CN105488367B

CN105488367B - A kind of guard method, backstage and the system of SAM device

Info

Publication number: CN105488367B
Application number: CN201510799008.3A
Authority: CN
Inventors: 李明
Original assignee: 李明
Current assignee: Tendyron Corp
Priority date: 2015-11-19
Filing date: 2015-11-19
Publication date: 2019-05-21
Anticipated expiration: 2035-11-19
Also published as: CN105488367A

Abstract

The present invention provides guard method, backstage and the system of a kind of SAM device, this method comprises: backstage receives the certification request that the card reader of ID card without SAM module is sent；Card reader authentication information and the first ID card information are included at least in the certification request；The backstage carries out safety certification to the card reader of ID card without SAM module according to the card reader authentication information in the certification request, and is confirmed according to first ID card information in the certification request to the authenticity of the identity card；After passing through to the card reader of ID card safety certification without SAM module, and after the authenticity validation to the identity card, indicate that the SAM device executes the process for obtaining resident identification card data.The present invention can be avoided SAM device and further improve the safety of SAM device in addition, backstage also carries out risk control management to card reader by the rogue attacks of card reader.

Description

A kind of guard method, backstage and the system of SAM device

Technical field

The present invention relates to a kind of electronic technology field more particularly to a kind of guard method, backstage and the systems of SAM device.

Background technique

Existing front end card reader of ID card has at least two modules, including read through model and SAM (residential identity results Demonstrate,prove security control) module.Since each front end card reader of ID card is respectively provided with SAM module, existing front end identity card is read The manufacturing cost of card device is high；Also, a SAM module can only carry out identity to the resident identification card information that a read through model is read Verifying, therefore, existing front end card reader of ID card utilization rate is lower, to solve this problem, occurs improvement project at present: preceding Holding card reader of ID card no longer includes SAM module, SAM module is set to backstage side, to promote the utilization rate of SAM module.

However the network environment due to being in from the background is open network, any card reader can request backstage to make its access SAM module, this just greatly improves the security risk of SAM module, once SAM module is broken through by illegal card reader, in SAM module The identity card root certificate of storage will be stolen or even be distorted by criminal, and consequence is hardly imaginable.

Summary of the invention

Present invention seek to address that the above problem.

The main purpose of the present invention is to provide a kind of guard methods of SAM device.

Another object of the present invention is to provide a kind of for protecting the backstage of SAM device.

Another object of the present invention is to provide a kind of protection systems of SAM device.

In order to achieve the above objectives, technical solution of the present invention is specifically achieved in that

One aspect of the present invention provides a kind of guard method of SAM device, comprising: is received from the background without SAM module Card reader of ID card send certification request；It is included at least in the certification request: card reader authentication information and the first body Part card information；The backstage is according to the card reader authentication information in the certification request to described without SAM module Card reader of ID card carries out safety certification, and according to first ID card information in the certification request to the identity card Authenticity confirmed；After passing through to the card reader of ID card safety certification without SAM module, and to described After the authenticity validation of identity card, indicate that the SAM device executes the process for obtaining resident identification card data.

Optionally, first ID card information includes: identity card essential information and/or authentication ids information.

Optionally, the identity card essential information includes at least following one: identity card card mark, identity card application number According to identity card presupposed information.

Optionally, the backstage is according to first ID card information in the certification request to the true of the identity card Reality is confirmed, comprising:

The identity card essential information in first ID card information is sent to Ministry of Public Security backstage by the backstage, is connect Receive the confirmation message for the corresponding identity card necessary being of the identity card essential information that the Ministry of Public Security backstage returns, confirmation The identity card is true；Alternatively,

First ID card information is sent to the SAM device by the backstage, receives what the SAM device returned Confirmation message after being passed through according to first ID card information to the authentication ids confirms that the identity card is true.

Optionally, the method also includes: the backstage obtains the management access information of the identity card；The identity card Management access information include at least one of: the card management information of the identity card, the access of the history of the identity card Number, the identity card are currently accessed position, the history on-position of the identity card, when being currently accessed of the identity card Between and the identity card currency transaction information；The backstage is according to the management access information of the identity card according to preset strategy Risk control management is carried out to identity card and the card reader.

Optionally, the backstage according to the management access information of the identity card according to preset strategy to the identity card and The card reader carries out risk control management, includes at least one of following manner:

Judge whether the identity card is illegal identity card according to the card management information of the identity card, if so, Risk control management then is carried out to the identity card or the card reader；

Judge the identity card is currently accessed whether position belongs to predeterminable area, if be not belonging to, to the identity Card or the card reader carry out risk control management；

Judge whether the transaction amount in the currency transaction information of the identity card exceeds consumption limitation, if it is, right The identity card or the card reader carry out risk control management；

Judge the identity card is currently accessed whether the time was within the scope of preset turn-on time, if it is, right The identity card or the card reader carry out risk control management；

Within a preset period of time, whether the history access number of the identity card is more than preset times threshold value for judgement, if It is that risk control management then is carried out to the identity card or the card reader；

Judgement within a preset period of time, the identity card continuously access the on-position of the SAM device distance whether More than pre-determined distance, if it is, carrying out risk control management to the identity card or the card reader.

Optionally, the method also includes: the backstage obtains the management access information of the card reader；The card reader Management access information include at least one of: the device management information of the card reader, the card reader history access Number, the card reader are currently accessed position, the history on-position of the card reader, when being currently accessed of the card reader Between, the Transaction Information of the card reader；According to the management access information of the card reader, according to preset strategy to the card reader Carry out risk control management.

Optionally, the management access information according to the card reader carries out wind to the card reader according to preset strategy Danger control management, includes at least one of following manner:

Judge whether the card reader is put on the blacklist or whether has been more than the normal use time limit, if it is, to institute It states card reader and carries out risk control management；

Judge whether the on-position of the card reader belongs to predeterminable area, if be not belonging to, to the card reader into Row risk control management；

Judge whether the transaction amount in the Transaction Information of the card reader exceeds consumption limitation, if it is, to described Card reader carries out risk control management；

Judge the card reader is currently accessed whether the time was within the scope of preset turn-on time, if it is, right The card reader carries out risk control management；

Within a preset period of time, whether the access number of the card reader is more than preset times, if it is, to institute for judgement It states card reader and carries out risk control management；

Judgement within a preset period of time, the card reader continuously access the on-position of the SAM device distance whether More than pre-determined distance, if it is, carrying out risk control management to the card reader.

Optionally, it is described the card reader of ID card safety certification without SAM module is passed through after, and to institute After the authenticity validation for stating identity card, before the instruction SAM device executes the process for obtaining resident identification card data, The method also includes: exit passageway is established with the card reader of ID card without SAM module in the backstage；The method Further include: during the SAM device executes the process for obtaining resident identification card data, the backstage does not have with described The card reader of ID card of SAM module transmits the number transmitted between the identity card and the SAM device using the exit passageway According to.

Another aspect of the present invention provides a kind of for protecting the backstage of SAM device, comprising: reception device, for receiving The certification request that card reader of ID card without SAM module is sent includes at least in the certification request: card reader certification letter Breath and the first ID card information；Authentication device, for according to the card reader authentication information in the certification request to institute It states the card reader of ID card without SAM module and carries out safety certification, and according to first identity in the certification request Card information confirms the authenticity of the identity card；Access device, for not having SAM to described in the authentication device After the card reader of ID card safety certification of module passes through, and after the authenticity validation to the identity card, the SAM dress is indicated Set the process for executing and obtaining resident identification card data.

Optionally, the backstage further include: the SAM device, for holding after the instruction for receiving the access device Row obtains the process of resident identification card data.

Optionally, the authentication device, for according to first ID card information in the certification request to described The authenticity of identity card is confirmed, comprising:

The authentication device, for the identity card essential information in first ID card information to be sent to public security Portion backstage receives the confirmation for the corresponding identity card necessary being of the identity card essential information that the Ministry of Public Security backstage returns Information confirms that the identity card is true；Alternatively,

The authentication device receives the SAM for first ID card information to be sent to the SAM device Device return the authentication ids are passed through according to first ID card information after confirmation message, confirm the identity Card is true.

Optionally, the backstage further include: risk control device, for obtaining the management access information of the identity card； Risk control management is carried out to identity card and the card reader according to preset strategy according to the management access information of the identity card.

Optionally, the management access information of the identity card includes at least one of: the card management of the identity card Information, the history of the identity card access the history access digit for being currently accessed position, the identity card of number, the identity card It sets, the currency transaction information for being currently accessed time and the identity card of the identity card；

The risk control device, for the management access information according to the identity card according to preset strategy to the body Part card and the card reader carry out risk control management, include at least one of following manner:

Optionally, the risk control device is also used to obtain the management access information of the card reader, and according to described The management access information of card reader carries out risk control management to the card reader according to preset strategy.

Optionally, the management access information of the card reader includes at least one of: the equipment management of the card reader Information, the history of the card reader access the history access digit for being currently accessed position, the card reader of number, the card reader It sets, the Transaction Information for being currently accessed time, the card reader of the card reader；

The risk control device is according to the management access information of the card reader according to preset strategy to the card reader The mode for carrying out risk control management includes at least following one:

Optionally, the backstage further include:

Transmitting device, in the authentication device to the card reader of ID card safety certification without SAM module By rear, and after the authenticity validation to the identity card, indicate that the SAM device executes to obtain in the access device and occupy Before the process of people's identity card data, exit passageway is established with the card reader；The transmitting device is also used in the SAM During device executes the process for obtaining resident identification card data, with the card reader using described in exit passageway transmission The data transmitted between identity card and the SAM device.

Another aspect of the present invention additionally provides a kind of protection system of SAM device, comprising: backstage, card reading as described above Device and SAM device, in which: the card reader, for sending the certification request to the backstage；The SAM device is used for After the instruction for receiving the backstage, the process for obtaining resident identification card data is executed.

Another aspect of the present invention additionally provides a kind of system for accessing SAM device, comprising: backstage as described above and card reading Device, in which: the card reader, for sending the certification request to the backstage.

As seen from the above technical solution provided by the invention, the present invention provides a kind of guard method of SAM device, Backstage and system, before the process for obtaining resident identification card data is executed in SAM device, backstage is just to card reader of ID card and body Part card carries out safety certification, after the safety certification to card reader of ID card and identity card passes through, and foundation and body After the exit passageway of part card card reader, just card reader of ID card is allowed to access SAM device, avoid SAM device by illegal identity The attack for demonstrate,proving card reader and illegal identity card, reduces the risk that root certificate information is trapped in SAM device, further, Backstage also carries out risk control management to card reader of ID card and identity card, avoids illegal identity card card reader and illegal identity The attack to SAM device is demonstrate,proved, the safety of SAM device is further ensured.

Detailed description of the invention

In order to illustrate the technical solution of the embodiments of the present invention more clearly, required use in being described below to embodiment Attached drawing be briefly described, it should be apparent that, drawings in the following description are only some embodiments of the invention, for this For the those of ordinary skill in field, without creative efforts, it can also be obtained according to these attached drawings other Attached drawing.

Fig. 1 is a kind of flow chart of the guard method for SAM device that the embodiment of the present invention 1 provides；

Fig. 2 is a kind of structural schematic diagram on backstage for protecting SAM device that the embodiment of the present invention 2 provides；

Fig. 3 is the structural schematic diagram on the backstage that the another kind that the embodiment of the present invention 2 provides is used to protect SAM device；

Fig. 4 is a kind of structural schematic diagram of the protection system for SAM device that the embodiment of the present invention 3 provides；

Fig. 5 is the structural schematic diagram of the protection system for another SAM device that the embodiment of the present invention 3 provides.

Specific embodiment

With reference to the attached drawing in the embodiment of the present invention, technical solution in the embodiment of the present invention carries out clear, complete Ground description, it is clear that described embodiments are only a part of the embodiments of the present invention, instead of all the embodiments.Based on this The embodiment of invention, every other implementation obtained by those of ordinary skill in the art without making creative efforts Example, belongs to protection scope of the present invention.

In the description of the present invention, it is to be understood that, term " center ", " longitudinal direction ", " transverse direction ", "upper", "lower", The orientation or positional relationship of the instructions such as "front", "rear", "left", "right", "vertical", "horizontal", "top", "bottom", "inner", "outside" is It is based on the orientation or positional relationship shown in the drawings, is merely for convenience of description of the present invention and simplification of the description, rather than instruction or dark Show that signified device or element must have a particular orientation, be constructed and operated in a specific orientation, therefore should not be understood as pair Limitation of the invention.In addition, term " first ", " second " are used for description purposes only, it is not understood to indicate or imply opposite Importance or quantity or position.

In the description of the present invention, it should be noted that unless otherwise clearly defined and limited, term " installation ", " phase Even ", " connection " shall be understood in a broad sense, for example, it may be being fixedly connected, may be a detachable connection, or be integrally connected；It can To be mechanical connection, it is also possible to be electrically connected；It can be directly connected, can also can be indirectly connected through an intermediary Connection inside two elements.For the ordinary skill in the art, above-mentioned term can be understood at this with concrete condition Concrete meaning in invention.

The embodiment of the present invention is described in further detail below in conjunction with attached drawing.

Embodiment 1

The present embodiment provides a kind of guard methods of SAM device, as shown in Figure 1, including the following steps (S101~S103):

S101, the certification request that the card reader of ID card without SAM module is sent is received from the background；

In the present embodiment, encryption equipment can be also possible to from the background for background server, the identity card without SAM module is read Card device, for the relevant information of reading identity card, such as identity card essential information (such as identity card card sequence, identity card application number According to identity card presupposed information etc.), resident identification card data (such as resident identification card number, name, photo, age, address, card Service life, fingerprint etc.) etc., should have external communication interface, the communication interface without the card reader of ID card of SAM module For wireline interface or wireless interface, communication interface can carry out data communication with backstage；SAM module is that existing card reader of ID card is set The module set, SAM module can be used for that it is close just to read ID card information after certification passes through with identity card mutual authentication Text, and identity card cipher-text information is decrypted to obtain the plaintext of ID card information, due to the card reader of ID card in this programme It is not provided with SAM module, when the card reader of ID card without SAM module needs reading identity card cleartext information, needs Xiang Houtai Certification request is sent, after certification passes through, resident identification card data is sent to SAM device by backstage and carry out corresponding operation, such as ID card information ciphertext is decrypted, identity card cleartext information is obtained and is back to the card reader of ID card without SAM module.

In this step, card reader authentication information and the first ID card information are included at least in certification request；Wherein, recognize It is wrapped in certification request comprising card reader authentication information in order to which legitimacy of the backstage to card reader carries out safety certification in card request Containing the first ID card information in order to which authenticity of the backstage to identity card confirms.Believe further, it is also possible to be authenticated to card reader Breath and the encryption of the first ID card information, are included in certification request in a manner of ciphertext, to improve to background transfer data Safety.As a kind of optional embodiment, the first ID card information includes: identity card essential information and/or authentication ids The confirmation to the authenticity of identity card may be implemented by identity card based on information in information from the background, is believed substantially by identity card The confirmation to the authenticity of identity card also may be implemented in breath and/or authentication ids information, SAM device, wherein identity card is basic Information is read from identity card by the card reader of ID card for not having SAM module, but the identity card essential information does not include resident Identity card data (such as identification card number name, photo, address, fingerprint), the only relevant information of card, include at least it is following it One: identity card card mark (such as identity card card sequence number, identity card chip serial number), identity card application data (are used for Which application shown to be provided in the identity card card) and identity card presupposed information (for example, the structural body of preset support file System, preset hidden identification and preset support fingerprint recognition etc.).These identity card essential informations can be used to unique identification The identity of identity card, and be not easy to forge, can be used for judging whether identity card is true.And may be used also using identity card essential information With the corresponding management access information for inquiring identity card, to realize the risk control management to identity card.Authentication ids letter To need the authentication information sent to SAM module when being authenticated between identity card and SAM module in the prior art, SAM is filled breath Setting can use the authentication ids information and authenticates to identity card, to confirm whether the identity card is true.

Based on the backstage authentication different to card reader of ID card, difference can be carried in card reader authentication information Content can specifically include at least following three kinds of modes:

Mode one can include at least in card reader authentication information: the first authentication data, the first signed data and not have There is the digital certificate of the card reader of ID card of SAM module, wherein background authentication identity card card reading may be implemented according to digital certificate The legitimacy of device, according to the public key of the first authentication data and card reader may be implemented background authentication first signed data whether be The signature that the legal card reader is done.As a kind of optional mode, the first signed data includes: without SAM module The signed data that card reader of ID card signs to the first authentication data using its private key, wherein the first authentication data May include at least one of: identity card essential information, card reader of ID card without SAM module identity and Random factor.The identity of identity card essential information and card reader of ID card all can be plaintext version or ciphertext form, such as Fruit is ciphertext form, then backstage has key identical with card reader, and can decrypt to ciphertext and obtain corresponding plaintext.First recognizes Demonstrate,proving data, there are the modes of multiple combinations, and the ciphertext of plaintext, identity card essential information including identity card essential information does not have The identity of the plaintext of the identity of the card reader of ID card of SAM module, card reader of ID card without SAM module The combination of one or more of ciphertext and random factor, for example, the first authentication data includes: identity card essential information it is close The ciphertext of the identity of card reader of ID card literary, without SAM module, random factor, in another example, the first authentication data packet Include: the ciphertext of identity card essential information, random factor, in another example, the first authentication data includes: identity card essential information it is close The plaintext or cipher text of the identity of card reader of ID card literary, without SAM module, is not listed herein.Recognize by first The multiple combinations mode that card data may include, can increase the reliability of verifying.As the optional reality of one of the present embodiment Mode is applied, the identity of the card reader of ID card without SAM module includes at least following one: without SAM module The certificate number of the sequence number of card reader of ID card and the card reader of ID card without SAM module, sequence number and certificate number all may be used With unique identification card reader of ID card.In the present embodiment, when the first authentication data includes random factor, as a kind of optional Mode, random factor can by do not have SAM module card reader of ID card generate, the identity card card reading without SAM module Device includes safety chip, which can store its private key and digital certificate, and can generate above-mentioned random factor, as Another optional mode, random factor can also be sent by generating from the background receiving the card reader of ID card without SAM module Certification request before, the card reader of ID card without SAM module from getting the random factor from the background, wherein it is random because Son includes: random number and chance event, is single authentication data, therefore, from the background to the signature signed based on random factor Data sign test can achieve the purpose for preventing Replay Attack.

In which one, the first signed data is to utilize its private key pair by not having the card reader of ID card of SAM module What above-mentioned first authentication data was signed, the card reader of ID card without SAM module is to above-mentioned a certain combination side The first authentication data that formula obtains is signed to obtain after the first signed data is sent to backstage, can use do not have from the background The public key of the card reader of ID card of SAM module and the first authentication data obtained by this kind of combination are to the first signed data Carry out sign test, wherein it is basic to can use the key pair identity card negotiated with the card reader of ID card for not having SAM module from the background The ciphertext of information obtains the plaintext of identity card essential information, and backstage can use and read with the identity card for not having SAM module The ciphertext that the key pair that card device is negotiated does not have the identity of the card reader of ID card of SAM module, which is decrypted, not to be had The plaintext of the identity of the card reader of ID card of SAM module.In the present embodiment, above-mentioned first authentication data is utilized by backstage Public key with the card reader of ID card for not having SAM module is to the safety certification of the first signed data, it is ensured that does not have SAM The legitimacy of the card reader of ID card of module.

Mode two can include at least in card reader authentication information: the first authentication data as above and close using transmitting The first authentication data ciphertext that key encrypts the first authentication data, it is identical with card reader of ID card due to preserving from the background Transmission key can think backstage to the safety of card reader of ID card if backstage can decrypt the first authentication data ciphertext Certification passes through, and therefore, which includes above-mentioned first authentication data and the first authentication data ciphertext can be real Now backstage authenticates the legitimacy of card reader.

Mode three can include at least in card reader authentication information: the first authentication data as above and close using verifying The check value that first authentication data is calculated in key, it is close due to preserving verification identical with card reader of ID card from the background Key, if identical check value can be calculated to the first authentication data in backstage, it may be considered that backstage is to identity card card reading The safety certification of device passes through, and therefore, which includes that above-mentioned first authentication data and check value may be implemented Backstage authenticates the legitimacy of card reader.

S102, from the background according to the card reader authentication information in certification request to do not have SAM module card reader of ID card Safety certification is carried out, and the authenticity of identity card is confirmed according to the first ID card information in certification request；

It in this step, include verifying (i.e. root of the backstage to the legitimacy for the card reader of ID card for not having SAM module Safety certification is carried out to the card reader of ID card for not having SAM module according to the card reader authentication information in certification request) and after Platform to the verifying of the legitimacy of identity card (that is, according to the first ID card information in certification request to the authenticity of identity card into Row confirmation), wherein as one of the present embodiment optional embodiment, from the background to the identity card card reading for not having SAM module The verifying of the legitimacy of device can be also possible to conjunction of the backstage to identity card before backstage is to the verifying of the legitimacy of identity card After the verifying of method, the present embodiment improves the safety of certification by the double authentication to card reader of ID card and identity card Property and reliability, can after certification passes through, just execute SAM device read resident identification card data process, guarantee SAM device The attack of illegality equipment is not will receive.

Wherein, three kinds of modes of the corresponding content for being included with card reader authentication information in step S101, basis is recognized from the background Card request in card reader authentication information to do not have SAM module card reader of ID card carry out safety certification, specifically include with Under type:

Mode one, when card reader authentication information includes at least: the first authentication data, the first signed data and not having When the digital certificate of the card reader of ID card of SAM module, from the background to the digital certificate for the card reader of ID card for not having SAM module Legitimacy verified, and using the public key of the card reader of ID card without SAM module and the first authentication data to the One signed data carries out sign test, and after and the first signed data sign test legal in verifying digital certificate passes through, then backstage is to identity card The safety certification of card reader passes through.

Mode two, when card reader authentication information includes at least: the first authentication data and utilization transmission key pair as above When the first authentication data ciphertext that the first authentication data encrypts, it is close that transmission identical with card reader of ID card is preserved from the background Key can use the transmission key from the background and decrypt to the first authentication data ciphertext, and after successful decryption, then backstage is to identity card card reading The safety certification of device passes through.

Mode three, when card reader authentication information includes at least: the first authentication data and utilization check key pair as above When the check value that first authentication data is calculated, check key identical with card reader of ID card is preserved from the background, if Identical school is calculated to the first authentication data using algorithm identical with card reader of ID card using the check key in backstage Value is tested, then backstage passes through the safety certification of card reader of ID card.

By above-mentioned three kinds of authentication modes, the conjunction to the card reader of ID card for not having SAM module may be implemented from the background The verifying of method guarantees that this does not have the legitimacy of the card reader of ID card of SAM module, to guarantee that SAM device not will receive The attack of illegal identity card card reader.

In this step, from the background to the verifying of the legitimacy of identity card (that is, being believed according to the first identity card in certification request Breath confirms the authenticity of identity card) it also may include various ways, merely exemplary below to provide the following two kinds mode:

Mode one, from the background according to the identity card essential information in the first ID card information in certification request to identity card Authenticity is confirmed, is specifically included:

Identity card essential information is sent to Ministry of Public Security backstage by backstage；It is basic to receive the identity card that Ministry of Public Security backstage returns The confirmation message of the corresponding identity card necessary being of information；Confirm that identity card is true.

In which one, the Ministry of Public Security backstage can be stored in advance with the associated identity card essential information of identity card, that is, It says, if an identity card necessary being, when identity card essential information (the card sequence number of such as identity card) is sent out on backstage It send to Ministry of Public Security backstage, Ministry of Public Security backstage can correspond to backstage one identity card essential information of return and find one The confirmation message of real identity card, backstage can determine that the identity card is not at least to forge as a result, can prevent SAM device The attack for the identity card illegally forged.

Mode two confirms have from the background according to the first ID card information in certification request to the authenticity of identity card Body includes:

First ID card information is sent to SAM device by backstage, receives believing according to the first identity card for SAM device return The confirmation message after passing through to authentication ids is ceased, confirmation identity card is true.

In which two, when in the first ID card information including identity card essential information, SAM device can be according to body Part card essential information identity card is authenticated, specifically, may include: in the first ID card information identity card essential information, The check value that parameter to be verified and identity card are calculated using check key based on the parameter to be verified, SAM device receive To after first ID card information, the check key of the identity card can be inquired according to identity card essential information, utilizes the school Test the check value that SAM device side is calculated based on the parameter to be verified for key, judge whether in the first ID card information Check value is consistent, if unanimously, being true confirmation message to the identity card is returned from the background, body can be confirmed from the background as a result, Part card is true, the attack for the identity card that can prevent SAM device from illegally being forged；When including in the first ID card information When authentication ids information, SAM device can be authenticated identity card according to authentication ids information, to confirm that identity card is It is no true.In the present embodiment, SAM device carries out certification and SAM mould in the prior art to identity card according to authentication ids information Block is identical as the mode that identity card is authenticated, and details are not described herein again.When the first ID card information includes simultaneously that identity card is basic When information and authentication ids information, SAM device can respectively be authenticated identity card according to identity card essential information, according to Authentication ids information authenticates identity card, by carrying out double authentication according to different information, improves the reliable of certification Property.The present embodiment can also be determined by authenticity of the SAM device to identity card as a result, executed in SAM device and obtained resident Before the process of identity card data, just determines that the identity card is not at least to forge, can prevent SAM device from illegally being forged Identity card attack.

The present embodiment is by the safety certification to the card reader of ID card for not having SAM module and to identity card as a result, Safety certification double authentication, guarantee the safety of the equipment of access SAM device, if a certain link, such as identity card Safety certification does not pass through, then backstage will also refuse card reader of ID card access SAM device without SAM module.

S103, after passing through to the card reader of ID card safety certification for not having SAM module, and to the true of identity card Property confirmation after, instruction SAM device execute obtain resident identification card data process.

In this step, only pass through to the card reader of ID card and the equal safety certification of identity card that do not have SAM module, Just instruction SAM device executes the process for obtaining resident identification card data on backstage, i.e., will just not have the identity card of SAM module from the background The resident identification card data that card reader is sent to SAM device are sent to SAM device, alternatively, the instruction of SAM device platform upon receipt It just begins through backstage afterwards to initiate to obtain the process of resident identification card data to card reader, if to the body for not having SAM module Any one of part card card reader and the safety certification of identity card safety certification do not pass through, then SAM device can not execute acquisition The process of resident identification card data, to ensure that when illegal identity demonstrate,proves card reader or illegal identity card wants attack SAM device When, illegal identity card card reader or illegal identity card can be identified from the background, stops this rogue attacks, be the peace of SAM device Full access provides guarantee.

As an alternative embodiment, if in step s 102, the first ID card information does not include identity card Authentication information, i.e. SAM device does not authenticate identity card according to authentication ids information in step S102, then in this step In, it can also include certification of the SAM device to identity card, SAM dress in the process for obtaining resident identification card data that SAM device, which executes, Authentication ids information can be obtained from card reader by backstage by setting, and be recognized according to the authentication ids information identity card Card, the certification is same as the prior art, and details are not described herein again.

In the present embodiment, in order to guarantee backstage card reader between can safety-oriented data transfer, as in the present embodiment A kind of optional embodiment, in step s 102 to do not have SAM module card reader of ID card safety certification pass through after, and After the authenticity validation to identity card, indicate that SAM device executes the process for obtaining resident identification card data in step s 103 Before, method provided in this embodiment further include: establish exit passageway with the card reader of ID card for not having SAM module from the background； After establishing exit passageway, this method further include: the process for obtaining the process of resident identification card data is executed in SAM device In, backstage and card reader of ID card without SAM module between exit passageway transmission identity card and SAM device using transmitting Data are further ensured that it is possible thereby to improve the safety for transmitting data between backstage and card reader of ID card and are sent to SAM dress The safety for the data set.

The essence that exit passageway is established with the card reader of ID card for not having SAM module in backstage is from the background and without SAM The card reader of ID card of module negotiates common transmission key, using the transmission key to the identity card for not having SAM module The data encryption transmitted between card reader and backstage, from the background can between the card reader of ID card without SAM module with guarantee To establish the exit passageway for capableing of safety-oriented data transfer.As the optional embodiment of one of the present embodiment, rear Platform carries out the legitimacy of the card reader of ID card and identity card that do not have SAM module before or after safety certification, further includes: Card reader of ID card without SAM module is to the safety certification on backstage, such as the digital certificate sent to backstage is verified, And sign test is carried out to the signed data that backstage is sent, pacified mutually with the card reader of ID card for not having SAM module from the background After full certification passes through, transmission key can be negotiated in several ways with the card reader of ID card for not having SAM module from the background, Including at least one of following manner:

Mode one: using fixed transmission key, what the transmission key of the fixation was not randomly generated, but both sides are preparatory Agreement；

Mode two: being calculated transmission key using preset identical algorithm, which is that both sides make an appointment, but Be according to the transmission key that the algorithm generates it is random, than in mode one, fixed transmission key is safer；

Mode three: transmission key is calculated using identical algorithm based on the first authentication data, for example, recognizing based on first Demonstrate,prove the random factor in data, or by the ciphertext of the identity card essential information in the first authentication data and random factor jointly based on Calculation obtains transmission key, and there are many combinations of the first authentication data, and details are not described herein again, due in the first authentication data The randomness of random factor, the transmission key calculated at this time will be safer than the transmission key calculated in mode two.

It is optional as one of the present embodiment in order to further ensure SAM device is not attacked by illegal identity card Embodiment, from the background can also be to identity card or reading in the present embodiment before step S103, or after step s 103 Card device carries out risk control management, that is, method provided in this embodiment further include: the management that backstage obtains identity card accesses letter Breath；Backstage carries out risk control management to identity card and card reader according to preset strategy according to the management access information of identity card. In the present embodiment, risk control management is then carried out when finding that identity card is dangerous, to reduce SAM device by illegal identity card A possibility that attack, guarantees the safety of the identity card of access SAM device.

Wherein, as one of the present embodiment optional embodiment, the management access information of the identity card may include At least one of: the card management information of identity card, the history of identity card access number, identity card be currently accessed position, The history on-position of identity card, identity card are currently accessed time, the Transaction Information of identity card and history turn-on time.In step Before rapid S103, when carrying out risk control management to identity card or card reader from the background, it can get in the following manner from the background The access-in management information of identity card: it can receive the body that the card reader of ID card without SAM module is sent to backstage from the background Part card is currently accessed the time, is currently accessed position and the access-in management of one or more identity cards in currency transaction information Information, the access-in management information of above-mentioned identity card can be individually sent to backstage by card reader, also may be embodied in the first identity It demonstrate,proves in information.In addition, the first ID card information may include as a kind of optional mode: identity card essential information passes through body Part card essential information (such as identity card card identifies) can inquire pre-stored corresponding body from local data base from the background (card management information, the history of identity card of such as identity card access number to the management access information of part card, the history of identity card connects Enter position and history turn-on time etc.).After step s 103, risk control management is carried out to identity card or card reader from the background When, from the background other than it can get through the above way the access-in management information of identity card, it can also be executed in SAM device During the process for obtaining resident identification card data, the plaintext of resident identification card data, such as identity card are obtained from SAM device Number, name, address, fingerprint etc. can be with the information of unique identification identity card, and by the resident identification card data from local data Management access information (the card management information of such as identity card, identity card of the library inquiry to the pre-stored corresponding identity card History access number, identity card history on-position and history turn-on time etc.).It, from the background can root in the present embodiment According to the management access information of these identity cards to identity card and the card reader of ID card without SAM module carry out risk management, Risk control management is then carried out when finding that the identity card is dangerous, to reduce a possibility that SAM device is by rogue attacks, is guaranteed Access the safety of the equipment of SAM device.

As one of the present embodiment optional embodiment, according to the management access information of above-mentioned identity card, according to pre- If strategy carries out risk control management to identity card, include at least one of following manner or any combination thereof: management allows to access Identity card and connecing of allowing of the on-position range that allows of card reader of ID card equipment without SAM module, management, management Enter trading limit, management allow access frequency, management allow turn-on time range, management permission continuous on-position away from From:

Mode one: the identity card that management allows to access and the card reader of ID card equipment without SAM module are specific to wrap It includes: judging whether identity card is illegal identity card according to the card management information of identity card from the background, if it is, to identity card Or the card reader of ID card without SAM module carries out risk control management.

It, from the background can be according to identity card essential information, such as identity card as one of the present embodiment optional embodiment Card sequence number obtain identity card card management information, for example, whether the identity card is put on the blacklist, the identity card is It is no exist illegal access record, the identity card whether be more than the normal use time limit, the identity card whether reported the loss, the identity card Whether format is illegal (i.e. illegal ID card information) for whether frozen, the identity card card image；Backstage passes through these The card management information of identity card is it may determine that go out whether the identity card is illegal identity card, for example, if there is illegally connecing Enter record, then thinks that the identity card is dangerous from the background, then safety certification does not pass through.In another example the card sequence number of the identity card The not length of card sequence number of the length of the dedicated sequence number of identity card or sequence number beyond identity card as defined in the Ministry of Public Security Degree, then think that the card image format of the identity card is illegal from the background, is illegal identity card.

In the present embodiment, risk control management may include at least one following manner: not allow not having SAM module Card reader of ID card access SAM device, can disconnect from the background with should card reader of ID card without SAM module connection, It sends warning signal, refuse the body for not having SAM module to the card reader of ID card and SAM device for not having SAM module The data that part card card reader is sent are sent to SAM device, by the identity card and should card reader of ID card without SAM module It pipes off, freeze the identity card etc., as long as card reader of ID card without SAM module and backstage can be disconnected Communication, so that this, which does not have the card reader of ID card of SAM module and illegal identity card illegally, cannot attack the mode of SAM device, It can be included within protection scope of the present invention.The mode of these risk control management is applied equally to following manner two ~mode six.

Mode two: the on-position range of permission is managed, is specifically included: sentenced from the background according to the position that is currently accessed of identity card Whether the on-position of disconnected identity card belongs to predeterminable area, if be not belonging to, to identity card and the body without SAM module Part card card reader carries out risk control management.

In the specific implementation, backstage judges whether the on-position of identity card belongs to predeterminable area and can refer to identity card Be currently accessed whether position belongs to user specific region, user property region and user administrative region, user specific region be User oneself draw a circle to approve safety zone, user property region include user living area, user job region, user's travel purpose Ground and user vacation land, user administrative region include province's range, city's range and district range.

Mode three: the access trading limit of permission is managed, is specifically included: being sentenced from the background according to the currency transaction information of identity card Whether the transaction amount in disconnected currency transaction information exceeds consumption limitation, if it is, to identity card or without SAM module Card reader of ID card carries out risk control management；

In the specific implementation, spending amount limitation can also be carried out for above-mentioned each region from the background, that is, judges identity card Transaction Information in transaction amount whether exceed for each region consumption limitation, for example, single trade gold in Beijing Volume is no more than 5000 yuan.

Mode four: the turn-on time of permission is managed, is specifically included: body being judged according to the time that is currently accessed of identity card from the background Part card is currently accessed whether the time was within the scope of preset turn-on time, if it is, to identity card or not having SAM mould The card reader of ID card of block carries out risk control management；

It in the specific implementation, from the background can also be for the limitation for the turn-on time that above-mentioned each region is allowed, i.e. body Part card be currently accessed whether the time was within the scope of the turn-on time for each region, such as allow access time be from 8 points of morning at 5 points in afternoon, does not allow to access except the time range.

Mode five: manage the access frequency of permission, specifically include: within a preset period of time, identity card is gone through for backstage judgement History accesses whether number is more than preset times threshold value, if it is, to identity card or the card reader of ID card without SAM module Carry out risk control management；

In this approach, the identity card in preset time period can be inquired from the background ends the access number being currently accessed, example Such as, end the access number in 1 month be currently accessed, if it exceeds preset times threshold value, for example 1 month access number is more than 100 times, then illustrate that the identity card has the possibility of rogue attacks SAM device, then the identity to the identity card or without SAM module It demonstrate,proves card reader and carries out risk control management.

Mode six: the continuous on-position distance of permission is managed, is specifically included: judged from the background within a preset period of time, body Whether the distance of the on-position of the continuous access SAM device of part card is more than pre-determined distance, if it is, to identity card or not having The card reader of ID card of SAM module carries out risk control management.

In this approach, the identity card in preset time period can be inquired from the background ends the continuous access SAM being currently accessed The position of SAM device is accessed respectively in Beijing and upper for example, in 1 day in the distance between on-position of device twice in succession Sea, this distance between on-position accessed twice have been over pre-determined distance, illustrate that the identity card has rogue attacks SAM The possibility of device, then the card reader of ID card to the identity card or without SAM module carries out risk control management.

Certainly, above-mentioned risk control Managed Solution by way of example only, carries out the side of risk control management in the present embodiment Case is not limited to this.

In addition, in order to further ensure SAM device is not attacked by illegal card reader of ID card, as in the present embodiment A kind of optional embodiment, from the background can also be right in the present embodiment before step S101, or after step slol Card reader of ID card carries out risk control management, that is, method provided in this embodiment further include: backstage obtains card reader of ID card Management access information；Backstage according to the management access information of card reader of ID card according to preset strategy to card reader of ID card into Row risk control management.In the present embodiment, when find card reader of ID card it is dangerous when then carry out risk control management, with drop A possibility that low SAM device is attacked by illegal card reader of ID card guarantees the safety of the card reader of ID card of access SAM device Property.

Wherein, as one of the present embodiment optional embodiment, the pipe of the card reader of ID card without SAM module Reason access information includes at least: the device management information of card reader of ID card, the history of card reader of ID card access number, identity Card card reader be currently accessed position, the history on-position of card reader of ID card, card reader of ID card be currently accessed the time, The Transaction Information of card reader of ID card.The present embodiment is only after step slol, to carry out risk to card reader of ID card from the background It is illustrated for control management, the access-in management information of card reader of ID card can be got in the following manner from the background: after Platform can receive when being currently accessed of card reader of ID card that the card reader of ID card without SAM module is sent to backstage Between, the access-in management information of one or more card reader of ID card that is currently accessed in position and currency transaction information, it is above-mentioned The access-in management information of card reader of ID card can be individually sent to backstage by card reader, also may be embodied in card reader certification letter In breath.In addition, card reader authentication information may include: the identity of card reader of ID card is (such as a kind of optional mode Sequence number, certificate number, public key information etc.), it from the background can be by the identity of card reader of ID card from local data library inquiry To the pre-stored corresponding card reader of ID card management access information (device management information of such as card reader of ID card, The history access number of card reader of ID card, the history on-position of card reader of ID card and history turn-on time etc.).This reality It applies in example, risk management can be carried out to card reader of ID card according to the management access information of these identity cards from the background, work as discovery Risk control management is then carried out when the card reader of ID card is dangerous, is attacked with reducing SAM device by illegal card reader of ID card A possibility that hitting guarantees the safety of the card reader of ID card of access SAM device.

As one of the present embodiment optional embodiment, according to the pipe for the card reader of ID card for not having SAM module Access information is managed, risk control management is carried out to the card reader of ID card for not having SAM module according to preset strategy, is included at least One of following manner or any combination thereof: management allows the card reader of ID card equipment without SAM module of access, management to permit Perhaps the access frequency of access trading limit, management permission that on-position range, management allow manages the turn-on time allowed The continuous on-position distance that range, management allow:

Mode one: management allows the card reader of ID card equipment without SAM module accessed, specifically includes: sentencing from the background Whether the card reader of ID card without SAM module that disconnecting enters is the illegal card reader of ID card without SAM module, such as Fruit is then to carry out risk control management to the card reader of ID card for not having SAM module.

As one of the present embodiment optional embodiment, can be read from the background according to the identity card for not having SAM module The identity of card device, the sequence number for not having the card reader of ID card of SAM module such as obtain the identity card without SAM module The device management information of card reader, for example, should card reader of ID card without SAM module whether be put on the blacklist, this not Card reader of ID card with SAM module records with the presence or absence of illegal access, is somebody's turn to do the card reader of ID card without SAM module Whether the date of production and production firm the information such as meet the requirements；Backstage does not have the card reader of ID card of SAM module by these Device management information it may determine that go out this do not have SAM module card reader of ID card whether be illegally do not have SAM mould The card reader of ID card of block, for example, then thinking that this does not have the identity card of SAM module from the background if there is illegal access record Card reader is dangerous, then safety certification does not pass through.

In the present embodiment, risk control management may include at least one following manner: not allow not having SAM module Card reader of ID card access SAM device, can disconnect from the background with should card reader of ID card without SAM module connection, It sends warning signal, refuse the body for not having SAM module to the card reader of ID card and SAM device for not having SAM module The data that part card card reader is sent are sent to SAM device, the card reader of ID card for not having SAM module pipe off Deng as long as the card reader of ID card without SAM module and the communication on backstage can be disconnected, so that this does not have SAM mould illegally The card reader of ID card of block cannot attack the mode of SAM device, can be included within protection scope of the present invention.These wind The mode of danger control management is applied equally to two~mode of following manner six.

Mode two: manage the on-position range of permission, specifically include: backstage judges the identity card without SAM module Card reader is currently accessed whether position belongs to predeterminable area, if be not belonging to, to the identity card card reading for not having SAM module Device carries out risk control management.

In the specific implementation, it is pre- to judge whether the on-position of the card reader of ID card without SAM module belongs to for backstage If region can refer to the card reader of ID card without SAM module be currently accessed position whether belong to user specific region, User property region and user administrative region, user specific region be user oneself draw a circle to approve safety zone, user property area Domain includes user living area, user job region, user's travel destination and user vacation land, user administrative region include Province's range, city's range and district range.

Mode three: the access trading limit of permission is managed, is specifically included: judging that the transaction amount in currency transaction information is It is no to be limited beyond consumption, if it is, carrying out risk control management to the card reader of ID card for not having SAM module；

In the specific implementation, spending amount limitation can also be carried out for above-mentioned each region from the background, i.e. judgement does not have Whether the transaction amount in the Transaction Information of the card reader of ID card of SAM module exceeds the consumption limitation for each region, example Such as, no more than 5000 yuan of single transaction amount in Beijing.

Mode four: the turn-on time of permission is managed, is specifically included: judging the card reader of ID card without SAM module It is currently accessed whether the time was within the scope of preset turn-on time, if it is, to the identity card card reading for not having SAM module Device carries out risk control management；

It in the specific implementation, from the background can also be for the limitation for the turn-on time that above-mentioned each region is allowed, i.e., not Card reader of ID card with SAM module is currently accessed whether the time was within the scope of the turn-on time for each region, Such as the time accessed is allowed to be not allow to access except the time range from 8 points of morning at 5 points in afternoon.

Mode five: manage the access frequency of permission, specifically include: within a preset period of time, judgement does not have SAM mould for judgement Whether the history access number of the card reader of ID card of block is more than preset times threshold value, if it is, to not having SAM module Card reader of ID card carries out risk control management；

In this approach, can inquire from the background in preset time period should end without the card reader of ID card of SAM module The access number being currently accessed, for example, end the access number in 1 month be currently accessed, if it exceeds preset times threshold value, For example 1 month access number is more than 100 times, then illustrates that this does not have the card reader of ID card of SAM module and has rogue attacks SAM dress The possibility set then carries out risk control management to the card reader of ID card for not having SAM module.

Mode six: manage the continuous on-position distance of permission, specifically include: judgement within a preset period of time, does not have Whether the distance that the card reader of ID card of SAM module continuously accesses the on-position of SAM device is more than pre-determined distance, if so, Risk control management then is carried out to the card reader of ID card for not having SAM module.

In this approach, can inquire from the background in preset time period should end without the card reader of ID card of SAM module The distance between the on-position for the continuous access SAM device being currently accessed, for example, accessing SAM dress twice in succession in 1 day Respectively in Beijing and Shanghai, this distance between on-position accessed twice has been over pre-determined distance, says for the position set The bright possibility be somebody's turn to do the card reader of ID card without SAM module and have rogue attacks SAM device, then do not have SAM module to this Card reader of ID card carries out risk control management.

The guard method of the SAM device provided through this embodiment, SAM device execute the stream for obtaining resident identification card data Before journey, safety certification is carried out to the card reader of ID card and identity card that do not have SAM module from the background, and if only if to not having After the card reader of ID card of SAM module and the safety certification of identity card pass through, backstage just allows SAM device to execute acquisition resident The process of identity card data avoids SAM device from demonstrate,proving the attack of card reader and illegal identity card by illegal identity, reduces The risk that root certificate information is trapped in SAM device further from the background can also read the identity card for not having SAM module Card device and identity card carry out risk control management, and illegal identity card card reader and illegal identity card is avoided to attack SAM device It hits, further ensures the safety of SAM device.

Embodiment 2

As shown in Fig. 2, the present embodiment provides a kind of for protecting the backstage 10 of SAM device, comprising: reception device 101 is recognized Card device 102 and access device 103.

In the present embodiment, reception device 101 receive the certification that the card reader of ID card without SAM module is sent and ask It asks, is included at least in certification request: card reader authentication information and the first ID card information；Authentication device 102 is recognized for basis Card reader authentication information in card request carries out safety certification to the card reader of ID card for not having SAM module, and according to certification The first ID card information in request confirms the authenticity of identity card；Access device 103, in authentication device 102 After passing through to the card reader of ID card safety certification for not having SAM module, and after the authenticity validation to identity card, instruction SAM device executes the process for obtaining resident identification card data.

As one of the present embodiment optional embodiment, as shown in figure 3, backstage 10 further includes SAM device 104, use In after the instruction for receiving access device 103, the process for obtaining resident identification card data is executed, to complete SAM device to body The certification of part card and the reading of resident identification card data.

SAM device in the present embodiment can integrate in the background, as a part (as shown in Figure 3) on backstage, effectively SAM device is promoted to the compatibility of server, SAM device can also exist as individual SAM device, lead to independently of backstage It crosses itself communication interface and is attached with server and communicated, convenient for the upgrading and maintenance on backstage, promote the flexibility on backstage；Into One step, the SAM device in the present embodiment can be one or more, to adapt to the demand on different backstages.

It is just right before the backstage provided through this embodiment executes the process for obtaining resident identification card data in SAM device Card reader of ID card and identity card without SAM module carry out safety certification, and if only if to the identity for not having SAM module After card card reader and the safety certification of identity card pass through, backstage just allows SAM device to execute acquisition resident identification card data Process, if do not passed through to the safety certification of the card reader of ID card and identity card that do not have SAM module, backstage does not allow SAM device executes the process for obtaining resident identification card data, so that ensure that ought not have the identity card card reading of SAM module illegally When device or illegal identity card want attack SAM device, it can identify that this does not have the card reader of ID card of SAM module illegally from the background Or illegal identity card, stop this rogue attacks, reduce the risk that root certificate information is trapped in SAM device, is SAM device Secure accessing provide guarantee.

In the present embodiment, encryption equipment can be also possible to for background server (such as PC terminal) from the background, does not have SAM module Card reader of ID card, for the relevant information of reading identity card, such as identity card essential information (such as identity card card sequence, body Part card apply data and identity card presupposed information etc.), resident identification card data (such as resident identification card number, name, photo, the age, Address, card service life, fingerprint etc.) etc., there should be external communication interface without the card reader of ID card of SAM module, The communication interface is wireline interface or wireless interface, and communication interface can carry out data communication with backstage；SAM module is existing identity A module of card reader setting is demonstrate,proved, SAM module can be used for just reading body after certification passes through with identity card mutual authentication Part card information ciphertext, and identity card cipher-text information is decrypted to obtain the plaintext of ID card information, due to the body in this programme Part card card reader is not provided with SAM module, and the card reader of ID card without SAM module needs reading identity card cleartext information When, certification request need to be sent to backstage, after certification passes through, resident identification card data are sent to SAM device by backstage and carry out phase The operation answered such as decrypts ID card information ciphertext, obtains identity card cleartext information and is back to the identity without SAM module Demonstrate,prove card reader.

In the present embodiment, card reader authentication information and the first ID card information are included at least in certification request；Wherein, Recognize in certification request comprising card reader authentication information in order to which the authentication device 102 on backstage carries out safety to the legitimacy of card reader It demonstrate,proves, comprising the first ID card information in order to which the authentication device 102 on backstage carries out really the authenticity of identity card in certification request Recognize.In addition, card reader can also encrypt card reader authentication information and the first ID card information, it is included in a manner of ciphertext In certification request, to improve the safety for the data that backstage receives.As a kind of optional embodiment, the first ID card information It include: identity card essential information and/or authentication ids information, by identity card based on information, the authentication device 102 on backstage The confirmation to the authenticity of identity card may be implemented, pass through identity card essential information and/or authentication ids information, SAM device Also the confirmation to the authenticity of identity card may be implemented, wherein identity card essential information is read by not having the identity card of SAM module Card device is read from identity card, but the identity card essential information does not include resident identification card data (such as identification card number name, photograph Piece, address, fingerprint etc.), the only relevant information of card, include at least following one: identity card card identifies (such as ID card Piece sequence number, identity card chip serial number etc.), identity card application data are (for showing which is provided in the identity card card Using) and identity card presupposed information (for example, preset support the structural system of file, preset hidden identification and preset Support fingerprint recognition etc.).These identity card essential informations can be used to the identity of unique identification identity card, and be not easy to forge, can For judging whether identity card is true.And it can also be corresponded to using identity card essential information and inquire the management of identity card and connect Enter information, to realize the risk control management to identity card.Authentication ids information is identity card in the prior art and SAM mould The authentication information sent to SAM module is needed when being authenticated between block, SAM device can use the authentication ids information pair Identity card is authenticated, to confirm whether the identity card is true.

Based on the authentication device on the backstage authentication different to card reader, can be carried in card reader authentication information Different contents can specifically include at least following three kinds of modes:

Mode one can include at least in card reader authentication information: the first authentication data, the first signed data and not have There is the digital certificate of the card reader of ID card of SAM module, wherein the authentication device 102 on backstage may be implemented according to digital certificate The legitimacy for verifying card reader of ID card, the authentication device on backstage may be implemented according to the public key of the first authentication data and card reader Whether 102 verifying first signed datas are signature that the legal card reader is done.As a kind of optional mode, the first label Name data include: that the card reader of ID card without SAM module signs to the first authentication data using its private key Signed data, wherein the first authentication data may include at least one of: identity card essential information, without SAM module The identity of card reader of ID card and random factor.The identity of identity card essential information and card reader of ID card Think plaintext version or ciphertext form, if it is ciphertext form, the authentication device 102 on backstage has identical with card reader close Key, and ciphertext can be decrypted and obtain corresponding plaintext.There are the mode of multiple combinations, including identity card are basic for first authentication data The plaintext of information, the ciphertext of identity card essential information, card reader of ID card without SAM module identity plaintext, The ciphertext of the identity of card reader of ID card without SAM module and the combination of one or more of random factor, For example, the first authentication data includes: the ciphertext of identity card essential information, the identity of card reader of ID card without SAM module The ciphertext of mark, random factor, in another example, the first authentication data includes: the ciphertext of identity card essential information, random factor, again For example, the first authentication data includes: the ciphertext of identity card essential information, the identity of card reader of ID card without SAM module The plaintext or cipher text of mark, is not listed herein.The multiple combinations mode that may include by the first authentication data, can increase The reliability of verifying.As one of the present embodiment optional embodiment, the body of the card reader of ID card without SAM module Part mark includes at least following one: the sequence number of the card reader of ID card without SAM module and the body without SAM module The certificate number of part card card reader, sequence number and certificate number can unique identification card reader of ID card.In the present embodiment, when When one authentication data includes random factor, as a kind of optional mode, random factor can be by not having the identity card of SAM module Card reader generate, the card reader of ID card without SAM module includes safety chip, the safety chip can store its private key with And digital certificate, and above-mentioned random factor can be generated, as another optional mode, random factor can also by generating from the background, Before receiving the certification request that the card reader of ID card without SAM module is sent, the identity card card reading without SAM module Device from getting the random factor from the background, wherein and random factor includes: random number and chance event, is single authentication data, because This, the authentication device 102 on backstage, which can achieve the signed data sign test signed based on random factor, prevents Replay Attack Purpose.

In which one, the first signed data is to utilize its private key pair by not having the card reader of ID card of SAM module What above-mentioned first authentication data was signed, the card reader of ID card without SAM module is to above-mentioned a certain combination side The first authentication data that formula obtains is signed to obtain after the first signed data is sent to backstage, and the authentication device 102 on backstage can To utilize the public key of the card reader of ID card without SAM module and the first authentication data pair obtained by this kind of combination First signed data carries out sign test, wherein the authentication device 102 on backstage can use to be read with the identity card for not having SAM module The ciphertext for the key pair identity card essential information that card device is negotiated obtains the plaintext of identity card essential information and the certification dress on backstage Setting 102 can use the identity card reading that the key pair negotiated with the card reader of ID card for not having SAM module does not have SAM module The ciphertext of the identity of card device is decrypted to obtain the plaintext of the identity of the card reader of ID card without SAM module. In the present embodiment, read by the authentication device 102 on backstage using above-mentioned first authentication data and the identity card without SAM module Safety certification of the public key of card device to the first signed data, it is ensured that the card reader of ID card without SAM module it is legal Property.

Mode two can include at least in card reader authentication information: the first authentication data as above and close using transmitting The first authentication data ciphertext that key encrypts the first authentication data, since the authentication device 102 on backstage is preserved and identity The identical transmission key of card reader is demonstrate,proved, if backstage can decrypt the certification that can think backstage to the first authentication data ciphertext Device 102 passes through the safety certification of card reader of ID card, and therefore, which includes above-mentioned first authentication data And first authentication data ciphertext the authentication device 102 on backstage may be implemented the legitimacy of card reader is authenticated.

Mode three can include at least in card reader authentication information: the first authentication data as above and close using verifying The check value that first authentication data is calculated in key, since the authentication device 102 on backstage is preserved and card reader of ID card Identical check key, if identical check value can be calculated to the first authentication data in the authentication device 102 on backstage, It is considered that the authentication device 102 on backstage passes through the safety certification of card reader of ID card, and therefore, the card reader authentication information packet The authentication device 102 that backstage may be implemented containing above-mentioned first authentication data and check value recognizes the legitimacy of card reader Card.

In the present embodiment, authentication device 102, for the legitimacy to the card reader of ID card for not having SAM module Verifying (carries out safety to the card reader of ID card for not having SAM module according to the card reader authentication information in certification request to recognize Card) and the legitimacy to identity card verifying (that is, according to the first ID card information in certification request to the true of identity card Property confirmed), wherein as one of the present embodiment optional embodiment, authentication device 102 is not to having SAM module The verifying of legitimacy of card reader of ID card can be also possible to before the verifying to the legitimacy of identity card to identity card Legitimacy verifying after, the present embodiment improves certification by the double authentication to card reader of ID card and identity card Safety and reliability can just execute the process that SAM device reads resident identification card data, guarantee SAM after certification passes through Device not will receive the attack of illegal identity card card reader.

Wherein, three kinds of modes of the content for being included corresponding to card reader authentication information, authentication device 102 are used for basis Card reader authentication information in certification request carries out safety certification to the card reader of ID card for not having SAM module, specifically includes Following manner:

Mode one, when card reader authentication information includes at least: the first authentication data, the first signed data and not having When the digital certificate of the card reader of ID card of SAM module, specifically, authentication device 102, for the body for not having SAM module The legitimacy of the digital certificate of part card card reader is verified, and utilizes the public key of the card reader of ID card without SAM module And first authentication data sign test is carried out to the first signed data, in verifying, digital certificate is legal and the first signed data sign test is logical Later, then authentication device 102 passes through the safety certification of card reader of ID card.

Mode two, when card reader authentication information includes at least: the first authentication data and utilization transmission key pair as above When the first authentication data ciphertext that the first authentication data encrypts, specifically, since authentication device 102 is preserved and identity card The identical transmission key of card reader, authentication device 102 are also used to decrypt the first authentication data ciphertext using the transmission key, After successful decryption, then authentication device 102 passes through the safety certification of card reader of ID card.

Mode three, when card reader authentication information includes at least: the first authentication data and utilization check key pair as above When the check value that first authentication data is calculated, specifically, since authentication device 102 is preserved and card reader of ID card phase With check key, authentication device 102 is also used to using the check key using algorithm identical with card reader of ID card to the Identical check value is calculated in one authentication data, then authentication device 102 passes through the safety certification of card reader of ID card.

By above-mentioned three kinds of authentication modes, authentication device 102 be may be implemented to the identity card card reading for not having SAM module The verifying of the legitimacy of device guarantees that this does not have the legitimacy of the card reader of ID card of SAM module, to guarantee SAM device not It will receive the attack of illegal identity card card reader.

In the present embodiment, authentication device 102 is to the verifying of the legitimacy of identity card (that is, according in certification request One ID card information confirms the authenticity of identity card) also may include various ways, below it is merely exemplary provide it is as follows Two ways:

Mode one, authentication device 102, for being believed substantially according to the identity card in the first ID card information in certification request Breath confirms the authenticity of identity card, specifically includes:

Identity card essential information is sent to Ministry of Public Security's authentication device 102 by authentication device 102；Receive Ministry of Public Security's certification dress Set the confirmation message of the corresponding identity card necessary being of identity card essential information of 102 returns；Confirm that identity card is true.

In which one, Ministry of Public Security's authentication device 102 can be stored in advance with the associated identity card essential information of identity card, That is, if an identity card necessary being, when authentication device 102 by identity card essential information (such as identity card Card sequence number) be sent to Ministry of Public Security's authentication device 102 after, Ministry of Public Security's authentication device 102 can to authentication device 102 return one The identity card essential information can correspond to the confirmation message for finding a real identity card, and authentication device 102 can be true as a result, The fixed identity card is not at least to forge, the attack for the identity card that can prevent SAM device from illegally being forged.

Mode two, authentication device 102, for the authenticity according to the first ID card information in certification request to identity card Confirmed, specifically included:

First ID card information is sent to SAM device by authentication device 102, receive SAM device return according to first ID card information authentication ids are passed through after confirmation message, confirmation identity card it is true.

In which two, when in the first ID card information including identity card essential information, SAM device can be according to body Part card essential information identity card is authenticated, specifically, may include: in the first ID card information identity card essential information, The check value that parameter to be verified and identity card are calculated using check key based on the parameter to be verified, SAM device receive To after first ID card information, the check key of the identity card can be inquired according to identity card essential information, utilizes the school Test the check value that SAM device side is calculated based on the parameter to be verified for key, judge whether in the first ID card information Check value is consistent, if unanimously, being true confirmation message to the identity card is returned from the background, body can be confirmed from the background as a result, Part card is true, the attack for the identity card that can prevent SAM device from illegally being forged；When including in the first ID card information When authentication ids information, SAM device can be authenticated identity card according to authentication ids information, in the present embodiment, SAM Device carries out the side that certification is authenticated with SAM module in the prior art and identity card to identity card according to authentication ids information Formula is identical, and details are not described herein again.When the first ID card information includes simultaneously identity card essential information and authentication ids information, SAM device can respectively authenticate identity card according to identity card essential information, according to authentication ids information to identity card It is authenticated, by carrying out double authentication according to different information, improves the reliability of certification.The present embodiment can also be with as a result, It is determined by authenticity of the SAM device to identity card, before the process for obtaining resident identification card data is executed in SAM device, Just determine that the identity card is not at least to forge, the attack for the identity card that can prevent SAM device from illegally being forged.

The present embodiment is by the safety certification to the card reader of ID card for not having SAM module and to identity card as a result, Safety certification double authentication, guarantee the safety of the equipment of access SAM device, if a certain link, such as identity card Safety certification does not pass through, then authentication device 102 will also refuse card reader of ID card access SAM device without SAM module.

As one of the present embodiment optional embodiment, if not including identity identification in the first ID card information Information is demonstrate,proved, then executing in the process for obtaining resident identification card data in SAM device can also include that SAM device recognizes identity card Card, SAM device can obtain authentication ids information from card reader by backstage, and according to the authentication ids information to identity Card is authenticated, and the certification is same as the prior art, and details are not described herein again.

As one of the present embodiment optional embodiment, as shown in Figures 2 and 3, backstage 10, further includes transmitting device 105 (shown in dotted line frames), for authentication device 102 to do not have SAM module card reader of ID card safety certification pass through after, And after the authenticity validation to identity card, indicate that SAM device executes the stream of acquisition resident identification card data in access device 103 Before journey, exit passageway is established with card reader；Transmitting device 105 is also used to execute acquisition resident identification card data in SAM device Process during, utilize the data transmitted between exit passageway transmission identity card and SAM device with card reader.It is possible thereby to The safety for transmitting data between backstage and card reader of ID card is improved, is further ensured that the peace for being sent to the data of SAM device Quan Xing.

In the present embodiment, authentication device 102 establishes the reality of exit passageway with the card reader of ID card for not having SAM module Matter is that authentication device 102 and the card reader of ID card for not having SAM module negotiate common transmission key, close using the transmission Data encryption of the key to being transmitted between the card reader of ID card and authentication device 102 for not having SAM module, to guarantee authentication device It can establish the exit passageway for capableing of safety-oriented data transfer between 102 and the card reader of ID card without SAM module.Make For the optional embodiment of one of the present embodiment, authentication device 102 to the card reader of ID card for not having SAM module and The legitimacy of identity card carries out before or after safety certification, further includes: the card reader of ID card without SAM module is to backstage Safety certification, such as the digital certificate that the card reader of ID card without SAM module sends authentication device 102 tests Card, and sign test, authentication device 102 and the identity card for not having SAM module are carried out to the signed data that authentication device 102 is sent Card reader carries out mutually after safety certification passes through, and authentication device 102 can pass through with the card reader of ID card for not having SAM module Various ways negotiate transmission key, include at least one of following manner:

It is optional as one of the present embodiment in order to further ensure SAM device is not attacked by illegal identity card Embodiment, as shown in Figures 2 and 3, backstage 10 can also include risk control device 106 (shown in dotted line frame), for obtaining The management access information of identity card；To identity card and do not have SAM according to preset strategy according to the management access information of identity card The card reader of ID card of module carries out risk control management.In the present embodiment, risk is then carried out when finding that identity card is dangerous Control management guarantees the peace of the identity card of access SAM device to reduce a possibility that SAM device is attacked by illegal identity card Quan Xing.

Wherein, as one of the present embodiment optional embodiment, the management access information of the identity card may include At least one of: the card management information of identity card, the history of identity card access number, identity card be currently accessed position, The history on-position of identity card, identity card are currently accessed time, the Transaction Information of identity card and history turn-on time.It is connecing Before entering the process that device 103 indicates that SAM device executes acquisition resident identification card data, identity card or card reader are carried out from the background When risk control manages, risk control device 106 can get the access-in management information of identity card in the following manner: receive Device 101 can receive the identity card that the card reader of ID card without SAM module is sent to backstage be currently accessed the time, It is currently accessed the access-in management information of one or more identity cards in position and currency transaction information, above-mentioned identity card connects Reception device 101 can be individually sent to by card reader by entering management information, also may be embodied in the first ID card information, be received The access-in management information of above-mentioned identity card is sent to risk control device 106 by device 101.In addition, as a kind of optional side Formula, the first ID card information may include: identity card essential information, and risk control device 106 can be believed substantially by identity card Breath (such as identity card card identifies) inquires the management access information of the pre-stored corresponding identity card from local data base (when card management information, the history of identity card access number, the history on-position of identity card and the history of such as identity card access Between etc.).After access device 103 indicates that SAM device executes the process for obtaining resident identification card data, risk control device When 106 pairs of identity cards or card reader carry out risk control management, the access in addition to identity card can be got through the above way Except management information, it can also be obtained during SAM device executes the process for obtaining resident identification card data from SAM device Take the plaintext of resident identification card data, such as identification card number, name, address, fingerprint can with the information of unique identification identity card, and The management access information of the pre-stored corresponding identity card is inquired from local data base by the resident identification card data (when card management information, the history of identity card access number, the history on-position of identity card and the history of such as identity card access Between etc.).In the present embodiment, risk control device 106 can according to the management access informations of these identity cards to identity card and Card reader of ID card without SAM module carries out risk management, then carries out risk control when finding that the identity card is dangerous Management guarantees the safety of the equipment of access SAM device to reduce a possibility that SAM device is by rogue attacks.

As one of the present embodiment optional embodiment, risk control device 106, for according to above-mentioned identity card Manage access information, risk control management carried out to identity card according to preset strategy, include at least one of following manner or its Meaning combination: the identity card that management allows to access and the access digit that the card reader of ID card equipment without SAM module, management allow It sets range, the access trading limit that management allows, the access frequency of management permission, manage the turn-on time range allowed, management The continuous on-position distance allowed:

Mode one: the identity card that management allows to access and the card reader of ID card equipment without SAM module are specific to wrap Include: risk control device 106 judges whether identity card is illegal identity card according to the card management information of identity card, if It is that then the card reader of ID card to identity card or without SAM module carries out risk control management.

As one of the present embodiment optional embodiment, risk control device 106 can be believed substantially according to identity card Breath, if the card sequence number of identity card obtains the card management information of identity card, for example, whether the identity card is put into black name The single, identity card with the presence or absence of illegal access record, the identity card whether be more than the normal use time limit, the identity card whether It reports the loss, whether the identity card is frozen, whether format is illegal (i.e. illegal ID card information) for identity card card image； Risk control device 106 is by the card management information of these identity cards it may determine that going out whether the identity card is illegal identity Card, for example, then risk control device 106 thinks that the identity card is dangerous if there is illegal access record, then safety certification is not Pass through.In another example the card sequence number of the identity card is not the length of the dedicated sequence number of identity card or sequence number beyond public affairs The length of the card sequence number of identity card as defined in peace portion, then risk control device 106 thinks the card image lattice of the identity card Formula is illegal, is illegal identity card.

In the present embodiment, risk control management may include at least one following manner: risk control device 106 can be with Control does not indicate that SAM device executes the process for obtaining resident identification card data, risk control device 106 can control disconnection and should The connection of card reader of ID card without SAM module is issued to the card reader of ID card and SAM device for not having SAM module Data that the card reader of ID card for not having SAM module is sent are sent to SAM device, by the identity by caution signal, refusal Card and should card reader of ID card without SAM module pipe off, freeze the identity card etc., as long as can disconnect The communication of card reader of ID card and backstage without SAM module, so that this does not have the card reader of ID card of SAM module illegally The mode that SAM device cannot be attacked with illegal identity card, can be included within protection scope of the present invention.These risk controls The mode of tubulation reason is applied equally to two~mode of following manner six.

Mode two: manage the on-position range of permission, specifically include: risk control device 106 is worked as according to identity card Preceding on-position judges whether the on-position of identity card belongs to predeterminable area, if be not belonging to, to identity card and does not have There is the card reader of ID card of SAM module to carry out risk control management.

In the specific implementation, risk control device 106 judge whether the on-position of identity card belongs to predeterminable area can be with Refer to identity card is currently accessed whether position belongs to user specific region, user property region and user administrative region, use Family specific region be user oneself draw a circle to approve safety zone, user property region include user living area, user job region, User's travel destination and user vacation land, user administrative region include province's range, city's range and district range.

Mode three: manage the access trading limit of permission, specifically include: risk control device 106 is worked as according to identity card Preceding Transaction Information judges whether the transaction amount in currency transaction information exceeds consumption limitation, if it is, to identity card or not Card reader of ID card with SAM module carries out risk control management；

In the specific implementation, risk control device 106 can also carry out spending amount limitation for above-mentioned each region, i.e., Judge whether the transaction amount in the Transaction Information of identity card exceeds the consumption limitation for each region, for example, in Beijing Single transaction amount is no more than 5000 yuan.

Mode four: manage the turn-on time of permission, specifically include: risk control device 106 currently connects according to identity card What the angle of incidence judged identity card is currently accessed whether the time was within the scope of preset turn-on time, if it is, to identity card Or the card reader of ID card without SAM module carries out risk control management；

In the specific implementation, risk control device 106 can also be for the turn-on time that above-mentioned each region is allowed Limitation, i.e. identity card is currently accessed whether the time was within the scope of the turn-on time for each region, such as allows to connect The time entered is not allow to access except the time range from 8 points of morning at 5 points in afternoon.

Mode five: manage the access frequency of permission, specifically include: risk control device 106 judge within a preset period of time, Whether the history access number of identity card is more than preset times threshold value, if it is, to identity card or the body without SAM module Part card card reader carries out risk control management；

In this approach, risk control device 106 can inquire what identity card cut-off in preset time period was currently accessed Number is accessed, for example, end the access number in 1 month be currently accessed, if it exceeds preset times threshold value, such as 1 month Accessing number is more than 100 times, then illustrates that the identity card has the possibility of rogue attacks SAM device, then to the identity card or does not have The card reader of ID card of SAM module carries out risk control management.

Mode six: manage the continuous on-position distance of permission, specifically include: risk control device 106 judges default In period, whether the distance that identity card continuously accesses the on-position of SAM device is more than pre-determined distance, if it is, to body Part is demonstrate,proved or the card reader of ID card without SAM module carries out risk control management.

In this approach, risk control device 106 can inquire what identity card cut-off in preset time period was currently accessed The distance between the on-position of continuous access SAM device, for example, accessing the position point of SAM device twice in succession in 1 day Not in Beijing and Shanghai, this distance between on-position accessed twice has been over pre-determined distance, illustrates the identity card There is the possibility of rogue attacks SAM device, then the card reader of ID card to the identity card or without SAM module carries out risk control Management.

In addition, in order to further ensure SAM device is not attacked by illegal card reader of ID card, as in the present embodiment A kind of optional embodiment, risk control device 106 is also used to obtain the pipe of the card reader of ID card without SAM module Access information is managed, and according to the management access information for the card reader of ID card for not having SAM module, according to preset strategy to not having There is the card reader of ID card of SAM module to carry out risk control management.In the present embodiment, risk control device 106 is when discovery identity Card card reader it is dangerous when then carry out risk control management, attacked by illegal card reader of ID card with to reduce SAM device Possibility guarantees the safety of the card reader of ID card of access SAM device.

Wherein, as one of the present embodiment optional embodiment, the pipe of the card reader of ID card without SAM module Reason access information includes at least: the device management information of card reader of ID card, the history of card reader of ID card access number, identity Card card reader be currently accessed position, the history on-position of card reader of ID card, card reader of ID card be currently accessed the time, The Transaction Information of card reader of ID card.Risk control device 106 can get connecing for card reader of ID card in the following manner Enter management information: reception device 101 can receive the identity card that the card reader of ID card without SAM module is sent to backstage Card reader is currently accessed the time, is currently accessed position and one or more card reader of ID card in currency transaction information The access-in management information of access-in management information, above-mentioned card reader of ID card can be individually sent to reception device 101 by card reader, Also it may be embodied in card reader authentication information, the access-in management information of above-mentioned identity card is sent to risk by reception device 101 Control device 106.In addition, card reader authentication information may include: the identity of card reader of ID card as a kind of optional mode It identifies (such as sequence number, certificate number, public key information), risk control device 106 can pass through the identity mark of card reader of ID card Know management access information (such as identity card card reading that the pre-stored corresponding card reader of ID card is inquired from local data base The device management information of device, the history access number of card reader of ID card, the history on-position of card reader of ID card and history Turn-on time etc.).In the present embodiment, risk control device 106 can be according to the management access information of these identity cards to body Part card card reader carries out risk management, then carries out risk control management when finding that the card reader of ID card is dangerous, to reduce A possibility that SAM device is attacked by illegal card reader of ID card guarantees the safety of the card reader of ID card of access SAM device Property.

As one of the present embodiment optional embodiment, risk control device 106, for according to without SAM mould The management access information of the card reader of ID card of block carries out the card reader of ID card for not having SAM module according to preset strategy Risk control management includes at least one of following manner or any combination thereof: management allows the body without SAM module accessed The access frequency that part card reader device, the on-position range that management allows, the access trading limit for managing permission, management allow The continuous on-position distance of turn-on time range, management permission that rate, management allow:

Mode one: management allows the card reader of ID card equipment without SAM module accessed, specifically includes: risk control Device 106 processed judges whether the card reader of ID card without SAM module of access is the illegal identity without SAM module Card reader is demonstrate,proved, if it is, carrying out risk control management to the card reader of ID card for not having SAM module.

As one of the present embodiment optional embodiment, risk control device 106 can be according to without SAM module Card reader of ID card identity, such as do not have SAM module card reader of ID card sequence number obtain do not have SAM mould The device management information of the card reader of ID card of block, for example, should card reader of ID card without SAM module whether be put into it is black List, should the card reader of ID card without SAM module with the presence or absence of illegal access record, should the identity without SAM module Whether the date of production and production firm for demonstrate,proving card reader the information such as meet the requirements；Risk control device 106 does not have by these The device management information of the card reader of ID card of SAM module is it may determine that go out the card reader of ID card for not having SAM module It whether is the illegal card reader of ID card for not having SAM module, for example, then risk control fills if there is illegal access record It sets 106 and thinks that the card reader of ID card without SAM module is dangerous, then safety certification does not pass through.

In the present embodiment, risk control management may include at least one following manner: risk control device 106 can be with Control does not indicate that SAM device executes the process for obtaining resident identification card data, risk control device 106 can control disconnection and should The connection of card reader of ID card without SAM module is issued to the card reader of ID card and SAM device for not having SAM module The data that the card reader of ID card for not having SAM module is sent are sent to SAM device, do not have this by caution signal, refusal There is the card reader of ID card of SAM module to pipe off etc., as long as the card reader of ID card without SAM module can be disconnected It can be wrapped with the communication of risk control device 106 prevent the illegal identity demonstrate,proves card reader from attacking the mode of SAM device Containing within protection scope of the present invention.The mode of these risk control management is applied equally to two~mode of following manner Six.

Mode two: manage the on-position range of permission, specifically include: the judgement of risk control device 106 does not have SAM mould The card reader of ID card of block is currently accessed whether position belongs to predeterminable area, if be not belonging to, to not having SAM module Card reader of ID card carries out risk control management.

In the specific implementation, risk control device 106 judges the on-position of the card reader of ID card without SAM module Whether belong to that predeterminable area can refer to the card reader of ID card without SAM module is currently accessed whether position belongs to user Specific region, user property region and user administrative region, user specific region be user oneself draw a circle to approve safety zone, use Family attribute region includes user living area, user job region, user's travel destination and user vacation land, user it is administrative Region includes province's range, city's range and district range.

In the specific implementation, risk control device 106 can also carry out spending amount limitation for above-mentioned each region, i.e., Judge whether the transaction amount in the Transaction Information of the card reader of ID card without SAM module exceeds disappearing for each region Take limitation, for example, single transaction amount is no more than 5000 yuan in Beijing.

In the specific implementation, risk control device 106 can also be for the turn-on time that above-mentioned each region is allowed Limitation, i.e., card reader of ID card without SAM module is currently accessed whether the time is in access for each region In time range, such as the time accessed is allowed to be not allow to connect except the time range from 8 points of morning at 5 points in afternoon Enter.

In this approach, risk control device 106, which can be inquired, is somebody's turn to do the identity card without SAM module in preset time period Card reader ends the access number being currently accessed, for example, ending the access number in 1 month be currently accessed, if it exceeds in advance If frequency threshold value, such as 1 month access number are more than 100 times, then it is non-to illustrate that the card reader of ID card without SAM module has Method attacks the possibility of SAM device, then carries out risk control management to the card reader of ID card for not having SAM module.

In this approach, risk control device 106, which can be inquired, is somebody's turn to do the identity card without SAM module in preset time period The distance between the on-position for the continuous access SAM device that card reader cut-off is currently accessed, for example, in 1 day, twice in succession The position of SAM device is accessed respectively in Beijing and Shanghai, this distance between on-position accessed twice has been over pre- If distance, illustrates that this does not have the possibility that the card reader of ID card of SAM module has rogue attacks SAM device, then do not have to this The card reader of ID card of SAM module carries out risk control management.

The backstage provided through this embodiment, before SAM device executes the process for obtaining resident identification card data, to not having The card reader of ID card and identity card for having SAM module carry out safety certification, read and if only if to the identity card for not having SAM module After the safety certification of card device and identity card passes through, SAM device is just allowed to start to execute the process for obtaining resident identification card data, SAM device is avoided to reduce SAM by the attack of the illegal card reader of ID card without SAM module and illegal identity card The risk that root certificate information is trapped in device, further, backstage is also to the card reader of ID card and body for not having SAM module Part card carries out risk control management, avoids the illegally card reader of ID card without SAM module and illegal identity from demonstrate,proving and fills to SAM The attack set further ensures the safety of SAM device.

Embodiment 3

The system for present embodiments providing two kinds of access SAM devices based on the backstage provided in embodiment 2.Fig. 4 and Fig. 5 For the structural schematic diagram of the system of access SAM device.

As shown in figure 4, the present embodiment provides it is a kind of access SAM device system, the system include: in embodiment 2 after Platform 10 (as shown in Figure 3), the card reader of ID card 20 without SAM module, in which:

Card reader of ID card 20 without SAM module, for sending certification request to backstage.Wherein, about backstage 10 Related content, specific descriptions refer to embodiment 2.

In the present embodiment, backstage 10 can be also possible to encryption equipment for background server, the identity card without SAM module Card reader 20, for the relevant information of reading identity card, such as identity card essential information, (such as identity card card sequence, identity card are answered With data and identity card presupposed information etc.), resident identification card data (such as resident identification card number, name, photo, the age, address, Card service life, fingerprint etc.) etc., should have external communication interface, the communication without the card reader of ID card of SAM module Interface is wireline interface or wireless interface, and communication interface can carry out data communication with backstage 10；SAM module is that existing identity card is read One module of card device setting, SAM module can be used for just reading identity card after certification passes through with identity card mutual authentication Information ciphertext, and identity card cipher-text information is decrypted to obtain the plaintext of ID card information, due to the identity card in this programme Card reader is not provided with SAM module, when the card reader of ID card without SAM module needs reading identity card cleartext information, needs Certification request is sent after certification passes through to backstage resident identification card data are sent to SAM device by backstage and are grasped accordingly Make, such as ID card information ciphertext is decrypted, obtain identity card cleartext information and is back to the identity card card reading without SAM module Device 20.

In addition, the card reader of ID card 20 for not having SAM module is also used between background transfer identity card and SAM device Interaction data, and 10 establish exit passageway with backstage, the SAM device on backstage executes the stream for obtaining resident identification card data During journey, the data transmitted between identity card and SAM device are transmitted using exit passageway with backstage 10.It is possible thereby to improve The safety that data are transmitted between backstage and card reader of ID card, is further ensured that the safety for being sent to the data of SAM device.

As shown in figure 5, the system for present embodiments providing another access SAM device, which includes: in embodiment 2 30 (this reality of backstage 10 (as shown in Figure 2), the card reader of ID card 20 without SAM module and one or more SAM device Example is applied only for 3), in which:

Card reader of ID card 20 without SAM module, for sending certification request to backstage；Wherein, about backstage 10 Related content, specific descriptions refer to embodiment 2.Each SAM device 30, for starting to execute after the instruction on backstage 10 Obtain the process of resident identification card data.

The system of the access SAM device provided through this embodiment, SAM device execute the stream for obtaining resident identification card data Before journey, backstage just carries out safety certification to the card reader of ID card and identity card that do not have SAM module, and if only if to not having After the safety certification of the card reader of ID card and identity card that have SAM module passes through, just allows SAM device to start execution from the background and obtain Take the process of resident identification card data, if to do not have SAM module card reader of ID card and identity card safety certification not Pass through, then backstage does not allow SAM device to start to execute the process for obtaining resident identification card data, so that ensure that not to have illegally When thering is the card reader of ID card of SAM module or illegal identity card to want attack SAM device, it can identify that this does not have illegally from the background The card reader of ID card or illegal identity of SAM module are demonstrate,proved, and are stopped this rogue attacks, are reduced root certificate information in SAM device The risk being trapped provides guarantee for the secure accessing of SAM device.

Any process described otherwise above or method description are construed as in flow chart or herein, and expression includes It is one or more for realizing specific logical function or process the step of executable instruction code module, segment or portion Point, and the range of the preferred embodiment of the present invention includes other realization, wherein can not press shown or discussed suitable Sequence, including according to related function by it is basic simultaneously in the way of or in the opposite order, Lai Zhihang function, this should be of the invention Embodiment person of ordinary skill in the field understood.

It should be appreciated that each section of the invention can be realized with hardware, software, firmware or their combination.Above-mentioned In embodiment, software that multiple steps or method can be executed in memory and by suitable instruction execution system with storage Or firmware is realized.It, and in another embodiment, can be under well known in the art for example, if realized with hardware Any one of column technology or their combination are realized: having a logic gates for realizing logic function to data-signal Discrete logic, with suitable combinational logic gate circuit specific integrated circuit, programmable gate array (PGA), scene Programmable gate array (FPGA) etc..

Those skilled in the art are understood that realize all or part of step that above-described embodiment method carries Suddenly be that relevant hardware can be instructed to complete by program, program can store in a kind of computer readable storage medium In, which when being executed, includes the steps that one or a combination set of embodiment of the method.

It, can also be in addition, each functional unit in each embodiment of the present invention can integrate in a processing module It is that each unit physically exists alone, can also be integrated in two or more units in a module.Above-mentioned integrated mould Block both can take the form of hardware realization, can also be realized in the form of software function module.If integrated module with The form of software function module is realized and when sold or used as an independent product, also can store computer-readable at one It takes in storage medium.

Storage medium mentioned above can be read-only memory, disk or CD etc..

In the description of this specification, reference term " one embodiment ", " some embodiments ", " example ", " specifically show The description of example " or " some examples " etc. means specific features, structure, material or spy described in conjunction with this embodiment or example Point is included at least one embodiment or example of the invention.In the present specification, schematic expression of the above terms are not Centainly refer to identical embodiment or example.Moreover, particular features, structures, materials, or characteristics described can be any One or more embodiment or examples in can be combined in any suitable manner.

Although the embodiments of the present invention has been shown and described above, it is to be understood that above-described embodiment is example Property, it is not considered as limiting the invention, those skilled in the art are not departing from the principle of the present invention and objective In the case where can make changes, modifications, alterations, and variations to the above described embodiments within the scope of the invention.The scope of the present invention By appended claims and its equivalent limit.

Claims

1. a kind of guard method of SAM device characterized by comprising

Backstage receives the certification request that the card reader of ID card without SAM module is sent；It is at least wrapped in the certification request Include: card reader authentication information and the first ID card information, first ID card information include at least identity card essential information, The check value that parameter to be verified and identity card are calculated using check key based on the parameter to be verified, and the identity Demonstrate,proving essential information does not include resident identification card data, and the identity card essential information includes at least following one: identity card card Mark, identity card application data and identity card presupposed information；

The backstage is according to the card reader authentication information in the certification request to the identity card without SAM module Card reader carries out safety certification；

First ID card information is sent to the SAM device by the backstage；

The SAM device receives first ID card information；The identity card is inquired according to the identity card essential information Check key, the check value of SAM device side is calculated based on the parameter to be verified using the check key, judges institute Whether the check value for stating SAM device side is consistent with the check value in first ID card information, if unanimously, to after described It is true confirmation message that platform, which returns to the identity card,；

The backstage receives passing through according to first ID card information to the authentication ids for the SAM device return Confirmation message afterwards confirms that the identity card is true；

After passing through to the card reader of ID card safety certification without SAM module, and to the true of the identity card Property confirmation after, indicate that the SAM device executes the process for obtaining the resident identification card data.

2. the method as described in claim 1, it is characterised in that: first ID card information, further includes: authentication ids letter Breath.

3. method according to claim 1 or 2, it is characterised in that: the method also includes:

The backstage obtains the management access information of the identity card；The management access information of the identity card include it is following at least One of: the card management information of the identity card, the history of identity card access number, the identity card are currently accessed position Set, the history on-position of the identity card, the identity card the current transaction letter for being currently accessed time and the identity card Breath；

The backstage carries out identity card and the card reader according to preset strategy according to the management access information of the identity card Risk control management.

4. method according to claim 1 or 2, it is characterised in that: the method also includes:

The backstage obtains the management access information of the card reader；The management access information of the card reader include it is following at least One of: the device management information of the card reader, the history access number of the card reader, the card reader are currently accessed position Set, the history on-position of the card reader, the card reader the Transaction Information for being currently accessed time, the card reader；

According to the management access information of the card reader, risk control management is carried out to the card reader according to preset strategy.

5. method according to claim 1 or 2, it is characterised in that: read in the identity card to described without SAM module After card device safety certification passes through, and after the authenticity validation to the identity card, obtained in the instruction SAM device execution Before the process for taking resident identification card data, the method also includes: the backstage and the identity card without SAM module Card reader establishes exit passageway；

The method also includes: during the SAM device executes the process for obtaining resident identification card data, the backstage The identity card and the SAM device are transmitted using the exit passageway with the card reader of ID card without SAM module Between the data transmitted.

6. a kind of for protecting the backstage of SAM device characterized by comprising

Reception device, the certification request sent for receiving card reader of ID card without SAM module, in the certification request Include at least: card reader authentication information and the first ID card information, first ID card information include at least identity card base The check value that this information, parameter to be verified and identity card are calculated using check key based on the parameter to be verified, and The identity card essential information does not include resident identification card data, and the identity card essential information includes at least following one: body Part card piece mark, identity card application data and identity card presupposed information；

Authentication device, for according to the card reader authentication information in the certification request to described without SAM module Card reader of ID card carries out safety certification, and first ID card information is sent to the SAM device；It receives described Confirmation message after what SAM device returned pass through the authentication ids according to first ID card information, described in confirmation Identity card is true；Wherein, the SAM device receives first ID card information；It is inquired according to the identity card essential information To the check key of the identity card, SAM device side is calculated based on the parameter to be verified using the check key Check value judges whether the check value of the SAM device side is consistent with the check value in first ID card information, if one It causes, then returning to the identity card to the backstage is true confirmation message；

Access device, for passing through in the authentication device to the card reader of ID card safety certification without SAM module Afterwards, it and after the authenticity validation to the identity card, indicates that the SAM device executes and obtains the resident identification card data Process.

7. backstage as claimed in claim 6, it is characterised in that: the backstage further include:

The SAM device, for executing the stream for obtaining resident identification card data after the instruction for receiving the access device Journey.

8. backstage as claimed in claims 6 or 7, it is characterised in that:

First ID card information further include: authentication ids information.

9. backstage as claimed in claims 6 or 7, it is characterised in that: the backstage further include:

Risk control device, for obtaining the management access information of the identity card；It is accessed and is believed according to the management of the identity card Breath carries out risk control management to identity card and the card reader according to preset strategy, wherein the management of the card reader accesses Information includes at least one of: history the access number, the reading of the device management information of the card reader, the card reader Card device be currently accessed position, the history on-position of the card reader, the card reader are currently accessed time, the card reading The Transaction Information of device.

10. backstage as claimed in claim 9, it is characterised in that:

The risk control device is also used to obtain the management access information of the card reader, and according to the pipe of the card reader It manages access information and risk control management is carried out to the card reader according to preset strategy, wherein the management of the card reader accesses Information includes at least one of: history the access number, the reading of the device management information of the card reader, the card reader Card device be currently accessed position, the history on-position of the card reader, the card reader are currently accessed time, the card reading The Transaction Information of device.

11. backstage as claimed in claims 6 or 7, it is characterised in that: the backstage further include:

Transmitting device, for passing through in the authentication device to the card reader of ID card safety certification without SAM module Afterwards, it and after the authenticity validation to the identity card, indicates that the SAM device executes in the access device and obtains resident's body Before the process of part card data, exit passageway is established with the card reader；The transmitting device is also used in the SAM device During executing the process for obtaining resident identification card data, the identity is transmitted using the exit passageway with the card reader The data transmitted between card and the SAM device.

12. a kind of protection system of SAM device characterized by comprising backstage as claimed in claim 6 or such as right It is required that the backstage described in when only quoting claim 6 in 8~11 any one, card reader of ID card and SAM without SAM module Device, in which:

The card reader of ID card without SAM module, for sending the certification request to the backstage；

The SAM device, for executing the process for obtaining resident identification card data after the instruction for receiving the backstage.

13. a kind of system for accessing SAM device characterized by comprising backstage as claimed in claim 7 or such as right It is required that the backstage described in when only quoting claim 7 in any one of 8-11 and the card reader of ID card without SAM module, In:

The card reader of ID card without SAM module, for sending the certification request to the backstage.