KR101673189B1 - Method and server for performing entry management using mobile student id - Google Patents

Method and server for performing entry management using mobile student id Download PDF

Info

Publication number
KR101673189B1
KR101673189B1 KR1020150127720A KR20150127720A KR101673189B1 KR 101673189 B1 KR101673189 B1 KR 101673189B1 KR 1020150127720 A KR1020150127720 A KR 1020150127720A KR 20150127720 A KR20150127720 A KR 20150127720A KR 101673189 B1 KR101673189 B1 KR 101673189B1
Authority
KR
South Korea
Prior art keywords
student
user
user terminal
access
mobile
Prior art date
Application number
KR1020150127720A
Other languages
Korean (ko)
Inventor
김장중
이재훈
육대수
김민수
송석일
정원주
손태익
Original Assignee
유비벨록스(주)
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 유비벨록스(주) filed Critical 유비벨록스(주)
Priority to KR1020150127720A priority Critical patent/KR101673189B1/en
Application granted granted Critical
Publication of KR101673189B1 publication Critical patent/KR101673189B1/en

Links

Images

Classifications

    • G07C9/00111
    • G07C9/00007
    • G07C9/00103
    • G07C9/00119
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

According to an embodiment of the present invention, there is provided a method of registering a user in a mobile student ID server, the method including receiving encrypted data encrypted through a session key based on at least one of a beacon UUID, a student number, and a Bluetooth MAC address from a user terminal step; Generating a session key identical to the session key and decrypting the encrypted data; Performing communication with a bachelor's information server including a user database to determine whether the student number is a valid student number; And registering at least one of the client UUID, the beacon UUID, the Bluetooth MAC address, and the registration request time information with the student ID, and registering the user ID.

Description

[0001] METHOD AND SERVER FOR PERFORMING ENTRY MANAGEMENT USING MOBILE STUDENT ID [0002]

The present invention relates to a method for registering and using a mobile student ID for access authentication, and a mobile student ID server for the same. More particularly, the present invention relates to a mobile student ID application installed in a user terminal, And a method and server for enabling management to be performed.

As communication technologies related to Bluetooth and beacons are developed, functions related to smart home, smart school, and the like are being developed in order to allow users to use the technology more conveniently.

Conventionally, in order to enter a variety of access control areas such as a library in a school, a user terminal having a student ID card or a mobile student ID application installed in the form of a physical card must be contacted to a reader installed at an entrance gate.

In this way, when a user performs a certain area access, the user has to contact the reader with searching for his / her student ID or user terminal among his / her belongings, so that it is troublesome to perform such an action when there are many belongings. In addition, when the access gates of a specific area are narrowed, it is possible to inconvenience those who are waiting in the back when a user is delayed in performing access authentication.

Also, in the case of performing the access control in the above-described manner, it is common that the access control is not performed at the time of exit from the entrance, so that the server performing the access control can correctly grasp the entry personnel of the specific area, It was difficult to know who the person was.

Accordingly, it is necessary to develop an access control system that overcomes the above disadvantages. In introducing a new system, new security measures for user information were also needed.

SUMMARY OF THE INVENTION The present invention has been made to solve the above problems of the prior art.

SUMMARY OF THE INVENTION It is an object of the present invention to allow a user to pass through an access gate without any operation on a terminal by only communicating between a reader of the access gate and the user terminal without touching the user terminal or the card.

An object of the present invention is to improve the security of data transmitted and received between a user terminal and a mobile student ID server in the access authentication process.

According to another aspect of the present invention, there is provided a method for registering a user by a mobile student ID server, the method comprising the steps of: receiving a beep from a user terminal via a session key based on at least one of a beacon UUID, Receiving encrypted encrypted data; Generating a session key identical to the session key and decrypting the encrypted data; Performing communication with a bachelor's information server including a user database to determine whether the student number is a valid student number; And registering at least one of the client UUID, the beacon UUID, the Bluetooth MAC address, and the registration request time information with the student ID and registering the same.

The user registration method of the mobile student identity card may further include generating a user token through the client UUID and the Bluetooth MAC address received from the user terminal after the effective student number determination step, and registering the user token together in the registration step .

The decrypting step may include generating the session key using an initial key, registration request time information received from the user terminal, and client UUID.

Wherein the valid student number determination step comprises: obtaining an issuing degree and state information of a mobile student identification card corresponding to the student number through the user database; And determining whether the student's number is greater than or equal to a predetermined value and the validity of the student ID through the academic status information.

The client UUID may be generated when the mobile student identification application is installed in the user terminal.

According to another aspect of the present invention, there is provided a method for performing access authentication of a user in a mobile student ID server, the method comprising: receiving, from a user terminal, at least one of a beacon UUID, Receiving encrypted data encrypted through a key; Generating a session key identical to the session key and decrypting the encrypted data; Determining whether or not access to the user corresponding to the student number is permitted; And access control information, and transmitting the generated access control information to the access gate reader.

Wherein the access authentication method of the mobile student identification server further receives a user token in the step of receiving the encryption data from the user terminal, and the step of determining whether or not access to the user is permitted includes determining whether the user token is valid . ≪ / RTI >

The decrypting step may include generating the session key using an initial key, access request time information received from the user terminal, and client UUID.

The step of receiving the encrypted data from the user terminal may include receiving information through the access gate reader performing communication with the user terminal.

Wherein the step of determining whether or not access to the user is permitted includes the steps of: when receiving an access permission request from the user terminal, communicating with a bachelor information server including a user database, And acquiring the bachelor's status information and performing the access permission determination through the access.

The step of determining whether or not access to the user is permitted may include communicating with a bachelor information server including a user database at predetermined intervals to update the mobile student identification card issuance degree and bachelor's status information for the student's student number, And receiving the access permission request from the terminal, and performing the access permission determination through the updated information.

According to another aspect of the present invention, there is provided a mobile student ID server for registering a mobile student ID and authenticating access through the mobile ID card, the mobile identity card database including at least one of a beacon UUID, A user terminal information receiving unit for receiving encrypted password data through a session key; A session key generation unit for generating a session key identical to the session key; An encrypted data decryption unit for decrypting the encrypted data through the generated session key; A bachelor's information receiver for acquiring user information through communication with a bachelor's information server including a user database; A mobile user ID registration unit for registering at least one of a client UUID, a beacon UUID, a Bluetooth MAC address, and registration request time information with the student ID; And an access permission determination unit for determining whether access to the user corresponding to the student ID or the client UUID is permitted and generating access control information based on the access ID to transmit the access control information to the access gate reader.

Wherein the mobile student ID server further comprises a user token generating unit for generating a user token through the client UUID and the Bluetooth MAC address, wherein the mobile student ID registration unit further registers the user token additionally, It is possible to additionally determine the validity of the user token when it is determined that access is permitted.

The session key generation unit may generate the session key through one of an initial key, a client UUID received from the user terminal, registration request time information, and access request time information.

Wherein the bachelor's information receiving unit obtains the degree of issuance and the bachelor's degree status of the mobile student identification card corresponding to the student number through the user database and the mobile student identity registration unit registers the bachelor's degree status information, The validity of the student number can be determined.

The user terminal information receiving unit may receive information through the access gate reader that communicates with the user terminal.

The bachelor's information receiving unit may communicate with the bachelor's information server at predetermined time intervals to update the mobile student identification card issuance degree and the bachelor's status information for the student number of all the users.

According to another aspect of the present invention, there is provided a user terminal for performing access authentication through a mobile student ID application, the user terminal comprising: an initial key, a client UUID, at least one of registration request time information and access request time information A session key generation unit for generating a session key through one; An encryption unit for generating, through the session key, encrypted data including at least one of a student number, a Bluetooth MAC address, and a beacon UUID acquired from an entrance gate reader; A mobile student ID registration unit for transmitting a user registration request including the password data, a client UUID and registration request time information to a mobile student ID server and receiving a mobile ID card registration result for the user registration request; And an access authentication requesting unit for transmitting an access permission request including the encryption data, the client UUID and the access request time information to the mobile student ID server.

The user terminal may further include a user token management unit for receiving a user token from the mobile student ID card server upon user registration, and the access authentication request unit may additionally transmit the user token upon access request.

The access authentication request unit may transmit the access permission request when the user terminal is located within a predetermined distance from the access gate reader.

The client UUID may be generated upon installation of the mobile student ID application.

According to an embodiment of the present invention, the user can perform access authentication without any operation on the user terminal after the issuance of the mobile student ID and pass through the access gate.

According to an embodiment of the present invention, the mobile student ID server can collectively manage the entry and exit of the personnel in the access control area.

According to an embodiment of the present invention, a session key is generated based on a client UUID and time information each time a user terminal and a mobile student identification server perform communication, and encryption / decryption of data is performed through the session key, Security in communication between servers can be improved.

It should be understood that the effects of the present invention are not limited to the above effects and include all effects that can be deduced from the detailed description of the present invention or the configuration of the invention described in the claims.

1 is a schematic view of an access authentication system according to an embodiment of the present invention.
2 is a block diagram illustrating an internal configuration of a user terminal according to an embodiment of the present invention.
3 is a block diagram illustrating an internal configuration of a mobile student identification server according to an exemplary embodiment of the present invention.
4 is a flowchart illustrating a mobile student ID registration process according to an exemplary embodiment of the present invention.
5 is a flowchart illustrating an access authentication process using a mobile student ID according to an exemplary embodiment of the present invention.
6 is a diagram illustrating a process of executing a mobile student identification card application and registering a mobile student identification card according to an embodiment of the present invention.

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS Hereinafter, the present invention will be described with reference to the accompanying drawings. The present invention may, however, be embodied in many different forms and should not be construed as limited to the embodiments set forth herein. In order to clearly illustrate the present invention, parts not related to the description are omitted, and similar parts are denoted by like reference characters throughout the specification.

Throughout the specification, when a part is referred to as being "connected" to another part, it includes not only "directly connected" but also "indirectly connected" . Also, when an element is referred to as "comprising ", it means that it can include other elements, not excluding other elements unless specifically stated otherwise.

Hereinafter, embodiments of the present invention will be described in detail with reference to the accompanying drawings.

1 is a schematic view of an access authentication system according to an embodiment of the present invention.

The access authentication system according to an embodiment of the present invention may include a user terminal 100, an access gate reader 200, a mobile student identification server 300, and a bachelor's information server 400.

The user terminal 100 used by the user to use the access authentication system of the present invention may be a mobile student ID server (e.g., a mobile phone, a smart phone, a PDA (Personal Digital Assistant), a portable multimedia player (PMP) Based wireless communication device that can be connected to the mobile communication terminal 300 through a network such as a desktop PC, a tablet PC, a laptop PC, and an IPTV including a set-top box. And a communication device that can be connected to the server 300.

The operation of the user terminal 100 disclosed in this specification can be performed through a mobile student identity application installed on the user terminal 100. [ The mobile student identification card application may be downloaded and installed from the mobile student identification server 300 and the mobile student identification card application may be registered in a separate application store and may be installed in the user terminal 100 through the store have.

The mobile student identification card application installed in the user terminal 100 can perform the use of the mobile student identification card for registering and accessing the mobile student identification card through communication with the mobile student identification card server 300. In addition, Additional functions such as using the library seat allocation function can be performed.

The access gate reader 200 can communicate with the user terminal 100 and the mobile student identification server 300 to perform access gate open / close management. The access gate reader 200 may include a BLE module and may communicate with the user terminal 100 in a BLE communication scheme. Bluetooth Low Energy (BLE) is a technology that allows Bluetooth devices to operate at lower power levels by reducing packet size, reducing the number of channels, simplifying device connection procedures, and reducing operating cycles compared to conventional Bluetooth technology.

The access gate reader 200 may include a beacon function to continuously transmit a beacon signal within a predetermined distance so that when the user terminal 100 approaches the access gate reader 200 within a certain distance, And automatically execute the mobile student ID application installed in the user terminal 100. [

According to an exemplary embodiment, the access gate reader 200 may transmit a beacon signal at a plurality of positions so that the user terminal 100 can more accurately determine the current position based on the intensity of a plurality of beacon signals. The mobile student ID server 300 may receive the information from the user terminal 100 to determine whether the user is entering a specific area through the current access gate or is leaving the current area.

The access gate reader 200 may include a beacon UUID. A Universal Unique Identifier (UUID) is an identifier for distinguishing different entities on the network. According to one embodiment, the beacon UUID may be 16 bytes.

According to an embodiment, a plurality of access gate readers 200 may be installed at different places, and beacon UUIDs included in each access gate reader 200 may be set to be equal to each other. For example, when a plurality of doors of a library in a school are arranged in a plurality of directions, the beacon UUIDs included in the respective entrance gate readers 200 may be set to be equal to each other.

According to one embodiment, the beacon UUID values included in each access gate reader 200 may be set different from each other. For example, a special authority may be required to enter a particular area in the school library, and to determine this, the access gate reader 200 of the area may have a different value than the beacon UUID included in the gate reader for library entry Beacon UUID.

The mobile student identification card server 300 issues a mobile student identification card to the user terminal 100 through communication with the user terminal 100 installed with the mobile student identification card application and then the user terminal 100 accesses the entrance gate reader 200 It is possible to receive the information such as the student number from the user terminal 100 and judge whether or not access is allowed through the information, thereby performing opening and closing of the entrance gate.

The mobile student identification server 300 can generate a session key for the encryption and decryption of information in the same manner as the mobile student identification application. The mobile student identification server 300 can decrypt the information received from the user terminal 100 through the generated session key, and a detailed description thereof will be described later.

The bachelor information server 400 may store various bachelors information of the users. When the mobile student identification server 300 requests the bachelors information of the user through the student's number, the bachelor information server 400 may transmit the bachelors information to the mobile student identification server 300 .

The bachelor information included in the bachelor information server 400 includes information on the degree of issuance, such as the number of times the mobile student's certificate is issued, the user corresponding to the student number, the status of being suspended, and the status of the bachelor can do.

In addition, the bachelor's information server 400 may store the seat allocation information in the library, and may transmit such information to the mobile student identification server 300. If the user selects a specific seat through the mobile student identification application, The information on the seat can be updated by receiving the seat selection information through the controller 300.

The mobile student identification server 300 and the bachelor's information server 400 between the access gate reader 200 and the mobile student identification server 300 between the user terminal 100 and the mobile student identification server 300 according to an embodiment of the present invention, Communication can be performed through a communication network (not shown). However, as described above, the communication between the user terminal 100 and the access gate reader 200 can be performed through the BLE communication method.

According to one embodiment, the communication network may be configured without regard to its communication mode, such as wired and wireless, and may be, for example, a local area network (LAN), a metropolitan area network (MAN) And a wide area network (WAN). Preferably, the communication network according to an embodiment of the present invention may be a known World Wide Web (WWW) or the like.

2 is a block diagram illustrating an internal configuration of a user terminal 100 according to an embodiment of the present invention.

2, the user terminal 100 may include a session key generation unit 110, an encryption unit 120, a mobile student ID registration unit 130, and an access authentication request unit 140, And may further include a token management unit 150.

The mobile user ID registration unit 130, the access authentication request unit 140 and the user token management unit 150 are provided on the user terminal 100. The session key generation unit 110, the encryption execution unit 120, the mobile student ID registration unit 130, And may be provided in the form of a program module that enables each operation to be performed within the installed mobile student ID application. These program modules are concepts that encompass routines, subroutines, programs, objects, components, data structures, etc., that perform each operation or execute a particular abstract data type, but are not limited thereto.

The session key generation unit 110 may generate a session key for encrypting and decrypting data through an initial key, a client UUID, and time information. Encryption is indispensable in order to improve security in data transmission and reception performed between the user terminal 100 and the mobile student ID server 300. The user terminal 100 and the mobile student ID card 300 are required to perform encryption and decryption of data, It is possible to improve the security in data transmission and reception by generating the session key by the same algorithm in the server 300 and generating a new session key whenever data transmission / reception is required.

The initial key is a value that is common to the user terminal 100 and the mobile student identification server 300 and may be a value provided when the mobile student identification application is installed in the user terminal 100. [

The client UUID is an identifier for distinguishing each user terminal 100. When the mobile student ID application is installed in the user terminal 100, the mobile student ID application can generate the client UUID. According to one embodiment, the mobile student identification application may generate a client UUID based on the UUID unique to the user terminal 100. [

The time information used by the session key generation unit 110 in generating the session key may be a registration request time of the mobile student ID or a time of requesting access authentication. According to one embodiment, the registration request time may be the time when the user inputs his / her student ID, ID, password, etc. through the mobile student ID application to request registration of the mobile student ID. When the user terminal 100 accesses the entrance gate reader 200 within a predetermined distance and receives the beacon signal from the entrance gate reader 200 and automatically executes the mobile student identity card application according to the access request time, It may be the time when the application is run. The reason why the registration request time or the access request time differs from the time when the registration request or access request from the user terminal 100 is actually sent to the mobile student ID server 300 is that the time information for generating the session key is It may be that the session key generation and encryption is performed in the user terminal 100 before the registration request or the access request can be transmitted to the mobile student identification server 300. [ According to another embodiment, the session key generation unit 110 calculates the time required to generate the session key and the operation time of the encryption unit 120, and transmits a registration request or an access request to the mobile user identification server 300 ), And can generate the session key based on the registration request time or the access request time information.

The session key generation unit 110 may generate the session key by combining the initial key, the client UUID, and the specific time information through a specific algorithm as described above.

The encryption performing unit 120 may generate cryptographic data including at least one of a beacon UUID, a student number, and a Bluetooth MAC address through the session key generated by the session key generating unit 110. [

The user terminal 100 may obtain the beacon UUID through the beacon signal received from the nearby access gate reader 200. [ However, when the user terminal 100 requests the registration of the first mobile student ID, the location of the user terminal 100 may not be close to the entrance gate. Therefore, in the encryption data generated by the encryption performing unit 120, Beacon UUID may not be included.

The student number is a value input by the user at the time of initial registration of the mobile student ID card. The encryption performing unit 120 can generate the password data by including the ID and password of the user in addition to the student ID number.

The Bluetooth MAC address is an address assigned to use the Bluetooth function used when the user terminal 100 performs communication with the entrance gate reader 200 and is a unique number existing in the user terminal 100. [ According to one embodiment, the Bluetooth MAC address may be composed of 12 hexadecimal digits.

The mobile student ID registration unit 130 may transmit a user registration request including the password data, the client UUID, and the registration request time information to the mobile student ID server 300. [

After that, the mobile student ID registration unit 130 may receive the mobile student ID registration result corresponding to the user registration request from the mobile student ID server 300. [ If the registration result is a failure, the mobile student ID registration unit 130 receives the cause of the failure from the mobile student ID server 300 and displays the failure cause on the display unit of the user terminal 100 or the like.

According to one embodiment, when the user registration result is successful, the mobile student identification server 300 may generate a user token and transmit the user token to the user terminal 100. In this case, the user token management unit 150 receives the user token It can play a role of storing.

The access authentication request unit 140 may transmit an access permission request including the encryption data, the client UUID, and the access request time information to the mobile student ID server 300. [ When the access is allowed, the access gate is opened by communication between the mobile student ID server 300 and the access gate reader 200, so that the user can confirm that the access permission request is approved through the access gate.

According to one embodiment, when access is denied, the mobile student identification card server 300 can transmit a reason for denial of access to the user terminal 100, and the access authentication request unit 140 can receive and display the reason through the display unit have.

The access authentication request unit 140 determines the distance between the user terminal 100 and the access gate reader 200 through the communication between the user terminal 100 and the access gate reader 200. When the user terminal 100 accesses the access gate reader 200 The mobile student identification server 300 can transmit the access permission request to the mobile student identification server 300. [

According to an embodiment of the present invention, the user token generated when the mobile student identification server 300 issues a mobile student ID can be used at the access authentication request. In this case, And transmits the user token stored in the user token management unit 150 to the student ID server 300 together with the user token.

3 is a block diagram illustrating an internal configuration of a mobile student identification server 300 according to an exemplary embodiment of the present invention.

3, the mobile student identification server 300 includes a user terminal information receiving unit 310, a session key generating unit 320, an encrypted data decryption performing unit 330, a bachelor's information receiving unit 340, a mobile student ID registration unit 350 An access permission determination unit 360, a control unit 380, and a communication unit 390, and may further include a user token generation unit 370. [

The user terminal information receiving unit 310 may receive a user registration request or an access permission request from the user terminal 100. When the user terminal information receiving unit 310 receives the user registration request, it can receive the password data, the client UUID, and the registration request time information together. The password data may include the student number information and the Bluetooth MAC address, A beacon UUID may also be included when an entrance gate is desired at the same time as a mobile student ID is issued. When the user terminal information receiving unit 310 receives the access permission request, it can receive the password data, the client UUID, and the access request time information, and the password data may include the beacon UUID, the student number information, and the Bluetooth MAC address.

According to one embodiment, the user terminal information receiving unit 310 can receive the above information directly from the user terminal 100 through the communication network. According to another embodiment, when the user terminal 100 accesses the entrance gate reader 200 It is possible to acquire the above information by communicating with the gate reader 200.

The session key generation unit 320 may generate a session key for decrypting the encrypted data through the initial key, the client UUID received from the user terminal 100, and the time information. The time information may be registration request time information or access request time information as described above.

The initial key is a unique value stored in the mobile student ID server 300. The session key generating unit 320 may generate the session key by combining the initial key, the client UUID, and the time information through a specific algorithm. The generated session key is identical to the session key generated in the user terminal 100 that transmitted the client UUID and the time information, so that it is possible to decrypt the encrypted data received from the user terminal 100 through the same .

The encryption data decryption unit 330 can decrypt the encryption data received from the user terminal 100 through the session key generated by the session key generation unit 320. [ The encrypted data may include a beacon UUID, bachelors information including the student's student number, a Bluetooth MAC address of the user terminal 100, and the encrypted data decryption performing unit 330 may determine that the mobile student ID server 300 has received the data May be used to extract the information from the cryptographic data so as to perform mobile student identification card management.

The bachelor's information receiving unit 340 can receive information of the user database stored in the bachelor's information server 400 through communication with the bachelor's information server 400. User information matching with the student number is stored on the user database stored in the bachelor information server 400. The user information includes an issuing degree indicating the number of times the mobile student identification card is issued through the corresponding student number, Whether the student is currently on leave, whether he has graduated, and the like.

According to one embodiment, the mobile student ID server 300 disclosed in the present invention can perform access authentication through access to a school ID, a library pass, as well as a student ID in performing access authentication at various places including a library, Accordingly, the bachelor information receiving unit 340 can receive information on the faculty identification and the library pass from the user database of the bachelor information server 400.

The user database of the BS information server 400 may include status information on mobile student ID, faculty ID, and library pass, and each mobile student ID, faculty ID, and library ID may have a validity period. The status of each certificate can be divided into usable, lost, expiration, etc., and the bachelor's information receiving unit 340 can receive such information from the bachelor's information server 400.

According to one embodiment, the bachelor's information receiving unit 340 may request the bachelor's information server 400 for information about the user whenever the user terminal 100 receives a user registration request or an access permission request.

According to another embodiment, the bachelor's information receiving unit 340 can communicate with the bachelor's information server 400 at predetermined time intervals, update the information of the user database, and store the updated information in the mobile student identification server 300. When the mobile user identity database server 300 continuously updates the user database, upon receiving the user registration request or the access permission request from the user terminal 100, the mobile user identification database server 300 can promptly determine whether to register the mobile student identification card, Can be performed. According to this, even when the communication between the mobile student identification server 300 and the bachelor's information server 400 is unstable, the mobile student identification server 300 can operate stably.

When the mobile student ID registration unit 350 receives the user registration request from the user terminal 100, the mobile student ID registration unit 350 issues a mobile student ID to the user through the bachelor's information of the corresponding user corresponding to the student ID information obtained through the decryption of the password data It can be judged whether or not it is.

According to one embodiment, the mobile student ID registration unit 350 can determine whether the mobile student ID is issued based on the academic status of the user's bachelor information. The bachelor's status of the user can be classified into school attendance, leave, expulsion, drop-out, graduation, etc., and the mobile student card registration unit 350 can be set to issue a mobile student identification card only when the user is in school.

According to one embodiment, the mobile student ID registration unit 350 can determine whether to issue the mobile student ID through the issue degree, which is the number of times the mobile student ID card was issued, to the user who requested the mobile student ID card issuance. For example, the mobile student ID registration unit 350 may refuse to issue a new mobile student ID card if the mobile student ID card is issued five times or more. This is because the user rents his or her bachelor's information to another person and receives a mobile student ID card The number of times the mobile student ID is issued can be set so as not to be abused.

When the mobile student ID card is issued, the mobile student ID registration unit 350 can register the school ID information including the student ID with the Bluetooth MAC address and the client UUID of the user terminal 100 in the mobile student ID database server 300. [

The mobile student ID registration unit 350 can transmit the result of issuing the mobile student ID to the user terminal 100 and can also transmit information on the reason for the failure if the mobile student ID issuance fails.

When the access permission determination unit 360 receives the access permission request from the user terminal 100, the access permission determination unit 360 determines whether or not the access permission has been granted to the access permission determination unit 360, generates the access control information, and transmits the access control information to the access gate reader 200.

When the decryption unit 360 decrypts the encryption data transmitted by the user terminal 100, the access permission deciding unit 360 decides whether or not the access permission based on the beacon UUID and the student number information included in the encryption data It is possible to judge whether or not access is allowed. The access permission determination unit 360 can acquire user's bachelors information corresponding to the student number from the bachelor's information receiving unit 340. The user terminal 100 grasps the current position through the beacon UUID, It is possible to judge whether or not the user intends to go out. Then, the access permission determination unit 360 determines whether the user is authorized to access the area based on the user's information and access area information. If it is determined that the user is allowed to access the area, It is possible to transmit an open signal to the gate reader 200 so that the user can enter the area to which the user intends to enter.

When the access permission determination unit 360 denies access to the user terminal 100 that has transmitted the access permission request, the access permission determination unit 360 may transmit information on the reason for rejection to the user terminal 100. [ According to one embodiment, the reasons for denial of access to a particular user may include a non-issue of a mobile student identity card, a change in the status of a bachelor's degree, a lack of authority to access the area, and the like.

In this case, the access permission determination unit 360 determines whether the entrance gate 200 closest to the user terminal 100 is open, Can be controlled. The location information of the user terminal 100 may be calculated in the user terminal 100 through the beacon signal transmitted by the entrance gate reader 200 and the mobile student identification server 300 may receive the location information of the user 100 from the user terminal 100. [ And receive position information of the terminal 100.

According to an embodiment of the present invention, the mobile student ID server 300 may further include a user token generating unit 370. In this case, the user token generating unit 370 may acquire the user token from the user terminal 100 The user token can be generated based on the information that the user can access. In the present invention, a user token is a new information type created based on information of the user terminal 100, and can be used to enhance security level and prevent forgery or falsification.

The user token generating unit 370 generates a user token at the time of issuing the mobile student ID by combining the client UUID and the Bluetooth MAC address received from the user terminal 100 and transmits the user token to the user terminal 100 together with the mobile student ID have.

In this way, when the mobile student identification server 300 uses the user token in the access authentication, the user terminal 100 stores the received user token when issuing the mobile student ID, and transmits the access permission request to the mobile student ID server 300 ) Together with the user token. The access permission determination unit 360 may determine whether access is allowed by additionally determining the validity of the received user token in addition to the determination process described above.

The control unit 380 includes a user terminal information receiving unit 310, a session key generating unit 320, an encrypted data decryption performing unit 330, a bachelor's information receiving unit 340, a mobile student ID registration unit 350, The permission / non-permission determining unit 360, the user token generating unit 370, and the communication unit 390. That is, the control unit 380 according to the present invention includes a user terminal information receiving unit 310, a session key generating unit 320, an encrypted data decryption performing unit 330, a bachelor's information receiving unit 340, a mobile student ID registration unit 350, The access permission determining unit 360, the user token generating unit 370, and the communication unit 390, respectively.

The communication unit 390 according to one embodiment enables communication between the mobile student identification server 300 and an external device. Specifically, the mobile student identification server 300 enables communication with the user terminal 100, the entrance gate reader 200, and the bachelor's information server 400.

4 is a flowchart illustrating a mobile student ID registration process according to an exemplary embodiment of the present invention.

Referring to FIG. 4, the user terminal 100 may activate a mobile student identification application to issue and use a mobile student identification card (S401). The mobile student identification card application may be installed by being transferred from the mobile student ID server 300 to the user terminal 100 and may be installed by connecting the user terminal 100 to a separate application store and performing downloading.

Execution of the mobile student identity application for registration of the mobile student identity card may be performed through manipulation of the user terminal 100 by the user, for example by touching the mobile student identity application icon, and may be performed by the entrance gate reader 200 The beacon signal may be automatically performed by receiving the beacon signal.

According to one embodiment, when the first mobile student ID application is installed on the user terminal 100, the mobile student ID application can generate a client UUID. The generated client UUID may be used to identify each user terminal 100 when the mobile student ID server 300 manages a plurality of user terminals 100.

The user terminal 100 may generate a session key used for encryption and decryption for communication with the mobile student identification server 300 (S403). According to one embodiment, the session key may be generated through encryption based on the initial key, client UUID, and registration request time information.

The user can perform identity authentication by inputting an ID and a password to the mobile student ID application performed on the user terminal 100 (S405). The identity authentication process may be performed through communication between the user terminal 100 and the mobile student identification server 300. The authentication of the user may be performed through authentication of the mobile phone using a communication company, and authentication means such as an official certificate may be used.

Before the identity authentication process is performed in the mobile student identity application running on the user terminal 100, there may be a terms agreement process for the use of the mobile student identity card. According to this, the user must choose whether to agree to the terms of use, personal information policy, and whether to receive the advertisement according to the use of the mobile student ID card. If the user does not choose to agree to the essential items such as the terms of use and the privacy policy The mobile student ID card application will not be able to use the mobile student ID card because it has not passed the authentication phase.

According to an exemplary embodiment of the present invention, in the case where the ID to be input for authenticating the user is a student ID, an additional student ID input process may be omitted .

Then, the user terminal 100 may generate cryptographic data including the student number and the Bluetooth MAC address (S407). The encryption process may be performed based on the session key generated in step S403. If the user terminal 100 is located at a distance that can receive the beacon signal transmitted from the entrance gate reader 200, the beacon UUID may be further included in the encrypted data. In this case, And can be used to pass through the gate at the same time as issuing.

The user terminal 100 may transmit the password data, the client UUID, and the registration request time information while transmitting the user registration request to the mobile student ID server 300 (S409).

Upon receiving the registration request from the user, the mobile student identification server 300 can generate the session key using the same algorithm as that performed by the user terminal 100 through the initial key, the client UUID, and the registration request time information (S411).

Thereafter, the mobile student identification server 300 may decrypt cryptographic data received from the user terminal 100 based on the generated session key (S413). Accordingly, the mobile student identification server 300 can obtain information such as the student number included in the encrypted data, the Bluetooth MAC address of the user terminal 100, and the like. If the beacon UUID is included in the encryption data in step S407, the mobile student ID server 300 may additionally obtain the beacon UUID in step S413.

The mobile student identification server 300 can acquire additional bachelors information of the user corresponding to the corresponding student number through communication with the bachelor's information server 400 based on the student number included in the encrypted data (S415). Additional academic information may include the degree of issuance of the mobile student's identity card to the user, the user's current academic status, and the like.

According to one embodiment, the mobile student ID server 300 receives the mobile student ID registration request as described above, and not the method of receiving the bachelor's information of the corresponding user from the bachelor's information server 400, Lt; RTI ID = 0.0 > 400 < / RTI > According to this method, in step S415, the mobile student identification server 300 does not communicate with the bachelor's information server 400 and can check the additional bachelors information of the user based on the database in the mobile student identification database server 300. [

The mobile student identification server 300 may determine whether to issue a mobile student identification card to the user based on the user's bachelors information corresponding to the student ID obtained through the decryption of the encrypted data (S417). The criteria for determining whether the mobile student identification card server 300 issues a mobile student identification card may be a comprehensive determination of how many times the mobile student identification card has been issued for the user and the current state of the user. When the mobile student ID card for the user corresponding to the student ID information transmitted by the user terminal 100 is issued, the mobile student ID server 300 may store the corresponding information in the server. In this case, the user ID, the client UUID, 100) can be matched and stored.

According to an exemplary embodiment, when the mobile student ID is normally issued, the mobile student ID server 300 transmits the information to the academic information server 400 to issue a mobile student ID card of the user stored in the academic information server 400 Order, and the like can be updated. If the mobile student ID server 300 has obtained the beacon UUID in step S413, the access permit signal may be transmitted to the access gate reader 200. [

When the mobile student identification card issuing process is completed, the mobile student identification card server 300 can transmit the result information to the user terminal 100 (S419). Accordingly, the user can confirm whether or not the mobile student ID card has been normally issued. If the mobile student ID card issuance has ended in failure, the user can check the reason for the failure. For example, in the case where the student number information does not exist or the access number is not available, an error message indicating failure of registration of the mobile student ID to the user terminal 100 may be transmitted.

According to an embodiment of the present invention, a user token may be additionally used in the mobile student identification card issuance process. That is, the mobile student identification server 300 can generate a user token based on the information of the user terminal 100 in the process of issuing the mobile student identification card. For example, the mobile student ID server 300 may generate a user token by changing the combination of the client UUID and the Bluetooth MAC address.

The user token generated as described above may be stored in the mobile student ID server 300 after matching with the student ID information in step S417. In step S419, the user token is transmitted from the mobile student ID server 300 to the user terminal 100 And the user terminal 100 may thereafter perform access authentication through the mobile student ID by additionally using the user token.

5 is a flowchart illustrating an access authentication process using a mobile student ID according to an exemplary embodiment of the present invention.

Referring to FIG. 5, the user terminal 100 may receive a beacon signal transmitted from the access gate reader 200 (S501). The user terminal 100 may acquire a beacon UUID in this process and may determine the location of the user terminal 100 through the intensity of the beacon signal or the like.

When the user terminal 100 receives the beacon signal, the mobile student identity application installed in the user terminal 100 may be driven (S503).

When the mobile student ID application is activated, the user terminal 100 may generate a session key for communication with the mobile student ID server 300 (S505). The session key may be generated based on the initial key, client UUID, and access request time information.

The user terminal 100 may generate cipher data including a beacon UUID, a student number, and a Bluetooth MAC address (S507). The encryption process may be performed based on the session key generated in step S505.

The user terminal 100 may transmit the password data, the client UUID, and the access request time information together while transmitting the access permission request to the mobile student ID server 300 (S509).

Upon receiving the access permission request from the user, the mobile student identification server 300 can generate the session key using the same algorithm as that performed by the user terminal 100 through the initial key, the client UUID, and the access request time information (S511) .

The mobile student identification server 300 can decrypt cryptographic data received from the user terminal 100 through the session key generated in operation S513. Through the decryption process, the mobile student ID server 300 can obtain the beacon UUID, the student ID, and the Bluetooth MAC address.

The mobile student identification card server 300 can acquire additional bachelors' information of the user corresponding to the corresponding student number through communication with the bachelor's information server 400 based on the student number included in the encrypted data (S515).

Thereafter, the mobile student identification server 300 can determine whether the mobile student ID of the user is valid based on the user's bachelors information, and can determine whether or not the user's access is allowed (S517). The method of determining whether the mobile student identification card issued by the mobile student identification card server 300 to the user of a specific student number is valid may be similar to the criteria judged when issuing the mobile student identification card. That is, the mobile student identification card server 300 can determine whether or not access is allowed through the degree of issuance of the mobile student identification card issued in the student number, the current state of the user, and the like.

According to one embodiment, the mobile student identity card server 300 can determine via which beacon UUID is included in the password data the user is currently in which zone, and if the user is authorized to enter the zone Can be determined. In addition, the mobile student identification server 300 can receive not only the student ID but also the information related to the faculty ID, library pass, etc. through the user terminal 100 or the access gate reader 200 that recognizes the card. It is possible to judge whether the user requesting access authentication is authorized to access the zone.

When the mobile student identification server 300 determines that the access authentication is normally completed and permits access, the mobile student identification card server 300 can transmit a signal including such a request to the entrance gate reader 200 (S519). According to one embodiment, the mobile student ID server 300 may transmit the Bluetooth MAC address of the user terminal 100 to the entrance gate reader 200 in this process.

The access gate reader 200 can acquire the Bluetooth MAC address of the user terminal 100 through communication with the user terminal 100 close to the access gate before or after receiving the access permission signal as described above ).

Accordingly, the access gate reader 200 can open the access gate by receiving the signal as described above (S523). According to one embodiment, a plurality of access gates at a specific location may be provided in a continuous form. In this case, the access gate reader 200 may communicate with the user terminal 100 via the communication network And can open the access gate closest to the position of the corresponding user terminal 100. According to another embodiment, the access gate reader 200 may receive the location information of the user terminal 100 from the mobile student ID server 300. [

When a plurality of access gates are provided successively, each access gate may include a display device, and the access gate reader 200 displays a part number or a part of the name when the gate is opened through such a display device, It is possible to confirm whether the access authentication has been performed through the user terminal 100 of the terminal.

According to the embodiment, when the access authentication is smoothly performed, the user can confirm the access through the opening of the access gate. If the access permission is denied, the mobile student identification server 300 notifies the reason for rejection to the user terminal 100 To the access gate reader 200 and display it to the user.

According to an embodiment of the present invention, a user token may be additionally used as described above in the process of issuing a mobile student ID card. The user terminal 100 receives and stores the user token from the mobile student ID server 300 in the process of issuing the mobile student ID, and transmits the user token to the mobile student ID server 300 together with the entrance authentication request in step S509. That is, if the user token is used for access authentication, the user token, the password data, the client UUID, and the access request time information may be transmitted from the user terminal 100 to the mobile student ID server 300 in step S509. Only the password data, the client UUID and the access request time information can be transmitted. According to another embodiment of the present invention, the mobile student identification server 300 can perform access authentication based on only the user token. In this case, in step S509, the user terminal 100 transmits only the user token to the mobile student identification server 300 .

 When the user token is used, the mobile student identification server 300 can compare the user token stored in step S417 of FIG. 4 with the user token received in step S509 in step S517, and in step S509, It is further possible to determine whether or not the user token received from the terminal 100 is valid and determine whether or not to permit access based on the determination.

According to an embodiment of the present invention, user authentication can be performed not only when a user enters a specific place but also when the user exits the mobile terminal, similar to the process described above with reference to FIG. 5, The user can more accurately grasp the state of access.

6 is a diagram illustrating a process of executing a mobile student identification card application and registering a mobile student identification card according to an embodiment of the present invention.

6, the user may download the mobile student ID application from the mobile student ID server 300 or a separate application store server, and install the application on the user terminal 100. [

Thereafter, when the mobile student identification card application is executed on the user terminal 100, a contract acceptance process may be performed to confirm whether or not to agree with various terms for using the mobile student identification card. The user must agree to at least one or more required terms to be able to use the mobile student ID application.

When the user passes the agreement process, the mobile student ID application can proceed to receive the ID and password for authenticating the user. According to one embodiment, the ID and password used in the process may match the ID and password used by the user when accessing the bachelor's information server 400. The mobile student identification server 300 can authenticate the user by using the ID and password input by the user through the academic information server 400. [

Once the identity verification process is completed, the student ID application process can be performed on the mobile student ID application. When the user inputs his / her student number, the mobile student identification card 300 is issued by the operation of the mobile student identification server 300 as described above with reference to FIG. 4, and is registered in the mobile student identification server 300 and the user terminal 100 .

As described above, according to the embodiments of the present invention, the user can easily pass through the entrance gate without the need for the operation of the user terminal, and the security can be improved in the communication between the user terminal and the mobile student identification server.

It will be understood by those skilled in the art that the foregoing description of the present invention is for illustrative purposes only and that those of ordinary skill in the art can readily understand that various changes and modifications may be made without departing from the spirit or essential characteristics of the present invention. will be. It is therefore to be understood that the above-described embodiments are illustrative in all aspects and not restrictive. For example, each component described as a single entity may be distributed and implemented, and components described as being distributed may also be implemented in a combined form.

The scope of the present invention is defined by the appended claims, and all changes or modifications derived from the meaning and scope of the claims and their equivalents should be construed as being included within the scope of the present invention.

100: User terminal
200: Access gate reader
300: Mobile Student ID Server
400: BS Information Server

Claims (21)

A method of registering a user with access rights by a mobile student identification server,
Receiving encrypted data encrypted through a session key of a user terminal from the user terminal based on at least one of a beacon UUID, a student number, and a Bluetooth MAC address;
Generating a session key identical to the session key of the user terminal and performing decryption on the encrypted data;
Performing communication with a bachelor's information server including a user database to determine whether the student number is a valid student number; And
Matching the at least one of the client UUID, the beacon UUID, the Bluetooth MAC address, and the registration request time information with the student ID,
Wherein the session key generated by the user terminal and the mobile school ID card is generated based on a variable including time information so that the session key is generated with a different value at each generation.
The method according to claim 1,
After the valid student number determination step,
Generating a user token through a client UUID and a Bluetooth MAC address received from the user terminal,
Wherein the user token is registered together in the registering step.
The method according to claim 1,
The decoding step may include:
And generating the session key using an initial key, registration request time information received from the user terminal, and client UUID.
The method according to claim 1,
The validity student number determination step may include:
Obtaining the degree of issuance and the status of the mobile student identification card corresponding to the student number through the user database; And
Determining whether the student ID is valid or not based on the academic status information, and determining whether the degree of issuance is greater than or equal to a predetermined value.
The method according to claim 1,
Wherein the client UUID is created upon installation of a mobile student identification application on the user terminal.
A method for a mobile student identification server to perform access authentication of a user,
Receiving encrypted data encrypted through a session key of a user terminal from the user terminal based on at least one of a beacon UUID, a student number, and a Bluetooth MAC address;
Generating a session key identical to the session key of the user terminal and performing decryption on the encrypted data;
Determining whether or not access to the user corresponding to the student number is permitted; And
Generating access control information and transmitting the access control information to the access gate reader,
Wherein the session key generated by the user terminal and the mobile school ID card is generated based on a variable including time information so that the session key is generated with a different value at each generation.
The method according to claim 6,
Further receiving a user token in the step of receiving password data from the user terminal,
The method of claim 1,
And determining whether the user token is valid. ≪ Desc / Clms Page number 21 >
The method according to claim 6,
The decoding step may include:
And generating the session key through an initial key, access request time information received from the user terminal, and client UUID.
The method according to claim 6,
Wherein the step of receiving encrypted data from the user terminal comprises:
And receiving information through the access gate reader performing communication with the user terminal.
The method according to claim 6,
The method of claim 1,
Upon receipt of an access permission request from the user terminal, communicates with a bachelor information server including a user database to acquire a mobile student identification card issuance degree and state information for a user corresponding to the student number, And performing the access authentication of the mobile student ID server.
The method according to claim 6,
The method of claim 1,
Updates the mobile student identification card issuance degree and the school status information for the student ID of all the users by performing communication with the university information server including the user database at predetermined time intervals, and when receiving the access permission request from the user terminal, And determining whether the access is allowed or denied based on the authentication result.
A mobile student ID server for registering and accessing a mobile student ID,
A user terminal information receiving unit for receiving encrypted data encrypted through a session key of a user terminal based on at least one of a beacon UUID, a student number, and a Bluetooth MAC address from a user terminal;
A session key generation unit for generating a session key identical to the session key of the user terminal;
An encrypted data decryption unit for decrypting the encrypted data through the generated session key;
A bachelor's information receiver for acquiring user information through communication with a bachelor's information server including a user database;
A mobile user ID registration unit for registering at least one of a client UUID, a beacon UUID, a Bluetooth MAC address, and registration request time information with the student ID; And
And an access permission determination unit for determining whether access to the user corresponding to the student ID or the client UUID is allowed and for generating access control information and transmitting the access control information to the access gate reader,
Wherein the session key is generated based on a variable including time information so that it is generated with a different value at each generation.
13. The method of claim 12,
Further comprising a user token generating unit for generating a user token through the client UUID and the Bluetooth MAC address,
The mobile student ID registration unit further registers the user token,
Wherein the access permission determination unit further determines validity of the user token when determining access permission.
13. The method of claim 12,
Wherein the session key generation unit generates the session key through one of an initial key, a client UUID received from the user terminal, and registration request time information or access request time information.
13. The method of claim 12,
The bachelor's information receiving unit obtains the degree of issuance and the bachelor's degree status of the mobile student identification card corresponding to the student number through the user database,
Wherein the mobile student ID registration unit judges whether the student ID is valid or not based on whether the issued degree is equal to or greater than a predetermined value and the school status information.
13. The method of claim 12,
Wherein the user terminal information receiving unit receives information through the access gate reader that communicates with the user terminal.
13. The method of claim 12,
Wherein the baclarian information receiving unit communicates with the baclarian information server every predetermined time to update the mobile student identification card issuance degree and the bachelor's status information for the student ID number of all users.
A user terminal for performing access authentication through a mobile student ID application,
A session key generation unit for generating a session key through at least one of an initial key, a client UUID, registration request time information, and access request time information;
An encryption unit for generating, through the session key, encrypted data including at least one of a student number, a Bluetooth MAC address, and a beacon UUID acquired from an entrance gate reader;
A mobile student ID registration unit for transmitting a user registration request including the password data, a client UUID and registration request time information to a mobile student ID server and receiving a mobile ID card registration result for the user registration request; And
And an access authentication request unit for transmitting an access permission request including the encryption data, the client UUID, and access request time information to the mobile student identification server,
Wherein the session key has the same value as a session key generated to decrypt the encrypted data at the mobile student ID server,
Wherein the session key is generated based on a variable including session time information on which the session key is generated, thereby generating a different value each time the session key is generated.
19. The method of claim 18,
Further comprising a user token management unit for receiving a user token from the mobile student ID card server upon user registration,
Wherein the access authentication request unit further transmits the user token upon access request.
19. The method of claim 18,
Wherein the access authentication request unit transmits the access permission request when the user terminal is located within a predetermined distance from the access gate reader.
19. The method of claim 18,
Wherein the client UUID is created upon installation of a mobile student ID application.
KR1020150127720A 2015-09-09 2015-09-09 Method and server for performing entry management using mobile student id KR101673189B1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
KR1020150127720A KR101673189B1 (en) 2015-09-09 2015-09-09 Method and server for performing entry management using mobile student id

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
KR1020150127720A KR101673189B1 (en) 2015-09-09 2015-09-09 Method and server for performing entry management using mobile student id

Publications (1)

Publication Number Publication Date
KR101673189B1 true KR101673189B1 (en) 2016-11-07

Family

ID=57529530

Family Applications (1)

Application Number Title Priority Date Filing Date
KR1020150127720A KR101673189B1 (en) 2015-09-09 2015-09-09 Method and server for performing entry management using mobile student id

Country Status (1)

Country Link
KR (1) KR101673189B1 (en)

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20180057941A (en) * 2016-11-23 2018-05-31 케이티텔레캅 주식회사 Smart pass authenticating system
CN108154586A (en) * 2017-12-27 2018-06-12 江苏徐工信息技术股份有限公司 A kind of access control system for identifying Bluetooth of mobile phone MAC Address
CN109087416A (en) * 2018-07-20 2018-12-25 江苏海事职业技术学院 A kind of access control system opened the door using mobile phone
CN111105528A (en) * 2020-02-20 2020-05-05 南京艾弗雷德网络技术有限公司 Intelligent door lock system based on Bluetooth broadcast
CN112258351A (en) * 2020-08-25 2021-01-22 帝杰曼科技股份有限公司 Intelligent teaching system based on big data analysis
CN112466012A (en) * 2020-11-30 2021-03-09 福州汇思博信息技术有限公司 Method and system for controlling cash register cashbox through Bluetooth
CN113660725A (en) * 2021-10-20 2021-11-16 北京卓建智菡科技有限公司 Positioning anti-cheating method, device and system, computer equipment and storage medium
WO2022245106A1 (en) * 2021-05-17 2022-11-24 주식회사 카카오 Access card providing method, access card checking method, and apparatus for performing same methods

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2015162069A (en) * 2014-02-27 2015-09-07 アプリックスIpホールディングス株式会社 Terminal authentication system, gate system, entrance/exit management system, and terminal authentication method

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2015162069A (en) * 2014-02-27 2015-09-07 アプリックスIpホールディングス株式会社 Terminal authentication system, gate system, entrance/exit management system, and terminal authentication method

Cited By (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20180057941A (en) * 2016-11-23 2018-05-31 케이티텔레캅 주식회사 Smart pass authenticating system
CN108154586A (en) * 2017-12-27 2018-06-12 江苏徐工信息技术股份有限公司 A kind of access control system for identifying Bluetooth of mobile phone MAC Address
CN109087416A (en) * 2018-07-20 2018-12-25 江苏海事职业技术学院 A kind of access control system opened the door using mobile phone
CN111105528A (en) * 2020-02-20 2020-05-05 南京艾弗雷德网络技术有限公司 Intelligent door lock system based on Bluetooth broadcast
CN111105528B (en) * 2020-02-20 2021-09-10 南京艾弗雷德网络技术有限公司 Intelligent door lock system based on Bluetooth broadcast
CN112258351A (en) * 2020-08-25 2021-01-22 帝杰曼科技股份有限公司 Intelligent teaching system based on big data analysis
CN112258351B (en) * 2020-08-25 2024-05-07 帝杰曼科技股份有限公司 Intelligent teaching system based on big data analysis
CN112466012A (en) * 2020-11-30 2021-03-09 福州汇思博信息技术有限公司 Method and system for controlling cash register cashbox through Bluetooth
CN112466012B (en) * 2020-11-30 2023-02-14 福州汇思博信息技术有限公司 Method and system for controlling cash register cashbox through Bluetooth
WO2022245106A1 (en) * 2021-05-17 2022-11-24 주식회사 카카오 Access card providing method, access card checking method, and apparatus for performing same methods
CN113660725A (en) * 2021-10-20 2021-11-16 北京卓建智菡科技有限公司 Positioning anti-cheating method, device and system, computer equipment and storage medium
CN113660725B (en) * 2021-10-20 2022-01-04 北京卓建智菡科技有限公司 Positioning anti-cheating method, device and system, computer equipment and storage medium

Similar Documents

Publication Publication Date Title
KR101673189B1 (en) Method and server for performing entry management using mobile student id
CN110178161B (en) Access control system with secure pass through
US10742630B2 (en) Method and apparatus for making a decision on a card
US10490005B2 (en) Method and apparatus for making a decision on a card
CA2738157C (en) Assignment and distribution of access credentials to mobile communication devices
CN109905235B (en) Intelligent lock unlocking method, intelligent lock, terminal, server and system
US9386003B2 (en) System and method for secure transactions
CA2596561C (en) Method and apparatus for making a decision on a card
US7716489B1 (en) Access control method for disconnected automation systems
KR101611872B1 (en) An authentication method using FIDO(Fast IDentity Online) and certificates
EP3800913A1 (en) Authentication of a client
CN106797318B (en) Method, hardware and digital certificate for authentication of connected devices
CN106652109A (en) Intelligent lock control method, device and lock management server
KR102085975B1 (en) System for Managing Door Lock information of Accommodation And Driving Method Thereof
CN107004077A (en) Method and system for providing safe and independently operable biological characteristic authentication
GB2505532A (en) Password generating using trusted and un-trusted time modules.
CN104539420A (en) General intelligent hardware safe secret key management method
US20220400015A1 (en) Method and device for performing access control by using authentication certificate based on authority information
US10148433B1 (en) Private key/public key resource protection scheme
KR102112975B1 (en) Access Control Method Using SmartKey Based On Hybrid Security Environment AND Access Control System for Them
ES2802481T3 (en) System to reliably access a protected resource
WO2018207174A1 (en) Method and system for sharing a network enabled entity
KR102101719B1 (en) A method and system for simple authentication by using web storage
Avdyushkin et al. Secure location validation with wi-fi geo-fencing and nfc
JP6451947B2 (en) Remote authentication system

Legal Events

Date Code Title Description
A201 Request for examination
GRNT Written decision to grant
FPAY Annual fee payment

Payment date: 20190902

Year of fee payment: 4