CN108305360B - Access control method and related device - Google Patents
Access control method and related device Download PDFInfo
- Publication number
- CN108305360B CN108305360B CN201810039612.XA CN201810039612A CN108305360B CN 108305360 B CN108305360 B CN 108305360B CN 201810039612 A CN201810039612 A CN 201810039612A CN 108305360 B CN108305360 B CN 108305360B
- Authority
- CN
- China
- Prior art keywords
- information
- user
- access control
- access
- terminal equipment
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07C—TIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
- G07C9/00—Individual registration on entry or exit
- G07C9/20—Individual registration on entry or exit involving the use of a pass
- G07C9/22—Individual registration on entry or exit involving the use of a pass in combination with an identity check of the pass holder
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07C—TIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
- G07C9/00—Individual registration on entry or exit
- G07C9/20—Individual registration on entry or exit involving the use of a pass
- G07C9/27—Individual registration on entry or exit involving the use of a pass with central registration
Landscapes
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Telephonic Communication Services (AREA)
Abstract
The embodiment of the application discloses an access control method and a related device, wherein the method comprises the following steps: the method comprises the steps that a server receives access information sent by first terminal equipment, wherein the access information comprises registration information of a first user and identification information of the first terminal equipment; the server compares the access information with pre-stored information; when the access information is successfully compared with the pre-stored information, issuing the access control authority information of the first user to the first terminal equipment, wherein the access control authority information of the first user comprises identification information of the first terminal equipment; and the server instructs the entrance guard terminal equipment to execute corresponding operation according to the sent entrance guard permission information of the first user. The embodiment of the application also provides a related device. Through the embodiment of the application, all equipment in the system can be controlled in a wiring-free mode, and user experience is improved.
Description
Technical Field
The present application relates to the field of electronic technologies, and in particular, to a method and a related apparatus for controlling an access.
Background
With the development of automatic control technology, computer technology and communication technology, more and more places need to be provided with access control systems, for example, places such as school rooms, company attendance and entrances of public places are all provided with access control systems. Since the access control system has different functions when used in different places, the access control system is widely applied to various industries.
At present, people can install APP relevant to the access control system on mobile equipment, carry out information interaction with the access control system through bluetooth or WIFI on the mobile equipment to obtain the access control permission, control access control terminal equipment through the access control ware. However, in a large environment, the cost for installing a plurality of access controllers is high, and all access control terminal devices in a system cannot be controlled by the existing access control APP and access control controller connection mode.
Disclosure of Invention
The embodiment of the application provides an access control method and a related device, so that all access control terminal equipment in a system can be controlled in a wiring-free mode.
In a first aspect, an embodiment of the present application provides an access control method, including:
the method comprises the steps that a server receives access information sent by first terminal equipment, wherein the access information comprises registration information of a first user and identification information of the first terminal equipment;
the server compares the access information with pre-stored information;
when the access information is successfully compared with the pre-stored information, issuing the access control authority information of the first user to the first terminal equipment;
and the server instructs the entrance guard terminal equipment to execute corresponding operation according to the sent entrance guard permission information of the first user.
In a second aspect, an embodiment of the present application provides an access control apparatus, including:
a receiving unit, configured to receive access information sent by a first terminal device, where the access information includes registration information of a first user and identification information of the first terminal device;
the comparison unit is used for comparing the access information with pre-stored information;
the issuing unit is used for issuing the access right information of the first user to the first terminal equipment when the access information is successfully compared with the pre-stored information;
and the indicating unit is used for indicating the entrance guard terminal equipment to execute corresponding operation according to the transmitted entrance guard permission information of the first user.
In a third aspect, embodiments of the present application provide a terminal device, including one or more processors, one or more memories, one or more transceivers, and one or more programs stored in the memories and configured to be executed by the one or more processors, the programs including instructions for a user to perform steps in the method according to the first aspect.
In a fourth aspect, an embodiment of the present application provides a computer-readable storage medium storing a computer program for electronic data exchange, wherein the computer program causes a computer to execute the method according to the first aspect.
In a fifth aspect, embodiments of the present application provide a computer program product comprising a non-transitory computer-readable storage medium storing a computer program, the computer being operable to cause a computer to perform the method according to the first aspect.
By adopting the embodiment of the application, the following beneficial effects are achieved:
therefore, in the access control system, after the server receives the access request sent by any terminal device which has registered the user information in the access control system, the authenticity of the access request is verified, and the safety of the access control system is improved. And when the verification is passed, the access control authority corresponding to the login user of the terminal equipment is issued to the terminal equipment, and the server receives the access control authority information sent by the terminal equipment and then instructs the access control terminal equipment to execute the operation corresponding to the access control authority, so that all the terminal equipment in the server control system are realized, and the access requests of a plurality of terminal equipment are processed at the same time.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present invention, the drawings needed to be used in the description of the embodiments are briefly introduced below, and it is obvious that the drawings in the following description are some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without creative efforts.
Fig. 1A is a schematic diagram of an access control system architecture provided in an embodiment of the present application;
fig. 1B is a schematic flowchart of an access control method according to an embodiment of the present application;
fig. 1C is a schematic view of a scenario of information interaction of an access control system according to an embodiment of the present application;
fig. 1D is a schematic diagram illustrating a manner of issuing an access right according to an embodiment of the present application;
fig. 1E is a schematic diagram of another access permission issuing manner provided in the embodiment of the present application;
fig. 2 is a schematic flow chart of another access control method provided in the embodiment of the present application;
fig. 3 is a schematic flow chart of another access control method provided in the embodiment of the present application;
fig. 4 is a schematic structural diagram of another terminal device provided in an embodiment of the present application;
fig. 5 is a schematic structural diagram of another terminal device provided in an embodiment of the present application.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, not all, embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The terms "first," "second," "third," and "fourth," etc. in the description and claims of the invention and in the accompanying drawings are used for distinguishing between different objects and not for describing a particular order. Furthermore, the terms "include" and "have," as well as any variations thereof, are intended to cover non-exclusive inclusions. For example, a process, method, system, article, or apparatus that comprises a list of steps or elements is not limited to only those steps or elements listed, but may alternatively include other steps or elements not listed, or inherent to such process, method, article, or apparatus.
Reference herein to "an embodiment" means that a particular feature, result, or characteristic described in connection with the embodiment can be included in at least one embodiment of the invention. The appearances of the phrase in various places in the specification are not necessarily all referring to the same embodiment, nor are separate or alternative embodiments mutually exclusive of other embodiments. It is explicitly and implicitly understood by one skilled in the art that the embodiments described herein can be combined with other embodiments.
Hereinafter, some terms in the present application are explained to facilitate understanding by those skilled in the art.
(1) A terminal device, also called a User Equipment (UE), is a device providing voice and/or data connectivity to a User, for example, a handheld device with a wireless connection function, a vehicle-mounted device, and so on. Common terminals include, for example: the mobile phone includes a mobile phone, a tablet computer, a notebook computer, a palm computer, a Mobile Internet Device (MID), and a wearable device such as a smart watch, a smart bracelet, a pedometer, and the like.
(2) A Central Processing Unit (CPU), which is an ultra-large scale integrated circuit, mainly includes an Arithmetic Unit (Arithmetic Logic Unit, ALU), a Cache memory (Cache), and a Bus (Bus) for implementing Data, control and status of the connection between them. The central processing unit functions mainly to interpret computer instructions and process data in computer software.
Referring to fig. 1A, fig. 1A is a schematic diagram of an architecture of an access control system, as shown in fig. 1A, a terminal device is a mobile phone, an access server is a central controller of the access control system, where the access server further includes a data processor and a controller, the data processor is configured to receive access information sent by the terminal device, store registration information of a user and identification information of the terminal device, and issue access right information corresponding to the registration information of the user, and the controller is configured to control the access terminal to perform corresponding operations according to the access right information, where the data processor may upload the stored registration information of the user, identification information of the terminal device, and access right information to a cloud platform, and when the data processor needs to compare access information, first download the registration information of the user from the cloud platform, And the identification information of the terminal equipment and the corresponding access control authority information.
Wherein, the terminal device is connected with the access control server in a wireless manner, the access control server is connected with the cloud platform in a wireless manner, the access control server is connected with the access control terminal in a wireless manner, the communication connection manner can be a single connection manner, a dual connection manner or a multi-connection manner, the wireless manner includes but is not limited to bluetooth, WIFI, voice data and the like, when the communication connection manner is a single connection manner, the server can be a base station, such as an LTE base station or an NR base station (also called gNB), when the communication manner is a dual connection manner (specifically, the communication manner can be realized by a carrier aggregation CA technology or by a plurality of network side devices), and when the terminal is connected with a plurality of network side devices, the plurality of network side devices can be a main base station MCG and an auxiliary base station SCG, the base stations carry out data backhaul through backhaul links between the base stations, the main base station can be an NR base station, the secondary base station may also be an NR base station.
Referring to fig. 1B, fig. 1B is a schematic flowchart of an access control method provided in an embodiment of the present application, where the method includes:
step 101: the server receives access information sent by first terminal equipment, wherein the access information comprises registration information of a first user and identification information of the first terminal equipment.
Optionally, before the access control server receives the access information sent by the first terminal device, the access control server receives registration information of an authorized user and entry of access control permission information corresponding to the registration information of the authorized user, where the authorized user refers to a user authorized by the access control system and having access permission, and optionally, the user registration information is entered in advance by an administrator of the access control system; the registration information of the authorized user specifically includes, but is not limited to, a preset combination of a name of the user, a gender of the user, a number of the user, a mobile phone number of the user, a department to which the user belongs, an identification number of the user, an access right of the user, and the like.
Optionally, if an external visitor (a visitor who does not belong to any authorized user) wants to obtain the permission of the access control system, a relevant administrator is required to enter information of the visitor into the access control server before the visitor registers, the information storage time of the visitor can be specifically set according to the access duration of the visitor, when the access control server exceeds the set duration, the stored visitor information is automatically cleared by the access control server, that is, the visitor does not have the access permission, and the administrator needs to enter information again to obtain the access permission.
Further, after the access control server enters the registration information of the authorized user, the registration information of the authorized user and the access control authority information of the authorized user are stored in a storage module of the access control server or uploaded to a cloud platform for storage.
Preferably, the registration information of the authorized user and the corresponding access control authority information are uploaded to the cloud platform, so that the memory space of the access control server can be saved, the running speed of the access control server is improved, the cloud platform has a larger storage space, more registration information and access control authority information can be received, and all terminal devices in the control system can be more easily input.
Optionally, the embodiment of the present application will specifically describe, by way of example, the registration information of the authorized user and the corresponding access control authority information are uploaded to the cloud platform, but the present application is not limited to this method.
Further, when any user submits registration information on an APP (Application) related to the access control system, the access control server first verifies whether the user is an authorized user of the access control system, that is, after the user submits the registration information on the APP, the terminal device uploads the registration information of the user to the access control server, the access control server uploads the registration information of the user to a cloud platform, the cloud platform searches whether the registration information of the user is included in the registration information of the authorized user that is previously entered, if the registration information of the user is included, a registration passing instruction is issued to the access control server to confirm that the user is an authorized user of the access control system, and then the registration information of the user and identification information of the terminal device used when the user is registered, for example, an unique Mobile Identity identifier (IMEI) of a Mobile phone are stored, international mobile equipment identity code), if the cloud platform does not search the registration information submitted by the user in the registered information of the authorized user, issuing a registration failure instruction to the access control server, instructing the access control server to send a registration failure prompt message to the user, and prompting the user to request a relevant administrator to input the registration information of the user in advance.
Optionally, when the cloud platform issues an instruction or information, the instruction or information is issued to the access control server, and is issued to the terminal device by the access control server, or the instruction or information is directly issued to the terminal device, as shown in fig. 1C, here, we take a manner of issuing to the access control server and then issuing to the terminal device by the access control server as an example, but not limited specifically.
Further, if the cloud platform detects that the user does not completely fill in the registration information correctly, another instruction of failed registration is issued to the access control server, the access control server is instructed to send another prompt message of failed registration to the user, and the prompt message is used for prompting the user to resubmit the correct registration information.
It can be understood that the registrant, the registration information of the registrant, the access control authority information of the registrant, and the identification information of the terminal device used in registration have a certain mapping relationship, and the mapping relationship table is shown in table 1.
TABLE 1
It can be understood that, as shown in table 1, only one user is allowed to register on the terminal device by any terminal device, that is, after the access control server detects that the user successfully registers on the terminal device, the access control server does not receive registration information of other users sent by the terminal device.
Optionally, when the registration information of the registrant on the terminal device changes and requests to change the registration information, the access control administrator needs to be notified to modify the registration information of the registered user in the background, the access control server issues the permission to modify the registration information to the registered user, and after detecting that the user completes information modification, the terminal device uploads new registration information to the access control server and stores the new registration information.
For example, XX is an authorized person of the access control system, the terminal device used during registration is a smart phone, the uploaded identification information is an IMEI code of the smart phone, specifically 359XXXX, and the uploaded registration information specifically is: the name of the access control server is XX, the serial number XXX, the mobile phone number 176XX and the identity card number 411XXXXX, and the XX is a manager assistant, the access control authority of the XX is that a door of a manager office, a door of a conference room and a door of an office area can be opened, so that after the XX is successfully registered on the first terminal device, the access control server stores the information of the XX in the form of the table 1, and does not receive the registration information of other users on the first terminal device; if the number of the XX is changed into the LLL, an access control administrator needs to be requested to modify the number into the LLL in the background, and the access control server is requested to issue the authority of modifying the registration information, and the number is modified into the LLL on a personal registration information interface of the access control APP.
Optionally, when the terminal device detects the operation of obtaining the user's click access right, the user information of the current login on the access control APP of the terminal device and the identification information of the terminal device are sent to the access control server, wherein the access control server can receive the user information sent by multiple terminal devices in the access control system and the identification information of multiple terminal devices.
Optionally, the access control server sends the access information sent by the terminal device to the cloud platform.
Step 102: and the server compares the access information with pre-stored information.
The information comparison means that the cloud platform compares the identification information and the registration information in the access information with the pre-stored identification information and the pre-stored registration information one by one.
Optionally, the specific implementation manner of comparing the access information with the pre-stored information by the cloud platform includes, but is not limited to, the following steps: the cloud platform searches whether the registration information of the first user is included in the prestored registration information one by one according to the sequence of the registration information stored in the table 1, determines that the first user is the authorized user of the access control system if the registration information of the first user is found in the prestored registration information, continues to search whether the identification information corresponding to the first user includes the identification information of the first terminal device, and indicates that the first terminal device is the authorized terminal device of the access control system if the identification information of the first terminal device is found in the identification information corresponding to the first user.
For example, if the first terminal device is a smart phone and the uploaded identification information of the smart phone is an IMEI of the smart phone (the IMEI of the smart phone is 359XXXX), the registration information of the first user specifically includes: name sheet XX, serial number XXX, mobile phone number 176XX and identification number 411 XXXXXXX, and the current login user is the first user. When a user using the mobile phone clicks on an access control APP on the mobile phone to acquire access control access rights, the mobile phone sends the IMEI and the registration information of the first user to the access control server, and the access control server uploads the received access information to the cloud platform. If the cloud platform detects that the registration information of the jth user stored in the table 1 is: the name sheet XX, the serial number XXX, the mobile phone number 176XX and the identity card number 411 XXXXXXX indicate that the first user sheet XX is an authorized user of the access control system and registration is completed on the access control APP; if the identification information K (the identification information K is one of the identification information 1 to n) in the identification information of the terminal device corresponding to the first user XX in table 1 is the IMEI (359XXXX) of the mobile phone, it indicates that the first user XX is successfully registered in the first terminal device, and the first user XX currently logs in the first terminal device and sends access information.
Step 103: and when the access information is successfully compared with the pre-stored information, the server issues the access control authority information of the first user to the first terminal equipment.
It can be understood that the successful comparison between the access information and the pre-stored information means that the identification information of the first terminal device is found in the information storage table, and the first user is one of the N users corresponding to the identification information of the first terminal device.
Optionally, when the cloud platform issues the instruction that the information comparison is successful, the access control permission information corresponding to the first user is extracted from the information table, and the access control permission information is issued to the access control server, and the access control server is instructed to issue the access control permission information to the first terminal device.
Optionally, the cloud platform may store the access control permission information in a two-dimensional code, and issue the access control permission information to the first terminal device in the form of the two-dimensional code; or issuing the voice data to the first terminal equipment, wherein the entrance guard server stores the instruction corresponding to the voice data; optionally, the two-dimensional code or the voice data is set to have certain timeliness, and only the issued two-dimensional code or the voice data is used within a preset time range to have the access right.
For example, if the first user is the XX in step 101, it is known that the XX is a manager assistant, the access right of the XX is that a door of a manager office, a door of a conference room, and a door of an office area can be opened, and the issued two-dimensional code or voice data can open the door of the manager office, the door of the conference room, and the door of the office area.
Step 104: and the server instructs the entrance guard terminal equipment to execute corresponding operation according to the sent entrance guard permission information of the first user.
Optionally, if the cloud platform issues the access right information in the form of a two-dimensional code, as shown in fig. 1D, the two-dimensional code containing the access right information of the first user is received on an access APP interface of the first terminal device, where the two-dimensional code further contains identification information of the first terminal device. The user of the first terminal equipment receives the two-dimensional code, and then the two-dimensional code needs to be attached to the two-dimensional code scanning area of the access control system within a preset time, so that the access control authority information and the identification information in the two-dimensional code are sent to the access control server.
Further, after receiving the information in the two-dimensional code, the access control server detects whether the identification information of the terminal device sending the two-dimensional code is consistent with the identification information in the two-dimensional code, that is, detects whether the first terminal device receiving the access control permission of the first user and the terminal device sending the two-dimensional code are the same terminal device, instructs the access control terminal to open the access control terminal if two pieces of identification information are consistent, and sends prompt information of access failure to the terminal device sending the two-dimensional code information if two pieces of identification information are inconsistent.
Optionally, if the cloud platform issues the access control permission information in the form of voice data, as shown in fig. 1E, the voice data containing the access control permission information is received on an access control APP interface of the first terminal device, where the voice data further contains identification information of the first terminal device. After receiving the voice data, the user of the first terminal device needs to play the voice data close to the voice acquisition area of the access control system within a preset time, so as to send the access control permission information and the identification information in the voice data to the access control server.
For example, the issued access control permission information is XX access control permission information and is issued in the form of a two-dimensional code, and if the terminal device of the two-dimensional code close to the two-dimensional code scanning area of the access control system is the first terminal device, the access control server indicates that the access control terminal device opens a manager office door, a conference room door and an office area door for a user using the first terminal device.
Optionally, in an example, the method further includes:
if the server detects that the first user logs in the second terminal device, sending confirmation information allowing the first user to log in the second terminal device to the first terminal device;
allowing the first user to log in the second terminal device and storing the identification information of the second terminal device under the condition that the server receives the confirmation information of the first device;
and under the condition that the server detects that the first user logs in the second terminal device, determining that the first user cannot log in the first terminal device.
Optionally, when it is detected that the first user logs in the second terminal device (that is, when the registration information of the first user is correctly filled in the second terminal device), a prompt box for sending confirmation information pops up on a login interface of the second terminal device, and optionally, the prompt box is used for prompting the first user to select to send the confirmation information to the first terminal device or an access control administrator.
Further, if the user selects to send confirmation information to the first terminal device, the access control server sends a piece of confirmation information to the first terminal device, where the confirmation information is used to confirm whether the first user is allowed to log in the second terminal device, and if the access control server receives the confirmation information sent by the first terminal device, the first user is allowed to log in the second terminal device, and receives the identification information sent by the second terminal device, and the identification information and the registration information of the first user are correspondingly stored and uploaded to the cloud platform.
Further, when the first terminal device is lost or not in the vicinity of the user, the user may select to send confirmation information to an access control administrator, where the confirmation information is used to request the access control administrator to confirm whether the user is the first user, and if the access control server receives the confirmation information of the access control administrator, the first user is allowed to log in on the second terminal device, and receives the identification information sent by the second terminal device, and the identification information and the registration information of the first user are correspondingly stored and uploaded to the cloud platform.
Optionally, in an example, the method further includes:
if one of the access control systems is an authorized user which is no longer the authorized user of the access control system, for example, the user leaves work, moves home or leaves the country, and the like, the access control administrator only needs to input any one of the user registration information on the logout information interface of the access control APP, and click the logout confirmation button to logout the access control authority information which is used in the access control system.
It can be seen that, in this embodiment, after receiving an access request sent by any terminal device that has registered user information in the access control system, the server verifies the authenticity of the access request, and after verifying that the user is a registered user, issues an access right corresponding to a login user of the terminal device to the terminal device, and after receiving the access right information sent by the terminal device, the access control server detects whether the terminal device that sends the access right and the device that obtains the access right are the same device, thereby avoiding the reproduction of an access right event by copying authorization information, and this verification manner increases the security of the access control system. And after the verification is passed, the access control terminal equipment is instructed to execute the operation corresponding to the access control authority, so that all the access control terminal equipment in the server control system are realized, and the access requests of a plurality of terminal equipment are processed at the same time. Moreover, any terminal equipment only allows one user to register, and the safety of the access control system is further improved.
The embodiment of the present application also provides another more detailed method flow, as shown in fig. 2, the method includes:
step 201: and the server inputs the registration information and the access control authority information of all the users.
Step 202: and the terminal equipment uploads the registration information of the user and the identification information of the terminal equipment.
Step 203: and the server detects whether the registration information of all the users contains the registration information uploaded by the terminal equipment.
If yes, go to step 204;
if not, go to step 205.
Step 204: and the server stores the registration information of the user and the identification information of the terminal equipment.
Step 205: and the server sends prompt information of registration failure to the terminal equipment.
Step 206: and the terminal equipment sends the access information of the user to the server, wherein the access information comprises the registration information of the user and the identification information of the terminal equipment.
Step 207: and the server compares the access information with pre-stored information.
Step 208: the server detects whether the information comparison is successful.
If yes, go to step 209;
if not, go to step 210.
Step 209: and the server issues the access control authority information of the user to the terminal equipment, wherein the access control authority information of the user comprises the identification information of the terminal equipment.
Step 210: and the server sends prompt information of access failure to the terminal equipment.
Step 211: and the server detects whether the identification information of the terminal equipment which sends the access control authority information of the user is consistent with the identification information in the access control authority information of the user.
If yes, go to step 212;
if not, go to step 210.
Step 212: and the server instructs the access control terminal equipment to open the access control system.
The embodiment of the present application also provides another more detailed method flow, as shown in fig. 3, the method includes:
step 301: the server receives access information sent by the terminal equipment, wherein the access information comprises registration information of a login user and identification information of the terminal equipment.
Optionally, before the access control server receives the access information sent by the terminal device, the access control server executes step 101, enters information of authorized personnel, and executes the manner of storing the information in step 101, which is not described here.
Further, when any user registers information on the APP related to the access control system, the access control server executes the detection method in step 101, and after detecting that the registrant is an authorized user, issues a biological information acquisition instruction to the terminal device to acquire biological information of the registered user, where the biological information at least includes one of: after the step of acquiring the biological information is completed, the acquired biological information is uploaded to the access control server, which takes the fingerprint information as an example in this embodiment, but is not limited to the fingerprint information here.
Further, the method of receiving access information and storing information in step 101 is performed.
Step 302: and the server compares the identification information of the terminal equipment, the registration information of the login user and prestored information.
The login user is one of all users who successfully register.
Optionally, the method for performing information comparison in step 102 is described.
Step 303: and when the server detects that the identification information of the terminal equipment, the registration information of the login user and the pre-stored information are successfully compared, the server instructs the terminal equipment to acquire the biological information of the current user.
The current user is the user who uses the terminal equipment to obtain the access control authority currently, and the current user can be the login user or other users.
Optionally, in step 103, when the access control server finds the identification information of the end device in an information storage table, and the login user is one of the N users corresponding to the identification information of the terminal device, it is determined that the identification information of the terminal device, the registration information of the login user, and the pre-stored information are successfully compared.
Optionally, when receiving the instruction that the information comparison is successful, the access control server instructs the terminal device to acquire the fingerprint information of the current user.
Step 304: and the server compares the biological information of the current user with the pre-stored biological information of the login user.
Optionally, the biometric information comparison refers to a fingerprint information matching process, where the matching process is consistent with a process of unlocking by using a fingerprint of the current terminal device, and no excessive description is given here.
Step 305: and if the server detects that the comparison of the biological information is successful, issuing access control authority information corresponding to the login user to the terminal equipment, wherein the access control authority information comprises identification information of the terminal equipment and the biological information of the login user.
Optionally, the biometric information is successfully compared, that is, it is determined that the current user and the login user are the same user.
Optionally, the access control server stores the access control permission information, the terminal device identification information, and the fingerprint information of the login user in the two-dimensional code and issues the two-dimensional code by adopting the manner of issuing the access control permission in step 103.
Step 306: and the server compares the identification information of the terminal equipment which sends the access control permission information with the identification information in the access control permission information.
Optionally, the server executes the identification information comparison method in step 104, which is not described here.
Step 307: and if the server detects that the identification information is successfully compared, the server instructs the terminal equipment to acquire the biological information of the current user.
Optionally, the access control server detects that the identification information of the terminal device sending the access control permission (i.e., the terminal device with the two-dimensional code close to the scanning area) and the identification information in the access control permission information are the same identification information, which indicates that the terminal device sending the permission information and the terminal device obtaining the permission information are the same terminal device, and at this time, indicates that the terminal device collects the fingerprint information of the current user again.
Step 308: and the server compares the biological information of the current user with the biological information of the login user in the access control authority information.
Optionally, the server performs the fingerprint matching process in step 304.
Step 309: and if the server detects that the comparison is successful, indicating the access control terminal equipment to execute the operation corresponding to the access control authority information.
Optionally, the terminal device determines that the current user is the user obtaining the access control permission, and instructs the access control terminal device to execute the operation corresponding to the issued access control permission.
Therefore, the biological information verification mode is added in the embodiment, the occurrence of an event that other users acquire the access right after copying the access right information of the access right user is avoided, and the safety of the access control system is further improved.
The method of the embodiments of the present application is set forth above in detail and the apparatus of the embodiments of the present application is provided below.
Referring to fig. 4, fig. 4 is a terminal device 400 according to an embodiment of the present application, including: at least one processor, at least one memory, and at least one communication interface; and one or more programs;
the one or more programs are stored in the memory and configured to be executed by the processor, the programs including instructions for performing the steps of:
the method comprises the steps that a server receives access information sent by first terminal equipment, wherein the access information comprises registration information of a first user and identification information of the first terminal equipment;
the server compares the access information with pre-stored information;
when the access information is successfully compared with the pre-stored information, issuing the access control authority information of the first user to the first terminal equipment, wherein the access control authority information of the first user comprises identification information of the first terminal equipment;
and the server instructs the entrance guard terminal equipment to execute corresponding operation according to the sent entrance guard permission information of the first user.
In one example, the program is further for instructions to perform the steps of:
if the server detects that the first user logs in a second terminal device, authentication information is sent to the second terminal device;
and if the server detects that the verification information is correctly filled, storing the identification information of the second terminal equipment.
It should be noted that, the specific implementation manner of the content described in this embodiment may refer to the above method, and will not be described here.
The above description has introduced the solution of the embodiment of the present application mainly from the perspective of the method-side implementation process. It is understood that the terminal device includes hardware structures and/or software modules for performing the respective functions in order to implement the functions. Those of skill in the art would readily appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as hardware or combinations of hardware and computer software. Whether a function is performed as hardware or computer software drives hardware depends upon the particular application and design constraints imposed on the solution. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present application.
In the embodiment of the present application, the terminal device may be divided into the functional units according to the above method example, for example, each functional unit may be divided corresponding to each function, or two or more functions may be integrated into one processing unit. The integrated unit can be realized in a form of hardware, and can also be realized in a form of a software functional unit. It should be noted that the division of the unit in the embodiment of the present application is schematic, and is only a logic function division, and there may be another division manner in actual implementation.
In case of integrated units, fig. 5 shows a block diagram of a possible functional unit composition of the device involved in the above described embodiment. The apparatus 500 comprises: the processing unit 501 comprises a receiving unit 5011, an comparing unit 5012, a issuing unit 5013, an indicating unit 5014, an entering unit 5015 and an authenticating unit 5016. The storage unit 503 is used to store program codes and data of the terminal device. The communication unit 502 is used to support communication between the terminal device and other devices. Some of the units described above (the receiving unit 5011, the comparing unit 5012, the issuing unit 5013, the indicating unit 5014, the logging unit 5015 and the verifying unit 5016) are used to perform the relevant steps of the method described above.
The Processing Unit 501 may be a Processor or a controller (e.g., a Central Processing Unit (CPU), a general purpose Processor, a Digital Signal Processor (DSP), an Application-Specific Integrated Circuit (ASIC), a Field Programmable Gate Array (FPGA) or other Programmable logic device, a transistor logic device, a hardware component, or any combination thereof). The storage unit 503 may be a memory, and the communication unit 502 may be a transceiver, a transceiver circuit, a radio frequency chip, a communication interface, or the like.
The receiving unit 5011 is configured to receive access information sent by a first terminal device, where the access information includes registration information of a first user and identification information of the first terminal device;
a comparing unit 5012, configured to compare the access information with pre-stored information;
the issuing unit 5013 is configured to issue the access right information of the first user to the first terminal device when the access information is successfully compared with the pre-stored information;
the indicating unit 5014 is configured to indicate the access control terminal device to execute a corresponding operation according to the sent access control permission information of the first user.
In an example, before the receiving unit 5011 receives the access information sent by the first terminal device, the apparatus further includes:
the entry unit 5015 is specifically configured to enter information of an authorized user and access control permission information corresponding to the information of the authorized user, where the information of the authorized user and the access control permission information correspond to each other one by one;
receiving registration information of a registered user uploaded by any terminal equipment and identification information of the any terminal equipment;
if the information of the authorized user is detected to contain the registration information of the registered user, indicating the random terminal equipment to collect the biological information of the registered user;
and storing the registration information, the biological information and the identification information of the arbitrary terminal equipment of the registered user, wherein the registration information, the biological information and the identification information correspond to the registered user one by one.
In one example, the apparatus further comprises:
the verifying unit 5016 is specifically configured to send, to the first terminal device, confirmation information that allows the first user to log in the second terminal device if the server detects that the first user logs in the second terminal device;
allowing the first user to log in the second terminal device and storing the identification information of the second terminal device under the condition that the server receives the confirmation information of the first device;
and under the condition that the server detects that the first user logs in the second terminal device, determining that the first user cannot log in the first terminal device.
In an example, the alignment unit 5012 is specifically configured to:
detecting whether the pre-stored information contains the identification information of the first terminal equipment;
if the registration information of the registered user corresponding to the identification information of the first terminal equipment contains the identification information of the first terminal equipment, detecting whether the registration information of the registered user corresponding to the identification information of the first terminal equipment contains the registration information of the first user;
if the registration information of the first user is contained, the first terminal equipment is instructed to acquire the biological information of the current user;
and if the biological information of the current user is detected to be consistent with the biological information of the first user, confirming that the access information is successfully compared with the pre-stored information.
In one example, the indication unit 5014 is specifically configured to:
detecting whether identification information of a terminal device sending the access control authority information of a first user and identification information in the access control authority information of the first user are the same identification information or not;
if so, indicating the access control terminal equipment to execute the operation corresponding to the access control authority information of the first user;
and if not, sending prompt information of access failure to the terminal equipment which sends the access control authority information of the first user.
Embodiments of the present application also provide a computer storage medium, where the computer storage medium stores a computer program for electronic data exchange, and the computer program enables a computer to execute part or all of the steps of any one of the methods described in the above method embodiments, and the computer includes a terminal device.
Embodiments of the present application also provide a computer program product comprising a non-transitory computer readable storage medium storing a computer program operable to cause a computer to perform some or all of the steps of any of the methods as set out in the above method embodiments. The computer program product may be a software installation package, said computer comprising terminal equipment.
The steps of a method or algorithm described in the embodiments of the present application may be implemented in hardware, or may be implemented by a processor executing software instructions. The software instructions may be comprised of corresponding software modules that may be stored in Random Access Memory (RAM), flash Memory, Read Only Memory (ROM), Erasable Programmable ROM (EPROM), Electrically Erasable Programmable ROM (EEPROM), registers, a hard disk, a removable disk, a compact disc Read Only Memory (CD-ROM), or any other form of storage medium known in the art. An exemplary storage medium is coupled to the processor such the processor can read information from, and write information to, the storage medium. Of course, the storage medium may also be integral to the processor. The processor and the storage medium may reside in an ASIC. Additionally, the ASIC may reside in an access network device, a target network device, or a core network device. Of course, the processor and the storage medium may reside as discrete components in an access network device, a target network device, or a core network device.
Those skilled in the art will appreciate that in one or more of the examples described above, the functionality described in the embodiments of the present application may be implemented, in whole or in part, by software, hardware, firmware, or any combination thereof. When implemented in software, may be implemented in whole or in part in the form of a computer program product. The computer program product includes one or more computer instructions. When loaded and executed on a computer, cause the processes or functions described in accordance with the embodiments of the application to occur, in whole or in part. The computer may be a general purpose computer, a special purpose computer, a network of computers, or other programmable device. The computer instructions may be stored on a computer readable storage medium or transmitted from one computer readable storage medium to another, for example, from one website, computer, server, or data center to another website, computer, server, or data center via wire (e.g., coaxial cable, fiber optic, Digital Subscriber Line (DSL)) or wireless (e.g., infrared, wireless, microwave, etc.). The computer-readable storage medium can be any available medium that can be accessed by a computer or a data storage device, such as a server, a data center, etc., that incorporates one or more of the available media. The usable medium may be a magnetic medium (e.g., floppy Disk, hard Disk, magnetic tape), an optical medium (e.g., Digital Video Disk (DVD)), or a semiconductor medium (e.g., Solid State Disk (SSD)), among others.
The above-mentioned embodiments are intended to illustrate the objects, technical solutions and advantages of the embodiments of the present application in further detail, and it should be understood that the above-mentioned embodiments are only specific embodiments of the present application, and are not intended to limit the scope of the embodiments of the present application, and modifications and substitutions made on the basis of the technical solutions of the embodiments of the present application should be included in the scope of the embodiments of the present application.
Claims (7)
1. An access control method, comprising:
the method comprises the steps that a server receives access information sent by first terminal equipment, wherein the access information comprises registration information of a first user and identification information of the first terminal equipment;
the server compares the access information with pre-stored information;
if the access information is successfully compared with the prestored information, issuing access control authority information of the first user to the first terminal equipment, wherein the access control authority information comprises voice data, and the voice data comprises identification information of the first terminal equipment;
the server instructs the access control terminal device to execute corresponding operation according to the sent access control permission information of the first user, and the method specifically comprises the following steps: receiving the access permission information played by the first terminal device, and detecting whether the identification information of the terminal device playing the access permission information and the identification information in the access permission information of the first user are the same identification information; and if the first user access control permission information is not received, the access control terminal equipment is instructed to execute the operation corresponding to the access control permission information of the first user, and if the first user access control permission information is not received, prompt information of access failure is sent to the first terminal equipment which sends the access control permission information of the first user.
2. The method of claim 1, wherein before the server receives the access information sent by the first terminal device, the method further comprises:
the server inputs information of an authorized user and access control authority information corresponding to the information of the authorized user, wherein the information of the authorized user corresponds to the access control authority information one to one;
the server receives the registration information of the registered user uploaded by any terminal equipment and the identification information of the any terminal equipment;
if the server detects that the information of the authorized user comprises the registration information of the registered user, the server instructs any terminal equipment to collect the biological information of the registered user;
the server stores registration information, biological information and identification information of the registered user, wherein the registration information, the biological information and the identification information correspond to the registered user one by one.
3. The method of claim 1 or 2, wherein the server compares the access information with pre-stored information, comprising:
the server detects whether the pre-stored information contains the identification information of the first terminal equipment;
if the registration information of the registered user corresponding to the identification information of the first terminal equipment contains the identification information of the first terminal equipment, detecting whether the registration information of the registered user corresponding to the identification information of the first terminal equipment contains the registration information of the first user;
if the registration information of the first user is contained, the first terminal equipment is instructed to acquire the biological information of the current user;
and if the server detects that the biological information of the current user is consistent with the biological information of the first user, the server confirms that the access information is successfully compared with the pre-stored information.
4. The method of claim 3, further comprising:
if the server detects that the first user logs in the second terminal device, sending confirmation information allowing the first user to log in the second terminal device to the first terminal device;
allowing the first user to log in the second terminal device and storing the identification information of the second terminal device under the condition that the server receives the confirmation information of the first terminal device;
and under the condition that the server detects that the first user logs in the second terminal device, determining that the first user cannot log in the first terminal device.
5. An access control device, comprising:
a receiving unit, configured to receive access information sent by a first terminal device, where the access information includes registration information of a first user and identification information of the first terminal device;
the comparison unit is used for comparing the access information with pre-stored information;
the issuing unit is used for issuing the access permission information of the first user to the first terminal equipment if the access information is successfully compared with the prestored information, wherein the access permission information comprises voice data, and the voice data comprises identification information of the first terminal equipment;
the indicating unit is used for indicating the entrance guard terminal equipment to execute corresponding operation according to the sent entrance guard permission information of the first user, and is specifically used for: receiving the access permission information played by the first terminal device, and detecting whether the identification information of the terminal device playing the access permission information and the identification information in the access permission information of the first user are the same identification information; and if the first user access control permission information is not received, the access control terminal equipment is instructed to execute the operation corresponding to the access control permission information of the first user, and if the first user access control permission information is not received, prompt information of access failure is sent to the first terminal equipment which sends the access control permission information of the first user.
6. The apparatus of claim 5, further comprising:
the storage unit is used for inputting information of an authorized user and access control authority information corresponding to the information of the authorized user, and the information of the authorized user and the access control authority information correspond to each other one by one;
receiving registration information of a registered user uploaded by any terminal equipment and identification information of the any terminal equipment;
if the information of the authorized user is detected to contain the registration information of the registered user, indicating the random terminal equipment to collect the biological information of the registered user;
and storing the registration information, the biological information and the identification information of the arbitrary terminal equipment of the registered user, wherein the registration information, the biological information and the identification information correspond to the registered user one by one.
7. A computer-readable storage medium, characterized in that it stores a computer program for electronic data exchange, wherein the computer program causes a computer to perform the method according to any one of claims 1-4.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810039612.XA CN108305360B (en) | 2018-01-16 | 2018-01-16 | Access control method and related device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810039612.XA CN108305360B (en) | 2018-01-16 | 2018-01-16 | Access control method and related device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN108305360A CN108305360A (en) | 2018-07-20 |
| CN108305360B true CN108305360B (en) | 2021-06-15 |
Family
ID=62868981
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201810039612.XA Active CN108305360B (en) | 2018-01-16 | 2018-01-16 | Access control method and related device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN108305360B (en) |
Families Citing this family (16)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109389711A (en) * | 2018-08-31 | 2019-02-26 | 深圳壹账通智能科技有限公司 | Gate inhibition's unlocking method, device, equipment and medium based on living things feature recognition |
| CN109389720B (en) * | 2018-09-30 | 2021-04-09 | 珠海格力电器股份有限公司 | Intelligent door lock permission processing method and device |
| CN109493469A (en) * | 2018-10-15 | 2019-03-19 | 珠海格力电器股份有限公司 | A kind of authority setting method and management equipment of intelligent door lock |
| CN109461242A (en) * | 2018-12-28 | 2019-03-12 | 上海与德通讯技术有限公司 | A kind of access control method, device, terminal and storage medium |
| CN111862424A (en) * | 2019-04-11 | 2020-10-30 | 腾讯科技(深圳)有限公司 | Attendance management system, method, equipment and storage medium |
| CN111354095A (en) * | 2019-05-07 | 2020-06-30 | 深圳市鸿合创新信息技术有限责任公司 | Sign-in method, terminal and electronic equipment |
| CN110517378B (en) * | 2019-07-17 | 2022-06-28 | 重庆海尔空调器有限公司 | Method for vehicle sharing, mobile device and vehicle |
| CN110263769A (en) * | 2019-07-19 | 2019-09-20 | 广东工业大学 | A kind of identity information acquisition method and equipment |
| CN110570553A (en) * | 2019-08-09 | 2019-12-13 | 深圳市天彦通信股份有限公司 | Personnel management method and related device |
| CN110992554A (en) * | 2019-12-10 | 2020-04-10 | 温州市美拉五金有限公司 | Enterprise access control management method, device, equipment and medium |
| TWI757991B (en) * | 2020-11-27 | 2022-03-11 | 方碼科技有限公司 | Control system and control method |
| CN112967432B (en) * | 2021-02-22 | 2023-04-18 | 广州欧轩网络科技有限公司 | Gate passage reminding method and system |
| CN113793691A (en) * | 2021-09-17 | 2021-12-14 | 北京声智科技有限公司 | Questionnaire survey method, server and terminal equipment |
| CN114553474B (en) * | 2022-01-07 | 2023-11-03 | 南方电网数字平台科技(广东)有限公司 | Access control permission control method and device based on Internet of things |
| CN114637977A (en) * | 2022-01-26 | 2022-06-17 | 安徽点亮网络技术有限公司 | Account authority management method, system and device based on finger vein authentication |
| CN115550430B (en) * | 2022-09-19 | 2024-04-09 | 中国联合网络通信集团有限公司 | Monitoring method, platform, system and storage medium for door access abnormality |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP2008276633A (en) * | 2007-05-02 | 2008-11-13 | Fujitsu Fsas Inc | Attendance management system and attendance management method |
| CN101384052A (en) * | 2008-10-20 | 2009-03-11 | 深圳华为通信技术有限公司 | Authentication method, mobile terminal and server |
| CN103546294A (en) * | 2013-10-10 | 2014-01-29 | 小米科技有限责任公司 | Entrance guard authorization method, entrance guard authorization device and entrance guard authorization equipment |
| CN104157045A (en) * | 2014-07-07 | 2014-11-19 | 广东建邦计算机软件有限公司 | Entrance guard control method and system |
| CN205121729U (en) * | 2015-11-13 | 2016-03-30 | 西安科技大学 | Automatic locker |
Family Cites Families (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101826227A (en) * | 2010-04-30 | 2010-09-08 | 广州合立正通信息网络集成有限公司 | Triple-authentication gate control system and control method |
| CN205230158U (en) * | 2015-11-30 | 2016-05-11 | 刘奇 | Access control system based on two -dimensional code |
| CN105472037A (en) * | 2016-01-06 | 2016-04-06 | 深圳市呤云科技有限公司 | Method and device for opening entrance guard through scanning two-dimension code |
| CN205320109U (en) * | 2016-01-06 | 2016-06-15 | 深圳市呤云科技有限公司 | System for entrance guard is opened to scanning two -dimensional code |
| CN105719376B (en) * | 2016-01-22 | 2017-03-15 | 慧锐通智能科技股份有限公司 | A kind of access control system and method |
| CN106600776A (en) * | 2016-12-08 | 2017-04-26 | 宇龙计算机通信科技(深圳)有限公司 | Method and system of access control |
-
2018
- 2018-01-16 CN CN201810039612.XA patent/CN108305360B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP2008276633A (en) * | 2007-05-02 | 2008-11-13 | Fujitsu Fsas Inc | Attendance management system and attendance management method |
| CN101384052A (en) * | 2008-10-20 | 2009-03-11 | 深圳华为通信技术有限公司 | Authentication method, mobile terminal and server |
| CN103546294A (en) * | 2013-10-10 | 2014-01-29 | 小米科技有限责任公司 | Entrance guard authorization method, entrance guard authorization device and entrance guard authorization equipment |
| CN104157045A (en) * | 2014-07-07 | 2014-11-19 | 广东建邦计算机软件有限公司 | Entrance guard control method and system |
| CN205121729U (en) * | 2015-11-13 | 2016-03-30 | 西安科技大学 | Automatic locker |
Also Published As
| Publication number | Publication date |
|---|---|
| CN108305360A (en) | 2018-07-20 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108305360B (en) | Access control method and related device | |
| AU2016273888B2 (en) | Controlling physical access to secure areas via client devices in a networked environment | |
| US9503894B2 (en) | Symbiotic biometric security | |
| US10333980B2 (en) | Personal device network for user identification and authentication | |
| EP2888855B1 (en) | Systems and methods for lock access management using wireless signals | |
| US9451454B2 (en) | Mobile device identification for secure device access | |
| US11601429B2 (en) | Network service control for access to wireless radio networks | |
| CN109076070A (en) | For assisting the method and apparatus without friction two-factor authentication | |
| US10629012B1 (en) | Multi-factor authentication for vehicles | |
| US11271922B2 (en) | Method for authenticating a user and corresponding device, first and second servers and system | |
| US11871226B2 (en) | Method and system for providing location-aware multi-factor mobile authentication | |
| CN111176794A (en) | Container management method and device and readable storage medium | |
| US20180234418A1 (en) | Method and apparatus for facilitating access to publish or post utilizing frictionless two-factor authentication | |
| JP2019036091A (en) | Vehicle security system and vehicle security method | |
| CN110958234B (en) | Application login control method and device and storage medium | |
| KR102063569B1 (en) | Method and apparatus for controlling a door opening using a portable terminal | |
| US11095639B2 (en) | Methods, systems, and media for authenticating users using biometric signatures | |
| JP5004635B2 (en) | Authentication device, authentication system, broadcast device, authentication method, and broadcast method | |
| US20170366536A1 (en) | Credential Translation | |
| JP6381478B2 (en) | Biometric authentication system | |
| KR102346761B1 (en) | Method, device and system for authenticating of user in a cloud environment | |
| WO2018095184A1 (en) | Data interaction method and system | |
| KR20080040859A (en) | User authentication system using human body communication | |
| WO2019191362A1 (en) | Method and apparatus for facilitating frictionless two-factor authentication | |
| WO2019191394A1 (en) | Method and apparatus for facilitating authorization of a specified task via multi-stage and multi-level authentication processes utilizing frictionless two-factor authentication |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| CB02 | Change of applicant information | ||
| CB02 | Change of applicant information |
Address after: Room 1301, No.132 Fengqi Road, phase III, software park, Xiamen City, Fujian Province Applicant after: Xiamen Entropy Technology Co., Ltd Address before: 361000, Xiamen three software park, Fujian Province, 8 North Street, room 2001 Applicant before: XIAMEN ZKTECO BIOMETRIC IDENTIFICATION TECHNOLOGY Co.,Ltd. |
|
| GR01 | Patent grant | ||
| GR01 | Patent grant |