CN106650372B - The activating method and device of administrator right - Google Patents
The activating method and device of administrator right Download PDFInfo
- Publication number
- CN106650372B CN106650372B CN201611107828.2A CN201611107828A CN106650372B CN 106650372 B CN106650372 B CN 106650372B CN 201611107828 A CN201611107828 A CN 201611107828A CN 106650372 B CN106650372 B CN 106650372B
- Authority
- CN
- China
- Prior art keywords
- mobile terminal
- attendance recorder
- biological characteristic
- encryption algorithm
- encryption
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/32—User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07C—TIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
- G07C1/00—Registering, indicating or recording the time of events or elapsed time, e.g. time-recorders for work people
- G07C1/10—Registering, indicating or recording the time of events or elapsed time, e.g. time-recorders for work people together with the recording, indicating or registering of other data, e.g. of signs of identity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
Abstract
The present invention provides a kind of activating method of administrator right and devices, it is intended to solve the problems, such as lower by mobile terminal login management attendance recorder safety in the prior art.This method comprises: attendance recorder and mobile terminal establish connection by Handshake Protocol;The biological characteristic that attendance recorder receives the work number of input and mobile terminal is read;Attendance recorder compares received biological characteristic with the biological characteristic that prestores to determine matching degree;When confirming that work number is correct and matching degree is higher than preset value, attendance recorder opens administrator right to mobile terminal.Verifying of the present invention to mobile terminal and the confirmation to user, it is ensured that mobile terminal is the equipment for meeting safety condition, and user is the people for having obtained authorization, to ensure that the safety by mobile terminal administration attendance recorder.
Description
Technical field
The present invention relates to the communications fields, more particularly to the activating method and device of a kind of administrator right.
Background technique
Attendance recorder is widely used in company management, effectively to attendance as a kind of tool for recording attendance data
Situation digitization, convenient for the analysis to attendance situation.Attendance recorder can be generally used for identifying and sending information, and be connected by cable
The Work attendance management system used for related management personnel is connect, this limits the scene used, such as relevant tube to a certain extent
Reason personnel are on business trips or have other to be inconvenient to log in Work attendance management system, then are inconvenient to carry out attendance management.Therefore user has
Pass through the demand of mobile terminal administration attendance information.
But the problem of secure context is brought by mobile terminal administration attendance recorder, in the prior art, anyone passes through
Work number logs in Work attendance management system, can be carried out attendance management, may reveal relevant attendance information in this way.
For the lower problem of management attendance recorder safety is logged in by mobile terminal in the prior art, industry does not have at present
Ideal settling mode.
Summary of the invention
It is an object of that present invention to provide a kind of activating method of administrator right and devices, it is intended to which solution is led in the prior art
It crosses mobile terminal and logs in the lower problem of management attendance recorder safety.
The present invention provides a kind of activating methods of administrator right, this method comprises: attendance recorder passes through with mobile terminal
Handshake Protocol establishes connection;The biological characteristic that attendance recorder receives the work number of input and mobile terminal is read;Attendance recorder comparison receives
Biological characteristic with the biological characteristic that prestores to calculate matching degree;When confirming that work number is correct and matching degree is higher than preset value, examine
Diligent machine opens administrator right to mobile terminal.
Device is opened the present invention also provides a kind of administrator right, which includes: connection unit, is used for and movement
Terminal establishes connection by Handshake Protocol;Receiving unit, the biological characteristic that work number and mobile terminal for receiving input are read;
First determination unit, the biological characteristic for comparing received biological characteristic and prestoring is to calculate matching degree;Second determination unit,
For when confirming that work number is correct and matching degree is higher than preset value, attendance recorder to open administrator right to mobile terminal.
The present invention passes through the matching degree that Handshake Protocol determines mobile terminal and attendance recorder first, then to the work number of user
Confirmed with biological characteristic, to both ensure that mobile terminal was the equipment for meeting safety condition, also ensures that user is to have obtained
The people that must be authorized, to ensure that the safety of the mobile terminal administration attendance recorder.
Detailed description of the invention
Fig. 1 is the schematic diagram for the system that mobile terminal provided in an embodiment of the present invention and attendance recorder are constituted;
Fig. 2 is the flow chart of the activating method of administrator right provided in an embodiment of the present invention;
Fig. 3 is the flow chart that attendance recorder provided in an embodiment of the present invention and mobile terminal establish connection;
Fig. 4 is the flow chart of recognition methods provided in an embodiment of the present invention of shaking hands;
Fig. 5 is the structural block diagram for opening device of administrator right provided in an embodiment of the present invention.
Specific embodiment
In order to which technical problems, technical solutions and advantageous effects to be solved by the present invention are more clearly understood, below in conjunction with
Accompanying drawings and embodiments, the present invention will be described in further detail.It should be appreciated that specific embodiment described herein is only used
To explain the present invention, it is not intended to limit the present invention.
Fig. 1 is the schematic diagram for the system that mobile terminal provided in an embodiment of the present invention and attendance recorder are constituted, for the ease of saying
Bright, only the parts related to this embodiment are shown.
As shown in Figure 1, the system includes mobile terminal 11 and one or more attendance recorder 12.Wherein, mobile terminal 11 can
Think that laptop, tablet computer or mobile phone etc. have the terminal device of network access facility.
The embodiment of the invention provides a kind of activating method of administrator right, Fig. 2 is pipe provided in an embodiment of the present invention
The flow chart of the activating method of reason person's permission, as shown in Fig. 2, this approach includes the following steps S210 to step S240.
Step S210, attendance recorder and mobile terminal establish connection by Handshake Protocol.
The mobile terminal for meeting preset condition refers to the mobile terminal for being mounted with management system corresponding with attendance recorder, in this way
Mobile terminal and attendance recorder use identical Encryption Algorithm, both sides when transmit data by identical algorithm to data progress
Encryption and decryption, therefore ensure that the safety of data.
Specifically, can be judged by the following manner whether mobile terminal meets condition, and built when meeting condition determining
Vertical connection:
Step S01, attendance recorder receive the encrypted result that mobile terminal is sent, and mobile terminal is encrypted by the first Encryption Algorithm
First random parameter is to obtain encrypted result.
Step S02, attendance recorder decrypts encrypted result by the first Encryption Algorithm, to obtain the second random parameter.
Second random parameter is sent to mobile terminal by step S03, attendance recorder.
Step S04, after mobile terminal determines the first random parameter and the second random parameter is equal, attendance recorder and movement are eventually
End is established.
Such as above-mentioned example, Y=AX is exactly an algorithm, and mobile terminal finds out Y by A and X, and A therein and Y is sent
To attendance recorder, attendance recorder is decrypted based on Y and A according to the algorithm of oneself, an available X.If X value is equal, say
Bright mobile terminal and attendance recorder using it is identical calculate be encrypted and decrypted, therefore attendance recorder can determine that the mobile terminal is symbol
Desired mobile terminal is closed, so as to establish connection with the mobile terminal.
In order to reach better secrecy effect, mobile terminal can pass through different algorithms with attendance recorder interactive process
Repeatedly encrypted.Fig. 3 is the flow chart that attendance recorder provided in an embodiment of the present invention and mobile terminal establish connection, such as Fig. 3 institute
Show, this method comprises:
Step S310, attendance recorder receive the encryption factor A and encrypted result Y that mobile terminal is sent, wherein mobile terminal is raw
At encryption factor A and random number X, encryption factor A is encrypted to generate code key B using the second Encryption Algorithm, and add using third
Close algorithm generates encrypted result Y according to encryption code key B and random number X.
Encryption factor A is encrypted using the second Encryption Algorithm, key B can be produced.
By third Encryption Algorithm, Advanced Encryption Standard (Advanced Encryption can be in the present embodiment
Standard, referred to as AES) after algorithm for encryption random number X, obtain the encryption data Y of random number X.
Step S320, attendance recorder generate key B using the second Encryption Algorithm.
After attendance recorder receives the encryption factor A and Y of mobile terminal transmission, code key B is generated according to encryption factor A.
Step S330, attendance recorder utilize third Encryption Algorithm, generate random number X according to key B and encrypted result Y.
After encrypted result is decrypted by code key B, random number X can be generated.
Step S340, attendance recorder utilize the 4th Encryption Algorithm, generate X0 according to random number X.
The 4th Encryption Algorithm in the present embodiment can be a kind of non-reversible algorithm, available by the non-reversible algorithm
The correspondence parameter of random number.
Step S350, attendance recorder utilize the second Encryption Algorithm, generate Y0 according to X0 and encryption code key B, and Y0 is sent to
Mobile terminal, mobile terminal utilize third Encryption Algorithm, are decrypted according to decruption key B and Y0 and generate X0, and utilize the 4th encryption
Algorithm for encryption random number X is to generate X1.
Step S360, after mobile terminal determines that X0 is equal with X1, attendance recorder and mobile terminal establish connection.
When X0 is equal with X1, attendance recorder thinks that the mobile terminal is qualified, therefore can be with the mobile terminal
Establish connection.
This process can be called recognition methods of shaking hands, and Fig. 4 is the stream of recognition methods provided in an embodiment of the present invention of shaking hands
Cheng Tu, comprising the following steps:
Step S401, mobile device generates encryption factor A and random number X, and obtains code key B according to encryption factor A.
Step S402, mobile terminal are that encryption secret room obtains processing result Y by aes algorithm encrypted random number X with B.
A and Y are sent to attendance recorder by step S403, mobile terminal.
Step S404, attendance recorder generate code key B according to encryption factor A, and using B as decruption key, using whole with movement
It holds identical aes algorithm to decrypt encryption data Y, obtains the random number X that above-mentioned mobile terminal generates.
Step S405, attendance recorder carry out calculation processing to random number X using non-reversible algorithm, obtain random number X in movement
Second processing data X0 in terminal.
Step S406, attendance recorder is using B as encryption key, by aes algorithm identical with mobile terminal to second processing
Data X0 is encrypted, and the encryption data of Y0 is obtained.
Y0 is back to mobile terminal by step S407, attendance recorder.
Step S408, mobile terminal decrypt Y0 by aes algorithm and obtain X0.
Step S409, mobile terminal directly are encrypted to obtain X1 by non-reversible algorithm to random number X again
Step S410, mobile terminal judge whether X0 is equal to X1, so that it is determined that whether the attendance recorder matches.
Pass through the identification method of shaking hands, it is ensured that mobile terminal is qualified.
Step S220, the biological characteristic that attendance recorder receives the work number of input and mobile terminal is read.
After determining that mobile terminal is eligible, in order to further ensure safety, it is also necessary to determine and use the movement
The user of terminal is qualified people, the people with associated rights that qualified people can pre-register.For
Qualified people, biological characteristic, such as fingerprint, face, iris etc. are crossed in typing in advance.
Only pass through compared with the prior art and input the identity that work number confirms user, in this step, mobile terminal can be read
The corresponding biological characteristic of user, and biological characteristic is sent to attendance recorder, so that attendance recorder is by the biological characteristic and the life that prestores
Object feature is compared.
Since work number relevant information is easy to be stolen by others and usurps, safety is lower, and the embodiment of the present invention can pass through
The identity of biological characteristic validation user since biological characteristic is unique, and can not be stolen by others and usurp, therefore
Raising safety that can be very big by the identity of biological characteristic validation user.
Step S230, attendance recorder compare received biological characteristic with the biological characteristic that prestores to calculate matching degree.
The biology read can be calculated using matching degree computational algorithm according to the characteristic extracted in biological characteristic
The matching degree of feature and registered biological characteristic.Registered biological characteristic can store in attendance recorder local, can also deposit
In the server, there are attendance recorders can locally guarantee faster reading speed, can guarantee in presence server bigger for storage
Amount of storage and higher safety.Different storage methods can be used in different scenes or different attendance recorders.
In one implementation, attendance recorder compares received biological characteristic with local biological characteristic is pre-stored in
It is right.The biological characteristic of user registration, which is stored in, locally can guarantee higher response speed, after user inputs biological characteristic
It can compare as early as possible and obtain matching degree.
In another implementation, attendance recorder carries out received biological characteristic with the biological characteristic for being pre-stored in server
It compares.The biological characteristic of user registration is stored in server, on the one hand can reduce the cost of attendance recorder on a memory;Separately
On the one hand it can guarantee the safety of data, in order to avoid biological characteristic therein can be obtained after attendance recorder is stolen.
Step S240, when confirming that work number is correct and matching degree is higher than preset value, attendance recorder opens management to mobile terminal
Member's permission.
Different matching degrees may will be calculated in different algorithms, and two biological characteristics are in rings such as different light
The matching degree gone out calculated under border may also be different, it is however generally that, it, can be with when the matching degree of two biological characteristics is higher than 80%
Think that the two biological characteristics are the same persons.Therefore, in the present embodiment, if matching degree is higher than 80%, and abovementioned steps
Have confirmed that mobile terminal meets preset condition, then this step can determine that the mobile terminal is manager device.
Verifying of the present embodiment to mobile terminal and the confirmation to user, it is ensured that mobile terminal is to meet setting for safety condition
Standby, user is the people for having obtained authorization, to ensure that the safety by mobile terminal administration attendance recorder.
The embodiment of the invention also provides a kind of device of opening of administrator right, Fig. 5 is provided in an embodiment of the present invention
The structural block diagram for opening device of administrator right, as shown in figure 5, the device includes connection unit 510, receiving unit 520,
One determination unit 530 and the second determination unit 540.
Connection unit 510 is used to establish connection by Handshake Protocol with mobile terminal.
The biological characteristic that the work number for receiving input of receiving unit 520 and mobile terminal are read.
Biological characteristic of first determination unit 530 for comparing received biological characteristic and prestoring is to calculate matching degree.
Second determination unit 540 is used for when confirming that work number is correct and matching degree is higher than preset value, and attendance recorder determines movement
Terminal is manager device.
Preferably, connection unit 510 includes:
First receiving module, for receiving the encrypted result of mobile terminal transmission, mobile terminal passes through the first Encryption Algorithm
The first random parameter is encrypted to obtain encrypted result.
Module is obtained, encrypted result is decrypted by the first Encryption Algorithm for attendance recorder, to obtain the second random parameter.
Sending module, for the second random parameter to be sent to mobile terminal.
First link block, for after mobile terminal determines the first random parameter and the second random parameter is equal, with shifting
Dynamic terminal establishes connection.
Preferably, connection unit 510 includes:
Second receiving module, for receiving the encryption factor A and encrypted result Y of mobile terminal transmission, wherein mobile terminal
Encryption factor A and random number X is generated, using the second Encryption Algorithm encrypting factors A to generate code key B, and is added using third
Close algorithm generates encrypted result Y according to code key B and random number X.
First generation module, for generating key B using the second Encryption Algorithm.
Second generation module generates random number X according to key B and encrypted result Y for utilizing third Encryption Algorithm.
Third generation module generates X0 according to random number X for utilizing the 4th Encryption Algorithm.
4th generation module states B according to X0 and institute's key and generates Y0, and Y0 is sent for utilizing the second Encryption Algorithm
To mobile terminal, mobile terminal utilizes third Encryption Algorithm, is decrypted according to key B and Y0 and generates X0, and is calculated using the 4th encryption
Method encrypted random number X is to generate X1.
Second link block, for establishing connection with mobile terminal after mobile terminal determines that X0 is equal with X1.
Preferably, the first determination unit is also used to: compare received biological characteristic and be pre-stored in local biological characteristic with
Determine matching degree.
Preferably, the first determination unit is also used to: comparing received biological characteristic and the biological characteristic for being pre-stored in server
To determine matching degree.
It is apparent to those skilled in the art that for convenience of description and succinctly, only with above-mentioned each function
Can unit division progress for example, in practical application, can according to need and by above-mentioned function distribution by different functions
Unit is completed, i.e., the internal structure of device is divided into different functional unit or module, with complete it is described above whole or
Person's partial function.Each functional unit in embodiment can integrate in one processing unit, and it is independent to be also possible to each unit
It is physically present, can also be integrated in one unit with two or more units, above-mentioned integrated unit both can be using hard
The form of part is realized, can also be realized in the form of software functional units.In addition, the specific name of each functional unit is also
For the ease of mutually distinguishing, the protection scope being not intended to limit this application.The specific work process of unit in above-mentioned apparatus, can
With with reference to the corresponding process in aforementioned device embodiment, details are not described herein.
Those of ordinary skill in the art may be aware that list described in conjunction with the examples disclosed in the embodiments of the present disclosure
Member and algorithm steps can be realized with the combination of electronic hardware or computer software and electronic hardware.These functions are actually
It is implemented in hardware or software, the specific application and design constraint depending on technical solution.Professional technician
Described function can be realized using different device to each specific application, but this realization is it is not considered that exceed
The scope of the present invention.
In embodiment provided by the present invention, it should be understood that disclosed device and device can pass through others
Mode is realized.For example, the apparatus embodiments described above are merely exemplary, for example, the division of module or unit, only
For a kind of logical function partition, there may be another division manner in actual implementation, such as multiple units or components can combine
Or it is desirably integrated into another system, or some features can be ignored or not executed.Another point, shown or discussed phase
Coupling or direct-coupling or communication connection between mutually can be through some interfaces, the INDIRECT COUPLING or communication of device or unit
Connection can be electrical property, mechanical or other forms.
Unit may or may not be physically separated as illustrated by the separation member, shown as a unit
Component may or may not be physical unit, it can and it is in one place, or may be distributed over multiple networks
On unit.It can some or all of the units may be selected to achieve the purpose of the solution of this embodiment according to the actual needs.
It, can also be in addition, the functional units in various embodiments of the present invention may be integrated into one processing unit
It is that each unit physically exists alone, can also be integrated in one unit with two or more units.Above-mentioned integrated list
Member both can take the form of hardware realization, can also realize in the form of software functional units.
It, can if integrated unit is realized in the form of SFU software functional unit and when sold or used as an independent product
To be stored in a computer readable storage medium.Based on this understanding, the technical solution essence of the embodiment of the present invention
On all or part of the part that contributes to existing technology or the technical solution can be with the shape of software product in other words
Formula embodies, which is stored in a storage medium, including some instructions are used so that a calculating
It is real that machine equipment (can be personal computer, server or the network equipment etc.) or processor (processor) execute the present invention
Apply all or part of the steps of each embodiment device of example.And storage medium above-mentioned includes: USB flash disk, mobile hard disk, read-only storage
Device (ROM, Read-Only Memory), random access memory (RAM, Random Access Memory), magnetic disk or light
The various media that can store program code such as disk.
The above embodiments are merely illustrative of the technical solutions of the present invention, rather than its limitations;Although with reference to the foregoing embodiments
Invention is explained in detail, those skilled in the art should understand that: it still can be to aforementioned each implementation
Technical solution documented by example is modified or equivalent replacement of some of the technical features;And these modification or
Replacement, the spirit and scope of each embodiment technical solution of the embodiment of the present invention that it does not separate the essence of the corresponding technical solution.
The above is merely preferred embodiments of the present invention, be not intended to limit the invention, it is all in spirit of the invention and
Made any modifications, equivalent replacements, and improvements etc., should all be included in the protection scope of the present invention within principle.
Claims (10)
1. a kind of activating method of administrator right characterized by comprising
Attendance recorder establishes connection by Handshake Protocol with mobile terminal;Specifically: the mobile terminal for meeting preset condition refers to peace
The mobile terminal of management system corresponding with the attendance recorder is filled, the mobile terminal and the attendance recorder use identical encryption
Algorithm, both sides are encrypted and decrypted data by identical algorithm when transmitting data;
The biological characteristic that the attendance recorder receives the work number of input and the mobile terminal is read;
The attendance recorder compares the received biological characteristic with the biological characteristic that prestores to calculate matching degree;
When confirming that the work number is correct and the matching degree is higher than preset value, the attendance recorder opens pipe to the mobile terminal
Reason person's permission.
2. the method as described in claim 1, which is characterized in that attendance recorder establishes connection packet by Handshake Protocol with mobile terminal
It includes:
The attendance recorder receives the encrypted result that the mobile terminal is sent, and the mobile terminal is encrypted by the first Encryption Algorithm
First random parameter is to obtain the encrypted result;
The attendance recorder decrypts the encrypted result by first Encryption Algorithm, to obtain the second random parameter;
Second random parameter is sent to the mobile terminal by the attendance recorder;
After the mobile terminal determines first random parameter and second random parameter is equal, the attendance recorder and institute
It states mobile terminal and establishes connection.
3. the method as described in claim 1, which is characterized in that attendance recorder establishes connection packet by Handshake Protocol with mobile terminal
It includes:
The attendance recorder receives the encryption factor A and encrypted result Y that the mobile terminal is sent, wherein the mobile terminal is raw
At the encryption factor A and random number X, the encryption factor A is encrypted to generate key B using the second Encryption Algorithm, and utilize
Third Encryption Algorithm generates the encrypted result Y according to the key B and random number X;
The attendance recorder generates the key B using second Encryption Algorithm;
The attendance recorder utilizes the third Encryption Algorithm, generates the random number according to the key B and encrypted result Y
X;
The attendance recorder utilizes the 4th Encryption Algorithm, generates X0 according to the random number X;
The attendance recorder utilizes second Encryption Algorithm, states B according to the X0 and institute's key and generates Y0, and the Y0 is sent
To the mobile terminal, the mobile terminal utilizes the third Encryption Algorithm, is generated according to the key B and Y0 decryption
X0, and the random number X is encrypted using the 4th Encryption Algorithm to generate X1;
After the mobile terminal determines that the X0 is equal with the X1, the attendance recorder and the mobile terminal establish connection.
4. the method as described in claim 1, which is characterized in that the attendance recorder compares the received biological characteristic and prestores
Biological characteristic include: to determine matching degree
The attendance recorder compares the received biological characteristic and is pre-stored in the local biological characteristic with the determination matching
Degree.
5. the method as described in claim 1, which is characterized in that the attendance recorder compares the received biological characteristic and prestores
Biological characteristic include: to determine matching degree
The attendance recorder compares the received biological characteristic and is pre-stored in the biological characteristic of server to determine described
With degree.
6. a kind of administrator right opens device characterized by comprising
Connection unit, for establishing connection by Handshake Protocol with mobile terminal;Specifically: meet the mobile terminal of preset condition
Refer to the mobile terminal for being mounted with management system corresponding with attendance recorder, the mobile terminal and the attendance recorder are added using identical
Close algorithm, both sides are encrypted and decrypted data by identical algorithm when transmitting data;
The biological characteristic that receiving unit, work number for receiving input and the mobile terminal are read;
First determination unit, the biological characteristic for comparing the received biological characteristic and prestoring is to calculate matching degree;
Second determination unit, for when confirming that the work number is correct and the matching degree is higher than preset value, the attendance recorder to
The mobile terminal opens administrator right.
7. device as claimed in claim 6, which is characterized in that the connection unit includes:
First receiving module, the encrypted result sent for receiving the mobile terminal, the mobile terminal pass through the first encryption
The first random parameter of algorithm for encryption is to obtain the encrypted result;
Obtain module, for the attendance recorder by first Encryption Algorithm decryption encrypted result, with obtain second with
Machine parameter;
Sending module, for second random parameter to be sent to the mobile terminal;
First link block, for determining that first random parameter and second random parameter are equal in the mobile terminal
Afterwards, connection is established with the mobile terminal.
8. device as claimed in claim 6, which is characterized in that the connection unit includes:
Second receiving module, the encryption factor A and encrypted result Y sent for receiving the mobile terminal, wherein the movement
Terminal generates the encryption factor A and random number X, using the second Encryption Algorithm encryption encryption factor A to generate key B,
And third Encryption Algorithm is utilized, the encrypted result Y is generated according to the key B and random number X;
First generation module, for generating the key B using second Encryption Algorithm;
Second generation module generates institute according to the key B and encrypted result Y for utilizing the third Encryption Algorithm
State random number X;
Third generation module generates X0 according to the random number X for utilizing the 4th Encryption Algorithm;
4th generation module states B according to the X0 and institute's key and generates Y0, and by institute for utilizing second Encryption Algorithm
It states Y0 and is sent to the mobile terminal, the mobile terminal utilizes the third Encryption Algorithm, according to the key B and Y0
Decryption generates X0, and encrypts the random number X using the 4th Encryption Algorithm to generate X1;
Second link block, for being built with the mobile terminal after the mobile terminal determines that the X0 is equal with the X1
Vertical connection.
9. device as claimed in claim 6, which is characterized in that first determination unit is also used to:
It compares the received biological characteristic and is pre-stored in the local biological characteristic with the determination matching degree.
10. device as claimed in claim 6, which is characterized in that first determination unit is also used to:
It compares the received biological characteristic and is pre-stored in the biological characteristic of server with the determination matching degree.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201611107828.2A CN106650372B (en) | 2016-12-06 | 2016-12-06 | The activating method and device of administrator right |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201611107828.2A CN106650372B (en) | 2016-12-06 | 2016-12-06 | The activating method and device of administrator right |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN106650372A CN106650372A (en) | 2017-05-10 |
| CN106650372B true CN106650372B (en) | 2019-05-03 |
Family
ID=58818724
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201611107828.2A Active CN106650372B (en) | 2016-12-06 | 2016-12-06 | The activating method and device of administrator right |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN106650372B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US11803634B2 (en) | 2021-02-25 | 2023-10-31 | International Business Machines Corporation | Secure preconfigured profile for role-based access control setup |
Families Citing this family (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109754479B (en) * | 2017-11-07 | 2023-06-27 | 深圳脸网科技有限公司 | Sign-in system, sign-in method and social method based on face recognition |
| CN109147077B (en) * | 2018-09-04 | 2021-08-27 | 北京工业大学 | Mobile attendance checking method and device and server |
| CN109920076A (en) * | 2019-01-29 | 2019-06-21 | 上海阅面网络科技有限公司 | A kind of campus human face identification work-attendance checking system |
| CN109788478B (en) * | 2019-02-21 | 2022-10-04 | 南京航空航天大学 | Method for collecting data by using authentication process in WPA wireless network |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101056166A (en) * | 2007-05-28 | 2007-10-17 | 北京飞天诚信科技有限公司 | A method for improving the data transmission security |
| CN102063656A (en) * | 2010-12-23 | 2011-05-18 | 哈尔滨伟德大药房医药有限公司 | Image attendance information acquiring system and personnel management system based on same |
| CN103841107A (en) * | 2014-03-11 | 2014-06-04 | 网神信息技术(北京)股份有限公司 | Method and device for identity authentication of security gateway administrator |
| CN104462922A (en) * | 2014-12-11 | 2015-03-25 | 苏州海博智能系统有限公司 | Method for verifying authorization on basis of biological recognition |
| CN104952117A (en) * | 2015-02-28 | 2015-09-30 | 山东紫光比威网络技术有限公司 | Attendance management method |
| CN105117898A (en) * | 2015-08-25 | 2015-12-02 | 北京今目标信息技术有限公司 | Cloud attendance management method and system for supporting access of attendance terminals of multiple manufacturers |
-
2016
- 2016-12-06 CN CN201611107828.2A patent/CN106650372B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101056166A (en) * | 2007-05-28 | 2007-10-17 | 北京飞天诚信科技有限公司 | A method for improving the data transmission security |
| CN102063656A (en) * | 2010-12-23 | 2011-05-18 | 哈尔滨伟德大药房医药有限公司 | Image attendance information acquiring system and personnel management system based on same |
| CN103841107A (en) * | 2014-03-11 | 2014-06-04 | 网神信息技术(北京)股份有限公司 | Method and device for identity authentication of security gateway administrator |
| CN104462922A (en) * | 2014-12-11 | 2015-03-25 | 苏州海博智能系统有限公司 | Method for verifying authorization on basis of biological recognition |
| CN104952117A (en) * | 2015-02-28 | 2015-09-30 | 山东紫光比威网络技术有限公司 | Attendance management method |
| CN105117898A (en) * | 2015-08-25 | 2015-12-02 | 北京今目标信息技术有限公司 | Cloud attendance management method and system for supporting access of attendance terminals of multiple manufacturers |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US11803634B2 (en) | 2021-02-25 | 2023-10-31 | International Business Machines Corporation | Secure preconfigured profile for role-based access control setup |
Also Published As
| Publication number | Publication date |
|---|---|
| CN106650372A (en) | 2017-05-10 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10681025B2 (en) | Systems and methods for securely managing biometric data | |
| US10601805B2 (en) | Securitization of temporal digital communications with authentication and validation of user and access devices | |
| CN106650372B (en) | The activating method and device of administrator right | |
| CN105389500B (en) | The method for unlocking another equipment using an equipment | |
| CN111478917B (en) | Background system for providing network service for access control device and user terminal | |
| CN103124269B (en) | Based on the Bidirectional identity authentication method of dynamic password and biological characteristic under cloud environment | |
| ES2596308T3 (en) | Method and provision for secure authentication | |
| CN107294709A (en) | A kind of block chain data processing method, apparatus and system | |
| CN106789024B (en) | A kind of remote de-locking method, device and system | |
| CN107506635B (en) | Online function opening method for identity card, mobile phone, trusted terminal and verification server | |
| CN106060073B (en) | Channel key machinery of consultation | |
| Alia et al. | Cryptography based authentication methods | |
| CN105208045A (en) | Identity authentication method, equipment and system | |
| CN108650219B (en) | User identity identification method, related device, equipment and system | |
| CN107888376B (en) | NFC authentication system based on quantum communication network | |
| CN109961291A (en) | A kind of biological characteristic authentication system and method | |
| CN114170709A (en) | Money box management method and system based on Internet of things | |
| Gu et al. | Toauth: Towards automatic near field authentication for smartphones | |
| CN106055966B (en) | A kind of authentication method and system | |
| Maheshwari et al. | Secure authentication using biometric templates in Kerberos | |
| CN110119626B (en) | Communication engineering project life cycle credible management method based on intelligent mobile device cloud service | |
| Naik et al. | Smart and secure locker system | |
| Rao et al. | User Authentication System for Securing and Identifies by User and IoT Device | |
| CN115331330A (en) | Unlocking method, key resetting method, device, terminal, lock and system | |
| CN115798082A (en) | Safety control method for intelligent electronic lock, intelligent electronic lock and electronic equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20170821 Address after: 361000, Xiamen three software park, Fujian Province, 8 North Street, room 2001 Applicant after: Xiamen Central Intelligent Information Technology Co., Ltd. Address before: 361000 Fujian province Xiamen software park two sunrise Road No. 32 403 unit 02 District Applicant before: XIAMEN ZHONGKONG BIOLOGICAL RECOGNITION INFORMATION TECHNOLOGY CO., LTD. |
|
| TA01 | Transfer of patent application right | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| CP03 | Change of name, title or address |
Address after: Room 1301, No.132, Fengqi Road, phase III, software park, Xiamen City, Fujian Province Patentee after: Xiamen Entropy Technology Co., Ltd Address before: 361000, Xiamen three software park, Fujian Province, 8 North Street, room 2001 Patentee before: XIAMEN ZKTECO BIOMETRIC IDENTIFICATION TECHNOLOGY Co.,Ltd. |
|
| CP03 | Change of name, title or address |