CN113076536A - PSAM card online authorization authentication method, device and system - Google Patents
PSAM card online authorization authentication method, device and system Download PDFInfo
- Publication number
- CN113076536A CN113076536A CN202110210416.6A CN202110210416A CN113076536A CN 113076536 A CN113076536 A CN 113076536A CN 202110210416 A CN202110210416 A CN 202110210416A CN 113076536 A CN113076536 A CN 113076536A
- Authority
- CN
- China
- Prior art keywords
- authentication
- authorization
- psam
- psam card
- key data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000013475 authorization Methods 0.000 title claims abstract description 165
- 238000000034 method Methods 0.000 title claims abstract description 52
- 230000006855 networking Effects 0.000 claims abstract description 5
- 238000004590 computer program Methods 0.000 claims description 13
- 238000012795 verification Methods 0.000 claims description 11
- 238000004891 communication Methods 0.000 claims description 10
- 238000011084 recovery Methods 0.000 claims description 2
- 230000001737 promoting effect Effects 0.000 abstract 1
- 238000010586 diagram Methods 0.000 description 12
- 230000006870 function Effects 0.000 description 7
- 230000008878 coupling Effects 0.000 description 3
- 238000010168 coupling process Methods 0.000 description 3
- 238000005859 coupling reaction Methods 0.000 description 3
- 230000008569 process Effects 0.000 description 3
- 238000012545 processing Methods 0.000 description 3
- 230000006872 improvement Effects 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000000750 progressive effect Effects 0.000 description 2
- 102100041003 Glutamate carboxypeptidase 2 Human genes 0.000 description 1
- 101000892862 Homo sapiens Glutamate carboxypeptidase 2 Proteins 0.000 description 1
- 108010001267 Protein Subunits Proteins 0.000 description 1
- 230000002159 abnormal effect Effects 0.000 description 1
- 239000007795 chemical reaction product Substances 0.000 description 1
- 239000000463 material Substances 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 229920001481 poly(stearyl methacrylate) Polymers 0.000 description 1
- GOLXNESZZPUPJE-UHFFFAOYSA-N spiromesifen Chemical compound CC1=CC(C)=CC(C)=C1C(C(O1)=O)=C(OC(=O)CC(C)(C)C)C11CCCC1 GOLXNESZZPUPJE-UHFFFAOYSA-N 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/45—Structures or tools for the administration of authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/45—Structures or tools for the administration of authentication
- G06F21/46—Structures or tools for the administration of authentication by designing passwords or checking the strength of passwords
Abstract
The invention provides a PSAM card online authorization authentication method, a device and a system, wherein the method comprises the following steps: inquiring the remaining authorized times from the counter according to the authentication request of the PSAM card received from the lane charging terminal; when the remaining authorization times are not lower than a preset value, generating authentication key data for the PSAM card and returning the authentication key data to the lane toll terminal so that the lane toll terminal authenticates the PSAM card by using the authentication key data; and receiving the authentication success information returned by the lane charging terminal, and subtracting 1 from the authorized times of the PSAM card in the counter. The application mode of PSAM card has been changed in this application, and power on can change the available mode into just available mode behind the networking authentication with original PSAM card, guarantee to use the PSAM card only in legal environment, realized promoting the function of ETC transaction security.
Description
Technical Field
The application belongs to the technical field of ETC engineering, and particularly relates to a PSAM card online authorization authentication method, device and system.
Background
In order to secure rapid traffic on a highway, a PSAM card is currently used as a medium for storing a transaction key in a lane tolling system. When the automobile enters and exits the entrance of the expressway, the held ETC user card can complete the functions of information updating, fee deduction transaction and the like only by interacting with the PSAM card of the lane charging system, and network communication with the outside is not needed.
Therefore, the existing highway lane toll system only deploys a toll industrial personal computer and a card reader, and a PSAM card is arranged in the card reader. When a highway owner needs to open a new toll road section, the highway owner needs to apply for a new PSAM card to an upper-level key management unit, and then the highway owner needs to handover the PSAM card to a specified place.
In the above-described conventional transaction mode, the usage environment of the PSAM card is an offline environment, and the usage of the PSAM card poses the following security risks because it is not limited:
1. the PSAM card can not be monitored on line, and the management centers at all levels can not acquire the application state of the PSAM card in real time and can not realize real-time management.
2. The existing PSAM card is ready for use when being plugged, no requirement is imposed on the use environment, and when a lawless person obtains the PSAM card, the lawless person can modify the information of the ETC card by using the PSAM card, such as maliciously deducting the balance of the ETC card and a wallet.
3. The lost PSAM card can not be invalidated in time and can still be continuously used after being picked up, thereby causing security management loopholes.
Disclosure of Invention
The application provides a PSAM card online authorization authentication method, device and system, which are used for at least solving the problem that the existing PSAM card can be used offline to bring security risk.
The application provides a PSAM card online authorization authentication method by taking a PSAM authorization device end as an execution main body, which comprises the following steps:
inquiring the remaining authorized times from the counter according to the authentication request of the PSAM card received from the lane charging terminal;
when the remaining authorization times are not lower than a preset value, generating authentication key data for the PSAM card and returning the authentication key data to the lane toll terminal so that the lane toll terminal authenticates the PSAM card by using the authentication key data;
and receiving the authentication success information returned by the lane charging terminal, and subtracting 1 from the authorized times of the PSAM card in the counter.
In one embodiment, the PSAM card online authorization authentication method further includes:
and when the remaining authorized times are lower than the preset value, sending a reset time application to the management terminal.
In one embodiment, generating authentication key data for a PSAM card includes:
acquiring ID information of a PSAM card;
and encrypting the ID information and the random number generated by the lane charging terminal by using the local root key to obtain authentication key data.
According to another aspect of the present application, in view of the above method, a PSAM authorization apparatus is taken as an execution subject, and a corresponding apparatus is further provided, including:
an authorized times inquiry unit for inquiring the remaining authorized times from the counter according to the authentication request of the PSAM card received from the lane charging terminal;
the authentication key data generation unit is used for generating authentication key data for the PSAM card and returning the authentication key data to the lane toll terminal when the remaining authorized times are not lower than a preset value, so that the lane toll terminal authenticates the PSAM card by using the authentication key data;
and the authorized times re-counting unit is used for receiving the authentication success information returned by the lane toll terminal and subtracting 1 from the authorized times of the PSAM card in the counter.
In one embodiment, the PSAM card online authorization and authentication apparatus further includes:
and the resetting frequency application unit is used for sending a resetting frequency application to the management terminal when the remaining authorized frequency is lower than a preset value.
In one embodiment, the authentication key data generation unit includes:
the ID information acquisition module is used for acquiring the ID information of the PSAM card;
and the encryption module is used for encrypting the ID information and the random number generated by the lane charging end by using the local root key to obtain authentication key data.
In addition, in the second case, the management end is used as an execution subject, and the application provides an online authorization authentication method for a PSAM card, including:
acquiring the authorization times recorded in the PSAM card according to the reset time application received from the PSAM authorization device; the PSAM authorization device comprises a counter, wherein the counter records the authorization times of the PSAM card;
and recovering the authorization times of the counter according to the authorization times so that the PSAM card can carry out online authentication.
Corresponding to the method, the management end is taken as an execution main body, and the application also provides a corresponding device, which comprises the following steps:
the random number decryption unit is used for decrypting the authentication key data sent by the PSAM authorization device by using the local key to obtain a random number;
a random number verification unit for verifying the random number;
and the authentication success unit is used for generating authentication success information and returning the authentication success information to the PSAM authorization device if the verification is passed.
According to a third aspect of the present application, there is provided a PSAM card authentication and authorization method using a lane toll gate as an execution subject, including:
decrypting the authentication key data sent by the PSAM authorization device by using the local key to obtain a random number;
verifying the random number;
and if the verification is passed, generating authentication success information and returning the authentication success information to the PSAM authorization device.
Aiming at the method, the application also provides a PSAM card authentication and authorization device taking a lane toll terminal as an execution subject, which comprises the following steps:
the random number decryption unit is used for decrypting the authentication key data sent by the PSAM authorization device by using the local key to obtain a random number;
a random number verification unit for verifying the random number;
and the authentication success unit is used for generating authentication success information and returning the authentication success information to the PSAM authorization device if the verification is passed.
In summary, the present application also provides a PSAM card authorization and authentication system, including:
the system comprises an online authorization authentication device applied to a PSAM authorization device end, an online authorization authentication device applied to a lane charging end and an online authorization authentication device applied to a management end;
the online authorization authentication device applied to the PSAM authorization device end is in communication connection with the online authorization authentication device applied to the lane charging end and the online authorization authentication device applied to the management end respectively, and the PSAM card needs to operate in a networking state in an online authorization authentication system.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.
Fig. 1 is a flowchart of a PSAM card online authorization and authentication method using a PSAM authorization device as an execution subject according to the present application.
Fig. 2 is a flowchart of a method for generating authentication key data for a PSAM card in an embodiment of the present application.
Fig. 3 is a flowchart of a PSAM card online authorization authentication method using a management end as an execution subject according to the present application.
Fig. 4 is a flowchart of a PSAM card online authorization authentication method implemented by a lane charging system according to the present invention.
Fig. 5 is a block diagram of a PSAM card online authorization and authentication apparatus using a PSAM authorization apparatus as an execution subject according to the present application.
Fig. 6 is a block diagram of a structure of an authentication key data generation unit in the embodiment of the present application.
Fig. 7 is a block diagram of a PSAM card online authorization and authentication apparatus using a management side as an execution subject according to the present application.
Fig. 8 is a block diagram of an online authorization and authentication device with a lane charging system as an execution subject according to the present application.
Fig. 9 is a schematic diagram of a PSAM card online authorization and authentication system provided in the present application.
Fig. 10 is a schematic structural diagram of an electronic device suitable for implementing an embodiment of the present application.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
In the prior art, the usage environment of the PSAM card is an offline environment, and the use of the PSAM card is not limited, so that some risks are brought, for example, the PSAM card cannot be monitored online, the PSAM card is ready to be plugged, the usage environment is not required, and the lost PSAM card cannot be invalidated in time, so that security management vulnerabilities are caused.
Based on the above problems, the application provides a method, a device and a system for online authorization and authentication of a PSAM card, so as to at least solve the problem that the existing PSAM card can be used offline to bring security risk.
With a PSAM authorization device end as an execution subject, the present application provides a PSAM card online authorization authentication method, as shown in fig. 1, including:
s101: the remaining number of authorizeable times is inquired from the counter according to the authentication request of the PSAM card received from the lane tollgate.
S102: and when the remaining authorized times are not lower than a preset value, generating authentication key data for the PSAM card and returning the authentication key data to the lane toll terminal so that the lane toll terminal authenticates the PSAM card by using the authentication key data.
S103: and receiving the authentication success information returned by the lane charging terminal, and subtracting 1 from the authorized times of the PSAM card in the counter.
The PSAM authorization device performs one-time authorization service for each pair of PSAM cards in the lane charging system, and the authorization times of the authorization device are automatically reduced by one. When the remaining authorized times are reduced to a certain threshold value, the authorization device automatically applies an authorization time reset service to the management center system, and after the management center system verifies that the authorization device is legal, a reset instruction is issued to reset the authorized times of the authorization device to the maximum legal times. The lane charging system needs to sign in to the authorization device regularly, and application information of the PSAM card is submitted to the central system for monitoring the use state of the PSAM card.
In one embodiment, the lane toll system (the card reader of the lane toll system is provided with a PSAM card) is networked with the PSAM authorization device, and the network initiates a 'PSAM authentication request' to the PSAM authorization device. When the PSAM authorization device receives the authentication application, whether the corresponding authorized times of the PSAM card is 0 times or not is inquired from a counter of the PSAM authorization device, if not, the authentication key data is calculated for the PSAM card and sent back to a lane charging system, the lane charging system receives the PSAM authentication key data and then executes an external instruction, the lane charging system returns the execution result of the instruction to the PSAM authorization device, and if the instruction is successfully executed, the authorized times of the PSAM card in the counter of the PSAM authorization device is reduced by 1.
In one embodiment, the PSAM card online authorization authentication method further includes:
and when the remaining authorized times are lower than the preset value, sending a reset time application to the management terminal.
In one embodiment, generating authentication key data for a PSAM card, as shown in fig. 2, includes:
s201: and acquiring the ID information of the PSAM card.
S202: and encrypting the ID information and the random number generated by the lane charging terminal by using the local root key to obtain authentication key data.
In one embodiment, the PSAM authorization device obtains ID information (such as a card number) of the PSAM card, the lane toll terminal generates a random number and transmits the random number to the PSAM authorization device, and the PSAM authorization device encrypts the ID information and the random number to generate authentication key data and transmits the authentication key data to the lane toll system.
The execution main body of the method shown in fig. 1 and fig. 2 can be a server, a PC, a terminal, etc., by upgrading a PSAM card, an external authentication key data is added, when the PSAM card is plugged for use, external authentication is required to be performed through networking, the PSAM card can be used only after authentication is successful, meanwhile, a PSAM authorization device is added to the improvement point, the authorization device is provided with an authorization counter, when the authorization times in the authorization counter are 0, the PSAM authorization device applies authorization recovery to a management center system, the application mode of the PSAM card is changed, the mode that the original PSAM card can be used after being powered on is changed into the mode that the PSAM card can be used after networking authentication, the PSAM card can be used only in a legal environment, and the function of improving the security of ETC transaction is realized.
With the management end as the execution subject, the present application further provides a PSAM card online authorization authentication method, as shown in fig. 3, including:
s301: and acquiring the authorization times recorded in the PSAM card according to the reset time application received from the PSAM authorization device. The PSAM authorization device comprises a counter, and the counter records the authorization times of the PSAM card.
S302: and recovering the authorization times of the counter according to the authorization times so that the PSAM card can carry out online authentication.
In a specific embodiment, when the number of times of authorization in the counter of the PSAM authorization device is 0, a reset number application is sent to the management center system, the management center system obtains the original number of times of authorization of the PSAM card from the counter of the PSAM authorization device, for example, the original number of times of authorization is N, and then the management center system restores the number of times of authorization of the counter of the PSAM authorization system to N.
The present application also provides a PSAM card authentication and authorization method using a lane toll terminal as an execution subject, as shown in fig. 4, including:
s401: and decrypting the authentication key data sent by the PSAM authorization device by using the local key to obtain the random number.
S402: the random number is verified.
S403: and if the verification is passed, generating authentication success information and returning the authentication success information to the PSAM authorization device.
In a specific embodiment, the lane charging system first reads information such as a card number and a terminal number of a PSMA card in a reader-writer to generate an authentication request and sends the authentication request to a PSAM authorization device so that the authorization device generates authentication key data, after receiving the authentication key data sent by the PSAM authorization device, the lane charging system decrypts the authentication key data by using a key to obtain a random number in the authentication key data, compares the random number with a previously generated random number to obtain a comparison result, if the comparison result is consistent, the authentication is successful, generates authentication success information and returns the authentication success information to the PSAM authorization device, and after receiving the authentication success information, the PSAM authorization device performs operation of deducting the authorization times.
Based on the same inventive concept, the embodiment of the present application further provides a device for authenticating online authorization of a PSAM card, which can be used to implement the method described in the above embodiment, as described in the following embodiment. Because the principle of the problem solving of the online authorization and authentication device for the PSAM card is similar to that of the online authorization and authentication method for the PSAM card, the implementation of the online authorization and authentication device for the PSAM card can refer to the implementation of the online authorization and authentication method for the PSAM card, and repeated details are not repeated. As used hereinafter, the term "unit" or "module" may be a combination of software and/or hardware that implements a predetermined function. While the system described in the embodiments below is preferably implemented in software, implementations in hardware, or a combination of software and hardware are also possible and contemplated.
According to another aspect of the present application, there is also provided an authorization and authentication apparatus with a PSAM authorization apparatus side as an execution subject, as shown in fig. 5, including:
an authorized times inquiry unit 601, configured to inquire the remaining authorized times from the counter according to the authentication request of the PSAM card received from the lane tollgate.
And an authentication key data generation unit 602, configured to generate authentication key data for the PSAM card and return the authentication key data to the lane tollgate when the remaining authorized times are not lower than the preset value, so that the lane tollgate authenticates the PSAM card using the authentication key data.
And an authorized times re-counting unit 603, configured to receive the authentication success information returned by the lane toll terminal, and subtract 1 from the authorized times of the PSAM card in the counter.
In one embodiment, the PSAM card online authorization and authentication apparatus further includes:
and the resetting frequency application unit is used for sending a resetting frequency application to the management terminal when the remaining authorized frequency is lower than a preset value.
In one embodiment, as shown in fig. 6, the authentication key data generation unit 602 includes:
an ID information obtaining module 701, configured to obtain ID information of a PSAM card;
and the encryption module 702 is configured to encrypt the ID information and the random number generated by the lane charging end by using the local root key to obtain authentication key data.
With the management end as the execution subject, the authorization and authentication device provided by the present application, as shown in fig. 7, includes:
and a random number decryption unit 801 configured to decrypt, using the local key, the authentication key data sent by the PSAM authorization apparatus to obtain a random number.
A random number verifying unit 802, configured to verify a random number.
And an authentication success unit 803, configured to generate an authentication success message and return the authentication success message to the PSAM authorization apparatus if the verification passes.
The present application also provides a PSAM card authentication and authorization apparatus using a lane toll gate as an execution subject, as shown in fig. 8, including:
a random number decryption unit 901, configured to decrypt, with the local key, the authentication key data sent by the PSAM authorization apparatus to obtain a random number.
A random number verifying unit 902, configured to verify the random number.
And an authentication success unit 903, configured to generate an authentication success message and return the authentication success message to the PSAM authorization apparatus if the verification passes.
As shown in fig. 9, a PSAM card authorization and authentication system provided by the present application includes:
the system comprises a lane charging system, wherein a PSAM card is arranged in a reader-writer of the lane charging system, the lane charging system is in communication connection with a PSAM authorization device, and the PSAM authorization device is connected with a management center system through a network.
Compared with the prior art, the application has the following advantages:
1. the PSAM card can be used only after online authorization, so that the problem that the PSAM card is illegally used under the condition of power failure after being lost is solved.
2. A PSAM authorization device is deployed in a charging network, a limited number of offline authorization modes are adopted, a PSAM card can be authorized as usual under the condition of network disconnection, and the influence of network communication conditions on normal highway services is avoided.
3. The method can monitor the application condition of the PSAM card on the highway in real time and send out warning to abnormal conditions in time. And the management center can manage the grey list of the issued PSAM card and forbid the use of illegal PSAM cards in time.
An embodiment of the present application further provides a specific implementation manner of an electronic device capable of implementing all steps in the method in the foregoing embodiment, and referring to fig. 10, the electronic device specifically includes the following contents:
a processor (processor)1101, a memory 1102, a Communications Interface 1103, a bus 1104, and a non-volatile memory 1105;
the processor 1101, the memory 1102 and the communication interface 1103 complete mutual communication through the bus 1104;
the processor 1101 is configured to call the computer programs in the memory 1102 and the nonvolatile memory 1105, and when the processor executes the computer programs, the processor implements all the steps in the method in the foregoing embodiments, for example, when the processor executes the computer programs, the processor implements the following steps:
s101: the remaining number of authorizeable times is inquired from the counter according to the authentication request of the PSAM card received from the lane tollgate.
S102: and when the remaining authorized times are not lower than a preset value, generating authentication key data for the PSAM card and returning the authentication key data to the lane toll terminal so that the lane toll terminal authenticates the PSAM card by using the authentication key data.
S103: and receiving the authentication success information returned by the lane charging terminal, and subtracting 1 from the authorized times of the PSAM card in the counter.
Embodiments of the present application also provide a computer-readable storage medium capable of implementing all the steps of the method in the above embodiments, where the computer-readable storage medium stores thereon a computer program, and the computer program when executed by a processor implements all the steps of the method in the above embodiments, for example, the processor implements the following steps when executing the computer program:
s101: the remaining number of authorizeable times is inquired from the counter according to the authentication request of the PSAM card received from the lane tollgate.
S102: and when the remaining authorized times are not lower than a preset value, generating authentication key data for the PSAM card and returning the authentication key data to the lane toll terminal so that the lane toll terminal authenticates the PSAM card by using the authentication key data.
S103: and receiving the authentication success information returned by the lane charging terminal, and subtracting 1 from the authorized times of the PSAM card in the counter.
The embodiments in the present specification are described in a progressive manner, and the same and similar parts among the embodiments are referred to each other, and each embodiment focuses on the differences from the other embodiments. In particular, for the hardware + program class embodiment, since it is substantially similar to the method embodiment, the description is simple, and the relevant points can be referred to the partial description of the method embodiment. Although embodiments of the present description provide method steps as described in embodiments or flowcharts, more or fewer steps may be included based on conventional or non-inventive means. The order of steps recited in the embodiments is merely one manner of performing the steps in a multitude of orders and does not represent the only order of execution. When an actual apparatus or end product executes, it may execute sequentially or in parallel (e.g., parallel processors or multi-threaded environments, or even distributed data processing environments) according to the method shown in the embodiment or the figures. The terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, the presence of additional identical or equivalent elements in a process, method, article, or apparatus that comprises the recited elements is not excluded. For convenience of description, the above devices are described as being divided into various modules by functions, and are described separately. Of course, in implementing the embodiments of the present description, the functions of each module may be implemented in one or more software and/or hardware, or a module implementing the same function may be implemented by a combination of multiple sub-modules or sub-units, and the like. The above-described embodiments of the apparatus are merely illustrative, and for example, the division of the units is only one logical division, and other divisions may be realized in practice, for example, a plurality of units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, devices or units, and may be in an electrical, mechanical or other form. The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks. As will be appreciated by one skilled in the art, embodiments of the present description may be provided as a method, system, or computer program product. Accordingly, embodiments of the present description may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, embodiments of the present description may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and so forth) having computer-usable program code embodied therein. The embodiments in the present specification are described in a progressive manner, and the same and similar parts among the embodiments are referred to each other, and each embodiment focuses on the differences from the other embodiments. In particular, for the system embodiment, since it is substantially similar to the method embodiment, the description is simple, and for the relevant points, reference may be made to the partial description of the method embodiment. In the description herein, references to the description of the term "one embodiment," "some embodiments," "an example," "a specific example," or "some examples," etc., mean that a particular feature, structure, material, or characteristic described in connection with the embodiment or example is included in at least one embodiment or example of an embodiment of the specification. In this specification, the schematic representations of the terms used above are not necessarily intended to refer to the same embodiment or example. Furthermore, various embodiments or examples and features of different embodiments or examples described in this specification can be combined and combined by one skilled in the art without contradiction. The above description is only an example of the embodiments of the present disclosure, and is not intended to limit the embodiments of the present disclosure. Various modifications and variations to the embodiments described herein will be apparent to those skilled in the art. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of the embodiments of the present specification should be included in the scope of the claims of the embodiments of the present specification.
Claims (13)
1. A PSAM card online authorization authentication method is characterized by comprising the following steps:
inquiring the remaining authorized times from the counter according to the authentication request of the PSAM card received from the lane charging terminal;
when the remaining authorized times are not lower than a preset value, generating authentication key data for the PSAM card and returning the authentication key data to a lane toll terminal so that the lane toll terminal authenticates the PSAM card by using the authentication key data;
and receiving authentication success information returned by the lane charging terminal, and subtracting 1 from the authorized times of the PSAM card in the counter.
2. The PSAM card online authorization authentication method of claim 1, further comprising:
and when the remaining authorized times are lower than the preset value, sending a reset time application to the management terminal.
3. The PSAM card online authorization authentication method according to claim 1, wherein the generating authentication key data for the PSAM card comprises:
acquiring the ID information of the PSAM card;
and encrypting the ID information and the random number generated by the lane charging terminal by using a local root key to obtain the authentication key data.
4. A PSAM card online authorization authentication method is characterized by comprising the following steps:
acquiring the authorization times recorded in the PSAM card according to the reset time application received from the PSAM authorization device; the PSAM authorization device comprises a counter, and the counter records the authorization times of the PSAM card;
and recovering the authorization times of the counter according to the authorization times so that the PSAM authorization device can perform online authentication on the PSAM card according to the received authentication request and deduct the authorization times in the counter after receiving the authentication success information.
5. A PSAM card online authorization authentication method is characterized by comprising the following steps:
sending an authentication request to a PSAM authorization device so that the PSAM authorization device generates authentication key data according to the authentication request;
decrypting the authentication key data sent by the PSAM authorization device by using the local key to obtain a random number;
verifying the random number;
and if the verification is passed, generating authentication success information and returning the authentication success information to the PSAM authorization device.
6. A PSAM card online authorization and authentication device, comprising:
an authorized times inquiry unit for inquiring the remaining authorized times from the counter according to the authentication request of the PSAM card received from the lane charging terminal;
the authentication key data generation unit is used for generating authentication key data for the PSAM card and returning the authentication key data to a lane charging end when the remaining authorized times are not lower than a preset value, so that the lane charging end authenticates the PSAM card by using the authentication key data;
and the authorized times re-counting unit is used for receiving the authentication success information returned by the lane charging end and subtracting 1 from the authorized times of the PSAM card in the counter.
7. The PSAM card online authorization authentication device of claim 6, further comprising:
and the resetting frequency application unit is used for sending a resetting frequency application to the management terminal when the remaining authorized frequency is lower than a preset value.
8. The PSAM card online authorization authentication device of claim 6, wherein the authentication key data generation unit includes:
the ID information acquisition module is used for acquiring the ID information of the PSAM card;
and the encryption module is used for encrypting the ID information and the random number generated by the lane charging end by using a local root key to obtain the authentication key data.
9. A PSAM card online authorization and authentication device, comprising:
the authorization time acquiring unit is used for acquiring the authorization times recorded in the PSAM card according to the reset time application received from the PSAM authorization device; the PSAM authorization device comprises a counter, and the counter records the authorization times of the PSAM card;
and the authorization time number recovery unit is used for recovering the authorization time number of the counter according to the authorization time number, so that the PSAM authorization device can perform online authentication on the PSAM card according to the received authentication request, and deduct the authorization time number in the counter after receiving the authentication success information.
10. A PSAM card online authorization and authentication device, comprising:
an authentication request sending unit, configured to send an authentication request to a PSAM authorization apparatus, so that the PSAM authorization apparatus generates authentication key data according to the authentication request;
the random number decryption unit is used for decrypting the authentication key data sent by the PSAM authorization device by using the local key to obtain a random number;
a random number verification unit for verifying the random number;
and the authentication success unit is used for generating authentication success information and returning the authentication success information to the PSAM authorization device if the verification is passed.
11. An electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, wherein the processor implements the steps of the PSAM card online authorization authentication method of any of claims 1 to 5 when executing the program.
12. A computer-readable storage medium, on which a computer program is stored, which, when being executed by a processor, carries out the steps of the PSAM card online authorization authentication method of any of claims 1 to 5.
13. A PSAM card online authorization and authentication system, comprising:
the system comprises a first online authorization authentication device applied to a PSAM authorization device end, a second online authorization authentication device applied to a lane charging end and a third online authorization authentication device applied to a management end;
the first online authorization and authentication device is in communication connection with the second online authorization and authentication device and the third online authorization and authentication device respectively, and the PSAM card online authorization and authentication system needs to operate in a networking state.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110210416.6A CN113076536A (en) | 2021-02-25 | 2021-02-25 | PSAM card online authorization authentication method, device and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110210416.6A CN113076536A (en) | 2021-02-25 | 2021-02-25 | PSAM card online authorization authentication method, device and system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN113076536A true CN113076536A (en) | 2021-07-06 |
Family
ID=76609712
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110210416.6A Pending CN113076536A (en) | 2021-02-25 | 2021-02-25 | PSAM card online authorization authentication method, device and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113076536A (en) |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104348820A (en) * | 2013-08-08 | 2015-02-11 | 北大方正集团有限公司 | Server, terminal and digital copyright protection content forwarding method |
| CN105894076A (en) * | 2014-12-15 | 2016-08-24 | 璁镐赴 | Credible authentication interconnection and intercommunication PSAM card |
| CN111899368A (en) * | 2020-08-28 | 2020-11-06 | 华宇智联(广州)信息科技有限公司 | ETC fee deduction system fee deduction method based on remote deployment of PSAM card, ETC fee deduction control device and system |
-
2021
- 2021-02-25 CN CN202110210416.6A patent/CN113076536A/en active Pending
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104348820A (en) * | 2013-08-08 | 2015-02-11 | 北大方正集团有限公司 | Server, terminal and digital copyright protection content forwarding method |
| CN105894076A (en) * | 2014-12-15 | 2016-08-24 | 璁镐赴 | Credible authentication interconnection and intercommunication PSAM card |
| CN111899368A (en) * | 2020-08-28 | 2020-11-06 | 华宇智联(广州)信息科技有限公司 | ETC fee deduction system fee deduction method based on remote deployment of PSAM card, ETC fee deduction control device and system |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| JP4061270B2 (en) | Secure method and system for determining pricing and ensuring privacy | |
| CN106656488B (en) | Key downloading method and device for POS terminal | |
| CN103714633A (en) | Method and POS terminal for safely generating transmission key | |
| EP1863308A1 (en) | Data communication system, alternate system server, computer program, and data communication method | |
| KR19990072922A (en) | Device authentication and encrypted commu- nication system offering increased security | |
| KR101509585B1 (en) | Counterfeiting preventing appratus, user device, method and system for mobile application | |
| CN101771680B (en) | Method for writing data to smart card, system and remote writing-card terminal | |
| CN105162607A (en) | Authentication method and system of payment bill voucher | |
| CN111914293A (en) | Data access authority verification method and device, computer equipment and storage medium | |
| CN110659899B (en) | Offline payment method, device and equipment | |
| CN112669104A (en) | Data processing method of rental equipment | |
| CN102202057B (en) | System and method for safely dumping data of mobile memory | |
| CN113077558B (en) | PSAM card two-stage online authorization authentication method, device and system | |
| CN112383577A (en) | Authorization method, device, system, equipment and storage medium | |
| CN109102575B (en) | Method and system for realizing post-payment electronic ticket | |
| CN113076536A (en) | PSAM card online authorization authentication method, device and system | |
| CN105959249A (en) | Method and system for management of electronic device | |
| CN115776396A (en) | Data processing method and device, electronic equipment and storage medium | |
| JP5489913B2 (en) | Portable information device and encrypted communication program | |
| Bar-El | Intra-vehicle information security framework | |
| CN114662140A (en) | System and method for anonymous disclosure and many-to-many admission allowing identity confirmation based on block chain | |
| KR102145529B1 (en) | Payment method using mobile application and device for the same | |
| KR101902990B1 (en) | Pass card issue and operating system by using security module and method thereof | |
| KR20160137082A (en) | Method for distributing encrypt key, card reader and system for distributing encrypt key thereof | |
| JP2002352146A (en) | Method, system and program for charging contents parts and storage medium with contents parts charging program stored therein |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |