riddles or games as a user input input, which can be further The input data is protected from viruses or Trojans through interactive input between the server and the client.

本發明之方法,或特定型態或其部份,可以以程式碼的型態包含於實體媒體,如軟碟、光碟片、硬碟、或是任何其他機器可讀取(如電腦可讀取)儲存媒體,其中,當程式碼被機器,如電腦載入且執行時,此機器變成用以參與本發明之裝置。本發明之方法與裝置也可以以程式碼型態透過一些傳送媒體,如電線或電纜、光纖、或是任何傳輸型態進行傳送,其中,當程式碼被機器,如電腦接收、載入且執行時,此機器變成用以參與本發明之裝置。當在一般用途處理器實作時,程式碼結合處理器提供一操作類似於應用特定邏輯電路之獨特裝置。The method of the present invention, or a specific type or part thereof, may be included in a physical medium such as a floppy disk, a compact disc, a hard disk, or any other machine (for example, a computer readable computer). A storage medium in which, when the code is loaded and executed by a machine, such as a computer, the machine becomes a device for participating in the present invention. The method and apparatus of the present invention can also be transmitted in a code format through some transmission medium such as a wire or cable, an optical fiber, or any transmission type, wherein the code is received, loaded, and executed by a machine such as a computer. At this time, the machine becomes a device for participating in the present invention. When implemented in a general purpose processor, the code in conjunction with the processor provides a unique means of operation similar to application specific logic.

雖然本發明已以較佳實施例揭露如上,然其並非用以限定本發明,任何熟悉此項技藝者,在不脫離本發明之精神和範圍內,當可做些許更動與潤飾,因此本發明之保護範圍當視後附之申請專利範圍所界定者為準。While the present invention has been described in its preferred embodiments, the present invention is not intended to limit the invention, and the present invention may be modified and modified without departing from the spirit and scope of the invention. The scope of protection is subject to the definition of the scope of the patent application.

100‧‧‧資料管理系統100‧‧‧Data Management System

110‧‧‧伺服器110‧‧‧Server

112‧‧‧產生模組112‧‧‧ generating module

114‧‧‧編碼模組114‧‧‧Code Module

116‧‧‧解碼模組116‧‧‧Decoding module

120‧‧‧用戶端120‧‧‧User side

122‧‧‧分析模組122‧‧‧Analysis module

130‧‧‧網路130‧‧‧Network

200-209、300‧‧‧CAPTCHA資料200-209, 300‧‧‧CAPTCHA data

310‧‧‧編碼資料310‧‧‧ Coded information

S402-S422‧‧‧執行步驟S402-S422‧‧‧Steps for implementation

500‧‧‧CAPTCHA資料500‧‧‧CAPTCHA information

510‧‧‧可點選區域510‧‧‧Clickable area

520、530‧‧‧區域520, 530‧‧‧ areas

P6、P9‧‧‧位置P6, P9‧‧‧ position

S602-S608‧‧‧執行步驟S602-S608‧‧‧Execution steps

第1圖顯示依據本發明實施例之資料管理系統。Figure 1 shows a data management system in accordance with an embodiment of the present invention.

第2圖係顯示依據本發明實施例之CAPTCHA資料之示意圖。Figure 2 is a schematic diagram showing CAPTCHA data in accordance with an embodiment of the present invention.

第3圖係顯示一依據本發明實施例之含編碼資料之CAPTCHA資料之示意圖。Figure 3 is a diagram showing a CAPTCHA data containing encoded data in accordance with an embodiment of the present invention.

第4圖係顯示一依據本發明實施例之CAPTCHA資料管理方法之流程圖。Figure 4 is a flow chart showing a CAPTCHA data management method in accordance with an embodiment of the present invention.

第5A圖與第5B圖係顯示依據本發明另一實施例之CAPTCHA資料之示意圖。5A and 5B are schematic views showing CAPTCHA data according to another embodiment of the present invention.

第6圖係顯示依據本發明另一實施例之CAPTCHA資料管理方法之流程圖。Figure 6 is a flow chart showing a CAPTCHA data management method according to another embodiment of the present invention.

S402-S422...執行步驟S402-S422. . . Steps

Claims (17)

一種全自動區分計算機和人類的測試資料管理方法,包括下列步驟:一伺服器端依據一第一資料產生至少一全自動區分計算機和人類的測試(Completely Automated Public Test to tell Computers and Humans Apart,CAPTCHA)資料,其中該第一資料係為與一操作有關之資料;該伺服器將該全自動區分計算機和人類的測試資料藏入一對應之編碼資料;該伺服器透過一第一傳輸媒介傳送編碼後之全自動區分計算機和人類的測試資料至一用戶端,致使該用戶端利用該編碼後之全自動區分計算機和人類的測試資料輸入一第二資料並傳送該第二資料對應之一第三資料;以及該伺服器接收並解碼該第三資料,以得到該用戶端所輸入之資料,其中該全自動區分計算機和人類的測試資料包括具有一可點選區域之一圖片,該可點選區域係隨機顯示於該圖片之一特定區域,並且該方法更包括:該伺服器接收該用戶端所傳送之一座標資訊並依據該座標資訊判別出該用戶端所輸入之資料,其中該座標資訊係由該用戶端點選於該特定區域之該可點選區域之一位置所產生。 A fully automatic computer and human test data management method includes the following steps: a server end generates at least one fully automatic computer and human test according to a first data (Completely Automated Public Test to tell Computers and Humans Apart, CAPTCHA Data, wherein the first data is data related to an operation; the server hides the fully automatic computer and human test data into a corresponding coded data; the server transmits the code through a first transmission medium After the automatic separation of the computer and human test data to a client, the user uses the coded fully automatic computer and human test data to input a second data and transmit the second data corresponding to a third Data; and the server receives and decodes the third data to obtain data input by the client, wherein the fully automatic computer and human test data includes a picture with a clickable area, which can be selected The area is randomly displayed in a specific area of the picture, and the method further includes: The server receives a coordinate information transmitted by the client, and determines, according to the coordinate information, the data input by the user end, wherein the coordinate information is selected by the user endpoint in the selectable area of the specific area. The location is generated. 如申請專利範圍第1項所述之全自動區分計算機和人類的測試管理方法,其中該編碼資料係為對應於該全自 動區分計算機和人類的測試資料之一識別碼。 For example, the fully automatic computer and human test management method described in claim 1 of the patent scope, wherein the coded data corresponds to the full self An identification code that distinguishes between computer and human test data. 如申請專利範圍第2項所述之全自動區分計算機和人類的測試管理方法,其中該識別碼包括一雜湊編號。 A fully automatic computer and human test management method as described in claim 2, wherein the identification code comprises a hash number. 如申請專利範圍第3項所述之全自動區分計算機和人類的測試管理方法,其中該伺服器接收並解碼該第三資料,以得到該用戶端所輸入之資料之步驟更包括:該伺服器由該第三資料中得到該雜湊編號,並依據該雜湊編號,利用一查表方式來得到該用戶端所輸入之資料。 The method for automatically distinguishing between a computer and a human test management method as described in claim 3, wherein the step of the server receiving and decoding the third data to obtain the data input by the client further comprises: the server The hash number is obtained from the third data, and according to the hash number, a table lookup method is used to obtain the data input by the client. 如申請專利範圍第3項所述之全自動區分計算機和人類的測試管理方法,其中該伺服器接收並解碼該第三資料,以得到該用戶端所輸入之資料之步驟更包括:該伺服器由該第三資料中得到該雜湊編號,並依據該雜湊編號,利用一雜湊函數來得到該用戶端所輸入之資料。 The method for automatically distinguishing between a computer and a human test management method as described in claim 3, wherein the step of the server receiving and decoding the third data to obtain the data input by the client further comprises: the server The hash number is obtained from the third material, and a hash function is used to obtain the data input by the client according to the hash number. 如申請專利範圍第1項所述之全自動區分計算機和人類的測試管理方法,其中,該全自動區分計算機和人類的測試資料更包括一視訊及/或一聲音。 The fully automatic computer and human test management method as described in claim 1, wherein the fully automatic computer and human test data further includes a video and/or a sound. 如申請專利範圍第1項所述之全自動區分計算機和人類的測試管理方法,其中該編碼資料係為一段文字或圖片,該段文字或圖片用以提示該用戶端執行一特定操作,致使該用戶端產生對應該特定操作之一結果給該伺服器。 The method for fully automatic computer and human test management according to claim 1, wherein the coded data is a piece of text or a picture, the piece of text or picture is used to prompt the user to perform a specific operation, so that the The client generates a result corresponding to one of the specific operations to the server. 如申請專利範圍第7項所述之全自動區分計算機和人類的測試管理方法,其中該段文字或圖片表示一謎語或一遊戲。 A fully automatic computer and human test management method as described in claim 7 wherein the text or picture represents a riddle or a game. 一種全自動區分計算機和人類的測試資料管理系 統,包括:一伺服器,依據一第一資料產生一全自動區分計算機和人類的測試資料、將該全自動區分計算機和人類的測試資料藏入一對應之編碼資料、透過一第一傳輸媒介傳送編碼後之該全自動區分計算機和人類的測試資料至一用戶端,致使該用戶端利用該編碼後之全自動區分計算機和人類的測試資料輸入一第二資料並傳送該第二資料對應之一第三資料、以及接收並解碼該第三資料,以得到該用戶端所輸入之資料,其中該第一資料係為與一操作有關之資料且其中該全自動區分計算機和人類的測試資料包括具有一可點選區域之一圖片,該圖片係表示一可點選區域,該可點選區域係隨機顯示於該圖片之一特定區域,並且該伺服器更接收該用戶端所傳送之一座標資訊並依據該座標資訊判別出該用戶端所輸入之資料,其中該座標資訊係由該用戶端點選於該特定區域之該可點選區域之一位置所產生。 A fully automatic test computer and human test data management system The system includes: a server for generating a fully automatic computer and human test data according to a first data, and hiding the fully automatic computer and human test data into a corresponding coded data, through a first transmission medium Transmitting the coded fully automatic computer and human test data to a user end, so that the user end uses the coded fully automatic computer and human test data to input a second data and transmit the second data corresponding to a third data, and receiving and decoding the third data to obtain data input by the user end, wherein the first data is data related to an operation and wherein the fully automatic distinguishing computer and human test data comprises Having a picture of a clickable area, the picture is a clickable area, the clickable area is randomly displayed in a specific area of the picture, and the server further receives a coordinate transmitted by the user end Information and determining the data input by the user terminal according to the coordinate information, wherein the coordinate information is selected by the user endpoint Given area of the region can be generated by one click position. 如申請專利範圍第9項所述之全自動區分計算機和人類的測試管理系統,其中該編碼資料係為對應於該全自動區分計算機和人類的測試資料之一識別碼。 For example, the fully automatic computer and human test management system described in claim 9 is wherein the coded data is an identification code corresponding to the test data of the fully automatic computer and human. 如申請專利範圍第10項所述之全自動區分計算機和人類的測試管理系統,其中該識別碼包括一雜湊編號。 A fully automatic computer and human test management system as described in claim 10, wherein the identification code comprises a hash number. 如申請專利範圍第11項所述之全自動區分計算機和人類的測試管理系統,其中該伺服器更由該第三資料中 得到該雜湊編號,並依據該雜湊編號,利用一查表方式得到該用戶端所輸入之資料。 The fully automatic computer and human test management system as described in claim 11, wherein the server is further included in the third data. The hash number is obtained, and according to the hash number, the data input by the client is obtained by using a look-up table. 如申請專利範圍第11項所述之全自動區分計算機和人類的測試管理系統,其中該伺服器更由該第三資料中得到該雜湊編號,並依據該雜湊編號,利用一雜湊函數來得到該用戶端所輸入之資料。 The fully automatic computer and human test management system according to claim 11, wherein the server further obtains the hash number from the third material, and according to the hash number, uses a hash function to obtain the The data entered by the client. 如申請專利範圍第9項所述之全自動區分計算機和人類的測試管理系統,其中,該全自動區分計算機和人類的測試資料更包括一視訊及/或一聲音。 The fully automatic computer and human test management system as described in claim 9 of the patent application, wherein the fully automatic computer and human test data further comprises a video and/or a sound. 如申請專利範圍第9項所述之全自動區分計算機和人類的測試管理系統,其中該編碼資料係為一段文字或圖片,該段文字或圖片用以提示該用戶端執行一特定操作,致使該用戶端產生對應該特定操作之一結果給該伺服器。 The fully automatic computer and human test management system according to claim 9 , wherein the coded data is a piece of text or a picture, the piece of text or picture is used to prompt the user to perform a specific operation, so that the The client generates a result corresponding to one of the specific operations to the server. 如申請專利範圍第15項所述之全自動區分計算機和人類的測試管理系統,其中該段文字或圖片表示一謎語或一遊戲。 The fully automatic computer and human test management system as described in claim 15 wherein the text or picture represents a riddle or a game. 一種電腦程式產品,其係被一機器載入以執行一全自動區分計算機和人類的測試資料管理方法,該電腦程式產品包括:一第一程式碼,用以依據一第一資料產生至少一全自動區分計算機和人類的測試(Completely Automated Public Test to tell Computers and Humans Apart,CAPTCHA)資料,其中該第一資料係為與一操作有關之資料;一第二程式碼,用以將該全自動區分計算機和人類的 測試資料藏入一對應之編碼資料;一第三程式碼,用以透過一第一傳輸媒介傳送編碼後之全自動區分計算機和人類的測試資料至一用戶端,致使該用戶端利用該編碼後之全自動區分計算機和人類的測試資料輸入一第二資料並傳送該第二資料對應之一第三資料;以及一第四程式碼,用以接收並解碼該第三資料,以得到該用戶端所輸入之資料,其中該全自動區分計算機和人類的測試資料包括具有一可點選區域之一圖片,該可點選區域係隨機顯示於該圖片之一特定區域,且該第四程式碼更用以接收一用戶端所傳送之一座標資訊並依據該座標資訊判別出該用戶端所輸入之資料,其中該座標資訊係由該用戶端點選於該特定區域之該可點選區域之一位置所產生。 A computer program product, which is loaded by a machine to perform a fully automatic computer and human test data management method, the computer program product comprising: a first code for generating at least one full based on a first data Completely Automated Public Test to Tell Computers and Humans Apart (CAPTCHA) data, wherein the first data is data related to an operation; and a second code is used to automatically distinguish the data. Computer and human The test data is hidden in a corresponding coded data; a third code is used to transmit the encoded fully automatic computer and human test data to a client through a first transmission medium, so that the user uses the code Automatically distinguishing computer and human test data into a second data and transmitting a third data corresponding to the second data; and a fourth code for receiving and decoding the third data to obtain the client The input data, wherein the fully automatic computer and human test data comprises a picture having a clickable area, the selectable area is randomly displayed in a specific area of the picture, and the fourth code is further The method is configured to receive a coordinate information transmitted by a user terminal, and determine, according to the coordinate information, the data input by the user terminal, wherein the coordinate information is selected by the user endpoint in the selectable region of the specific region. The location is generated.
TW099141418A 2010-11-30 2010-11-30 Captcha (completely automated public test to tell computers and humans apart) data management methods and related data management systems and computer program products thereof TWI448921B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
TW099141418A TWI448921B (en) 2010-11-30 2010-11-30 Captcha (completely automated public test to tell computers and humans apart) data management methods and related data management systems and computer program products thereof

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
TW099141418A TWI448921B (en) 2010-11-30 2010-11-30 Captcha (completely automated public test to tell computers and humans apart) data management methods and related data management systems and computer program products thereof

Publications (2)

Publication Number Publication Date
TW201222320A TW201222320A (en) 2012-06-01
TWI448921B true TWI448921B (en) 2014-08-11

Family

ID=46725189

Family Applications (1)

Application Number Title Priority Date Filing Date
TW099141418A TWI448921B (en) 2010-11-30 2010-11-30 Captcha (completely automated public test to tell computers and humans apart) data management methods and related data management systems and computer program products thereof

Country Status (1)

Country Link
TW (1) TWI448921B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI574217B (en) * 2015-02-27 2017-03-11 Rakuten Inc Information processing device, information processing method, memory media

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10817596B2 (en) * 2018-06-13 2020-10-27 Nanning Fugui Precision Industrial Co., Ltd. Image based authentication code method, server, and authentication code system

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TW200841913A (en) * 2007-04-17 2008-11-01 Univ Nat Taiwan Science Tech Online game managing method and online game managing device using the same
US20090055193A1 (en) * 2007-02-22 2009-02-26 Pudding Holdings Israel Ltd. Method, apparatus and computer code for selectively providing access to a service in accordance with spoken content received from a user
WO2010014386A1 (en) * 2008-07-29 2010-02-04 Motorola, Inc. Method and system for securing communication sessions
WO2010049257A1 (en) * 2008-10-31 2010-05-06 Gemalto Sa Dynamic pin verification for insecure environment

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20090055193A1 (en) * 2007-02-22 2009-02-26 Pudding Holdings Israel Ltd. Method, apparatus and computer code for selectively providing access to a service in accordance with spoken content received from a user
TW200841913A (en) * 2007-04-17 2008-11-01 Univ Nat Taiwan Science Tech Online game managing method and online game managing device using the same
WO2010014386A1 (en) * 2008-07-29 2010-02-04 Motorola, Inc. Method and system for securing communication sessions
WO2010049257A1 (en) * 2008-10-31 2010-05-06 Gemalto Sa Dynamic pin verification for insecure environment

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI574217B (en) * 2015-02-27 2017-03-11 Rakuten Inc Information processing device, information processing method, memory media

Also Published As

Publication number Publication date
TW201222320A (en) 2012-06-01

Similar Documents

Publication Publication Date Title
US10417399B2 (en) Accessing a secured software application
US11196730B2 (en) Methods and systems for network-enabled account creation using optical detection
CN100565451C (en) Method and system for monitoring interaction between a user and a computer
TWI526037B (en) Method and system for abstrcted and randomized one-time use passwords for transactional authentication
US20140157382A1 (en) Observable authentication methods and apparatus
US20070033102A1 (en) Securely providing advertising subsidized computer usage
JP2018513650A (en) Data forgery recognition method for two-dimensional code security check
US9264417B2 (en) Method and apparatus for generating a security token carrier
JP2017507552A (en) Method and apparatus for providing client-side score-based authentication
CN103763104B (en) A kind of method and system of dynamic authentication
US20130191641A1 (en) Captcha (completely automated public test to tell computers and humans apart) data generation methods and related data management systems and computer program products thereof
US20110225634A1 (en) CAPTCHA (Completely Automated Public Test to Tell Computers and Humans Apart) Data Generation Methods and Related Data Management Systems and Computer Program Products Thereof
US20110225633A1 (en) Data Processing Methods and Systems for Processing Data in an Operation having a Predetermined Flow Based on CAPTCHA (Completely Automated Public Test to Tell Computers and Humans Apart) Data, and Computer Program Products Thereof
Ding et al. IllusionCAPTCHA: A CAPTCHA based on visual illusion
TWI448921B (en) Captcha (completely automated public test to tell computers and humans apart) data management methods and related data management systems and computer program products thereof
TWI436232B (en) Data processing methods and systems for processing data in an operation having a predetermined flow based on captcha (completely automated public test to tell computers and humans apart) data, and computer program products thereof
KR102602174B1 (en) Seal image verification server that can verify whether the seal image inserted as an object in an electronic document is abnormal and operating method thereof
Golla et al. EmojiAuth: quantifying the security of emoji-based authentication
CN110740112B (en) Authentication method, apparatus and computer readable storage medium
CN101116323A (en) Information processing method, device, computer program, and computer-readable storage medium
KR101226319B1 (en) Identification Authentication method and System therefor
CN113965369B (en) A verification graphic acquisition method and device
Sadar et al. Review on Captcha: Graphical Password for Security
CN102546550A (en) Management method and management system for full-automatic computer and human being distinction test data
Radke Security ceremonies: including humans in cryptographic protocols

Legal Events

Date Code Title Description
MM4A Annulment or lapse of patent due to non-payment of fees