CN106027469B - The processing method and identity card cloud authentication device of authentication ids information process request - Google Patents
The processing method and identity card cloud authentication device of authentication ids information process request Download PDFInfo
- Publication number
- CN106027469B CN106027469B CN201610041125.8A CN201610041125A CN106027469B CN 106027469 B CN106027469 B CN 106027469B CN 201610041125 A CN201610041125 A CN 201610041125A CN 106027469 B CN106027469 B CN 106027469B
- Authority
- CN
- China
- Prior art keywords
- sequence number
- card reader
- identity card
- time interval
- frequency control
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 278
- 230000008569 process Effects 0.000 title claims abstract description 257
- 238000003672 processing method Methods 0.000 title claims abstract description 7
- 238000012545 processing Methods 0.000 claims abstract description 184
- 238000004891 communication Methods 0.000 claims description 105
- 230000010365 information processing Effects 0.000 claims description 6
- 230000002159 abnormal effect Effects 0.000 description 61
- 230000005856 abnormality Effects 0.000 description 20
- 238000003860 storage Methods 0.000 description 11
- 230000000977 initiatory effect Effects 0.000 description 9
- 230000006870 function Effects 0.000 description 6
- 230000008859 change Effects 0.000 description 5
- 230000008014 freezing Effects 0.000 description 4
- 238000007710 freezing Methods 0.000 description 4
- 230000002547 anomalous effect Effects 0.000 description 3
- 230000005540 biological transmission Effects 0.000 description 3
- 238000005516 engineering process Methods 0.000 description 3
- 238000000151 deposition Methods 0.000 description 2
- 238000009826 distribution Methods 0.000 description 2
- 230000003993 interaction Effects 0.000 description 2
- 239000000463 material Substances 0.000 description 2
- 230000004075 alteration Effects 0.000 description 1
- 238000013475 authorization Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 235000013399 edible fruits Nutrition 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 238000009434 installation Methods 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/101—Access control lists [ACL]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
The present invention provides the processing method and device of a kind of authentication ids information process request, it receives authentication ids information process request and obtains blacklist, if identity card sequence number and card reader sequence number be not in blacklist, then obtain visiting frequency control list, whether the number for judging that identity card sequence number and/or card reader sequence number occur in visiting frequency control list in the prefixed time interval before getting visiting frequency control list is greater than preset value, blacklist is then deposited into if more than preset value, if the number occurred is 0, then obtain exception rules, judge whether identity card sequence number and/or card reader sequence number meet exception rules, visiting frequency control list is deposited into if meeting.To realize triple dynamic authentications to identity card and card reader, the safety and reliability to the processing of authentication ids information process request is improved.
Description
Technical field
The present invention relates to a kind of electronic technology field more particularly to a kind of processing sides of authentication ids information process request
Method and identity card cloud authentication device.
Background technique
With China's rapid development of economy, people's lives have very big improvement, no matter obtain employment, engage in trade, travel, enter a higher school
Etc., it requires to carry out authentication, and money, property, application welfare, medical treatment etc. are handled, it also needs progress identity and recognizes
Card.Current No.2 residence card is designed using built-in intelligence chip, has the ability to realize identity Internet-based completely
Certification, however released so far from 2004, application value is also mined far away, and in recent years, ticket sale system has started on a large scale
Internet authentication and identification using identity-based card.
The Internet authentication technology of identity-based card is since in actual use, there are the feelings such as identity card loss, stolen
Condition, there are harm and risk that the malice of my non-authorization of identity card uses;The transmission of network data also faces communication simultaneously
A series of risk of typical network attacks such as monitoring, data tampering and data playback.Therefore, how to prevent on exit passageway
It the attack of modes such as eavesdrops, distort or resets, screen the attacker of malice in real time, protection authentication module (SAM) becomes safely
Need first technical problems to be solved.
Summary of the invention
One of present invention seek to address that the above problem/.
The main purpose of the present invention is to provide a kind of processing methods of authentication ids information process request, on reaching
State purpose, technical solution of the present invention specifically includes the following steps:
S1: receive authentication ids information process request, authentication ids information include: identity card serial number encryption value and
Card reader sequence number, wherein the sequence number of card reader Serial No. ID card information reading terminals;S2: decryption identity card is obtained
The identity card sequence number that serial number encryption value obtains;S3: blacklist is obtained;S4: judge identity card sequence number or card reader sequence
Number whether it is included in blacklist, if identity card sequence number or card reader sequence number are included in blacklist, termination stream
Journey thens follow the steps S5 if identity card sequence number and card reader sequence number are not included in blacklist;S5: access frequency is obtained
Degree control list;S6: judge access before distance gets the visiting frequency control list moment in the first prefixed time interval
Frequency manages in list whether the deposit comprising identity card sequence number records, or when distance gets visiting frequency control list
Before quarter in the second prefixed time interval, visiting frequency manages in list whether the deposit comprising card reader sequence number records, if
Judge that visiting frequency is managed in list before distance gets the visiting frequency control list moment in the first prefixed time interval
Deposit record comprising identity card sequence number, or the second preset time before distance gets the visiting frequency control list moment
In interval, visiting frequency is managed the deposit in list comprising card reader sequence number and is recorded, then termination process, if judge away from
From getting before the visiting frequency control list moment in the first prefixed time interval, visiting frequency, which is managed, does not include body in list
The deposit record of part card sequence number, and the second prefixed time interval before distance gets the visiting frequency control list moment
Interior, visiting frequency manages the deposit record for not including card reader sequence number in list, thens follow the steps S7;S7 obtains abnormal rule
Then;S8: judging whether identity card sequence number or card reader sequence number meet exception rules, if identity card sequence number or card reader sequence
Row number meets exception rules, then termination process;If identity card sequence number and card reader sequence number do not meet exception rules,
Then follow the steps S9;S9: authentication ids information process request is handled.
Optionally, in step S4, judge whether identity card sequence number or card reader sequence number are included in blacklist, if body
Part card sequence number or card reader sequence number are included in blacklist, then termination process, including step S401 or step
S402:S401: judging whether identity card sequence number is included in blacklist, if identity card sequence number is included in blacklist,
Termination process;If identity card sequence number is not comprised in blacklist, it is black to judge whether card reader sequence number is included in
In list, if card reader sequence number is included in blacklist, termination process;S402: whether judge card reader sequence number
In blacklist, if card reader sequence number is included in blacklist, termination process;If card reader sequence number does not have
In blacklist, then judge whether identity card sequence number is included in blacklist, if identity card sequence number is included in black name
In list, then termination process.
Optionally, in step S6, judge the first preset time before distance gets the visiting frequency control list moment
In interval, visiting frequency manages in list whether the deposit comprising identity card sequence number records, or gets access frequency in distance
Before the degree control list moment in the second prefixed time interval, whether it includes card reader sequence number that visiting frequency is managed in list
Deposit record, if judging before distance gets the visiting frequency control list moment in the first prefixed time interval, access frequency
The deposit comprising identity card sequence number records in degree control list, or before distance gets the visiting frequency control list moment
In second prefixed time interval, visiting frequency is managed the deposit in list comprising card reader sequence number and is recorded, then termination stream
Journey, including step S601 or step S602, S601: judge first before distance gets the visiting frequency control list moment
In prefixed time interval, visiting frequency manages in list whether the deposit comprising identity card sequence number records, if obtaining in distance
Before managing the list moment to visiting frequency in the first prefixed time interval, it includes identity card sequence in list that visiting frequency, which is managed,
Number deposit record, then termination process;If distance get visiting frequency control the list moment before first it is default when
Between interval in, visiting frequency manage list in do not include identity card sequence number deposit record, then judge distance obtain visit
Ask whether it includes card reader sequence that visiting frequency is managed in list before the frequency control list moment in the second prefixed time interval
Number deposit record, if before distance gets the visiting frequency control list moment in the second prefixed time interval, access frequency
The deposit comprising card reader sequence number records in degree control list, then termination process;S602: judge to obtain visiting in distance
Ask whether it includes card reader sequence that visiting frequency is managed in list before the frequency control list moment in the second prefixed time interval
Number deposit record, if before distance gets the visiting frequency control list moment in the second prefixed time interval, access frequency
The deposit comprising card reader sequence number records in degree control list, then termination process;If getting visiting frequency in distance
Before the control list moment in the second prefixed time interval, visiting frequency manages the deposit for not including card reader sequence number in list
Record then judges before distance gets the visiting frequency control list moment in the first prefixed time interval, visiting frequency pipe
Control in list whether the deposit comprising identity card sequence number records, if before distance gets the visiting frequency control list moment
In first prefixed time interval, visiting frequency is managed the deposit in list comprising identity card sequence number and is recorded, then termination stream
Journey.
Optionally, in step S8, judge whether identity card sequence number or card reader sequence number meet exception rules, if identity
Card sequence number or card reader sequence number meet exception rules, then termination process, including step S801 or step S802;
S801: judging whether identity card sequence number meets exception rules, if identity card sequence number meets exception rules, termination stream
Journey;If identity card sequence number does not meet exception rules, judge whether card reader sequence number meets exception rules, if card reader sequence
Row number meets exception rules, then termination process;S802: judging whether card reader sequence number meets exception rules, if card reading
Device sequence number meets exception rules, then termination process;If card reader sequence number does not meet exception rules, identity card is judged
Whether sequence number meets exception rules, if identity card sequence number meets exception rules, termination process.
Optionally, in step S601 and/or step S602, if step gets the visiting frequency control list moment in distance
Before in the first prefixed time interval, visiting frequency is managed the deposit in list comprising identity card sequence number and is recorded, then termination
Process is managed, comprising steps of if accessing in the first prefixed time interval before distance gets the visiting frequency control list moment
Frequency is managed the deposit in list comprising identity card sequence number and is recorded, then obtains when distance gets visiting frequency control list
Before quarter in third prefixed time interval, the deposit that visiting frequency manages identity card sequence number in list records frequency of occurrence, if
The deposit record frequency of occurrence of identity card sequence number then returns to the first prompt information and termination stream less than the first preset value
Journey;If the deposit record frequency of occurrence of identity card sequence number is greater than or equal to the first preset value, identity card sequence number is stored in
Blacklist returns to error message and termination process;If step is before distance gets the visiting frequency control list moment
In second prefixed time interval, visiting frequency is managed the deposit in list comprising card reader sequence number and is recorded, then termination stream
Journey, comprising steps of if being got before visiting frequency manages the list moment in the second prefixed time interval in distance, visiting frequency
Manage list in comprising card reader sequence number deposit record, then obtain distance get visiting frequency control the list moment it
In preceding 4th prefixed time interval, the deposit that visiting frequency manages card reader sequence number in list records frequency of occurrence, if card reading
The deposit record frequency of occurrence of device sequence number then returns to the second prompt information and termination process less than the second preset value;If
The deposit record frequency of occurrence of card reader sequence number is greater than or equal to the second preset value, then card reader sequence number is stored in black name
It is single, return to error message and termination process.6, according to the method for claim 4 or 5, which is characterized in that in step S801
And/or in step S802, if step identity card sequence number meets exception rules, termination process, comprising steps of if identity
Card sequence number meets exception rules, then identity card sequence number deposit visiting frequency is managed list, return to the first prompt information simultaneously
Termination process;If step card reader sequence number meets exception rules, termination process, comprising steps of if card reader
Sequence number meets exception rules, then card reader sequence number deposit visiting frequency is managed list, and the second prompt information of return is simultaneously whole
Only process flow.
Optionally, in step S601, if first pre- before distance gets the visiting frequency control list moment in step
If in time interval, after visiting frequency manages the deposit record in list comprising identity card sequence number, further comprising the steps of: judgement
Before distance gets the visiting frequency control list moment in the second prefixed time interval, visiting frequency manage in list whether
Deposit record comprising card reader sequence number, if the second preset time before distance gets the visiting frequency control list moment
In interval, visiting frequency is managed the deposit in list comprising card reader sequence number and is recorded, then obtains and get access frequency in distance
Before the degree control list moment in the 4th prefixed time interval, visiting frequency manages the deposit record of card reader sequence number in list
Frequency of occurrence, if the deposit record frequency of occurrence of card reader sequence number is greater than or equal to the second preset value, by card reader sequence
Number deposit blacklist;In step 602, if step distance get visiting frequency control the list moment before second it is default when
Between interval in, visiting frequency manage list in comprising card reader sequence number deposit record after, further comprise the steps of: judge away from
From getting before the visiting frequency control list moment in the first prefixed time interval, in visiting frequency control list whether include
The deposit of identity card sequence number records, if the first prefixed time interval before distance gets the visiting frequency control list moment
Interior, visiting frequency is managed the deposit in list comprising identity card sequence number and is recorded, then obtains and get visiting frequency pipe in distance
Before the control list moment in third prefixed time interval, the deposit that visiting frequency manages identity card sequence number in list, which records, to be occurred
Number deposits identity card sequence number if the deposit record frequency of occurrence of identity card sequence number is greater than or equal to the first preset value
Enter blacklist.
Optionally, in step S801, if further comprising the steps of: and sentencing after step identity card sequence number meets exception rules
Whether disconnected card reader sequence number meets exception rules, if card reader sequence number meets exception rules, card reader sequence number is write
Enter visiting frequency control list;In step S802, if further including step after step card reader sequence number meets exception rules
It is rapid: to judge whether identity card sequence number meets exception rules, if identity card sequence number meets exception rules, by identity card sequence
Number write-access frequency manages list.
Optionally, authentication ids information further include: timestamp secret value and card reader count secret value;Step S2 is also wrapped
It includes, obtains decryption time stamp secret value and card reader counts the timestamp and card reader count value that secret value obtains, wherein the time
Stamp is raw by the generation moment of the card reader identity-based identification card information process request of generation authentication ids information process request
At;Card reader count value is generated by the history processing request number of times that card reader is initiated based on card reader;Judge identity card sequence number
Whether exception rules are met, comprising: at the time of based on timestamp and receiving authentication ids information process request, generate first
Time interval judges whether first time interval is greater than the 5th prefixed time interval and less than the 6th prefixed time interval, if
One time interval is greater than the 5th prefixed time interval and less than the 6th prefixed time interval, then judges that identity card sequence number is legal,
Otherwise, judge that identity card sequence number meets exception rules;Or, being based on timestamp and card reader count value, judge that distance is got
Visiting frequency manages the body comprising identity card serial number encryption value in the 7th prefixed time interval, received before the list moment
Whether the request number of times of part identification card information process request is less than third preset value, if what is received adds comprising identity card sequence number
The request number of times of the authentication ids information process request of close value is less than third preset value, then judges that identity card sequence number is legal,
Otherwise, judge that identity card sequence number meets exception rules;Judge whether card reader sequence number meets exception rules, comprising: be based on
Timestamp generates first time interval, judges first time interval at the time of receiving authentication ids information process request
Whether greater than the 8th prefixed time interval and less than the 9th prefixed time interval, if first time interval is greater than the 8th preset time
Interval and less than the 9th prefixed time interval, then judge that card reader sequence number is legal, otherwise, it is different to judge that card reader sequence number meets
It is conventional then;Or, being based on timestamp and card reader count value, judge to get the before visiting frequency manages the list moment in distance
In ten prefixed time intervals, the request number of times of the authentication ids information process request comprising card reader sequence number received is
It is no less than the 4th preset value, if the request number of times of the authentication ids information process request comprising card reader sequence number received
Less than the 4th preset value, then judge that card reader sequence number is legal, otherwise, judges that card reader sequence number meets exception rules;Or, base
In card reader count value, the reading in the authentication ids information process request continuously received with card reader sequence numbers match is judged
Whether card device count value meets preset rules, if card reader count value meets preset rules, judges that card reader sequence number is legal,
Otherwise, judge that card reader sequence number meets exception rules.
It is in order to achieve the above objectives, of the invention another object of the present invention is to provide a kind of identity card cloud authentication device
Technical solution is specifically achieved in that
First communication module, for receiving authentication ids information process request, authentication ids information includes: identity card
Serial number encryption value and card reader sequence number, wherein the sequence number of card reader Serial No. ID card information reading terminals;Second
Communication module, the identity card sequence number obtained for obtaining decryption identity card serial number encryption value;Third communication module, for obtaining
Take blacklist;First judgment module, for judging whether identity card sequence number or card reader sequence number are included in blacklist, if
Identity card sequence number or card reader sequence number are included in blacklist, then termination process;Fourth communication module, in body
When part card sequence number and card reader sequence number are not included in blacklist, obtain visiting frequency and manage list;Second judges mould
Block, for judging before distance gets the visiting frequency control list moment in the first prefixed time interval, visiting frequency
Manage list in whether comprising identity card sequence number deposit record, or distance get visiting frequency control the list moment it
In preceding second prefixed time interval, visiting frequency manages in list whether the deposit comprising card reader sequence number records;If judgement
Before distance gets the visiting frequency control list moment in the first prefixed time interval, include in visiting frequency control list
The deposit of identity card sequence number records, or the second prefixed time interval before distance gets the visiting frequency control list moment
Interior, visiting frequency is managed the deposit in list comprising card reader sequence number and is recorded, then termination process;Fifth communication module,
For judging visiting frequency control before distance gets the visiting frequency control list moment in the first prefixed time interval
Deposit in list not comprising identity card sequence number records, and second before distance gets the visiting frequency control list moment
In prefixed time interval, when visiting frequency manages the deposit record for not including card reader sequence number in list, exception rules are obtained;
Third judgment module, for judging whether identity card sequence number or card reader sequence number meet exception rules, if identity card sequence
Number or card reader sequence number meet exception rules, then termination process;Processing module, in identity card sequence number and card reading
When device sequence number does not meet exception rules, authentication ids information process request is handled.
Optionally, first judgment module is also used to judge identity card sequence number whether in packet blacklist, if identity card sequence
It number is included in blacklist, then termination process;If identity card sequence number is not comprised in blacklist, card reader is judged
Whether sequence number is included in blacklist, if card reader sequence number is included in blacklist, termination process;First judgement
Module, is also used to judge whether card reader sequence number is included in blacklist, if card reader sequence number is included in blacklist,
Termination process;If card reader sequence number is not comprised in blacklist, it is black to judge whether identity card sequence number is included in
In list, if identity card sequence number is included in blacklist, termination process.
Optionally, the second judgment module is also used to judge the before distance gets the visiting frequency control list moment
In one prefixed time interval, visiting frequency manages in list whether the deposit comprising identity card sequence number records, if obtaining in distance
It gets before the visiting frequency control list moment in the first prefixed time interval, it includes identity card sequence in list that visiting frequency, which is managed,
The deposit of row number records, then termination process;If first is default before distance gets the visiting frequency control list moment
In time interval, visiting frequency manages the deposit record for not including identity card sequence number in list, then judges to get in distance
Before the visiting frequency control list moment in the second prefixed time interval, whether it includes card reader sequence that visiting frequency is managed in list
The deposit of row number records, if before distance gets the visiting frequency control list moment in the second prefixed time interval, access
Frequency is managed the deposit in list comprising card reader sequence number and is recorded, then termination process;Second judgment module is also used to sentence
Break before distance gets the visiting frequency control list moment in the second prefixed time interval, is in visiting frequency control list
It is no comprising card reader sequence number deposit record, if distance get visiting frequency control the list moment before second it is default when
Between in interval, visiting frequency is managed the deposit in list comprising card reader sequence number and is recorded, then termination process;If in distance
It gets before the visiting frequency control list moment in the second prefixed time interval, visiting frequency, which is managed, does not include card reading in list
The deposit of device sequence number records, then judges the first prefixed time interval before distance gets the visiting frequency control list moment
Interior, visiting frequency manages in list whether the deposit comprising identity card sequence number records, if getting visiting frequency pipe in distance
Before the control list moment in the first prefixed time interval, visiting frequency is managed the deposit in list comprising identity card sequence number and is remembered
It records, then termination process.
Optionally, third judgment module, is also used to judge whether identity card sequence number meets exception rules, if identity card sequence
Row number meets exception rules, then termination process;If identity card sequence number does not meet exception rules, card reader sequence is judged
Number whether meet exception rules, if card reader sequence number meets exception rules, termination process;Third judgment module, also
For judging whether card reader sequence number meets exception rules, if card reader sequence number meets exception rules, termination stream
Journey;If card reader sequence number does not meet exception rules, judge whether identity card sequence number meets exception rules, if identity card sequence
Row number meets exception rules, then termination process.
Optionally, it is pre- to be also used to before distance gets the visiting frequency control list moment first for the second judgment module
If in time interval, if the deposit comprising identity card sequence number records in visiting frequency control list, obtaining and being obtained in distance
Before managing the list moment to visiting frequency in third prefixed time interval, visiting frequency manages identity card sequence number in list
Deposit record frequency of occurrence, if the deposit record frequency of occurrence of identity card sequence number returns to first and mention less than the first preset value
Show information and termination process;If the deposit record frequency of occurrence of identity card sequence number is greater than or equal to the first preset value,
Identity card sequence number is stored in blacklist, returns to error message and termination process;Second judgment module, is also used in distance
It gets before the visiting frequency control list moment in the second prefixed time interval, it includes card reader in list that visiting frequency, which is managed,
When the deposit record of sequence number, the 4th prefixed time interval before distance gets the visiting frequency control list moment is obtained
Interior, the deposit that visiting frequency manages card reader sequence number in list records frequency of occurrence, if the deposit of card reader sequence number records
Frequency of occurrence then returns to the second prompt information and termination process less than the second preset value;If the deposit of card reader sequence number
It records frequency of occurrence and is greater than or equal to the second preset value, then card reader sequence number is stored in blacklist, return error message is simultaneously whole
Only process flow.
Optionally, third judgment module is also used to when identity card sequence number meets exception rules, then by identity card sequence
Number deposit visiting frequency manages list, returns to the first prompt information and termination process;Meet exception in card reader sequence number
When regular, then card reader sequence number deposit visiting frequency managed into list, return to the second prompt information and termination process.
Optionally, authentication ids information process request further include: timestamp secret value and card reader count secret value;The
One communication module, is also used to obtain decryption time stamp secret value and card reader counts timestamp and card reader meter that secret value obtains
Numerical value, wherein timestamp is asked by the card reader identity-based identification card information processing of generation authentication ids information process request
The generation moment asked generates;Card reader count value is generated by the history processing request number of times that card reader is initiated based on card reader;The
Three judgment modules at the time of being also used to based on timestamp and receive authentication ids information process request, generate at the first time
Interval judges whether first time interval is greater than the 5th prefixed time interval and less than the 6th prefixed time interval, if when first
Between interval be greater than the 5th prefixed time interval and less than the 6th prefixed time interval, then judge that identity card sequence number is legal, otherwise,
Judge that identity card sequence number meets exception rules;Third judgment module is also used to based on timestamp and card reader count value, judgement
Distance is got before the visiting frequency control list moment in the 7th prefixed time interval, receive comprising identity card sequence number
Whether the request number of times of the authentication ids information process request of secret value is less than third preset value, if what is received includes identity
The request number of times for demonstrate,proving the authentication ids information process request of serial number encryption value is less than third preset value, then judges identity card sequence
Row number is legal, otherwise, judges that identity card sequence number meets exception rules;Third judgment module is also used to based on timestamp and connects
At the time of receiving authentication ids information process request, first time interval is generated, judges whether first time interval is greater than the
Eight prefixed time intervals and less than the 9th prefixed time interval, if first time interval is greater than the 8th prefixed time interval and is less than
9th prefixed time interval then judges that card reader sequence number is legal, otherwise, judges that card reader sequence number meets exception rules;The
Three judgment modules are also used to judge based on timestamp and card reader count value when distance gets visiting frequency control list
Before quarter in the tenth prefixed time interval, the authentication ids information process request comprising card reader sequence number that receives is asked
Ask number whether less than the 4th preset value, if the authentication ids information process request comprising card reader sequence number received
Request number of times then judges that card reader sequence number is legal less than the 4th preset value, otherwise, judges that card reader sequence number meets abnormal rule
Then;Third judgment module is also used to judge the authentication ids information process request continuously received based on card reader count value
In with the card reader count value of card reader sequence numbers match whether meet preset rules, if card reader count value meets default rule
Then, then judge that card reader sequence number is legal, otherwise, judge that card reader sequence number meets exception rules.
It optionally, also include authentication module, wherein first communication module is also used to believe the authentication ids received
Breath processing request is sent to authentication module;Authentication module, for extracting the identity card sequence in authentication ids information process request
Row number secret value, timestamp secret value and/or card reader count secret value, encrypt to identity card serial number encryption value, timestamp
Value and/or card reader count secret value and operation are decrypted, and obtain identity card sequence number, timestamp and/or card reader count value,
And identity card sequence number, timestamp and/or card reader count value are sent to first communication module.
It optionally, also include memory module, wherein memory module, for storing blacklist and frequency control list;Third
Communication module is also used in request blacklist, generates blacklist acquisition request, and be sent to memory module;Four-way
Believe module, is also used to generate frequency when request frequency manages list and manage list acquisition request, and be sent to storage mould
Block;Memory module, is also used to when receiving blacklist acquisition request, and blacklist is sent to third communication module;Store mould
Block, is also used to when receiving frequency control list acquisition request, and frequency control list is sent to fourth communication module;Third
Communication module is also used to after carrying out write operation to blacklist, generates updated blacklist, and by updated blacklist
It is sent to memory module;Fourth communication module is also used to after carrying out write operation to frequency control list, generates updated
Frequency manages list, and updated frequency control list is sent to memory module;Memory module is also used to receive and store
Updated blacklist or frequency manage list.
The method or apparatus provided through the invention can be realized to being generated based on abnormal identity card or abnormal card reader
Authentication ids information process request carries out effective abnormality processing, is made using identity card sequence number and/or card reader sequence number
It is managed, is avoided because of other factors, the legitimate request as caused by the variation of IP address or the variation of card type for key value
It can not be executed, by blacklist, can be asked in the processing for preventing illegal identity card or illegal card reader initiation at the first time
Ask, abnormality eliminating method through the invention can be realized blacklist dynamic update, enhance abnormality processing dynamic and
Real-time;Managing list by frequency can be realized to the exception for occurring abnormal identity card or card reader in a short time before
Reason is realized and is freezed in short-term to Short Term Anomalous identity card or card reader, avoids the security risk caused by the processing of illegal request,
The dynamic that abnormality eliminating method through the invention can be realized frequency control list updates, and enhances the dynamic of abnormality processing
And real-time;It can be realized the abnormal judgement to current identity card or card reader by exception rules, even if this processing request
In identity card or card reader be not included in blacklist or the control of frequency control list within the scope of, equally can recognize that different
Normal identity card or card reader improve and believe authentication ids to realize triple dynamic authentications to identity card and card reader
The safety and reliability of breath processing request processing.
Detailed description of the invention
In order to illustrate the technical solution of the embodiments of the present invention more clearly, required use in being described below to embodiment
Attached drawing be briefly described, it should be apparent that, drawings in the following description are only some embodiments of the invention, for this
For the those of ordinary skill in field, without creative efforts, it can also be obtained according to these attached drawings other
Attached drawing.
Fig. 1 is the processing method flow chart for the authentication ids information process request that the embodiment of the present invention 1 provides;
Fig. 2 is the structural schematic diagram for the identity card cloud authentication device that the embodiment of the present invention 2 provides.
Specific embodiment
With reference to the attached drawing in the embodiment of the present invention, technical solution in the embodiment of the present invention carries out clear, complete
Ground description, it is clear that described embodiments are only a part of the embodiments of the present invention, instead of all the embodiments.Based on this
The embodiment of invention, every other implementation obtained by those of ordinary skill in the art without making creative efforts
Example, belongs to protection scope of the present invention.
In the description of the present invention, it is to be understood that, term " center ", " longitudinal direction ", " transverse direction ", "upper", "lower",
The orientation or positional relationship of the instructions such as "front", "rear", "left", "right", "vertical", "horizontal", "top", "bottom", "inner", "outside" is
It is based on the orientation or positional relationship shown in the drawings, is merely for convenience of description of the present invention and simplification of the description, rather than instruction or dark
Show that signified device or element must have a particular orientation, be constructed and operated in a specific orientation, therefore should not be understood as pair
Limitation of the invention.In addition, term " first ", " second " are used for description purposes only, it is not understood to indicate or imply opposite
Importance or quantity or position.
In the description of the present invention, it should be noted that unless otherwise clearly defined and limited, term " installation ", " phase
Even ", " connection " shall be understood in a broad sense, for example, it may be being fixedly connected, may be a detachable connection, or be integrally connected;It can
To be mechanical connection, it is also possible to be electrically connected;It can be directly connected, can also can be indirectly connected through an intermediary
Connection inside two elements.For the ordinary skill in the art, above-mentioned term can be understood at this with concrete condition
Concrete meaning in invention.
The embodiment of the present invention is described in further detail below in conjunction with attached drawing.
Embodiment 1
The present embodiment provides a kind of authentication ids information process request processing methods, as shown in Figure 1, including following step
It is rapid:
S1: authentication ids information process request is received, authentication ids information process request includes: identity card sequence number
Secret value and card reader sequence number;
Identity card processing request is the processing request that card reader of ID card is initiated, and judges identity card processing request for legal place
After reason request, according to preset rules, for the idle security authentication module of identity card processing request distribution, assigned safety is recognized
The originating end for demonstrate,proving module and identity card processing request carries out data interaction, wherein identity card serial number encryption value is identity card
Card reader obtains the identity card serial number encryption obtained from identity card, card reader Serial No. card reader of ID card itself
Sequence number.
S2: the identity card sequence number that decryption identity card serial number encryption value obtains is obtained;
Operation is decrypted to the identity card serial number encryption value received, if card reader of ID card is calculated using symmetric cryptography
Method encryption identity card sequence number is then solved the identity card serial number encryption value received using corresponding symmetrical decipherment algorithm
Close operation;If card reader of ID card uses own private key encryption identity card sequence number, the identity card sequence number received is added
Operation is decrypted using the public key of card reader of ID card in close value;Identity card serial number encryption value is decrypted the main body of operation
It can be itself, be also possible to external equipment or external chip.
S3: obtaining blacklist, executes step S401 or step S402;
Blacklist can be obtained from itself storage, blacklist can also be obtained from outside, includes illegal in blacklist
Identity card sequence number and illegal card reader sequence number;If in the authentication ids information process request received including illegal body
Part card sequence number or illegal card reader sequence number, then the authentication ids information process request is in illegal state, it can not
It is normally accepted by server.
S401: judging whether identity card sequence number is included in blacklist, if identity card sequence number is included in blacklist,
Then termination process;
Have illegal identity card sequence number in blacklist, for example, the identity card being reported the loss sequence number, continuously occur it is different
The sequence number etc. of the identity card occurred in the sequence number of normal identity card or short time in multiple areas, the processing meeting that it is requested
Greater risk is brought, identity card sequence number is included in blacklist if judging, illustrates that the identity card Serial No. illegal identity is demonstrate,proved
Sequence number, server are disregarded, termination process.Optionally, server can return to prompt information to prompt user, be somebody's turn to do
Identity card has been added into blacklist, carries out subsequent operation and Resolving probiems convenient for user;
Optionally, it if identity card sequence number is included in blacklist, further comprises the steps of: and obtains visiting frequency control name
It is single, judge that visiting frequency manages name before distance gets the visiting frequency control list moment in the second prefixed time interval
Whether the deposit comprising card reader sequence number records in list, if second before distance gets the visiting frequency control list moment
In prefixed time interval, visiting frequency is managed the deposit in list comprising card reader sequence number and is recorded, then obtains and obtain in distance
Before managing the list moment to visiting frequency in the 4th prefixed time interval, visiting frequency manages card reader sequence number in list
Deposit record frequency of occurrence will be read if the deposit record frequency of occurrence of card reader sequence number is greater than or equal to the second preset value
Card device sequence number is stored in blacklist;If judging before distance gets the visiting frequency control list moment between the second preset time
Every interior, in visiting frequency control list not comprising card reader sequence number deposit record, then exception rules are obtained, judge card reader
Whether sequence number meets exception rules, if card reader sequence number meets exception rules, by card reader sequence number write-access frequency
Degree control list;
If identity card sequence number is not comprised in blacklist, judge whether card reader sequence number is included in blacklist
It is interior, if card reader sequence number is included in blacklist, termination process;
If identity card sequence number is not comprised in blacklist, the legitimacy of card reader sequence number is further judged, with
Determine whether identity card sequence number and card reader sequence number are legal, has illegal card reader sequence number in blacklist, such as
The sequence number for the card reader being reported the loss, the continuous sequence number for abnormal card reader occur, more than service life card reader sequence
The sequence number etc. of row number or the card reader occurred in short-term in multiple areas, the processing requested it can bring greater risk, if sentencing
Disconnected card reader sequence number is included in blacklist, illustrates that the card reader Serial No. illegal identity demonstrate,proves sequence number, server is refused
Processing, termination process.Optionally, server can return to prompt information to prompt user, which has been added into black
List carries out subsequent operation and Resolving probiems convenient for user;
Optionally, it after step judges that identity card sequence number is not comprised in blacklist, further comprises the steps of: acquisition and visits
It asks that frequency manages list, judges in the first prefixed time interval, to visit before distance gets the visiting frequency control list moment
Ask whether the deposit comprising identity card sequence number records in frequency control list, if getting visiting frequency control list in distance
Before moment in the first prefixed time interval, visiting frequency is managed the deposit in list comprising identity card sequence number and is recorded, then obtains
It takes before distance gets the visiting frequency control list moment in third prefixed time interval, visiting frequency manages body in list
The deposit of part card sequence number records frequency of occurrence, if the deposit record frequency of occurrence of identity card sequence number is greater than or equal to first in advance
If identity card sequence number is then stored in blacklist by value;If judging the before distance gets the visiting frequency control list moment
In one prefixed time interval, visiting frequency manages the deposit record for not including identity card sequence number in list, then obtains abnormal rule
Then, judge whether identity card sequence number meets exception rules, if identity card sequence number meets exception rules, by identity card sequence
Number write-access frequency manages list;
S402: judging whether card reader sequence number is included in blacklist, if card reader sequence number is included in blacklist,
Then termination process;
Have illegal card reader sequence number in blacklist, for example, the card reader being reported the loss sequence number, continuously occur it is different
The sequence number of normal card reader, the card reader that occur more than the sequence number of the card reader of service life or in short-term in multiple areas
Sequence number etc., the processing requested it can bring greater risk, if judging, card reader sequence number is included in blacklist, illustrate this
Card reader Serial No. illegal identity demonstrate,proves sequence number, and server is disregarded, termination process.Optionally, server can be with
Prompt information is returned to prompt user, which has been added into blacklist, carries out subsequent operation and Resolving probiems convenient for user;
Optionally, it if card reader sequence number is included in blacklist, further comprises the steps of: and obtains visiting frequency control name
It is single, judge that visiting frequency manages name before distance gets the visiting frequency control list moment in the first prefixed time interval
Whether the deposit comprising identity card sequence number records in list, if first before distance gets the visiting frequency control list moment
In prefixed time interval, visiting frequency is managed the deposit in list comprising identity card sequence number and is recorded, then obtains and obtain in distance
Before managing the list moment to visiting frequency in third prefixed time interval, visiting frequency manages identity card sequence number in list
Deposit record frequency of occurrence, if the deposit record frequency of occurrence of identity card sequence number is greater than or equal to the first preset value, by body
Part card sequence number is stored in blacklist;If judging before distance gets the visiting frequency control list moment between the first preset time
Every interior, in visiting frequency control list not comprising identity card sequence number deposit record, then exception rules are obtained, judge identity card
Whether sequence number meets exception rules, if identity card sequence number meets exception rules, by identity card sequence number write-access frequency
Degree control list;
If card reader sequence number is not comprised in blacklist, judge whether identity card sequence number is included in blacklist
It is interior, if identity card sequence number is included in blacklist, termination process;
If card reader sequence number is not comprised in blacklist, the legitimacy of identity card sequence number is further judged, with
Determine whether identity card sequence number and card reader sequence number are legal, has illegal identity card sequence number in blacklist, such as
The sequence number for the identity card being reported the loss continuously occurs in the sequence number or short time of abnormal identity card in multiple area appearance
The sequence number etc. of identity card, the processing requested it can bring greater risk, if judging, identity card sequence number is included in blacklist
It is interior, illustrate that the identity card Serial No. illegal identity demonstrate,proves sequence number, server is disregarded, termination process.Optionally, it takes
Business device can return to prompt information to prompt user, which has been added into blacklist, convenient for user carry out subsequent operation and
Resolving probiems;
Optionally, it after step judges that card reader sequence number is not comprised in blacklist, further comprises the steps of: acquisition and visits
It asks that frequency manages list, judges in the second prefixed time interval, to visit before distance gets the visiting frequency control list moment
Ask whether the deposit comprising card reader sequence number records in frequency control list, if getting visiting frequency control list in distance
Before moment in the second prefixed time interval, visiting frequency is managed the deposit in list comprising card reader sequence number and is recorded, then obtains
It takes before distance gets the visiting frequency control list moment in the 4th prefixed time interval, is read in visiting frequency control list
The deposit of card device sequence number records frequency of occurrence, if the deposit record frequency of occurrence of card reader sequence number is greater than or equal to second in advance
If card reader sequence number is then stored in blacklist by value;If judging the before distance gets the visiting frequency control list moment
In two prefixed time intervals, visiting frequency manages the deposit record for not including card reader sequence number in list, then obtains abnormal rule
Then, judge whether card reader sequence number meets exception rules, if card reader sequence number meets exception rules, by card reader sequence
Number write-access frequency manages list;
If judging, identity card sequence number and card reader sequence number are not included in blacklist, then follow the steps S5;
If judging, identity card sequence number and card reader sequence number are not included in blacklist, illustrate identity card sequence number and
Card reader sequence number is all legal, that is to say, that the authentication ids information process request is in legal state, needs further
Judge whether the authentication ids information process request is in by control state;
S5: it obtains visiting frequency and manages list, and execute step S601 or step S602;
Visiting frequency can be obtained from itself storage and manage list, can also obtain visiting frequency from outside and manage name
Single, it includes the identity card sequence number managed and the card reader sequence number managed that visiting frequency, which is managed in list,;If receiving
To authentication ids information process request in comprising the identity card sequence number managed or the card reader sequence number managed, that
The authentication ids information process request is in by control state, could be thawed after need to being frozen certain time length, currently can not
It is normally accepted by server.
S601: judge access before distance gets the visiting frequency control list moment in the first prefixed time interval
Frequency manages in list whether the deposit comprising identity card sequence number records, if when distance gets visiting frequency control list
Before quarter in the first prefixed time interval, visiting frequency is managed the deposit in list comprising identity card sequence number and is recorded, then terminates
Process flow;
To avoid by Replay Attack, abnormal identity card sequence number and abnormal card reader sequence number can be frozen control centainly
Duration is not handled the request that it is initiated under control state, can first determine whether to get visiting frequency pipe in distance
Control before the list moment in the first prefixed time interval, visiting frequency manage in list whether include identity card sequence number deposit
Record, if visiting frequency manages name before distance gets the visiting frequency control list moment in the first prefixed time interval
Deposit in list comprising identity card sequence number records, and illustrates the identity card sequence number also in freezing control state, termination
Process;Wherein, the first prefixed time interval is preset value, can be configured according to specific application scenarios, for example, when card reading is whole
When end is automatic ticket taking machine, the first prefixed time interval can be set as 1 minute, that is to say, that certain specific identity demonstrate,proves sequence when discovery
Row number be in frequency control list when, within next 1 minute, not to the request initiated based on the identity card sequence number into
Row processing operation;Optionally, when finding that certain specific identity card sequence number is in frequency control list, prompt information prompt is returned
User's identity card abnormal state, is please tried again later;
Optionally, if step is got before visiting frequency manages the list moment in the first prefixed time interval in distance,
Visiting frequency is managed the deposit in list comprising identity card sequence number and is recorded, then termination process, comprising steps of if in distance
It gets before the visiting frequency control list moment in the first prefixed time interval, it includes identity card in list that visiting frequency, which is managed,
The deposit of sequence number records, then obtains the third prefixed time interval before distance gets the visiting frequency control list moment
Interior, the deposit that visiting frequency manages identity card sequence number in list records frequency of occurrence, if the deposit of identity card sequence number records
Frequency of occurrence then returns to the first prompt information and termination process less than the first preset value;If the deposit of identity card sequence number
It records frequency of occurrence and is greater than or equal to the first preset value, then identity card sequence number is stored in blacklist, return error message is simultaneously whole
Only process flow;
In order to further ensure the integrality of abnormal data, it is ensured that processing safety gets access frequency in distance when determining
Before the degree control list moment in the first prefixed time interval, visiting frequency manages the deposit in list comprising identity card sequence number
In the case where record, the third prefixed time interval before distance gets the visiting frequency control list moment can be further judged
Interior, visiting frequency manages the deposit in list comprising identity card sequence number and records number;In one section of preset time, if repeatedly
When receiving the processing request based on a certain identity card sequence number initiation being specifically present in frequency control list, it is believed that
Blacklist is added in the identity card Serial No. illegal sequence number;Specifically, if judging first before receiving processing request
In prefixed time interval, once it was written in frequency control list according to the identity card sequence number that processing request obtains, then into
One step judges in the third prefixed time interval before receiving processing request, according to the identity card sequence of processing request acquisition
Whether the number number being once written in frequency control list reaches the first preset value, wherein third prefixed time interval and first
Preset value is preset value, can be set according to application scenarios, such as: third prefixed time interval is 5 minutes, and the first preset value is
It 100 times, if that judging receiving in processing request first 5 minutes initiated based on specific identity card sequence number, has received
The number requested to the processing initiated based on the identity card sequence number then returns to the first prompt information prompt user less than 100 times
Try simultaneously termination process again later;The number for the processing request initiated if it has been received based on the identity card sequence number is greater than
Or be equal to 100 times, then blacklist is written into the identity card sequence number, returns to error message prompt user's identity card and be added into
Blacklist, and termination process;
Optionally, if step is got before visiting frequency manages the list moment in the first prefixed time interval in distance,
Visiting frequency is managed the deposit in list comprising identity card sequence number and is recorded, then further comprises the steps of: and judge to obtain visiting in distance
Ask whether it includes card reader sequence that visiting frequency is managed in list before the frequency control list moment in the second prefixed time interval
Number deposit record, if before distance gets the visiting frequency control list moment in the second prefixed time interval, access frequency
The deposit comprising card reader sequence number records in degree control list, then obtains and get the visiting frequency control list moment in distance
Before in the 4th prefixed time interval, the deposit that visiting frequency manages card reader sequence number in list records frequency of occurrence, if reading
The deposit record frequency of occurrence of card device sequence number is greater than or equal to the second preset value, then card reader sequence number is stored in blacklist;
In order to further ensure the integrality of abnormal data, it is ensured that processing safety gets access frequency in distance when determining
Before the degree control list moment in the first prefixed time interval, visiting frequency manages the deposit in list comprising identity card sequence number
In the case where record, the second preset time before distance gets the visiting frequency control list moment can be further judged
In interval, whether the deposit comprising card reader sequence number records and judges to obtain visiting in distance in visiting frequency control list
It asks before the frequency control list moment in the 4th prefixed time interval, what visiting frequency was managed in list comprising card reader sequence number
Deposit record number is specifically present in frequency control list based on a certain if repeatedly received in one section of preset time
In card reader sequence number initiate processing request when, it is believed that the card reader Serial No. illegal sequence number, be added blacklist;
Specifically, if judging in the second prefixed time interval before receiving processing request, the card reading obtained according to processing request
Device sequence number was once written in frequency control list, then further the 4th judged before receiving processing request presets
In time interval, whether reached according to the number that the card reader sequence number that processing request obtains once was written in frequency control list
To the second preset value, wherein the 4th prefixed time interval and the second preset value are preset value, can be set according to application scenarios, example
Such as: the 4th prefixed time interval is 5 minutes, and the second preset value is 100 times, if that judging receiving based on specific card reading
The processing that device sequence number is initiated is requested in first 5 minutes, and time for the processing request initiated based on the card reader sequence number is had received
Number then returns to the second prompt information prompt user and tries simultaneously termination process again later less than 100 times;It is based on if it has been received
The number for the processing request that the card reader sequence number is initiated is greater than or equal to 100 times, then black name is written in the card reader sequence number
It is single, it returns to error message prompt user's card reader and has been added into blacklist, and termination process;
If before distance gets the visiting frequency control list moment in the first prefixed time interval, visiting frequency control
Deposit in list not comprising identity card sequence number records, then judges before distance gets the visiting frequency control list moment
In second prefixed time interval, visiting frequency manages in list whether the deposit comprising card reader sequence number records, if in distance
It gets before the visiting frequency control list moment in the second prefixed time interval, it includes card reader in list that visiting frequency, which is managed,
The deposit of sequence number records, then termination process;
Optionally, if step is got before visiting frequency manages the list moment in the second prefixed time interval in distance,
Visiting frequency is managed the deposit in list comprising card reader sequence number and is recorded, then termination process, comprising steps of if in distance
It gets before the visiting frequency control list moment in the second prefixed time interval, it includes card reader in list that visiting frequency, which is managed,
The deposit of sequence number records, then obtains the 4th prefixed time interval before distance gets the visiting frequency control list moment
Interior, the deposit that visiting frequency manages card reader sequence number in list records frequency of occurrence, if the deposit of card reader sequence number records
Frequency of occurrence then returns to the second prompt information and termination process less than the second preset value;If the deposit of card reader sequence number
It records frequency of occurrence and is greater than or equal to the second preset value, then card reader sequence number is stored in blacklist, return error message is simultaneously whole
Only process flow;
In order to further ensure the integrality of abnormal data, it is ensured that processing safety gets access frequency in distance when determining
Before the degree control list moment in the first prefixed time interval, depositing for identity card sequence number is not included in visiting frequency control list
In the case where entering record, can further judge distance get visiting frequency control the list moment before second it is default when
Between interval in, visiting frequency control list in whether comprising card reader sequence number deposit record and judge to get in distance
Before the visiting frequency control list moment in the 4th prefixed time interval, it includes card reader sequence number in list that visiting frequency, which is managed,
Deposit record number, in one section of preset time, if repeatedly receive based on it is a certain specifically be present in frequency control name
When the processing request that the card reader sequence number in list is initiated, it is believed that black name is added in the card reader Serial No. illegal sequence number
It is single;Specifically, if judging in the second prefixed time interval before receiving processing request, the reading obtained according to processing request
Card device sequence number was once written in frequency control list, then further judging receiving the before handling request the 4th in advance
If in time interval, whether being once written to the number in frequency control list according to the card reader sequence number that processing request obtains
Reach the second preset value, wherein the 4th prefixed time interval and the second preset value are preset value, can be set according to application scenarios,
Such as: the 4th prefixed time interval is 5 minutes, and the second preset value is 100 times, if that judging receiving based on specific reading
The processing that card device sequence number is initiated is requested in first 5 minutes, and the processing request initiated based on the card reader sequence number is had received
Number then returns to the second prompt information prompt user and tries simultaneously termination process again later less than 100 times;Base if it has been received
It is greater than or equal to 100 times in the number for the processing request that the card reader sequence number is initiated, then the card reader sequence number is written black
List returns to error message prompt user's card reader and has been added into blacklist, and termination process;
S602: judge access before distance gets the visiting frequency control list moment in the second prefixed time interval
Frequency manages in list whether the deposit comprising card reader sequence number records, if when distance gets visiting frequency control list
Before quarter in the second prefixed time interval, visiting frequency is managed the deposit in list comprising card reader sequence number and is recorded, then terminates
Process flow;
To avoid by Replay Attack, abnormal identity card sequence number and abnormal card reader sequence number can be frozen control centainly
Duration is not handled the request that it is initiated under control state, can first determine whether to get visiting frequency pipe in distance
Control before the list moment in the first prefixed time interval, visiting frequency manage in list whether include card reader sequence number deposit
Record, if visiting frequency manages name before distance gets the visiting frequency control list moment in the first prefixed time interval
Deposit in list comprising card reader sequence number records, and illustrates the card reader sequence number also in freezing control state, termination
Process;Wherein, the first prefixed time interval is preset value, can be configured according to specific application scenarios, for example, when card reading is whole
When end is automatic ticket taking machine, the first prefixed time interval can be set as 1 minute, that is to say, that when certain specific card reader sequence of discovery
Row number be in frequency control list when, within next 1 minute, not to the request initiated based on the card reader sequence number into
Row processing operation;Optionally, when finding that certain specific card reader sequence number is in frequency control list, prompt information prompt is returned
User's Card reader status is abnormal, please tries again later;
Optionally, if step is got before visiting frequency manages the list moment in the second prefixed time interval in distance,
Visiting frequency is managed the deposit in list comprising card reader sequence number and is recorded, then termination process, comprising steps of if in distance
It gets before the visiting frequency control list moment in the second prefixed time interval, it includes card reader in list that visiting frequency, which is managed,
The deposit of sequence number records, then obtains the 4th prefixed time interval before distance gets the visiting frequency control list moment
Interior, the deposit that visiting frequency manages card reader sequence number in list records frequency of occurrence, if the deposit of card reader sequence number records
Frequency of occurrence then returns to the second prompt information and termination process less than the second preset value;If the deposit of card reader sequence number
It records frequency of occurrence and is greater than or equal to the second preset value, then card reader sequence number is stored in blacklist, return error message is simultaneously whole
Only process flow;
In order to further ensure the integrality of abnormal data, it is ensured that processing safety gets access frequency in distance when determining
Before the degree control list moment in the second prefixed time interval, visiting frequency manages the deposit in list comprising card reader sequence number
In the case where record, the 4th prefixed time interval before distance gets the visiting frequency control list moment can be further judged
Interior, visiting frequency manages the deposit in list comprising card reader sequence number and records number;In one section of preset time, if repeatedly
When receiving the processing request based on a certain card reader sequence number initiation being specifically present in frequency control list, it is believed that
Blacklist is added in the card reader Serial No. illegal sequence number;Specifically, if judging second before receiving processing request
In prefixed time interval, once it was written in frequency control list according to the card reader sequence number that processing request obtains, then into
One step judges in the 4th prefixed time interval before receiving processing request, according to the card reader sequence of processing request acquisition
Whether the number number being once written in frequency control list reaches the second preset value, wherein the 4th prefixed time interval and second
Preset value is preset value, can be set according to application scenarios, such as: the 4th prefixed time interval is 5 minutes, and the second preset value is
It 100 times, if that judging receiving in processing request first 5 minutes initiated based on specific card reader sequence number, has received
The number requested to the processing initiated based on the card reader sequence number then returns to the second prompt information prompt user less than 100 times
Try simultaneously termination process again later;The number for the processing request initiated if it has been received based on the card reader sequence number is greater than
Or be equal to 100 times, then blacklist is written into the card reader sequence number, returns to error message prompt user's card reader and be added into
Blacklist, and termination process;
Optionally, if step is got before visiting frequency manages the list moment in the second prefixed time interval in distance,
Visiting frequency is managed the deposit in list comprising card reader sequence number and is recorded, then further comprises the steps of: and judge to obtain visiting in distance
Ask whether it includes identity card sequence that visiting frequency is managed in list before the frequency control list moment in the first prefixed time interval
Number deposit record, if before distance gets the visiting frequency control list moment in the first prefixed time interval, access frequency
The deposit comprising identity card sequence number records in degree control list, then obtains and get the visiting frequency control list moment in distance
Before in third prefixed time interval, the deposit that visiting frequency manages identity card sequence number in list records frequency of occurrence, if body
The deposit record frequency of occurrence of part card sequence number is greater than or equal to the first preset value, then identity card sequence number is stored in blacklist;
In order to further ensure the integrality of abnormal data, it is ensured that processing safety gets access frequency in distance when determining
Before the degree control list moment in the second prefixed time interval, visiting frequency manages the deposit in list comprising card reader sequence number
In the case where record, the first preset time before distance gets the visiting frequency control list moment can be further judged
In interval, whether the deposit comprising identity card sequence number records and judges to obtain visiting in distance in visiting frequency control list
It asks before the frequency control list moment in third prefixed time interval, what visiting frequency was managed in list comprising identity card sequence number
Deposit record number is specifically present in frequency control list based on a certain if repeatedly received in one section of preset time
In identity card sequence number initiate processing request when, it is believed that the identity card Serial No. illegal sequence number, be added blacklist;
Specifically, if judging in the first prefixed time interval before receiving processing request, the identity obtained according to processing request
Card sequence number was once written in frequency control list, then further judging that the third before receiving processing request is default
In time interval, whether reached according to the number that the identity card sequence number that processing request obtains once was written in frequency control list
To the first preset value, wherein third prefixed time interval and the first preset value are preset value, can be set according to application scenarios, example
Such as: third prefixed time interval is 5 minutes, and the first preset value is 100 times, if that judging receiving based on specific identity
It demonstrate,proves the processing that sequence number is initiated to request in first 5 minutes, has received time for the processing request initiated based on the identity card sequence number
Number then returns to the first prompt information prompt user and tries simultaneously termination process again later less than 100 times;It is based on if it has been received
The number for the processing request that the identity card sequence number is initiated is greater than or equal to 100 times, then black name is written in the identity card sequence number
It is single, it returns to error message prompt user's identity card and has been added into blacklist, and termination process;
If before distance gets the visiting frequency control list moment in the second prefixed time interval, visiting frequency control
Deposit in list not comprising card reader sequence number records, then judges before distance gets the visiting frequency control list moment
In first prefixed time interval, visiting frequency manages in list whether the deposit comprising identity card sequence number records, if in distance
It gets before the visiting frequency control list moment in the first prefixed time interval, it includes identity card in list that visiting frequency, which is managed,
The deposit of sequence number records, then termination process;
Optionally, if step is got before visiting frequency manages the list moment in the first prefixed time interval in distance,
Visiting frequency is managed the deposit in list comprising identity card sequence number and is recorded, then termination process, comprising steps of if in distance
It gets before the visiting frequency control list moment in the first prefixed time interval, it includes identity card in list that visiting frequency, which is managed,
The deposit of sequence number records, then obtains the third prefixed time interval before distance gets the visiting frequency control list moment
Interior, the deposit that visiting frequency manages identity card sequence number in list records frequency of occurrence, if the deposit of identity card sequence number records
Frequency of occurrence then returns to the first prompt information and termination process less than the first preset value;If the deposit of identity card sequence number
It records frequency of occurrence and is greater than or equal to the first preset value, then identity card sequence number is stored in blacklist, return error message is simultaneously whole
Only process flow;
In order to further ensure the integrality of abnormal data, it is ensured that processing safety gets access frequency in distance when determining
Before the degree control list moment in the second prefixed time interval, depositing for card reader sequence number is not included in visiting frequency control list
In the case where entering record, can further judge distance get visiting frequency control the list moment before first it is default when
Between interval in, visiting frequency control list in whether comprising identity card sequence number deposit record and judge to get in distance
Before the visiting frequency control list moment in third prefixed time interval, it includes identity card sequence number in list that visiting frequency, which is managed,
Deposit record number, in one section of preset time, if repeatedly receive based on it is a certain specifically be present in frequency control name
When the processing request that the identity card sequence number in list is initiated, it is believed that black name is added in the identity card Serial No. illegal sequence number
It is single;Specifically, if judging in the first prefixed time interval before receiving processing request, the body obtained according to processing request
Part card sequence number was once written in frequency control list, then further judging that the third before receiving processing and requesting is pre-
If in time interval, whether being once written to the number in frequency control list according to the identity card sequence number that processing request obtains
Reach the first preset value, wherein third prefixed time interval and the first preset value are preset value, it can be set according to application scenarios,
Such as: third prefixed time interval is 5 minutes, and the first preset value is 100 times, if that judging receiving based on specific body
Part is demonstrate,proved the processing that sequence number is initiated and is requested in first 5 minutes, has received what handling based on identity card sequence number initiation was requested
Number then returns to the first prompt information prompt user and tries simultaneously termination process again later less than 100 times;Base if it has been received
It is greater than or equal to 100 times in the number for the processing request that the identity card sequence number is initiated, then the identity card sequence number is written black
List returns to error message prompt user's identity card and has been added into blacklist, and termination process;
If judging before distance gets the visiting frequency control list moment in the first prefixed time interval, visiting frequency
The deposit record of identity card sequence number is not included in control list and before distance gets the visiting frequency control list moment
In second prefixed time interval, visiting frequency manages the deposit record for not including card reader sequence number in list, thens follow the steps
S7;
When judging before distance gets the visiting frequency control list moment in the first prefixed time interval, visiting frequency
The deposit record of identity card sequence number is not included in control list and before distance gets the visiting frequency control list moment
In second prefixed time interval, when visiting frequency manages the deposit record for not including card reader sequence number in list, it can determine
The identity card sequence number and the card reader sequence number do not go out in the first prefixed time interval and in the second prefixed time interval
Abnormality is now crossed, further judges the identity card sequence number or the card reader sequence number in this request whether in abnormal
State;
S7 obtains exception rules, and executes step S801 or step S802;
S801: judging whether identity card sequence number meets exception rules, if identity card sequence number meets exception rules, eventually
Only process flow;
Exception rules can store in itself storage, can also obtain, can be sentenced according to exception rules from external equipment
Break this request in identity card sequence number or card reader sequence number whether be in abnormality;
Optionally, authentication ids information process request further include: timestamp secret value and card reader count secret value;Step
Rapid S2 further includes obtaining the timestamp and card reader count value that decryption time stamp secret value and card reader counting secret value obtain,
Wherein, timestamp is demonstrate,proved the production of information process request by the card reader identity-based identification of generation authentication ids information process request
The raw moment generates;Card reader count value is generated by the history processing request number of times that card reader is initiated based on card reader;
Judge whether identity card sequence number meets exception rules and one of following manner or a variety of can be used:
Mode one: at the time of based on timestamp and receiving authentication ids information process request, between generation first time
Every judging whether first time interval is greater than the 5th prefixed time interval and less than the 6th prefixed time interval, if at the first time
Interval is greater than the 5th prefixed time interval and less than the 6th prefixed time interval, then judges that identity card sequence number is legal, otherwise, sentence
Disconnected identity card sequence number meets exception rules;
It include the generation moment of authentication ids information process request in timestamp, it, can be with when receiving processing request
According to receive processing request at the time of and timestamp obtain first time interval, first time interval represent the processing request from
It is generated to the time for being received intermediate experience, if first time interval is too short or too long, all indicates that transmission process is requested in this time
Middle appearance is abnormal, for the security and reliability for guaranteeing processing, judges the identity card for including in authentication ids information process request
Sequence number is abnormal, and the zone of reasonableness of first time interval is preset value, can set according to specific application scenarios, such as: the 5th
Prefixed time interval is 1 second, and the 6th prefixed time interval is 60 seconds, then when first time interval is less than 1 second or greater than 60
Second when, it is possible to determine that this time the identity card sequence number in authentication ids information process request meets exception rules;
Mode two: be based on timestamp and card reader count value, judge distance get visiting frequency control the list moment it
In preceding 7th prefixed time interval, the authentication ids information process request comprising identity card serial number encryption value that receives
Whether request number of times is less than third preset value, if at the authentication ids information comprising identity card serial number encryption value received
The request number of times of reason request is less than third preset value, then judges that identity card sequence number is legal, otherwise, judges that identity card sequence number accords with
Close exception rules;
When the authentication ids information process request generated based on a certain specific identity card sequence number is multiple in a short time
When appearance, it is possible to determine that the identity card sequence number meets exception rules, and the 7th prefixed time interval and third preset value are pre-
If value, can set according to concrete application scene, for example, the 7th prefixed time interval is 5 minutes, third preset value is 100 times, that
It reads in the timestamp in this processing request and the request of the 100th processing before generated based on the identity card sequence number
Timestamp judges that the time interval between two timestamps whether less than 5 minutes, if it is less than 5 minutes, then determines the identity card
Sequence number meets exception rules;
Optionally, judge whether card reader sequence number meets one of exception rules following manner or a variety of:
Mode one: at the time of based on timestamp and receiving authentication ids information process request, between generation first time
Every judging whether first time interval is greater than the 8th prefixed time interval and less than the 9th prefixed time interval, if at the first time
Interval is greater than the 8th prefixed time interval and less than the 9th prefixed time interval, then judges that card reader sequence number is legal, otherwise, sentence
Disconnected card reader sequence number meets exception rules;
It include the generation moment of authentication ids information process request in timestamp, it, can be with when receiving processing request
According to receive processing request at the time of and timestamp obtain first time interval, first time interval represent the processing request from
It is generated to the time for being received intermediate experience, if first time interval is too short or too long, all indicates that transmission process is requested in this time
Middle appearance is abnormal, for the security and reliability for guaranteeing processing, judges the card reader for including in authentication ids information process request
Sequence number is abnormal, and the zone of reasonableness of first time interval is preset value, can set according to specific application scenarios, such as: the 8th
Prefixed time interval is 1 second, and the 9th prefixed time interval is 60 seconds, then when first time interval is less than 1 second or greater than 60
Second when, it is possible to determine that this time the card reader sequence number in authentication ids information process request meets exception rules;
Mode two: being based on timestamp and card reader count value, judges to get the visiting frequency control list moment in distance
Before in the tenth prefixed time interval, the request of the authentication ids information process request comprising card reader sequence number received
Whether number is less than the 4th preset value, if the authentication ids information process request comprising card reader sequence number received is asked
It asks number less than the 4th preset value, then judges that card reader sequence number is legal, otherwise, judge that card reader sequence number meets abnormal rule
Then;
When the authentication ids information process request generated based on a certain specific card reader sequence number is multiple in a short time
When appearance, it is possible to determine that the card reader sequence number meets exception rules, and the tenth prefixed time interval and the 4th preset value are pre-
If value, can set according to concrete application scene, for example, the tenth prefixed time interval is 5 minutes, the 4th preset value is 100 times, that
It reads in the timestamp in this processing request and the request of the 100th processing before generated based on the card reader sequence number
Timestamp judges that the time interval between two timestamps whether less than 5 minutes, if it is less than 5 minutes, then determines the card reader
Sequence number meets exception rules;
Mode three: be based on card reader count value, judge in the authentication ids information process request continuously received with reading
Whether the card reader count value of card device sequence numbers match meets preset rules, if card reader count value meets preset rules, sentences
Disconnected card reader sequence number is legal, otherwise, judges that card reader sequence number meets exception rules;
When card reader initiates authentication ids information process request, card reader count value can be become according to preset rules
Change, for example, every initiation single treatment is requested, card reader count value adds one;After receiving processing request, card reader sequence number is extracted
With card reader count value, card reader count value and this reading in last time processing request corresponding with the card reader sequence number are judged
Whether card device count value meets preset rules, if not meeting preset rules, illustrates that the card reader has exception, card reader sequence
Row number meets exception rules;
Optionally, if step identity card sequence number meets exception rules, termination process, comprising steps of if identity
Card sequence number meets exception rules, then identity card sequence number deposit visiting frequency is managed list, return to the first prompt information simultaneously
Termination process;
In order to further ensure the integrality of abnormal data, the dynamic and intelligence of processing are promoted, it is ensured that processing safety,
In the case where determining that identity card sequence number meets exception rules, identity card sequence number write-in frequency further can be managed into name
Single, return information prompt user's identity card please tries again later in the presence of abnormal, and termination process, to realize that frequency is managed
The dynamic change of list promotes the intelligence of authentication ids information process request treatment process;
Optionally, it if step identity card sequence number meets exception rules, further comprises the steps of: and judges that card reader sequence number is
It is no to meet exception rules, if card reader sequence number meets exception rules, card reader sequence number write-access frequency is managed into name
It is single;
In order to further ensure the integrality of abnormal data, the dynamic and intelligence of processing are promoted, it is ensured that processing safety,
In the case where determining that identity card sequence number meets exception rules, it can further judge whether card reader sequence number meets abnormal rule
Then, if whether card reader sequence number meets exception rules, card reader sequence number write-access frequency control list is returned into letter
Breath prompt user's card reader is please tried again later in the presence of abnormal, and termination process, to realize the dynamic of frequency control list
State variation, promotes the intelligence of authentication ids information process request treatment process;
If identity card sequence number does not meet exception rules, judge whether card reader sequence number meets exception rules, if reading
Card device sequence number meets exception rules, then termination process;
Optionally, if step card reader sequence number meets exception rules, termination process, comprising steps of if card reading
Device sequence number meets exception rules, then card reader sequence number deposit visiting frequency is managed list, return to the second prompt information simultaneously
Termination process;
In order to further ensure the integrality of abnormal data, the dynamic and intelligence of processing are promoted, it is ensured that processing safety,
In the case where determining that identity card sequence number does not meet exception rules, it can further judge whether card reader sequence number meets exception
Rule returns to card reader sequence number write-access frequency control list if whether card reader sequence number meets exception rules
The information alert user card reader is please tried again later in the presence of abnormal, and termination process, to realize frequency control list
Dynamic change promotes the intelligence of authentication ids information process request treatment process;
S802: judging whether card reader sequence number meets exception rules, if card reader sequence number meets exception rules, eventually
Only process flow;
With S801 correspondingly, can also first judge whether card reader sequence number meets exception rules,
Optionally, if step card reader sequence number meets exception rules, termination process, comprising steps of if card reading
Device sequence number meets exception rules, then card reader sequence number deposit visiting frequency is managed list, return to the second prompt information simultaneously
Termination process;
In order to further ensure the integrality of abnormal data, the dynamic and intelligence of processing are promoted, it is ensured that processing safety,
In the case where determining that card reader sequence number meets exception rules, card reader sequence number write-in frequency further can be managed into name
Single, return information prompt user's card reader is please tried again later in the presence of abnormal, and termination process, to realize that frequency is managed
The dynamic change of list promotes the intelligence of authentication ids information process request treatment process;
Optionally, it if step card reader sequence number meets exception rules, further comprises the steps of: and judges that identity card sequence number is
It is no to meet exception rules, if whether identity card sequence number meets exception rules, by identity card sequence number write-access frequency pipe
Control list;
In order to further ensure the integrality of abnormal data, the dynamic and intelligence of processing are promoted, it is ensured that processing safety,
In the case where determining that card reader sequence number meets exception rules, it can further judge whether identity card sequence number meets abnormal rule
Then, if whether identity card sequence number meets exception rules, identity card sequence number write-access frequency control list is returned into letter
Breath prompt user's identity card please tries again later in the presence of abnormal, and termination process, to realize the dynamic of frequency control list
State variation, promotes the intelligence of authentication ids information process request treatment process;
If card reader sequence number does not meet exception rules, judge whether identity card sequence number meets exception rules, if body
Part card sequence number meets exception rules, then termination process;
Optionally, if step identity card sequence number meets exception rules, termination process, comprising steps of if identity
Card sequence number meets exception rules, then identity card sequence number deposit visiting frequency is managed list, return to the first prompt information simultaneously
Termination process;
In order to further ensure the integrality of abnormal data, the dynamic and intelligence of processing are promoted, it is ensured that processing safety,
In the case where determining that card reader sequence number does not meet exception rules, it can further judge whether identity card sequence number meets exception
Rule returns to identity card sequence number write-access frequency control list if whether identity card sequence number meets exception rules
The information alert user identity card please tries again later in the presence of abnormal, and termination process, to realize frequency control list
Dynamic change promotes the intelligence of authentication ids information process request treatment process;
If judging, identity card sequence number and card reader sequence number do not meet exception rules, then follow the steps S9;
S9: authentication ids information process request is handled;
When judging that identity card sequence number and card reader sequence number do not meet exception rules, then illustrate identity card sequence number
It does not appear in blacklist with card reader sequence number, and does not occur in the prefixed time interval before receiving processing request
In frequency control list, while exception rules are not met, that is to say, that identity card sequence number and card reader sequence number are equal at this time
It is legal, at this point, to based on the identity card sequence number and the card reader sequence number generation authentication ids information process request into
Row processing operation.
The method provided through the embodiment of the present invention can be realized to being generated based on abnormal identity card or abnormal card reader
Authentication ids information process request carries out effective abnormality processing, is made using identity card sequence number and/or card reader sequence number
It is managed, is avoided because of other factors, the legitimate request as caused by the variation of IP address or the variation of card type for key value
It can not be executed, by blacklist, can be asked in the processing for preventing illegal identity card or illegal card reader initiation at the first time
Ask, abnormality eliminating method through the invention can be realized blacklist dynamic update, enhance abnormality processing dynamic and
Real-time;Managing list by frequency can be realized to the exception for occurring abnormal identity card or card reader in a short time before
Reason is realized and is freezed in short-term to Short Term Anomalous identity card or card reader, avoids the security risk caused by the processing of illegal request,
The dynamic that abnormality eliminating method through the invention can be realized frequency control list updates, and enhances the dynamic of abnormality processing
And real-time;It can be realized the abnormal judgement to current identity card or card reader by exception rules, even if this processing request
In identity card or card reader be not included in blacklist or the control of frequency control list within the scope of, equally can recognize that different
Normal identity card or card reader improve and believe authentication ids to realize triple dynamic authentications to identity card and card reader
The safety and reliability of breath processing request processing.
Embodiment 2:
The present embodiment provides a kind of identity card cloud authentication devices, as shown in Figure 2, comprising:
First communication module 201, for receiving authentication ids information process request, the authentication ids packet
It includes: identity card serial number encryption value and card reader sequence number, wherein the card reader Serial No. ID card information reading terminals
Sequence number;
Identity card processing request is the processing request that card reader of ID card is initiated, and identity card cloud authentication platform judges identity card
Processing request is after legal processes are requested, according to preset rules, for the idle safety certification mould of identity card processing request distribution
The originating end of block 210, assigned security authentication module 210 and identity card processing request carries out data interaction, wherein identity
Card serial number encryption value is that card reader of ID card obtains the identity card serial number encryption obtained from identity card, card reader sequence
Number be card reader of ID card itself sequence number.
Second communication module 202, for obtaining the identity card sequence number decrypting the identity card serial number encryption value and obtaining;
Operation is decrypted to the identity card serial number encryption value received, if card reader of ID card is calculated using symmetric cryptography
Method encryption identity card sequence number is then solved the identity card serial number encryption value received using corresponding symmetrical decipherment algorithm
Close operation;If card reader of ID card uses own private key encryption identity card sequence number, the identity card sequence number received is added
Operation is decrypted using the public key of card reader of ID card in close value;Identity card serial number encryption value is decrypted the main body of operation
It can be itself, be also possible to external equipment or external chip.
Third communication module 203, for obtaining blacklist;
First judgment module 206, for judging whether the identity card sequence number is included in the blacklist, if described
Identity card sequence number is included in the blacklist, then 209 termination process of processing module;
Third communication module 203 can obtain blacklist from itself storage, can also obtain blacklist, black name from outside
It include illegal identity card sequence number and illegal card reader sequence number in list;If the identity card that first communication module 201 receives
It include illegal identity card sequence number or illegal card reader sequence number in authentication information processing request, then the authentication ids
Information process request is in illegal state, can not normally be accepted by server.
Have illegal identity card sequence number in blacklist, for example, the identity card being reported the loss sequence number, continuously occur it is different
The sequence number etc. of the identity card occurred in the sequence number of normal identity card or short time in multiple areas, the processing meeting that it is requested
Greater risk is brought, if first judgment module 206 judges that identity card sequence number is included in blacklist, illustrates the identity card sequence
Number sequence number is demonstrate,proved for illegal identity, server disregards, 209 termination process of processing module.Optionally, first judges mould
Block 206 can return to prompt information to prompt user, which has been added into blacklist, convenient for user carry out subsequent operation and
Resolving probiems;
Optionally, when first judgment module 206 judges that identity card sequence number is included in blacklist, fourth communication module
204, for obtaining visiting frequency control list, the second judgment module 207 judges obtaining visiting apart from fourth communication module 204
Ask whether it includes card reader sequence that visiting frequency is managed in list before the frequency control list moment in the second prefixed time interval
Number deposit record, if apart from fourth communication module 204 get visiting frequency control the list moment before second it is default when
Between interval in, visiting frequency manage list in comprising card reader sequence number deposit record, then the second judgment module 207 obtain exists
It is got before the visiting frequency control list moment in the 4th prefixed time interval apart from fourth communication module 204, visiting frequency
The deposit for managing card reader sequence number in list records frequency of occurrence, if the deposit record frequency of occurrence of card reader sequence number is greater than
Or be equal to the second preset value, then card reader sequence number is stored in blacklist;If the second judgment module 207 judges in distance four-way
Letter module 204 is got before the visiting frequency control list moment in the second prefixed time interval, and visiting frequency is managed in list
Deposit record not comprising card reader sequence number, then fifth communication module 205 obtains exception rules, judges that card reader sequence number is
It is no to meet exception rules, if card reader sequence number meets exception rules, card reader sequence number write-access frequency is managed into name
It is single;
If identity card sequence number is not comprised in blacklist, first judgment module 206 judges that card reader sequence number is
It is no to be included in blacklist, if card reader sequence number is included in blacklist, 209 termination process of processing module;
If identity card sequence number is not comprised in blacklist, first judgment module 206 further judges card reader sequence
The legitimacy of row number, to determine whether identity card sequence number and card reader sequence number are legal, have illegal reading in blacklist
Card device sequence number, for example, the card reader that is reported the loss sequence number, the continuous sequence number for abnormal card reader occur, be more than to use year
The sequence number etc. of the sequence number of the card reader of limit or the card reader occurred in short-term in multiple areas, the processing requested it can be brought
Greater risk illustrates the card reader Serial No. if first judgment module 206 judges that card reader sequence number is included in blacklist
Illegal identity demonstrate,proves sequence number, and server is disregarded, 209 termination process of processing module.Optionally, first judgment module
206 can return to prompt information to prompt user, which has been added into blacklist, carry out subsequent operation convenient for user and ask
The key to exercises is determined;
Optionally, if first judgment module 206 judges that card reader sequence number is included in blacklist, fourth communication module
204 for obtaining visiting frequency control list, and the second judgment module 207 judges obtaining visiting apart from fourth communication module 204
Ask whether it includes identity card sequence that visiting frequency is managed in list before the frequency control list moment in the first prefixed time interval
Number deposit record, if apart from fourth communication module 204 get visiting frequency control the list moment before first it is default when
Between interval in, visiting frequency manage list in comprising identity card sequence number deposit record, then the second judgment module 207 obtain exists
It is got before the visiting frequency control list moment in third prefixed time interval apart from fourth communication module 204, visiting frequency
The deposit for managing identity card sequence number in list records frequency of occurrence, if the deposit record frequency of occurrence of identity card sequence number is greater than
Or be equal to the first preset value, then identity card sequence number is stored in blacklist;If the second judgment module 207 judges in distance four-way
Letter module 204 is got before the visiting frequency control list moment in the first prefixed time interval, and visiting frequency is managed in list
Deposit record not comprising identity card sequence number, then fifth communication module 205 obtains exception rules, judges that identity card sequence number is
It is no to meet exception rules, if identity card sequence number meets exception rules, identity card sequence number write-access frequency is managed into name
It is single;
Third communication module 203, for obtaining blacklist,
First judgment module 206, for judging whether the card reader sequence number is included in the blacklist, if described
Card reader sequence number is included in the blacklist, then 209 termination process of processing module;
Have illegal card reader sequence number in blacklist, for example, the card reader being reported the loss sequence number, continuously occur it is different
The sequence number of normal card reader, the card reader that occur more than the sequence number of the card reader of service life or in short-term in multiple areas
Sequence number etc., the processing requested it can bring greater risk, if first judgment module 206 judges that card reader sequence number is included in
In blacklist, illustrate that the card reader Serial No. illegal identity demonstrate,proves sequence number, server is disregarded, and processing module 209 terminates
Process flow.Optionally, server can return to prompt information to prompt user, which has been added into blacklist, be convenient for
User carries out subsequent operation and Resolving probiems;
Optionally, if card reader sequence number is included in blacklist, fourth communication module 204 is also used to obtain access frequency
Degree control list, the second judgment module 207 judge getting the visiting frequency control list moment apart from fourth communication module 204
Before in the first prefixed time interval, visiting frequency manages in list whether the deposit comprising identity card sequence number records, if
It is got before the visiting frequency control list moment in the first prefixed time interval apart from fourth communication module 204, visiting frequency
It manages the deposit in list comprising identity card sequence number to record, then the second judgment module 207 is obtained apart from fourth communication module
204 get before the visiting frequency control list moment in third prefixed time interval, and visiting frequency manages identity card in list
The deposit of sequence number records frequency of occurrence, if the deposit record frequency of occurrence of identity card sequence number is greater than or equal to first and presets
Identity card sequence number is then stored in blacklist by value;If the second judgment module 207 judges to obtain apart from fourth communication module 204
Before managing the list moment to visiting frequency in the first prefixed time interval, visiting frequency, which is managed, does not include identity card sequence in list
The deposit of row number records, then fifth communication module 205 obtains exception rules, judges whether identity card sequence number meets abnormal rule
Then, if identity card sequence number meets exception rules, identity card sequence number write-access frequency is managed into list;
If card reader sequence number is not comprised in blacklist, first judgment module 206 judges that identity card sequence number is
It is no to be included in blacklist, if identity card sequence number is included in blacklist, 209 termination process of processing module;
If card reader sequence number is not comprised in blacklist, first judgment module 206 further judges identity card sequence
The legitimacy of row number, to determine whether identity card sequence number and card reader sequence number are legal, have illegal body in blacklist
Part card sequence number, such as the sequence number of the identity card that is reported the loss, the continuous sequence number for abnormal identity card occur or in the short time
In the sequence number etc. for the identity card that multiple areas occur, the processing requested it can bring greater risk, if first judgment module
206 judge that identity card sequence number is included in blacklist, illustrate that the identity card Serial No. illegal identity demonstrate,proves sequence number, server
It disregards, 209 termination process of processing module.Optionally, server can return to prompt information to prompt user, the body
Part card has been added into blacklist, carries out subsequent operation and Resolving probiems convenient for user;
Optionally, after first judgment module 206 judges that card reader sequence number is not comprised in blacklist, four-way
Letter module 204 is also used to obtain visiting frequency control list, and the second judgment module 207 judges apart from fourth communication module 204
It gets before the visiting frequency control list moment in the second prefixed time interval, whether visiting frequency is managed in list comprising reading
The deposit of card device sequence number records, if the before getting the visiting frequency control list moment apart from fourth communication module 204
In two prefixed time intervals, visiting frequency is managed the deposit in list comprising card reader sequence number and is recorded, then the second judgment module
207 obtain before getting the visiting frequency control list moment apart from fourth communication module 204 in the 4th prefixed time interval,
The deposit that visiting frequency manages card reader sequence number in list records frequency of occurrence, occurs if the deposit of card reader sequence number records
Number is greater than or equal to the second preset value, then card reader sequence number is stored in blacklist;If the second judgment module 207 judge away from
It is got before the visiting frequency control list moment in the second prefixed time interval from fourth communication module 204, visiting frequency pipe
The deposit record for not including card reader sequence number in list is controlled, then fifth communication module 205 obtains exception rules, judges card reader
Whether sequence number meets exception rules, if card reader sequence number meets exception rules, by card reader sequence number write-access frequency
Degree control list;
Fourth communication module 204 is also used to judging that identity card sequence number and card reader sequence number be not included in black name
When in list, obtains visiting frequency and manage list, the second judgment module 207 judges obtaining visiting apart from fourth communication module 204
Ask whether it includes identity card sequence that visiting frequency is managed in list before the frequency control list moment in the first prefixed time interval
Number deposit record, if apart from fourth communication module 204 get visiting frequency control the list moment before first it is default when
Between in interval, visiting frequency is managed the deposit in list comprising identity card sequence number and is recorded, then 209 termination stream of processing module
Journey;
If first judgment module 206 judges that identity card sequence number and card reader sequence number are not included in blacklist, say
Bright identity card sequence number and card reader sequence number are all legal, that is to say, that the authentication ids information process request is in
Legal state, need to further judge whether the authentication ids information process request is in by control state;
Fourth communication module 204 can obtain visiting frequency from itself storage and manage list, can also obtain from outside
Visiting frequency manages list, and it includes the identity card sequence number managed and the card reader managed that visiting frequency, which is managed in list,
Sequence number;If the identity card sequence in the authentication ids information process request that first communication module 201 receives comprising being managed
Row number or the card reader sequence number managed need to be frozen then the authentication ids information process request is in by control state
It could thaw after knot certain time length, currently can not normally be accepted by server.
To avoid by Replay Attack, abnormal identity card sequence number and abnormal card reader sequence number can be frozen control centainly
Duration, under control state, identity card cloud authentication device is not handled the request of initiation, and the second judgment module 207 can be with
First determine whether first prefixed time interval before getting the visiting frequency control list moment apart from fourth communication module 204
Interior, visiting frequency manages in list whether the deposit comprising identity card sequence number records, if obtaining apart from fourth communication module 204
It gets before the visiting frequency control list moment in the first prefixed time interval, it includes identity card sequence in list that visiting frequency, which is managed,
The deposit of row number records, and illustrates the identity card sequence number also in freezing control state, 209 termination process of processing module;
Wherein, the first prefixed time interval is preset value, can be configured according to specific application scenarios, for example, when card-reading terminal is
When automatic ticket taking machine, the first prefixed time interval can be set as 1 minute, that is to say, that certain specific identity demonstrate,proves sequence number when discovery
In frequency manage list when, within next 1 minute, not to the request initiated based on the identity card sequence number at
Reason operation;Optionally, it when finding that certain specific identity card sequence number is in frequency control list, returns to prompt information and prompts user
The identity card abnormal state, is please tried again later;
If first prefixed time interval before getting the visiting frequency control list moment apart from fourth communication module 204
Interior, visiting frequency manages the deposit record for not including identity card sequence number in list, then the second judgment module 207 judges in distance
Fourth communication module 204 gets visiting frequency control before the visiting frequency control list moment in the second prefixed time interval
Whether the deposit comprising card reader sequence number records in list, if getting visiting frequency pipe apart from fourth communication module 204
Before the control list moment in the second prefixed time interval, visiting frequency is managed the deposit in list comprising card reader sequence number and is remembered
It records, then 209 termination process of processing module;
Fourth communication module 204 is used to judge that identity card sequence number and card reader sequence number be not included in blacklist
When, it obtains visiting frequency and manages list, the second judgment module 207 judges getting access frequency apart from fourth communication module 204
Before the degree control list moment in the second prefixed time interval, whether it includes card reader sequence number that visiting frequency is managed in list
Deposit record, if before getting the visiting frequency control list moment apart from fourth communication module 204 between second preset time
Every interior, visiting frequency is managed the deposit in list comprising card reader sequence number and is recorded, then 209 termination process of processing module;
To avoid by Replay Attack, abnormal identity card sequence number and abnormal card reader sequence number can be frozen control centainly
Duration, under control state, identity card cloud authentication device is not handled the request of initiation, and the second judgment module 207 can be with
First determine whether first prefixed time interval before getting the visiting frequency control list moment apart from fourth communication module 204
Interior, visiting frequency manages in list whether the deposit comprising card reader sequence number records, if obtaining apart from fourth communication module 204
It gets before the visiting frequency control list moment in the first prefixed time interval, it includes card reader sequence in list that visiting frequency, which is managed,
The deposit of row number records, and illustrates the card reader sequence number also in freezing control state, 209 termination process of processing module;
Wherein, the first prefixed time interval is preset value, can be configured according to specific application scenarios, for example, when card-reading terminal is
When automatic ticket taking machine, the first prefixed time interval can be set as 1 minute, that is to say, that when certain specific card reader sequence number of discovery
In frequency manage list when, within next 1 minute, not to the request initiated based on the card reader sequence number at
Reason operation;Optionally, it when finding that certain specific card reader sequence number is in frequency control list, returns to prompt information and prompts user
The Card reader status is abnormal, please tries again later;
If second prefixed time interval before getting the visiting frequency control list moment apart from fourth communication module 204
Interior, visiting frequency manages the deposit record for not including card reader sequence number in list, then the second judgment module 207 judges in distance
Fourth communication module 204 gets visiting frequency control before the visiting frequency control list moment in the first prefixed time interval
Whether the deposit comprising identity card sequence number records in list, if getting visiting frequency pipe apart from fourth communication module 204
Before the control list moment in the first prefixed time interval, visiting frequency is managed the deposit in list comprising identity card sequence number and is remembered
It records, then 209 termination process of processing module;
The second judgment module 207 judge to get apart from fourth communication module 204 the visiting frequency control list moment it
In preceding first prefixed time interval, visiting frequency manages the deposit record for not including identity card sequence number in list and in distance the
Four communication modules 204 are got before the visiting frequency control list moment in the second prefixed time interval, and visiting frequency manages name
When deposit in list not comprising card reader sequence number records, fifth communication module 205 obtains exception rules, and judges identity card sequence
Whether row number meets exception rules, if identity card sequence number meets exception rules, 209 termination process of processing module;
Exception rules can store in memory module 211, can also obtain from external equipment, third judgment module 208
It can judge whether identity card sequence number or card reader sequence number in this request are in abnormality according to exception rules;
If identity card sequence number does not meet exception rules, third judgment module 208 judges whether card reader sequence number accords with
Exception rules are closed, if card reader sequence number meets exception rules, 209 termination process of processing module;
When the second judgment module 207 judges getting the visiting frequency control list moment apart from fourth communication module 204
Before in the first prefixed time interval, visiting frequency manages the deposit record for not including identity card sequence number in list and in distance
Fourth communication module 204 gets visiting frequency control before the visiting frequency control list moment in the second prefixed time interval
When deposit in list not comprising card reader sequence number records, it can determine that the identity card sequence number and the card reader sequence number exist
First prefixed time interval and do not occurred abnormality, third judgment module 208 into one in the second prefixed time interval
Whether step judges the identity card sequence number or the card reader sequence number in this request in abnormality;
The second judgment module 207 judge to get apart from fourth communication module 204 the visiting frequency control list moment it
In preceding first prefixed time interval, visiting frequency manages the deposit record for not including identity card sequence number in list and in distance the
Four communication modules 204 are got before the visiting frequency control list moment in the second prefixed time interval, and visiting frequency manages name
When deposit in list not comprising card reader sequence number records, fifth communication module 205 obtains exception rules, third judgment module
208 judge whether card reader sequence number meets exception rules, if card reader sequence number meets exception rules, processing module 209
Termination process;If card reader sequence number does not meet exception rules, third judgment module 208 judges that identity card sequence number is
It is no to meet exception rules, if identity card sequence number meets exception rules, 209 termination process of processing module;
Processing module 209 is right for when judging that identity card sequence number and card reader sequence number do not meet exception rules
Authentication ids information process request is handled.
Optionally, the second judgment module 207 is also used to getting visiting frequency control apart from fourth communication module 204
Before the list moment in the first prefixed time interval, if the deposit comprising identity card sequence number records in visiting frequency control list
When, it obtains before getting the visiting frequency control list moment apart from fourth communication module 204 in third prefixed time interval,
The deposit that visiting frequency manages identity card sequence number in list records frequency of occurrence, occurs if the deposit of identity card sequence number records
Number then returns to the first prompt information and 209 termination process of processing module less than the first preset value;If identity card sequence number
Deposit record frequency of occurrence be greater than or equal to the first preset value, then by identity card sequence number be stored in blacklist, return mistake letter
Cease simultaneously 209 termination process of processing module;
In order to further ensure the integrality of abnormal data, it is ensured that processing safety, when determining apart from fourth communication module
204 get before the visiting frequency control list moment in the first prefixed time interval, and it includes body in list that visiting frequency, which is managed,
In the case where the deposit record of part card sequence number, the second judgment module 207 can further judge apart from fourth communication module 204
It gets before the visiting frequency control list moment in third prefixed time interval, it includes identity card in list that visiting frequency, which is managed,
The deposit of sequence number records number;In one section of preset time, if identity card cloud authentication device is repeatedly received based on a certain
When the processing request that the identity card sequence number being specifically present in frequency control list is initiated, it is believed that the identity card sequence number
For illegal sequence number, blacklist is added;Specifically, if the second judgment module 207 judges the before receiving processing request
In one prefixed time interval, once it was written in frequency control list according to the identity card sequence number that processing request obtains, then
Further judge in the third prefixed time interval before receiving processing request, the identity card sequence obtained according to processing request
Whether the number that row number was once written in frequency control list reaches the first preset value, wherein third prefixed time interval and the
One preset value is preset value, can be set according to application scenarios, such as: third prefixed time interval is 5 minutes, the first preset value
It is 100 times, if that the second judgment module 207 judges receiving the processing request initiated based on specific identity card sequence number
In first 5 minutes, the number for the processing request initiated based on the identity card sequence number is had received less than 100 times, then returns to first
Prompt information prompt user tries again later and 209 termination process of processing module;It is based on the identity card sequence if it has been received
The number for the processing request that row number is initiated is greater than or equal to 100 times, then blacklist is written in the identity card sequence number, returns to mistake
The information alert user identity card has been added into blacklist, 209 termination process of processing module;
Optionally, the second judgment module 207 is also used to getting visiting frequency control apart from fourth communication module 204
Before the list moment in the second prefixed time interval, visiting frequency is managed the deposit in list comprising card reader sequence number and is recorded
When, it obtains before getting the visiting frequency control list moment apart from fourth communication module 204 in the 4th prefixed time interval,
The deposit that visiting frequency manages card reader sequence number in list records frequency of occurrence, occurs if the deposit of card reader sequence number records
Number is less than the second preset value, then the second judgment module 207 returns to the second prompt information and 209 termination stream of processing module
Journey;If the deposit record frequency of occurrence of card reader sequence number is greater than or equal to the second preset value, card reader sequence number is stored in
Blacklist returns to error message and 209 termination process of processing module.
In order to further ensure the integrality of abnormal data, it is ensured that processing safety, when determining apart from fourth communication module
204 get before the visiting frequency control list moment in the first prefixed time interval, and it includes body in list that visiting frequency, which is managed,
In the case where the deposit record of part card sequence number, the second judgment module 207 can further judge apart from fourth communication module 204
It gets before the visiting frequency control list moment in the second prefixed time interval, whether visiting frequency is managed in list comprising reading
The deposit of card device sequence number record and judge apart from fourth communication module 204 get visiting frequency manage the list moment it
In preceding 4th prefixed time interval, visiting frequency manages the deposit in list comprising card reader sequence number and records number, at one section
In preset time, specifically it is present in frequency control list if identity card cloud authentication device is repeatedly received based on a certain
When the processing request that card reader sequence number is initiated, it is believed that blacklist is added in the card reader Serial No. illegal sequence number;Specifically
Ground, if the second judgment module 207 judges to be requested in the second prefixed time interval before receiving processing request according to processing
The card reader sequence number of acquisition was once written in frequency control list, then further judging before receiving processing request
The 4th prefixed time interval in, according to processing request obtain card reader sequence number be once written to frequency control list in
Whether number reaches the second preset value, wherein the 4th prefixed time interval and the second preset value are preset value, it can be according to application
Scene settings, such as: the 4th prefixed time interval is 5 minutes, and the second preset value is 100 times, if that the second judgment module
207 judge receiving in processing request first 5 minutes initiated based on specific card reader sequence number, have received based on the card reading
The number for the processing request that device sequence number is initiated then returns to the second prompt information prompt user and tries and locate again later less than 100 times
Manage 209 termination process of module;The number for the processing request initiated if it has been received based on the card reader sequence number is greater than
Or be equal to 100 times, then blacklist is written into the card reader sequence number, returns to error message prompt user's card reader and be added into
Blacklist, and 209 termination process of processing module;
Optionally, third judgment module 208 is also used to when identity card sequence number meets exception rules, then by identity card sequence
Row number is stored in visiting frequency and manages list, returns to the first prompt information and 209 termination process of processing module;In card reader sequence
When row number meets exception rules, then card reader sequence number deposit visiting frequency is managed into list, return to the second prompt information and locate
Manage 209 termination process of module;
Optionally, authentication ids information process request further include: timestamp secret value and card reader count secret value;The
Two communication modules 202 are also used to obtain decryption time stamp secret value and card reader counts the timestamp and card reader that secret value obtains
Count value, wherein timestamp demonstrate,proves information processing by the card reader identity-based identification of generation authentication ids information process request
The generation moment of request generates;Card reader count value is generated by the history processing request number of times that card reader is initiated based on card reader;
At the time of third judgment module 208 is also used to based on timestamp and receives authentication ids information process request,
First time interval is generated, judges whether first time interval is greater than the 5th prefixed time interval and less than between the 6th preset time
Every if first time interval judges identity card sequence greater than the 5th prefixed time interval and less than the 6th prefixed time interval
It is number legal, otherwise, judge that identity card sequence number meets exception rules;
Third judgment module 208 is also used to judge based on timestamp and card reader count value apart from fourth communication module 204
Get before the visiting frequency control list moment in the 7th prefixed time interval, receive comprising identity card serial number encryption
Whether the request number of times of the authentication ids information process request of value is less than third preset value, if what is received includes identity card sequence
The request number of times of the authentication ids information process request of row number secret value is less than third preset value, then judges identity card sequence number
It is legal, otherwise, judge that identity card sequence number meets exception rules;
At the time of third judgment module 208 is also used to based on timestamp and receives authentication ids information process request,
First time interval is generated, judges whether first time interval is greater than the 8th prefixed time interval and less than between the 9th preset time
Every if first time interval judges card reader sequence greater than the 8th prefixed time interval and less than the 9th prefixed time interval
It is number legal, otherwise, judge that card reader sequence number meets exception rules;
Third judgment module 208 is also used to judge based on timestamp and card reader count value apart from fourth communication module
204 get before the visiting frequency control list moment in the tenth prefixed time interval, receive comprising card reader sequence number
Authentication ids information process request request number of times whether less than the 4th preset value, if receive comprising card reader sequence
Number authentication ids information process request request number of times less than the 4th preset value, then judge that card reader sequence number is legal, it is no
Then, judge that card reader sequence number meets exception rules;
Third judgment module 208 is also used to judge the authentication ids information continuously received based on card reader count value
Whether meet preset rules with the card reader count value of card reader sequence numbers match in processing request, if card reader count value meets
Preset rules then judge that card reader sequence number is legal, otherwise, judge that card reader sequence number meets exception rules.
It optionally, also include authentication module 210, wherein the identity identification that second communication module 202 is also used to receive
Card information process request is sent to authentication module 210;Authentication module 210, for extracting in authentication ids information process request
Identity card serial number encryption value, timestamp secret value and/or card reader count secret value, to identity card serial number encryption value,
Timestamp secret value and/or card reader count secret value and operation are decrypted, and obtain identity card sequence number, timestamp and/or reading
Card device count value, and identity card sequence number, timestamp and/or card reader count value are sent to second communication module 202;
Operation is decrypted to secret value independently of identity card cloud authentication device in authentication module 210, on the one hand can reduce
On the other hand the operation pressure of identity card cloud authentication device is able to ascend the safety of verification process.
It optionally, also include memory module 211, wherein memory module 211, for storing blacklist and frequency control name
It is single;Third communication module 203 is also used in request blacklist, generates blacklist acquisition request, and be sent to storage mould
Block 211;Fourth communication module 204 is also used to when request frequency manages list, is generated frequency control list acquisition and is asked
It asks, and is sent to memory module 211;Memory module 211 is also used to send out blacklist when receiving blacklist acquisition request
It send to third communication module 203;Memory module 211 is also used to when receiving frequency control list acquisition request, by frequency pipe
Control list is sent to fourth communication module 204;Third communication module 203 is also used to after carrying out write operation to blacklist, raw
Memory module 211 is sent at updated blacklist, and by updated blacklist;Fourth communication module 204, is also used to
After carrying out write operation to frequency control list, updated frequency control list is generated, and updated frequency is managed into name
Singly it is sent to memory module 211;Memory module 211 is also used to receive and store updated blacklist or frequency control list.
Blacklist and frequency control list can store in independent memory module 211, promote the safety of data, together
When alleviate identity card cloud authentication device data processing pressure, memory module 211 to blacklist and frequency control list storage
It can be stored for ciphertext, avoid by malicious access and distort.
The device provided through the embodiment of the present invention can be realized to being generated based on abnormal identity card or abnormal card reader
Authentication ids information process request carries out effective abnormality processing, is made using identity card sequence number and/or card reader sequence number
It is managed, is avoided because of other factors, the legitimate request as caused by the variation of IP address or the variation of card type for key value
It can not be executed, by blacklist, can be asked in the processing for preventing illegal identity card or illegal card reader initiation at the first time
Ask, abnormality eliminating method through the invention can be realized blacklist dynamic update, enhance abnormality processing dynamic and
Real-time;Managing list by frequency can be realized to the exception for occurring abnormal identity card or card reader in a short time before
Reason is realized and is freezed in short-term to Short Term Anomalous identity card or card reader, avoids the security risk caused by the processing of illegal request,
The dynamic that abnormality eliminating method through the invention can be realized frequency control list updates, and enhances the dynamic of abnormality processing
And real-time;It can be realized the abnormal judgement to current identity card or card reader by exception rules, even if this processing request
In identity card or card reader be not included in blacklist or the control of frequency control list within the scope of, equally can recognize that different
Normal identity card or card reader improve and believe authentication ids to realize triple dynamic authentications to identity card and card reader
The safety and reliability of breath processing request processing.
Any process described otherwise above or method description are construed as in flow chart or herein, and expression includes
It is one or more for realizing specific logical function or process the step of executable instruction code module, segment or portion
Point, and the range of the preferred embodiment of the present invention includes other realization, wherein can not press shown or discussed suitable
Sequence, including according to related function by it is basic simultaneously in the way of or in the opposite order, Lai Zhihang function, this should be of the invention
Embodiment person of ordinary skill in the field understood.
It should be appreciated that each section of the invention can be realized with hardware, software, firmware or their combination.Above-mentioned
In embodiment, software that multiple steps or method can be executed in memory and by suitable instruction execution system with storage
Or firmware is realized.It, and in another embodiment, can be under well known in the art for example, if realized with hardware
Any one of column technology or their combination are realized: having a logic gates for realizing logic function to data-signal
Discrete logic, with suitable combinational logic gate circuit specific integrated circuit, programmable gate array (PGA), scene
Programmable gate array (FPGA) etc..
Those skilled in the art are understood that realize all or part of step that above-described embodiment method carries
It suddenly is that relevant hardware can be instructed to complete by program, the program can store in a kind of computer-readable storage medium
In matter, which when being executed, includes the steps that one or a combination set of embodiment of the method.
It, can also be in addition, each functional unit in each embodiment of the present invention can integrate in a processing module
It is that each unit physically exists alone, can also be integrated in two or more units in a module.Above-mentioned integrated mould
Block both can take the form of hardware realization, can also be realized in the form of software function module.The integrated module is such as
Fruit is realized and when sold or used as an independent product in the form of software function module, also can store in a computer
In read/write memory medium.
Storage medium mentioned above can be read-only memory, disk or CD etc..
In the description of this specification, reference term " one embodiment ", " some embodiments ", " example ", " specifically show
The description of example " or " some examples " etc. means specific features, structure, material or spy described in conjunction with this embodiment or example
Point is included at least one embodiment or example of the invention.In the present specification, schematic expression of the above terms are not
Centainly refer to identical embodiment or example.Moreover, particular features, structures, materials, or characteristics described can be any
One or more embodiment or examples in can be combined in any suitable manner.
Although the embodiments of the present invention has been shown and described above, it is to be understood that above-described embodiment is example
Property, it is not considered as limiting the invention, those skilled in the art are not departing from the principle of the present invention and objective
In the case where can make changes, modifications, alterations, and variations to the above described embodiments within the scope of the invention.The scope of the present invention
By appended claims and its equivalent limit.
Claims (10)
1. a kind of processing method of authentication ids information process request, which comprises the following steps:
S1: receive authentication ids information process request, the authentication ids information include: identity card serial number encryption value and
Card reader sequence number, wherein the sequence number of the card reader Serial No. ID card information reading terminals;
S2: it obtains and decrypts the identity card sequence number that the identity card serial number encryption value obtains;
S3: blacklist is obtained, judges whether the identity card sequence number or the card reader sequence number are included in the blacklist
In, if the identity card sequence number and the card reader sequence number are not included in the blacklist, then follow the steps S5;
S5: it obtains visiting frequency and manages list, and execute step S601 or step S602;
S601: judging before distance gets the visiting frequency control list moment in the first prefixed time interval, described
Visiting frequency manages in list whether the deposit comprising the identity card sequence number records, if including the identity card sequence number
Deposit record, thens follow the steps S6001;If the deposit for not including the identity card sequence number records, judge to obtain in distance
Before managing the list moment to the visiting frequency in the second prefixed time interval, whether wrapped in the visiting frequency control list
Deposit record containing the card reader sequence number, if the deposit comprising the card reader sequence number records, thens follow the steps
S6002;If judging the visit before distance gets the visiting frequency control list moment in the first prefixed time interval
It asks that the deposit for not including the identity card sequence number in frequency control list records, and gets the visiting frequency pipe in distance
Before the control list moment in the second prefixed time interval, the card reader sequence number is not included in the visiting frequency control list
Deposit record, then follow the steps S7;
S602: judging to get in visiting frequency control second prefixed time interval of the list moment foregoing description in distance,
Whether the deposit comprising the card reader sequence number records in the visiting frequency control list, if including the card reader sequence
Number deposit record, then execute the step S6002;If the deposit for not including the card reader sequence number records, judge
Distance is got in visiting frequency control first prefixed time interval of the list moment foregoing description, the visiting frequency control
Whether the deposit comprising the identity card sequence number records in list, if the deposit comprising the identity card sequence number records,
Execute the step S6001, and termination process;If judge distance get the visiting frequency control list moment it
In preceding first prefixed time interval, the deposit that the identity card sequence number is not included in the visiting frequency control list is recorded,
And before distance gets the visiting frequency control list moment in the second prefixed time interval, the visiting frequency control
Deposit in list not comprising the card reader sequence number records, and thens follow the steps S7;
S6001: obtaining before distance gets the visiting frequency control list moment in third prefixed time interval, described
The deposit that visiting frequency manages identity card sequence number described in list records frequency of occurrence, if the deposit of the identity card sequence number
It records frequency of occurrence and is greater than or equal to the first preset value, then the identity card sequence number is stored in the blacklist;
S6002: obtaining before distance gets the visiting frequency control list moment in the 4th prefixed time interval, described
The deposit that visiting frequency manages card reader sequence number described in list records frequency of occurrence, if the deposit of the card reader sequence number
It records frequency of occurrence and is greater than or equal to the second preset value, then the card reader sequence number is stored in the blacklist;
S7 obtains exception rules, and executes step S801 or step S802;
S801: judging whether the identity card sequence number meets exception rules, if the identity card sequence number meets exception rules,
The identity card sequence number is then stored in the visiting frequency control list and termination process;If the identity card sequence number
Exception rules are not met with the card reader sequence number, then follow the steps S9;
S802: judging whether the card reader sequence number meets exception rules, if the card reader sequence number meets exception rules,
The card reader sequence number is then stored in the visiting frequency control list and termination process;If the identity card sequence number
Exception rules are not met with the card reader sequence number, then follow the steps S9;
S9: the authentication ids information process request is handled.
2. the method according to claim 1, wherein in the step S3, judge the identity card sequence number or
Whether the card reader sequence number is included in the blacklist, including step S401 or step S402;
S401: judging whether the identity card sequence number is included in the blacklist,
If the identity card sequence number is included in the blacklist, it is described to judge whether the card reader sequence number is included in
In blacklist, if the card reader sequence number is not included in the blacklist, S4001, and termination stream are thened follow the steps
Journey;
If the identity card sequence number is not included in the blacklist, judge whether the card reader sequence number is included in institute
It states in blacklist, if the card reader sequence number is included in the blacklist, thens follow the steps S4002, and termination stream
Journey;
If the identity card sequence number and the card reader sequence number are not included in the blacklist, S5 is thened follow the steps;
S402: judging whether the card reader sequence number is included in the blacklist,
If the card reader sequence number is included in the blacklist, it is described to judge whether the identity card sequence number is included in
In blacklist, if the identity card sequence number is not included in the blacklist, S4002, and termination stream are thened follow the steps
Journey;
If the card reader sequence number is not included in the blacklist, judge whether the identity card sequence number is included in institute
It states in blacklist, if the identity card sequence number is included in the blacklist, thens follow the steps S4001, and termination stream
Journey;
If the identity card sequence number and the card reader sequence number are not included in the blacklist, S5 is thened follow the steps;
S4001: obtaining and access the frequency and manage list, judge distance get the visiting frequency manage the list moment it
In preceding second prefixed time interval, in visiting frequency control list whether include the card reader sequence number deposit
Record, if before distance gets the visiting frequency control list moment in the second prefixed time interval, the access frequency
The deposit comprising the card reader sequence number records in degree control list, then obtains and get the visiting frequency control in distance
In the 4th prefixed time interval of the list moment foregoing description, card reader sequence number described in the visiting frequency control list is deposited
Enter to record frequency of occurrence, if the deposit record frequency of occurrence of the card reader sequence number is greater than or equal to second preset value,
The card reader sequence number is then stored in blacklist;If judging before distance gets the visiting frequency control list moment
In second prefixed time interval, the deposit that the card reader sequence number is not included in the visiting frequency control list is remembered
Record, then obtain exception rules, judge whether the card reader sequence number meets exception rules, if the card reader sequence number meets
The card reader sequence number write-access frequency is then managed list by exception rules;
S4002: obtaining visiting frequency and manage list, judges the institute before distance gets the visiting frequency control list moment
It states in the first prefixed time interval, whether the deposit comprising the identity card sequence number is remembered in the visiting frequency control list
Record, if being got in visiting frequency control first prefixed time interval of the list moment foregoing description in distance, the access
Frequency is managed the deposit in list comprising the identity card sequence number and is recorded, then obtains and get the visiting frequency pipe in distance
It controls in list moment foregoing description third prefixed time interval, identity card sequence number described in the visiting frequency control list
Deposit record frequency of occurrence, if the deposit record frequency of occurrence of the identity card sequence number is greater than or equal to described first and presets
The identity card sequence number is then stored in the blacklist by value;If judging to get the visiting frequency control list in distance
In the first prefixed time interval of the moment foregoing description, the identity card sequence number is not included in the visiting frequency control list
Deposit record, then obtain exception rules, judge whether the identity card sequence number meets exception rules, if the identity card sequence
Number meet exception rules, then the visiting frequency is written into the identity card sequence number and manages list.
3. method according to claim 1 or 2, which is characterized in that
In the step S601, if the step is first default before distance gets the visiting frequency control list moment
In time interval, the deposit comprising the identity card sequence number is recorded in the visiting frequency control list, is thened follow the steps
After S6001, further comprise the steps of:
Judge to get in visiting frequency control first prefixed time interval of the list moment foregoing description in distance, the visit
Ask whether the deposit comprising the card reader sequence number records in frequency control list, if getting the visiting frequency in distance
It manages in the first prefixed time interval of the list moment foregoing description, includes the card reader sequence in the visiting frequency control list
The deposit of row number records, and thens follow the steps S6002;
In the step S602, if the step gets the visiting frequency control list moment foregoing description first in distance
In prefixed time interval, the deposit comprising the card reader sequence number is recorded in the visiting frequency control list, then executes step
After rapid S6002, further comprise the steps of:
Judge to get in visiting frequency control first prefixed time interval of the list moment foregoing description in distance, the visit
Ask whether the deposit comprising the identity card sequence number records in frequency control list, if getting the visiting frequency in distance
It manages in the first prefixed time interval of the list moment foregoing description, includes the identity card sequence in the visiting frequency control list
The deposit of row number records, and thens follow the steps S6001.
4. method according to claim 1 or 2, which is characterized in that
In the step S801, judge whether the identity card sequence number meets exception rules, if the identity card sequence number accords with
Exception rules are closed, then after the identity card sequence number being stored in the visiting frequency control list, are further comprised the steps of:
Judge whether the card reader sequence number meets exception rules, it, will if the card reader sequence number meets exception rules
The card reader sequence number is stored in the visiting frequency and manages list;
In the step S802, judge whether the card reader sequence number meets exception rules, if the card reader sequence number accords with
Exception rules are closed, then after the card reader sequence number being stored in the visiting frequency control list, are further comprised the steps of:
Judge whether the identity card sequence number meets exception rules, it, will if the identity card sequence number meets exception rules
The identity card sequence number is stored in the visiting frequency and manages list.
5. method according to claim 1 or 2, which is characterized in that the authentication ids information further include: timestamp adds
Close value and card reader count secret value;The step S2 further includes obtaining and decrypting the timestamp secret value and the card reader
Count the timestamp and card reader count value that secret value obtains, wherein the timestamp is by generating the authentication ids information
The card reader for handling request is generated based on the generation moment of the authentication ids information process request;The card reader count value
It is generated by the history processing request number of times that the card reader is initiated based on the card reader;
Judge whether the identity card sequence number meets exception rules, comprising:
At the time of based on the timestamp and receiving the authentication ids information process request, first time interval is generated,
Judge whether the first time interval is greater than the 5th prefixed time interval and less than the 6th prefixed time interval, if described first
Time interval is greater than the 5th prefixed time interval and is less than the 6th prefixed time interval, then judges the identity card sequence
Row number is legal, otherwise, judges that the identity card sequence number meets exception rules;Or,
Based on the timestamp and the card reader count value, judge distance get the visiting frequency control list moment it
In preceding 7th prefixed time interval, the authentication ids information processing comprising the identity card serial number encryption value received is asked
Whether the request number of times asked is less than third preset value, if the identity identification comprising the identity card serial number encryption value received
The request number of times for demonstrate,proving information process request is less than the third preset value, then judges that the identity card sequence number is legal, otherwise, sentence
The identity card sequence number that breaks meets exception rules;
Judge whether the card reader sequence number meets exception rules, comprising:
Based on the timestamp and at the time of receive the authentication ids information process request, generate between the first time
Every judging whether the first time interval is greater than the 8th prefixed time interval and less than the 9th prefixed time interval, if described
First time interval is greater than the 8th prefixed time interval and is less than the 9th prefixed time interval, then judges the card reading
Device sequence number is legal, otherwise, judges that the card reader sequence number meets exception rules;Or,
Based on the timestamp and the card reader count value, judge to get the visiting frequency control list moment in distance
Before in the tenth prefixed time interval, the authentication ids information process request comprising the card reader sequence number that receives
Whether request number of times is less than the 4th preset value, if the authentication ids information processing comprising the card reader sequence number received
The request number of times of request is less than the 4th preset value, then judges that the card reader sequence number is legal, otherwise, judge the card reading
Device sequence number meets exception rules;Or,
Based on the card reader count value, judge in the authentication ids information process request continuously received with the reading
Whether the card reader count value of card device sequence numbers match meets preset rules, if the card reader count value meets default rule
Then, then judge that the card reader sequence number is legal, otherwise, judge that the card reader sequence number meets exception rules.
6. a kind of identity card cloud authentication device characterized by comprising
First communication module, for receiving authentication ids information process request, wherein the authentication ids information processing is asked
Ask includes: identity card serial number encryption value and card reader sequence number;
Second communication module, for obtaining the identity card sequence number decrypting the identity card serial number encryption value and obtaining;
Third communication module judges whether the identity card sequence number or the card reader sequence number wrap for obtaining blacklist
It is contained in the blacklist;
First judgment module, for judging whether the identity card sequence number or the card reader sequence number are included in the black name
Dan Zhong, if the identity card sequence number or the card reader sequence number are included in the blacklist, termination process;
Fourth communication module, for obtaining visiting frequency control list;
Second judgment module, for judging the first preset time before distance gets the visiting frequency control list moment
In interval, whether the deposit comprising the identity card sequence number is recorded in the visiting frequency control list, if including the body
The deposit of part card sequence number records, then termination process;If the deposit for not including the identity card sequence number records, described
Second judgment module is also used to judge before distance gets the visiting frequency control list moment between the second preset time
Every interior, whether the deposit comprising the card reader sequence number is recorded in the visiting frequency control list, if including the card reading
The deposit of device sequence number records, then termination process;Alternatively,
Second judgment module is also used to judge to get the visiting frequency control list moment foregoing description the in distance
In two prefixed time intervals, whether the deposit comprising the card reader sequence number is recorded in the visiting frequency control list, if
Deposit comprising the card reader sequence number records, then termination process;If not including the deposit of the card reader sequence number
Record, then second judgment module, is also used to judge the institute before distance gets the visiting frequency control list moment
It states in the first prefixed time interval, whether the deposit comprising the identity card sequence number is remembered in the visiting frequency control list
Record, if the deposit comprising the identity card sequence number records, termination process;
It is pre- to be also used to obtain the third before distance gets the visiting frequency control list moment for second judgment module
If in time interval, the deposit of identity card sequence number described in the visiting frequency control list records frequency of occurrence, if described
The deposit record frequency of occurrence of identity card sequence number is greater than or equal to the first preset value, then the identity card sequence number is stored in institute
State blacklist;
It is pre- to be also used to obtain before distance gets the visiting frequency control list moment the 4th for second judgment module
If in time interval, the deposit of card reader sequence number described in the visiting frequency control list records frequency of occurrence, if described
The deposit record frequency of occurrence of card reader sequence number is greater than or equal to the second preset value, then the card reader sequence number is stored in institute
State blacklist;Alternatively,
Fifth communication module, for obtaining exception rules,
Third judgment module, for judging whether the identity card sequence number meets exception rules, if the identity card sequence number
Meet exception rules, then the identity card sequence number is stored in the visiting frequency control list and termination process;Alternatively,
The third judgment module, for judging whether the card reader sequence number meets exception rules, if the card reader sequence
Row number meets exception rules, then the card reader sequence number is stored in the visiting frequency control list and termination process;
Processing module, for handling the authentication ids information process request.
7. device according to claim 6, which is characterized in that
The first judgment module, is also used to judge whether the identity card sequence number is included in the blacklist,
If the identity card sequence number is included in the blacklist, the first judgment module is also used to judge the reading
Whether card device sequence number is included in the blacklist, if the card reader sequence number is not included in the blacklist, eventually
Only process flow;
If the identity card sequence number is not included in the blacklist, the first judgment module, it is also used to judge described
Whether card reader sequence number is included in the blacklist, if the card reader sequence number is included in the blacklist, eventually
Only process flow;
The first judgment module, is also used to judge whether the card reader sequence number is included in the blacklist,
If the card reader sequence number is included in the blacklist, the first judgment module is also used to judge the body
Whether part card sequence number is included in the blacklist, if the identity card sequence number is not included in the blacklist, eventually
Only process flow;
If the card reader sequence number is not included in the blacklist, the first judgment module, it is also used to judge described
Whether identity card sequence number is included in the blacklist, if the identity card sequence number is included in the blacklist, eventually
Only process flow;
The fourth communication module is also used to obtain the access frequency control list;
Second judgment module is also used to judge to get the visiting frequency control list moment foregoing description the in distance
In two prefixed time intervals, whether the deposit comprising the card reader sequence number is recorded in the visiting frequency control list, if
Before distance gets the visiting frequency control list moment in the second prefixed time interval, the visiting frequency manages name
Deposit in list comprising the card reader sequence number records, then second judgment module, is also used to acquisition and gets in distance
In visiting frequency control the 4th prefixed time interval of the list moment foregoing description, described in the visiting frequency control list
The deposit of card reader sequence number records frequency of occurrence, if the deposit record frequency of occurrence of the card reader sequence number is greater than or equal to
The card reader sequence number is then stored in blacklist by second preset value;If second judgment module judges to obtain in distance
It gets in visiting frequency control second prefixed time interval of the list moment foregoing description, in the visiting frequency control list
Deposit record not comprising the card reader sequence number, then the fifth communication module are also used to obtain exception rules, and described the
Three judgment modules, are also used to judge whether the card reader sequence number meets exception rules, if the card reader sequence number meets
The card reader sequence number write-access frequency is then managed list by exception rules;
The fourth communication module is also used to obtain visiting frequency control list;
Second judgment module is also used to judge to get the visiting frequency control list moment foregoing description the in distance
In one prefixed time interval, whether the deposit comprising the identity card sequence number is recorded in the visiting frequency control list, if
It is got in visiting frequency control first prefixed time interval of the list moment foregoing description in distance, the visiting frequency pipe
It controls the deposit in list comprising the identity card sequence number to record, then obtains and get the visiting frequency control list in distance
In moment foregoing description third prefixed time interval, the deposit note of identity card sequence number described in the visiting frequency control list
Frequency of occurrence is recorded, it, will if the deposit record frequency of occurrence of the identity card sequence number is greater than or equal to first preset value
The identity card sequence number is stored in the blacklist;If second judgment module judges to get the visiting frequency in distance
It manages in the first prefixed time interval of the list moment foregoing description, does not include the identity card in the visiting frequency control list
The deposit of sequence number records, then the fifth communication module, is also used to obtain exception rules, and the third judgment module judges institute
State whether identity card sequence number meets exception rules, if the identity card sequence number meets exception rules, by the identity card
Sequence number is written the visiting frequency and manages list.
8. device according to claim 6 or 7, which is characterized in that the authentication ids information process request further include:
Timestamp secret value and card reader count secret value;The first communication module is also used to obtain the decryption timestamp encryption
Value and the card reader count the timestamp and card reader count value that secret value obtains, wherein the timestamp is as described in generating
The card reader of authentication ids information process request is generated based on the generation moment of the authentication ids information process request;Institute
Card reader count value is stated to be generated by the history processing request number of times that the card reader is initiated based on the card reader;
The third judgment module is also used to based on the timestamp and receives the authentication ids information process request
Moment generates first time interval, judges whether the first time interval is greater than the 5th prefixed time interval and less than the 6th
Prefixed time interval, if the first time interval is greater than the 5th prefixed time interval and is less than the 6th preset time
Interval, then judge that the identity card sequence number is legal, otherwise, judge that the identity card sequence number meets exception rules;
The third judgment module is also used to judge based on the timestamp and the card reader count value apart from the acquisition
Before managing the list moment to the visiting frequency in the 7th prefixed time interval, what is received adds comprising the identity card sequence number
Whether the request number of times of the authentication ids information process request of close value is less than third preset value, if what is received includes the body
The request number of times of the authentication ids information process request of part card serial number encryption value is less than the third preset value, then judges institute
It is legal to state identity card sequence number, otherwise, judges that the identity card sequence number meets exception rules;
The third judgment module is also used to based on the timestamp and receives the authentication ids information process request
Moment generates the first time interval, judges whether the first time interval is greater than the 8th prefixed time interval and is less than
9th prefixed time interval is preset if the first time interval is greater than the 8th prefixed time interval and is less than the described 9th
Time interval then judges that the card reader sequence number is legal, otherwise, judges that the card reader sequence number meets exception rules;
The third judgment module is also used to judge to get in distance based on the timestamp and the card reader count value
Before the visiting frequency control list moment in the tenth prefixed time interval, what is received includes the card reader sequence number
Whether the request number of times of authentication ids information process request is less than the 4th preset value, if what is received includes the card reader sequence
The request number of times of the authentication ids information process request of row number is less than the 4th preset value, then judges the card reader sequence
It is number legal, otherwise, judge that the card reader sequence number meets exception rules;
The third judgment module is also used to judge the identity identification continuously received based on the card reader count value
Whether meet preset rules with the card reader count value of the card reader sequence numbers match in card information process request, if institute
It states card reader count value and meets preset rules, then judge that the card reader sequence number is legal, otherwise, judge the card reader sequence
Number meet exception rules.
9. device according to claim 6 or 7, which is characterized in that it also include authentication module,
Wherein, the first communication module, the authentication ids information process request for being also used to receive are sent to institute
State authentication module;
The authentication module, for extracting the identity card serial number encryption in the authentication ids information process request
Value, the timestamp secret value and/or the card reader count secret value, to the identity card serial number encryption value, it is described when
Between stab secret value and/or the card reader and count secret value operation is decrypted, obtain the identity card sequence number, the time
Stamp and/or the card reader count value, and by the identity card sequence number, the timestamp and/or the card reader count value
It is sent to the first communication module.
10. device according to claim 6 or 7, which is characterized in that it also include memory module,
Wherein, the memory module, for storing the blacklist and frequency control list;
The third communication module when being also used to the blacklist described in request, generates blacklist acquisition request, and be sent to
The memory module;
The fourth communication module when being also used to the control list of the frequency described in request, generates frequency control list and obtains
Request, and it is sent to the memory module;
The memory module is also used to when receiving the blacklist acquisition request, and the blacklist is sent to described
Three communication modules;
The memory module is also used to that the frequency is managed list when receiving the frequency control list acquisition request
It is sent to the fourth communication module;
The third communication module is also used to after carrying out write operation to the blacklist, generates the updated black name
It is single, and the updated blacklist is sent to the memory module;
The fourth communication module is also used to after carrying out write operation to frequency control list, generates updated institute
Frequency control list is stated, and the updated frequency control list is sent to the memory module;
The memory module is also used to receive and store the updated blacklist or frequency control list.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610041125.8A CN106027469B (en) | 2016-01-21 | 2016-01-21 | The processing method and identity card cloud authentication device of authentication ids information process request |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610041125.8A CN106027469B (en) | 2016-01-21 | 2016-01-21 | The processing method and identity card cloud authentication device of authentication ids information process request |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN106027469A CN106027469A (en) | 2016-10-12 |
| CN106027469B true CN106027469B (en) | 2019-05-21 |
Family
ID=57082694
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201610041125.8A Active CN106027469B (en) | 2016-01-21 | 2016-01-21 | The processing method and identity card cloud authentication device of authentication ids information process request |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN106027469B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108234383B (en) * | 2016-12-09 | 2021-01-08 | 中国电信股份有限公司 | Information access method and security access server |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1429373A (en) * | 2000-03-08 | 2003-07-09 | 高利科技有限公司 | Method and apparatus for readucing on-line fraud using personal digital identification |
| CN2722330Y (en) * | 2004-06-24 | 2005-08-31 | 公安部第一研究所证件技术事业部 | Personal identity certificating terminal |
| CN202632315U (en) * | 2012-03-31 | 2012-12-26 | 成都因纳伟盛科技股份有限公司 | Fingerprint verification module for second-generation identification card reader |
| CN103237235A (en) * | 2013-03-18 | 2013-08-07 | 中国科学院信息工程研究所 | Method and system for realizing identity authentication on Cloud TV terminals |
| CN104333560A (en) * | 2014-11-20 | 2015-02-04 | 五八同城信息技术有限公司 | Account number management method and management device |
| CN104980449A (en) * | 2015-08-03 | 2015-10-14 | 携程计算机技术(上海)有限公司 | Network request security certification method and system |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2009070430A2 (en) * | 2007-11-08 | 2009-06-04 | Suridx, Inc. | Apparatus and methods for providing scalable, dynamic, individualized credential services using mobile telephones |
-
2016
- 2016-01-21 CN CN201610041125.8A patent/CN106027469B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1429373A (en) * | 2000-03-08 | 2003-07-09 | 高利科技有限公司 | Method and apparatus for readucing on-line fraud using personal digital identification |
| CN2722330Y (en) * | 2004-06-24 | 2005-08-31 | 公安部第一研究所证件技术事业部 | Personal identity certificating terminal |
| CN202632315U (en) * | 2012-03-31 | 2012-12-26 | 成都因纳伟盛科技股份有限公司 | Fingerprint verification module for second-generation identification card reader |
| CN103237235A (en) * | 2013-03-18 | 2013-08-07 | 中国科学院信息工程研究所 | Method and system for realizing identity authentication on Cloud TV terminals |
| CN104333560A (en) * | 2014-11-20 | 2015-02-04 | 五八同城信息技术有限公司 | Account number management method and management device |
| CN104980449A (en) * | 2015-08-03 | 2015-10-14 | 携程计算机技术(上海)有限公司 | Network request security certification method and system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN106027469A (en) | 2016-10-12 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104641375B (en) | The safe communication between medical treatment device and its remote-control device | |
| CN105933280B (en) | Identity identifying method and system | |
| EP3941014A1 (en) | Digital key-based identity authentication method, terminal apparatus, and medium | |
| CN104618115B (en) | ID card information acquisition methods and system | |
| CN105488367B (en) | A kind of guard method, backstage and the system of SAM device | |
| CN106027457B (en) | A kind of ID card information transmission method and system | |
| CN106027250B (en) | A kind of ID card information safe transmission method and system | |
| CN110868294B (en) | Key updating method, device and equipment | |
| CN106027467B (en) | A kind of identity card reading response system | |
| CN108961501A (en) | A kind of intelligent door lock control method, relevant device and system | |
| CN107135205A (en) | A kind of method for network access and system | |
| CN106453329A (en) | Wireless encryption smart home remote monitoring method and system | |
| CN107392001B (en) | Authorization method, system and card | |
| CN106027253B (en) | A kind of visiting frequency control device of authentication ids information | |
| CN106878122A (en) | A kind of method for network access and system | |
| CN106027465B (en) | A kind of processing method of authentication ids information process request | |
| CN105024813A (en) | Server, user equipment and interactive method of the user equipment and the server | |
| CN106027469B (en) | The processing method and identity card cloud authentication device of authentication ids information process request | |
| CN105391555B (en) | A kind of method, backstage and system accessing SAM device | |
| CN106027479B (en) | A kind of method for dynamically processing and system of authentication ids information process request | |
| CN106034135B (en) | Identity card cloud authentication device | |
| CN108063748A (en) | A kind of user authen method, apparatus and system | |
| CN109246148A (en) | Message processing method, device, system, equipment and computer readable storage medium | |
| CN105959249B (en) | The management method and system of electronic equipment | |
| CN107026735A (en) | Method and managed devices that a kind of password is automatically entered |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20220415 Address after: Tiantianrong building, No. 1, Zhongguancun, Beiqing Road, Haidian District, Beijing 100094 Patentee after: TENDYRON Corp. Address before: 100086 room 603, building 12, taiyueyuan, Haidian District, Beijing Patentee before: Li Ming |