CN104243160A - Identity authentication management method and identity authentication method and device - Google Patents
Identity authentication management method and identity authentication method and device Download PDFInfo
- Publication number
- CN104243160A CN104243160A CN201410356621.3A CN201410356621A CN104243160A CN 104243160 A CN104243160 A CN 104243160A CN 201410356621 A CN201410356621 A CN 201410356621A CN 104243160 A CN104243160 A CN 104243160A
- Authority
- CN
- China
- Prior art keywords
- electronic key
- terminal
- electronic
- identification information
- server
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Abstract
The invention relates to the technical field of communications, in particular to an identity authentication management method and an identity authentication method and device. The problem that effective management is not achieved due to the fact that an existing access control system or a similar identity authentication system is not combined with the mobile internet technology is solved. A server sends an electronic key configuration instruction to an electronic key terminal, the electronic key terminal configures an electronic key locally, an electronic lock terminal receives the electronic key sent by the electronic key terminal and compares the electronic key with an electronic key stored locally, and identification authentication is carried out on the electronic lock terminal. The server is in wireless communication with the electronic key terminal and the electronic lock terminal, so that the technical problem that the existing access control system or the similar identity authentication system is not combined with the mobile internet technology is solved, and management is facilitated.
Description
Technical field
The present invention relates to communication technical field, particularly a kind of authentication management method, identity identifying method and equipment.
Background technology
Authentication is the process confirming operator's identity in a computer network.
In existing identity identifying technology, be that client is opened and closedown by the signal controlling electronic lock terminal sent mostly, such as access control system.When by signal controlling electronic lock, need prestore encrypted message in electronic lock terminal, the encrypted message preserved with this locality after receiving the encrypted message that client sent by signal is compared, thus verifies the identity of this client.
But, current access control system or the also imperfect authentication management method of similar identity authorization system, the distribution of such as electronic key.
Summary of the invention
The embodiment of the present invention provides a kind of authentication management method, identity identifying method and equipment, in order to realize authentication management and authentication procedures.
First aspect, the embodiment of the present invention provides a kind of authentication management method, is applied to the identity authorization system including server, electronic key terminal and electronic lock terminal, comprises:
Server receives electronic key and distributes request, and described electronic key distribution request is used for request and configures to the first electronic key terminal by the first electronic key;
Described server distributes request according to described electronic key, sends electronic key configuration order, and in the first database, add the correspondence relationship information of described first electronic key and described first electronic key terminal to described first electronic key terminal; Wherein, in described electronic key configuration order, comprise described first electronic key, to make described first electronic key terminal, described first electronic key is configured to this locality;
The correspondence relationship information of the first electronic lock terminal that described first electronic key and described first electronic key match whether is preserved in described server lookup second database, if do not had, then send the first right assignment order to described first electronic lock terminal, and after receiving the right assignment success response that described first electronic lock terminal returns, the correspondence relationship information of described first electronic key and described first electronic lock terminal is saved in described second database, wherein, the authority information of described first electronic key and described first electronic key is comprised in described first right assignment order, to make described first electronic lock terminal, described first electronic key and authority information thereof are configured to this locality, or, the correspondence relationship information of the first electronic lock terminal that described first electronic key and described first electronic key match whether is preserved in described server lookup second database, if no, then the correspondence relationship information of described first electronic key and described first electronic lock terminal is saved in described second database.
Second aspect, the identity identifying method that the embodiment of the present invention provides realizes based on above-mentioned authentication management method, and the method comprises:
Electronic lock terminal receives the signal carrying electronic key that electronic key terminal sends;
Described electronic lock terminal parses the electronic key of described signaling bearer from described signal;
Described electronic lock terminal, by comparing resolving the electronic key that the electronic key that obtains and described electronic lock terminal local preserve, carries out authentication to described electronic key terminal.
The third aspect, the identity identifying method realized based on above-mentioned authentication management method that the embodiment of the present invention provides, comprising:
Server receives the ID authentication request that electronic lock terminal sends, comprise the identification information of electronic key and described electronic lock terminal in described ID authentication request, to be described electronic lock terminal parse from carrying the signal of electronic key of sending of electronic key terminal described electronic key;
Described server is compared by the electronic key corresponding with described electronic lock terminal preserved in described electronic key and described server this locality, carries out authentication to described electronic key terminal.
Fourth aspect, a kind of server that the embodiment of the present invention provides, is applied to identity authorization system, also comprises electronic key terminal and electronic lock terminal, comprising in described identity authorization system:
Receiver module, distribute request for receiving electronic key, described electronic key distributes request and configures to the first electronic key terminal for request by the first electronic key;
First configuration module, for distributing request according to described electronic key, sending electronic key configuration order to described first electronic key terminal, and in the first database, adding the correspondence relationship information of described first electronic key and described first electronic key terminal; Wherein, in described electronic key configuration order, comprise described first electronic key, to make described first electronic key terminal, described first electronic key is configured to this locality;
Second configuration module, for inquiring about in the second database the correspondence relationship information of whether preserving the first electronic lock terminal that described first electronic key and described first electronic key match, if do not had, then send the first right assignment order to described first electronic lock terminal, and after receiving the right assignment success response that described first electronic lock terminal returns, the correspondence relationship information of described first electronic key and described first electronic lock terminal is saved in described second database, wherein, the authority information of described first electronic key and described first electronic key is comprised in described first right assignment order, to make described first electronic lock terminal, described first electronic key and authority information thereof are configured to this locality, or, for inquiring about in the second database the correspondence relationship information of whether preserving the first electronic lock terminal that described first electronic key and described first electronic key match, if no, then the correspondence relationship information of described first electronic key and described first electronic lock terminal is saved in described second database.
5th aspect, the embodiment of the present invention provides a kind of electronic lock terminal, is applied to identity authorization system, also comprises server and electronic key terminal in described identity authorization system, and described electronic lock terminal comprises:
Configuration module, for the first right assignment order that reception server sends, comprise the authority information of described first electronic key and described first electronic key in described first right assignment order, to be described server send when distributing request according to the electronic key received and not inquiring the correspondence relationship information of the first electronic lock terminal that described first electronic key and described first electronic key match in described first right assignment order; And, after described first electronic key and authority information thereof being configured to this locality according to described first right assignment order, returning authority to described server and be allocated successfully response;
Authentication module, for receiving the signal carrying electronic key that electronic key terminal sends, the electronic key of described signaling bearer is parsed from described signal, by comparing resolving the electronic key obtained with the local electronic key preserved, authentication is carried out to described electronic key terminal.
In conjunction with the 5th aspect, in the implementation that the first is possible, for each electronic key also correspondence be provided with electronic key terminal list, described list is for preserving the identification information of all electronic key terminals being configured with corresponding electronic key;
Described configuration module also for:
Receive the second right assignment order that described server sends, comprise the identification information of described first electronic key or described first electronic key in described second right assignment order and comprise the identification information of described first electronic key terminal; Wherein, the correspondence relationship information of described second right assignment order to be described server according to the electronic key configuring request received inquire the first electronic lock terminal that described first electronic key and described first electronic key match, but send when not comprising the identification information of described first electronic key terminal in electronic key terminal list corresponding to described first electronic key;
According to described second authority order, the identification information of described first electronic key terminal is added to after in electronic key terminal list corresponding to described first electronic key, return authority to described server and be allocated successfully response.
In conjunction with the 5th aspect, in the implementation that the second is possible, described configuration module also for:
Receive the electronic key recovery order that described server sends, described electronic key reclaims in order and comprises the identification information of the 4th electronic key and the identification information of described 4th electronic key terminal;
Reclaim order according to described electronic key, described 4th electronic key and the corresponding relation of described 4th electronic key terminal are deleted or are set to invalid after, reclaim successful response to described server return electron key.
In conjunction with the 5th aspect, in the implementation that the third is possible, described signal is electromagnetic wave signal, and described electronic key is converted to electromagnetic wave signal and sends by described electronic key terminal; Or
Described signal is light signal, and described electronic key, by controlling the frequency of described light signal, wavelength, duty ratio or brightness, is carried in described light signal and sends by described electronic key terminal; Or
Described signal is voice signal, and described electronic key, by controlling frequency or the amplitude of described voice signal, is carried in described voice signal and sends by described electronic key terminal.
In conjunction with the 5th aspect, in the 4th kind of possible implementation, described authentication module also for:
The identification information of described electronic key terminal is parsed from described signal, or, receive the identification information of the described electronic key terminal that described electronic key terminal sent before transmission carries the signal of electronic key;
Described authentication module specifically for:
According to the identification information of the electronic key terminal received, and resolve the electronic key obtained from the signal that described electronic key terminal sends, the local electronic key terminal list corresponding to described electronic key stored of inquiry;
If the identification information of described electronic key terminal is present in described list, then to the authentication success of described electronic key terminal, otherwise authentication failure.
A kind of authentication management method that the embodiment of the present invention provides, identity identifying method and equipment, be applied to and include server, the identity authorization system of electronic key terminal and electronic lock terminal, when server receives electronic key distribution request, electronic key configuration order is sent to the first electronic key terminal, first electronic key is configured to the first electronic key terminal, if do not preserve the correspondence relationship information of the first electronic lock terminal of matching with the first electronic key in server lookup second database, then to the first electronic lock terminal sending permission assignment commands, to make the first electronic lock terminal, the first electronic key and authority information thereof are configured to this locality, thus complete the layoutprocedure of server to electronic key terminal and electronic lock terminal.
Based on the identity identifying method that above-mentioned collocation method realizes, comprising: electronic lock terminal receives the signal carrying electronic key that electronic key terminal sends; Described electronic lock terminal parses the electronic key of described signaling bearer from described signal; Described electronic lock terminal by comparing resolving the electronic key that the electronic key that obtains and described electronic lock terminal local preserve, thus completes the authentication carried out electronic key terminal.
By the above description to the embodiment of the present invention, achieve and utilize that the Internet is long-range carries out authentication, perfect authentication management method can be provided, and effectively can be managed the configuration of electronic key by server.
Other features and advantages of the present invention will be set forth in the following description, and, partly become apparent from specification, or understand by implementing the present invention.Object of the present invention and other advantages realize by structure specifically noted in write specification, claims and accompanying drawing and obtain.
Accompanying drawing explanation
The schematic flow sheet of a kind of authentication management method that Figure 1A provides for the embodiment of the present invention;
Another schematic flow sheet of a kind of authentication management method that Figure 1B provides for the embodiment of the present invention;
Fig. 2 is the schematic diagram that the embodiment of the present invention upgrades electronic key authority information;
Fig. 3 is the schematic diagram that the state of the embodiment of the present invention to electronic key is inquired about;
Fig. 4 is the schematic diagram that the embodiment of the present invention reclaims electronic key;
The authentication schematic diagram that Fig. 5 provides for the embodiment of the present invention;
The schematic flow sheet of the another kind of authentication management method that Fig. 6 provides for the embodiment of the present invention;
Fig. 7 provide for the embodiment of the present invention another in authentication schematic diagram;
The server architecture schematic diagram that Fig. 8 provides for the embodiment of the present invention;
The electronic lock terminal structure schematic diagram that Fig. 9 provides for the embodiment of the present invention.
Embodiment
The invention provides a kind of authentication management method, identity identifying method and equipment, in order to realize authentication management and authentication procedures.
With reference to the accompanying drawings the present invention is described more fully, exemplary embodiment of the present invention is wherein described.Exemplary embodiment of the present invention and explanation thereof for explaining the present invention, but do not form inappropriate limitation of the present invention.
Illustrative to the description only actually of at least one exemplary embodiment below, never as any restriction to the present invention and application or use.
The embodiment of the present invention is applied to identity authentication management system.This system can comprise server, electronic key terminal and electronic lock terminal.Described server communicates by communication with described electronic key terminal, and described server can be communicated by communication or wire communication mode with described electronic lock terminal.The communication used can include but not limited to Wi-Fi (Wireless Fidelity, Wireless Fidelity), bluetooth (Bluetooth), 3G (3rd Generation Mobile Communication Technology, G mobile communication, be called for short 3G) or 4G (4th Generation Mobile Communication Technology, G mobile communication, be called for short 4G) etc. mode; The wire communication mode used can comprise Fibre Optical Communication Technology.Correspondingly, the electronic equipment at electronic key terminal, electronic lock terminal and server or server place is provided with the communication module can carrying out above-mentioned information interaction.Wherein, electronic key terminal can have one or more, and electronic lock terminal can have one or more.
Electronic key terminal can be mobile phone, PAD (Personal Digital Assistant, palmtop PC), the equipment such as Intelligent worn device, car-mounted terminal, wherein, Intelligent worn device can be wrist-watch, necklace, ring, bracelet, glasses, personal information assistant etc.In addition, when electronic key terminal is mobile phone, the communication device carrying out communication between electronic key terminal and server can be the combination of mobile phone flashlight, optical sensor, mobile phone speaker, pick-up, preposition optical sensor and aforementioned device.Described car-mounted terminal can be the car-mounted terminal of the vehicles such as automobile, electric motor car, motorcycle.Electronic lock terminal can be the similar devices such as access controller, and this electronic lock terminal or server can be mutual with the payment system of network side, thus realize charging function.Server is logic entity, mobile terminal or PC (Personal Computer can be arranged on, personal computer) etc. on electronic equipment, wherein, mobile terminal can be mobile phone, PAD (Personal Digital Assistant, palmtop PC), Intelligent worn device etc.Server can provide human-computer interaction interface, and that submits electronic key for user to by this human-computer interaction interface arranges instruction, thus is electronic key terminal or electronic lock terminal configuration electronic key.
In above-mentioned identity authorization system, the electronic key that electronic lock terminal is used for electronic key terminal sends is compared with the local electronic key configured, and to carry out authentication to this electronic key terminal, and controls the opening and closing of electronic lock according to the result; Server is used for sending electronic key assignment commands, to make electronic key terminal configuration electronic key to electronic key terminal; Server also can to electronic lock terminal sending permission assignment commands, with the configuration making electronic lock terminal carry out electronic key and authority information.
The first database and the second database can be pre-set in the server of above-mentioned identity authorization system.Described first database for preserving the correspondence relationship information of electronic key and electronic key terminal, the correspondence relationship information of electronic lock terminal of the second database for preserving electronic key and this electronic key and matching.Further, each electronic key in the second database also correspondence is provided with electronic key terminal list, and described list is for preserving the identification information of all electronic key terminals configuring corresponding electronic key.The identification information of electronic key terminal can be the IP address or ID etc. of electronic key terminal.It should be noted that, above-mentioned correspondence relationship information also can save as other data structure form.
In conjunction with above identity authorization system, Fig. 1 shows a kind of authentication management method that the embodiment of the present invention one provides.In flow process shown in Figure 1A, be described to the first electronic key terminal so that the first electronic key is configured.Said method comprising the steps of:
S11, server receive electronic key and distribute request, and this electronic key distributes request and can be used for asking the first electronic key to configure to the first electronic key terminal.
It can be that the electronic match configuration operation interface that user is provided by identity authorization system is submitted to that described electronic key distributes request.
Described electronic key distributes the identification information that can comprise electronic key terminal in request, ID or the IP address of such as electronic key terminal or can digitized hardware device mark, the identification information of such as electronic key terminal can be MAC (Media Access Control) address.
Further, the described electronic key identification information of electronic lock terminal that distributes the identification information that also can comprise electronic key in request and/or match with this electronic key.The identification information of described electronic key can be the ID of electronic key, and the identification information of described electronic lock terminal can be IP address or MAC Address or the electronic lock Termination ID etc. of electronic lock terminal.
S12, server distribute request according to electronic key, send electronic key configuration order, and in the first database, add the correspondence relationship information of the first electronic key and the first electronic key terminal to the first electronic key terminal.Wherein, in electronic key configuration order, comprise the first electronic key, to make the first electronic key terminal, the first electronic key is configured to this locality.
In electronic key configuration order except can comprising the first electronic key, can also comprise the identification information of the first electronic key, such as, the identification information of electronic key can be the ID of electronic key.
Electronic key in electronic key configuration order can also adopt encryption technology to be encrypted, symmetric encipherment algorithm is such as adopted to be encrypted electronic key, correspondingly, electronic key terminal adopts corresponding decipherment algorithm to be decrypted electronic key, and the electronic key after deciphering is configured at electronic key terminal local.
Whether preserve the correspondence relationship information of the first electronic lock terminal that the first electronic key and the first electronic key match in S13, server lookup second database, if do not had, then forward step S14 to, if had, then can proceed to S16.
Further, if in above-mentioned steps S11, the identification information of the first electronic lock terminal of matching with the first electronic key is comprised in described electronic key configuring request, then in step s 13, server according to the identification information of the first electronic lock terminal comprised in electronic key configuring request, can inquire about in the second database whether preserve the electronic keying information corresponding with the identification information of electronic lock terminal.
S14, server send the first right assignment order to the first electronic key terminal, and after receiving the right assignment success response that the first electronic key terminal returns, the correspondence relationship information of the first electronic key and the first electronic lock terminal is saved in the second database, then proceeds to S16.Wherein, in described first right assignment order, comprise the authority information of the first electronic key and the first electronic key, to make the first electronic lock terminal, the first electronic key and authority information thereof are configured to this locality.
Preferably, the authority information of the first electronic key can comprise: the term of validity of the first electronic key, and/or, the first electronic key forbid perhaps up time section.Such as, the limited period of the first electronic key is three months, and in time exceeding trimestral, the state of this first electronic key is automatically set as failure state; The time period of the first electronic key permission to use can be set to the 8:00 ~ 18:00 of every day, after representing that the electronic lock terminal being configured with the first electronic key receives the first electronic key within the above-mentioned time period, the first electronic key of the first electronic key and the configuration received is used to carry out certification to electronic key terminal, because the electronic key of this locality configuration is prohibited from using in other times section, therefore after the first electronic key receiving the transmission of electronic key terminal, to this electronic key terminal authentication failure.
S16, terminate this configuration flow.
Further, each electronic key correspondence in the second database is provided with electronic key terminal list, as shown in Figure 1B, if in the S13 of above-mentioned flow process, do not preserve the correspondence relationship information of the first electronic lock terminal that the first electronic key and the first electronic key match in server lookup to the second database, then forward step S14 to; If inquire in the second database the correspondence relationship information of preserving the first electronic lock terminal that the first electronic key and the first electronic key match, and in electronic key terminal list corresponding to the first electronic key, comprise the identification information of the first electronic key terminal, then forward step S16 to; If inquire in the second database the correspondence relationship information of preserving the first electronic lock terminal that the first electronic key and the first electronic key match, but do not comprise the identification information of the first electronic key terminal in the electronic key terminal list that the first electronic key is corresponding, then forward step S15 to; Wherein, step S14 ' and step S15 is respectively:
S14 ', server send the second right assignment order to the first electronic key terminal, and after receiving the right assignment success response that the first electric terminal returns, the correspondence relationship information of the first electronic key and the first electronic lock terminal is saved in the second database, and in the electronic key terminal list that the first electronic key is corresponding, add the identification information of the first electronic key terminal, then proceed to S16.Wherein, comprise the first electronic key, the authority information of the first electronic key and the identification information of the first electronic key terminal in described second right assignment order, to make the first electronic lock terminal, the identification information of the first electronic key, authority information and the first electronic key terminal is configured to this locality.
S15: server sends the second right assignment order to the first electronic lock terminal, and after receiving the right assignment success response that the first electric terminal returns, the identification information of the first electronic key terminal is added in electronic key terminal list corresponding to the first electronic key in the second database, wherein, comprise the identification information of the first electronic key or the first electronic key in described second right assignment order and comprise the identification information of the first electronic key terminal, to make the first electronic lock terminal, the identification information of the first electronic key terminal is added in electronic key terminal list corresponding to the first electronic key.
Further, the renewal process of electronic key authority information can also be comprised in the flow process shown in above-mentioned Figure 1A or Figure 1B.Be described for the authority information renewal process of authority information to electronic key upgrading the second electronic key below, wherein, the second electronic key can be identical with the first electronic key, can certainly be different.As shown in Figure 2, this flow process can comprise the following steps:
S21, server receive authority update request, comprise the authority information of the identification information of the second electronic key and the second electronic key after upgrading in described authority update request.The identification information of the second electronic key can be the ID of electronic key; The authority information of the second electronic key can be the term of validity of the second electronic key, and/or, the second electronic key forbid perhaps up time section.
S22, server are according to identification information-enquiry second database of the second electronic key, obtain the identification information of the second corresponding electronic lock terminal, such as, the identification information of the second electronic lock terminal can be IP address or the ID of the second electronic lock terminal or can identify by digitized hardware device, and the identification information of such as electronic key terminal can be MAC Address.Wherein, the quantity of the second electronic lock terminal can be one also can be multiple.
S23, server are according to inquiring about the second electronic lock terminal identification information obtained, to the second electronic lock terminal sending permission more newer command, described authority more comprises the authority information of the identification information of the second electronic key and the second electronic key after upgrading in newer command, with make the second electronic lock terminal according to this authority more newer command upgrade the authority information of the respective electronic key of local configuration.
Further, after step S23, such as at server according to the second electronic lock terminal identification information inquired, after the second electronic lock terminal sending permission more newer command, can also comprise the following steps:
S24, server are according to identification information-enquiry first database of the second electronic key, and obtain the second corresponding electronic key terminal identification information, wherein, the second electronic key terminal being configured with the second electronic key can be one or more; Server, according to the second electronic key terminal identification information inquired, sends the notification message of the authority information generation renewal of the second electronic key to the second electronic key terminal, know to make the second electronic key terminal the information that the authority of electronic key upgrades.
Further, according to the distribution condition of electronic key and whether effective, electronic key can be provided with different states, and the state of such as electronic key can comprise: effective status, disarmed state, unallocated state etc.Correspondingly, also can comprise electronic key state in the flow process shown in above-mentioned Figure 1A or Figure 1B and push process, this process can comprise:
Server can inquire about the first database according to setting cycle, obtains the effective status information of the identification information being configured with the electronic key terminal of electronic key and the electronic key configured; Server is according to the identification information of the electronic key terminal inquired, electronic key terminal to the electronic key of correspondence sends the effective status information of the electronic key that respective electronic key configures, thus according to setting cycle by the effective status information pushing of electronic key to the electronic key terminal being configured with respective electronic key.
Further, electronic key status poll process can also be comprised in the flow process shown in above-mentioned Figure 1A or Figure 1B.Be described for the status poll process of state to electronic key of inquiring about the 3rd electronic key below, wherein, the 3rd electronic key can be identical with the first electronic key or the second electronic key, can certainly be different.As shown in Figure 3, this flow process can comprise the following steps:
S31, server receive the electronic key inquiry request that the 3rd electronic key terminal is sent, the identification information of the 3rd electronic key terminal is comprised in described inquiry request, such as, the identification information of the 3rd electronic key terminal can be IP address or the ID of the 3rd electronic key terminal or can identify by digitized hardware device, and the identification information of such as electronic key terminal can be MAC Address;
S32, server are according to identification information-enquiry first database of the 3rd electronic key terminal, obtain the effective status information of the electronic key that the 3rd electronic key terminal configures, and the effective status information of the electronic key inquired is sent to the 3rd electronic key terminal.
Wherein, if do not comprise the mark of electronic key in the electronic key inquiry request that the 3rd electronic key terminal sends, then server according to identification information-enquiry first database of the 3rd electronic key terminal, can obtain the effective status information of all electronic keys that the 3rd electronic key terminal configures and sends to the 3rd electronic key terminal; If comprise the mark of electronic key in the electronic key inquiry request that the 3rd electronic key terminal sends, then server according to identified query first database of the identification information of the 3rd electronic key terminal with the electronic key comprised, can obtain the effective status information of the respective electronic key that the 3rd electronic key terminal configures and sends to the 3rd electronic key terminal.
By above-mentioned electronic key status poll process, this electronic key terminal can be sent to based on the state of the electronic key that this electronic key terminal of the requesting query of electronic key terminal configures.
Further, the embodiment of the present invention additionally provides electronic key recovery process.Be described for the removal process of the 4th electronic key to electronic key reclaimed in the 4th electronic key terminal below.As shown in Figure 4, this electronic key recovery process can comprise:
S41, server receive electronic key and reclaim request, and described electronic key reclaims in request and comprises the identification information of the 4th electronic key and the identification information of the 4th electronic key terminal.The request of reclaiming of described electronic key can be that the electronic match configuration operation interface that user is provided by identity authorization system is submitted to.
S42, server reclaim request according to described electronic key, inquire about the second database, obtain the identification information of the 4th corresponding electronic lock terminal;
S43, server send electronic key to the 4th electronic lock terminal and reclaim order, described electronic key reclaims in order and comprises the identification information of the 4th electronic key and the identification information of the 4th electronic key terminal, with make the 4th electronic lock terminal the corresponding relation of the 4th electronic key and the 4th electronic key terminal is deleted or is set to invalid.
Preferably, in S43, if there is not the identification information of any electronic key terminal in the electronic key terminal list that the 4th electronic key is corresponding, then the corresponding relation of the 4th electronic key and the 4th electronic lock terminal also can have been deleted from this locality by the 4th electron institute terminal.
Further, after S403, also following S404 can be comprised:
S44, server to reclaim after the electronic key asking to return reclaims successfully response receiving the 4th electronic lock terminal according to described electronic key, the identification information of the 4th electronic key terminal can be deleted by server from electronic key terminal list corresponding to the 4th electronic key.Further, if there is not the identification information of any electronic key terminal in electronic key terminal list corresponding to the 4th electronic key, then the corresponding relation of the 4th electronic key and the 4th electronic lock terminal can have been deleted by server from the second database.
By above process, the situation of same electronic key can be shared for multiple electronic key terminal, when the electronic key of the portions of electronics key terminal in described multiple electronic key terminal is retracted, electronic lock terminal recognition can be made to go out these electronic key terminals, thus ensure the fail safe of authentication.
By the above description to the embodiment of the present invention one, achieve and utilize that the Internet is long-range carries out authentication, and effectively can be managed the configuration of electronic key by server.
See Fig. 5, it is a kind of flow for authenticating ID that the embodiment of the present invention two provides.The electronic key used in this flow process is configured by the mode of previous embodiment.As shown in the figure, this flow for authenticating ID can comprise the steps:
S51, electronic lock terminal receive the signal carrying electronic key that electronic key terminal sends.
S52, described electronic lock terminal parse the electronic key of described signaling bearer from described signal.
S53, described electronic lock terminal, by comparing resolving the electronic key that obtains with the local electronic key preserved of described electric terminal, carry out authentication to described electronic key terminal.
Alternatively, the described signal in step S51 can be electromagnetic wave signal, and described electronic key is encoded by described electronic key terminal, is converted to electromagnetic wave signal and sends; Correspondingly, in step S53, described electronic lock terminal is by being converted to electronic key to the electromagnetic wave signal received.
Alternatively, described signal in step S51 also can be light signal, described electronic key terminal is by controlling the frequency of described light signal, wavelength, duty ratio or brightness, the brightness of such as light can be dark 5 microseconds of bright 5 microseconds, keep Chang Liang, keep often dark etc., is carried on by described electronic key in described light signal and sends; Correspondingly, in step S53, described electronic lock terminal is resolved by the frequency to the light signal received, wavelength, duty ratio or brightness, obtains described electronic key.Described light signal can include but not limited to: visible ray, infrared light or ultraviolet light etc.
Alternatively, the described signal in step S51 can also be voice signal, and described electronic key, by controlling frequency or the amplitude of described voice signal, is carried in described voice signal and sends by described electronic key terminal; Correspondingly, in step S53, described electronic lock terminal, by resolving the frequency of the voice signal received or amplitude, obtains described electronic key.Wherein, the amplitude of voice signal can embody the degree of strength of sound.
Alternatively, before step S51, electronic lock terminal performs arousal function by Bluetooth technology or Wi-Fi technology to electronic key terminal, and the authentication software in automatic unlocking electronic key terminal, enters the checking interface of this authentication software.This checking interface can provide Password Input frame, gesture to input pattern, fingerprint authentication input area etc., if by modes such as recognitions of face, inputs relevant information and after being verified, allowing this authentication software to carry out the transmission of key information for user.
Such as, when electronic lock terminal is access controller, when electronic key terminal is mobile phone, electromagnetic field by access controller wakes the application software of unblanking that mobile phone is installed automatically up, enter checking interface, input validation password, can allow after being verified to use this application software of unblanking to carry out transmission electronic key.Wherein, input validation password can input numeral, letter or numeral and alphabetical combination, and such as 123,123ABC; Input validation password can input gesture, can input fingerprint, also can adopt face recognition technology, can also adopt the biological identification technologies such as iris recognition technology.
Further, electronic lock terminal can also be provided with watch-dog.For example, when the access controller that electronic lock terminal is gate, community, when electronic key terminal is the vehicle of discrepancy community, vehicle can be preserved to come in and go out the video of this community or image record by installing watch-dog in access controller, be conducive to can transferring or add up when required the information state of vehicle of this community of coming in and going out.
Consider that in an electronic key terminal, possible configuration has multiple electronic key, embodiments provides following scheme, make electronic key terminal can choose suitable electronic key, send signal to carry out authentication according to the electronic key chosen.
Concrete, in step s 51 or before step S51, electronic key terminal obtains the identification information of electronic lock terminal; In step s 51, according to the electronic key corresponding with the identification information of this electronic lock terminal that the identification information-enquiry this locality of the electronic lock terminal got is preserved, the electronic key generation according to inquiring carries the signal of this electronic key and sends.Wherein, described electronic key terminal can pass through wireless radio frequency mode, and such as bluetooth approach, Wi-Fi mode or the mode by Quick Response Code corresponding to scanning electron lock terminal, obtain the identification information of electronic lock terminal.
Further, in step S51, the identification information of described electronic key terminal can also be comprised in the described signal that electronic key terminal sends, or before step 51, the identification information of described electronic key terminal was sent to described electronic lock terminal by described electronic key terminal before transmission carries the signal of electronic key.Correspondingly, in step S53, electronic lock terminal according to the identification information of the electronic key terminal received, and can resolve the electronic key obtained, the electronic key terminal list that the local described electronic key stored of inquiry is corresponding from the signal that described electronic key terminal sends; If the identification information of the electronic key terminal received is present in described list, then to the authentication success of described electronic lock terminal, otherwise authentication failure.When authentication failure, electronic lock terminal can send authentication failed prompt tone or warning.
For example, electronic key terminal comprises the identification information of described electronic key terminal by various ways in described signal, such as:
The identification information of electronic key terminal is converted to electromagnetic wave signal and sends by described electronic key terminal; Or the identification information of electronic key terminal, by controlling the frequency of described light signal, wavelength, duty ratio or brightness, is carried in described light signal and sends by described electronic key terminal; Or the identification information of electronic key terminal, by controlling frequency or the amplitude of voice signal, is carried in described voice signal and sends by described electronic key terminal.Wherein, if described signal is light signal, then the identification information of self can be converted to binary sequence through coding and cyclic redundancy check (CRC) by electronic key terminal, controls electronic key terminal send light signal to transmit the identification information of this electronic key terminal according to the binary sequence after conversion.Such as, for " 1 " in this binary sequence, control electronic key terminal luminous, for " 0 " in this binary sequence, control electronic key terminal not luminous.And then send light signal according to electronic key.
Electronic key terminal can receive encrypted electronic key, also can receive unencrypted electronic key,
In order to improve fail safe, when the electronic key in the electronic key configuration-direct that electronic key terminal reception server sends does not adopt encryption technology, electronic key terminal can adopt cryptographic algorithm to be encrypted electronic key, rivest, shamir, adelman is such as adopted to be encrypted electronic key, correspondingly, electronic lock terminal need adopt corresponding decipherment algorithm to be decrypted electronic key, thus completes the certification to electronic key terminal.
The identity identifying method that the embodiment of the present invention two provides, the information carrying electronic key of electronic key terminal transmission is received by electronic lock terminal, electronic lock terminal parses the electronic key of described signaling bearer from described information, electronic lock terminal by comparing resolving the electronic key that the electronic key that obtains and electronic lock terminal local preserve, thus completes the authentication carried out electronic key terminal.
In order to be illustrated more clearly in the present invention, be described for garage access control system below.
Access controller, server and car-mounted terminal can be comprised in garage access control system.Wherein, the electronic key signal that access controller is used for car-mounted terminal sends carries out authentication, and controls the opening and closing of garage door according to the result, and access controller is arranged on gate, garage or near gate, garage usually; Car-mounted terminal is arranged on vehicle, for controlling the transmission of electronic key signal; Electronic key can be configured to car-mounted terminal and access controller by server.
Communication is adopted to carry out the process of electronic key configuration below by several concrete scene description.
Electronic key configuration scene 1
Scene 1 configures identical electronic key for many cars (the present embodiment is for vehicle A and vehicle B), is all allowed to enter the demand in the garage that access controller 1 controls, and describes the layoutprocedure of electronic key.This process can comprise the following steps:
Step 101: server receives electronic key configuration-direct, comprise identification information and the electronic key key1 of the identification information of vehicle A or the car-mounted terminal of vehicle A in described electronic key configuration-direct, the identification information of described car-mounted terminal can be the IP address or ID etc. of car-mounted terminal.This electronic key configuration-direct is used for request for vehicle A configuration electronic key key1.
Further, in electronic key configuration-direct, also can comprise the identification information of access controller 1, the IP address of such as access controller 1; And/or, comprise the identification information of car-mounted terminal A.
During concrete enforcement, the human-computer interaction interface submission electronic key configuration-direct carrying out electronic key configuration for user that user provides by server.
Step 102: server sends configuring request to the car-mounted terminal of vehicle A, comprises electronic key key1 in described configuring request.
Step 103: after the car-mounted terminal of vehicle A receives this configuring request, preserves electronic key in this configuring request to local.
Further, server also can according to the identification information of access controller 1, and such as IP address, sends configuring request to access controller 1, comprises electronic key key1 in this configuring request, preserves this electronic key key1 to make access controller 1.Further, in this configuring request, also can comprise the identification information of car-mounted terminal A, with the corresponding relation making access controller 1 preserve this electronic key key1 and this car-mounted terminal A.
In order to reduce the transport overhead of cordless communication network, server can obtain the database (as the second database) of access controller 1 correspondence according to the identification information of access controller 1.This database can be safeguarded by server, wherein preserves the electronic key of configuration or the identification information of electronic key on access controller 1.If preserved the identification information of electronic key key1 or electronic key key1 in this database, then server has no longer sent configuring request to access controller 1; Otherwise server sends above-mentioned configuring request to access controller 1, and upgrade in the database of access controller 1 correspondence.
Server, according to the mode identical with above-mentioned flow process, carries out electronic key layoutprocedure to the car-mounted terminal of vehicle B.
Like this, many cars can share same electronic key.
Further, also can preserve authority information corresponding to electronic key key1 on the server, such as allow or forbid the term of validity of the time period that vehicle enters and/or electronic key key1.When server sends configuring request to access controller 1, the authority information of electronic key key1 and correspondence can be sent to access controller 1, carry out access control to make access controller 1 according to the authority information of electronic key key1 and correspondence.
Further, server also can upgrade authority information, and such as change allows or forbids the term of validity of the time period that vehicle enters and/or electronic key key1.After the authority information of server to electronic key key1 upgrades, the identification information of the authority information after renewal and electronic key key1 or electronic key key1 is sent to all access controllers storing electronic key key1 comprising access controller 1, with the authority information making access controller upgrade the local electronic key key1 stored.Server also can send a notification message to all car-mounted terminals being configured with electronic key key1 of the car-mounted terminal comprising vehicle A further, informs to corresponding car-mounted terminal so that the authority information of electronic key key1 to be occurred the authority information after changing or changing.
Configurable multiple different electronic key on a car-mounted terminal, the layoutprocedure of each electronic key ditto described in.When a car-mounted terminal allowing the multiple different electronic key of configuration, obtain corresponding electronic key in order to enable car-mounted terminal according to its close access controller and send to this access controller, also need the identification information storing the access controller corresponding with electronic key on access controller.Concrete, the identification information carrying the access controller corresponding with electronic key in the configuration-direct that server can send at it is configured to access controller.
Electronic key can have following two states: effective status and failure state.Server can according to the strategy arranged, such as according to setting cycle, by the state notifying of electronic key that configures for car-mounted terminal to car-mounted terminal and/or access controller.Car-mounted terminal also can send request the request of the state obtaining electronic key to server, to obtain the state of the electronic key that this car-mounted terminal configures.
Electronic key configuration scene 2
Scene 2 configures different electronic keys for many cars (the present embodiment is for vehicle A and vehicle B), but is all allowed to enter the demand in the garage that access controller 1 controls, and describes the layoutprocedure of electronic key.This process can comprise the following steps:
Step 201: server receives electronic key configuration-direct, comprises the identification information of the car-mounted terminal of vehicle A in described electronic key configuration-direct, and electronic key key1, the identification information of described car-mounted terminal can be the IP address of car-mounted terminal or ID etc.This electronic key configuration-direct is used for request for vehicle A configuration electronic key key1.
Further, in electronic key configuration-direct, also can comprise the identification information of access controller 1, the IP address of such as access controller 1; And/or, comprise the identification information of car-mounted terminal A.
During concrete enforcement, the human-computer interaction interface submission electronic key configuration-direct carrying out electronic key configuration for user that user provides by server.
Step 202: server sends configuring request to the car-mounted terminal of vehicle A, comprises electronic key key1 in described configuring request.
Step 203: after the car-mounted terminal of vehicle A receives this configuring request, preserves electronic key in this configuring request to local.
Further, server also can according to the identification information of access controller 1, and such as IP address, sends configuring request to access controller 1, comprises electronic key key1 in this configuring request, preserves this electronic key key1 to make access controller 1.Further, in this configuring request, also can comprise the identification information of car-mounted terminal A, with the corresponding relation making access controller 1 preserve this electronic key key1 and this car-mounted terminal A.
In order to reduce the transport overhead of cordless communication network, server can obtain the database of access controller 1 correspondence according to the identification information of access controller 1.This database can be safeguarded by server, wherein preserves the electronic key of configuration or the identification information of electronic key on access controller 1, can also be contained in the identification information of car-mounted terminal corresponding to this electronic key further.If preserved the identification information of electronic key key1 or electronic key key1 in this database, then server has no longer sent configuring request to access controller 1; Otherwise server sends above-mentioned configuring request to access controller 1, and upgrade in the database of access controller 1 correspondence.
To the layoutprocedure of the car-mounted terminal of vehicle B, similar with the layoutprocedure of the above-mentioned car-mounted terminal to vehicle A, the electronic key just configured for vehicle B is electronic key key2, does not repeat them here.
Like this, many cars can use different electronic keys to enter same garage.
Further, also can preserve each self-corresponding authority information of each electronic key on the server, such as allow or forbid the term of validity of the time period that vehicle enters and/or electronic key key1.The authority information that different electronic key is corresponding can be the same or different.When server sends configuring request to access controller 1, the authority information of electronic key and correspondence can be sent to access controller 1, carry out access control to make access controller 1 according to the authority information of electronic key and correspondence.
Further, server also can upgrade authority information, and such as change allows or forbids the term of validity of the time period that vehicle enters and/or electronic key key1.After the authority information of server to electronic key key1 upgrades, the identification information of the authority information after renewal and electronic key key1 or electronic key key1 is sent to all access controllers storing electronic key key1 comprising access controller 1, with the authority information making access controller upgrade the local electronic key key1 stored.Server also can send a notification message to all car-mounted terminals being configured with electronic key key1 of the car-mounted terminal comprising vehicle A further, informs to corresponding car-mounted terminal so that the authority information of electronic key key1 to be occurred the authority information after changing or changing.
Electronic key can have following two states: effective status and failure state.Server can according to the strategy arranged, such as according to setting cycle, by the state notifying of electronic key that configures for car-mounted terminal to car-mounted terminal and/or access controller.Car-mounted terminal also can send request the request of the state obtaining electronic key to server, to obtain the state of the electronic key that this car-mounted terminal configures.
Electronic key configuration scene 3
Scene 3 describes shares the situation of same electronic key for many cars (the present embodiment is for vehicle A and vehicle B), removes the process of the electronic key key1 configured into vehicle A, to forbid the garage that vehicle A enters access controller 1 and controls.This process can comprise the following steps:
Step 301: server receives electronic key and removes instruction, described electronic key removes the identification information and the electronic key key1 that comprise the identification information of vehicle A or the car-mounted terminal of vehicle A in instruction, and the identification information of described car-mounted terminal can be the IP address of car-mounted terminal or ID etc.This electronic key removes the electronic key key1 that instruction configures for asking freeing vehicle A.
Further, electronic key removes the identification information that also can comprise access controller 1 in instruction, the IP address of such as access controller 1; And/or, comprise the identification information of car-mounted terminal A.
During concrete enforcement, the human-computer interaction interface submission electronic key releasing instruction carrying out electronic key configuration for user that user provides by server.
Step 302: server sends to the car-mounted terminal of vehicle A the request of releasing, described releasing comprises electronic key key1 in asking or comprises the identification information of electronic key key1.
Step 303: the car-mounted terminal of vehicle A receives after this configuration removes request, deletes the electronic key of local correspondence of preserving.Wherein, if car-mounted terminal is preserved the identification information of electronic key and the electronic key of correspondence, then can delete the local electronic key of preservation and the electronic key identification information of correspondence according to the identification information of the electronic key carried in this releasing request; If car-mounted terminal is not preserved the identification information of electronic key, then the electronic key that the electronic key carried in this releasing request available is preserved with this locality mates, and deletes the electronic key matched.
Step 304: server judges whether electronic key key1 also configures and uses to other car-mounted terminals, if not, sends to access controller 1 request of releasing, and described releasing comprises electronic key key1 in asking or comprises the identification information of electronic key key1; If so, then process ends.
In this step, server can be used for the database (have recorded the corresponding relation of electronic key and car-mounted terminal in this database) of recorded electronic encryption key distribution situation according to the identification information-enquiry of electronic key key1 or electronic key key1, thus judges whether electronic key key1 also configures and use to other car-mounted terminals.
Step 105: access controller 1 deletes the electronic key of local correspondence of preserving after receiving this configuration releasing request.Wherein, if access controller 1 is preserved the identification information of electronic key and the electronic key of correspondence, then can delete the local electronic key of preservation and the electronic key identification information of correspondence according to the identification information of the electronic key carried in this releasing request; If access controller 1 is not preserved the identification information of electronic key, then the electronic key that the electronic key carried in this releasing request available is preserved with this locality mates, and deletes the electronic key matched.
Further, server also can upgrade authority information, and such as change allows or forbids the term of validity of the time period that vehicle enters and/or electronic key key1.After the authority information of server to electronic key key1 upgrades, the identification information of the authority information after renewal and electronic key key1 or electronic key key1 is sent to all access controllers storing electronic key key1 comprising access controller 1, with the authority information making access controller upgrade the local electronic key key1 stored.Server also can send a notification message to all car-mounted terminals being configured with electronic key key1 of the car-mounted terminal comprising vehicle A further, informs to corresponding car-mounted terminal so that the authority information of electronic key key1 to be occurred the authority information after changing or changing.Electronic key can have following two states: effective status and failure state.Server can according to the strategy arranged, such as according to setting cycle, by the state notifying of electronic key that configures for car-mounted terminal to car-mounted terminal and/or access controller.Car-mounted terminal also can send request the request of the state obtaining electronic key to server, to obtain the state of the electronic key that this car-mounted terminal configures.
Electronic key configuration scene 4
Scene 4 describes the situation using different electronic key for different vehicle (the present embodiment is for vehicle A and vehicle B), removes the process of electronic key key1 into vehicle A configures, to forbid the garage that vehicle A enters access controller 1 and controls.This process can comprise the following steps:
Step 401: server receives electronic key and removes instruction, described electronic key removes the identification information and the electronic key key1 that comprise the identification information of vehicle A or the car-mounted terminal of vehicle A in instruction, and the identification information of described car-mounted terminal can be the IP address of car-mounted terminal or ID etc.This electronic key removes the electronic key key1 that instruction configures for asking freeing vehicle A.
Further, electronic key removes the identification information that also can comprise access controller 1 in instruction, the IP address of such as access controller 1.
Step 402: server sends to the car-mounted terminal of vehicle A the request of releasing, described releasing comprises electronic key key1 in asking or comprises the identification information of electronic key key1.
Step 403: the car-mounted terminal of vehicle A receives after this configuration removes request, deletes the electronic key of local correspondence of preserving.Wherein, if car-mounted terminal is preserved the identification information of electronic key and the electronic key of correspondence, then can delete the local electronic key of preservation and the electronic key identification information of correspondence according to the identification information of the electronic key carried in this releasing request; Otherwise the electronic key that the electronic key carried in this releasing request available is preserved with this locality mates, delete the electronic key matched.
Step 404: server sends to access controller 1 request of releasing, described releasing comprises electronic key key1 in asking or comprises the identification information of electronic key key1.
Step 405: access controller 1 deletes the electronic key of local correspondence of preserving after receiving this configuration releasing request.Wherein, if access controller 1 is preserved the identification information of electronic key and the electronic key of correspondence, then can delete the local electronic key of preservation and the electronic key identification information of correspondence according to the identification information of the electronic key carried in this releasing request; If access controller 1 is not preserved the identification information of electronic key, then the electronic key that the electronic key carried in this releasing request available is preserved with this locality mates, and deletes the electronic key matched.
Further, server also can upgrade authority information, and such as change allows or forbids the term of validity of the time period that vehicle enters and/or electronic key key1.After the authority information of server to electronic key key1 upgrades, the identification information of the authority information after renewal and electronic key key1 or electronic key key1 is sent to all access controllers storing electronic key key1 comprising access controller 1, with the authority information making access controller upgrade the local electronic key key1 stored.Server also can send a notification message to all car-mounted terminals being configured with electronic key key1 of the car-mounted terminal comprising vehicle A further, informs to corresponding car-mounted terminal so that the authority information of electronic key key1 to be occurred the authority information after changing or changing.
Electronic key can have following two states: effective status and failure state.Server can according to the strategy arranged, such as according to setting cycle, by the state notifying of electronic key that configures for car-mounted terminal to car-mounted terminal and/or access controller.Car-mounted terminal also can send request the request of the state obtaining electronic key to server, to obtain the state of the electronic key that this car-mounted terminal configures.
Access control flow process is described below.
As shown in Figure 5, this flow process can comprise:
Step 501: car-mounted terminal obtains the local electronic key preserved, controls car light according to the electronic key got and sends light signal.
Concrete, car-mounted terminal is converted to binary sequence to the electronic key got through coding and cyclic redundancy check (CRC), controls car light send light signal according to the binary sequence after conversion.Such as, for " 1 " in this binary sequence, control car light luminous, for " 0 " in this binary sequence, control car light not luminous.
Step 502: access controller obtains corresponding electronic key according to the light signal received.
Concrete, this light signal is converted to binary sequence after receiving the light signal that this vehicle sends by access controller.Such as, car light is sent the light signal characterizing electronic key and convert current signal to, convert described current signal to voltage signal, amplifieroperation is carried out to this voltage signal, then using amplify after voltage signal as digital signal decoding and cyclic redundancy check (CRC), obtain binary sequence.Then corresponding electronic key is obtained according to this binary sequence.
Step 503: access controller mates the electronic key that this electronic key and this locality are preserved, if coupling, then passes through the authentication of this car-mounted terminal, and control garage door is opened further.Further, if do not mate, access controller can send authentication failed prompt tone or warning.
Further, if also preserve authority information corresponding to electronic key in access controller, then above-mentioned steps 503 can be replaced:
Access controller mates the electronic key that this electronic key and this locality are preserved, if coupling, then corresponding according to this electronic key further authority information is verified, if be verified, then the authentication of this car-mounted terminal is passed through, and control garage door is opened further.Further, if this electronic key and the electronic key preserved of access controller this locality do not mate, or authority information corresponding to this electronic key is not verified, then access controller can send authentication failed prompt tone or warning.
Wherein, allow if comprised in authority information corresponding to described electronic key or forbid the time period that vehicle enters, then access controller judges current time whether within the time period that permission vehicle enters, and is if so, then verified.If comprise the term of validity of electronic key in the authority information that described electronic key is corresponding, then access controller judges current time whether in this term of validity, is if so, then verified.
In order to reduce the transport overhead of cordless communication network, during close together between car-mounted terminal and access controller, between car-mounted terminal and access controller, the communication technology can adopt wireless radio frequency mode, bluetooth approach, WI-FI mode etc.
Further, bluetooth module can also be set at car-mounted terminal and access controller inside, during close together between car-mounted terminal and access controller, by the automatic matching function of the bluetooth module in car-mounted terminal and access controller, identify the electronic key corresponding to mark of access controller, thus permission vehicle enters the garage that access controller controls;
Further, can also be provided with the Quick Response Code that car-mounted terminal can identify in access controller, when car-mounted terminal is near access controller, vehicle termination enters by scanning the mode of Quick Response Code the garage that access controller controls.
On basis based on embodiment one, in conjunction with above identity authorization system, Fig. 6 shows the another kind of authentication management method that the embodiment of the present invention provides.In flow process shown in Fig. 6, be described to the first electronic key terminal to be configured by the first electronic key, the method comprises the following steps:
S61, server receive electronic key and distribute request, and this electronic key distributes request and can be used for asking the first electronic key to configure to the first electronic key terminal.
Preferably, this electronic key distributes the identification information of the identification information that request can comprise electronic key and/or the electronic lock terminal of matching with this electronic key, specifically can obtain and set this electronic key see content described in the step S11 of above-described embodiment one and distribute request, just will not tire out at this and state.
S62, server distribute request according to electronic key, send electronic key configuration order, and in the first database, add the correspondence relationship information of the first electronic key and the first electronic key terminal to the first electronic key terminal.Wherein, in electronic key configuration order, comprise the first electronic key, to make the first electronic key terminal, the first electronic key is configured to this locality.
Preferably, the identification information of the first electronic key can also be comprised in this electronic key configuration order, electronic key in electronic key configuration order can also adopt encryption technology to be encrypted, and specifically see content described in the step S12 of above-described embodiment one, just can will not tire out state at this.
Whether preserve the correspondence relationship information of the first electronic lock terminal that described first electronic key and described first electronic key match in S63, server lookup second database, if do not had, then go to step S64, if had, then terminate this configuration flow.
S64, the correspondence relationship information of described first electronic key and described first electronic lock terminal to be saved in described second database, then to proceed to S65.
S65, terminate this configuration flow.
Further, each electronic key correspondence in the second database is provided with electronic key terminal list, if preserve the correspondence relationship information of the first electronic lock terminal that described first electronic key and described first electronic key match in described server lookup to described second database, but do not comprise the identification information of described first electronic key terminal in the electronic key terminal list that described first electronic key is corresponding, then the identification information of described first electronic key terminal is added in the electronic key terminal list that described in described second database, the first electronic key is corresponding.
Further, server also after receiving authority update request, can carry out the operation of electronic key authority update process according to this authority update request, further, after update process operation is carried out to the authority information of electronic key, corresponding electronic key terminal can also be notified.Specific implementation process is identical with previous embodiment one, is not described in detail in this.
Further, server periodically can also inquire about described first database, obtain the effective status information of the identification information being configured with the electronic key terminal of electronic key and the electronic key configured, and according to the identification information being configured with the electronic key terminal of electronic key acquired, the electronic key terminal to correspondence sends the effective status information of the electronic key configured.
Further, Query Result also after receiving the electronic key inquiry request that electronic key terminal sends, according to the state of this requesting query respective electronic key, and can be sent to this electronic key terminal by server.Specific implementation process is identical with previous embodiment one, is not described in detail in this.
Further, server also can reclaim the electronic key distributed.To need the 4th electronic key being recovered as the 4th electronic key terminal distribution, this electronic key removal process can comprise:
Server receives electronic key and reclaims request, and this electronic key reclaims in request and comprises the identification information of the 4th electronic key and the identification information of the 4th electronic key terminal; Server reclaims request according to this electronic key, inquires about described second database, obtains the identification information of the 4th corresponding electronic lock terminal; Then, the identification information of the 4th electronic key terminal in the second database is deleted by server from electronic key terminal list corresponding to the 4th electronic key.
See Fig. 7, it is the another kind of flow for authenticating ID that the embodiment of the present invention provides.In this flow process, perform authentication process by server and operate, the electronic key used in this flow process is configured by the mode shown in Fig. 6.As shown in the figure, this flow for authenticating ID can comprise the steps:
S71, server receive the ID authentication request that electronic lock terminal sends, comprise the identification information of electronic key and described electronic lock terminal in described ID authentication request, to be described electronic lock terminal parse from carrying the signal of electronic key of sending of electronic key terminal described electronic key.
Wherein, electronic lock terminal receives the same previous embodiment of the specific implementation carrying the signal of electronic key that electronic key terminal sends, and is not described in detail in this.
S72, server are compared by the electronic key corresponding with described electronic lock terminal preserved in described electronic key and described server this locality, carry out authentication to described electronic key terminal.Further, identity authentication result is sent to described electronic lock terminal by server, carries out corresponding control operation to make described electronic lock terminal according to described identity authentication result.
Further, in step S71, in ID authentication request, also can comprise the identification information of described electronic key terminal; Accordingly, in step S72, server can according to the identification information of described electronic key terminal and described electronic key, the local electronic key terminal list corresponding to described electronic key stored of inquiry; If the identification information of described electronic key terminal is present in described list, then to the authentication success of described electronic key terminal, otherwise authentication failure.
Based on identical technical conceive, the embodiment of the present invention additionally provides a kind of server and is applied to identity authorization system, also comprises electronic key terminal and electronic lock terminal in described identity authorization system, and wherein, as shown in Figure 8, described server comprises:
Receiver module 81, distribute request for receiving electronic key, described electronic key distributes request and configures to the first electronic key terminal for request by the first electronic key;
First configuration module 82, for distributing request according to described electronic key, send electronic key configuration order to described first electronic key terminal, and in the first database, add the correspondence relationship information of described first electronic key and described first electronic key terminal; Wherein, in described electronic key configuration order, comprise described first electronic key, to make described first electronic key terminal, described first electronic key is configured to this locality;
Second configuration module 83, for inquiring about in the second database the correspondence relationship information of whether preserving the first electronic lock terminal that described first electronic key and described first electronic key match, if do not had, then send the first right assignment order to described first electronic lock terminal, and after receiving the right assignment success response that described first electronic lock terminal returns, the correspondence relationship information of described first electronic key and described first electronic lock terminal is saved in described second database, wherein, the authority information of described first electronic key and described first electronic key is comprised in described first right assignment order, to make described first electronic lock terminal, described first electronic key and authority information thereof are configured to this locality, or, for inquiring about in the second database the correspondence relationship information of whether preserving the first electronic lock terminal that described first electronic key and described first electronic key match, if no, then the correspondence relationship information of described first electronic key and described first electronic lock terminal is saved in described second database.
Further, each electronic key in described second database also correspondence is provided with electronic key terminal list, and described list is for preserving the identification information of all electronic key terminals being configured with corresponding electronic key, second configuration module 83 is also for the correspondence relationship information of preserving the first electronic lock terminal that described first electronic key and described first electronic key match if inquire in described second database, but do not comprise the identification information of described first electronic key terminal in the electronic key terminal list that described first electronic key is corresponding, then send the second right assignment order to described first electronic lock terminal, and after receiving the right assignment success response that described first electronic lock terminal returns, the identification information of described first electronic key terminal is added in the electronic key terminal list that described in described second database, the first electronic key is corresponding, wherein, comprise the identification information of described first electronic key or described first electronic key in described second right assignment order and comprise the identification information of described first electronic key terminal, to make described first electronic lock terminal, the identification information of described first electronic key terminal being added in electronic key terminal list corresponding to described first electronic key, or, for inquiring in described second database the correspondence relationship information of preserving the first electronic lock terminal that described first electronic key and described first electronic key match, but do not comprise the identification information of described first electronic key terminal in the electronic key terminal list that described first electronic key is corresponding, then the identification information of described first electronic key terminal is added in the electronic key terminal list that described in described second database, the first electronic key is corresponding.
Further, the identification information of the first electronic lock terminal of matching with described first electronic key is also comprised in described electronic key configuring request; Second configuration module 83 specifically for: according to the identification information of the described first electronic lock terminal comprised in described electronic key configuring request, inquire about in described second database and whether preserve the electronic keying information corresponding with the identification information of described first electronic lock terminal.
Further, receiver module 81 also for: receive authority update request, in described authority update request, comprise the authority information of the identification information of the second electronic key and described second electronic key after upgrading; Second configuration module 83, also for according to the identification information-enquiry of described second electronic key the second database, obtains the identification information of the second corresponding electronic lock terminal; And, according to the described second electronic lock terminal identification information inquired, to described second electronic lock terminal sending permission more newer command, described authority more comprises the authority information of the identification information of described second electronic key and described second electronic key after upgrading in newer command, upgrades the authority information of described second electronic key to make described second electronic lock terminal.
Further, first configuration module 82 also for: according to the second electronic lock terminal identification information of inquiring, to described second electronic lock terminal sending permission more newer command, receive described second electronic lock terminal send be updated successfully response after, the first database according to the identification information-enquiry of described second electronic key, obtains the second corresponding electronic key terminal identification information; According to the second electronic key terminal identification information inquired, send the notification message of the authority information generation renewal of described second electronic key to described second electronic key terminal.
Further, above-mentioned server also can comprise: notification module (not shown in Figure 8), for according to described first database of setting cycle inquiry, obtain the effective status information of the identification information being configured with the electronic key terminal of electronic key and the electronic key configured; According to the identification information being configured with the electronic key terminal of electronic key acquired, the electronic key terminal to correspondence sends the effective status information of the electronic key configured.
Further, above-mentioned server also can comprise: enquiry module (not shown in Figure 8), receiver module 81 also can be used for: receive the electronic key inquiry request that the 3rd electronic key terminal is sent, comprise the identification information of described 3rd electronic key terminal in described inquiry request; Described enquiry module, for the first database according to the identification information-enquiry of described 3rd electronic key terminal, obtain the effective status information of the electronic key that described 3rd electronic key terminal configures, and the effective status information of the electronic key inquired is sent to described 3rd electronic key terminal.
Further, receiver module 81 also can be used for: receive electronic key and reclaim request, and described electronic key reclaims in request and comprises the identification information of the 4th electronic key and the identification information of the 4th electronic key terminal; Accordingly, the second configuration module 83 also can be used for: reclaim request according to described electronic key, inquire about described second database, obtains the identification information of the 4th corresponding electronic lock terminal; Send electronic key to described 4th electronic lock terminal and reclaim order, and to reclaim after the electronic key asking to return reclaims successfully response according to described electronic key receiving described 4th electronic lock terminal, the identification information of described 4th electronic key terminal is deleted from electronic key terminal list corresponding to described 4th electronic key; Wherein, described electronic key reclaims in order and comprises the identification information of described 4th electronic key and the identification information of described 4th electronic key terminal, with make described 4th electronic lock terminal the corresponding relation of described 4th electronic key and described 4th electronic key terminal is deleted or is set to invalid; Or by described second database, the identification information of described 4th electronic key terminal is deleted from electronic key terminal list corresponding to described 4th electronic key.
Further, the authority information of described electronic key comprises: the term of validity of electronic key, and/or, electronic key forbid perhaps up time section.
Further, described server is communicated by communication with electronic key terminal; Described server is communicated by wire communication mode or communication with described electronic lock terminal.
Further, above-mentioned server also can comprise: authentication module 84.Above-mentioned receiver module 81 also can be used for: receive the ID authentication request that electronic lock terminal sends, comprise the identification information of electronic key and electronic lock terminal in this ID authentication request, to be electronic lock terminal parse from carrying the signal of electronic key of sending of electronic key terminal electronic key;
The electronic key corresponding with electronic lock terminal that authentication module 84 can be used for by being preserved in electronic key and server this locality is compared, and carries out authentication to electronic key terminal.
Preferably, the identification information of electronic key terminal can also be comprised in above-mentioned ID authentication request.
Further, above-mentioned authentication module 84 specifically for:
According to identification information and the electronic key of electronic key terminal, the local electronic key terminal list corresponding to electronic key stored of inquiry;
If the identification information of electronic key terminal is present in list, then to the authentication success of electronic key terminal, otherwise authentication failure.
Based on the basis of above-described embodiment, the embodiment of the present invention also provides a kind of electronic lock terminal, is applied to identity authorization system, also comprises server and electronic key terminal in identity authorization system, and see Fig. 9, this electronic lock terminal comprises:
Configuration module 91, for the first right assignment order that reception server sends, comprise the authority information of described first electronic key and described first electronic key in described first right assignment order, to be described server send when distributing request according to the electronic key received and not inquiring the correspondence relationship information of the first electronic lock terminal that described first electronic key and described first electronic key match in described first right assignment order; And, after described first electronic key and authority information thereof being configured to this locality according to described first right assignment order, returning authority to described server and be allocated successfully response;
Authentication module 92, for receiving the signal carrying electronic key that electronic key terminal sends, the electronic key of described signaling bearer is parsed from described signal, by comparing resolving the electronic key obtained with the local electronic key preserved, authentication is carried out to described electronic key terminal.
Further, for each electronic key also correspondence be provided with electronic key terminal list, described list is for preserving the identification information of all electronic key terminals being configured with corresponding electronic key;
Further, configuration module also can be used for: receive the second right assignment order that described server sends, comprise the identification information of described first electronic key or described first electronic key and comprise the identification information of described first electronic key terminal in described second right assignment order; Wherein, the correspondence relationship information of described second right assignment order to be described server according to the electronic key configuring request received inquire the first electronic lock terminal that described first electronic key and described first electronic key match, but send when not comprising the identification information of described first electronic key terminal in electronic key terminal list corresponding to described first electronic key; According to described second authority order, the identification information of described first electronic key terminal is added to after in electronic key terminal list corresponding to described first electronic key, return authority to described server and be allocated successfully response.
Further, configuration module 91 also can be used for: receive the electronic key recovery order that described server sends, described electronic key reclaims in order and comprises the identification information of the 4th electronic key and the identification information of described 4th electronic key terminal; Reclaim order according to described electronic key, described 4th electronic key and the corresponding relation of described 4th electronic key terminal are deleted or are set to invalid after, reclaim successful response to described server return electron key.
Preferably, above-mentioned signal can be electromagnetic wave signal, and described electronic key is converted to electromagnetic wave signal and sends by described electronic key terminal; Or above-mentioned signal can also be light signal, described electronic key, by controlling the frequency of described light signal, wavelength, duty ratio or brightness, is carried in described light signal and sends by described electronic key terminal; Or above-mentioned signal can also be voice signal, described electronic key, by controlling frequency or the amplitude of described voice signal, is carried in described voice signal and sends by described electronic key terminal.
Further, above-mentioned authentication module 92 also can be used for:
The identification information of described electronic key terminal is parsed from above-mentioned signal, or, receive the identification information of the described electronic key terminal that described electronic key terminal sent before transmission carries the signal of electronic key;
Above-mentioned authentication module 92 specifically for:
According to the identification information of the electronic key terminal received, and resolve the electronic key obtained from the signal that described electronic key terminal sends, the local electronic key terminal list corresponding to described electronic key stored of inquiry;
If the identification information of described electronic key terminal is present in described list, then to the authentication success of described electronic key terminal, otherwise authentication failure.
Obviously, those skilled in the art can carry out various change and modification to the present invention and not depart from the spirit and scope of the present invention.Like this, if these amendments of the present invention and modification belong within the scope of the claims in the present invention and equivalent technologies thereof, then the present invention is also intended to comprise these change and modification.
Claims (26)
1. an authentication management method, is characterized in that, be applied to the identity authorization system including server, electronic key terminal and electronic lock terminal, described method comprises:
Server receives electronic key and distributes request, and described electronic key distribution request is used for request and configures to the first electronic key terminal by the first electronic key;
Described server distributes request according to described electronic key, sends electronic key configuration order, and in the first database, add the correspondence relationship information of described first electronic key and described first electronic key terminal to described first electronic key terminal; Wherein, in described electronic key configuration order, comprise described first electronic key, to make described first electronic key terminal, described first electronic key is configured to this locality;
The correspondence relationship information of the first electronic lock terminal that described first electronic key and described first electronic key match whether is preserved in described server lookup second database, if do not had, then send the first right assignment order to described first electronic lock terminal, and after receiving the right assignment success response that described first electronic lock terminal returns, the correspondence relationship information of described first electronic key and described first electronic lock terminal is saved in described second database, wherein, the authority information of described first electronic key and described first electronic key is comprised in described first right assignment order, to make described first electronic lock terminal, described first electronic key and authority information thereof are configured to this locality, or, the correspondence relationship information of the first electronic lock terminal that described first electronic key and described first electronic key match whether is preserved in described server lookup second database, if no, then the correspondence relationship information of described first electronic key and described first electronic lock terminal is saved in described second database.
2. the method for claim 1, it is characterized in that, each electronic key in described second database also correspondence is provided with electronic key terminal list, and described list is for preserving the identification information of all electronic key terminals being configured with corresponding electronic key;
Described method also comprises:
If preserve the correspondence relationship information of the first electronic lock terminal that described first electronic key and described first electronic key match in described server lookup to described second database, but do not comprise the identification information of described first electronic key terminal in the electronic key terminal list that described first electronic key is corresponding, then send the second right assignment order to described first electronic lock terminal, and after receiving the right assignment success response that described first electronic lock terminal returns, the identification information of described first electronic key terminal is added in the electronic key terminal list that described in described second database, the first electronic key is corresponding, wherein, comprise the identification information of described first electronic key or described first electronic key in described second right assignment order and comprise the identification information of described first electronic key terminal, to make described first electronic lock terminal, the identification information of described first electronic key terminal being added in electronic key terminal list corresponding to described first electronic key, or
If preserve the correspondence relationship information of the first electronic lock terminal that described first electronic key and described first electronic key match in described server lookup to described second database, but do not comprise the identification information of described first electronic key terminal in the electronic key terminal list that described first electronic key is corresponding, then the identification information of described first electronic key terminal is added in the electronic key terminal list that described in described second database, the first electronic key is corresponding.
3. method as claimed in claim 1 or 2, is characterized in that, also comprise the identification information of the first electronic lock terminal of matching with described first electronic key in described electronic key configuring request;
Whether preserve the correspondence relationship information of the first electronic lock terminal that described first electronic key and described first electronic key match in described server lookup second database, comprising:
Described server, according to the identification information of the described first electronic lock terminal comprised in described electronic key configuring request, is inquired about in described second database and whether is preserved the electronic keying information corresponding with the identification information of described first electronic lock terminal.
4. the method for claim 1, is characterized in that, also comprises:
Described server receives authority update request, comprises the authority information of the identification information of the second electronic key and described second electronic key after upgrading in described authority update request;
Described server is the second database according to the identification information-enquiry of described second electronic key, obtains the identification information of the second corresponding electronic lock terminal;
Described server is according to the described second electronic lock terminal identification information inquired, to described second electronic lock terminal sending permission more newer command, described authority more comprises the authority information of the identification information of described second electronic key and described second electronic key after upgrading in newer command, upgrades the authority information of described second electronic key to make described second electronic lock terminal.
5. method as claimed in claim 4, it is characterized in that, described server, according to the second electronic lock terminal identification information inquired, after described second electronic lock terminal sending permission more newer command, also comprises:
After what described server received that described second electronic lock terminal sends be updated successfully response, the first database according to the identification information-enquiry of described second electronic key, obtains the second corresponding electronic key terminal identification information;
Described server, according to the second electronic key terminal identification information inquired, sends the notification message of the authority information generation renewal of described second electronic key to described second electronic key terminal.
6. the method for claim 1, is characterized in that, also comprises:
Described server, according to described first database of setting cycle inquiry, obtains the effective status information of the identification information being configured with the electronic key terminal of electronic key and the electronic key configured;
Described server is according to the identification information being configured with the electronic key terminal of electronic key acquired, and the electronic key terminal to correspondence sends the effective status information of the electronic key configured.
7. the method for claim 1, is characterized in that, also comprises:
Described server receives the electronic key inquiry request that the 3rd electronic key terminal is sent, and comprises the identification information of described 3rd electronic key terminal in described inquiry request;
Described server is the first database according to the identification information-enquiry of described 3rd electronic key terminal, obtain the effective status information of the electronic key that described 3rd electronic key terminal configures, and the effective status information of the electronic key inquired is sent to described 3rd electronic key terminal.
8. the method for claim 1, is characterized in that, also comprises:
Described server receives electronic key and reclaims request, and described electronic key reclaims in request and comprises the identification information of the 4th electronic key and the identification information of the 4th electronic key terminal;
Described server reclaims request according to described electronic key, inquires about described second database, obtains the identification information of the 4th corresponding electronic lock terminal;
Described server sends electronic key to described 4th electronic lock terminal and reclaims order, and to reclaim after the electronic key asking to return reclaims successfully response according to described electronic key receiving described 4th electronic lock terminal, the identification information of described 4th electronic key terminal is deleted from electronic key terminal list corresponding to described 4th electronic key, wherein, described electronic key reclaims in order and comprises the identification information of described 4th electronic key and the identification information of described 4th electronic key terminal, with make described 4th electronic lock terminal the corresponding relation of described 4th electronic key and described 4th electronic key terminal is deleted or is set to invalid, or described server is by described second database, and the identification information of described 4th electronic key terminal is deleted from electronic key terminal list corresponding to described 4th electronic key.
9. the method according to any one of claim 1 to 8, is characterized in that, the authority information of described electronic key comprises: the term of validity of electronic key, and/or, electronic key forbid perhaps up time section.
10. the method according to any one of claim 1 to 8, is characterized in that, described server is communicated by communication with electronic key terminal; Described server is communicated by communication or wire communication mode with electronic lock terminal.
11. 1 kinds of identity identifying methods realized based on the method such as according to any one of claim 1 to 10, is characterized in that, comprising:
Electronic lock terminal receives the signal carrying electronic key that electronic key terminal sends;
Described electronic lock terminal parses the electronic key of described signaling bearer from described signal;
Described electronic lock terminal, by comparing resolving the electronic key that the electronic key that obtains and described electronic lock terminal local preserve, carries out authentication to described electronic key terminal.
12. methods as claimed in claim 11, it is characterized in that, described signal is electromagnetic wave signal, and described electronic key is converted to electromagnetic wave signal and sends by described electronic key terminal; Or
Described signal is light signal, and described electronic key, by controlling the frequency of described light signal, wavelength, duty ratio or brightness, is carried in described light signal and sends by described electronic key terminal; Or
Described signal is voice signal, and described electronic key, by controlling frequency or the amplitude of described voice signal, is carried in described voice signal and sends by described electronic key terminal.
13. methods as claimed in claim 11, it is characterized in that, also comprise the identification information of described electronic key terminal in described signal, or the identification information of described electronic key terminal was sent to described electronic lock terminal by described electronic key terminal before transmission carries the signal of electronic key;
Described electronic lock terminal, by comparing resolving the electronic key that obtains with the local electronic key preserved of described electric terminal, being carried out authentication to described electronic key terminal, being comprised:
Described electronic lock terminal according to the identification information of the electronic key terminal received, and resolves the electronic key obtained from the signal that described electronic key terminal sends, the local electronic key terminal list corresponding to described electronic key stored of inquiry;
If the identification information of the electronic key terminal received is present in described list, then to the authentication success of described electronic key terminal, otherwise authentication failure.
14. methods as claimed in claim 13, is characterized in that, the identification information of described electronic key terminal, before transmission carries the signal of electronic key, is sent to described electronic lock terminal by described electronic key terminal in the following manner:
The identification information of electronic key terminal is converted to electromagnetic wave signal and sends by described electronic key terminal; Or
The identification information of electronic key terminal, by controlling the frequency of described light signal, wavelength, duty ratio or brightness, is carried in described light signal and sends by described electronic key terminal; Or
The identification information of electronic key terminal, by controlling frequency or the amplitude of voice signal, is carried in described voice signal and sends by described electronic key terminal.
15. methods according to any one of claim 11 to 14, is characterized in that, carry the process of the signal of electronic key, comprising described in described electronic key terminal sends to described electronic lock terminal:
Described electronic key terminal is by near-field communication NFC mode, bluetooth approach or the identification information being obtained electronic lock terminal by the mode scanning Quick Response Code, according to the electronic key corresponding with the identification information of this electronic lock terminal that the identification information-enquiry this locality of the electronic lock terminal got is preserved, the electronic key generation according to inquiring carries the signal of this electronic key and sends.
16. 1 kinds of identity identifying methods realized based on the method such as according to any one of claim 1 to 10, is characterized in that, comprising:
Server receives the ID authentication request that electronic lock terminal sends, comprise the identification information of electronic key and described electronic lock terminal in described ID authentication request, to be described electronic lock terminal parse from carrying the signal of electronic key of sending of electronic key terminal described electronic key;
Described server is compared by the electronic key corresponding with described electronic lock terminal preserved in described electronic key and described server this locality, carries out authentication to described electronic key terminal.
17. methods as claimed in claim 16, is characterized in that, also comprise the identification information of described electronic key terminal in described ID authentication request;
Described server is compared by the electronic key corresponding with described electronic lock terminal preserved in described electronic key and described server this locality, carries out authentication, comprising described electronic key terminal:
Described server, according to the identification information of described electronic key terminal and described electronic key, inquires about the local electronic key terminal list corresponding to described electronic key stored;
If the identification information of described electronic key terminal is present in described list, then to the authentication success of described electronic key terminal, otherwise authentication failure.
18. 1 kinds of servers, is characterized in that, be applied to identity authorization system, and also comprise electronic key terminal and electronic lock terminal in described identity authorization system, described server comprises:
Receiver module, distribute request for receiving electronic key, described electronic key distributes request and configures to the first electronic key terminal for request by the first electronic key;
First configuration module, for distributing request according to described electronic key, sending electronic key configuration order to described first electronic key terminal, and in the first database, adding the correspondence relationship information of described first electronic key and described first electronic key terminal; Wherein, in described electronic key configuration order, comprise described first electronic key, to make described first electronic key terminal, described first electronic key is configured to this locality;
Second configuration module, for inquiring about in the second database the correspondence relationship information of whether preserving the first electronic lock terminal that described first electronic key and described first electronic key match, if do not had, then send the first right assignment order to described first electronic lock terminal, and after receiving the right assignment success response that described first electronic lock terminal returns, the correspondence relationship information of described first electronic key and described first electronic lock terminal is saved in described second database, wherein, the authority information of described first electronic key and described first electronic key is comprised in described first right assignment order, to make described first electronic lock terminal, described first electronic key and authority information thereof are configured to this locality, or, for inquiring about in the second database the correspondence relationship information of whether preserving the first electronic lock terminal that described first electronic key and described first electronic key match, if no, then the correspondence relationship information of described first electronic key and described first electronic lock terminal is saved in described second database.
19. servers as claimed in claim 18, it is characterized in that, each electronic key in described second database also correspondence is provided with electronic key terminal list, and described list is for preserving the identification information of all electronic key terminals being configured with corresponding electronic key;
Described second configuration module is also for the correspondence relationship information of preserving the first electronic lock terminal that described first electronic key and described first electronic key match if inquire in described second database, but do not comprise the identification information of described first electronic key terminal in the electronic key terminal list that described first electronic key is corresponding, then send the second right assignment order to described first electronic lock terminal, and after receiving the right assignment success response that described first electronic lock terminal returns, the identification information of described first electronic key terminal is added in the electronic key terminal list that described in described second database, the first electronic key is corresponding, wherein, comprise the identification information of described first electronic key or described first electronic key in described second right assignment order and comprise the identification information of described first electronic key terminal, to make described first electronic lock terminal, the identification information of described first electronic key terminal being added in electronic key terminal list corresponding to described first electronic key, or
For inquiring in described second database the correspondence relationship information of preserving the first electronic lock terminal that described first electronic key and described first electronic key match, but do not comprise the identification information of described first electronic key terminal in the electronic key terminal list that described first electronic key is corresponding, then the identification information of described first electronic key terminal is added in the electronic key terminal list that described in described second database, the first electronic key is corresponding.
20. servers as described in claim 18 or 19, is characterized in that, also comprise the identification information of the first electronic lock terminal of matching with described first electronic key in described electronic key configuring request;
Described second configuration module specifically for: according to the identification information of the described first electronic lock terminal comprised in described electronic key configuring request, inquire about in described second database and whether preserve the electronic keying information corresponding with the identification information of described first electronic lock terminal.
21. servers as claimed in claim 18, it is characterized in that, described receiver module also for: receive authority update request, in described authority update request, comprise the authority information of the identification information of the second electronic key and described second electronic key after upgrading;
Described second configuration module, also for according to the identification information-enquiry of described second electronic key the second database, obtains the identification information of the second corresponding electronic lock terminal; And, according to the described second electronic lock terminal identification information inquired, to described second electronic lock terminal sending permission more newer command, described authority more comprises the authority information of the identification information of described second electronic key and described second electronic key after upgrading in newer command, upgrades the authority information of described second electronic key to make described second electronic lock terminal.
22. servers as claimed in claim 21, it is characterized in that, described first configuration module also for: according to the second electronic lock terminal identification information of inquiring, to described second electronic lock terminal sending permission more newer command, receive described second electric lock terminal send be updated successfully response after, the first database according to the identification information-enquiry of described second electronic key, obtains the second corresponding electronic key terminal identification information; According to the second electronic key terminal identification information inquired, send the notification message of the authority information generation renewal of described second electronic key to described second electronic key terminal.
23. servers as claimed in claim 18, is characterized in that, also comprise: enquiry module;
Described receiver module also for: receive the 3rd electronic key terminal electronic key inquiry request of sending, in described inquiry request, comprise the identification information of described 3rd electronic key terminal;
Described enquiry module, for the first database according to the identification information-enquiry of described 3rd electronic key terminal, obtain the effective status information of the electronic key that described 3rd electronic key terminal configures, and the effective status information of the electronic key inquired is sent to described 3rd electronic key terminal.
24. servers as claimed in claim 18, it is characterized in that, described receiver module also for: receive electronic key and reclaim request, described electronic key reclaims in request and comprises the identification information of the 4th electronic key and the identification information of the 4th electronic key terminal;
Described second configuration module also for: reclaim request according to described electronic key, inquire about described second database, obtain the identification information of the 4th corresponding electronic lock terminal; Send electronic key to described 4th electronic lock terminal and reclaim order, and to reclaim after the electronic key asking to return reclaims successfully response according to described electronic key receiving described 4th electronic lock terminal, the identification information of described 4th electronic key terminal is deleted from electronic key terminal list corresponding to described 4th electronic key; Wherein, described electronic key reclaims in order and comprises the identification information of described 4th electronic key and the identification information of described 4th electronic key terminal, with make described 4th electronic lock terminal the corresponding relation of described 4th electronic key and described 4th electronic key terminal is deleted or is set to invalid; Or by described second database, the identification information of described 4th electronic key terminal is deleted from electronic key terminal list corresponding to described 4th electronic key.
25. servers as claimed in claim 18, is characterized in that, also comprise: authentication module;
Described receiver module also for: receive the ID authentication request that electronic lock terminal sends, comprise the identification information of electronic key and described electronic lock terminal in described ID authentication request, to be described electronic lock terminal parse from carrying the signal of electronic key of sending of electronic key terminal described electronic key;
Described authentication module, comparing for the electronic key corresponding with described electronic lock terminal by being preserved in described electronic key and described server this locality, carrying out authentication to described electronic key terminal.
26. servers as claimed in claim 25, is characterized in that, also comprise the identification information of described electronic key terminal in described ID authentication request;
Described authentication module specifically for:
According to identification information and the described electronic key of described electronic key terminal, the local electronic key terminal list corresponding to described electronic key stored of inquiry;
If the identification information of described electronic key terminal is present in described list, then to the authentication success of described electronic key terminal, otherwise authentication failure.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410356621.3A CN104243160A (en) | 2014-07-24 | 2014-07-24 | Identity authentication management method and identity authentication method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410356621.3A CN104243160A (en) | 2014-07-24 | 2014-07-24 | Identity authentication management method and identity authentication method and device |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN104243160A true CN104243160A (en) | 2014-12-24 |
Family
ID=52230566
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410356621.3A Pending CN104243160A (en) | 2014-07-24 | 2014-07-24 | Identity authentication management method and identity authentication method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104243160A (en) |
Cited By (22)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104966343A (en) * | 2015-07-14 | 2015-10-07 | 深圳市亲邻科技有限公司 | Entrance guard control method based on Internet |
| CN105141415A (en) * | 2015-09-15 | 2015-12-09 | 北京三未信安科技发展有限公司 | Remote management method and system of password equipment |
| CN105187438A (en) * | 2015-09-25 | 2015-12-23 | 北汽福田汽车股份有限公司 | Equipment authorization method, device and system |
| CN105225524A (en) * | 2015-11-11 | 2016-01-06 | 中国联合网络通信集团有限公司 | Parking lot management method and device |
| CN105809004A (en) * | 2016-03-30 | 2016-07-27 | 宁波三博电子科技有限公司 | Communication method and system based on comprehensively recognized encryption technology |
| CN106302973A (en) * | 2015-06-11 | 2017-01-04 | 德金属工业股份有限公司 | Take concerted action the control system of device |
| CN106341392A (en) * | 2016-08-23 | 2017-01-18 | 北京航空航天大学 | Electric vehicle OBD II interface secure communication protection device, system and method |
| CN106548548A (en) * | 2016-08-16 | 2017-03-29 | 中山微宇电器科技有限公司 | A kind of method for unlocking and intelligent lock system of smart lock |
| CN107404498A (en) * | 2017-09-12 | 2017-11-28 | 深圳市驿固科技有限公司 | A kind of management method and system of smart lock equipment manager authority |
| WO2018006338A1 (en) * | 2016-07-07 | 2018-01-11 | 深圳企管加企业服务有限公司 | Optical communications-based operation method and system for intelligent access control |
| CN108171847A (en) * | 2018-01-04 | 2018-06-15 | 北京神器科技有限公司 | The unlocking method and device of a kind of access control equipment |
| CN108202695A (en) * | 2016-12-16 | 2018-06-26 | 比亚迪股份有限公司 | Anti-stealing method for vehicles, device and vehicle |
| CN108876388A (en) * | 2018-06-20 | 2018-11-23 | 深圳市买买提信息科技有限公司 | A kind of identity identifying method, device and terminal device |
| CN108900582A (en) * | 2018-06-13 | 2018-11-27 | 卢嘉川 | A kind of intelligent controller based on Internet of Things |
| CN109002875A (en) * | 2018-06-04 | 2018-12-14 | 上海德必创新科技发展有限公司 | Two dimensional code encryption method, two dimensional code Transmission system and storage medium |
| CN109446774A (en) * | 2018-09-30 | 2019-03-08 | 山东知味行网络科技有限公司 | A kind of identification application method and system |
| CN109495274A (en) * | 2018-12-25 | 2019-03-19 | 成都三零瑞通移动通信有限公司 | A kind of decentralization smart lock electron key distribution method and system |
| CN110381064A (en) * | 2019-07-19 | 2019-10-25 | 吉林大学 | A kind of verification method, device and computer readable storage medium |
| CN111751706A (en) * | 2020-06-22 | 2020-10-09 | 江苏高聚识别技术有限公司 | Identity recognition technology research and development auxiliary system |
| CN111865565A (en) * | 2019-04-24 | 2020-10-30 | 云丁智能科技(北京)有限公司 | Key management method, intelligent device, server and mobile terminal |
| CN112765185A (en) * | 2019-11-05 | 2021-05-07 | 株洲中车时代电气股份有限公司 | Data updating method, device, equipment and storage medium for vehicle-mounted equipment |
| CN113783687A (en) * | 2021-09-07 | 2021-12-10 | 浙江吉利控股集团有限公司 | Method and system for generating, encrypting and decrypting electronic anti-theft code of automobile |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102426715A (en) * | 2011-09-30 | 2012-04-25 | 华为技术有限公司 | Unlocking method for electronic door lock, electronic door lock and electronic door lock system |
| CN103093531A (en) * | 2013-01-18 | 2013-05-08 | 陈志衍 | Lock system controlled by internet |
| CN103345790A (en) * | 2013-06-26 | 2013-10-09 | 深圳市同创新佳科技有限公司 | Electronic door lock management method and system based on NFC (near field communication) intelligent electronic equipment |
-
2014
- 2014-07-24 CN CN201410356621.3A patent/CN104243160A/en active Pending
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102426715A (en) * | 2011-09-30 | 2012-04-25 | 华为技术有限公司 | Unlocking method for electronic door lock, electronic door lock and electronic door lock system |
| CN103093531A (en) * | 2013-01-18 | 2013-05-08 | 陈志衍 | Lock system controlled by internet |
| CN103345790A (en) * | 2013-06-26 | 2013-10-09 | 深圳市同创新佳科技有限公司 | Electronic door lock management method and system based on NFC (near field communication) intelligent electronic equipment |
Cited By (32)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106302973A (en) * | 2015-06-11 | 2017-01-04 | 德金属工业股份有限公司 | Take concerted action the control system of device |
| CN106302973B (en) * | 2015-06-11 | 2019-04-23 | 一德金属工业股份有限公司 | Take concerted action the control system of device |
| CN104966343A (en) * | 2015-07-14 | 2015-10-07 | 深圳市亲邻科技有限公司 | Entrance guard control method based on Internet |
| CN105141415B (en) * | 2015-09-15 | 2018-01-16 | 北京三未信安科技发展有限公司 | The method for remote management and system of a kind of encryption device |
| CN105141415A (en) * | 2015-09-15 | 2015-12-09 | 北京三未信安科技发展有限公司 | Remote management method and system of password equipment |
| CN105187438A (en) * | 2015-09-25 | 2015-12-23 | 北汽福田汽车股份有限公司 | Equipment authorization method, device and system |
| CN105225524A (en) * | 2015-11-11 | 2016-01-06 | 中国联合网络通信集团有限公司 | Parking lot management method and device |
| CN105809004A (en) * | 2016-03-30 | 2016-07-27 | 宁波三博电子科技有限公司 | Communication method and system based on comprehensively recognized encryption technology |
| CN105809004B (en) * | 2016-03-30 | 2019-05-17 | 上海星地通讯工程研究所 | A kind of communication means and system of the encryption technology based on comprehensive identification |
| WO2018006338A1 (en) * | 2016-07-07 | 2018-01-11 | 深圳企管加企业服务有限公司 | Optical communications-based operation method and system for intelligent access control |
| CN106548548B (en) * | 2016-08-16 | 2018-12-25 | 中山微宇电器科技有限公司 | A kind of method for unlocking and intelligent lock system of smart lock |
| CN106548548A (en) * | 2016-08-16 | 2017-03-29 | 中山微宇电器科技有限公司 | A kind of method for unlocking and intelligent lock system of smart lock |
| CN106341392B (en) * | 2016-08-23 | 2019-09-13 | 北京航空航天大学 | II interface security communication protection device of electric car OBD, system and method |
| CN106341392A (en) * | 2016-08-23 | 2017-01-18 | 北京航空航天大学 | Electric vehicle OBD II interface secure communication protection device, system and method |
| CN108202695A (en) * | 2016-12-16 | 2018-06-26 | 比亚迪股份有限公司 | Anti-stealing method for vehicles, device and vehicle |
| CN107404498A (en) * | 2017-09-12 | 2017-11-28 | 深圳市驿固科技有限公司 | A kind of management method and system of smart lock equipment manager authority |
| CN108171847A (en) * | 2018-01-04 | 2018-06-15 | 北京神器科技有限公司 | The unlocking method and device of a kind of access control equipment |
| CN109002875A (en) * | 2018-06-04 | 2018-12-14 | 上海德必创新科技发展有限公司 | Two dimensional code encryption method, two dimensional code Transmission system and storage medium |
| CN108900582A (en) * | 2018-06-13 | 2018-11-27 | 卢嘉川 | A kind of intelligent controller based on Internet of Things |
| CN108876388A (en) * | 2018-06-20 | 2018-11-23 | 深圳市买买提信息科技有限公司 | A kind of identity identifying method, device and terminal device |
| CN109446774A (en) * | 2018-09-30 | 2019-03-08 | 山东知味行网络科技有限公司 | A kind of identification application method and system |
| CN109446774B (en) * | 2018-09-30 | 2021-11-30 | 山东知味行网络科技有限公司 | Identity recognition application method and system |
| CN109495274A (en) * | 2018-12-25 | 2019-03-19 | 成都三零瑞通移动通信有限公司 | A kind of decentralization smart lock electron key distribution method and system |
| CN109495274B (en) * | 2018-12-25 | 2021-06-15 | 成都三零瑞通移动通信有限公司 | Decentralized intelligent lock electronic key distribution method and system |
| CN111865565A (en) * | 2019-04-24 | 2020-10-30 | 云丁智能科技(北京)有限公司 | Key management method, intelligent device, server and mobile terminal |
| CN111865565B (en) * | 2019-04-24 | 2022-05-06 | 云丁智能科技(北京)有限公司 | Key management method, intelligent device, server and mobile terminal |
| CN110381064A (en) * | 2019-07-19 | 2019-10-25 | 吉林大学 | A kind of verification method, device and computer readable storage medium |
| CN112765185A (en) * | 2019-11-05 | 2021-05-07 | 株洲中车时代电气股份有限公司 | Data updating method, device, equipment and storage medium for vehicle-mounted equipment |
| CN112765185B (en) * | 2019-11-05 | 2023-04-07 | 株洲中车时代电气股份有限公司 | Data updating method, device, equipment and storage medium for vehicle-mounted equipment |
| CN111751706A (en) * | 2020-06-22 | 2020-10-09 | 江苏高聚识别技术有限公司 | Identity recognition technology research and development auxiliary system |
| CN113783687A (en) * | 2021-09-07 | 2021-12-10 | 浙江吉利控股集团有限公司 | Method and system for generating, encrypting and decrypting electronic anti-theft code of automobile |
| CN113783687B (en) * | 2021-09-07 | 2023-08-29 | 浙江吉利控股集团有限公司 | Method and system for generating, encrypting and decrypting automobile electronic anti-theft code |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104243160A (en) | Identity authentication management method and identity authentication method and device | |
| CN110126782B (en) | Vehicle intelligent key application method and device | |
| CN104952135B (en) | A kind of intelligent terminal Light-control door lock system and application method | |
| CN108989277B (en) | Token management method and server for executing same | |
| US10231123B2 (en) | Bluetooth low energy (BLE) communication between a mobile device and a vehicle | |
| CN100549985C (en) | The system and method that is used for application authorization | |
| US20080066186A1 (en) | Method and Service Control Center for Updating Authorization Data in an Access Arrangement | |
| JP2011511350A (en) | Access control management method and apparatus | |
| KR20190029920A (en) | Control system and control mehtod for vehicle | |
| CN104349947A (en) | Authentication system and authentication method | |
| CN105046796A (en) | Unlocking control method, device and system for electronic lock | |
| CN108990057B (en) | Inter-device communication system and method | |
| CN104167031A (en) | Electronic lock, locking system, method of operating an electronic lock | |
| US20130090057A1 (en) | System And Method For Validating A Detachable Antenna | |
| US9271151B2 (en) | Fingerprinting a mobile device through near field communication | |
| CN105261091A (en) | Method and device used for vehicle one-key start | |
| CN101296138A (en) | Wireless terminal configuration generating method, system and device | |
| CN103152326A (en) | Distributed authentication method and authentication system | |
| CN110505619A (en) | A kind of data transmission method in eSIM Remote configuration | |
| US7721092B2 (en) | Authenticating device, authenticated device and key updating method | |
| CN111935302B (en) | Key management device, method and equipment | |
| CN210038899U (en) | Intelligent lock | |
| US11228453B2 (en) | Secure provisioning of electronic lock controllers | |
| CN108657117A (en) | A kind of door lock for vehicle switching system based on electronic authorization | |
| TW201912909A (en) | Smart lock and control method of smart lock |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20141224 |
|
| RJ01 | Rejection of invention patent application after publication |