CN105257145A - Remote safe box - Google Patents
Remote safe box Download PDFInfo
- Publication number
- CN105257145A CN105257145A CN201510562365.8A CN201510562365A CN105257145A CN 105257145 A CN105257145 A CN 105257145A CN 201510562365 A CN201510562365 A CN 201510562365A CN 105257145 A CN105257145 A CN 105257145A
- Authority
- CN
- China
- Prior art keywords
- user
- strongbox
- safe
- application
- controller
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Landscapes
- Lock And Its Accessories (AREA)
Abstract
The invention relates to a remote safe box. The remote safe box comprises a safe box body, an electronic lock and a safe box controller, wherein the safe box controller is connected with the electronic lock through a control line so as to control on/off of the electronic lock, and the safe box controller communicates with a relay server through wireless connection. The safe box controller comprises a storer and a processor. Computer executable programs are stored in the storer. The processer is configured to execute the computer executable programs so as to perform the following actions: communication with a safe box application is conducted through the relay server under the condition that a user inputs a first user credential to get successful authentication to the relay server through the safe box application which operates on mobile equipment; a second user credential input through the safe box application is received from the user through the relay server; the second user credential is authenticated; the control right over the electronic lock is given to the user under the condition of successful authentication. The invention further relates to a corresponding safe box system and a method for operating the safe box.
Description
Technical field
The present invention relates to strongbox field, more specifically, the present invention relates to a kind of remote safe deposit box.
Background technology
Along with the accumulation of growth in the living standard and individual wealth, the keeping of personal effects becomes the problem that people pay close attention to day by day.Strongbox (also known as safety cabinet, safe deposit box) is widely adopted as a kind of property keeping means of low cost.
Traditional insurance case adopts complicated lockset, as mechanical lock, coded lock and Fingerprint Lock etc.But the raising of the safety of these locksets with complexity and high cost for cost, even and if the lockset of advanced person also may be cracked by offender as time goes by.In addition, traditional insurance case often only possesses onsite alarming function, and remotely can not notify not owner at the scene, and this is unfavorable for the disposal of emergency.
Along with the rise of Internet of Things, market there is the trial of being networked by strongbox.But such strongbox has and often has following shortcoming:
(a) safety issue.Due to diversity and the complexity of internet, the safety precaution of networking strongbox is a problem that must consider.Conventional networking strongbox is difficult to the communication security guaranteed between strongbox and authorisation device;
(b) power problems.For a large amount of with battery powered internet of things equipment, the power consumption of equipment is a challenge greatly.If strongbox is usually by No. 5 powered battery, Industry code requirements when every day unblank 10 times, battery can use more than 6 months continuously.This equipment for a lot of Internet of Things is a huge challenge, the power consumption larger (be tens milliamperes during communication, also have several milliamperes time standby) of the internet of things equipment of especially Wi-Fi access; And
(c) connectivity problem.In order to overcome household internal Wi-Fi equipment connect time do not have public ip address problem (see
https: //en.wikipedia.org/wiki/IP_address), the equipment of being networked by Wi-Fi adopts P2P agreement usually, and P2P working method requires that, when the controller of access counterpart device, this controller or mobile phone must be in " ready " (ready) state, otherwise a side needs constantly inquiry the opposing party's state until ready.And strongbox of networking cannot be in ready state constantly, if constantly inquire about its state, can consume more electric energy, this can cause poor Consumer's Experience.Therefore, the connection of networking strongbox is a significant problem of puzzlement developer always.
Summary of the invention
Therefore, task of the present invention is, a kind of remote safe deposit box system, a kind of remote safe deposit box and a kind of method for running remote safe deposit box are provided, described system, remote safe deposit box and method can solve one or more problems above, specifically, strongbox according to the present invention has high safety, low-power consumption adopt rational connected mode.
According to a first aspect of the invention, this task is solved by a kind of remote safe deposit box system, and this system comprises:
Remote safe deposit box, it comprises safe body, electronic lock and Safe controller, described Safe controller is connected with electronic lock the opening and closing controlling described electronic lock by control line, and described Safe controller is by wireless connections and relay server;
Be arranged on the strongbox application on the mobile device of user; And
Relay Server, itself and described strongbox application communication;
Wherein user inputs first user voucher after Relay Server success identity by strongbox application, the communication with Safe controller is set up by Relay Server, then user by strongbox application input second user voucher after Safe controller success identity, obtain the control to electronic lock.
Remote safe deposit box system tool according to the present invention has the following advantages:
(1) safety is high.This is because, the safety certification of being undertaken by mobile devices such as mobile phones is owing to having higher reliability through professional institution's (as professional encryption chip Chevron Research Company (CRC), the service of telecommunications short message certification, dynamic password provide company etc.) design or execution, the finger print identifying (TouchID), short message certification, dynamic password etc. of such as Apple, this be conventional lock incomparable.In addition, remote safe deposit box of the present invention adopts double authentication, namely first user carries out certification to obtain with the right of correspondence of Safe controller, then user to Safe controller certification to obtain the control to electronic lock to Relay Server, greatly can improve safety, because in the present invention, Relay Server only plays the effect of information transfer and the certification of the not responsible control about electronic lock, is therefore difficult to obtain control to electronic lock by attacking Relay Server;
(2) low cost.Owing to having possessed these safety certification means, can simplify and even cancel traditional mechanical lock or coded lock, thus reduce the cost of strongbox.
(3) reasonably connect.Relaying strongbox of the present invention by Relay Server provide on mobile device strongbox application with Safe controller between information relay, and do not adopt P2P to connect, thus solve the problem that Safe controller must be in ready state constantly, on the contrary, can wake up at any time as required according to strongbox according to the present invention application or the Safe controller that resets to communicate.
Specify in an expansion scheme of the present invention, it is one or more that described first user voucher comprises in the following: user password, user fingerprints, user's recognition of face, user speech identification, short message certification code, user answer a question and dynamic password.These user's vouchers include safety and authentication means flexibly, and user such as can select voluntarily.In addition, the first user voucher received can transfer to Third Party Authentication mechanism to carry out certification by Relay Server.
Specify in another expansion scheme of the present invention, it is one or more that described second user's voucher comprises in the following: user password, user fingerprints, user's recognition of face, user speech identification, key and user answer a question.Specify in a preferred version of the present invention, the communication of the communication of user and Relay Server and/or user and Safe controller is coded communication.By by described communication encryption, greatly can improve the safety of the process of unblanking, prevent key exposure.
Specify in another preferred version of the present invention,
as claimremote safe deposit box system described in 1 or 2, wherein the strongbox application on mobile device was bound with remote safe deposit box and is authorized to realize binding by user before performing unlock operation first, and described binding comprises the steps:
User presses the binding button in remote safe deposit box;
By remote safe deposit box generate dynamic binding key automatic transmission to strongbox apply using as binding authorized key or by user be manually input to strongbox apply in using as binding authorized key;
Described binding authorized key is preserved in strongbox application; And
Be applied in each former order to be encrypted with described binding authorized key that to communicate with Safe controller by strongbox and send to Safe controller, deciphered by Safe controller, and when successful decryption obtains order could fill order as unblanked.This order may containing redundancy be used as security control as timestamp and random number, with prevent replay attack (replayattack) (
https: //en.wikipedia.org/wiki/Replay_attack).Or set up reliable and securely to connect as https between strongbox application with Safe controller with binding authorized key, and carry out information exchange as alarm signal and unlock command by this reliable and secure connection.Such as, this binding key applies by remote safe deposit box and strongbox the unified key used under symmetric encipherment algorithm, or the PKI under asymmetrical encryption algorithm, wherein when asymmetrical encryption algorithm, strongbox application holds the PKI of Safe controller key centering for enciphered data, and controller utilizes private key to be decrypted.Certainly, other AES also it is contemplated that.
In above-mentioned preferred version, obtain by being applied by strongbox and store binding authorized key, strongbox is applied described binding authorized key can be used at every turn before communicating with Safe controller to confirm oneself the being strongbox application being authorized to operate this remote safe deposit box, thus realize the binding between the application of this strongbox and this Safe controller.By described binding, significantly can promote safety, because the possibility that user applied by unwarranted strongbox application operating strongbox greatly can be reduced.
Specify in another expansion scheme of the present invention, described wireless connections are one of Wi-Fi connection and honeycomb mobile link.In this application, preferred Wi-Fi connects, because Wi-Fi connects material benefit more economically, and the electric energy consumed is lower.But, adopt honeycomb mobile link to go for scene widely, place as connected without Wi-Fi.
Specify in an expansion scheme of the present invention, Safe controller is in the sleep pattern with low-power consumption at one's leisure, and after the button on user correspondingly operating remote strongbox, directly wake Safe controller up or first cause external circuit produce the reset signal of Safe controller and then reset and wake Safe controller up.Waken up or reset mode by described, Safe controller can be in power consumption extremely low sleep pattern, such as deep sleep mode at one's leisure, thus greatly reduces power consumption, extending battery life.
Specify in another expansion scheme of the present invention, in multiple user each can by the strongbox application corresponding first user voucher of input and second user's voucher respectively to Relay Server and Safe controller success identity after obtain control to electronic lock.By this expansion scheme, the control of many people to same remote safe deposit box can be realized at lower cost, ensure higher safety simultaneously.Described multiple user is such as the member of the same family, the employee etc. of same company.
Specify in a preferred version of the present invention, Safe controller sends notice when anomalous event being detected to server, and server sends a notification message to strongbox application after receiving described notice.Described anomalous event such as can open the not normally closedown of strongbox, strongbox, electronic lock damage etc. for attempting without permission.By this preferred version, can when user not at strongbox scene still inform the user anomalous event, thus be conducive to the emergency action of anomalous event, reduce user's loss, improve Consumer's Experience.
Specify in an expansion scheme of the present invention, security insurance case additionally has Fingerprint Lock or coded lock, and wherein when described Fingerprint Lock or coded lock are unlocked, described electronic lock is unlocked in the lump or still must be unlocked separately.Combinationally used by electronic lock that Safe controller is controlled and conventional lock, can safety be improved.Such as, user still can must open conventional lock after unlocking electronic lock, and certainly, in order to simplify the operation, when also can be arranged on one of unlocking electronic lock or conventional lock, another one is opened automatically.
Specify in a preferred version of the present invention, described wireless connections are that Wi-Fi connects, and wherein Safe controller record Wi-Fi accesses (can use from waking up to Wi-Fi) time delay Tw, the authentication operation time Ta (from click APP to sending unlock command) of strongbox application recording user, and if Tw>=Ta+T
threshold valuenamely Wi-Fi connects slower than APP operation, then when user opens strongbox application, first strongbox application wakes Safe controller up and reresents user and input user's voucher, otherwise, strongbox is applied in user and is authenticated successfully (sending unlock command) and just wakes Safe controller up, wherein T later
threshold valueit is the threshold time that can arrange.Can determine whether adaptively first to wake Safe controller up by the program, thus reduce power consumption when ensureing Consumer's Experience as far as possible, this is because Safe controller is after being connected to Wi-Fi, constantly will carry out carrying out shake communication with router, this process comparatively consumes energy, and the unnecessary communication time of Safe controller can be shortened by such scheme, thus reduce power consumption.Such as, when determining that user's uncaging time is greater than Wi-Fi connect hours, then wake Safe controller again up to be connected to Wi-Fi after user can be waited certified, now user can not feel obvious time delay, but reduces power consumption; On the contrary, if determine that user's uncaging time is less than Wi-Fi, then first can wake Safe controller up and carry out Wi-Fi connection, thus reduce period of reservation of number, optimizing user is experienced.
Specify in another preferred version of the present invention, by GPS consumer positioning and the IP address location remote safe deposit box of the wireless router utilizing Safe controller to connect, and and if only if when the position that user is positioned at set geographic area or user and remote safe deposit box meets certain relation, this user could obtain the control of the electronic lock to remote safe deposit box.The program can improve the safety of remote safe deposit box further.Described relation can be such as the distance between two positions.Such as user can set, and only when it is in family, company could obtain the control to electronic lock, or at assigned address as company just can the Remote Open strongbox of staying at home, this can prevent from being unblanked by long-range malice.Other geographical position also it is contemplated that, such as bank, stipulated place etc.
In a second aspect of the present invention, provide a kind of method for running remote safe deposit box system, wherein said remote safe deposit box system comprises: remote safe deposit box, it comprises safe body, electronic lock and Safe controller, and described Safe controller is by wireless connections and relay server; Relay Server; And the strongbox application run on the mobile device of user, itself and described relay server, the method comprises the following steps:
First user voucher is received from user by strongbox application;
Authenticated user and set up strongbox application and the communication of Safe controller when authentication success;
Second user's voucher is received from user by strongbox application; And
Second user's voucher is transferred to Safe controller for user described in Safe controller certification, wherein provides control to described electronic lock by the strong controller of insurance to user when success identity user.
As mentioned above, by adopting the program, high security, low cost can be realized and be rationally connected these advantages.
Specify in a preferred version according to the present invention, described wireless connections are that Wi-Fi connects, and the method also comprises the following steps:
Record Wi-Fi access delay Tw;
The authentication operation time Ta of recording user; And
Tw and Ta is compared, if Tw>=Ta+T
threshold value, then when user opens strongbox application, first wake Safe controller up and reresent user and input user's voucher, otherwise, after success identity user, just wake Safe controller up, wherein T
threshold valueit is the threshold time that can arrange.
As mentioned above, by this preferred version, while power consumption can be reduced, provide good Consumer's Experience.
In a third aspect of the present invention, provide a kind of remote safe deposit box, comprising:
Safe body;
Electronic lock; And
Safe controller, described Safe controller is connected with electronic lock the opening and closing controlling described electronic lock by control line, and described Safe controller is by wireless connections and relay server, and described Safe controller comprises:
Memory, this memory stores computer executable program;
Processor, it is configured to perform described computer executable program to perform following action:
When user inputs first user voucher to Relay Server success identity by the strongbox application that mobile device runs, by Relay Server and described strongbox application communication;
Received the second user's voucher inputted by strongbox application from user by Relay Server;
Second user's voucher described in certification; And
The control to described electronic lock is given to user when authentication success.
Accompanying drawing explanation
Below with reference to
accompanying drawingthe present invention is set forth further according to multiple embodiment.
accompanying drawing:
fig. 1show the signal according to remote safe deposit box system of the present invention
figure;
fig. 2show the flow process of the operation method according to remote safe deposit box system of the present invention
figure;
fig. 3show the flow process of the expansion scheme of the operation method according to remote safe deposit box system of the present invention
figure;
fig. 4show the flow process of the operation method according to remote safe deposit box of the present invention
figure; And
fig. 5show the frame according to remote safe deposit box of the present invention
figure.
Detailed description of the invention
fig. 1show the system environments according to remote safe deposit box 100 of the present invention
figure.Remote safe deposit box 100 comprises safe body (not shown), Safe controller 101 and electronic lock 102.Safe controller 101 is connected to control unblanking and locking of electronic lock 102 with electronic lock 102 by control line 110.Safe controller 101 can adopt various processor or microcontroller or SOC(system on a chip) (SystemonChip), such as arm processor, PowerPC processor, ESP8266 chip etc.Electronic lock 102 can adopt common electromagnet lock or motor control lock, and unblanks and locking when receiving corresponding control signal from strongbox.Other forms of electronic lock also it is contemplated that, such as electric mortise lock etc.
Safe controller 101 is communicated with Relay Server 104 by wireless connections.In the present embodiment, the connection of this communication realizes in the following way: Safe controller 101 connects 106 by Wi-Fi and is connected to wireless router 103, wireless router 103 is connected to network 104, such as internet 104 by wired or wireless connections 107 again, Relay Server 104 is also connected to network 104 by connection 108, thus realizes the communication of Safe controller 101 and Relay Server 104.Note, this is only exemplary, and Safe controller 101 also can be communicated with Relay Server 104 by honeycomb mobile link.Relay Server 104 is preferably the server of strongbox producer operation, but Relay Server 104 also can be by the server of third party, the trustship of such as certification authority.
Relay Server 104 is by mobile device 105 (the in this case smart mobile phone 105 of user, but other mobile devices also it is contemplated that, such as PDA, panel computer etc.) the strongbox application 111 of above operation is with telex network with authenticated user, and wherein mobile device 105 is connected to network 104 by wireless connections 109 (such as Wi-Fi connection, honeycomb mobile link etc.).
When unblanking, user such as inputs first user voucher, such as short message certification code, to Relay Server 104 certification oneself by the strongbox application 111 on mobile phone 105.After success identity, Relay Server 104 authorizes the right of correspondence with Safe controller 101 to user, that is, Relay Server 104 sets up the communication of strongbox application 111 and Safe controller 101, now, user can be communicated with Safe controller 101 by its strongbox application 111, to carry out certification.Then, user is by the static password of its strongbox application 111 input second user's voucher, such as fingerprint, dynamic password, authorized key encryption, and second user's voucher (such as cryptographically) is transmitted to Safe controller 101 by Relay Server 104.Safe controller 101 according to second this user of user's credential authentication, and is given the control of electronic lock when authentication success to user, is namely controlled unblanking and the ability of locking of electronic lock.
The safety certification of being undertaken by mobile phone has higher reliability, this is because these authentication modes or designed (TouchID of such as Apple just have employed professional encryption chip) by professional institution, verification process is performed by professional institution that (such as short message certification is performed by regular telecommunications company, dynamic password is provided by professional third party certification authority), and these authentication modes all can along with the time constantly update and perfect, therefore safety is higher, this be conventional lock incomparable.In addition, remote safe deposit box of the present invention adopts double authentication, namely first user carries out certification to obtain with the right of correspondence of Safe controller, then user to Safe controller certification to obtain the control to electronic lock to Relay Server, greatly can improve safety, because in the present invention, Relay Server only plays the effect of information transfer and the certification of the not responsible control about electronic lock, is therefore difficult to obtain control to electronic lock by attacking Relay Server.In addition, owing to having possessed these safety certification means, can simplify and even cancel traditional mechanical lock or coded lock, thus reduce the cost of strongbox.Again, relaying strongbox of the present invention by Relay Server provide on mobile device strongbox application with Safe controller between information relay, and do not adopt P2P to connect, thus solve the problem that Safe controller must be in ready state constantly, on the contrary, can wake up at any time as required according to strongbox according to the present invention application or the Safe controller that resets to communicate.
fig. 2show the flow process 200 of the operation method according to remote safe deposit box system of the present invention.
In step 202, Relay Server 104 receives first user voucher by strongbox application 111 from user.Such as, user opens the strongbox application 111 on mobile phone and inputs fingerprint with to Relay Server 104 certification oneself.First user voucher is preferably dynamic subscriber's voucher, such as short message certification, user's recognition of face, user speech identification, key, dynamic password etc., carries out malice and unblank after can preventing static subscriber's voucher from being monitored by third party like this.
In step 204, by Relay Server 104 authenticated user and when authentication success by Relay Server 104 set up strongbox apply 111 with the communication of Safe controller 101.Relay Server 104 oneself can perform described certification, but described user's voucher also can be transmitted to Third Party Authentication mechanism by Relay Server 104 to carry out certification and receive authentication result from it.The communication of setting up between strongbox application 111 and Safe controller 101 can be carried out under the relaying of Relay Server 105, and namely this communication carries out transfer by Relay Server.This communication through relaying is preferably cryptographically carried out, and makes Relay Server 105 can not know described Content of Communication, thus improves safety.
In step 206, apply 111 by Relay Server 104 by strongbox and receive second user's voucher from user.The answer, user password etc. of safety problem that second user's voucher is preferably static subscriber's voucher, such as user fingerprints, user's recognition of face, user speech identification, key, user are arranged.By using the static subscriber's voucher participated in without the need to third party in the communication of user and Safe controller, safety can be improved, prevent from causing damage to user because third party reveals, but this does not get rid of and uses dynamic subscriber voucher, such as now still can the high dynamic subscriber's voucher of dependability.As mentioned above, for increasing safety, the communication of user and Safe controller can cryptographically be carried out.
In step 208, second user's voucher is transferred to Safe controller 101 for user described in Safe controller 101 certification by Relay Server 104, wherein provides control to described electronic lock by the strong controller of insurance to user when success identity user.
fig. 3show the flow process 300 of the expansion scheme of the operation method according to remote safe deposit box system of the present invention.Flow process 300 can be carried out before flow process 200, and such as, flow process 300 can be opened when strongbox applies 111 user at every turn carry out.
In step 302, record Wi-Fi access delay Tw.Described time delay Tw refer to Safe controller 101 from wake up to the time being successfully connected to Wi-Fi and spending.Described time delay Tw can be such as that user repeatedly unblanks the average of the time delay of recording in process.Described time delay such as also can be arranged by factory pre-sets or by user.
In step 304, the authentication operation time Ta of recording user.Described authentication operation time Ta refers to the time inputting first user voucher and spend to Relay Server authentication success from user.Described authentication operation time Ta can be that user repeatedly unblanks the average of the authentication operation time of recording in process.Described uncaging time such as also can be arranged by factory pre-sets or by user.
In step 306, Tw and Ta is compared, if Tw>=Ta+T
threshold value, then when user opens strongbox application, first wake Safe controller 101 up and reresent user and input user's voucher, otherwise, after success identity user, just wake Safe controller 101 up, wherein T
threshold valuethe threshold time that can arrange, this threshold time T
threshold valuecan be 0 or other positive numbers.This threshold time T
threshold valuecan arrange by factory pre-sets or by user.
fig. 4show the flow process of the operation method according to remote safe deposit box 100 of the present invention
figure.This flow process
figurepreferably performed by processor, but this flow process
figurealso can be realized by the hardware of such as FPGA, ASIC and so on.
In step 402, when user inputs first user voucher to Relay Server success identity by the strongbox application that mobile device runs, by Relay Server and described strongbox application communication.Described communication is preferably encryption, such as, use des encryption algorithm or RSA Algorithm to be encrypted described communication.
In step 404, received the second user's voucher inputted by strongbox application from user by Relay Server.
In step 406, second user's voucher described in certification.This certification can be performed by the processor of remote safe deposit box 100, or is performed by the specific authentication chip in remote safe deposit box 100.
In step 408, give the control to described electronic lock when authentication success to user.
fig. 5show the frame according to remote safe deposit box 100 of the present invention
figure.Remote safe deposit box 100 comprises safe body (not shown), Safe controller 101, electronic lock 102, optionally wakes button 114, optional password generated button 113 and optional additional lockset 112 up.Wherein dotted line frame or dotted arrow represent that these parts or connection are optional.
Safe controller 101 comprises processor 101a and memory 101b, described Safe controller 101 is connected with electronic lock 102 opening and closing controlling described electronic lock 102 by control line, and described Safe controller 101 is communicated with Relay Server 104 by wireless connections.Memory 101b stores computer executable program, and processor 101a is configured to perform described computer executable program to perform following action: when user inputs first user voucher to Relay Server 104 success identity by the strongbox application 111 that mobile device 105 runs, apply 111 by Relay Server 104 and described strongbox and communicate; Received the second user's voucher inputted by strongbox application 111 from user by Relay Server 104; Second user's voucher described in certification; And give the control to described electronic lock 102 when authentication success to user.
Remote safe deposit box 100 also has optional additional lockset 112, and this additional lockset 112 is such as coded lock or Fingerprint Lock.Additional lockset 112 is for increasing the safety of remote safe deposit box 100.Additional lockset 112 is passable
independentunblanked in ground, namely with electronic lock 102 unblank independently unblanked, but additional lockset 112 also can be unblanked together with electronic lock 102, namely when the side in additional lockset 112 and electronic lock 102 is unblanked, the opposing party is also automatically unblanked, thus simplify the operation, now additional lockset 112 be connected to electronic lock 102 or Safe controller 101 (see
in figuredotted arrow).
Remote safe deposit box 100 also comprises optionally wakes button 114 up.This wakes button 114 up for generating reseting event signal when Safe controller 101 is in deep sleep and this signal being sent to external circuit, external circuit is transferred to Safe controller 101 according to this event generating reset signal, thus Safe controller 101 is resetted, waken up object to reach.This is favourable, because when Safe controller 101 due to energy-conservation need to be in deep-sleep time (now electric current is generally 10-20 μ A), that Safe controller cannot be waken up and normally run again after can only first resetting, therefore need by means of outside arouse machine processed, as waken button up and external circuit resets and thus makes Safe controller 101 normally run.Certainly, be alternative in and wake button 101 up, also can produce described reseting event signal by the strongbox application 111 on the mobile device of user, and be transmitted to external circuit by Relay Server 104, external circuit regeneration reset signal also flows to Safe controller 101.In other cases, such as when Safe controller 101 is in common park mode, (now electric current is 10-20mA or 0.5mA, Safe controller 101 can be waken up), apply 111 generation corresponding event by strongbox and wake Safe controller 101 up.
Remote safe deposit box 100 also has optional binding button 113.Binding button 113 bind for mobile device and the remote safe deposit box user, and transmission key is as voucher of unblanking future.And alternatively only after the mobile device 105 of user binds 100 successes with remote safe deposit box, user could use the strongbox on this mobile device 105 to apply 111 and operate remote safe deposit box 100, otherwise prompting user haves no right to operate this remote safe deposit box 100 by strongbox application.Described binding comprises the following steps that (1) is to (4):
(1) user presses the binding button 113 in remote safe deposit box 100.
(2) generate dynamic binding key by remote safe deposit box 100 and automatic transmission to strongbox application 111 using as binding authorized key or be manually input to strongbox by user and apply in 111 using as binding authorized key.Described dynamic binding key can use the fixing binding key of remote safe deposit box to be encrypted, to improve safety.Now, user needs first to be decrypted to input fixing binding key in strongbox application the secret key of received dynamic binding.In addition, also can conversely by strongbox apply 100 generate dynamic binding keys and be transferred to remote safe deposit box using as binding authorized key.
(3) in strongbox application 111, described binding authorized key is preserved.
(4) apply 111 by strongbox before communicating with Safe controller 101, order to be encrypted with described binding authorized key at every turn and send to Safe controller 101, deciphered by Safe controller 101, and when successful decryption obtains order could fill order as unblanked, or set up reliable and securely to connect as https between strongbox application 111 and Safe controller 105 with binding authorized key, and carry out information exchange by this reliable and secure connection.
Such as, this binding key applies the 105 unified keys used by remote safe deposit box 100 and strongbox under symmetric encipherment algorithm, or the PKI under asymmetrical encryption algorithm, wherein when asymmetrical encryption algorithm, strongbox application 105 holds the PKI of Safe controller key centering for enciphered data, and controller utilizes private key to be decrypted.Certainly, other AES also it is contemplated that.
In addition, described binding authorized key also can be applied by strongbox and generates and send to Safe controller, or described binding authorized key is the fixing initial key of remote safe deposit box, and user can be directly inputted in strongbox application.In above-mentioned two situations, user is without the need to pressing binding button.
Although some embodiments of the present invention have given description in present specification, it will be apparent for a person skilled in the art that these embodiments only exemplarily illustrate.It may occur to persons skilled in the art that numerous flexible programs, replacement scheme and improvement project and do not exceed scope of the present invention.Appended claims is intended to limit scope of the present invention, and contains the method and structure in the scope of these claims itself and equivalents thereof by this.
Claims (17)
1. a remote safe deposit box system, comprising:
Remote safe deposit box, it comprises safe body, electronic lock and Safe controller, described Safe controller is connected with electronic lock the opening and closing controlling described electronic lock by control line, and described Safe controller is by wireless connections and relay server;
Be arranged on the strongbox application on the mobile device of user; And
Relay Server, itself and described strongbox application communication;
Wherein user inputs first user voucher after Relay Server success identity by strongbox application, the communication with Safe controller is set up by Relay Server, then user by strongbox application input second user voucher after Safe controller success identity, obtain the control to electronic lock.
2. remote safe deposit box system as claimed in claim 1, it is one or more that wherein said first user voucher comprises in the following: user password, user fingerprints, user's recognition of face, user speech identification, short message certification code, user answer a question and dynamic password.
3. remote safe deposit box system as claimed in claim 1 or 2, it is one or more that wherein said second user's voucher comprises in the following: preset electron key, letter of identity, user password, user fingerprints, user's recognition of face, user speech identification, key, dynamic password and user answer a question.
4. remote safe deposit box system as claimed in claim 1 or 2, wherein the communication of user and Relay Server and/or the communication of user and Safe controller are coded communication, are encrypted as adopted general symmetric encipherment algorithm and rivest, shamir, adelman.
5. remote safe deposit box system as claimed in claim 1 or 2, wherein the strongbox application on mobile device was bound with remote safe deposit box and is authorized to realize binding by user before performing unlock operation first, and described binding comprises the steps:
From strongbox application receive static binding key using as binding authorized key or user by the fixing binding key of the manual input remote safe deposit box of strongbox application using as binding authorized key, wherein this binding key can be apply by remote safe deposit box and strongbox the unified key used under symmetric encipherment algorithm, or the PKI that the Safe controller under asymmetrical encryption algorithm provides;
Described binding authorized key is preserved in strongbox application; And
Be applied in communicate with Safe controller with in the past order being encrypted with described binding authorized key by strongbox at every turn and send to Safe controller, deciphered by Safe controller, and could fill order when successful decryption obtains order, or set up reliable and securely to connect between strongbox application with Safe controller with binding authorized key, and carry out information exchange by this reliable and secure connection.
6. remote safe deposit box system as claimed in claim 1 or 2, wherein the strongbox application on mobile device was bound with remote safe deposit box and is authorized to realize binding by user before performing unlock operation first, and described binding comprises the steps:
User presses the binding button in remote safe deposit box;
By remote safe deposit box generate dynamic binding key automatic transmission to strongbox apply using as binding authorized key or by user be manually input to strongbox apply in using as binding authorized key, or remote safe deposit box application generates dynamic binding key and automatically sends remote safe deposit box to using as binding authorized key, wherein this binding key applies by remote safe deposit box and strongbox the unified key used under symmetric encipherment algorithm, or the PKI under asymmetrical encryption algorithm, wherein when asymmetrical encryption algorithm, strongbox application holds the PKI of Safe controller key centering for enciphered data, and controller utilizes private key to be decrypted,
Described binding authorized key is preserved in strongbox application; And
Be applied in communicate with Safe controller with in the past order being encrypted with described binding authorized key by strongbox at every turn and send to Safe controller, deciphered by Safe controller, and when successful decryption obtains order could fill order as unblanked, or set up reliable and securely to connect between strongbox application with Safe controller with binding authorized key, and carry out information exchange by this reliable and secure connection.
7. remote safe deposit box system as claimed in claim 5, wherein user is on the basis first realizing the binding of static key, perform unlock operation first and produce a dynamic binding key in the past again, strongbox application on mobile device bound with remote safe deposit box and authorize to realize binding, described binding comprises the steps:
User presses the binding button in remote safe deposit box;
By remote safe deposit box generation dynamic binding key and by described static key encryption newly with the dynamic binding key generated, and with the mode automatic transmission of ciphertext to strongbox application using as binding authorized key, or by remote safe deposit box application generation dynamic binding key and by described static key encryption with newly-generated dynamic binding key, and with ciphertext automatic transmission to strongbox using as binding authorized key, wherein this binding key applies by remote safe deposit box and strongbox the unified key used under symmetric encipherment algorithm, or the PKI under asymmetrical encryption algorithm, wherein when asymmetrical encryption algorithm, strongbox application holds the PKI of Safe controller key centering for enciphered data, and controller utilizes private key to be decrypted,
Described binding authorized key is preserved in strongbox application; And
Be applied in communicate with Safe controller with in the past order being encrypted with described binding authorized key by strongbox at every turn and send to Safe controller, deciphered by Safe controller, and could fill order when successful decryption obtains order, or set up reliable and securely to connect between strongbox application with Safe controller with binding authorized key, and carry out information exchange by this reliable and secure connection.
8. remote safe deposit box system as claimed in claim 1 or 2, wherein said wireless connections are one of Wi-Fi connection and honeycomb mobile link.
9. remote safe deposit box system as claimed in claim 1 or 2, wherein Safe controller is in the sleep pattern with low-power consumption at one's leisure, and after the button on user correspondingly operating remote strongbox, directly wake Safe controller up or first cause external circuit produce the reset signal of Safe controller and then reset and wake Safe controller up.
10. remote safe deposit box system as claimed in claim 1 or 2, wherein in multiple user each can by the strongbox application corresponding first user voucher of input and second user's voucher respectively to Relay Server and Safe controller success identity after obtain control to electronic lock.
11. remote safe deposit box systems as claimed in claim 1 or 2, wherein Safe controller is when anomalous event being detected, or send notice to server when some users unpack, server sends a notification message to each strongbox user application after receiving described notice.
12. remote safe deposit box systems as claimed in claim 1 or 2, wherein security insurance case additionally has Fingerprint Lock or coded lock, wherein when described Fingerprint Lock or coded lock are unlocked, described electronic lock is unlocked in the lump or still must be unlocked separately, wherein send notice when unlocking to strongbox application, or when additional controller sends alarm signal, send notice to strongbox application.
13. remote safe deposit box systems as claimed in claim 1 or 2, wherein said wireless connections are that Wi-Fi connects, and wherein Safe controller record Wi-Fi access delay Tw, the authentication operation time Ta of strongbox application recording user, and if Tw>=Ta+T
threshold value, then, when user opens strongbox application, first strongbox application wakes Safe controller up and reresents user and input user's voucher, otherwise strongbox is applied in after user is authenticated successfully and just wakes Safe controller up, wherein T
threshold valueit is the threshold time that can arrange.
14. remote safe deposit box systems as claimed in claim 1, wherein by GPS consumer positioning and the IP address location remote safe deposit box of the wireless router utilizing Safe controller to connect, and and if only if when the position that user is positioned at set geographic area or user and remote safe deposit box meets certain relation, this user could obtain the control of the electronic lock to remote safe deposit box.
15. 1 kinds for running the method for remote safe deposit box system, wherein said remote safe deposit box system comprises: remote safe deposit box, it comprises safe body, electronic lock and Safe controller, and described Safe controller is by wireless connections and relay server; Relay Server; And the strongbox application run on the mobile device of user, itself and described relay server, the method comprises the following steps:
First user voucher is received from user by strongbox application;
Authenticated user and set up strongbox application and the communication of Safe controller when authentication success;
Second user's voucher is received from user by strongbox application; And
Second user's voucher is transferred to Safe controller for user described in Safe controller certification, wherein provides control to described electronic lock by Safe controller to user when success identity user.
16. methods as claimed in claim 14, wherein said wireless connections are that Wi-Fi connects, and the method also comprises the following steps:
Record Wi-Fi access delay Tw;
The authentication operation time Ta of recording user; And
Tw and Ta is compared, if Tw>=Ta+T
threshold value, then when user opens strongbox application, first wake Safe controller up and reresent user and input user's voucher, otherwise, after success identity user, just wake Safe controller up, wherein T
threshold valueit is the threshold time that can arrange.
17. 1 kinds of remote safe deposit box, comprising:
Safe body;
Electronic lock; And
Safe controller, described Safe controller is connected with electronic lock the opening and closing controlling described electronic lock by control line, and described Safe controller is by wireless connections and relay server, and described Safe controller comprises:
Memory, this memory stores computer executable program;
Processor, it is configured to perform described computer executable program to perform following action:
When user inputs first user voucher to Relay Server success identity by the strongbox application that mobile device runs, by Relay Server and described strongbox application communication;
Received the second user's voucher inputted by strongbox application from user by Relay Server;
Second user's voucher described in certification; And
The control to described electronic lock is given to user when authentication success.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510562365.8A CN105257145B (en) | 2015-09-07 | 2015-09-07 | Remote safe deposit box |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510562365.8A CN105257145B (en) | 2015-09-07 | 2015-09-07 | Remote safe deposit box |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN105257145A true CN105257145A (en) | 2016-01-20 |
| CN105257145B CN105257145B (en) | 2017-09-15 |
Family
ID=55097043
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510562365.8A Active CN105257145B (en) | 2015-09-07 | 2015-09-07 | Remote safe deposit box |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105257145B (en) |
Cited By (15)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105611616A (en) * | 2016-02-06 | 2016-05-25 | 宁波耀龙软件科技有限公司 | Method for connecting with safe box based on scene and corresponding safe box |
| CN105721575A (en) * | 2016-02-06 | 2016-06-29 | 宁波耀龙软件科技有限公司 | High-availability remote safe box system and corresponding safe box |
| CN106326875A (en) * | 2016-08-31 | 2017-01-11 | 张北江 | Security protection fingerprint recognition method and system |
| WO2017147938A1 (en) * | 2016-03-04 | 2017-09-08 | 茹旷 | Intelligent electronic lock |
| CN107461109A (en) * | 2016-06-02 | 2017-12-12 | 刘轶群 | A kind of express delivery safety box and its monitoring method and device |
| CN107733652A (en) * | 2017-09-13 | 2018-02-23 | 捷德(中国)信息科技有限公司 | For sharing the method for unlocking and system and lock of the vehicles |
| CN108280581A (en) * | 2018-01-26 | 2018-07-13 | 中国银行股份有限公司 | A kind of article control method and device |
| CN109215307A (en) * | 2018-09-26 | 2019-01-15 | 宁波耀龙软件科技有限公司 | A kind of intelligent alarm device Internet-based |
| CN111464652A (en) * | 2020-04-07 | 2020-07-28 | 中国建设银行股份有限公司 | Bank safe deposit box service providing method and device |
| CN111554055A (en) * | 2020-04-27 | 2020-08-18 | 中国银行股份有限公司 | Full-automatic safety device |
| CN112189221A (en) * | 2018-04-24 | 2021-01-05 | 品谱股份有限公司 | Certificate provisioning for electronic lock authentication of a server |
| WO2021114411A1 (en) * | 2019-12-12 | 2021-06-17 | 创斯达科技集团(中国)有限责任公司 | Communication module-based lock control system, safe box, and lock control method |
| CN113343946A (en) * | 2021-08-02 | 2021-09-03 | 深圳市顺易通信息技术有限公司 | Cross-connection cabinet based on Internet of things and control system and control method thereof |
| CN114422246A (en) * | 2022-01-20 | 2022-04-29 | 国家药品监督管理局信息中心(中国食品药品监管数据中心) | Data reading method and system and electronic equipment |
| CN114673427A (en) * | 2022-04-29 | 2022-06-28 | 中国农业银行股份有限公司 | Safe box control method and device and safe box system |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN201738727U (en) * | 2010-06-07 | 2011-02-09 | 宁波永发集团有限公司 | Safety cabinet |
| CN102831721A (en) * | 2012-08-03 | 2012-12-19 | 杭州九树网络科技有限公司 | Intelligent safe deposit box system and control method |
| US20150211283A1 (en) * | 2010-09-28 | 2015-07-30 | Scott H. Meeker | Centrally controlled safe management system |
-
2015
- 2015-09-07 CN CN201510562365.8A patent/CN105257145B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN201738727U (en) * | 2010-06-07 | 2011-02-09 | 宁波永发集团有限公司 | Safety cabinet |
| US20150211283A1 (en) * | 2010-09-28 | 2015-07-30 | Scott H. Meeker | Centrally controlled safe management system |
| CN102831721A (en) * | 2012-08-03 | 2012-12-19 | 杭州九树网络科技有限公司 | Intelligent safe deposit box system and control method |
Cited By (19)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105721575B (en) * | 2016-02-06 | 2019-02-12 | 宁波耀龙软件科技有限公司 | High availability remote safe deposit box system and corresponding safety box |
| CN105721575A (en) * | 2016-02-06 | 2016-06-29 | 宁波耀龙软件科技有限公司 | High-availability remote safe box system and corresponding safe box |
| CN105611616B (en) * | 2016-02-06 | 2019-05-03 | 宁波耀龙软件科技有限公司 | For based on scene connection safety box method and corresponding safety box |
| CN105611616A (en) * | 2016-02-06 | 2016-05-25 | 宁波耀龙软件科技有限公司 | Method for connecting with safe box based on scene and corresponding safe box |
| WO2017147938A1 (en) * | 2016-03-04 | 2017-09-08 | 茹旷 | Intelligent electronic lock |
| CN107461109A (en) * | 2016-06-02 | 2017-12-12 | 刘轶群 | A kind of express delivery safety box and its monitoring method and device |
| CN106326875A (en) * | 2016-08-31 | 2017-01-11 | 张北江 | Security protection fingerprint recognition method and system |
| CN107733652A (en) * | 2017-09-13 | 2018-02-23 | 捷德(中国)信息科技有限公司 | For sharing the method for unlocking and system and lock of the vehicles |
| CN107733652B (en) * | 2017-09-13 | 2021-05-25 | 捷德(中国)科技有限公司 | Unlocking method and system for shared vehicle and vehicle lock |
| CN108280581A (en) * | 2018-01-26 | 2018-07-13 | 中国银行股份有限公司 | A kind of article control method and device |
| CN108280581B (en) * | 2018-01-26 | 2022-06-03 | 中国银行股份有限公司 | Article management method and device |
| CN112189221A (en) * | 2018-04-24 | 2021-01-05 | 品谱股份有限公司 | Certificate provisioning for electronic lock authentication of a server |
| CN109215307A (en) * | 2018-09-26 | 2019-01-15 | 宁波耀龙软件科技有限公司 | A kind of intelligent alarm device Internet-based |
| WO2021114411A1 (en) * | 2019-12-12 | 2021-06-17 | 创斯达科技集团(中国)有限责任公司 | Communication module-based lock control system, safe box, and lock control method |
| CN111464652A (en) * | 2020-04-07 | 2020-07-28 | 中国建设银行股份有限公司 | Bank safe deposit box service providing method and device |
| CN111554055A (en) * | 2020-04-27 | 2020-08-18 | 中国银行股份有限公司 | Full-automatic safety device |
| CN113343946A (en) * | 2021-08-02 | 2021-09-03 | 深圳市顺易通信息技术有限公司 | Cross-connection cabinet based on Internet of things and control system and control method thereof |
| CN114422246A (en) * | 2022-01-20 | 2022-04-29 | 国家药品监督管理局信息中心(中国食品药品监管数据中心) | Data reading method and system and electronic equipment |
| CN114673427A (en) * | 2022-04-29 | 2022-06-28 | 中国农业银行股份有限公司 | Safe box control method and device and safe box system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN105257145B (en) | 2017-09-15 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN105257145A (en) | Remote safe box | |
| US10742630B2 (en) | Method and apparatus for making a decision on a card | |
| CN104167029B (en) | A kind of intelligent lock and its operating method | |
| CN105871874A (en) | Mobile Internet virtual key authorizing system and hardware door lock control method thereof | |
| JP5879388B2 (en) | Electronic lock, electronic locking system, electronic lock operating method, and computer program | |
| JP6009783B2 (en) | Access control system | |
| CN205121680U (en) | Bluetooth lock system based on intelligent terminal | |
| CN101599188B (en) | IPA security certification-based access control system | |
| CN104123768B (en) | A kind of safe and intelligent lock system and unlocking, shut control method | |
| AU2009201756B1 (en) | Electronic locking system and method | |
| JP2011511350A (en) | Access control management method and apparatus | |
| US8566579B2 (en) | Obfuscated authentication systems, devices, and methods | |
| CN104052817A (en) | Intelligent door and intelligent door control method and system | |
| CN108460862A (en) | The method and electric lockset, lock system having with palmprint authentication and Mobile phone control lock | |
| CN104282061A (en) | Safety intelligent lock system and unlocking and locking methods thereof | |
| CN104299300A (en) | Unlocking and locking method for NFC based security intelligent lock system | |
| CN104282060B (en) | A kind of method for unlocking of safety intelligent lock system | |
| CN109889669A (en) | A kind of unlocked by mobile telephone method and system based on secure cryptographic algorithm | |
| CN109166216A (en) | A kind of control method and device of smart bluetooth door lock | |
| JP6411903B2 (en) | Gate control system | |
| KR20160109887A (en) | Portable nfc doorlock connecting with mobile and openning method thereof | |
| CN104282059A (en) | Bluetooth-based safety intelligent lock system with video monitoring function and unlocking and locking methods | |
| CN103957521A (en) | Community visitor authentication method and system based on NFC technology | |
| EP2356637A1 (en) | Card credential method and system | |
| CN104281800A (en) | Unlocking method of safety intelligent lock system with video-monitoring function on basis of bluetooth |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |