Summary of the invention
For above-mentioned defect, the object of the present invention is to provide a kind of gate inhibition's authorization management method and system, the gate inhibition's empowerment management to visiting client can be realized easily, improve the convenience of user.
To achieve these goals, the invention provides a kind of gate inhibition's authorization management method, described method comprises:
First user end obtains at least one key from server;
According to access card information and the described key of first user end, generate interim access information;
Described interim access information is sent to the second user side;
According to the switch of the interim access information access control of described second user side.
According to gate inhibition's authorization management method of the present invention, the access card information of described first user end comprises access card number and ciphertext message;
The described access card information according to first user end and described key, the step generating interim access information comprises:
By described ciphertext message by described secret key encryption process;
The ciphertext message of described gate inhibition's card number and encryption is combined as described interim access information.
According to gate inhibition's authorization management method of the present invention, the switching step according to the interim access information access control of described second user side comprises:
Access controller reads the interim access information of described second user side;
Described interim access information is sent to server authentication by access controller, if by verifying, access controller opens gate inhibition, otherwise access controller keeps gate inhibition to close, and sends prompting.
According to gate inhibition's authorization management method of the present invention, described server authentication comprises:
Obtain described gate inhibition's card number;
Described key and first user client information is obtained according to described gate inhibition's card number;
By the ciphertext message decryption processing of encryption described in described double secret key;
Information matches in described ciphertext message and database is verified.
According to gate inhibition's authorization management method of the present invention, described method also comprises:
Set access times and/or the pot life of described interim access information.
The present invention also provides a kind of gate inhibition's authentication management system accordingly, and described system at least comprises first user end, the second user side, access controller and server, wherein:
Described first user end comprises:
Key Acquisition Module, for obtaining at least one key from server;
Information generating module, for according to the access card information of described first user end and described key, generates interim access information; And
First sending module, for being sent to described second user side by described interim access information;
Described access controller, for the switch of the interim access information access control according to described second user side.
According to gate inhibition's authentication management system of the present invention, the access card information of described first user end comprises access card number and ciphertext message;
Described information generating module comprises:
Encryption submodule, for by described ciphertext message by described secret key encryption process;
Combination submodule, for being combined as described interim access information by the ciphertext message of described gate inhibition's card number and encryption.
According to gate inhibition's authentication management system of the present invention, described access controller comprises:
Information reading module, for reading the interim access information of described second user side;
Information sending module, for being sent to server authentication by described interim access information;
Switch control module, for described interim access information by controlling during checking to open gate inhibition, otherwise access controller keeps gate inhibition to close; And
Information reminding module, does not send prompting message by during checking for described interim access information.
According to gate inhibition's authentication management system of the present invention, described server comprises:
First acquisition module, for obtaining described gate inhibition's card number;
Second acquisition module, for obtaining described key and first user client information according to described gate inhibition's card number;
Decrypts information module, for the ciphertext message decryption processing by encryption described in described double secret key;
Information matches module, verifies the information matches in described ciphertext message and database.
According to gate inhibition's authentication management system of the present invention, described first user end also comprises:
Priority assignation module, for setting access times and/or the pot life of described interim access information.
The present invention obtains key by the first user end of having authorized from server, and then is interim access information by the access card information processing of this key and first user end.When there being other user to visit, this interim access information can be sent to the second user side that this user is corresponding, second user side sends to access controller the request of enabling by this access information, and access controller is according to the switch of the interim access information access control of described second user side.Whereby, the present invention can realize the gate inhibition's empowerment management to visiting client easily, improves the convenience of user.
Embodiment
In order to make object of the present invention, technical scheme and advantage clearly understand, below in conjunction with drawings and Examples, the present invention is further elaborated.Should be appreciated that specific embodiment described herein only in order to explain the present invention, be not intended to limit the present invention.
See Fig. 1, the invention provides a kind of gate inhibition's authentication management system, this system 100 at least comprises first user end 10, server 20, second user side 30 and access controller 40, concrete:
First user end 10, the i.e. use terminal of corresponding authorized user, as in building gate control system, authorized user can be understood as owner, first user end can be regarded as the terminal being integrated with gate function that authorized user uses, such as be integrated with the mobile phone of NFC (Near Field Communication, close range wireless communication) function, PDA (Personal Digital Assistant, personal digital assistant), panel computer etc.And first user end 10 includes:
Key Acquisition Module 11, for obtaining at least one key from server 20.This key is interim key, can be generated by server 20 and set its rights of using, such as use duration.
Information generating module 12, for according to the access card information of first user end 10 and key, generates interim access information.When interim access information generates, this interim access information can be added Interim use mark by information generating module 12 by first user end 10.
First sending module 13, for being sent to the second user side 30 by interim access information.
Second user side 30 of the present invention is the use terminal of unauthorized user, it does not apply for registration of the authority of registration access card, as in building gate control system, unauthorized user can be understood as interim visiting guest, second user side 30 can be regarded as the mobile phone being integrated with NFC function, PDA and the panel computer etc. that unauthorized user uses, it is after receiving interim access information, namely writes the SE Applet of self.
Second user side 30 is when access controller 40, and namely access controller 40 reads interim access information, and the switch of interim access information access control according to described second user side 30.
Specifically, the access card information of first user end 10 of the present invention comprises access card number and ciphertext message, and composition graphs 2, described information generating module 12 comprises:
Encryption submodule 121, for by described ciphertext message by described secret key encryption process.
Combination submodule 122, for being combined as described interim access information by the ciphertext message of described gate inhibition's card number and encryption.
In interim access information, gate inhibition's card number is as cleartext information, and ciphertext message then includes the Electronic dicrimination information in the access card of first user end 10.
Described access controller 40 comprises:
Information reading module 41, for reading the interim access information of the second user side 30.
Information sending module 42, verifies for interim access information is sent to server 20.
Switch control module 43, for described interim access information by controlling during checking to open gate inhibition, otherwise access controller keeps gate inhibition to close.
Information reminding module 44, does not send prompting message by during checking for described interim access information.
In practical application, after access controller 40 reads the interim access information of the second user side, mutual with server 20, and interim access information is sent to server 20 verifies.The result is returned access controller 40 by server 20, and access controller 40 is according to the switch of this result access control system.
Preferably, in the present embodiment, server 20 comprises:
First acquisition module 21, for obtaining described gate inhibition's card number.
Second acquisition module 22, for obtaining the information of described key and first user end 10 according to described gate inhibition's card number.
Decrypts information module 23, for the ciphertext message decryption processing by encryption described in described double secret key.
Information matches module 24, verifies the information matches in described ciphertext message and database.
When the second user side 30 brush Temporary Access Control Card, the interim access information read can be reported server 20 by access controller 40, can decompose it after gate inhibition's server receives this message, first clear portion is obtained, the full detail of access card is searched in a database by this plaintext (i.e. the access card card number of authorized user registration), information comprises authorized user (first user) personal information and authority and distributes the information such as authority to Temporary Access Control Card, server 20 can obtain decruption key by plaintext card number simultaneously, be decrypted by the cipher text part of this decruption key to interim access information, information in information and date storehouse after deciphering is compared by last server 20, be verified rear notice access controller 40 to unblank to let pass.Whereby, the present invention can realize the gate inhibition's empowerment management to visiting client easily, improves the convenience of user.
Be more preferably, first user end 10 of the present invention can also arrange priority assignation module 14, for setting access times and/or the pot life of described interim access information.Effective in setting-up time after distributing Temporary Access Control Card, cross after date Temporary Access Control Card invalid; Or this access card only can use this number of setting after distributing Temporary Access Control Card, when access times exceed maximal value, this Temporary Access Control Card is invalid, these settings can be set by first user end 10 or server 20, and be also carried in interim access information, server 20 records use procedure.
See Fig. 3, the invention provides a kind of gate inhibition's authorization management method, it can be realized by gate inhibition's authentication management system 100 as shown in Figure 1, and the method comprises:
Step S301, first user end 10 obtains at least one key from server 20.This key is interim key, can be generated by server 20 and set its rights of using, such as use duration.Communication mode between certain first user end 10 and server 20 can be wireless or mobile network, and wireless network comprises the modes such as Wifi, bluetooth, NFC, and mobile network comprises the mobile cellular networks such as 2G, 3G, 4G.
Step S302, according to access card information and the described key of first user end 10, generates interim access information.When interim access information generates, this interim access information can be added Interim use mark by information generating module 12 by first user end 10.
Step S303, is sent to the second user side 30 by described interim access information.Second user side 30 of the present invention is the use terminal of unauthorized user, it does not apply for registration of the authority of registration access card, as in building gate control system, unauthorized user can be understood as interim visiting guest, second user side 30 can be regarded as the mobile phone being integrated with NFC function, PDA and the panel computer etc. that unauthorized user uses, it is after receiving interim access information, namely writes the SE Applet of self.
Step S304, according to the switch of the interim access information access control of described second user side 30.
The present invention generates a set of interim gate inhibition's encryption key by server 20 for each authorized user, authorized user can by interim gate inhibition's encryption key of its corresponding authority of Network Capture, when there being visiting guest, authorized user order is got interim gate inhibition's encryption key and will be sent to the terminal of visitor people after its access card information encryption, the information received can be written in the SE Applet of self by the terminal of visiting guest, visiting guest is entered by brush gate inhibition checking, substantially increases convenience for users.
Fig. 4 is gate inhibition's authorization management method process flow diagram of another embodiment of the present invention, and it can be realized by system 100 as shown in Figure 2, and the access card information of the end of first user described in the present invention 10 comprises access card number and ciphertext message, and described method comprises:
Step S401, obtains at least one key from server 20.
Step S402, by described ciphertext message by described secret key encryption process.
Step S403, is combined as described interim access information by the ciphertext message of gate inhibition's card number and encryption.
Step S404, is sent to the second user side 30 by interim access information
Step S405, reads the interim access information of the second user side 30.
Step S406, is sent to server 20 by interim access information and verifies.
Step S407, obtains described gate inhibition's card number.
Step S408, obtains the information of described key and first user end 10 according to described gate inhibition's card number.
Step S409, by the ciphertext message decryption processing of encryption described in described double secret key.
Step S410, verifies the information matches in described ciphertext message and database.
Step S411, interim access information opens gate inhibition by access control.
Step S412, interim access information does not keep gate inhibition to close by checking access controller.
Step S413, sends the unsanctioned prompting message of checking.
Be more preferably, the present invention can also set access times and/or the pot life of described interim access information by first user end 10.Effective in setting-up time after distributing Temporary Access Control Card, cross after date Temporary Access Control Card invalid; Or this access card only can use this number of setting after distributing Temporary Access Control Card, when access times exceed maximal value, this Temporary Access Control Card is invalid, these settings can be set by first user end 10 or server 20, and be also carried in interim access information, server 20 records use procedure.
In sum, the present invention obtains key by the first user end of having authorized from server, and then is interim access information by the access card information processing of this key and first user end.When there being other user to visit, this interim access information can be sent to the second user side that this user is corresponding, second user side sends to access controller the request of enabling by this access information, and access controller is according to the switch of the interim access information access control of described second user side.Whereby, the present invention can realize the gate inhibition's empowerment management to visiting client easily, improves the convenience of user.
Certainly; the present invention also can have other various embodiments; when not deviating from the present invention's spirit and essence thereof; those of ordinary skill in the art are when making various corresponding change and distortion according to the present invention, but these change accordingly and are out of shape the protection domain that all should belong to the claim appended by the present invention.