CN104464098A - Security management device of intelligent water meter IC (integrated circuit) card system - Google Patents

Security management device of intelligent water meter IC (integrated circuit) card system Download PDF

Info

Publication number
CN104464098A
CN104464098A CN201310415168.4A CN201310415168A CN104464098A CN 104464098 A CN104464098 A CN 104464098A CN 201310415168 A CN201310415168 A CN 201310415168A CN 104464098 A CN104464098 A CN 104464098A
Authority
CN
China
Prior art keywords
data
card
interface
processor
water meter
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201310415168.4A
Other languages
Chinese (zh)
Inventor
范晓波
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Zhengzhou Longsin Intelligence Electronic Technology Co Ltd
Original Assignee
Zhengzhou Longsin Intelligence Electronic Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Zhengzhou Longsin Intelligence Electronic Technology Co Ltd filed Critical Zhengzhou Longsin Intelligence Electronic Technology Co Ltd
Priority to CN201310415168.4A priority Critical patent/CN104464098A/en
Publication of CN104464098A publication Critical patent/CN104464098A/en
Pending legal-status Critical Current

Links

Abstract

The invention relates to the technical field of fluid metering, in particular to a security management device of an intelligent water meter IC (integrated circuit) card system. The security management device comprises a processor, a first data interface, a second data interface and a FLASH memory, the processor is connected into the first data interface, the second data interface and the FLASH memory, an information security management module performs identity authentication through a water-sale management system when exchanging data with an IC card information exchange module, and legality in communication of the two modules is guaranteed. Level-to-level management of water supply companies can be realized through different keys, a 3DES/AES (3data encryption standard/advanced encryption standard) multilevel encryption mode is adopted, security of the keys is high, the keys are updated in real time through a program downloading port on the information security management module, and risk caused by key exposure is avoided; meanwhile, the module is simple in structure, independence of the water supply companies on water meter control can be guaranteed, and restrictions from the outside are avoided.

Description

A kind of security control apparatus of intellectual water meter IC card system
Technical field
The present invention relates to fluid metering technical field, especially a kind of security control apparatus of intellectual water meter IC card system.
Background technology
In recent years, along with the development of electronic technology, used widely in every field, electronic technology progressively applies on conventional water meter by each producer, produces the IC-card intellectual water meter of various brand.Running-water Company conveniently uses and manages, and starts to adopt IC-card intellectual water meter, and builds the management system of oneself on this basis.Because same Running-water Company may adopt the IC-card intellectual water meter of multiple brand, each manufacturer knows separately the management method of IC-card intellectual water meter, different brands IC-card intellectual water meter uses different management systems, operating equipment, transmission medium, management password, mode of operation, each Running-water Company is caused not have the control of IC-card intellectual water meter technically, IC-card intellectual water meter can depart from the management system of Running-water Company, information is arbitrarily modified, using state is controlled, certain user specific or multiple user need not be paid and just can use tap water, Running-water Company also exists IC-card intellectual water meter risk out of control.
IC-card intellectual water meter producer designed, designed and the respective control and management technology of exploitation are with administrating system, each manufacturer is in safety technique, level in Data Interchange Technology is also uneven, cause portioned product in the security of information management, there is risk in the reliability of message exchange, encryption, decryption technology application is unreasonable, causing can by corresponding technological means, obtain the data analysis in transmission medium, breaking encryption algorithm and data protocol, thus write out the program of corresponding cooperation IC-card intellectual water meter use, the management system departing from Running-water Company sells tap water arbitrarily, Running-water Company also exists IC-card intellectual water meter and management system risk simultaneously out of control.Therefore be necessary for the problems referred to above, in IC-card intellectual water meter, install a kind of management aid of information security management additional, realize information security management.
Summary of the invention
The object of the invention is the security control apparatus that a kind of intellectual water meter IC card system is provided to overcome above-mentioned technical disadvantages.
The technical scheme that technical solution problem of the present invention adopts is: a kind of security control apparatus of intellectual water meter IC card system, processor, the first data-interface, the second data-interface and FLASH memory, described processor accesses the first data-interface, the second data-interface and FLASH memory respectively, wherein:
Described first data-interface communicates with the unique data of IC card information Switching Module for performing IC-card intellectual water meter, and transmits it to processor when receiving the external data coming from IC card information Switching Module;
Described FLASH memory is for storing control in information security management module and documentor;
Described second data-interface is for performing the data communication between processor and IC-card reading meter terminal master controller, and described IC-card reading meter terminal master controller is used for performing the operation of corresponding table end according to the instruction of processor;
Described processor is used for when receiving the external data coming from the first data-interface, the water management system of selling of subtend IC-card write external data carries out authentication, judge whether to obtain the encrypted packets in this external data, and send corresponding operational order by the second data-interface to IC-card reading meter terminal master controller according to the affairs comprised in data.
As preferably, further technical scheme is: described processor is used for when receiving the external data coming from the first data-interface, water management system of selling according to external data subtend IC-card write external data carries out authentication, when authentication result is judged as legal, then encrypted packets is decrypted and completeness check, on the contrary the original state that then resets;
After data integrity verifying passes through, the validity of data is verified, on the contrary the original state that then resets;
After Validation of Data is passed through, pre-service is carried out to the affairs comprised in data, and from IC-card reading meter terminal master controller, obtain corresponding return message by the second data-interface, IC card information Switching Module is returned to by the first data-interface by after described return message encryption, then pre-processed results approved after effectively being confirmed and stored relevant operation information, and to IC-card reading meter terminal master controller transmit operation instruction; Otherwise then abandon pre-processed results or make caching process.
Further technical scheme is: preset agreement restrictive condition and multiple different cipher key procedures in described FLASH memory, for when information security management module carries out exchanges data from the subsystem selling different classification in water management system respectively, processor according to the encryption key of external data compared with multiple cipher key procedures preset in FLASH memory, thus the identity of water management system is sold in certification, and after encrypted packets deciphering and completeness check are passed through, according to the validity of agreement restrictive condition verification msg under current identity, judge whether to carry out pre-service to the affairs in data.
Further technical scheme is: also comprise eeprom memory in described information security management module, described eeprom memory also accesses processor, for the associative operation information of storage of processor to IC-card reading meter terminal master controller, and processor is to the pre-processed results of affairs in external data.
Further technical scheme is: described processor is central processing unit or the single-chip microcomputer that can perform cryptographic algorithm.
Further technical scheme is: the first described data-interface is IC-card interface.
Further technical scheme is: the second described data-interface be at least in the middle of USART serial line interface, SPI serial line interface or I2C serial line interface any one.
Further technical scheme is: described information security management module also comprises encrypting module, described encrypting module access processor, for to information security management module and the multistage encryption and decryption of selling water management system, IC-card reading meter terminal master controller exchanges data, and auxiliary processor obtains the data encryption key selling water management system carries out authentication.
Further technical scheme is: described encrypting module by or the mode of 3DES carry out data encrypting and deciphering.
The beneficial effect that the present invention has is: information security management module carries out authentication by IC card information Switching Module with selling when water management system carries out exchanges data, ensure that the legitimacy of both communication, IC-card reading meter terminal master controller could must be communicated with outside by information security management module; Utilize different keys can realize the priority assignation of Running-water Company's differentiated control, and adopt 3DES/AES multi-level encryption mode, make the security of key higher, and by upgrade key during download program cause for gossip in information security management module, avoid the risk that key exposure brings; By built-in data verifying program, ensure that the data of transmission are true, accurate, complete.A kind of information safety management module for intelligent IC card water meter structure provided by the present invention is simple simultaneously, the compatible IC-card reading meter terminal master controller with bus interface can be embedded in the IC-card intellectual water meter of any type, and seamless access water supply management system, realize the dispersion manufacture of IC-card intellectual water meter, unified management, range of application is wide, and ensure that the independence of Running-water Company on terminal water meter controls, not by extraneous restriction.
Accompanying drawing explanation
Accompanying drawing 1 is for illustration of the information security management modular structure block diagram in the embodiment of the present invention;
Accompanying drawing 2 is for illustration of the information security management module application block diagram in the embodiment of the present invention;
Accompanying drawing 3 is for illustration of the management system block diagram in the embodiment of the present invention.
Embodiment
Be described below below in conjunction with accompanying drawing 1, accompanying drawing 2, accompanying drawing 3 couples of the present invention.
As shown in Figure 1, Figure 2, Figure 3 shows, one embodiment of the present of invention are a kind of information safety management module for intelligent IC card water meter, described information security management module comprises processor, the first data-interface, the second data-interface and FLASH memory, described processor accesses the first data-interface, the second data-interface and FLASH memory respectively, wherein:
The effect of above-mentioned first data-interface performs IC-card intellectual water meter to communicate with the unique data of IC card information Switching Module, and transmit it to processor when receiving the external data coming from IC card information Switching Module;
The effect of above-mentioned FLASH memory stores control in information security management module and documentor;
Shown in figure 2, the effect of above-mentioned second data-interface performs the data communication between processor and IC-card reading meter terminal master controller, and the effect of IC-card reading meter terminal master controller performs the operation of respective table end according to the instruction of processor;
The effect of above-mentioned processor is when receiving the external data coming from the first data-interface, the water management system of selling of subtend IC-card write external data carries out authentication, judge whether to obtain the encrypted packets in this external data, and send corresponding operational order by the second data-interface to IC-card reading meter terminal master controller according to the affairs comprised in data.
According to above-mentioned technical scheme, the technical matters that the present embodiment solves is the information security management module by above-mentioned composition structure, at IC-card reading meter terminal master controller and sell between water management system and carry out data retransmission, and give certification and encryption and decryption when forwarding, thus coordinate the IC-card intellectual water meter of Running-water Company to terminal to manage, to eliminate the risk of information security management in Running-water Company's operation.
And the Oscillator module shown in Fig. 1 and pin XIN, XOUT provide clock signal to information security management module; RAM storer is used for the operating ephemeral data of memory module; VCC and VSS two pins provides working power for information security management module, and this power supply should be continued power and can not be provided by the pin of IC-card reading meter terminal master controller.
In the embodiment that the present invention is more preferably for technical solution problem, the concrete mode of a kind of above-mentioned processor to selling water management system authentication and affairs execution is provided, namely when processor receives the external data coming from the first data-interface, authentication is carried out to selling water management system according to external data, when authentication result is judged as legal, then encrypted packets is decrypted and completeness check, on the contrary the original state that then resets;
After data integrity verifying passes through, the validity of data is verified, on the contrary the original state that then resets;
After Validation of Data is passed through, pre-service is carried out to the affairs comprised in data, and from IC-card reading meter terminal master controller, obtain corresponding return message by the second data-interface, IC card information Switching Module is returned to by the first data-interface by after described return message encryption, then pre-processed results approved after effectively being confirmed and stored relevant operation information, and to IC-card reading meter terminal master controller transmit operation instruction; Such as, otherwise then abandon pre-processed results or make caching process, namely do not receive the confirmation result of IC card information Switching Module within the time preset, do not receive the confirmation of IC card information Switching Module in three minutes, then reset original state; Aforesaid caching process refers to keeps in pre-processed results instruction, when processor is again waken up and receives the confirmation of IC card information Switching Module, then in the same way to IC-card reading meter terminal master controller transmit operation instruction.
Further comprises the present embodiment peripheral data from selling water management system authentication to the whole flow process of affairs wherein performed by processor in above-mentioned technical scheme, by the programming of above-mentioned flow process, further enhance in information security management module the security receiving information and executing.And the above-mentioned processor reset original state repeatedly mentioned, be resetting processor and perform the state before any one operation above-mentioned, it is dormant state that such as processor carried out the state of authentication before receiving external data, be waken up by dormant state when receiving external data, but when being judged as illegal to the authentication of selling water management system, processor then recovers dormant state, do not carry out any operation, in other step, the situation of processor reset also substantially as hereinbefore, when failing the authentication, operation note can be stored by processor.Simultaneously above-mentioned mentioned water management system of selling can be the tap water meter management system that Running-water Company sets up in actual applications.
And it is same, in another embodiment of the invention, for realizing being managed information security management module by different rights, need in above-mentioned FLASH memory preset agreement restrictive condition and multiple different cipher key procedures, it act as when information security management module carries out exchanges data from the subsystem selling different classification in water management system respectively, processor according to the encryption key of external data compared with multiple cipher key procedures preset in FLASH memory, thus the identity of water management system is sold in certification, and after encrypted packets deciphering and completeness check are passed through, according to the validity of agreement restrictive condition verification msg under current identity, judge whether to carry out pre-service to the affairs in data.
According to another embodiment of the present invention, as mentioned here above, for ease of the buffer memory of processor pre-processed results, in information security management module, also relatively independent eeprom memory can be set, and eeprom memory is also accessed processor, for the associative operation information of storage of processor to IC-card reading meter terminal master controller, processor is to the pre-processed results of affairs in external data, and the failure record of processor checking, and in FLASH memory, be also provided with other program that can be utilized by processor, at least should comprise in this other program and can make processor to the associative operation information of IC-card reading meter terminal master controller once be stored to after in eeprom memory, by the program of unsuppressible-suppression and amendment, to make the running status of information security management module leave complete record.
Shown in figure 2, in the practical application of the information safety management module for intelligent IC card water meter in above-described embodiment, between access IC-card intelligence water meter terminal master controller and various IC card information Switching Module.IC-card intellectual water meter itself is containing several functions module, as flow measurement module, memory module, display module, valve control module, these modules are by being connected with IC-card reading meter terminal master controller, complete the correlation function of IC-card intellectual water meter, as measuring water flow, the display of water consumption and surplus water, with the exchanges data of memory module, and the operation such as switch valve control.IC-card intellectual water meter all has to pass through information security management module with outside all exchanges data of selling the system of water management and could realize, and ensures that IC-card intellectual water meter is in controlled circumstances all the time with this, ensures the security of data transmission.
And according to aforesaid principle, this information safety management module for intelligent IC card water meter accessible site is applied in current IC-card intelligent gas meter, IC-card intelligent electric energy meter and IC-card intellectual heat meter; Further, in addition, the improvement application going back adaptability carries out transmitting the measuring apparatus of the band IC-card of data by electronic information in other.
The processor that above-described embodiment is mentioned is the core of information security management module, for performing corresponding program and data encryption, in another embodiment of the present invention, above-mentioned processor is directly adopt the central processing unit or single-chip microcomputer that can perform cryptographic algorithm in prior art, such as EFM32 etc.
Based on data communication mode required in above-described embodiment, inventor, with reference to prior art, is IC-card interface for what carry out that the first data-interface of unique communication adopts with IC card information Switching Module in above-described embodiment.[0043] corresponding, the second data-interface that in above-described embodiment, processor and IC-card reading meter terminal master controller carry out communicating preferably matches with conventional master controller, the serial line interfaces such as such as USART interface, SPI interface or I2C interface, to increase the compatibility on information security management module integration and IC-card intellectual water meter.
Shown in Fig. 1, for the security of data encryption and deciphering in the administration module that ensures information security further, preferably independently encrypting module is set therein, and by this independently encrypting module access processor, for to information security management module with sell water management system, the multistage encryption and decryption of information security management module and IC-card reading meter terminal master controller exchanges data, and the data encryption key that water management system is sold in auxiliary processor acquisition carries out authentication, and the cipher mode that in reference prior art, security is higher, preferred employing AES or 3DES carries out encryption and decryption to the data of coming and going in information security management module.
Shown in Fig. 3, after the integrated above-mentioned information security management module of IC-card intellectual water meter that multiple different vendor produces, the outside all communication datas of intellectual water meter are all by forwarding after information security management module encryption and decryption, and the internal processes of information security management module is unique, therefore sell water management system and information security management module can be considered as terminal, in order to manage IC-card intellectual water meter, namely sell water management system compatible various brand with one, the IC-card intellectual water meter of type is managed concentratedly, effective reduction Running-water Company is to different brands in region, the difficulty of the water meter integration management of type.

Claims (9)

1. the security control apparatus of an intellectual water meter IC card system, comprise, it is characterized in that: described processor, the first data-interface, the second data-interface and FLASH memory, described processor accesses the first data-interface, the second data-interface and FLASH memory respectively, wherein:
Described first data-interface communicates with the unique data of IC card information Switching Module for performing IC-card intellectual water meter, and transmits it to processor when receiving the external data coming from IC card information Switching Module;
Described FLASH memory is for storing control in information security management module and documentor;
Described second data-interface for performing the data communication between processor and IC-card reading meter terminal master controller,
Described IC-card reading meter terminal master controller is used for performing the operation of corresponding table end according to the instruction of processor;
Described processor is used for when receiving the external data coming from the first data-interface, subtend IC-card write external number
According to water management system of selling carry out authentication, judge whether to obtain the encrypted packets in this external data, and send corresponding operational order by the second data-interface to IC-card reading meter terminal master controller according to the affairs comprised in data.
2. the security control apparatus of a kind of intellectual water meter IC card system according to claim 1, it is characterized in that: described processor is used for when receiving the external data coming from the first data-interface, water management system of selling according to external data subtend IC-card write external data carries out authentication, when authentication result is judged as legal, then encrypted packets is decrypted and completeness check, on the contrary the original state that then resets;
After data integrity verifying passes through, the validity of data is verified, on the contrary the original state that then resets;
After Validation of Data is passed through, pre-service is carried out to the affairs comprised in data, and from IC-card reading meter terminal master controller, obtain corresponding return message by the second data-interface, IC card information Switching Module is returned to by the first data-interface by after described return message encryption, then pre-processed results approved after effectively being confirmed and stored relevant operation information, and to IC-card reading meter terminal master controller transmit operation instruction, otherwise then abandon pre-processed results or make caching process.
3. the security control apparatus of a kind of intellectual water meter IC card system according to claim 1 and 2, it is characterized in that: in described FLASH memory, preset agreement restrictive condition and multiple different cipher key procedures, for when information security management module carries out exchanges data from the subsystem selling different classification in water management system respectively, processor according to the encryption key of external data compared with multiple cipher key procedures preset in FLASH memory, thus the identity of water management system is sold in certification, and after encrypted packets deciphering and completeness check are passed through, according to the validity of agreement restrictive condition verification msg under current identity, judge whether to carry out pre-service to the affairs in data.
4. the security control apparatus of a kind of intellectual water meter IC card system according to claim 1 and 2, it is characterized in that: in described information security management module, also comprise eeprom memory, described eeprom memory also accesses processor, for the associative operation information of storage of processor to IC-card reading meter terminal master controller, and processor is to the pre-processed results of affairs in external data.
5. the security control apparatus of a kind of intellectual water meter IC card system according to claim 1 and 2, is characterized in that: described processor is central processing unit or the single-chip microcomputer that can perform cryptographic algorithm.
6. the security control apparatus of a kind of intellectual water meter IC card system according to claim 1 and 2, is characterized in that: described first data-interface is IC-card interface.
7. the security control apparatus of a kind of intellectual water meter IC card system according to claim 1 and 2, is characterized in that: described second data-interface be at least in the middle of USART serial line interface, SPI serial line interface or I2C serial line interface any one.
8. the security control apparatus of a kind of intellectual water meter IC card system according to claim 1 and 2, it is characterized in that: described information security management module also comprises encrypting module, described encrypting module access processor, for to information security management module and the multistage encryption and decryption of selling water management system, IC-card reading meter terminal master controller exchanges data, and auxiliary processor obtains the data encryption key selling water management system carries out authentication.
9. the security control apparatus of a kind of intellectual water meter IC card system according to claim 1, is characterized in that: described encrypting module carries out data encrypting and deciphering by the mode of AES or 3DES.
CN201310415168.4A 2013-09-12 2013-09-12 Security management device of intelligent water meter IC (integrated circuit) card system Pending CN104464098A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201310415168.4A CN104464098A (en) 2013-09-12 2013-09-12 Security management device of intelligent water meter IC (integrated circuit) card system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201310415168.4A CN104464098A (en) 2013-09-12 2013-09-12 Security management device of intelligent water meter IC (integrated circuit) card system

Publications (1)

Publication Number Publication Date
CN104464098A true CN104464098A (en) 2015-03-25

Family

ID=52910078

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201310415168.4A Pending CN104464098A (en) 2013-09-12 2013-09-12 Security management device of intelligent water meter IC (integrated circuit) card system

Country Status (1)

Country Link
CN (1) CN104464098A (en)

Similar Documents

Publication Publication Date Title
CN103106744B (en) Internet of things intelligent gas meter embedded with information security management module
CN103217952B (en) Internet of things intelligent water meter provided with information safety management module in embedded mode
CN103093139B (en) Integrated circuit (IC) card intelligent gas meter information safety management module
CN103220131B (en) Intelligent gas meter information security management module
CN103152166B (en) Remote-control intelligent water meter information security management module
CN103236921B (en) Intelligent electric energy meter based on Internet of Things information security management module
CN103220136B (en) Be embedded with the Intelligent electric energy meter based on Internet of Things of information security management module
CN103218876B (en) Information security management module of remote control intelligent electric energy meter
CN103198574B (en) Be embedded with the remote-control intelligent water meter of information security management module
CN103078874B (en) Be embedded with the remote-control intelligent gas meter of information security management module
CN103198573B (en) Information safety management module for intelligent IC card water meter
CN203151543U (en) IC card intelligent water meter embedded with information security management module
CN103200570B (en) Intelligent water meter of Internet of things information security management module
CN104537768A (en) Information security management module of IC (integrated circuit) card intelligent heat energy meter
CN103236113B (en) IC-card intelligent electric energy meter information security management module
CN103152175B (en) Remote-control intelligent gas meter information security management module
CN203219310U (en) Information security management module for intelligent ammeter of Internet of Things
CN203151518U (en) Internet of things intelligent water meter embedded with information security management module
CN203104485U (en) Internet of things intelligent gas meter information security management module
CN103199993B (en) Be embedded with the IC-card intellectual water meter of information security management module
CN103218875B (en) Integrated circuit (IC) card intelligent electric energy meter embedded with information safety management module
CN103106745B (en) Integrated circuit (IC) card intelligent gas meter embedded with information security management module
CN103152176B (en) Intelligent gas meter information security management module of internet of things
CN104464098A (en) Security management device of intelligent water meter IC (integrated circuit) card system
CN104581717A (en) Information security management module of Internet-of-things intelligent heat meter

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
WD01 Invention patent application deemed withdrawn after publication
WD01 Invention patent application deemed withdrawn after publication

Application publication date: 20150325