The utility model content
The utility model provides a kind of access control system, and the technical matters that solve is how a kind of safe access control system is provided.
For solving the problems of the technologies described above, the utility model provides following technical scheme:
A kind of access control system comprises
Portable terminal comprises:
Storage card, storage is for the production of the identify label of this authentication information;
Processor links to each other with described processor, generates described authentication information according to the identify label of described storage card;
Transmitter links to each other with described processor, sends described authentication information;
Server links to each other with described portable terminal, and the authentication information that is used for receiving sends;
Access controller links to each other with described server, is used for the authentication information that receives is verified, is verified the result, and according to the result, the on off state of access control lock.
Preferably, described system also has following features: described system also comprises access card and card reader, wherein
Access card is used for sending and gate inhibition's solicited message;
Card reader links to each other with access controller with described access card, is used for receiving gate inhibition's request and sends to access controller;
Wherein said access controller is processed described gate inhibition's solicited message, obtains a result, and according to described result, the on off state of access control lock.
Preferably, described system also has following features: described system also comprises:
Storer is for identity information and gate inhibition's information of storing same user;
Wherein, described access controller is all verified the unlatching of locking by rear ability access control in the authentication information of this user's identity and gate inhibition's solicited message of this user.
Preferably, described system also has following features: described portable terminal comprises:
Wireless fidelity module links to each other with described transmitter, realizes radio communication function.
Preferably, described system also has following features: described storage card is the combination key flash memory cards.
With by access card authentication is compared in the prior art, provide a kind of new entrance guard management square tube to cross the identity information that portable terminal is sent and process, realize the processing to gate inhibition's request, guarantee the safety of gate control system.
Embodiment
For making the purpose of this utility model, technical scheme and advantage clearer, below in conjunction with the accompanying drawings and the specific embodiments the utility model is described in further detail.Need to prove, in the situation that do not conflict, the embodiment among the application and the feature among the embodiment be combination in any mutually.
The structural representation of the access control system embodiment that Fig. 1 provides for the utility model.System shown in Figure 1 comprises portable terminal, server and access controller, wherein:
Portable terminal comprises:
Storage card, storage is for the production of the identify label of this authentication information;
Processor links to each other with described processor, generates described authentication information according to the identify label of described storage card;
Transmitter links to each other with described processor, sends described authentication information;
Server links to each other with described portable terminal, and the authentication information that is used for receiving sends;
Access controller links to each other with described server, is used for the authentication information that receives is verified, is verified the result, and according to the result, the on off state of access control lock.
With by access card authentication is compared in the prior art, provide a kind of new entrance guard management square tube to cross the identity information that portable terminal is sent and process, realize the processing to gate inhibition's request, guarantee the safety of gate control system.
The below is described further the system embodiment that the utility model provides:
Wherein can link to each other or wireless router links to each other by Ethernet between server and the access controller.
Server can link to each other by WLAN (wireless local area network) with portable terminal, specifically:
Described portable terminal comprises:
Wireless fidelity module links to each other with described transmitter, realizes radio communication function.。
Wherein the identity in the authentication information of this processor generation can be the mobile terminal number of this terminal, also can be an identification information of storing in a storage card, and is specific as follows:
Preferably, this storage card is CPK (Combined public key, the combination key flash memory cards) TF (microSD with user ID.Flash memory cards) card.CPK TF card is installed on the intelligent mobile terminal, and intelligent mobile terminal operating system is the Android platform.CPK TF card is built-in CPK Special safety chip all, and private key and certificate all are placed in the CPK safety chip.The built-in ECC of while CPK safety chip, DES, the SHA APU is with the TRNG real random number generator.CPK TF card adopts the TF standard packaging, and is elegant in shape.Behind CPK TF card insertion portable terminal, outside the memory function that just can be common, realize encrypting at portable terminal, signature, authentication function, realize the mobile identity authentication function of safety, also can realize the false proof high-end applications that needs digital signature and key change that waits simultaneously, can make portable terminal become client and the reference mark of the safety certification among the Internet of Things.
Optionally, described system also comprises access card and card reader, wherein
Access card is used for sending and gate inhibition's solicited message;
Card reader links to each other with access controller with described access card, is used for receiving gate inhibition's request and sends to access controller;
Wherein said access controller is processed described gate inhibition's solicited message, obtains a result, and according to described result, the on off state of access control lock.
Optionally, described system also comprises:
Storer is for identity information and gate inhibition's information of storing same user;
Wherein, described access controller is all verified the unlatching of locking by rear ability access control in the authentication information of this user's identity and gate inhibition's solicited message of this user.
In above-mentioned gate control system, there are two kinds of approach to transmit gate inhibition's solicited message for the user to the access control server, then the door of appointment operated, these two kinds of approach are respectively: portable terminal sends by WIFI and traditional radio-frequency card transmission.Wherein portable terminal WIFI path is to utilize customer mobile terminal WIFI that user identity is identified, portable terminal end identity information is reached system server, carry out communication between server and the Node Controller by Ethernet again, user identity is proofreaded, if coupling, then the door lock automatic unlocking does not mate such as information, and then door lock keeps closing.The radio-frequency card transmission mode is to utilize the IC-card that matches and register to carry out user identity identification, when the user enters, needs initiatively IC-card to be pressed close to card reader, is system acquisition user profile, and identifies.Two kinds of recognition method can adopt in same system simultaneously, and concurrent working makes the identification work to the user become versatile and flexible.
Optionally, this access control system not only supports to use terminal to carry out the mode of authentication, also supports the verification mode of access card.Specifically, described system also comprises:
Access card is used for sending and gate inhibition's solicited message;
Card reader links to each other with access controller with described access card, is used for receiving gate inhibition's request and sends to access controller;
Wherein said access controller is processed described gate inhibition's solicited message, obtains a result, and according to described result, the on off state of access control lock.
In actual applications, can be according to actual needs, at least one carries out identity and authenticates for user selection.For the user who selects simultaneously two kinds of verification modes, then, described system also comprises:
Storer is for identity information and gate inhibition's information of storing same user;
Wherein, described access controller is all verified the unlatching of locking by rear ability access control in the authentication information of this user's identity and gate inhibition's solicited message of this user.
Bind by the authentication information to dual mode, and if only if two verification modes all by the time, could opening gate lock.
The below describes with an application example:
The schematic diagram of the access control system application example 1 that Fig. 2 provides for the utility model.In Fig. 2 system:
Terminal is the terminal with the wifi function, as general portable terminal with the wifi function on the market can, the operating system of Android more than 2.0 generally need to be arranged.Because in the operating system of Android more than 2.0, just can start CPK TF card.Wherein this terminal loads has the taboo client software, and this software will be developed with the JAVA language under the Android system, and advantage is to be written into rapidly the related function of CPK authentication service.Can also realize easily the data transmission between portable terminal and server and share.
Fig. 3 is another structural representation of system shown in Figure 2.In Fig. 3 system:
This terminal links to each other with server by wireless router, and wherein this wireless router can adopt the E5 of Huawei wireless router.It can really realize getting online without being tethered to a cable, and not only can support at most 5 WIFI users online simultaneously, also has powerful compatibility, can connect the WIFI equipment such as PC, portable terminal, game machine, digital camera.Select it as the focus that connects portable terminal and server, can realize the long-distance transmissions solicited message, and, easy installation had, few wiring, the characteristics that travelling speed is fast.In general, portable terminal be connected the connection distance of 3g route and can regulate by the power of control 3g router.PC is connected connection apart from also being adjusted to suitable distance by regulating power with the 3g wireless router.
The mode of swiping the card of also supporting mentioned above is carried out authentication, wherein this access card is to realize by the radio-frequency card client modules among this gate inhibition, wherein the sequence number of this radio-frequency card is unique, and manufacturing firm solidifies this sequence number before product export, can not change again.Adopt bi-directional verification mechanism between radio-frequency card and the read write line, i.e. the legitimacy of read write line checking IC-card, IC-card is also verified the legitimacy of read write line simultaneously.Radio-frequency card will carry out three mutually authentications with read write line before processing, and all data are all encrypted in communication process.In addition, there are oneself operator password and access consideration in each sector in the card.
Native system sends and traditional radio-frequency card transmission by the WIFI of portable terminal, obtains authentication information and gate inhibition's solicited message that the user sends over, after CPK ID authentication mechanism affirmation identity, then processes gate inhibition's solicited message; And then send specific signal, and the action of electronic lock is handled, guarantee the safer of gate control system; Use two kinds of authentication modes, made things convenient for the user to select according to hobby; Thereby realize simple to operate, safe and reliable mobile authentication gate control system, the transmission mode of system has two kinds: a kind of is wired transmission plan, and a kind of is wireless transmission plan, goes for different applied environments
The above; it only is embodiment of the present utility model; but protection domain of the present utility model is not limited to this; anyly be familiar with those skilled in the art in the technical scope that the utility model discloses; can expect easily changing or replacing, all should be encompassed within the protection domain of the present utility model.Therefore, protection domain of the present utility model should be as the criterion with the described protection domain of claim.