CN102238186A - High-value control method - Google Patents
High-value control method Download PDFInfo
- Publication number
- CN102238186A CN102238186A CN2011102067479A CN201110206747A CN102238186A CN 102238186 A CN102238186 A CN 102238186A CN 2011102067479 A CN2011102067479 A CN 2011102067479A CN 201110206747 A CN201110206747 A CN 201110206747A CN 102238186 A CN102238186 A CN 102238186A
- Authority
- CN
- China
- Prior art keywords
- management
- server
- terminal
- control
- handheld terminal
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Landscapes
- Lock And Its Accessories (AREA)
Abstract
The invention discloses a high-value control method, relating to the computer technology. The high-value control method comprises the following steps that: A, a handheld terminal sends a request to a terminal server; B, the terminal server and the handheld terminal mutually confirm identity; C, the terminal server confirms with a control server; D, a control lock server generates instruction data; E, the control lock server and the terminal server confirms to each other; F, the instruction data is transmitted to a control lock; G, the handheld terminal obtains a physical code from the lock control; H, the handheld terminal transmits physical code information to the terminal server; I, the terminal server authenticates the physical code information; J, the terminal server communicates with the control lock server to confirm the physical code; K, the control server authenticates the confirmation result of the terminal server; L, the control server unlocks a first control lock; M, the handheld terminal unlocks a second control lock; in the above steps, if the confirmation result passes through the authentication, the next step is executed, if not, the step is terminated. The method is excellent in flexibility and security.
Description
Technical field
The present invention relates to computer technology.
Background technology
Adopting handheld terminal to realize control, has been very general technology, and for example the remote control lock of automobile and controller are exactly like this.In this technology, in the management and control lock password is installed, and in the corresponding handheld terminal password is installed also, adopt certain contact or noncontact mode to transmit information then, the management and control lock can determine the information that whether obtains to mate, and whether decision is unblanked then.Such technical approach uses very widely.But this technology that installs password in advance is very dumb, makes a lot of operations and business service be difficult to carry out.For instance, have the automobile of rent-a-car company to be placed on certain position, and the hirer appears at this position, and wish to hire a car.Therefore the hirer need open automobile.Rent-a-car company is in order to increase the benefit, and a key of can not sending someone is sent to, and wishes to make the hirer can utilize his smart mobile phone just can open automobile by certain remote mode, finishes the business of hiring a car.Similarly the commerce services demand is also a lot.Such as, the data of certain high value is placed on certain cloud computing platform, but the client who has allowed to pay expense only uses in certain period, is exactly the example of another high value management and control.Again such as, high value personage's the pipeline that speeds passage through customs is set up on the airport, has just allowed in advance thoroughly that the high value personage of safety inspection speeds passage through customs, and makes that they needn't be exactly the example of another high value management and control by common inspection pipeline.Such as, the use management and control of certain expensive instrument, use the back that allows to pay the fees, and also is the example of a high value management and control again.These management and control services all require very high fail safe, also require quite high flexibility and quite high convenience simultaneously.The three is neither can be default and weaken.
Summary of the invention
Technical problem to be solved by this invention is to provide a kind of high value management-control method, for convenient, safe realization management and control service provides technical support.
The technical scheme that the present invention solve the technical problem employing is that the high value management-control method is characterized in that, comprises the steps:
A. handheld terminal sends request to terminal server;
B. terminal server and handheld terminal are confirmed identity mutually;
C. terminal server is confirmed to the management and control server;
D. management and control lock server produces the director data that is used to calculate one time key according to the information of handheld terminal;
E. management and control lock server and terminal server are confirmed mutually;
F. transmit director data to the management and control lock, be used for the management and control lock and calculate one time key, second key of first key of promptly corresponding first management and control lock and corresponding second management and control lock;
G. handheld terminal closely obtains the physics sign indicating number from management and control lock;
H. handheld terminal calculates according to the physics sign indicating number, and result of calculation is delivered to terminal server;
I. terminal server authenticates the result of calculation of handheld terminal;
J. terminal server exchanges with management and control lock server, confirms the physics sign indicating number;
K. the affirmation result of management and control server authentication terminal server;
L. the management and control server is driven first management and control lock;
M. handheld terminal with certain closely exchange way transmission information drive second management and control lock to management and control lock;
In above-mentioned each authenticating step, if authentication if do not pass through then to stop, or is sent prompting to handheld terminal by then entering next step.
Further, in steps A) and step B) between also have following step:
A1. the commercial matters information exchange is confirmed.
The form of expression of described physics sign indicating number is two-dimentional QR sign indicating number, is character string by the camera collection of handheld terminal and by counter the pushing away of handheld terminal.
Among the described step M, the information of unblanking, is calculated the back to the physics sign indicating number and is produced according to pre-defined algorithm by handheld terminal.Perhaps, the information of unblanking is locked server according to pre-defined algorithm by terminal server or management and control, the physics sign indicating number is calculated the back produce, and be delivered to handheld terminal.
The invention has the beneficial effects as follows to have good flexibility and fail safe, cost is very cheap, and realizes easily: can realize that the password in the management and control lock changes the also corresponding replacing of password of the handheld terminal that is complementary with it simultaneously whenever and wherever possible.
The present invention is further illustrated below in conjunction with the drawings and specific embodiments.
Description of drawings
Fig. 1 is the structure chart of the managing and control system that the present invention relates to.
Fig. 2 is basic principle figure of the present invention.
Fig. 3 is a management-control method schematic flow sheet of the present invention.
Fig. 4 is the structural representation of management and control lock of the present invention.
Fig. 5 is the workflow schematic diagram of management and control lock.
Embodiment
As Fig. 1.There are 4 elements in system: handheld terminal, terminal server, management and control lock, management and control lock server.
Between handheld terminal and the terminal server information interchange is arranged.Between terminal server and the management and control lock server secret pipeline is arranged, can the guarantee information interchange under high level security, carry out.Between management and control lock and the management and control lock server secret pipeline is arranged also.Between handheld terminal and the management and control lock, require certain physics contact.This physics contact is a particular design, in order to guarantee, must contact by physics mode or physical signalling, could complete process.But this physics contact can be various, and be not limited to low coverage.
Basic principle: referring to Fig. 2: handheld terminal and terminal server are shared symmetric key.This is the basis of authentication and the basis of management and control.How setting up shared symmetric key, is the technology that the patent before us is set up.If needs are arranged, such as the requirement of certain law requires handheld terminal and terminal server except symmetric key, also has unsymmetrical key, and we also can set up.If like this, normally handheld terminal is possessed private key, and server is possessed corresponding public key, and this is to have third party issuing unit to send out to key.
Between terminal server and the management and control lock server secure communication pipeline is arranged, can the guarantee information interchange under high level security, carry out.
Between management and control lock and the management and control lock server symmetric key is arranged, and the secure communication pipeline.
Handheld terminal has to the communication conduit of management and control lock, and the management and control lock has the lock (promptly must all open by two locks, whole management and control lock is just opened) of two series connection.Lock has three attitudes: 1) locked, and 2) lock and wait out, 3) open.When locked, lock does not have key, can not open fully.Lock when to be opened, lock has key, therefore can open.The key of lock is disposable, is to be produced by the information calculations of management and control lock processor inside according to server.
The management and control lock has the physics sign indicating number, and just certain coding of expressing by physical material is used for the handheld terminal Information Monitoring.The physics sign indicating number is that design guarantees that handheld terminal has physics to contact with the management and control lock, in other words, and close contact.The design of physics sign indicating number is multiple.For example, the paster of QR sign indicating number can paste in rent-a-car company on automobile, therefore forms the physics sign indicating number.This physics sign indicating number can guarantee hirer's handheld terminal and automobile close contact.Again for example, set up in high value personage's the situation of the pipeline that speeds passage through customs on the airport, the physics sign indicating number can be one group of dynamic digital, requires the high value personage oneself to read manually to be input in the handheld terminal then and goes.Other multiple physics sign indicating number designs can also be arranged.The physics sign indicating number can be dynamic, also can be permanent static.
Flow process of the present invention is referring to Fig. 3.
Sequence number implication among the figure:
1, handheld terminal requesting terminal server.
2, business workflow, such as payment, information inquiry etc.
3, terminal server is confirmed.Handheld terminal is sent confirmation signal and is given terminal server, promptly confirms legitimacy together mutually with step 4.
4, handheld terminal is confirmed.(terminal server is sent confirmation signal and is given handheld terminal)
5, terminal server is confirmed to the management and control server, and transmission information other.The information of transmitting comprises: the elementary identity information of handheld terminal, and secondary identity information, produce with calculating as disposal password, other business informations, such as payment, effective time section, etc.
6, calculate management and control lock server inside, according to identity information, and other information, calculate the director data that is used for one time key.
7, management and control lock server exchanges with terminal server, confirms mutually.
8, transmission information is used to calculate one time key to the management and control lock, promptly is applicable to first key and second key of two locks of series connection respectively, and the management and control lock calculates according to these information commands.
9, the handheld terminal low coverage obtains the physics sign indicating number to the management and control lock.
10, handheld terminal Computational Physics sign indicating number obtains result of calculation, and is delivered to terminal server, perhaps directly the physics sign indicating number is delivered to terminal server.
11, terminal server calculates authentication.
12 lock server with management and control exchanges, and confirms transmission information.
13, the management and control server calculates authentication.
14, the management and control server is realized unblanking 1.
15, handheld terminal is realized unblanking 2.
Handheld terminal can calculate the back to the physics sign indicating number and produce by handheld terminal according to pre-defined algorithm to lock 2 information of sending of unblanking.Also can lock server according to pre-defined algorithm, the physics sign indicating number be calculated the back produce, and be delivered to handheld terminal by terminal server or management and control.
The basic structure of management and control lock is referring to Fig. 4.
The basic element of character:
Physics sign indicating number (can be dynamic, also can be static permanent).
Basic key (symmetric key and management and control lock server are shared).
Processor.
First management and control lock (three kinds of attitudes: locked, lock and wait out, open), use one time key 1.
Second management and control lock (three kinds of attitudes, locked, lock and wait out, open), use one time key 2.First management and control lock and second management and control lock are independent fully.Both uses of connecting.
First passage connects management and control lock server, and is two-way, secret pipeline.
Second channel, unidirectional, wait for the handheld terminal information of accepting.
External device (ED), such as control mechanical part etc.
The basic procedure of management and control lock: referring to Fig. 5.
Server instruction.Transmission information uses this information calculations to produce key 1.The waiting for server instruction.
Server instruction.Transmission information uses this information calculations to produce key 2.Wait is unblanked.
Accept server key 1, implement the authentication contrast, unblank 1 or report to the police.
Accept handheld terminal information, computation key 2 is implemented the authentication contrast, unblanks 2 or report to the police.
Algorithm for producing key can adopt general cryptographic algorithm.
First management and control lock calculates according to command information and produces first key.Management and control is a locking state before being locked in and obtaining command information.After obtaining command information, calculate and produce one time key, just be in the state to be opened of locking then, in two management and control locks of series connection, first management and control lock can only be locked server by management and control and open.
Second management and control lock uses command information to calculate and produces second key.The key of second management and control lock is the information that provides according to management and control lock server, calculates in second management and control lock inside.Before second management and control is locked in acquired information, be locking state.Behind the acquired information, calculate and produce one time key, just be in the state to be opened of locking then, second management and control lock can only be opened by handheld terminal.
Claims (6)
1. the high value management-control method is characterized in that, comprises the steps:
A. handheld terminal sends request to terminal server;
B. terminal server and handheld terminal are confirmed identity mutually;
C. terminal server is confirmed to the management and control server;
D. management and control lock server produces the director data that is used to calculate one time key according to the information of handheld terminal;
E. management and control lock server and terminal server are confirmed mutually;
F. transmit director data to the management and control lock, be used for the management and control lock and calculate one time key, second key of first key of promptly corresponding first management and control lock and corresponding second management and control lock;
G. handheld terminal obtains the physics sign indicating number from the management and control lock;
H. handheld terminal transmits physics sign indicating number information to terminal server;
I. terminal server authenticates the physics sign indicating number information of handheld terminal transmission;
J. terminal server exchanges with management and control lock server, confirms the physics sign indicating number;
K. the affirmation result of management and control server authentication terminal server;
L. the management and control server is driven first management and control lock;
M. handheld terminal transmits the information of unblanking to second management and control lock, drives second management and control lock;
In above-mentioned each authenticating step, if authentication if do not pass through then to stop, or is sent prompting to handheld terminal by then entering next step.
2. high value management-control method as claimed in claim 1 is characterized in that, in steps A) and step B) between also have following step:
A1. the commercial matters information exchange is confirmed.
3. high value management-control method as claimed in claim 1 is characterized in that, the form of expression of described physics sign indicating number is two-dimentional QR sign indicating number, is character string by the camera collection of handheld terminal and by counter the pushing away of handheld terminal.
4. high value management-control method as claimed in claim 1 is characterized in that, described step H is: handheld terminal calculates according to the physics sign indicating number, and result of calculation is delivered to terminal server; Step I is: terminal server authenticates the result of calculation of handheld terminal.
5. high value management-control method as claimed in claim 1 is characterized in that, among the described step M, the information of unblanking, is calculated the back to the physics sign indicating number and produced according to pre-defined algorithm by handheld terminal.
6. high value management-control method as claimed in claim 1 is characterized in that, among the described step M, the information of unblanking is locked server according to pre-defined algorithm by terminal server or management and control, the physics sign indicating number is calculated the back produce, and be delivered to handheld terminal.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201110206747.9A CN102238186B (en) | 2011-07-22 | 2011-07-22 | High-value control method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201110206747.9A CN102238186B (en) | 2011-07-22 | 2011-07-22 | High-value control method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102238186A true CN102238186A (en) | 2011-11-09 |
| CN102238186B CN102238186B (en) | 2014-03-12 |
Family
ID=44888391
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201110206747.9A Active CN102238186B (en) | 2011-07-22 | 2011-07-22 | High-value control method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102238186B (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102592107A (en) * | 2011-12-31 | 2012-07-18 | 成都天钥科技有限公司 | Method, device and system for realizing commodity business on handheld terminal |
| CN105604404A (en) * | 2015-09-01 | 2016-05-25 | 王昊轩 | Lock and control method thereof |
| CN105913533A (en) * | 2016-06-25 | 2016-08-31 | 浙江中烟工业有限责任公司 | Intelligent door safety control method and intelligent door safety control system |
| CN107231391A (en) * | 2016-03-23 | 2017-10-03 | 阿里巴巴集团控股有限公司 | Apparatus control method, user equipment, server, internet of things equipment and system |
Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN201562306U (en) * | 2009-09-11 | 2010-08-25 | 王远洲 | Intelligent door lock control system |
-
2011
- 2011-07-22 CN CN201110206747.9A patent/CN102238186B/en active Active
Patent Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN201562306U (en) * | 2009-09-11 | 2010-08-25 | 王远洲 | Intelligent door lock control system |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102592107A (en) * | 2011-12-31 | 2012-07-18 | 成都天钥科技有限公司 | Method, device and system for realizing commodity business on handheld terminal |
| CN102592107B (en) * | 2011-12-31 | 2015-05-27 | 成都天钥科技有限公司 | Method, device and system for realizing commodity business on handheld terminal |
| CN105604404A (en) * | 2015-09-01 | 2016-05-25 | 王昊轩 | Lock and control method thereof |
| CN105604404B (en) * | 2015-09-01 | 2018-03-09 | 王昊轩 | Lock and its control method |
| CN107231391A (en) * | 2016-03-23 | 2017-10-03 | 阿里巴巴集团控股有限公司 | Apparatus control method, user equipment, server, internet of things equipment and system |
| CN105913533A (en) * | 2016-06-25 | 2016-08-31 | 浙江中烟工业有限责任公司 | Intelligent door safety control method and intelligent door safety control system |
| CN105913533B (en) * | 2016-06-25 | 2018-06-05 | 浙江中烟工业有限责任公司 | Intelligent door method of controlling security and system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN102238186B (en) | 2014-03-12 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9530137B2 (en) | Method and apparatus for secure access payment and identification | |
| US9397838B1 (en) | Credential management | |
| EP2449722B1 (en) | Secure meter access from a mobile reader | |
| CN100533368C (en) | Controlling access to an area | |
| CN105931485A (en) | Appointment service system for shared parking stalls | |
| CN105608577A (en) | Method for performing non-repudiation, and payment managing server and user device therefor | |
| CN105404930A (en) | Information processing method, server and system for visiting reservation information | |
| CN104021333A (en) | Mobile security fob | |
| JP2018074205A (en) | Program, information processing device, information processing system, and information processing method | |
| CN110753016B (en) | Real name authentication method based on block chain | |
| CN103647646A (en) | Non-repudiation for digital content delivery | |
| CN104240013A (en) | Door access control method and door access control platform | |
| CN102238186B (en) | High-value control method | |
| CN101986355B (en) | Method, system and terminal for managing transaction authority of bank card | |
| CN205721149U (en) | A kind of salt washing process | |
| CN101065789B (en) | Logging access attempts to an area | |
| KR101304617B1 (en) | Method for user authentication in in-home display | |
| KR20150050280A (en) | Authentication method using fingerprint information and certification number, user terminal and financial institution server | |
| CN104539616A (en) | System for achieving credible message storage and switching among heterogeneous systems | |
| CN113641976A (en) | Method and device for remote service handling, electronic equipment and storage medium | |
| CN113765897A (en) | Sharing use method and system of electronic equipment | |
| TWM621306U (en) | Vehicle parking system | |
| CN115690962B (en) | Intelligent entrance guard management method based on long-short renting ecological chain | |
| TWI779589B (en) | Vehicle parking system and method thereof | |
| US12013924B1 (en) | Non-repudiable proof of digital identity verification |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |