CN103106357A - System and method of property real-name certification authorization based on China financial certification authority (CFCA) certification standards - Google Patents
System and method of property real-name certification authorization based on China financial certification authority (CFCA) certification standards Download PDFInfo
- Publication number
- CN103106357A CN103106357A CN 201210451246 CN201210451246A CN103106357A CN 103106357 A CN103106357 A CN 103106357A CN 201210451246 CN201210451246 CN 201210451246 CN 201210451246 A CN201210451246 A CN 201210451246A CN 103106357 A CN103106357 A CN 103106357A
- Authority
- CN
- China
- Prior art keywords
- certificate
- property
- cfca
- real
- name authentication
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Abstract
The invention discloses a system and a method of property real-name certification authorization based on China financial certification authority (CFCA) certification standards, and belongs to a property matching system based on the CFCA certification standards. The system comprises a CFCA certification system, a certificate certification unit and a property certification authorization unit. The security of the system is excellently improved by introducing the CFCA certification system to verify the legality of a digital certificate, and the reliability and the authenticity of the property certification authorization unit when authorizing an applicant through a real-name authentication mechanism, certification authorization with specific functions can be carried out according to the identity of a certificate, a proprietor and a non-proprietor can be actively distinguished according to certificate data, certification authorization is carried out to the proprietor and the non-proprietor respectively, and a certification result based on the CFCA certification system has law traceability. The system of the property real-name certification authorization based on the CFCA certification standards can be used in property managements of different scales, and is wide in application range.
Description
Technical field
The present invention relates to a kind ofly based on CFCA Valuation Standard property corollary system, in particular, the present invention relates generally to a kind of property system of real name authentication and authorization system and method based on the CFCA Valuation Standard.
Background technology
CFCA is the safety certification mechanism through the national authority of People's Bank of China and national information Security Administration Department approval establishment, one of important national Financial information safety infrastructure, also after " People's Republic of China's law of electronic signature " promulgated, one of CA of domestic first batch of electron gain authentication service license, widespread use in financial circles at present is as bank or card Securities mechanism etc.and along with the continuous progress of science and technology, community's estate management also more and more is tending towards standardization, intelligent, for example owner and keeper all hold IC-card or the digital certificate of difference in functionality, use various service equipments in the community by this function card or digital certificate, as opening gate, inquiry property relevant information etc., and due to the property management staff, the user demand of owner or the other staff all kinds of service equipments in the community is different, for making community's estate management that confusion not occur, need to give different rights of using for the user of different identity, with standardized administration, and it is actually rare in the present real estate management of this type of technology, although or can realize different personnel minute authority is managed in part very high-end residential quarter, but its system is equal estate management side to be built voluntarily, security of system can not be guaranteed, therefore be necessary intelligent property management system and method are done further improvement.
Summary of the invention
One of purpose of the present invention is to solve above-mentioned deficiency, a kind of property system of real name authentication and authorization system and method based on the CFCA Valuation Standard is provided, solving in prior art community's property with expectation can't carry out standardized administration by the different rights of using of service equipment, and Security of the system such as can not be guaranteed at the technical matters.
For solving above-mentioned technical matters, the present invention by the following technical solutions:
One aspect of the present invention provides a kind of property system of real name authentication and authorization system based on the CFCA Valuation Standard, and described system comprises the CFCA Verification System, is used for the time of day data that rear digital certificate is provided in storage;
The certificate verification unit, be used for receiving the certificate data that comes from property real-name authentication authorized application side, after reading the available information and judgement in certificate data, the time of day data of inquiry property real-name authentication authorized application side certificate from the CFCA Verification System are that legal certificate data is sent to property Certificate Authority unit with Query Result;
Property Certificate Authority unit, multiple property module and function privilege are preset in its inside, be used for after to receive certificate verification unit Query Result be legal certificate data, obtain the identity information of property real-name authentication authorized application side from certificate data, and this information is carried out current identification, be that according to current identity it authorizes corresponding property module and function privilege, then to property real-name authentication authorized application side return authentication Authorization result.
As preferably, further technical scheme is: described certificate verification unit also is used for from the time of day data of CFCA Verification System inquiry property real-name authentication authorized application side certificate, is that illegal certificate data feeds back to property real-name authentication authorized application side with Query Result.
Further technical scheme is: described digital certificate is the KEY certificate that meets CFCA authentication standard.
Further technical scheme is: the available information in described certificate data be in the middle of certificate message signature, CA certificate chain, validity period of certificate any one or multiple.
Further technical scheme is: the property module that presets in described property Certificate Authority unit and function privilege be at least be informed of a case repair, entrust, in the middle of ballot and gate inhibition's doorbell any two or more.
The present invention provides a kind of property system of real name authentication authority method based on the CFCA Valuation Standard on the other hand, and described method comprises the steps:
Steps A, certificate verification unit reception come from the certificate data of property real-name authentication authorized application side, after reading the available information and judgement in certificate data, the time of day data of inquiry property real-name authentication authorized application side certificate from the CFCA Verification System, when being legal, carry out next step when Query Result;
Step B, certificate verification unit is that legal certificate data is sent to property Certificate Authority unit with Query Result, property Certificate Authority unit obtains the identity information of property real-name authentication authorized application side from certificate data, and this information is carried out current identification, according to current identity for its authorize preset in property Certificate Authority unit with deserve before corresponding property module and the function privilege of identity, then to the result of property real-name authentication authorized application side's return authentication mandate.
As preferably, further technical scheme is: when in described steps A, the result of the time of day data of inquiry property real-name authentication authorized application side certificate was illegal from the CFCA Verification System, namely step finished, and does not carry out next step.
Further technical scheme is: the available information in described steps A be in the middle of certificate message signature, CA certificate chain, validity period of certificate any one or multiple.
Further technical scheme is: in described steps A, the certificate verification unit is before whether inquiry certificate from the CFCA Verification System is legal, and authentication certificate information signature at first is with integrality and the validity of checking certificate data; The checking CA certificate chain is with the validity by certificate chain demonstration validation user certificate signature; The authentication certificate term of validity, whether out of date to determine current certificate.
Further technical scheme is: in described step B preset property module and function privilege be at least be informed of a case repair, entrust, in the middle of ballot and gate inhibition's doorbell any one or multiple.
compared with prior art, one of beneficial effect of the present invention is: by introducing the CFCA Verification System, the legitimacy of digital certificate is verified, make Security of the system obviously improve, and by real-name authentication mechanism, guaranteed reliability and the authenticity of property Certificate Authority unit when authorizing to the applicant, can carry out the specific function Certificate Authority according to certificate identity, and can be according to certificate data initiative recognition owner and non-owner, to owner and the mandate of non-owner's authenticated separate, and has the law trackability based on CFCA Verification System authentication result, and a kind of property system of real name authentication and authorization system based on the CFCA Valuation Standard provided by the present invention can use in the estate management of various different scales, range of application is wide.
Description of drawings
Fig. 1 is for being used for the system architecture diagram of explanation one embodiment of the invention.
Embodiment
Before the present invention is described in detail, at first the part english abbreviation of mentioning in the present invention is described, help to help those skilled in the art to understand the present invention.
CFCA: China's finance authentication center is the national authority's that sets up through People's Bank of China and the approval of national information Security Administration Department safety certification mechanism
CA: digital certificate authentication center is the entity that in the PKI system, communicating pair is all trusted, and is called as trusted third party's (Trusted Third Party is called for short TTP).The behavior that CA is exactly CA as one of essential condition of trusted third party has the non-property denied.
The present invention is further elaborated by reference to the accompanying drawings again for the below.
Fig. 1 shows the system architecture diagram of the embodiment of the present invention, with reference to shown in Figure 1, one embodiment of the present of invention are a kind of property system of real name authentication and authorization systems based on the CFCA Valuation Standard, described system comprises the CFCA Verification System, and its effect is the time of day data of digital certificate after storage is provided; The CFCA Verification System is provided by CFCA, is used for carrying out the certificate identity authentication.
The certificate verification unit, its effect is to receive the certificate data that comes from property real-name authentication authorized application side, after reading the available information and judgement in certificate data, the time of day data of inquiry property real-name authentication authorized application side certificate from the CFCA Verification System are that legal certificate data is sent to property Certificate Authority unit with Query Result;
Property Certificate Authority unit, multiple property module and function privilege are preset in its inside, its effect is after to receive certificate verification unit Query Result be legal certificate data, obtain the identity information of property real-name authentication authorized application side from certificate data, and this information is carried out current identification, be that according to current identity it authorizes corresponding property module and function privilege, then to property real-name authentication authorized application side return authentication Authorization result.
According to above-described embodiment, preferred technical scheme is: another effect of above-mentioned certificate verification unit is the time of day data of inquiry property real-name authentication authorized application side certificate from the CFCA Verification System, is that illegal certificate data feeds back to property real-name authentication authorized application side with Query Result.Again with reference to shown in Figure 1, aforementioned from the CFCA Verification System mode of the time of day data of inquiry property real-name authentication authorized application side certificate be: certificate data is inputted the CFCA Verification System, the CFCA Verification System is namely fed back the status code of this certificate data to the certificate verification unit, it is legal that this status code indicates that certificate is that effective status is considered as, otherwise illegal.
And be with concrete elaboration the present invention, the inventor is various ins and outs in experiment according to it also, the part technological means of mentioning for above-described embodiment gives further refinement explanation, so that the present invention more easily is implemented, i.e. the present invention is used for one or more embodiment that the technical solution problem is more preferably:
Described digital certificate is the KEY certificate that meets CFCA authentication standard; And the available information in certificate data be in the middle of certificate message signature, CA certificate chain, validity period of certificate any one or multiple, again with reference to shown in Figure 1, for example in the present embodiment, the certificate verification unit carries out checking one by one to certificate information signature, CA certificate chain, validity period of certificate successively, when three information all be judged as available after, visit again the legitimacy of CFCA Verification System enquiring digital certificate, thereby avoid frequent visit CFCA Verification System.
The property module that presets in above-mentioned property Certificate Authority unit and function privilege be at least be informed of a case repair, entrust, in the middle of ballot and gate inhibition's doorbell any two or more, same, again with reference to shown in Figure 1, in the present embodiment, preset aforementioned all property module and function privilege in property Certificate Authority unit, and can according to the actual requirements, set up other property module and function privilege, no longer enumerate herein, represent with other property module in Fig. 1.
In conjunction with the system that puts down in writing in above-described embodiment, an alternative embodiment of the invention is a kind of property system of real name authentication authority method based on the CFCA Valuation Standard, and described method comprises the steps:
Steps A, certificate verification unit reception come from the certificate data of property real-name authentication authorized application side, after reading the available information and judgement in certificate data, the time of day data of inquiry property real-name authentication authorized application side certificate from the CFCA Verification System, when being legal, carry out next step when Query Result;
Step B, certificate verification unit is that legal certificate data is sent to property Certificate Authority unit with Query Result, property Certificate Authority unit obtains the identity information of property real-name authentication authorized application side from certificate data, and this information is carried out current identification, according to current identity for its authorize preset in property Certificate Authority unit with deserve before corresponding property module and the function privilege of identity, then to the result of property real-name authentication authorized application side's return authentication mandate.
In the steps A of above-described embodiment, when the result of the time of day data of inquiry property real-name authentication authorized application side certificate was illegal from the CFCA Verification System, namely step finished, and does not carry out next step.
In addition, according to another embodiment of the present invention, available information in above-mentioned steps A be in the middle of certificate message signature, CA certificate chain, validity period of certificate any one or multiple, for example in the present embodiment, available information in steps A has comprised the aforementioned full detail of mentioning, namely before whether inquiry certificate from the CFCA Verification System is legal, authentication certificate information signature at first is with integrality and the validity of checking certificate data; The checking CA certificate chain is with the validity by certificate chain demonstration validation user certificate signature; The authentication certificate term of validity, whether out of date to determine current certificate.And according to what mention in previous embodiment, in other embodiments of the invention, the available information in steps A can also be other any information relevant with digital certificate information, herein particularize no longer.
Same, more according to still another embodiment of the invention, mention in step B in the above-described embodiments preset property module and function privilege be at least be informed of a case repair, entrust, ballot and central any one of gate inhibition's doorbell or multiple.For example in the present embodiment, aforementioned all property module and function privileges of mentioning have namely been comprised, and can set up according to the actual demand of community's estate management, namely in other embodiments of the invention, the all right wireless extensions of aforesaid property module and function privilege, specifically can be determined according to actual conditions, also do not enumerated herein.
Except above-mentioned, the present invention also has following features:
1, authenticate based on system of real name
2, carry out the specific function Certificate Authority according to certificate identity
3, energy initiative recognition owner and non-owner, accomplish owner and the mandate of non-owner's authenticated separate
4, its authentication result has the law trackability
Also need to prove, " embodiment " who speaks of in this manual, " another embodiment ", " embodiment ", etc., refer to specific features, structure or the characteristics described in conjunction with this embodiment and be included at least one embodiment that the application's generality describes.A plurality of local appearance statement of the same race is not necessarily to refer to same embodiment in instructions.Furthermore, when describing a specific features, structure or characteristics in conjunction with arbitrary embodiment, what advocate is to realize that in conjunction with other embodiment this feature, structure or characteristics also fall within the scope of the invention.
Although invention has been described with reference to a plurality of explanatory embodiment of the present invention here, but, should be appreciated that, those skilled in the art can design a lot of other modification and embodiments, and these are revised and within embodiment will drop on the disclosed principle scope and spirit of the application.More particularly, in the scope of, accompanying drawing open in the application and claim, can carry out multiple modification and improvement to building block and/or the layout of subject combination layout.Except modification that building block and/or layout are carried out with improving, to those skilled in the art, other purposes will be also obvious.
Claims (10)
1. property system of real name authentication and authorization system based on the CFCA Valuation Standard, it is characterized in that: described system comprises the CFCA Verification System, the time of day data of digital certificate after being used for storage and providing;
The certificate verification unit, be used for receiving the certificate data that comes from property real-name authentication authorized application side, after reading the available information and judgement in certificate data, the time of day data of inquiry property real-name authentication authorized application side certificate from the CFCA Verification System are that legal certificate data is sent to property Certificate Authority unit with Query Result;
Property Certificate Authority unit, multiple property module and function privilege are preset in its inside, be used for after to receive certificate verification unit Query Result be legal certificate data, obtain the identity information of property real-name authentication authorized application side from certificate data, and this information is carried out current identification, be that according to current identity it authorizes corresponding property module and function privilege, then to property real-name authentication authorized application side return authentication Authorization result.
2. the property system of real name authentication and authorization system based on the CFCA Valuation Standard according to claim 1, it is characterized in that: described certificate verification unit also is used for from the time of day data of CFCA Verification System inquiry property real-name authentication authorized application side certificate, is that illegal certificate data feeds back to property real-name authentication authorized application side with Query Result.
3. the property system of real name authentication and authorization system based on the CFCA Valuation Standard according to claim 1 and 2, it is characterized in that: described digital certificate is the KEY certificate that meets CFCA authentication standard.
4. the property system of real name authentication and authorization system based on the CFCA Valuation Standard according to claim 1 and 2 is characterized in that: the available information in described certificate data be in the middle of certificate message signature, CA certificate chain, validity period of certificate any one or multiple.
5. the property system of real name authentication and authorization system based on the CFCA Valuation Standard according to claim 1 is characterized in that: the property module that presets in described property Certificate Authority unit and function privilege be at least be informed of a case repair, entrust, in the middle of ballot and gate inhibition's doorbell any two or more.
6. property system of real name authentication authority method based on the CFCA Valuation Standard, it is characterized in that: described method comprises the steps:
Steps A, certificate verification unit reception come from the certificate data of property real-name authentication authorized application side, after reading the available information and judgement in certificate data, the time of day data of inquiry property real-name authentication authorized application side certificate from the CFCA Verification System, when being legal, carry out next step when Query Result;
Step B, certificate verification unit is that legal certificate data is sent to property Certificate Authority unit with Query Result, property Certificate Authority unit obtains the identity information of property real-name authentication authorized application side from certificate data, and this information is carried out current identification, according to current identity for its authorize preset in property Certificate Authority unit with deserve before corresponding property module and the function privilege of identity, then to the result of property real-name authentication authorized application side's return authentication mandate.
7. the property system of real name authentication authority method based on the CFCA Valuation Standard according to claim 6, it is characterized in that: when in described steps A, the result of the time of day data of inquiry property real-name authentication authorized application side certificate is illegal from the CFCA Verification System, be that step finishes, do not carry out next step.
8. the property system of real name authentication authority method based on the CFCA Valuation Standard according to claim 6 is characterized in that: the available information in described steps A be in the middle of certificate message signature, CA certificate chain, validity period of certificate any one or multiple.
9. according to claim 6 or 8 described property system of real name authentication authority methods based on the CFCA Valuation Standard, it is characterized in that: in described steps A, the certificate verification unit is before whether inquiry certificate from the CFCA Verification System is legal, at first authentication certificate information signature is with integrality and the validity of checking certificate data; The checking CA certificate chain is with the validity by certificate chain demonstration validation user certificate signature; The authentication certificate term of validity, whether out of date to determine current certificate.
10. the property system of real name authentication authority method based on the CFCA Valuation Standard according to claim 6 is characterized in that: in described step B preset property module and function privilege be at least be informed of a case repair, entrust, in the middle of ballot and gate inhibition's doorbell any two or more.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210451246.1A CN103106357B (en) | 2012-11-12 | 2012-11-12 | Based on property system of real name authentication and authorization system and the method for CFCA Valuation Standard |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210451246.1A CN103106357B (en) | 2012-11-12 | 2012-11-12 | Based on property system of real name authentication and authorization system and the method for CFCA Valuation Standard |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN103106357A true CN103106357A (en) | 2013-05-15 |
| CN103106357B CN103106357B (en) | 2015-09-30 |
Family
ID=48314211
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201210451246.1A Expired - Fee Related CN103106357B (en) | 2012-11-12 | 2012-11-12 | Based on property system of real name authentication and authorization system and the method for CFCA Valuation Standard |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103106357B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111918027A (en) * | 2020-07-02 | 2020-11-10 | 覃士忠 | Intelligent community security method based on Internet of things |
Family Cites Families (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| DE102007019541A1 (en) * | 2007-04-25 | 2008-10-30 | Wincor Nixdorf International Gmbh | Method and system for authenticating a user |
| CN101645900B (en) * | 2009-08-31 | 2012-08-01 | 国家信息中心 | Cross-domain rights management system and method |
| CN102420690B (en) * | 2010-09-28 | 2014-05-21 | 上海可鲁系统软件有限公司 | Fusion and authentication method and system of identity and authority in industrial control system |
| CN102487377B (en) * | 2010-12-01 | 2017-12-19 | 中铁信息计算机工程有限责任公司 | A kind of certification and Rights Management System |
| CN102487383B (en) * | 2010-12-02 | 2015-01-28 | 上海可鲁系统软件有限公司 | Industrial internet distributed system safety access control device |
-
2012
- 2012-11-12 CN CN201210451246.1A patent/CN103106357B/en not_active Expired - Fee Related
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111918027A (en) * | 2020-07-02 | 2020-11-10 | 覃士忠 | Intelligent community security method based on Internet of things |
| CN111918027B (en) * | 2020-07-02 | 2021-07-06 | 杭州齐圣科技有限公司 | Intelligent community security method based on Internet of things |
Also Published As
| Publication number | Publication date |
|---|---|
| CN103106357B (en) | 2015-09-30 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11018869B2 (en) | Blockchain-based digital identity management (DIM) system | |
| US10829088B2 (en) | Identity management for implementing vehicle access and operation management | |
| US8319606B2 (en) | Universal validation module for access control systems | |
| WO2009036511A1 (en) | Verifying a personal characteristic of users of online resources | |
| CN105243313A (en) | Anytime validation for verification tokens | |
| JP2004519874A (en) | Trusted Authentication Digital Signature (TADS) System | |
| CN103973711A (en) | Verification method and device | |
| CN106096947A (en) | Half off-line anonymous method of payment based on NFC | |
| US20220028198A1 (en) | Co-signing delegations | |
| DE102016208512A1 (en) | Access control with a mobile device | |
| US9769164B2 (en) | Universal validation module for access control systems | |
| CN109410405A (en) | Access control management method, gate inhibition's unlocking method and entrance guard management system for unlocking | |
| CN112543184A (en) | Block chain-based equipment authentication activation method | |
| US20150332361A1 (en) | Reputation System and Method | |
| US10706140B2 (en) | Vehicle computer update authentication | |
| CN109863492A (en) | The method of installation certificate and correlation computer and system in vehicle computer | |
| CN103106357B (en) | Based on property system of real name authentication and authorization system and the method for CFCA Valuation Standard | |
| CN115396893A (en) | Digital key issuing and verifying method and system | |
| US20210319116A1 (en) | Systems and methods of access validation using distributed ledger identity management | |
| EP4050923A1 (en) | Systems and methods of access validation using distributed ledger identity management | |
| US11321072B2 (en) | Vehicle computer update authentication | |
| EP3336736B1 (en) | Auxiliary id token for multi-factor authentication | |
| KR20200057660A (en) | Method for operating account reinstating service based account key pairs, system and computer-readable medium recording the method | |
| CN103116819A (en) | Property real-name system certification KEY management platform based on china financial certification authority (CFCA) certification standards and application thereof | |
| CN107612696A (en) | A kind of quantum can in Denial protocal two kinds of unidirectional reduction of agreement method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| C41 | Transfer of patent application or patent right or utility model | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20160505 Address after: 610000, No. 188, No. 1-2, three section, Binhe Road, Huayang street, Tianfu New District, Sichuan, Chengdu Province, China, 74 Patentee after: Sichuan Hansen Technology Co., Ltd. Address before: 610000 Nanhu international community, No. 2 Commercial Street, Huayang street, Chengdu, Sichuan, Shuangliu County Patentee before: Chengdu Jinrui Investment Co., Ltd. |
|
| CF01 | Termination of patent right due to non-payment of annual fee | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20150930 Termination date: 20181112 |