CN106027469A - Identity card authentication information processing request processing method and identity card cloud authentication device - Google Patents
Identity card authentication information processing request processing method and identity card cloud authentication device Download PDFInfo
- Publication number
- CN106027469A CN106027469A CN201610041125.8A CN201610041125A CN106027469A CN 106027469 A CN106027469 A CN 106027469A CN 201610041125 A CN201610041125 A CN 201610041125A CN 106027469 A CN106027469 A CN 106027469A
- Authority
- CN
- China
- Prior art keywords
- serial number
- card reader
- control list
- frequency management
- identity card
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/101—Access control lists [ACL]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
Abstract
The invention provides an identity card authentication information processing request processing method and device. The method comprises the steps: receiving an identity card authentication information processing request, and obtaining a blacklist; obtaining an access frequency control list if an identity card sequential number and a card reader sequential number are not in the blacklist; judging whether the number of times that the identity card sequential number and/or the card reader sequential number appears in the access frequency control list in a preset time duration before the obtaining of the access frequency control list is greater than a preset value or not: adding the identity card sequential number and/or the card reader sequential number to the blacklist if the number of times that the identity card sequential number and/or the card reader sequential number appears in the access frequency control list are/is greater than the preset value, or obtaining an abnormal rule if the numbers of times that the identity card sequential number and the card reader sequential number appears in the access frequency control list are zero; judging whether the identity card sequential number and/or the card reader sequential number accord with the abnormal rule or not: adding the identity card sequential number and/or the card reader sequential number to the access frequency control list if the identity card sequential number and/or the card reader sequential number accord with the abnormal rule. Therefore, the method achieves the threefold dynamic verification of an identity card and a card reader, and improves the processing safety and reliability of the identity card authentication information processing request.
Description
Technical field
The present invention relates to a kind of electronic technology field, particularly relate to processing method and the body of a kind of authentication ids information process request
Part card cloud certification device.
Background technology
Along with China's rapid development of economy, people's lives have had the biggest improvement, no matter obtain employment, engage in trade, travel, enter a higher school
Deng, it is required for carrying out authentication, and processes money, property, application welfare, seek medical advice etc., need also exist for carrying out identity and recognize
Card.Current No.2 residence card uses the design of built-in intelligence chip, has the ability to realize identity based on the Internet completely and recognizes
Card, but released so far from 2004, its using value is mined the most far away, and in recent years, ticket sale system has started on a large scale should
With Internet authentication and the identification of identity-based card.
The Internet authentication technology of identity-based card due in actually used, exist identity card lose, the situation such as stolen, deposit
Harm and risk in the identity card non-malice that I authorizes use;The transmission of network data simultaneously also faces communication and monitors, counts
According to distorting and the risk of a series of typical network attacks such as data playback.Therefore, how to stop to eavesdrop on escape way, usurp
Changing or the attack of the mode such as playback, screen the assailant of malice in real time, protection authentication module (SAM) safety becomes needs head badly
Solve the technical problem that.
Summary of the invention
Present invention seek to address that the problems referred to above/one of.
Present invention is primarily targeted at the processing method that a kind of authentication ids information process request is provided, for reaching above-mentioned purpose,
Technical scheme specifically includes following steps:
S1: receiving authentication ids information process request, authentication ids information includes: identity card serial number encryption value and Card Reader
Device serial number, wherein, the serial number of card reader Serial No. ID card information reading terminals;S2: obtain decryption identity card sequence
Number identity card serial number that secret value obtains;S3: obtain blacklist;S4: judge that identity card serial number or card reader serial number are
No it is included in blacklist, if identity card serial number or card reader serial number are included in blacklist, then termination flow process, if
Identity card serial number and card reader serial number are all not included in blacklist, then perform step S5;S5: obtain visiting frequency management and control
List;S6: judge before distance gets the visiting frequency management and control list moment in the first prefixed time interval, visiting frequency pipe
Whether control list comprise the record that is stored in of identity card serial number, or before distance gets the visiting frequency management and control list moment the
In two prefixed time interval, whether comprise card reader serial number in visiting frequency management and control list is stored in record, if judging in distance
Get before the visiting frequency management and control list moment in the first prefixed time interval, visiting frequency management and control list comprises identity card sequence
Row number be stored in record, or before distance gets the visiting frequency management and control list moment in the second prefixed time interval, access frequency
Comprise card reader serial number in degree management and control list is stored in record, then termination flow process, if judging to get access frequency in distance
Before the degree management and control list moment in the first prefixed time interval, visiting frequency management and control list does not comprise being stored in of identity card serial number
Record, and before distance gets the visiting frequency management and control list moment in the second prefixed time interval, visiting frequency management and control list
In do not comprise card reader serial number be stored in record, then perform step S7;S7, obtains exception rules;S8: judge identity card sequence
Whether row number or card reader serial number meet exception rules, if identity card serial number or card reader serial number meet exception rules, then
Termination flow process;If identity card serial number and card reader serial number all do not meet exception rules, then perform step S9;S9: right
Authentication ids information process request processes.
Alternatively, in step S4, it is judged that whether identity card serial number or card reader serial number are included in blacklist, if identity card
Serial number or card reader serial number are included in blacklist, then termination flow process, including step S401 or step S402:
S401: judge whether identity card serial number is included in blacklist, if identity card serial number is included in blacklist, then termination
Reason flow process;If identity card serial number is not comprised in blacklist, then judge whether card reader serial number is included in blacklist,
If card reader serial number is included in blacklist, then termination flow process;S402: judge whether card reader serial number is included in black
In list, if card reader serial number is included in blacklist, then termination flow process;If card reader serial number is not comprised in black
In list, then judge whether identity card serial number is included in blacklist, if identity card serial number is included in blacklist, then eventually
Only handling process.
Alternatively, in step S6, it is judged that before distance gets the visiting frequency management and control list moment in the first prefixed time interval,
Whether visiting frequency management and control list comprises the record that is stored in of identity card serial number, or gets visiting frequency management and control list in distance
Before moment in the second prefixed time interval, whether comprise card reader serial number in visiting frequency management and control list is stored in record, if
Judge before distance gets the visiting frequency management and control list moment in the first prefixed time interval, visiting frequency management and control list wraps
The record that is stored in containing identity card serial number, or the second prefixed time interval before distance gets the visiting frequency management and control list moment
In, comprise card reader serial number in visiting frequency management and control list is stored in record, then termination flow process, including step S601
Or step S602, S601: judge before distance gets the visiting frequency management and control list moment in the first prefixed time interval,
Whether comprise identity card serial number in visiting frequency management and control list is stored in record, if getting visiting frequency management and control list in distance
Before moment in the first prefixed time interval, comprise identity card serial number in visiting frequency management and control list is stored in record, then terminate
Handling process;If before distance gets the visiting frequency management and control list moment in the first prefixed time interval, visiting frequency management and control
Do not comprise identity card serial number in list is stored in record, then judged before distance gets the visiting frequency management and control list moment
In two prefixed time interval, whether comprise card reader serial number in visiting frequency management and control list is stored in record, if obtaining in distance
Before the visiting frequency management and control list moment in the second prefixed time interval, visiting frequency management and control list comprises card reader serial number
Be stored in record, then termination flow process;S602: judged that before distance gets the visiting frequency management and control list moment second is pre-
If in time interval, whether comprise card reader serial number in visiting frequency management and control list is stored in record, if obtaining visiting in distance
Ask before the frequency management and control list moment in the second prefixed time interval, visiting frequency management and control list comprises depositing of card reader serial number
Enter record, then termination flow process;If before distance gets the visiting frequency management and control list moment in the second prefixed time interval,
Do not comprise card reader serial number in visiting frequency management and control list is stored in record, then judge to get visiting frequency management and control name in distance
Before single moment in the first prefixed time interval, whether comprise identity card serial number in visiting frequency management and control list is stored in record,
If before distance gets the visiting frequency management and control list moment in the first prefixed time interval, visiting frequency management and control list comprising
Identity card serial number be stored in record, then termination flow process.
Alternatively, in step S8, it is judged that whether identity card serial number or card reader serial number meet exception rules, if identity card sequence
Row number or card reader serial number meet exception rules, then termination flow process, including step S801 or step S802;S801:
Judge whether identity card serial number meets exception rules, if identity card serial number meets exception rules, then termination flow process;If
Identity card serial number does not meets exception rules, then judge whether card reader serial number meets exception rules, if card reader serial number symbol
Close exception rules, then termination flow process;S802: judge whether card reader serial number meets exception rules, if card reader sequence
Number meet exception rules, then termination flow process;If card reader serial number does not meets exception rules, then judge identity card serial number
Whether meet exception rules, if identity card serial number meets exception rules, then termination flow process.
Alternatively, in step S601 and/or step S602, if step is before distance gets the visiting frequency management and control list moment
In first prefixed time interval, comprise identity card serial number in visiting frequency management and control list is stored in record, then termination flow process,
Including step: if before distance gets the visiting frequency management and control list moment in the first prefixed time interval, visiting frequency management and control
Comprise identity card serial number in list is stored in record, then obtained before distance gets the visiting frequency management and control list moment the 3rd
In prefixed time interval, in visiting frequency management and control list identity card serial number be stored in record occurrence number, if identity card serial number
Be stored in record occurrence number less than the first preset value, then return the first information termination flow process;If identity card sequence
Number be stored in record occurrence number more than or equal to the first preset value, then identity card serial number is stored in blacklist, returns mistake letter
Breath termination flow process;If step is before distance gets the visiting frequency management and control list moment in the second prefixed time interval,
Comprise card reader serial number in visiting frequency management and control list is stored in record, then termination flow process, including step: if in distance
Get before the visiting frequency management and control list moment in the second prefixed time interval, visiting frequency management and control list comprises card reader sequence
Row number be stored in record, then obtain before distance gets the visiting frequency management and control list moment in the 4th prefixed time interval, visit
That asks card reader serial number in frequency management and control list is stored in record occurrence number, if card reader serial number be stored in record occurrence number
Less than the second preset value, then return the second information termination flow process;If being stored in of card reader serial number records out occurrence
Card reader serial number more than or equal to the second preset value, is then stored in blacklist by number, returns error message termination flow process.6、
Method according to claim 4 or 5, it is characterised in that in step S801 and/or step S802, if step identity card sequence
Row number meet exception rules, then termination flow process, including step: if identity card serial number meets exception rules, then by identity
Card serial number is stored in visiting frequency management and control list, returns the first information termination flow process;If step card reader serial number
Meet exception rules, then termination flow process, including step: if card reader serial number meets exception rules, then by card reader sequence
Row number are stored in visiting frequency management and control list, return the second information termination flow process.
Alternatively, in step S601, if in step first Preset Time before distance gets the visiting frequency management and control list moment
Interval in, visiting frequency management and control list comprises identity card serial number be stored in record after, further comprise the steps of: and judge in distance
Get before the visiting frequency management and control list moment in the second prefixed time interval, whether visiting frequency management and control list comprises Card Reader
Device serial number be stored in record, if before distance gets the visiting frequency management and control list moment in the second prefixed time interval, visit
Ask that comprise card reader serial number in frequency management and control list is stored in record, then obtain when distance gets visiting frequency management and control list
Before quarter in the 4th prefixed time interval, in visiting frequency management and control list, card reader serial number is stored in record occurrence number, if reading
The record occurrence number that is stored in of card device serial number is more than or equal to the second preset value, then card reader serial number is stored in blacklist;Step
In rapid 602, if in the second prefixed time interval, accessing frequency in step before distance gets the visiting frequency management and control list moment
Degree management and control list in comprise card reader serial number be stored in record after, further comprise the steps of: and judge to get visiting frequency in distance
Before the management and control list moment in the first prefixed time interval, whether visiting frequency management and control list comprises being stored in of identity card serial number
Record, if before distance gets the visiting frequency management and control list moment in the first prefixed time interval, visiting frequency management and control list
In comprise identity card serial number be stored in record, then obtained before distance gets the visiting frequency management and control list moment the 3rd and preset
In time interval, in visiting frequency management and control list identity card serial number be stored in record occurrence number, if the depositing of identity card serial number
Enter to record occurrence number and be more than or equal to the first preset value, then identity card serial number is stored in blacklist.
Alternatively, in step S801, if after step identity card serial number meets exception rules, further comprise the steps of: judgement and read
Whether card device serial number meets exception rules, if card reader serial number meets exception rules, then by card reader serial number write-access
Frequency management and control list;In step S802, if after step card reader serial number meets exception rules, further comprising the steps of: judgement
Whether identity card serial number meets exception rules, if identity card serial number meets exception rules, then the write of identity card serial number is visited
Ask frequency management and control list.
Alternatively, authentication ids information also includes: timestamp secret value and card reader counting secret value;Step S2 also includes,
Obtain decryption time stamp secret value and card reader counting secret value obtain timestamp and card reader count value, wherein, timestamp by
The generation moment of the card reader identity-based identification card information process request generating authentication ids information process request generates;Card Reader
Device count value is processed request number of times by card reader based on the history that card reader is initiated and generates;Judge whether identity card serial number meets different
Routine then, including: based on timestamp and the moment receiving authentication ids information process request, generate very first time interval,
Judge whether very first time interval is more than the 5th prefixed time interval and less than the 6th prefixed time interval, if very first time interval is big
In the 5th prefixed time interval and less than the 6th prefixed time interval, then judge that identity card serial number is legal, otherwise, it is judged that identity
Card serial number meets exception rules;Or, based on timestamp and card reader count value, it is judged that distance gets visiting frequency management and control name
Before single moment in the 7th prefixed time interval, the authentication ids information processing comprising identity card serial number encryption value received
Whether the request number of times of request is less than the 3rd preset value, if the authentication ids the comprising identity card serial number encryption value letter received
Breath processes the request number of times of request and is less than the 3rd preset value, then judge that identity card serial number is legal, otherwise, it is judged that identity card sequence
Number meet exception rules;Judge whether card reader serial number meets exception rules, including: based on timestamp and receive identity card
Authentication information processes the moment of request, generates very first time interval, it is judged that whether very first time interval is more than between the 8th Preset Time
Every and less than the 9th prefixed time interval, if very first time interval is more than the 8th prefixed time interval and less than between the 9th Preset Time
Every, then judge that card reader serial number is legal, otherwise, it is judged that card reader serial number meets exception rules;Or, based on timestamp and
Card reader count value, it is judged that before distance gets the visiting frequency management and control list moment in the tenth prefixed time interval, receive
The request number of times of the authentication ids information process request comprising card reader serial number whether less than the 4th preset value, if receiving
The request number of times of the authentication ids information process request comprising card reader serial number less than the 4th preset value, then judge card reader
Serial number is legal, otherwise, it is judged that card reader serial number meets exception rules;Or, based on card reader count value, it is judged that connect continuously
In the authentication ids information process request received, whether the card reader count value with card reader sequence numbers match meets preset rules,
If card reader count value meets preset rules, then judge that card reader serial number is legal, otherwise, it is judged that card reader serial number meets different
Routine is then.
Another object of the present invention is to provide a kind of identity card cloud certification device, for reaching above-mentioned purpose, the technical side of the present invention
Case is specifically achieved in that and includes:
First communication module, is used for receiving authentication ids information process request, and authentication ids information includes: identity card sequence
Number secret value and card reader serial number, wherein, the serial number of card reader Serial No. ID card information reading terminals;Second communication
Module, for obtaining the identity card serial number that decryption identity card serial number encryption is worth to;Third communication module, is used for obtaining black
List;First judge module, is used for judging whether identity card serial number or card reader serial number are included in blacklist, if identity
Card serial number or card reader serial number are included in blacklist, then termination flow process;Fourth communication module, at identity card
When serial number and card reader serial number are all not included in blacklist, obtain visiting frequency management and control list;Second judge module, uses
In judging before distance gets the visiting frequency management and control list moment in the first prefixed time interval, visiting frequency management and control list
In whether comprise the record that is stored in of identity card serial number, or second preset before distance gets the visiting frequency management and control list moment
In time interval, whether comprise card reader serial number in visiting frequency management and control list is stored in record;If judging to get in distance
Before the visiting frequency management and control list moment in the first prefixed time interval, visiting frequency management and control list comprises identity card serial number
It is stored in record, or before distance gets the visiting frequency management and control list moment in the second prefixed time interval, visiting frequency management and control
Comprise card reader serial number in list is stored in record, then termination flow process;Fifth communication module, for judging in distance
Get before the visiting frequency management and control list moment in the first prefixed time interval, visiting frequency management and control list does not comprise identity card
Serial number be stored in record, and before distance gets the visiting frequency management and control list moment in the second prefixed time interval, access
Frequency management and control list does not comprise when being stored in record of card reader serial number, obtains exception rules;3rd judge module, is used for sentencing
Whether disconnected identity card serial number or card reader serial number meet exception rules, if identity card serial number or card reader serial number meet different
Routine then, then termination flow process;Processing module, for all not meeting abnormal rule at identity card serial number and card reader serial number
Time then, authentication ids information process request is processed.
Alternatively, the first judge module, in being additionally operable to judge identity card serial number whether bag blacklist, if identity card serial number comprises
In blacklist, then termination flow process;If identity card serial number is not comprised in blacklist, then judge card reader serial number
Whether it is included in blacklist, if card reader serial number is included in blacklist, then termination flow process;First judge module,
It is additionally operable to judge whether card reader serial number is included in blacklist, if card reader serial number is included in blacklist, then termination
Reason flow process;If card reader serial number is not comprised in blacklist, then judge whether identity card serial number is included in blacklist,
If identity card serial number is included in blacklist, then termination flow process.
Alternatively, the second judge module, it is additionally operable to judge that before distance gets the visiting frequency management and control list moment first presets
In time interval, whether comprise identity card serial number in visiting frequency management and control list is stored in record, if getting access in distance
Before the frequency management and control list moment in the first prefixed time interval, visiting frequency management and control list comprises being stored in of identity card serial number
Record, then termination flow process;If before distance gets the visiting frequency management and control list moment in the first prefixed time interval,
Do not comprise identity card serial number in visiting frequency management and control list is stored in record, then judge to get visiting frequency management and control name in distance
Before single moment in the second prefixed time interval, whether comprise card reader serial number in visiting frequency management and control list is stored in record,
If before distance gets the visiting frequency management and control list moment in the second prefixed time interval, visiting frequency management and control list comprising
Card reader serial number be stored in record, then termination flow process;Second judge module, is additionally operable to judge to get access in distance
Before the frequency management and control list moment in the second prefixed time interval, whether visiting frequency management and control list comprises card reader serial number
It is stored in record, if before distance gets the visiting frequency management and control list moment in the second prefixed time interval, visiting frequency management and control
Comprise card reader serial number in list is stored in record, then termination flow process;If getting visiting frequency management and control list in distance
Before moment in the second prefixed time interval, do not comprise card reader serial number in visiting frequency management and control list is stored in record, then sentence
Break before distance gets the visiting frequency management and control list moment in the first prefixed time interval, in visiting frequency management and control list whether
Comprise identity card serial number is stored in record, if before distance gets the visiting frequency management and control list moment between the first Preset Time
Every interior, comprise identity card serial number in visiting frequency management and control list is stored in record, then termination flow process.
Alternatively, the 3rd judge module, it is additionally operable to judge whether identity card serial number meets exception rules, if identity card serial number
Meet exception rules, then termination flow process;If identity card serial number does not meets exception rules, then judge that card reader serial number is
No meet exception rules, if card reader serial number meets exception rules, then termination flow process;3rd judge module, is additionally operable to
Judge whether card reader serial number meets exception rules, if card reader serial number meets exception rules, then termination flow process;If
Card reader serial number does not meets exception rules, then judge whether identity card serial number meets exception rules, if identity card serial number symbol
Close exception rules, then termination flow process.
Alternatively, the second judge module, it is additionally operable to the first Preset Time before distance gets the visiting frequency management and control list moment
In interval, if visiting frequency management and control list comprises when being stored in record of identity card serial number, obtain and get access frequency in distance
Before the degree management and control list moment in the 3rd prefixed time interval, in visiting frequency management and control list, being stored in of identity card serial number records out
Occurrence number, if the record occurrence number that is stored in of identity card serial number is less than the first preset value, then returns the first information and terminates
Handling process;If the record occurrence number that is stored in of identity card serial number is more than or equal to the first preset value, then by identity card serial number
It is stored in blacklist, returns error message termination flow process;Second judge module, is additionally operable to get visiting frequency in distance
Before the management and control list moment in the second prefixed time interval, comprise card reader serial number in visiting frequency management and control list is stored in record
Time, obtain before distance gets the visiting frequency management and control list moment in the 4th prefixed time interval, visiting frequency management and control list
Middle card reader serial number be stored in record occurrence number, if card reader serial number be stored in record occurrence number less than the second preset value,
Then return the second information termination flow process;If the record occurrence number that is stored in of card reader serial number is more than or equal to second
Preset value, then be stored in blacklist by card reader serial number, returns error message termination flow process.
Alternatively, the 3rd judge module, it is additionally operable to when identity card serial number meets exception rules, then be deposited by identity card serial number
Enter visiting frequency management and control list, return the first information termination flow process;When card reader serial number meets exception rules,
Then card reader serial number is stored in visiting frequency management and control list, returns the second information termination flow process.
Alternatively, authentication ids information process request also includes: timestamp secret value and card reader counting secret value;First leads to
Letter module, is additionally operable to obtain decryption time stamp secret value and the timestamp of card reader counting secret value acquisition and card reader count value,
Wherein, timestamp is demonstrate,proved the generation of information process request by the card reader identity-based identification generating authentication ids information process request
Moment generates;Card reader count value is processed request number of times by card reader based on the history that card reader is initiated and generates;3rd judge module,
It is additionally operable to based on timestamp and the moment receiving authentication ids information process request, generates very first time interval, it is judged that first
Whether time interval is more than the 5th prefixed time interval and less than the 6th prefixed time interval, if very first time interval is pre-more than the 5th
If time interval and less than the 6th prefixed time interval, then judge that identity card serial number is legal, otherwise, it is judged that identity card serial number
Meet exception rules;3rd judge module, is additionally operable to based on timestamp and card reader count value, it is judged that distance gets access frequency
Before the degree management and control list moment in the 7th prefixed time interval, the authentication ids comprising identity card serial number encryption value received
Whether the request number of times of information process request is less than the 3rd preset value, if the identity comprising identity card serial number encryption value received
The request number of times of identification card information process request less than the 3rd preset value, then judges that identity card serial number is legal, otherwise, it is judged that body
Part card serial number meets exception rules;3rd judge module, is additionally operable to based on timestamp and receives authentication ids information processing
In the moment of request, generate very first time interval, it is judged that whether very first time interval is more than the 8th prefixed time interval and less than the 9th
Prefixed time interval, if very first time interval is more than the 8th prefixed time interval and less than the 9th prefixed time interval, then judges to read
Card device serial number is legal, otherwise, it is judged that card reader serial number meets exception rules;3rd judge module, was additionally operable to based on the time
Stamp and card reader count value, it is judged that before distance gets the visiting frequency management and control list moment in the tenth prefixed time interval, connect
Whether the request number of times of the authentication ids information process request comprising card reader serial number received is less than the 4th preset value, if connecing
The request number of times of the authentication ids information process request comprising card reader serial number received is less than the 4th preset value, then judge to read
Card device serial number is legal, otherwise, it is judged that card reader serial number meets exception rules;3rd judge module, is additionally operable to based on Card Reader
Device count value, it is judged that in the authentication ids information process request continuously received, the card reader with card reader sequence numbers match counts
Whether value meets preset rules, if card reader count value meets preset rules, then judges that card reader serial number is legal, otherwise, sentences
Disconnected card reader serial number meets exception rules.
Alternatively, also comprise authentication module, wherein, first communication module, be additionally operable at the authentication ids information that will receive
Reason request sends to authentication module;Authentication module, adds for the identity card serial number extracted in authentication ids information process request
Close value, timestamp secret value and/or card reader counting secret value, to identity card serial number encryption value, timestamp secret value and/or reading
Card device counting secret value is decrypted operation, it is thus achieved that identity card serial number, timestamp and/or card reader count value, and by identity card
Serial number, timestamp and/or card reader count value send to first communication module.
Alternatively, also comprise memory module, wherein, memory module, be used for storing blacklist and frequency management and control list;Threeway
Letter module, is additionally operable to when acquisition request blacklist, generates blacklist and obtains request, and sends to memory module;Fourth communication
Module, is additionally operable to when acquisition request frequency management and control list, generates frequency management and control list and obtains request, and sends to memory module;
Memory module, is additionally operable to, when receiving blacklist and obtaining request, send blacklist to third communication module;Memory module,
It is additionally operable to, when receiving frequency management and control list and obtaining request, send frequency management and control list to fourth communication module;The third communication
Module, is additionally operable to after blacklist is carried out write operation, generate update after blacklist, and will update after blacklist send
To memory module;Fourth communication module, is additionally operable to after frequency management and control list is carried out write operation, generates the frequency after updating
Management and control list, and will update after frequency management and control list send to memory module;Memory module, is additionally operable to receive and store renewal
After blacklist or frequency management and control list.
The method or apparatus provided by the present invention, it is possible to realize the identity card generated based on abnormal identity card or abnormal card reader
Authentication information processes request and carries out effective abnormality processing, uses identity card serial number and/or card reader serial number to enter as key value
Line pipe control, it is to avoid because of other factors, the legitimate request caused such as the change of IP address or the change of type of card cannot obtain execution,
Pass through blacklist, it is possible to stop illegal identity card or the process request of illegal card reader initiation in the very first time, by the present invention's
Abnormality eliminating method is capable of the dynamic renewal of blacklist, enhances dynamic and the real-time of abnormality processing;By frequency pipe
Control list is capable of the abnormality processing occurring abnormal identity card or card reader the most in a short time, it is achieved to Short Term Anomalous body
Part card or the freezing in short-term of card reader, it is to avoid the security risk causing the process of illegal request, by the abnormality processing of the present invention
Method is capable of the dynamic renewal of frequency management and control list, enhances dynamic and the real-time of abnormality processing;Pass through exception rules
It is capable of the exception to current identity card or card reader to judge, even if this processes the identity card in request or card reader does not comprises
In blacklist or in the range of the management and control of frequency management and control list, can recognize that abnormal identity card or card reader equally, thus realize
To identity card and triple dynamic authentication of card reader, improve the safety that authentication ids information process request is processed with reliable
Property.
Accompanying drawing explanation
In order to be illustrated more clearly that the technical scheme of the embodiment of the present invention, the required accompanying drawing used in embodiment being described below
It is briefly described, it should be apparent that, the accompanying drawing in describing below is only some embodiments of the present invention, for this area
From the point of view of those of ordinary skill, on the premise of not paying creative work, it is also possible to obtain other accompanying drawings according to these accompanying drawings.
The process flow figure of the authentication ids information process request that Fig. 1 provides for the embodiment of the present invention 1;
The structural representation of the identity card cloud certification device that Fig. 2 provides for the embodiment of the present invention 2.
Detailed description of the invention
Below in conjunction with the accompanying drawing in the embodiment of the present invention, the technical scheme in the embodiment of the present invention is clearly and completely described,
Obviously, described embodiment is only a part of embodiment of the present invention rather than whole embodiments.Reality based on the present invention
Execute example, the every other embodiment that those of ordinary skill in the art are obtained under not making creative work premise, broadly fall into
Protection scope of the present invention.
In describing the invention, it is to be understood that term " " center ", " longitudinally ", " laterally ", " on ", D score, " front ",
Orientation or the position relationship of the instruction such as " afterwards ", "left", "right", " vertically ", " level ", " top ", " end ", " interior ", " outward " are base
In orientation shown in the drawings or position relationship, it is for only for ease of the description present invention and simplifies description rather than instruction or hint institute
The device that refers to or element must have specific orientation, with specific azimuth configuration and operation, therefore it is not intended that to the present invention
Restriction.Additionally, term " first ", " second " are only used for describing purpose, and it is not intended that instruction or hint relative importance
Or quantity or position.
In describing the invention, it should be noted that unless otherwise clearly defined and limited, term " install ", " being connected ",
" connect " and should be interpreted broadly, connect for example, it may be fixing, it is also possible to be to removably connect, or be integrally connected;Permissible
It is to be mechanically connected, it is also possible to be electrical connection;Can be to be joined directly together, it is also possible to be indirectly connected to by intermediary, can be two
The connection of individual element internal.For the ordinary skill in the art, can understand that above-mentioned term is in the present invention with concrete condition
In concrete meaning.
Below in conjunction with accompanying drawing, the embodiment of the present invention is described in further detail.
Embodiment 1
The present embodiment provides a kind of authentication ids information process request processing method, as it is shown in figure 1, comprise the following steps:
S1: receiving authentication ids information process request, authentication ids information process request includes: identity card serial number encryption
Value and card reader serial number;
Identity card processes the process request that request is initiated for card reader of ID card, it is judged that identity card processes request and asks for legal processes
After, according to preset rules, process the security authentication module that request distribution is idle, allocated security authentication module for this identity card
The originating end processing request with this identity card carries out data interaction, and wherein, identity card serial number encryption value is card reader of ID card pair
The identity card serial number encryption obtained from identity card obtains, the serial number of card reader Serial No. card reader of ID card self.
S2: obtain the identity card serial number that decryption identity card serial number encryption is worth to;
The identity card serial number encryption value received is decrypted computing, if card reader of ID card uses symmetric encipherment algorithm encryption
Identity card serial number, then use corresponding symmetrical decipherment algorithm to be decrypted computing to the identity card serial number encryption value received;
If card reader of ID card uses own private key encryption identity card serial number, then the identity card serial number encryption value received is used body
The PKI of part card card reader is decrypted computing;The main body that identity card serial number encryption value is decrypted computing can be itself,
Can also be external equipment or external chip.
S3: obtain blacklist, performs step S401 or step S402;
Blacklist can be obtained from self stores, it is also possible to obtain blacklist from outside, blacklist includes illegal identity card
Serial number and illegal card reader serial number;If the authentication ids information process request received comprises illegal identity card sequence
Number or illegal card reader serial number, then this authentication ids information process request is in illegal state, it is impossible to by server just
Often accept.
S401: judge whether identity card serial number is included in blacklist, if identity card serial number is included in blacklist, then eventually
Only handling process;
Blacklist has illegal identity card serial number, the serial number of the identity card being such as reported the loss, the body of appearance exception continuously
The serial number of part card or the serial number etc. of identity cards occurred in multiple areas in the short time, its place asked is comprehended bring bigger
Risk, if judging, identity card serial number is included in blacklist, illustrates that this identity card Serial No. illegal identity demonstrate,proves serial number, clothes
Business device is disregarded, termination flow process.Alternatively, server can return information to point out user, and this identity card is
It is added into blacklist, it is simple to user carries out subsequent operation and Resolving probiems;
Alternatively, if identity card serial number is included in blacklist, then further comprises the steps of: acquisition visiting frequency management and control list, sentence
Break before distance gets the visiting frequency management and control list moment in the second prefixed time interval, in visiting frequency management and control list whether
Comprise card reader serial number is stored in record, if before distance gets the visiting frequency management and control list moment between the second Preset Time
Every interior, comprise card reader serial number in visiting frequency management and control list is stored in record, then obtain and get visiting frequency pipe in distance
Before the control list moment in the 4th prefixed time interval, in visiting frequency management and control list, being stored in of card reader serial number records out occurrence
Number, if the record occurrence number that is stored in of card reader serial number is more than or equal to the second preset value, is then stored in black by card reader serial number
List;If judging before distance gets the visiting frequency management and control list moment in the second prefixed time interval, visiting frequency management and control
Do not comprise card reader serial number in list is stored in record, then obtain exception rules, it is judged that whether card reader serial number meets exception
Rule, if card reader serial number meets exception rules, then by card reader serial number write-access frequency management and control list;
If identity card serial number is not comprised in blacklist, then judge whether card reader serial number is included in blacklist, if reading
Card device serial number is included in blacklist, then termination flow process;
If identity card serial number is not comprised in blacklist, then determine whether the legitimacy of card reader serial number, to determine body
Part card serial number and card reader serial number are the most legal, have illegal card reader serial number, such as, be reported the loss in blacklist
The serial number of card reader, the serial number of abnormal card reader occurs continuously, exceed the serial number or in short-term of the card reader of service life
At the serial number etc. of the card reader that multiple areas occur, its place asked is comprehended and brings greater risk, if judging card reader sequence
Number being included in blacklist, illustrate that this card reader Serial No. illegal identity demonstrate,proves serial number, server is disregarded, termination
Flow process.Alternatively, server can return information to point out user, and this card reader has been added into blacklist, it is simple to user
Carry out subsequent operation and Resolving probiems;
Alternatively, after step judges that identity card serial number is not comprised in blacklist, further comprise the steps of: acquisition and access frequency
Degree management and control list, it is judged that before distance gets the visiting frequency management and control list moment in the first prefixed time interval, visiting frequency
Whether comprise identity card serial number in management and control list is stored in record, if before distance gets the visiting frequency management and control list moment
In first prefixed time interval, comprise identity card serial number in visiting frequency management and control list is stored in record, then obtain and obtain in distance
Get before the visiting frequency management and control list moment in the 3rd prefixed time interval, identity card serial number in visiting frequency management and control list
It is stored in record occurrence number, if the record occurrence number that is stored in of identity card serial number is more than or equal to the first preset value, then by identity
Card serial number is stored in blacklist;If judging before distance gets the visiting frequency management and control list moment in the first prefixed time interval,
Do not comprise identity card serial number in visiting frequency management and control list is stored in record, then obtain exception rules, it is judged that identity card serial number
Whether meet exception rules, if identity card serial number meets exception rules, then by identity card serial number write-access frequency management and control name
Single;
S402: judge whether card reader serial number is included in blacklist, if card reader serial number is included in blacklist, then eventually
Only handling process;
Blacklist has illegal card reader serial number, the serial number of the card reader being such as reported the loss, the reading of appearance exception continuously
The serial number of card device, the serial number exceeding the card reader of service life or the serial number etc. of card reader occurred in multiple areas in short-term,
Comprehending its place asked and bring greater risk, if judging, card reader serial number is included in blacklist, and this card reader sequence is described
Number demonstrate,proving serial number for illegal identity, server disregards, termination flow process.Alternatively, server can return prompting letter
Breath is to point out user, and this card reader has been added into blacklist, it is simple to user carries out subsequent operation and Resolving probiems;
Alternatively, if card reader serial number is included in blacklist, then further comprises the steps of: acquisition visiting frequency management and control list, sentence
Break before distance gets the visiting frequency management and control list moment in the first prefixed time interval, in visiting frequency management and control list whether
Comprise identity card serial number is stored in record, if before distance gets the visiting frequency management and control list moment between the first Preset Time
Every interior, comprise identity card serial number in visiting frequency management and control list is stored in record, then obtain and get visiting frequency pipe in distance
Before the control list moment in the 3rd prefixed time interval, in visiting frequency management and control list, being stored in of identity card serial number records out occurrence
Number, if the record occurrence number that is stored in of identity card serial number is more than or equal to the first preset value, is then stored in black by identity card serial number
List;If judging before distance gets the visiting frequency management and control list moment in the first prefixed time interval, visiting frequency management and control
Do not comprise identity card serial number in list is stored in record, then obtain exception rules, it is judged that whether identity card serial number meets exception
Rule, if identity card serial number meets exception rules, then by identity card serial number write-access frequency management and control list;
If card reader serial number is not comprised in blacklist, then judge whether identity card serial number is included in blacklist, if body
Part card serial number is included in blacklist, then termination flow process;
If card reader serial number is not comprised in blacklist, then determine whether the legitimacy of identity card serial number, to determine body
Part card serial number and card reader serial number are the most legal, have illegal identity card serial number, such as, be reported the loss in blacklist
The sequence of the serial number of identity card, the serial number that abnormal identity card occurs continuously or the short time interior identity cards occurred in multiple areas
Row number etc., comprehend its place asked and bring greater risk, if judging, identity card serial number is included in blacklist, and this body is described
Part card Serial No. illegal identity demonstrate,proves serial number, and server is disregarded, termination flow process.Alternatively, server can return
Return information to point out user, this identity card has been added into blacklist, it is simple to user carries out subsequent operation and Resolving probiems;
Alternatively, after step judges that card reader serial number is not comprised in blacklist, further comprise the steps of: acquisition and access frequency
Degree management and control list, it is judged that before distance gets the visiting frequency management and control list moment in the second prefixed time interval, visiting frequency
Whether comprise card reader serial number in management and control list is stored in record, if before distance gets the visiting frequency management and control list moment
In second prefixed time interval, comprise card reader serial number in visiting frequency management and control list is stored in record, then obtain and obtain in distance
Get before the visiting frequency management and control list moment in the 4th prefixed time interval, card reader serial number in visiting frequency management and control list
It is stored in record occurrence number, if the record occurrence number that is stored in of card reader serial number is more than or equal to the second preset value, then by Card Reader
Device serial number is stored in blacklist;If judging before distance gets the visiting frequency management and control list moment in the second prefixed time interval,
Do not comprise card reader serial number in visiting frequency management and control list is stored in record, then obtain exception rules, it is judged that card reader serial number
Whether meet exception rules, if card reader serial number meets exception rules, then by card reader serial number write-access frequency management and control name
Single;
If judging, identity card serial number and card reader serial number are all not included in blacklist, then perform step S5;
If judging, identity card serial number and card reader serial number are all not included in blacklist, and identity card serial number and card reader are described
Serial number is all legal, say, that this authentication ids information process request is in legal state, need to determine whether this
Whether authentication ids information process request is in by management and control state;
S5: obtain visiting frequency management and control list, and perform step S601 or step S602;
Visiting frequency management and control list can be obtained, it is also possible to obtain visiting frequency management and control list from outside, access from self stores
Frequency management and control list includes the identity card serial number by management and control and the card reader serial number by management and control;If the identity card received
Authentication information processes in request and comprises the identity card serial number by management and control or the card reader serial number by management and control, then this identity identification
Card information process request is in by management and control state, could thaw after needing frozen certain time length, currently cannot normally be subject to by bedding and clothing business device
Reason.
S601: judge before distance gets the visiting frequency management and control list moment in the first prefixed time interval, visiting frequency pipe
Whether comprise identity card serial number in control list is stored in record, if before distance gets the visiting frequency management and control list moment the
In one prefixed time interval, comprise identity card serial number in visiting frequency management and control list is stored in record, then termination flow process;
For avoiding suffering Replay Attack, abnormal identity card serial number and abnormal card reader serial number can frozen management and control certain time length,
Under management and control state, its request initiated is not processed, can first determine whether to get visiting frequency management and control list in distance
Before moment in the first prefixed time interval, whether comprise identity card serial number in visiting frequency management and control list is stored in record, if
Before distance gets the visiting frequency management and control list moment in the first prefixed time interval, visiting frequency management and control list comprises body
Part card serial number be stored in record, illustrate this identity card serial number also in freezing management and control state, termination flow process;Wherein,
First prefixed time interval is preset value, can be configured according to concrete application scenarios, such as, when card-reading terminal is for automatically to take
During ticket machine, the first prefixed time interval can be set as 1 minute, say, that when finding that certain specific identity card serial number is in frequency
During degree management and control list, within ensuing 1 minute, do not carry out the request initiated based on this identity card serial number processing operation;
Alternatively, when finding that certain specific identity card serial number is in frequency management and control list, information prompting this identity card of user is returned
Abnormal state, tries the most again;
Alternatively, if step in the first prefixed time interval, accessed frequency before distance gets the visiting frequency management and control list moment
Comprise identity card serial number in degree management and control list is stored in record, then termination flow process, including step: if getting in distance
Before the visiting frequency management and control list moment in the first prefixed time interval, visiting frequency management and control list comprises identity card serial number
It is stored in record, then obtains before distance gets the visiting frequency management and control list moment in the 3rd prefixed time interval, visiting frequency
In management and control list identity card serial number be stored in record occurrence number, if identity card serial number be stored in record occurrence number less than the
One preset value, then return the first information termination flow process;If the record occurrence number that is stored in of identity card serial number is more than
Or equal to the first preset value, then identity card serial number is stored in blacklist, return error message termination flow process;
In order to be further ensured that the integrity of abnormal data, it is ensured that process safety, get visiting frequency management and control when determining in distance
Before the list moment in the first prefixed time interval, visiting frequency management and control list comprises the feelings being stored in record of identity card serial number
Under condition, can determine whether before distance gets the visiting frequency management and control list moment in the 3rd prefixed time interval, access frequency
Comprise identity card serial number in degree management and control list is stored in record number of times;In one section of Preset Time, if repeatedly receive based on
During the process request that a certain identity card serial number being specifically present in frequency management and control list is initiated, it is believed that this identity card sequence
Number it is illegal sequence number, adds blacklist;Specifically, if judging receiving the first prefixed time interval before the request of process
In, once it was written in frequency management and control list according to the identity card serial number that the request of process obtains, then determine whether receiving
In the 3rd prefixed time interval processed before request, once it was written to frequency according to the identity card serial number that the request of process obtains
Whether the number of times in management and control list reaches the first preset value, and wherein the 3rd prefixed time interval and the first preset value are preset value,
Can set according to application scenarios, such as: the 3rd prefixed time interval is 5 minutes, the first preset value is 100 times, then if
Judge, in receiving the process initiated based on specific identity card serial number and asking first 5 minutes, to have been received by based on this identity card sequence
The number of times processing request that row number are initiated less than 100 times, then returns the first information prompting user and tries and termination the most again
Flow process;If having been received by the number of times processing request based on this identity card serial number is initiated to be more than or equal to 100 times, then should
Identity card serial number write blacklist, returns error message prompting this identity card of user and has been added into blacklist, and termination stream
Journey;
Alternatively, if step in the first prefixed time interval, accessed frequency before distance gets the visiting frequency management and control list moment
Comprise identity card serial number in degree management and control list is stored in record, then further comprise the steps of: and judge to get visiting frequency pipe in distance
Before the control list moment in the second prefixed time interval, whether comprise card reader serial number in visiting frequency management and control list is stored in note
Record, if before distance gets the visiting frequency management and control list moment in the second prefixed time interval, in visiting frequency management and control list
Comprise card reader serial number is stored in record, then obtained before distance gets the visiting frequency management and control list moment the 4th when presetting
Between in interval, in visiting frequency management and control list card reader serial number be stored in record occurrence number, if being stored in of card reader serial number
Card reader serial number more than or equal to the second preset value, is then stored in blacklist by record occurrence number;
In order to be further ensured that the integrity of abnormal data, it is ensured that process safety, get visiting frequency management and control when determining in distance
Before the list moment in the first prefixed time interval, visiting frequency management and control list comprises the feelings being stored in record of identity card serial number
Under condition, can determine whether to judge before distance gets the visiting frequency management and control list moment in the second prefixed time interval, visit
Ask and whether frequency management and control list comprises being stored in record and judging to get visiting frequency management and control name in distance of card reader serial number
Before single moment in the 4th prefixed time interval, comprise card reader serial number in visiting frequency management and control list is stored in record number of times,
In one section of Preset Time, if repeatedly received based on a certain card reader serial number being specifically present in frequency management and control list
During the process request initiated, it is believed that this card reader Serial No. illegal sequence number, add blacklist;Specifically, if judging
Receive in the second prefixed time interval before the request of process, be once written to according to the card reader serial number that the request of process obtains
In frequency management and control list, then determine whether in receiving the 4th prefixed time interval before the request of process, according to process
Whether the card reader serial number number of times that was once written in frequency management and control list that request obtains reaches the second preset value, and wherein the 4th
Prefixed time interval and the second preset value are preset value, can set according to application scenarios, such as: the 4th prefixed time interval is
5 minutes, the second preset value was 100 times, then if it is determined that ask receiving the process initiated based on specific card reader serial number
Asking first 5 minutes in, the number of times processing request having been received by initiating based on this card reader serial number less than 100 times, then returns the
Two information prompting users try and termination flow process the most again;If having been received by the place initiated based on this card reader serial number
This card reader serial number more than or equal to 100 times, is then write blacklist by the number of times of reason request, returns error message prompting user
This card reader has been added into blacklist, and termination flow process;
If before distance gets the visiting frequency management and control list moment in the first prefixed time interval, in visiting frequency management and control list
Do not comprise identity card serial number is stored in record, then judged that before distance gets the visiting frequency management and control list moment second presets
In time interval, whether comprise card reader serial number in visiting frequency management and control list is stored in record, if getting access in distance
Before the frequency management and control list moment in the second prefixed time interval, visiting frequency management and control list comprises being stored in of card reader serial number
Record, then termination flow process;
Alternatively, if step in the second prefixed time interval, accessed frequency before distance gets the visiting frequency management and control list moment
Comprise card reader serial number in degree management and control list is stored in record, then termination flow process, including step: if getting in distance
Before the visiting frequency management and control list moment in the second prefixed time interval, visiting frequency management and control list comprises card reader serial number
It is stored in record, then obtains before distance gets the visiting frequency management and control list moment in the 4th prefixed time interval, visiting frequency
In management and control list card reader serial number be stored in record occurrence number, if card reader serial number be stored in record occurrence number less than the
Two preset values, then return the second information termination flow process;If the record occurrence number that is stored in of card reader serial number is more than
Or equal to the second preset value, then card reader serial number is stored in blacklist, return error message termination flow process;
In order to be further ensured that the integrity of abnormal data, it is ensured that process safety, get visiting frequency management and control when determining in distance
Before the list moment in the first prefixed time interval, visiting frequency management and control list does not comprise the record that is stored in of identity card serial number
In the case of, can determine whether to judge before distance gets the visiting frequency management and control list moment in the second prefixed time interval,
Whether visiting frequency management and control list comprises being stored in record and judging to get visiting frequency management and control in distance of card reader serial number
Before the list moment in the 4th prefixed time interval, comprise card reader serial number in visiting frequency management and control list is stored in record number of times,
In one section of Preset Time, if repeatedly received based on a certain card reader serial number being specifically present in frequency management and control list
During the process request initiated, it is believed that this card reader Serial No. illegal sequence number, add blacklist;Specifically, if judging
Receive in the second prefixed time interval before the request of process, be once written to according to the card reader serial number that the request of process obtains
In frequency management and control list, then determine whether in receiving the 4th prefixed time interval before the request of process, according to process
Whether the card reader serial number number of times that was once written in frequency management and control list that request obtains reaches the second preset value, and wherein the 4th
Prefixed time interval and the second preset value are preset value, can set according to application scenarios, such as: the 4th prefixed time interval is
5 minutes, the second preset value was 100 times, then if it is determined that ask receiving the process initiated based on specific card reader serial number
Asking first 5 minutes in, the number of times processing request having been received by initiating based on this card reader serial number less than 100 times, then returns the
Two information prompting users try and termination flow process the most again;If having been received by the place initiated based on this card reader serial number
This card reader serial number more than or equal to 100 times, is then write blacklist by the number of times of reason request, returns error message prompting user
This card reader has been added into blacklist, and termination flow process;
S602: judge before distance gets the visiting frequency management and control list moment in the second prefixed time interval, visiting frequency pipe
Whether comprise card reader serial number in control list is stored in record, if before distance gets the visiting frequency management and control list moment the
In two prefixed time interval, comprise card reader serial number in visiting frequency management and control list is stored in record, then termination flow process;
For avoiding suffering Replay Attack, abnormal identity card serial number and abnormal card reader serial number can frozen management and control certain time length,
Under management and control state, its request initiated is not processed, can first determine whether to get visiting frequency management and control list in distance
Before moment in the first prefixed time interval, whether comprise card reader serial number in visiting frequency management and control list is stored in record, if
Before distance gets the visiting frequency management and control list moment in the first prefixed time interval, visiting frequency management and control list comprises reading
Card device serial number be stored in record, illustrate this card reader serial number also in freezing management and control state, termination flow process;Wherein,
First prefixed time interval is preset value, can be configured according to concrete application scenarios, such as, when card-reading terminal is for automatically to take
During ticket machine, the first prefixed time interval can be set as 1 minute, say, that when finding that certain specific card reader serial number is in frequency
During degree management and control list, within ensuing 1 minute, do not carry out the request initiated based on this card reader serial number processing operation;
Alternatively, when finding that certain specific card reader serial number is in frequency management and control list, return information prompting this card reader of user
Abnormal state, tries the most again;
Alternatively, if step in the second prefixed time interval, accessed frequency before distance gets the visiting frequency management and control list moment
Comprise card reader serial number in degree management and control list is stored in record, then termination flow process, including step: if getting in distance
Before the visiting frequency management and control list moment in the second prefixed time interval, visiting frequency management and control list comprises card reader serial number
It is stored in record, then obtains before distance gets the visiting frequency management and control list moment in the 4th prefixed time interval, visiting frequency
In management and control list card reader serial number be stored in record occurrence number, if card reader serial number be stored in record occurrence number less than the
Two preset values, then return the second information termination flow process;If the record occurrence number that is stored in of card reader serial number is more than
Or equal to the second preset value, then card reader serial number is stored in blacklist, return error message termination flow process;
In order to be further ensured that the integrity of abnormal data, it is ensured that process safety, get visiting frequency management and control when determining in distance
Before the list moment in the second prefixed time interval, visiting frequency management and control list comprises the feelings being stored in record of card reader serial number
Under condition, can determine whether before distance gets the visiting frequency management and control list moment in the 4th prefixed time interval, access frequency
Comprise card reader serial number in degree management and control list is stored in record number of times;In one section of Preset Time, if repeatedly receive based on
During the process request that a certain card reader serial number being specifically present in frequency management and control list is initiated, it is believed that this card reader sequence
Number it is illegal sequence number, adds blacklist;Specifically, if judging receiving the second prefixed time interval before the request of process
In, once it was written in frequency management and control list according to the card reader serial number that the request of process obtains, then determine whether receiving
In the 4th prefixed time interval processed before request, once it was written to frequency according to the card reader serial number that the request of process obtains
Whether the number of times in management and control list reaches the second preset value, and wherein the 4th prefixed time interval and the second preset value are preset value,
Can set according to application scenarios, such as: the 4th prefixed time interval is 5 minutes, the second preset value is 100 times, then if
Judge, in receiving the process initiated based on specific card reader serial number and asking first 5 minutes, to have been received by based on this card reader sequence
The number of times processing request that row number are initiated less than 100 times, then returns the second information prompting user and tries and termination the most again
Flow process;If having been received by the number of times processing request based on this card reader serial number is initiated to be more than or equal to 100 times, then should
Card reader serial number write blacklist, returns error message prompting this card reader of user and has been added into blacklist, and termination stream
Journey;
Alternatively, if step in the second prefixed time interval, accessed frequency before distance gets the visiting frequency management and control list moment
Comprise card reader serial number in degree management and control list is stored in record, then further comprise the steps of: and judge to get visiting frequency pipe in distance
Before the control list moment in the first prefixed time interval, whether comprise identity card serial number in visiting frequency management and control list is stored in note
Record, if before distance gets the visiting frequency management and control list moment in the first prefixed time interval, in visiting frequency management and control list
Comprise identity card serial number is stored in record, then obtained before distance gets the visiting frequency management and control list moment the 3rd when presetting
Between in interval, in visiting frequency management and control list identity card serial number be stored in record occurrence number, if being stored in of identity card serial number
Identity card serial number more than or equal to the first preset value, is then stored in blacklist by record occurrence number;
In order to be further ensured that the integrity of abnormal data, it is ensured that process safety, get visiting frequency management and control when determining in distance
Before the list moment in the second prefixed time interval, visiting frequency management and control list comprises the feelings being stored in record of card reader serial number
Under condition, can determine whether to judge before distance gets the visiting frequency management and control list moment in the first prefixed time interval, visit
Ask and whether frequency management and control list comprises being stored in record and judging to get visiting frequency management and control name in distance of identity card serial number
Before single moment in the 3rd prefixed time interval, comprise identity card serial number in visiting frequency management and control list is stored in record number of times,
In one section of Preset Time, if repeatedly received based on a certain identity card serial number being specifically present in frequency management and control list
During the process request initiated, it is believed that this identity card Serial No. illegal sequence number, add blacklist;Specifically, if judging
Receive in the first prefixed time interval before the request of process, be once written to according to the identity card serial number that the request of process obtains
In frequency management and control list, then determine whether in receiving the 3rd prefixed time interval before the request of process, according to process
Whether the identity card serial number number of times that was once written in frequency management and control list that request obtains reaches the first preset value, and wherein the 3rd
Prefixed time interval and the first preset value are preset value, can set according to application scenarios, such as: the 3rd prefixed time interval is
5 minutes, the first preset value was 100 times, then if it is determined that ask receiving the process initiated based on specific identity card serial number
Asking first 5 minutes in, the number of times processing request having been received by initiating based on this identity card serial number less than 100 times, then returns the
One information prompting user tries and termination flow process the most again;If having been received by the place initiated based on this identity card serial number
This identity card serial number more than or equal to 100 times, is then write blacklist by the number of times of reason request, returns error message prompting user
This identity card has been added into blacklist, and termination flow process;
If before distance gets the visiting frequency management and control list moment in the second prefixed time interval, in visiting frequency management and control list
Do not comprise card reader serial number is stored in record, then judged that before distance gets the visiting frequency management and control list moment first presets
In time interval, whether comprise identity card serial number in visiting frequency management and control list is stored in record, if getting access in distance
Before the frequency management and control list moment in the first prefixed time interval, visiting frequency management and control list comprises being stored in of identity card serial number
Record, then termination flow process;
Alternatively, if step in the first prefixed time interval, accessed frequency before distance gets the visiting frequency management and control list moment
Comprise identity card serial number in degree management and control list is stored in record, then termination flow process, including step: if getting in distance
Before the visiting frequency management and control list moment in the first prefixed time interval, visiting frequency management and control list comprises identity card serial number
It is stored in record, then obtains before distance gets the visiting frequency management and control list moment in the 3rd prefixed time interval, visiting frequency
In management and control list identity card serial number be stored in record occurrence number, if identity card serial number be stored in record occurrence number less than the
One preset value, then return the first information termination flow process;If the record occurrence number that is stored in of identity card serial number is more than
Or equal to the first preset value, then identity card serial number is stored in blacklist, return error message termination flow process;
In order to be further ensured that the integrity of abnormal data, it is ensured that process safety, get visiting frequency management and control when determining in distance
Before the list moment in the second prefixed time interval, visiting frequency management and control list does not comprise the record that is stored in of card reader serial number
In the case of, can determine whether to judge before distance gets the visiting frequency management and control list moment in the first prefixed time interval,
Whether visiting frequency management and control list comprises being stored in record and judging to get visiting frequency management and control in distance of identity card serial number
Before the list moment in the 3rd prefixed time interval, comprise identity card serial number in visiting frequency management and control list is stored in record number of times,
In one section of Preset Time, if repeatedly received based on a certain identity card serial number being specifically present in frequency management and control list
During the process request initiated, it is believed that this identity card Serial No. illegal sequence number, add blacklist;Specifically, if judging
Receive in the first prefixed time interval before the request of process, be once written to according to the identity card serial number that the request of process obtains
In frequency management and control list, then determine whether in receiving the 3rd prefixed time interval before the request of process, according to process
Whether the identity card serial number number of times that was once written in frequency management and control list that request obtains reaches the first preset value, and wherein the 3rd
Prefixed time interval and the first preset value are preset value, can set according to application scenarios, such as: the 3rd prefixed time interval is
5 minutes, the first preset value was 100 times, then if it is determined that ask receiving the process initiated based on specific identity card serial number
Asking first 5 minutes in, the number of times processing request having been received by initiating based on this identity card serial number less than 100 times, then returns the
One information prompting user tries and termination flow process the most again;If having been received by the place initiated based on this identity card serial number
This identity card serial number more than or equal to 100 times, is then write blacklist by the number of times of reason request, returns error message prompting user
This identity card has been added into blacklist, and termination flow process;
If judging before distance gets the visiting frequency management and control list moment in the first prefixed time interval, visiting frequency management and control name
Do not comprise identity card serial number in list is stored in record and second when presetting before distance gets the visiting frequency management and control list moment
Between interval in, do not comprise card reader serial number in visiting frequency management and control list is stored in record, then perform step S7;
When judging before distance gets the visiting frequency management and control list moment in the first prefixed time interval, visiting frequency management and control name
Do not comprise identity card serial number in list is stored in record and second when presetting before distance gets the visiting frequency management and control list moment
Between interval in, visiting frequency management and control list does not comprise when being stored in record of card reader serial number, it may be determined that this identity card sequence
Number and this card reader serial number at the first prefixed time interval and abnormality did not occur in the second prefixed time interval, enter
One step judges whether this identity card serial number or this card reader serial number are in abnormality in this is asked;
S7, obtains exception rules, and performs step S801 or step S802;
S801: judge whether identity card serial number meets exception rules, if identity card serial number meets exception rules, then termination
Reason flow process;
Exception rules can be stored in self storage, it is also possible to obtains from external equipment, it is possible to judge this according to exception rules
Whether identity card serial number or card reader serial number in request are in abnormality;
Alternatively, authentication ids information process request also includes: timestamp secret value and card reader counting secret value;Step S2
Also include, acquisition decryption time stamp secret value and the timestamp of card reader counting secret value acquisition and card reader count value, wherein,
The generation moment that timestamp is demonstrate,proved information process request by the card reader identity-based identification generating authentication ids information process request is raw
Become;Card reader count value is processed request number of times by card reader based on the history that card reader is initiated and generates;
Judge identity card serial number whether meet exception rules can in the following ways in one or more:
Mode one: based on timestamp and the moment receiving authentication ids information process request, generates very first time interval, sentences
Whether disconnected very first time interval is more than the 5th prefixed time interval and less than the 6th prefixed time interval, if very first time interval is more than
5th prefixed time interval and less than the 6th prefixed time interval, then judge that identity card serial number is legal, otherwise, it is judged that identity card
Serial number meets exception rules;
Timestamp includes the generation moment of authentication ids information process request, when receiving process request, can be according to connecing
The moment and the timestamp that receive the request of process obtain very first time interval, and very first time interval represents this process and asks from being generated to
Received the time of middle experience, if very first time interval is too short or long, all represents and this request transmitting procedure occurs extremely,
The security and the reliability processed for guarantee, it is judged that the identity card serial number comprised in authentication ids information process request is abnormal, the
The zone of reasonableness of one time interval is preset value, can set according to specific application scenarios, such as: the 5th prefixed time interval is
1 second, the 6th prefixed time interval was 60 seconds, then when very first time interval is less than 1 second or is more than 60 seconds, permissible
Judge that the identity card serial number in this authentication ids information process request meets exception rules;
Mode two: based on timestamp and card reader count value, it is judged that distance got before the visiting frequency management and control list moment the 7th
In prefixed time interval, the request number of times of the authentication ids information process request comprising identity card serial number encryption value received
Whether less than the 3rd preset value, if the authentication ids information process request comprising identity card serial number encryption value received please
Ask number of times to be less than the 3rd preset value, then judge that identity card serial number is legal, otherwise, it is judged that identity card serial number meets exception rules;
When the authentication ids information process request generated based on a certain specific identity card serial number the most repeatedly occurs,
Can be determined that this identity card serial number meets exception rules, the 7th prefixed time interval and the 3rd preset value are preset value, can depend on
Setting according to concrete application scenarios, such as, the 7th prefixed time interval is 5 minutes, and the 3rd preset value is 100 times, then read
This processes the timestamp in request and the timestamp that the 100th time processes in request before generated based on this identity card serial number,
Judge that the time interval between two timestamps, whether less than 5 minutes, if less than 5 minutes, then judges this identity card serial number
Meet exception rules;
Alternatively, it is judged that whether card reader serial number meets one or more in exception rules in the following manner:
Mode one: based on timestamp and the moment receiving authentication ids information process request, generates very first time interval, sentences
Whether disconnected very first time interval is more than the 8th prefixed time interval and less than the 9th prefixed time interval, if very first time interval is more than
8th prefixed time interval and less than the 9th prefixed time interval, then judge that card reader serial number is legal, otherwise, it is judged that card reader
Serial number meets exception rules;
Timestamp includes the generation moment of authentication ids information process request, when receiving process request, can be according to connecing
The moment and the timestamp that receive the request of process obtain very first time interval, and very first time interval represents this process and asks from being generated to
Received the time of middle experience, if very first time interval is too short or long, all represents and this request transmitting procedure occurs extremely,
The security and the reliability processed for guarantee, it is judged that the card reader serial number comprised in authentication ids information process request is abnormal, the
The zone of reasonableness of one time interval is preset value, can set according to specific application scenarios, such as: the 8th prefixed time interval is
1 second, the 9th prefixed time interval was 60 seconds, then when very first time interval is less than 1 second or is more than 60 seconds, permissible
Judge that the card reader serial number in this authentication ids information process request meets exception rules;
Mode two: based on timestamp and card reader count value, it is judged that before distance gets the visiting frequency management and control list moment
In ten prefixed time interval, whether the request number of times of the authentication ids information process request comprising card reader serial number received
Less than the 4th preset value, if the request number of times of the authentication ids information process request comprising card reader serial number received is less than
4th preset value, then judge that card reader serial number is legal, otherwise, it is judged that card reader serial number meets exception rules;
When the authentication ids information process request generated based on a certain specific card reader serial number the most repeatedly occurs,
Can be determined that this card reader serial number meets exception rules, the tenth prefixed time interval and the 4th preset value are preset value, can depend on
Setting according to concrete application scenarios, such as, the tenth prefixed time interval is 5 minutes, and the 4th preset value is 100 times, then read
This processes the timestamp in request and the timestamp that the 100th time processes in request before generated based on this card reader serial number,
Judge that the time interval between two timestamps, whether less than 5 minutes, if less than 5 minutes, then judges this card reader serial number
Meet exception rules;
Mode three: based on card reader count value, it is judged that with card reader sequence in the authentication ids information process request continuously received
Whether the card reader count value of row number coupling meets preset rules, if card reader count value meets preset rules, then judges card reader
Serial number is legal, otherwise, it is judged that card reader serial number meets exception rules;
When card reader initiates authentication ids information process request, its card reader count value can be changed according to preset rules, example
As, often initiate single treatment request, card reader count value adds one;After receiving process request, extract card reader serial number and reading
Card device count value, it is judged that processed the card reader count value in request and this card reader meter the last time corresponding with this card reader serial number
Whether numerical value meets preset rules, if not meeting preset rules, then illustrates that this card reader exists abnormal, and its card reader serial number accords with
Close exception rules;
Alternatively, if step identity card serial number meets exception rules, then termination flow process, including step: if identity card sequence
Row number meet exception rules, then identity card serial number is stored in visiting frequency management and control list, returns the first information termination
Reason flow process;
In order to be further ensured that the integrity of abnormal data, the dynamic and intelligent that lifting processes, it is ensured that process safety, when really
Determine in the case of identity card serial number meets exception rules, further this identity card serial number to be write frequency management and control list, return
Return the existence of this identity card of information alert user extremely to try the most again, and termination flow process, thus realize frequency management and control list
Dynamically change, promotes the intelligent of authentication ids information process request processing procedure;
Alternatively, if step identity card serial number meets exception rules, then further comprise the steps of: and judge whether card reader serial number accords with
Close exception rules, if card reader serial number meets exception rules, then by card reader serial number write-access frequency management and control list;
In order to be further ensured that the integrity of abnormal data, the dynamic and intelligent that lifting processes, it is ensured that process safety, when really
Determine in the case of identity card serial number meets exception rules, to determine whether whether card reader serial number meets exception rules, if
Whether card reader serial number meets exception rules, then the prompting of card reader serial number write-access frequency management and control list return information used
This card reader of family exists to be tried extremely the most again, and termination flow process, thus realizes the dynamic change of frequency management and control list, carries
Rise the intelligent of authentication ids information process request processing procedure;
If identity card serial number does not meets exception rules, then judge whether card reader serial number meets exception rules, if card reader sequence
Row number meet exception rules, then termination flow process;
Alternatively, if step card reader serial number meets exception rules, then termination flow process, including step: if card reader sequence
Row number meet exception rules, then card reader serial number is stored in visiting frequency management and control list, returns the second information termination
Reason flow process;
In order to be further ensured that the integrity of abnormal data, the dynamic and intelligent that lifting processes, it is ensured that process safety, when really
Determine in the case of identity card serial number do not meets exception rules, to determine whether whether card reader serial number meets exception rules,
If whether card reader serial number meets exception rules, then card reader serial number write-access frequency management and control list return information is pointed out
This card reader of user exists to be tried extremely the most again, and termination flow process, thus realizes the dynamic change of frequency management and control list,
Promote the intelligent of authentication ids information process request processing procedure;
S802: judge whether card reader serial number meets exception rules, if card reader serial number meets exception rules, then termination
Reason flow process;
With S801 accordingly, it is also possible to first whether card reader serial number is met exception rules and judge,
Alternatively, if step card reader serial number meets exception rules, then termination flow process, including step: if card reader sequence
Row number meet exception rules, then card reader serial number is stored in visiting frequency management and control list, returns the second information termination
Reason flow process;
In order to be further ensured that the integrity of abnormal data, the dynamic and intelligent that lifting processes, it is ensured that process safety, when really
Determine in the case of card reader serial number meets exception rules, further this card reader serial number to be write frequency management and control list, return
Return the existence of this card reader of information alert user extremely to try the most again, and termination flow process, thus realize frequency management and control list
Dynamically change, promotes the intelligent of authentication ids information process request processing procedure;
Alternatively, if step card reader serial number meets exception rules, then further comprise the steps of: and judge whether identity card serial number accords with
Close exception rules, if whether identity card serial number meets exception rules, then by identity card serial number write-access frequency management and control list;
In order to be further ensured that the integrity of abnormal data, the dynamic and intelligent that lifting processes, it is ensured that process safety, when really
Determine in the case of card reader serial number meets exception rules, to determine whether whether identity card serial number meets exception rules, if
Whether identity card serial number meets exception rules, then the prompting of identity card serial number write-access frequency management and control list return information used
Family this identity card existence is abnormal to be tried the most again, and termination flow process, thus realizes the dynamic change of frequency management and control list, carries
Rise the intelligent of authentication ids information process request processing procedure;
If card reader serial number does not meets exception rules, then judge whether identity card serial number meets exception rules, if identity card sequence
Row number meet exception rules, then termination flow process;
Alternatively, if step identity card serial number meets exception rules, then termination flow process, including step: if identity card sequence
Row number meet exception rules, then identity card serial number is stored in visiting frequency management and control list, returns the first information termination
Reason flow process;
In order to be further ensured that the integrity of abnormal data, the dynamic and intelligent that lifting processes, it is ensured that process safety, when really
Determine in the case of card reader serial number do not meets exception rules, to determine whether whether identity card serial number meets exception rules,
If whether identity card serial number meets exception rules, then identity card serial number write-access frequency management and control list return information is pointed out
The existence of this identity card of user is abnormal to be tried the most again, and termination flow process, thus realizes the dynamic change of frequency management and control list,
Promote the intelligent of authentication ids information process request processing procedure;
If judging, identity card serial number and card reader serial number all do not meet exception rules, then perform step S9;
S9: authentication ids information process request is processed;
When judging identity card serial number and card reader serial number does not all meet exception rules, then explanation identity card serial number and Card Reader
Device serial number does not all appear in blacklist, and does not appears in frequency pipe in the prefixed time interval before receiving the request of process
In control list, do not meet exception rules, say, that now identity card serial number and card reader serial number are the most legal simultaneously, this
Time, carry out processing operation to the authentication ids information process request generated based on this identity card serial number and this card reader serial number.
The method provided by the embodiment of the present invention, it is possible to realize the identity card generated based on abnormal identity card or abnormal card reader
Authentication information processes request and carries out effective abnormality processing, uses identity card serial number and/or card reader serial number to enter as key value
Line pipe control, it is to avoid because of other factors, the legitimate request caused such as the change of IP address or the change of type of card cannot obtain execution,
Pass through blacklist, it is possible to stop illegal identity card or the process request of illegal card reader initiation in the very first time, by the present invention's
Abnormality eliminating method is capable of the dynamic renewal of blacklist, enhances dynamic and the real-time of abnormality processing;By frequency pipe
Control list is capable of the abnormality processing occurring abnormal identity card or card reader the most in a short time, it is achieved to Short Term Anomalous body
Part card or the freezing in short-term of card reader, it is to avoid the security risk causing the process of illegal request, by the abnormality processing of the present invention
Method is capable of the dynamic renewal of frequency management and control list, enhances dynamic and the real-time of abnormality processing;Pass through exception rules
It is capable of the exception to current identity card or card reader to judge, even if this processes the identity card in request or card reader does not comprises
In blacklist or in the range of the management and control of frequency management and control list, can recognize that abnormal identity card or card reader equally, thus realize
To identity card and triple dynamic authentication of card reader, improve the safety that authentication ids information process request is processed with reliable
Property.
Embodiment 2:
The present embodiment provides a kind of identity card cloud certification device, as in figure 2 it is shown, include:
First communication module 201, is used for receiving authentication ids information process request, and described authentication ids information includes: body
Part card serial number encryption value and card reader serial number, wherein, the sequence of described card reader Serial No. ID card information reading terminals
Number;
Identity card processes the process request that request is initiated for card reader of ID card, and identity card cloud authentication platform judges that identity card process please
Ask after asking for legal processes, according to preset rules, process, for this identity card, the security authentication module 210 that request distribution is idle,
The originating end that allocated security authentication module 210 and this identity card process request carries out data interaction, wherein, identity card sequence
Number secret value is that the identity card serial number encryption obtained from identity card is obtained by card reader of ID card, card reader Serial No. identity
The serial number of card card reader self.
Second communication module 202, deciphers, for obtaining, the identity card serial number that described identity card serial number encryption is worth to;
The identity card serial number encryption value received is decrypted computing, if card reader of ID card uses symmetric encipherment algorithm encryption
Identity card serial number, then use corresponding symmetrical decipherment algorithm to be decrypted computing to the identity card serial number encryption value received;
If card reader of ID card uses own private key encryption identity card serial number, then the identity card serial number encryption value received is used body
The PKI of part card card reader is decrypted computing;The main body that identity card serial number encryption value is decrypted computing can be itself,
Can also be external equipment or external chip.
Third communication module 203, is used for obtaining blacklist;
First judge module 206, is used for judging whether described identity card serial number is included in described blacklist, if described identity
Card serial number is included in described blacklist, then processing module 209 termination flow process;
Third communication module 203 can obtain blacklist from self stores, it is also possible to obtains blacklist from outside, in blacklist
Include illegal identity card serial number and illegal card reader serial number;If the authentication ids letter that first communication module 201 receives
Breath processes in request and comprises illegal identity card serial number or illegal card reader serial number, then this authentication ids information processing
Request is in illegal state, it is impossible to normally accepted by server.
Blacklist has illegal identity card serial number, the serial number of the identity card being such as reported the loss, the body of appearance exception continuously
The serial number of part card or the serial number etc. of identity cards occurred in multiple areas in the short time, its place asked is comprehended bring bigger
Risk, if the first judge module 206 judges that identity card serial number is included in blacklist, illustrates that this identity card Serial No. is illegal
Identity card serial number, server disregards, processing module 209 termination flow process.Alternatively, the first judge module 206
Can return information to point out user, this identity card has been added into blacklist, it is simple to user carries out subsequent operation and solution
Certainly;
Alternatively, when the first judge module 206 judges that identity card serial number is included in blacklist, fourth communication module 204,
For obtaining visiting frequency management and control list, the second judge module 207 judges to get access frequency in distance fourth communication module 204
Before the degree management and control list moment in the second prefixed time interval, whether visiting frequency management and control list comprises depositing of card reader serial number
Enter record, if getting before the visiting frequency management and control list moment in the second prefixed time interval in distance fourth communication module 204,
Comprise card reader serial number in visiting frequency management and control list is stored in record, then the second judge module 207 obtains at distance four-way
Letter module 204 gets before the visiting frequency management and control list moment in the 4th prefixed time interval, reads in visiting frequency management and control list
Card device serial number be stored in record occurrence number, if card reader serial number be stored in record occurrence number more than or equal to second preset
Value, then be stored in blacklist by card reader serial number;If the second judge module 207 judges to obtain in distance fourth communication module 204
Before the visiting frequency management and control list moment in the second prefixed time interval, visiting frequency management and control list does not comprise card reader sequence
Number be stored in record, then fifth communication module 205 obtains exception rules, it is judged that whether card reader serial number meets exception rules,
If card reader serial number meets exception rules, then by card reader serial number write-access frequency management and control list;
If identity card serial number is not comprised in blacklist, then the first judge module 206 judges whether card reader serial number comprises
In blacklist, if card reader serial number is included in blacklist, then processing module 209 termination flow process;
If identity card serial number is not comprised in blacklist, then the first judge module 206 determines whether card reader serial number
Legitimacy, demonstrate,proves serial number to determine one's identity and card reader serial number is the most legal, have illegal card reader sequence in blacklist
Number, the serial number of the card reader being such as reported the loss, continuously the serial number of abnormal card reader occurs, exceed the Card Reader of service life
The serial number of device or the serial number etc. of card reader occurred in multiple areas in short-term, comprehend its place asked and bring greater risk,
If the first judge module 206 judges that card reader serial number is included in blacklist, illustrate that this card reader Serial No. illegal identity is demonstrate,proved
Serial number, server disregards, processing module 209 termination flow process.Alternatively, the first judge module 206 can return
Return information to point out user, this card reader has been added into blacklist, it is simple to user carries out subsequent operation and Resolving probiems;
Alternatively, if the first judge module 206 judges that card reader serial number is included in blacklist, then fourth communication module 204
For obtaining visiting frequency management and control list, the second judge module 207 judges to get access frequency in distance fourth communication module 204
Before the degree management and control list moment in the first prefixed time interval, whether visiting frequency management and control list comprises depositing of identity card serial number
Enter record, if getting before the visiting frequency management and control list moment in the first prefixed time interval in distance fourth communication module 204,
Comprise identity card serial number in visiting frequency management and control list is stored in record, then the second judge module 207 obtains at distance four-way
Letter module 204 gets before the visiting frequency management and control list moment in the 3rd prefixed time interval, body in visiting frequency management and control list
Part card serial number be stored in record occurrence number, if identity card serial number be stored in record occurrence number more than or equal to first preset
Value, then be stored in blacklist by identity card serial number;If the second judge module 207 judges to obtain in distance fourth communication module 204
Before the visiting frequency management and control list moment in the first prefixed time interval, visiting frequency management and control list does not comprise identity card sequence
Number be stored in record, then fifth communication module 205 obtains exception rules, it is judged that whether identity card serial number meets exception rules,
If identity card serial number meets exception rules, then by identity card serial number write-access frequency management and control list;
Third communication module 203, is used for obtaining blacklist,
First judge module 206, is used for judging whether described card reader serial number is included in described blacklist, if described Card Reader
Device serial number is included in described blacklist, then processing module 209 termination flow process;
Blacklist has illegal card reader serial number, the serial number of the card reader being such as reported the loss, the reading of appearance exception continuously
The serial number of card device, the serial number exceeding the card reader of service life or the serial number etc. of card reader occurred in multiple areas in short-term,
Its place asked is comprehended and brings greater risk, if the first judge module 206 judges that card reader serial number is included in blacklist,
Illustrating that this card reader Serial No. illegal identity demonstrate,proves serial number, server is disregarded, processing module 209 termination flow process.
Alternatively, server can return information to point out user, and this card reader has been added into blacklist, it is simple to after user is carried out
Continuous operation and Resolving probiems;
Alternatively, if card reader serial number is included in blacklist, then fourth communication module 204 is additionally operable to obtain visiting frequency pipe
Control list, the second judge module 207 judged before distance fourth communication module 204 gets the visiting frequency management and control list moment
In first prefixed time interval, whether comprise identity card serial number in visiting frequency management and control list is stored in record, if in distance
Four communication modules 204 get before the visiting frequency management and control list moment in the first prefixed time interval, visiting frequency management and control list
In comprise identity card serial number be stored in record, then the second judge module 207 obtains and is getting in distance fourth communication module 204
Before the visiting frequency management and control list moment in the 3rd prefixed time interval, in visiting frequency management and control list, identity card serial number is stored in
Record occurrence number, if the record occurrence number that is stored in of identity card serial number is more than or equal to the first preset value, then by identity card sequence
Row number are stored in blacklist;If the second judge module 207 judges to get visiting frequency management and control name in distance fourth communication module 204
Before single moment in the first prefixed time interval, do not comprise identity card serial number in visiting frequency management and control list is stored in record, then
Fifth communication module 205 obtains exception rules, it is judged that whether identity card serial number meets exception rules, if identity card serial number symbol
Close exception rules, then by identity card serial number write-access frequency management and control list;
If card reader serial number is not comprised in blacklist, then the first judge module 206 judges whether identity card serial number comprises
In blacklist, if identity card serial number is included in blacklist, then processing module 209 termination flow process;
If card reader serial number is not comprised in blacklist, then the first judge module 206 determines whether identity card serial number
Legitimacy, demonstrate,proves serial number to determine one's identity and card reader serial number is the most legal, have illegal identity card sequence in blacklist
Number, the serial number of the identity card being such as reported the loss, the serial number occurring abnormal identity card continuously or short time are interior in multiple areas
The serial number etc. of the identity card occurred, comprehends its place asked and brings greater risk, if the first judge module 206 judges identity
Card serial number is included in blacklist, illustrates that this identity card Serial No. illegal identity demonstrate,proves serial number, and server is disregarded, place
Reason module 209 termination flow process.Alternatively, server can return information to point out user, and this identity card is added
Enter blacklist, it is simple to user carries out subsequent operation and Resolving probiems;
Alternatively, after the first judge module 206 judges that card reader serial number is not comprised in blacklist, fourth communication mould
Block 204 is additionally operable to obtain visiting frequency management and control list, and the second judge module 207 judges to obtain in distance fourth communication module 204
Before the visiting frequency management and control list moment in the second prefixed time interval, whether visiting frequency management and control list comprises card reader sequence
Row number be stored in record, if distance fourth communication module 204 get the visiting frequency management and control list moment before second preset time
Between interval in, comprise card reader serial number in visiting frequency management and control list is stored in record, then the second judge module 207 obtains
Before fourth communication module 204 gets the visiting frequency management and control list moment in the 4th prefixed time interval, visiting frequency pipe
Control list in card reader serial number be stored in record occurrence number, if card reader serial number be stored in record occurrence number more than or etc.
In the second preset value, then card reader serial number is stored in blacklist;If the second judge module 207 judges at distance fourth communication mould
Block 204 gets before the visiting frequency management and control list moment in the second prefixed time interval, does not comprises in visiting frequency management and control list
Card reader serial number be stored in record, then fifth communication module 205 obtains exception rules, it is judged that whether card reader serial number meets
Exception rules, if card reader serial number meets exception rules, then by card reader serial number write-access frequency management and control list;
Fourth communication module 204, is additionally operable to when judging identity card serial number and card reader serial number is all not included in blacklist,
Obtaining visiting frequency management and control list, the second judge module 207 judges to get visiting frequency pipe in distance fourth communication module 204
Before the control list moment in the first prefixed time interval, whether comprise identity card serial number in visiting frequency management and control list is stored in note
Record, if getting before the visiting frequency management and control list moment in the first prefixed time interval in distance fourth communication module 204, visits
Ask that comprise identity card serial number in frequency management and control list is stored in record, then processing module 209 termination flow process;
If the first judge module 206 judges that identity card serial number and card reader serial number are all not included in blacklist, identity is described
Card serial number and card reader serial number are all legal, say, that this authentication ids information process request is in legal state,
Need to determine whether whether this authentication ids information process request is in by management and control state;
Fourth communication module 204 can obtain visiting frequency management and control list from self stores, it is also possible to obtains from outside and accesses frequency
Degree management and control list, includes the identity card serial number by management and control and the card reader serial number by management and control in visiting frequency management and control list;
If the authentication ids information process request that first communication module 201 receives comprises the identity card serial number or managed by management and control
The card reader serial number of control, then this authentication ids information process request is in by management and control state, after needing frozen certain time length
Could thaw, currently cannot normally accept by bedding and clothing business device.
For avoiding suffering Replay Attack, abnormal identity card serial number and abnormal card reader serial number can frozen management and control certain time length,
Under management and control state, identity card cloud certification device not to initiate request process, first the second judge module 207 can be sentenced
Break and get before the visiting frequency management and control list moment in the first prefixed time interval in distance fourth communication module 204, access frequency
Whether comprise identity card serial number in degree management and control list is stored in record, if getting access frequency in distance fourth communication module 204
Before the degree management and control list moment in the first prefixed time interval, comprise identity card serial number in visiting frequency management and control list is stored in note
Record, illustrate this identity card serial number also in freezing management and control state, processing module 209 termination flow process;Wherein, first is pre-
If time interval is preset value, can be configured according to concrete application scenarios, such as, when card-reading terminal is automatic ticket taking machine,
The first prefixed time interval can be set as 1 minute, say, that when finding that certain specific identity card serial number is in frequency management and control name
Dan Shi, within ensuing 1 minute, does not carry out the request initiated based on this identity card serial number processing operation;Alternatively,
When finding that certain specific identity card serial number is in frequency management and control list, return information prompting this identity card abnormal state of user,
Try the most again;
If getting before the visiting frequency management and control list moment in the first prefixed time interval in distance fourth communication module 204, visit
Ask that do not comprise identity card serial number in frequency management and control list is stored in record, then the second judge module 207 judges at distance four-way
Letter module 204 gets before the visiting frequency management and control list moment in the second prefixed time interval, in visiting frequency management and control list is
No comprise card reader serial number be stored in record, if getting the visiting frequency management and control list moment in distance fourth communication module 204
Before in the second prefixed time interval, comprise card reader serial number in visiting frequency management and control list is stored in record, then processing module
209 termination flow processs;
Fourth communication module 204, for when judging identity card serial number and card reader serial number is all not included in blacklist, obtains
Taking visiting frequency management and control list, the second judge module 207 judges to get visiting frequency management and control in distance fourth communication module 204
Before the list moment in the second prefixed time interval, whether comprise card reader serial number in visiting frequency management and control list is stored in record,
If getting before the visiting frequency management and control list moment in the second prefixed time interval in distance fourth communication module 204, access frequency
Comprise card reader serial number in degree management and control list is stored in record, then processing module 209 termination flow process;
For avoiding suffering Replay Attack, abnormal identity card serial number and abnormal card reader serial number can frozen management and control certain time length,
Under management and control state, identity card cloud certification device not to initiate request process, first the second judge module 207 can be sentenced
Break and get before the visiting frequency management and control list moment in the first prefixed time interval in distance fourth communication module 204, access frequency
Whether comprise card reader serial number in degree management and control list is stored in record, if getting access frequency in distance fourth communication module 204
Before the degree management and control list moment in the first prefixed time interval, comprise card reader serial number in visiting frequency management and control list is stored in note
Record, illustrate this card reader serial number also in freezing management and control state, processing module 209 termination flow process;Wherein, first is pre-
If time interval is preset value, can be configured according to concrete application scenarios, such as, when card-reading terminal is automatic ticket taking machine,
The first prefixed time interval can be set as 1 minute, say, that when finding that certain specific card reader serial number is in frequency management and control name
Dan Shi, within ensuing 1 minute, does not carry out the request initiated based on this card reader serial number processing operation;Alternatively,
When finding that certain specific card reader serial number is in frequency management and control list, return information prompting this Card reader status of user abnormal,
Try the most again;
If getting before the visiting frequency management and control list moment in the second prefixed time interval in distance fourth communication module 204, visit
Ask that do not comprise card reader serial number in frequency management and control list is stored in record, then the second judge module 207 judges at distance four-way
Letter module 204 gets before the visiting frequency management and control list moment in the first prefixed time interval, in visiting frequency management and control list is
No comprise identity card serial number be stored in record, if getting the visiting frequency management and control list moment in distance fourth communication module 204
Before in the first prefixed time interval, comprise identity card serial number in visiting frequency management and control list is stored in record, then processing module
209 termination flow processs;
Before the second judge module 207 judging distance fourth communication module 204 gets the visiting frequency management and control list moment first
In prefixed time interval, do not comprise identity card serial number in visiting frequency management and control list is stored in record and at distance fourth communication mould
Block 204 gets before the visiting frequency management and control list moment in the second prefixed time interval, does not comprises in visiting frequency management and control list
When being stored in record of card reader serial number, fifth communication module 205 obtains exception rules, and judges whether identity card serial number accords with
Close exception rules, if identity card serial number meets exception rules, then processing module 209 termination flow process;
Exception rules can be stored in memory module 211, it is also possible to obtaining from external equipment, the 3rd judge module 208 can
Judge whether the identity card serial number in this request or card reader serial number are in abnormality according to exception rules;
If identity card serial number does not meets exception rules, then the 3rd judge module 208 judges whether card reader serial number meets exception
Rule, if card reader serial number meets exception rules, then processing module 209 termination flow process;
When the second judge module 207 judges to get before the visiting frequency management and control list moment the in distance fourth communication module 204
In one prefixed time interval, do not comprise identity card serial number in visiting frequency management and control list is stored in record and in distance fourth communication
Module 204 gets before the visiting frequency management and control list moment in the second prefixed time interval, does not wraps in visiting frequency management and control list
Containing when being stored in record of card reader serial number, it may be determined that this identity card serial number and this card reader serial number are at the first Preset Time
Being spaced and do not occurred abnormality in the second prefixed time interval, the 3rd judge module 208 determines whether this identity card
Whether serial number or this card reader serial number are in abnormality in this is asked;
Before the second judge module 207 judging distance fourth communication module 204 gets the visiting frequency management and control list moment first
In prefixed time interval, do not comprise identity card serial number in visiting frequency management and control list is stored in record and at distance fourth communication mould
Block 204 gets before the visiting frequency management and control list moment in the second prefixed time interval, does not comprises in visiting frequency management and control list
When being stored in record of card reader serial number, fifth communication module 205 obtains exception rules, and the 3rd judge module 208 judges Card Reader
Whether device serial number meets exception rules, if card reader serial number meets exception rules, then and processing module 209 termination flow process;
If card reader serial number does not meets exception rules, then the 3rd judge module 208 judges whether identity card serial number meets exception rules,
If identity card serial number meets exception rules, then processing module 209 termination flow process;
Processing module 209, for when judging identity card serial number and card reader serial number does not all meet exception rules, to identity
Identification card information process request processes.
Alternatively, the second judge module 207, it is additionally operable to get visiting frequency management and control list in distance fourth communication module 204
Before moment in the first prefixed time interval, if visiting frequency management and control list comprises when being stored in record of identity card serial number, obtain
It is taken at before fourth communication module 204 gets the visiting frequency management and control list moment in the 3rd prefixed time interval, accesses frequency
In degree management and control list, identity card serial number is stored in record occurrence number, if the record occurrence number that is stored in of identity card serial number is less than
First preset value, then return the first information processing module 209 termination flow process;If identity card serial number be stored in note
Identity card serial number more than or equal to the first preset value, is then stored in blacklist by record occurrence number, returns error message and processes mould
Block 209 termination flow process;
In order to be further ensured that the integrity of abnormal data, it is ensured that process safety, obtain in distance fourth communication module 204 when determining
Get before the visiting frequency management and control list moment in the first prefixed time interval, visiting frequency management and control list comprises identity card sequence
Number be stored in record in the case of, the second judge module 207 can determine whether distance fourth communication module 204 obtain visiting
Ask before the frequency management and control list moment in the 3rd prefixed time interval, visiting frequency management and control list comprises depositing of identity card serial number
Enter to record number of times;In one section of Preset Time, if identity card cloud certification device repeatedly receives specifically it is present in based on a certain
During the process request that the identity card serial number in frequency management and control list is initiated, it is believed that this identity card Serial No. illegal sequence number,
Add blacklist;Specifically, if the second judge module 207 judges receiving the first prefixed time interval before the request of process
In, once it was written in frequency management and control list according to the identity card serial number that the request of process obtains, then determine whether receiving
In the 3rd prefixed time interval processed before request, once it was written to frequency according to the identity card serial number that the request of process obtains
Whether the number of times in management and control list reaches the first preset value, and wherein the 3rd prefixed time interval and the first preset value are preset value,
Can set according to application scenarios, such as: the 3rd prefixed time interval is 5 minutes, the first preset value is 100 times, then if
Second judge module 207 judges, in receiving the process initiated based on specific identity card serial number and asking first 5 minutes, to receive
To the number of times processing request initiated based on this identity card serial number less than 100 times, then return the first information prompting user slightly
After again examination and processing module 209 termination flow process;If having been received by process request based on the initiation of this identity card serial number
Number of times is more than or equal to 100 times, then this identity card serial number is write blacklist, returns error message prompting this identity card of user
Blacklist, processing module 209 termination flow process it are added into;
Alternatively, the second judge module 207, it is additionally operable to get visiting frequency management and control list in distance fourth communication module 204
Before moment in the second prefixed time interval, visiting frequency management and control list comprises when being stored in record of card reader serial number, obtain
Get before the visiting frequency management and control list moment in the 4th prefixed time interval in distance fourth communication module 204, visiting frequency
In management and control list card reader serial number be stored in record occurrence number, if card reader serial number be stored in record occurrence number less than the
Two preset values, then the second judge module 207 returns the second information processing module 209 termination flow process;If card reader
The record occurrence number that is stored in of serial number is more than or equal to the second preset value, then card reader serial number is stored in blacklist, returns mistake
False information processing module 209 termination flow process.
In order to be further ensured that the integrity of abnormal data, it is ensured that process safety, obtain in distance fourth communication module 204 when determining
Get before the visiting frequency management and control list moment in the first prefixed time interval, visiting frequency management and control list comprises identity card sequence
Number be stored in record in the case of, the second judge module 207 can determine whether distance fourth communication module 204 obtain visiting
Ask before the frequency management and control list moment in the second prefixed time interval, whether visiting frequency management and control list comprises card reader serial number
Be stored in record and judge apart from fourth communication module 204 get the visiting frequency management and control list moment before the 4th preset time
Between interval in, comprise card reader serial number in visiting frequency management and control list is stored in record number of times, in one section of Preset Time, as
Really identity card cloud certification device repeatedly receives and initiates based on a certain card reader serial number being specifically present in frequency management and control list
Process request time, it is believed that this card reader Serial No. illegal sequence number, add blacklist;Specifically, if second judges mould
Block 207 judges in receiving the second prefixed time interval before the request of process, the card reader sequence obtained according to the request of process
Number once it was written in frequency management and control list, then determine whether receiving the 4th prefixed time interval before the request of process
In, whether the number of times that the card reader serial number obtained according to the request of process was once written in frequency management and control list reaches second is preset
Value, wherein the 4th prefixed time interval and the second preset value are preset value, can set according to application scenarios, such as: the 4th is pre-
If time interval is 5 minutes, the second preset value is 100 times, then if the second judge module 207 judge receive based on
In the process that specific card reader serial number is initiated is asked first 5 minutes, have been received by the process based on this card reader serial number is initiated and ask
The number of times asked is less than 100 times, then return the second information prompting user and try and processing module 209 termination flow process the most again;
If having been received by the number of times processing request based on this card reader serial number is initiated to be more than or equal to 100 times, then by this card reader
Serial number write blacklist, returns error message prompting this card reader of user and has been added into blacklist, and processing module 209 terminates
Handling process;
Alternatively, the 3rd judge module 208 is additionally operable to when identity card serial number meets exception rules, then by identity card serial number
It is stored in visiting frequency management and control list, returns the first information processing module 209 termination flow process;At card reader serial number
When meeting exception rules, then card reader serial number is stored in visiting frequency management and control list, returns the second information processing module
209 termination flow processs;
Alternatively, authentication ids information process request also includes: timestamp secret value and card reader counting secret value;Second leads to
Letter module 202 is additionally operable to obtain decryption time stamp secret value and the timestamp of card reader counting secret value acquisition and card reader counting
Value, wherein, timestamp is demonstrate,proved information process request by the card reader identity-based identification generating authentication ids information process request
Produce moment generation;Card reader count value is processed request number of times by card reader based on the history that card reader is initiated and generates;
3rd judge module 208 is additionally operable to based on timestamp and the moment receiving authentication ids information process request, generates the
One time interval, it is judged that whether very first time interval is more than the 5th prefixed time interval and less than the 6th prefixed time interval, if the
One time interval more than the 5th prefixed time interval and less than the 6th prefixed time interval, then judges that identity card serial number is legal, no
Then, it is judged that identity card serial number meets exception rules;
3rd judge module 208 is additionally operable to based on timestamp and card reader count value, it is judged that distance fourth communication module 204 obtains
Before the visiting frequency management and control list moment in the 7th prefixed time interval, the body comprising identity card serial number encryption value received
Whether the request number of times of part identification card information process request is less than the 3rd preset value, if receive comprises identity card serial number encryption
The request number of times of the authentication ids information process request of value less than the 3rd preset value, then judges that identity card serial number is legal, otherwise,
Judge that identity card serial number meets exception rules;
3rd judge module 208 is additionally operable to based on timestamp and the moment receiving authentication ids information process request, generates the
One time interval, it is judged that whether very first time interval is more than the 8th prefixed time interval and less than the 9th prefixed time interval, if the
One time interval more than the 8th prefixed time interval and less than the 9th prefixed time interval, then judges that card reader serial number is legal, no
Then, it is judged that card reader serial number meets exception rules;
3rd judge module 208 is additionally operable to based on timestamp and card reader count value, it is judged that obtain in distance fourth communication module 204
Get before the visiting frequency management and control list moment in the tenth prefixed time interval, the identity card comprising card reader serial number received
Authentication information processes whether the request number of times of request is less than the 4th preset value, if the identity card comprising card reader serial number received
Authentication information processes the request number of times of request and is less than the 4th preset value, then judge that card reader serial number is legal, otherwise, it is judged that Card Reader
Device serial number meets exception rules;
3rd judge module 208 is additionally operable to based on card reader count value, it is judged that the authentication ids information processing continuously received please
In asking, whether the card reader count value with card reader sequence numbers match meets preset rules, if card reader count value meets preset rules,
Then judge that card reader serial number is legal, otherwise, it is judged that card reader serial number meets exception rules.
Alternatively, also comprising authentication module 210, wherein, second communication module 202 is additionally operable to the authentication ids that will receive
Information process request sends to authentication module 210;Authentication module 210, for extracting the body in authentication ids information process request
Part card serial number encryption value, timestamp secret value and/or card reader counting secret value, to identity card serial number encryption value, timestamp
Secret value and/or card reader counting secret value are decrypted operation, it is thus achieved that identity card serial number, timestamp and/or card reader count value,
And identity card serial number, timestamp and/or card reader count value are sent to second communication module 202;
Authentication module 210 is decrypted operation independent of identity card cloud certification device to secret value, on the one hand can reduce identity card
The computing pressure of cloud certification device, on the other hand, it is possible to promote the safety of verification process.
Alternatively, also comprise memory module 211, wherein, memory module 211, be used for storing blacklist and frequency management and control list;
Third communication module 203, is additionally operable to when acquisition request blacklist, generates blacklist and obtains request, and sends to memory module
211;Fourth communication module 204, is additionally operable to when acquisition request frequency management and control list, generates frequency management and control list and obtains request,
And send to memory module 211;Memory module 211, is additionally operable to, when receiving blacklist and obtaining request, be sent extremely by blacklist
Third communication module 203;Memory module 211, is additionally operable to when receiving frequency management and control list and obtaining request, by frequency management and control name
Single-shot delivers to fourth communication module 204;Third communication module 203, is additionally operable to after blacklist is carried out write operation, generates more
Blacklist after Xin, and will update after blacklist send to memory module 211;Fourth communication module 204, is additionally operable to frequency
Degree is after management and control list carries out write operation, generates the frequency management and control list after updating, and the frequency management and control list after updating sends
To memory module 211;Memory module 211, is additionally operable to the blacklist after receiving and store renewal or frequency management and control list.
Blacklist and frequency management and control list can be stored in independent memory module 211, promote the safety of data, delay simultaneously
Solving the data processing pressure of identity card cloud certification device, the storage of blacklist and frequency management and control list can be by memory module 211
Ciphertext stores, it is to avoid by malicious access and distorting.
The device provided by the embodiment of the present invention, it is possible to realize the identity card generated based on abnormal identity card or abnormal card reader
Authentication information processes request and carries out effective abnormality processing, uses identity card serial number and/or card reader serial number to enter as key value
Line pipe control, it is to avoid because of other factors, the legitimate request caused such as the change of IP address or the change of type of card cannot obtain execution,
Pass through blacklist, it is possible to stop illegal identity card or the process request of illegal card reader initiation in the very first time, by the present invention's
Abnormality eliminating method is capable of the dynamic renewal of blacklist, enhances dynamic and the real-time of abnormality processing;By frequency pipe
Control list is capable of the abnormality processing occurring abnormal identity card or card reader the most in a short time, it is achieved to Short Term Anomalous body
Part card or the freezing in short-term of card reader, it is to avoid the security risk causing the process of illegal request, by the abnormality processing of the present invention
Method is capable of the dynamic renewal of frequency management and control list, enhances dynamic and the real-time of abnormality processing;Pass through exception rules
It is capable of the exception to current identity card or card reader to judge, even if this processes the identity card in request or card reader does not comprises
In blacklist or in the range of the management and control of frequency management and control list, can recognize that abnormal identity card or card reader equally, thus realize
To identity card and triple dynamic authentication of card reader, improve the safety that authentication ids information process request is processed with reliable
Property.
Any process described otherwise above or method describe and are construed as in flow chart or at this, represent include one or
The module of code, fragment or the part of the executable instruction of the more steps for realizing specific logical function or process, and
The scope of the preferred embodiment of the present invention includes other realization, wherein can not be by order that is shown or that discuss, including root
According to involved function by basic mode simultaneously or in the opposite order, performing function, this should be by embodiments of the invention institute
Belong to those skilled in the art to be understood.
Should be appreciated that each several part of the present invention can realize by hardware, software, firmware or combinations thereof.In above-mentioned enforcement
In mode, multiple steps or method can be with storing the software or firmware that in memory and be performed by suitable instruction execution system
Realize.Such as, if realized with hardware, with the most the same, available following technology well known in the art
In any one or their combination realize: have and patrol for the discrete of logic gates that data signal is realized logic function
Collect circuit, there is the special IC of suitable combination logic gate circuit, programmable gate array (PGA), field programmable gate
Array (FPGA) etc..
Those skilled in the art are appreciated that it is permissible for realizing all or part of step that above-described embodiment method carries
Instructing relevant hardware by program to complete, described program can be stored in a kind of computer-readable recording medium, this journey
Sequence upon execution, including one or a combination set of the step of embodiment of the method.
Additionally, each functional unit in each embodiment of the present invention can be integrated in a processing module, it is also possible to be each
Unit is individually physically present, it is also possible to two or more unit are integrated in a module.Above-mentioned integrated module is the most permissible
The form using hardware realizes, it would however also be possible to employ the form of software function module realizes.If described integrated module is with software merit
Can the form of module realize and as independent production marketing or when using, it is also possible to be stored in the storage of embodied on computer readable and be situated between
In matter.
Storage medium mentioned above can be read only memory, disk or CD etc..
In the description of this specification, reference term " embodiment ", " some embodiments ", " example ", " concrete example ",
Or specific features, structure, material or the feature that the description of " some examples " etc. means to combine this embodiment or example describes comprises
In at least one embodiment or example of the present invention.In this manual, the schematic representation to above-mentioned term not necessarily refers to
It is identical embodiment or example.And, the specific features of description, structure, material or feature can at any one or
Multiple embodiments or example combine in an appropriate manner.
Although above it has been shown and described that embodiments of the invention, it is to be understood that above-described embodiment is exemplary,
Being not considered as limiting the invention, those of ordinary skill in the art is in the case of without departing from the principle of the present invention and objective
Above-described embodiment can be changed within the scope of the invention, revise, replace and modification.The scope of the present invention is by appended power
Profit requires and equivalent limits.
Claims (10)
1. the processing method of an authentication ids information process request, it is characterised in that comprise the following steps:
S1: receive authentication ids information process request, described authentication ids information includes: identity card serial number encryption value and
Card reader serial number, wherein, the serial number of described card reader Serial No. ID card information reading terminals;
S2: obtain and decipher the identity card serial number that described identity card serial number encryption is worth to;
S3: obtain blacklist, it is judged that whether described identity card serial number or described card reader serial number are included in described blacklist,
If described identity card serial number and described card reader serial number are all not included in described blacklist, then perform step S5;
S5: obtain visiting frequency management and control list, and perform step S601 or step S602;
S601: judge before distance gets the described visiting frequency management and control list moment in the first prefixed time interval, described visit
Ask that whether comprise described identity card serial number in frequency management and control list is stored in record, if comprising being stored in of described identity card serial number
Record, then perform step S6001;If do not comprise described identity card serial number is stored in record, then judge to get institute in distance
State before the visiting frequency management and control list moment in the second prefixed time interval, whether described visiting frequency management and control list comprises described
Card reader serial number be stored in record, if comprise described card reader serial number is stored in record, then perform step S6002;If sentencing
Break before distance gets the described visiting frequency management and control list moment in the first prefixed time interval, described visiting frequency management and control name
List does not comprise the record that is stored in of described identity card serial number, and before distance gets the described visiting frequency management and control list moment
In second prefixed time interval, do not comprise described card reader serial number in described visiting frequency management and control list is stored in record, then hold
Row step S7
S602: judge before distance gets the described visiting frequency management and control list moment in described second prefixed time interval, institute
State whether visiting frequency management and control list comprise described card reader serial number be stored in record, if comprising described card reader serial number
It is stored in record, then performs described step S6002;If do not comprise described card reader serial number is stored in record, then judge in distance
Get before the described visiting frequency management and control list moment in described first prefixed time interval, in described visiting frequency management and control list
Whether comprise described identity card serial number is stored in record, if comprise described identity card serial number is stored in record, then performs described
Step S6001, and termination flow process;If judging before distance gets the described visiting frequency management and control list moment, first is pre-
If in time interval, do not comprise described identity card serial number in described visiting frequency management and control list is stored in record, and obtains in distance
Get before the described visiting frequency management and control list moment in the second prefixed time interval, described visiting frequency management and control list does not comprises
Described card reader serial number be stored in record, then perform step S7
S6001: obtain before distance gets the described visiting frequency management and control list moment in the 3rd prefixed time interval, described visit
That asks identity card serial number described in frequency management and control list is stored in record occurrence number, if described identity card serial number be stored in record
Occurrence number is more than or equal to the first preset value, then described identity card serial number is stored in described blacklist;
S6002: obtain before distance gets the described visiting frequency management and control list moment in the 4th prefixed time interval, described visit
That asks card reader serial number described in frequency management and control list is stored in record occurrence number, if described card reader serial number be stored in record
Occurrence number is more than or equal to the second preset value, then described card reader serial number is stored in described blacklist;
S7, obtains exception rules, and performs step S801 or step S802;
S801: judge whether described identity card serial number meets exception rules, if described identity card serial number meets exception rules,
Then described identity card serial number is stored in described visiting frequency management and control list termination flow process;If described identity card serial number and
Described card reader serial number does not all meet exception rules, then perform step S9;
S802: judge whether described card reader serial number meets exception rules, if described card reader serial number meets exception rules,
Then described card reader serial number is stored in described visiting frequency management and control list termination flow process;If described identity card serial number and
Described card reader serial number does not all meet exception rules, then perform step S9;
S9: described authentication ids information process request is processed.
Method the most according to claim 1, it is characterised in that in described step S3, it is judged that described identity card serial number
Or whether described card reader serial number is included in described blacklist, including step S401 or step S402;
S401: judge whether described identity card serial number is included in described blacklist,
If described identity card serial number is included in described blacklist, then judge whether described card reader serial number is included in described black
In list, if described card reader serial number is not included in described blacklist, then perform described step S4001, and termination
Flow process;
If described identity card serial number is not included in described blacklist, then judge whether described card reader serial number is included in described
In blacklist, if described card reader serial number is included in described blacklist, then perform described step S4002, and termination
Flow process;
If described identity card serial number and described card reader serial number are all not included in described blacklist, then perform step S5;
S402: judge whether described card reader serial number is included in described blacklist,
If described card reader serial number is included in described blacklist, then judge whether described identity card serial number is included in described black
In list, if described identity card serial number is not included in described blacklist, then perform described step S4002, and termination
Flow process;
If described card reader serial number is not included in described blacklist, then judge whether described identity card serial number is included in described
In blacklist, if described identity card serial number is included in described blacklist, then perform described step S4001, and termination
Flow process;
If described identity card serial number and described card reader serial number are all not included in described blacklist, then perform step S5;
S4001: obtain and access described frequency management and control list, it is judged that before distance gets the described visiting frequency management and control list moment
In described second prefixed time interval, whether comprise described card reader serial number in described visiting frequency management and control list is stored in record,
If before distance gets the described visiting frequency management and control list moment in the second prefixed time interval, described visiting frequency management and control name
Comprise described card reader serial number in list is stored in record, then obtain distance get the described visiting frequency management and control list moment it
In front described 4th prefixed time interval, described in described visiting frequency management and control list, being stored in of card reader serial number records out occurrence
Number, if the record occurrence number that is stored in of described card reader serial number is more than or equal to described second preset value, then by described card reader
Serial number is stored in blacklist;If judging described second Preset Time before distance gets the described visiting frequency management and control list moment
In interval, do not comprise described card reader serial number in described visiting frequency management and control list is stored in record, then obtain exception rules,
Judge whether described card reader serial number meets exception rules, if described card reader serial number meets exception rules, then by described reading
Card device serial number write-access frequency management and control list;
S4002: obtain visiting frequency management and control list, it is judged that described before distance gets the described visiting frequency management and control list moment
In first prefixed time interval, whether comprise described identity card serial number in described visiting frequency management and control list is stored in record, if
Before distance gets the described visiting frequency management and control list moment in described first prefixed time interval, described visiting frequency management and control
Comprise described identity card serial number in list is stored in record, then obtain and get the described visiting frequency management and control list moment in distance
In the most described 3rd prefixed time interval, the record that is stored in of identity card serial number described in described visiting frequency management and control list occurs
Number of times, if the record occurrence number that is stored in of described identity card serial number is more than or equal to described first preset value, then by described identity
Card serial number is stored in described blacklist;If judging before distance gets the described visiting frequency management and control list moment described first pre-
If in time interval, do not comprise described identity card serial number in described visiting frequency management and control list is stored in record, then obtain exception
Rule, it is judged that whether described identity card serial number meets exception rules, if described identity card serial number meets exception rules, then will
Described identity card serial number writes described visiting frequency management and control list;
Method the most according to claim 1 and 2, it is characterised in that
In described step S601, if described step is before distance gets the described visiting frequency management and control list moment first when presetting
Between interval in, comprise described identity card serial number in described visiting frequency management and control list is stored in record, then perform step S6001
Afterwards, further comprise the steps of:
Judge before distance gets the described visiting frequency management and control list moment in described first prefixed time interval, described access
Whether comprise described card reader serial number in frequency management and control list is stored in record, if getting described visiting frequency management and control in distance
Before the list moment in described first prefixed time interval, described visiting frequency management and control list comprises described card reader serial number
It is stored in record, then performs step S6002;
In described step S602, if described step is described first pre-before distance gets the described visiting frequency management and control list moment
If in time interval, comprise described card reader serial number in described visiting frequency management and control list is stored in record, then perform step
After S6002, further comprise the steps of:
Judge before distance gets the described visiting frequency management and control list moment in described first prefixed time interval, described access
Whether comprise described identity card serial number in frequency management and control list is stored in record, if getting described visiting frequency management and control in distance
Before the list moment in described first prefixed time interval, described visiting frequency management and control list comprises described identity card serial number
It is stored in record, then performs step S6001.
4. according to the method described in any one of claims 1 to 3, it is characterised in that
In described step S801, it is judged that whether described identity card serial number meets exception rules, if described identity card serial number meets
Exception rules, then, after described identity card serial number being stored in described visiting frequency management and control list, further comprise the steps of:
Judge whether described card reader serial number meets exception rules, if described card reader serial number meets exception rules, then by institute
State card reader serial number and be stored in described visiting frequency management and control list;
In described step S802, it is judged that whether described card reader serial number meets exception rules, if described card reader serial number meets
Exception rules, then, after described card reader serial number being stored in described visiting frequency management and control list, further comprise the steps of:
Judge whether described identity card serial number meets exception rules, if described identity card serial number meets exception rules, then by institute
State identity card serial number and be stored in described visiting frequency management and control list.
5. according to the method described in any one of Claims 1-4, it is characterised in that described authentication ids information also includes:
Timestamp secret value and card reader counting secret value;Described step S2 also includes, obtains and deciphers described timestamp secret value and described
The timestamp of card reader counting secret value acquisition and card reader count value, wherein, described timestamp is by generating described authentication ids
The card reader of the information process request generation moment based on described authentication ids information process request generates;Described card reader counts
Value is processed request number of times by described card reader based on the history that described card reader is initiated and generates;
Judge whether described identity card serial number meets exception rules, including:
Based on described timestamp and the moment receiving described authentication ids information process request, generate very first time interval, sentence
Whether disconnected interval of the described very first time is more than the 5th prefixed time interval and less than the 6th prefixed time interval, if the described very first time
Interval more than described 5th prefixed time interval and less than described 6th prefixed time interval, then judges that described identity card serial number closes
Method, otherwise, it is judged that described identity card serial number meets exception rules;Or,
Based on described timestamp and described card reader count value, it is judged that before distance gets the described visiting frequency management and control list moment
In 7th prefixed time interval, the authentication ids information process request comprising described identity card serial number encryption value received
Whether request number of times is less than the 3rd preset value, if the authentication ids information comprising described identity card serial number encryption value received
The request number of times processing request is less than described 3rd preset value, then judge that described identity card serial number is legal, otherwise, it is judged that described
Identity card serial number meets exception rules;
Judge whether described card reader serial number meets exception rules, including:
Based on described timestamp and the moment receiving described authentication ids information process request, generate interval of the described very first time,
Judge whether interval of the described very first time is more than described 8th prefixed time interval and less than described 9th prefixed time interval, if institute
State very first time interval and more than described 8th prefixed time interval and be less than described 9th prefixed time interval, then judge described Card Reader
Device serial number is legal, otherwise, it is judged that described card reader serial number meets exception rules;Or,
Based on described timestamp and described card reader count value, it is judged that distance get the described visiting frequency management and control list moment it
In front tenth prefixed time interval, the request of the authentication ids information process request comprising described card reader serial number received
Whether number of times is less than the 4th preset value, if the authentication ids information process request comprising described card reader serial number received
Request number of times is less than described 4th preset value, then judge that described card reader serial number is legal, otherwise, it is judged that described card reader sequence
Number meet exception rules;Or,
Based on described card reader count value, it is judged that with described Card Reader in the described authentication ids information process request continuously received
Whether the described card reader count value of device sequence numbers match meets preset rules, if described card reader count value meets preset rules,
Then judge that described card reader serial number is legal, otherwise, it is judged that described card reader serial number meets exception rules.
6. an identity card cloud certification device, it is characterised in that including:
First communication module, is used for receiving authentication ids information process request, and wherein, described authentication ids information processing please
Ask and include: identity card serial number encryption value and card reader serial number;
Second communication module, deciphers, for obtaining, the identity card serial number that described identity card serial number encryption is worth to;
Third communication module, is used for obtaining blacklist, it is judged that whether described identity card serial number or described card reader serial number comprise
In described blacklist;
First judge module, is used for judging whether described identity card serial number or described card reader serial number are included in described blacklist
In, if described identity card serial number or described card reader serial number are included in described blacklist, then termination flow process;
Fourth communication module, is used for obtaining visiting frequency management and control list;
Second judge module, for judging before getting the described visiting frequency management and control list moment apart from described dispatch server
In first prefixed time interval, whether comprise described identity card serial number in described visiting frequency management and control list is stored in record, if
Comprise described identity card serial number is stored in record, then termination flow process;If do not comprise described identity card serial number is stored in note
Record, the most described second judge module, it is additionally operable to judge getting described visiting frequency management and control list apart from described dispatch server
Before moment in the second prefixed time interval, whether described visiting frequency management and control list comprises being stored in of described card reader serial number
Record, if comprise described card reader serial number is stored in record, then termination flow process;Or,
Described second judge module, is additionally operable to judge when getting described visiting frequency management and control list apart from described dispatch server
Before quarter in described second prefixed time interval, whether described visiting frequency management and control list comprises depositing of described card reader serial number
Enter record, if comprise described card reader serial number is stored in record, then termination flow process;If not comprising described card reader sequence
Number be stored in record, the most described second judge module, be additionally operable to judge described access frequency getting apart from described dispatch server
Before the degree management and control list moment in described first prefixed time interval, whether described visiting frequency management and control list comprises described identity
Card serial number be stored in record, if comprise described identity card serial number is stored in record, then termination flow process;
Described second judge module, is additionally operable to obtain when getting described visiting frequency management and control list apart from described dispatch server
Before quarter in the 3rd prefixed time interval, described in described visiting frequency management and control list, being stored in of identity card serial number records out occurrence
Number, if the record occurrence number that is stored in of described identity card serial number is more than or equal to the first preset value, then by described identity card sequence
Number it is stored in described blacklist;
Described second judge module, is additionally operable to obtain when getting described visiting frequency management and control list apart from described dispatch server
Before quarter in the 4th prefixed time interval, described in described visiting frequency management and control list, being stored in of card reader serial number records out occurrence
Number, if the record occurrence number that is stored in of described card reader serial number is more than or equal to the second preset value, then by described card reader sequence
Number it is stored in described blacklist;Or,
Described fifth communication module, is used for obtaining exception rules,
Described 3rd judge module, is used for judging whether described identity card serial number meets exception rules, if described identity card sequence
Number meet exception rules, then described identity card serial number is stored in described visiting frequency management and control list termination flow process;Or,
Described 3rd judge module, is used for judging whether described card reader serial number meets exception rules, if described card reader sequence
Number meet exception rules, then described card reader serial number is stored in described visiting frequency management and control list termination flow process;
Described processing module, for processing described authentication ids information process request.
Device the most according to claim 6, it is characterised in that
Described first judge module, is additionally operable to judge whether described identity card serial number is included in described blacklist,
If described identity card serial number is included in described blacklist, the most described first judge module, it is additionally operable to judge described Card Reader
Whether device serial number is included in described blacklist, if described card reader serial number is not included in described blacklist, then and termination
Reason flow process;
If described identity card serial number is not included in described blacklist, the most described first judge module, it is additionally operable to judge described reading
Whether card device serial number is included in described blacklist, if described card reader serial number is included in described blacklist, then and termination
Reason flow process;
Described first judge module, is additionally operable to judge whether described card reader serial number is included in described blacklist,
If described card reader serial number is included in described blacklist, the most described first judge module, it is additionally operable to judge described identity
Whether card serial number is included in described blacklist, if described identity card serial number is not included in described blacklist, then and termination
Reason flow process;
If described card reader serial number is not included in described blacklist, the most described first judge module, it is additionally operable to judge described body
Whether part card serial number is included in described blacklist, if described identity card serial number is included in described blacklist, then and termination
Reason flow process;
Described fourth communication module, is additionally operable to obtain the described frequency management and control list of access, described second judge module, is additionally operable to sentence
Break before getting the described visiting frequency management and control list moment apart from described dispatch server in described second prefixed time interval,
Whether comprise described card reader serial number in described visiting frequency management and control list is stored in record, if apart from described dispatch server
Get before the described visiting frequency management and control list moment in the second prefixed time interval, described visiting frequency management and control list comprises
Described card reader serial number be stored in record, the most described second judge module, be additionally operable to obtain obtaining apart from described dispatch server
Get before the described visiting frequency management and control list moment in described 4th prefixed time interval, institute in described visiting frequency management and control list
That states card reader serial number is stored in record occurrence number, if the record occurrence number that is stored in of described card reader serial number is more than or equal to
Described second preset value, then be stored in blacklist by described card reader serial number;If described second judge module judges apart from described
Dispatch server gets before the described visiting frequency management and control list moment in described second prefixed time interval, described visiting frequency
Do not comprise described card reader serial number in management and control list is stored in record, the most described fifth communication module, is additionally operable to obtain abnormal rule
Then, described 3rd judge module, it is additionally operable to judge whether described card reader serial number meets exception rules, if described card reader sequence
Row number meet exception rules, then by described card reader serial number write-access frequency management and control list;
Described fourth communication module, is additionally operable to obtain visiting frequency management and control list, described second judge module, is additionally operable to judge
Before described dispatch server gets the described visiting frequency management and control list moment in described first prefixed time interval, described
Whether comprise described identity card serial number in visiting frequency management and control list is stored in record, if obtaining apart from described dispatch server
Before the described visiting frequency management and control list moment in described first prefixed time interval, described visiting frequency management and control list comprises
Described identity card serial number be stored in record, the most described dispatch server, be additionally operable to obtain obtaining apart from described dispatch server
Before the described visiting frequency management and control list moment in described 3rd prefixed time interval, described in described visiting frequency management and control list
Identity card serial number be stored in record occurrence number, if described identity card serial number be stored in record occurrence number more than or equal to institute
State the first preset value, then described identity card serial number is stored in described blacklist;If described second judge module judges in distance institute
State dispatch server and get before the described visiting frequency management and control list moment in described first prefixed time interval, described access frequency
Do not comprise described identity card serial number in degree management and control list is stored in record, the most described fifth communication module, is additionally operable to obtain extremely
Rule, described 3rd judge module judges whether described identity card serial number meets exception rules, if described identity card serial number symbol
Close exception rules, then described identity card serial number is write described visiting frequency management and control list.
8. according to the system described in claim 6 or 7, it is characterised in that described authentication ids information process request also includes:
Timestamp secret value and card reader counting secret value;Described first communication module, is additionally operable to obtain and deciphers described timestamp secret value
The timestamp obtained with described card reader counting secret value and card reader count value, wherein, described timestamp is by generating described identity
The card reader generation moment based on described authentication ids information process request of identification card information process request generates;Described Card Reader
Device count value is processed request number of times by described card reader based on the history that described card reader is initiated and generates;
Described 3rd judge module, be additionally operable to based on described timestamp and receive described authentication ids information process request time
Carve, generate very first time interval, it is judged that whether interval of the described very first time is more than the 5th prefixed time interval and presets less than the 6th
Time interval, if interval of the described very first time is more than described 5th prefixed time interval and less than described 6th prefixed time interval,
Then judge that described identity card serial number is legal, otherwise, it is judged that described identity card serial number meets exception rules;
Described 3rd judge module, is additionally operable to based on described timestamp and described card reader count value, it is judged that apart from described scheduling clothes
Business device gets before the described visiting frequency management and control list moment in the 7th prefixed time interval, and described dispatch server receives
Whether the request number of times of the authentication ids information process request comprising described identity card serial number encryption value is less than the 3rd preset value,
If what described dispatch server received comprises the request of the authentication ids information process request of described identity card serial number encryption value
Number of times is less than described 3rd preset value, then judge that described identity card serial number is legal, otherwise, it is judged that described identity card serial number accords with
Close exception rules;
Described 3rd judge module, be additionally operable to based on described timestamp and receive described authentication ids information process request time
Carve, generate interval of the described very first time, it is judged that whether interval of the described very first time is more than described 8th prefixed time interval and is less than
Described 9th prefixed time interval, if interval of the described very first time is more than described 8th prefixed time interval and 9th pre-less than described
If time interval, then judge that described card reader serial number is legal, otherwise, it is judged that described card reader serial number meets exception rules;
Described 3rd judge module, is additionally operable to based on described timestamp and described card reader count value, it is judged that apart from described scheduling
Server gets before the described visiting frequency management and control list moment in the tenth prefixed time interval, and described dispatch server receives
The request number of times of the authentication ids information process request comprising described card reader serial number whether less than the 4th preset value, if institute
State the request number of times of the authentication ids information process request comprising described card reader serial number that dispatch server receives less than institute
State the 4th preset value, then judge that described card reader serial number is legal, otherwise, it is judged that described card reader serial number meets exception rules;
Described 3rd judge module, is additionally operable to based on described card reader count value, it is judged that the described authentication ids continuously received
In information process request, whether the described card reader count value with described card reader sequence numbers match meets preset rules, if described reading
Card device count value meets preset rules, then judge that described card reader serial number is legal, otherwise, it is judged that described card reader serial number accords with
Close exception rules.
9. according to the device described in any one of claim 6 to 8, it is characterised in that also comprise authentication module,
Wherein, described first communication module, it is additionally operable to send to described the described authentication ids information process request received
Authentication module;
Described authentication module, for extract described identity card serial number encryption value in described authentication ids information process request,
Described timestamp secret value and/or described card reader counting secret value, add described identity card serial number encryption value, described timestamp
Close value and/or described card reader counting secret value are decrypted operation, it is thus achieved that described identity card serial number, described timestamp and/or institute
State card reader count value, and described identity card serial number, described timestamp and/or described card reader count value are sent to the most described the
One communication module.
10. according to the system described in any one of claim 6 to 9, it is characterised in that also comprise memory module,
Wherein, described memory module, it is used for storing described blacklist and described frequency management and control list;
Described third communication module, is additionally operable to when blacklist described in acquisition request, generates blacklist and obtains request, and sends extremely
Described memory module;
Described fourth communication module, is additionally operable to when frequency management and control list described in acquisition request, and generating the acquisition of frequency management and control list please
Ask, and send to described memory module;
Described memory module, is additionally operable to, when receiving described blacklist and obtaining request, send described blacklist to the described 3rd
Communication module;
Described memory module, is additionally operable to when receiving described frequency management and control list and obtaining request, by described frequency management and control name single-shot
Deliver to described fourth communication module;
Described third communication module, is additionally operable to after described blacklist is carried out write operation, generates the described blacklist after updating,
And the described blacklist after updating sends to described memory module;
Described fourth communication module, is additionally operable to after described frequency management and control list is carried out write operation, generate update after described
Frequency management and control list, and the described frequency management and control list after updating sends to described memory module;
Described memory module, is additionally operable to the described blacklist after receiving and store renewal or described frequency management and control list.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610041125.8A CN106027469B (en) | 2016-01-21 | 2016-01-21 | The processing method and identity card cloud authentication device of authentication ids information process request |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610041125.8A CN106027469B (en) | 2016-01-21 | 2016-01-21 | The processing method and identity card cloud authentication device of authentication ids information process request |
Publications (2)
Publication Number | Publication Date |
---|---|
CN106027469A true CN106027469A (en) | 2016-10-12 |
CN106027469B CN106027469B (en) | 2019-05-21 |
Family
ID=57082694
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201610041125.8A Active CN106027469B (en) | 2016-01-21 | 2016-01-21 | The processing method and identity card cloud authentication device of authentication ids information process request |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106027469B (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108234383A (en) * | 2016-12-09 | 2018-06-29 | 中国电信股份有限公司 | Information access method and secure access service device |
Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1429373A (en) * | 2000-03-08 | 2003-07-09 | 高利科技有限公司 | Method and apparatus for readucing on-line fraud using personal digital identification |
CN2722330Y (en) * | 2004-06-24 | 2005-08-31 | 公安部第一研究所证件技术事业部 | Personal identity certificating terminal |
CN202632315U (en) * | 2012-03-31 | 2012-12-26 | 成都因纳伟盛科技股份有限公司 | Fingerprint verification module for second-generation identification card reader |
US20130061055A1 (en) * | 2007-11-08 | 2013-03-07 | SurlDx, Inc. | Apparatus and Methods for Providing Scalable, Dynamic, Individualized Credential Services Using Mobile Telephones |
CN103237235A (en) * | 2013-03-18 | 2013-08-07 | 中国科学院信息工程研究所 | Method and system for realizing identity authentication on Cloud TV terminals |
CN104333560A (en) * | 2014-11-20 | 2015-02-04 | 五八同城信息技术有限公司 | Account number management method and management device |
CN104980449A (en) * | 2015-08-03 | 2015-10-14 | 携程计算机技术(上海)有限公司 | Network request security certification method and system |
-
2016
- 2016-01-21 CN CN201610041125.8A patent/CN106027469B/en active Active
Patent Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1429373A (en) * | 2000-03-08 | 2003-07-09 | 高利科技有限公司 | Method and apparatus for readucing on-line fraud using personal digital identification |
CN2722330Y (en) * | 2004-06-24 | 2005-08-31 | 公安部第一研究所证件技术事业部 | Personal identity certificating terminal |
US20130061055A1 (en) * | 2007-11-08 | 2013-03-07 | SurlDx, Inc. | Apparatus and Methods for Providing Scalable, Dynamic, Individualized Credential Services Using Mobile Telephones |
CN202632315U (en) * | 2012-03-31 | 2012-12-26 | 成都因纳伟盛科技股份有限公司 | Fingerprint verification module for second-generation identification card reader |
CN103237235A (en) * | 2013-03-18 | 2013-08-07 | 中国科学院信息工程研究所 | Method and system for realizing identity authentication on Cloud TV terminals |
CN104333560A (en) * | 2014-11-20 | 2015-02-04 | 五八同城信息技术有限公司 | Account number management method and management device |
CN104980449A (en) * | 2015-08-03 | 2015-10-14 | 携程计算机技术(上海)有限公司 | Network request security certification method and system |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108234383A (en) * | 2016-12-09 | 2018-06-29 | 中国电信股份有限公司 | Information access method and secure access service device |
CN108234383B (en) * | 2016-12-09 | 2021-01-08 | 中国电信股份有限公司 | Information access method and security access server |
Also Published As
Publication number | Publication date |
---|---|
CN106027469B (en) | 2019-05-21 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US10733291B1 (en) | Bi-directional communication protocol based device security | |
CN109327314A (en) | Access method, device, electronic equipment and the system of business datum | |
EP3941014B1 (en) | Digital key-based identity authentication method, terminal apparatus, and medium | |
CN109509518A (en) | Management method, server and the computer storage medium of electronic health record | |
CN105488367B (en) | A kind of guard method, backstage and the system of SAM device | |
CN113014539B (en) | Internet of things equipment safety protection system and method | |
CN104641375A (en) | Communication secured between a medical device and its remote device | |
CN103366278B (en) | Process the method and system of operation requests | |
CN112673600A (en) | Multi-security authentication system and method between mobile phone terminal and IoT (Internet of things) equipment based on block chain | |
CN105991650A (en) | Secret key acquisition method and identity card information transmission method and system | |
CN109379360A (en) | Auditing method, electronic device and computer readable storage medium | |
CN107392001A (en) | A kind of authorization method, system and card | |
CN106209905A (en) | A kind of network safety managing method and device | |
CN106548059A (en) | The method of teacher, head of a family's mobile terminal and head of a family's authentication | |
CN108200450B (en) | A kind of determination method, apparatus, electronic equipment and medium for paying close attention to legitimacy | |
CN105391555B (en) | A kind of method, backstage and system accessing SAM device | |
CN108063748A (en) | A kind of user authen method, apparatus and system | |
CN112423302B (en) | Wireless network access method, terminal and wireless access equipment | |
CN106027253A (en) | Access frequency management and control device for identity card authentication information | |
CN109246148A (en) | Message processing method, device, system, equipment and computer readable storage medium | |
CN106027465A (en) | Method for processing identity card authentication information processing request | |
CN106027469A (en) | Identity card authentication information processing request processing method and identity card cloud authentication device | |
CN117151736A (en) | Anti-electricity fraud management early warning method and system | |
CN106027479A (en) | Dynamic processing method and system for identity card authentication information processing request | |
CN106034135A (en) | Identity card cloud authentication device |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
TR01 | Transfer of patent right | ||
TR01 | Transfer of patent right |
Effective date of registration: 20220415 Address after: Tiantianrong building, No. 1, Zhongguancun, Beiqing Road, Haidian District, Beijing 100094 Patentee after: TENDYRON Corp. Address before: 100086 room 603, building 12, taiyueyuan, Haidian District, Beijing Patentee before: Li Ming |