CN102238186B - High-value control method - Google Patents
High-value control method Download PDFInfo
- Publication number
- CN102238186B CN102238186B CN201110206747.9A CN201110206747A CN102238186B CN 102238186 B CN102238186 B CN 102238186B CN 201110206747 A CN201110206747 A CN 201110206747A CN 102238186 B CN102238186 B CN 102238186B
- Authority
- CN
- China
- Prior art keywords
- management
- server
- control
- lock
- terminal
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Landscapes
- Lock And Its Accessories (AREA)
Abstract
The invention discloses a high-value control method, relating to the computer technology. The high-value control method comprises the following steps that: A, a handheld terminal sends a request to a terminal server; B, the terminal server and the handheld terminal mutually confirm identity; C, the terminal server confirms with a control server; D, a control lock server generates instruction data; E, the control lock server and the terminal server confirms to each other; F, the instruction data is transmitted to a control lock; G, the handheld terminal obtains a physical code from the lock control; H, the handheld terminal transmits physical code information to the terminal server; I, the terminal server authenticates the physical code information; J, the terminal server communicates with the control lock server to confirm the physical code; K, the control server authenticates the confirmation result of the terminal server; L, the control server unlocks a first control lock; M, the handheld terminal unlocks a second control lock; in the above steps, if the confirmation result passes through the authentication, the next step is executed, if not, the step is terminated. The method is excellent in flexibility and security.
Description
Technical field
The present invention relates to computer technology.
Background technology
Adopting handheld terminal to realize control, has been very general technology, and for example the remote-controlled lock of automobile and controller are exactly like this.In this technology, in management and control lock, password is installed, and in corresponding handheld terminal, password is also installed, then adopt certain contact or cordless transmission of information, management and control lock can determine whether to obtain the information of coupling, then determines whether unblank.Such technical approach is used very widely.But this technology that installs in advance password is very dumb, make a lot of operations and business service be difficult to carry out.The automobile of ,You rent-a-car company is placed on certain position for instance, and hirer appears at this position, and wishes to hire a car.Therefore hirer need to open automobile.Rent-a-car company is in order to increase the benefit, and a key of can not sending someone is sent to, and wishes to make hirer can utilize his smart mobile phone just can open automobile by certain remote mode, completes the business of hiring a car.Similarly commerce services demand is also a lot.Such as, the data of certain high value is placed on certain cloud computing platform, but the client who has allowed to pay expense is only in certain period use, is exactly the example of another high value management and control.Again such as, high value personage's the pipeline that speeds passage through customs is set up on airport, has just allowed in advance the thoroughly high value personage of safety inspection to speed passage through customs, making them needn't, by common inspection pipeline, be exactly the example of another high value management and control.Such as, the use management and control of certain expensive instrument, after allowing to pay the fees, using again, is also the example of a high value management and control.These management and control services all require very high fail safe, also require quite high flexibility and quite high convenience simultaneously.Three is neither can be default and weaken.
Summary of the invention
Technical problem to be solved by this invention is, a kind of high-value control method is provided, and for convenience of the management and control service that realizes of, safety, provides technical support.
The technical scheme that the present invention solve the technical problem employing is that high-value control method, is characterized in that, comprises the steps:
A. handheld terminal sends request to terminal server;
B. terminal server and handheld terminal are confirmed identity mutually;
C. terminal server is confirmed to management and control server;
D. management and control lock server produces for calculating the director data of one time key according to the information of handheld terminal;
E. management and control lock server and terminal server are confirmed mutually;
F. transmit director data to management and control lock, for management and control lock, calculate one time key, be i.e. the second key of the first key of corresponding the first management and control lock and corresponding the second management and control lock;
G. handheld terminal closely obtains physics code from management and control lock;
H. handheld terminal calculates according to physics code, and result of calculation is delivered to terminal server;
I. terminal server authenticates the result of calculation of handheld terminal;
J. terminal server exchanges with management and control lock server, confirms physics code;
K. the confirmation result of management and control server authentication terminal server;
L. management and control server is driven the first management and control lock;
M. handheld terminal with certain closely exchange way transmission information to management and control lock, drive the second management and control lock;
In above-mentioned each authenticating step, if authentication is by entering next step, if not by stopping, or send prompting to handheld terminal.
Further, in steps A) and step B) between also have following step:
A1. commercial matters information exchange is confirmed.
The form of expression of described physics code is two-dimentional QR code, by the camera collection of handheld terminal and push away as character string by handheld terminal is counter.
In described step M, the information of unblanking according to pre-defined algorithm, is calculated rear generation to physics code by handheld terminal.Or the information of unblanking is locked server according to pre-defined algorithm by terminal server or management and control, physics code is calculated to rear generation, and be delivered to handheld terminal.
The invention has the beneficial effects as follows to have good flexibility and fail safe, cost is very cheap, and realizes easily: the password that can realize in management and control lock is changed whenever and wherever possible, the also corresponding replacing of password of the handheld terminal matching with it simultaneously.
Below in conjunction with the drawings and specific embodiments, the present invention is further illustrated.
Accompanying drawing explanation
Fig. 1 is the structure chart of the managing and control system that the present invention relates to.
Fig. 2 is basic principle figure of the present invention.
Fig. 3 is management-control method schematic flow sheet of the present invention.
Fig. 4 is the structural representation of management and control lock of the present invention.
Fig. 5 is the workflow schematic diagram of management and control lock.
Embodiment
As Fig. 1.System has 4 elements: handheld terminal, terminal server, management and control lock, management and control lock server.
Between handheld terminal and terminal server, there is information interchange.Between terminal server and management and control lock server, there is secret pipeline, can guarantee information interchange carry out under high level security.Between management and control lock and management and control lock server, also there is secret pipeline.Between handheld terminal and management and control lock, require certain physical contact.This physical contact, is particular design, in order to guarantee, must contact by physics mode or physical signalling, could complete process.But this physical contact can be various, and be not limited to low coverage.
Basic principle: referring to Fig. 2: handheld terminal and terminal server are shared symmetric key.This is the basis of authentication and the basis of management and control.How setting up shared symmetric key, is the technology that the patent before us is set up.If necessary, such as the requirement of certain law requires handheld terminal and terminal server except symmetric key, also has unsymmetrical key, and we also can set up.If so, normally handheld terminal is possessed private key, and server is possessed corresponding PKI, and this sends out key Shi You third party issuing unit.
Between terminal server and management and control lock server, there is secure communication pipeline, can guarantee information interchange carry out under high level security.
Between management and control lock and management and control lock server, there is symmetric key, and secure communication pipeline.
Handheld terminal has to the communication conduit of management and control lock, and management and control lock has the lock (must all open by two locks, whole management and control lock is just opened) of two series connection.Lock has three states: 1) locked, and 2) lock and wait out, 3) open.When locked, lock does not have key, can not open completely.Lock when opening, lock has key, therefore can open.The key of lock is disposable, is by management and control, to lock inner processor to calculate and produce according to the information of server.
Management and control lock has physics code, and certain coding of namely expressing by physical material, for handheld terminal Information Monitoring.Physics code is that design guarantees that handheld terminal and management and control lock have physical contact, in other words, and close contact.The design of physics code is multiple.For example, the paster of QR code can paste on automobile in rent-a-car company, therefore forms physics code.This physics code can guarantee hirer's handheld terminal and automobile close contact.Again for example, on airport, set up in high value personage's the situation of the pipeline that speeds passage through customs, physics code can be one group of dynamic digital, requires high value personage oneself to read then and is manually input in handheld terminal and goes.Can also there be other multiple physics code designs.Physics code can be dynamic, can be also permanent static.
Flow process of the present invention is referring to Fig. 3.
Sequence number implication in figure:
1, handheld terminal requesting terminal server.
2, business workflow, such as payment, information inquiry etc.
3, terminal server is confirmed.Handheld terminal is sent confirmation signal to terminal server, with together with step 4, mutually confirm legitimacy.
4, handheld terminal is confirmed.(terminal server is sent confirmation signal to handheld terminal)
5, terminal server is confirmed to management and control server, and transmission of information other.The packets of information of transmitting contains: the elementary identity information of handheld terminal, and secondary identity information, with the calculating as disposal password, produce, other business informations, such as payment, effective time section, etc.
6, calculate management and control lock server inside, according to identity information, and other information, calculate the director data for one time key.
7, management and control lock server exchanges with terminal server, mutually confirms.
8, transmission of information, to management and control lock, for calculating one time key, is applicable to respectively the first key and second key of two locks of series connection, and management and control lock calculates according to these information commands.
9, handheld terminal low coverage, to management and control lock, obtains physics code.
10, handheld terminal Computational Physics code, obtains result of calculation, and is delivered to terminal server, or directly physics code is delivered to terminal server.
11, terminal server calculates authentication.
12 exchange with management and control lock server, confirm transmission of information.
13, management and control server calculates authentication.
14, management and control server is realized and is unblanked 1.
15, handheld terminal is realized and is unblanked 2.
Handheld terminal, to lock 2 information of unblanking of sending, can, by handheld terminal according to pre-defined algorithm, calculate rear generation to physics code.Also can lock server according to pre-defined algorithm by terminal server or management and control, physics code be calculated to rear generation, and be delivered to handheld terminal.
The basic structure of management and control lock is referring to Fig. 4.
The basic element of character:
Physics code (can be dynamic, can be also static permanent).
Basic key (symmetric key, and management and control lock server is shared).
Processor.
The first management and control lock (three kinds of states: locked, lock and wait out, open), use one time key 1.
The second management and control lock (three kinds of states, locked, lock and wait out, open), use one time key 2.The first management and control lock and the second management and control lock are completely independent.Both uses of connecting.
First passage, connects management and control lock server, two-way, secret pipeline.
Second channel, unidirectional, wait for the handheld terminal information of accepting.
External device (ED), such as control mechanical part etc.
The basic procedure of management and control lock: referring to Fig. 5.
Server instruction.Transmission information, is used this information to calculate and produces key 1.Waiting for server instruction.
Server instruction.Transmission information, is used this information to calculate and produces key 2.Wait is unblanked.
Accept server key 1, implement authentication contrast, unblank 1 or report to the police.
Accept handheld terminal information, computation key 2, implements authentication contrast, unblanks 2 or report to the police.
Algorithm for producing key, can adopt general cryptographic algorithm.
The first management and control lock calculates and produces the first key according to command information.Management and control is locked in and obtains before command information, is locking state.Obtain after command information, calculate and produce one time key, then just in the state to be opened of locking, in two management and control locks of series connection, the first management and control lock can only be locked server by management and control and open.
The second management and control lock uses command information to calculate and produces the second key.The key of the second management and control lock is the information providing according to management and control lock server, in the second management and control lock inside, calculates.The second management and control is locked in before acquired information, is locking state.After acquired information, calculate and produce one time key, then just in the state to be opened of locking, the second management and control lock can only be opened by handheld terminal.
Claims (6)
1. high-value control method, is characterized in that, comprises the steps:
A. handheld terminal sends request to terminal server;
B. terminal server and handheld terminal are confirmed identity mutually;
C. terminal server is confirmed to management and control lock server;
D. management and control lock server produces for calculating the director data of one time key according to the information of handheld terminal;
E. management and control lock server and terminal server are confirmed mutually;
F. transmit director data to management and control lock, for management and control lock, calculate one time key, be i.e. the second key of the first key of corresponding the first management and control lock and corresponding the second management and control lock; Management and control lock has the lock of two series connection: the first management and control lock and the second management and control lock, must all open by two locks, and whole management and control lock is just opened; Lock has three states: 1) locked, and 2) lock and wait out, 3) open; When locked, lock does not have key, can not open completely; Lock when opening, lock has key, therefore can open; Management and control is locked in and obtains before command information, it is locking state, obtain after command information, calculate and produce one time key, then just in the state to be opened of locking, in two management and control lock of series connection, the first management and control lock can only be locked server by management and control and opens, and the second management and control lock can only be opened by handheld terminal;
G. handheld terminal obtains physics code from management and control lock;
H. handheld terminal transmits physics code information to terminal server;
I. terminal server authenticates the physics code information of handheld terminal transmission;
J. terminal server exchanges with management and control lock server, confirms physics code;
K. the confirmation result of server authentication terminal server is locked in management and control;
L. management and control lock server is driven the first management and control lock;
M. handheld terminal transmits to the second management and control lock the information of unblanking, and drives the second management and control lock;
In above-mentioned each authenticating step, if authenticate by entering next step, if not by stopping,
Or send prompting to handheld terminal.
2. high-value control method as claimed in claim 1, is characterized in that, in steps A) and step B) between also have following step:
A1. commercial matters information exchange is confirmed.
3. high-value control method as claimed in claim 1, is characterized in that, the form of expression of described physics code is two-dimentional QR code, by the camera collection of handheld terminal and push away as character string by handheld terminal is counter.
4. high-value control method as claimed in claim 1, is characterized in that, described step H is: handheld terminal calculates according to physics code, and result of calculation is delivered to terminal server; Step I is: terminal server authenticates the result of calculation of handheld terminal.
5. high-value control method as claimed in claim 1, is characterized in that, in described step M, the information of unblanking according to pre-defined algorithm, is calculated rear generation to physics code by handheld terminal.
6. high-value control method as claimed in claim 1, is characterized in that, in described step M, the information of unblanking is locked server according to pre-defined algorithm by terminal server or management and control, physics code is calculated to rear generation, and be delivered to handheld terminal.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201110206747.9A CN102238186B (en) | 2011-07-22 | 2011-07-22 | High-value control method |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201110206747.9A CN102238186B (en) | 2011-07-22 | 2011-07-22 | High-value control method |
Publications (2)
Publication Number | Publication Date |
---|---|
CN102238186A CN102238186A (en) | 2011-11-09 |
CN102238186B true CN102238186B (en) | 2014-03-12 |
Family
ID=44888391
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201110206747.9A Active CN102238186B (en) | 2011-07-22 | 2011-07-22 | High-value control method |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN102238186B (en) |
Families Citing this family (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102592107B (en) * | 2011-12-31 | 2015-05-27 | 成都天钥科技有限公司 | Method, device and system for realizing commodity business on handheld terminal |
CN105604404B (en) * | 2015-09-01 | 2018-03-09 | 王昊轩 | Lock and its control method |
CN107231391A (en) * | 2016-03-23 | 2017-10-03 | 阿里巴巴集团控股有限公司 | Apparatus control method, user equipment, server, internet of things equipment and system |
CN105913533B (en) * | 2016-06-25 | 2018-06-05 | 浙江中烟工业有限责任公司 | Intelligent door method of controlling security and system |
Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN201562306U (en) * | 2009-09-11 | 2010-08-25 | 王远洲 | Intelligent door lock control system |
-
2011
- 2011-07-22 CN CN201110206747.9A patent/CN102238186B/en active Active
Patent Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN201562306U (en) * | 2009-09-11 | 2010-08-25 | 王远洲 | Intelligent door lock control system |
Also Published As
Publication number | Publication date |
---|---|
CN102238186A (en) | 2011-11-09 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US20210081928A1 (en) | Systems and methods for linking devices to user accounts | |
EP2449722B1 (en) | Secure meter access from a mobile reader | |
CN104778773A (en) | System and method for controlling entrance guard by mobile phone | |
CN105931485A (en) | Appointment service system for shared parking stalls | |
CN105608577A (en) | Method for performing non-repudiation, and payment managing server and user device therefor | |
CN101860525B (en) | Realizing method of electronic authorization warrant, intelligent terminal, authorization system and verification terminal | |
CN104966336A (en) | Intelligent lock, intelligent lock authorization management method, and intelligent lock authorization management apparatus | |
CN106211048A (en) | The password unlocking method of smart lock, Apparatus and system | |
CN105261096A (en) | Network smart lock system | |
CN102238186B (en) | High-value control method | |
US20120025950A1 (en) | Authentication method and arrangement for performing such an authentication method and corresponding computer program and corresponding computer-readable storage medium | |
CN106710043A (en) | Time-limited entrance guard management system with visitor authentication and method thereof | |
EP2757815B1 (en) | Unlocking method for a transformer station | |
CN103745513A (en) | Intelligent key system | |
CN103985169A (en) | System utilizing handheld terminal and USB interface to lock/unlock door lock and controlling method thereof | |
CN109166216A (en) | A kind of control method and device of smart bluetooth door lock | |
CN104283881A (en) | Method and system for certificate authority and safety use of sensing equipment of Internet of Things | |
CN104853354A (en) | Bluetooth authentication method and system thereof | |
CN206557866U (en) | A kind of gate control system based on GPS location | |
KR101304617B1 (en) | Method for user authentication in in-home display | |
KR20150050280A (en) | Authentication method using fingerprint information and certification number, user terminal and financial institution server | |
CN207123882U (en) | A kind of antitheft cloud service door-locking system of multiple intelligent | |
CN113689598B (en) | Rental house remote management method based on intelligent door lock | |
CN113765897A (en) | Sharing use method and system of electronic equipment | |
CN204595961U (en) | A kind of gate control system of authorizing telemanagement |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |