CN106372554A - Certificate card information collection method and system - Google Patents
Certificate card information collection method and system Download PDFInfo
- Publication number
- CN106372554A CN106372554A CN201610780374.9A CN201610780374A CN106372554A CN 106372554 A CN106372554 A CN 106372554A CN 201610780374 A CN201610780374 A CN 201610780374A CN 106372554 A CN106372554 A CN 106372554A
- Authority
- CN
- China
- Prior art keywords
- card
- certificate card
- certificate
- control device
- card reader
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06K—GRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
- G06K7/00—Methods or arrangements for sensing record carriers, e.g. for reading patterns
- G06K7/10—Methods or arrangements for sensing record carriers, e.g. for reading patterns by electromagnetic radiation, e.g. optical sensing; by corpuscular radiation
- G06K7/10009—Methods or arrangements for sensing record carriers, e.g. for reading patterns by electromagnetic radiation, e.g. optical sensing; by corpuscular radiation sensing by radiation using wavelengths larger than 0.1 mm, e.g. radio-waves or microwaves
- G06K7/10257—Methods or arrangements for sensing record carriers, e.g. for reading patterns by electromagnetic radiation, e.g. optical sensing; by corpuscular radiation sensing by radiation using wavelengths larger than 0.1 mm, e.g. radio-waves or microwaves arrangements for protecting the interrogation against piracy attacks
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/44—Program or device authentication
- G06F21/445—Program or device authentication by mutual authentication, e.g. between devices or programs
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/606—Protecting data by securing the transmission between two devices or processes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06K—GRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
- G06K17/00—Methods or arrangements for effecting co-operative working between equipments covered by two or more of main groups G06K1/00 - G06K15/00, e.g. automatic card files incorporating conveying and reading operations
- G06K17/0022—Methods or arrangements for effecting co-operative working between equipments covered by two or more of main groups G06K1/00 - G06K15/00, e.g. automatic card files incorporating conveying and reading operations arrangements or provisious for transferring data to distant stations, e.g. from a sensing device
- G06K17/0029—Methods or arrangements for effecting co-operative working between equipments covered by two or more of main groups G06K1/00 - G06K15/00, e.g. automatic card files incorporating conveying and reading operations arrangements or provisious for transferring data to distant stations, e.g. from a sensing device the arrangement being specially adapted for wireless interrogation of grouped or bundled articles tagged with wireless record carriers
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06K—GRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
- G06K7/00—Methods or arrangements for sensing record carriers, e.g. for reading patterns
- G06K7/10—Methods or arrangements for sensing record carriers, e.g. for reading patterns by electromagnetic radiation, e.g. optical sensing; by corpuscular radiation
- G06K7/10009—Methods or arrangements for sensing record carriers, e.g. for reading patterns by electromagnetic radiation, e.g. optical sensing; by corpuscular radiation sensing by radiation using wavelengths larger than 0.1 mm, e.g. radio-waves or microwaves
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Health & Medical Sciences (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- General Health & Medical Sciences (AREA)
- Toxicology (AREA)
- Computer Hardware Design (AREA)
- Artificial Intelligence (AREA)
- Computer Vision & Pattern Recognition (AREA)
- Electromagnetism (AREA)
- Bioethics (AREA)
- Computer Networks & Wireless Communication (AREA)
- Telephonic Communication Services (AREA)
Abstract
The present invention discloses a certificate card information collection method and system. The method comprises: a certificate card reader obtains the first data to be verified and sends the first data to be verified to a certificate card; the first verification data obtained through verification calculation of the first data to be verified and sent by the certificate card carrying the first data to be verified is received; the authentication response of the certificate card is sent to a first certificate card safety control device; a certificate card passing result sent by the first certificate card safety control device is received and sent to the certificate card; a safety control authentication request sent by the certificate card is received and sent to the first certificate card safety control device; the first certificate card safety control device calculates the second verification data to obtain the second verification data, the second verification data is sent to the certificate card, and the certificate card reader receives the safety control authentication passing result sent by the certificate card to the first certificate card safety control device and obtains the certificate card information read by the first certificate card safety control device.
Description
Technical field
The present invention relates to a kind of electronic technology field, more particularly, to a kind of certificate card information collecting method and system.
Background technology
Existing certificate card reader has at least two modules, including read through model and sam (certificate card checking safety control
System) module.Because each certificate card reader is required to arrange sam module, therefore, being manufactured into of existing certificate card reader
This height;And, in existing certificate card reader, sam module can only the card that reads of the read through model in this certificate card reader
Part card information carries out authentication, if currently this certificate card reader does not read certificate card, sam module is idle, therefore,
Existing certificate card reader utilization rate is relatively low.
Content of the invention
Present invention seek to address that one of the problems referred to above.
Present invention is primarily targeted at providing a kind of certificate card information collecting method;
Another object of the present invention is to providing a kind of certificate card information acquisition system.
Scheme 1, a kind of certificate card information collecting method, are applied to control safely including certificate card reader and the first certificate card
The system of control equipment, methods described includes:
Step 1, described certificate card reader periodically broadcasts card seeking instruction;
Step 2, described certificate card reader receives the response message of certificate card return;
Step 3, described certificate card reader judges that described response message is the card seeking confirmation number for the instruction of described card seeking
According to;
Step 4, described certificate card reader is gone off the air the instruction of described card seeking, by network to described first certificate card peace
Full control device sends card seeking request;
Step 5, described first certificate card safety control device receives described card seeking request, by network to described certificate card
Card reader sends card seeking response, wherein, carries card seeking response data in described card seeking response;
Step 6, described certificate card reader receives the described card seeking sound that described first certificate card safety control device sends
Should, obtain described card seeking response data;
Step 7, described card seeking is confirmed data is activation to described first certificate card security control by described certificate card reader
Equipment;
Step 8, described certificate card reader sends card selection instruction to described certificate card;
Step 9: described certificate card reader receives the card selection confirmation data that described certificate card sends, wherein, described card selection
Confirm that data at least includes the unique identification information of described certificate card;
Step 10: described certificate card reader sends card selection request to described first certificate card safety control device;
Step 11: described first certificate card safety control device receives described card selection request;
Step 12: described first certificate card safety control device sends card selection request response to described certificate card reader;
Step 13: described certificate card reader receives the card selection request sound that described first certificate card safety control device sends
Should;
Step 14: described certificate card reader determines that card selection request response is the response data for card selection request, by institute
Stating card selection confirms data is activation to described first certificate card safety control device;
Step 15, described certificate card reader sends Card Reader instruction to certificate card;
Step 16, described certificate card reader receives the Card Reader confirmation data that described certificate card returns;
Step 17, described certificate card reader sends Card Reader request to described first certificate card safety control device;
Step 18, described first certificate card safety control device receives described Card Reader request;
Step 19: described first certificate card safety control device sends Card Reader request response to described certificate card reader,
Wherein, at least carry the first data to be verified in described Card Reader request response;
Step 20, described certificate card reader receives the Card Reader request sound that described first certificate card safety control device sends
Should;
Step 21, described certificate card reader obtains the described first number to be verified carrying in described Card Reader request response
According to by the described first data is activation to be verified to described certificate card;
Step 22, described certificate card reader receives the certificate card authentication response that described certificate card sends, wherein, described card
Carry described certificate card in part card authentication response the described first data to be verified to be carried out verify calculated first checking
Data;
Step 23, described certificate card authentication response is sent to described first certificate card and controls safely by described certificate card reader
Control equipment;
Step 24, described first certificate card safety control device receives described certificate card authentication response, tests to described first
Card data is verified, after being verified, sends certificate card certification to described certificate card reader and passes through result;
Step 25, described certificate card certification is sent to described certificate card by result by described certificate card reader;
Step 26, described certificate card reader receives the security control certification request that described certificate card sends, and will be described
Security control certification request sends to described first certificate card safety control device, wherein, in described security control certification request
Carry the second data to be verified;
Step 27, described first certificate card safety control device receives described security control certification request, to described second
Checking data is calculated, and obtains the second checking data, the described second checking data is carried and sends out in security control authentication response
Deliver to described certificate card reader;
Step 28, described certificate card reader receives described security control authentication response, and described security control certification is rung
Should send to described certificate card, and receive the security control certification of described certificate card transmission and pass through result, and described safety is controlled
Certification processed is sent to described first certificate card safety control device by result;
Step 29, described certificate card reader obtains the certificate card letter that described first certificate card safety control device reads
Breath.
Scheme 2, the method according to scheme 1,
The first identification authentication data is at least carried in described card seeking request;
Described first certificate card safety control device before returning the response of described card seeking to described certificate card reader, institute
Method of stating also includes: described first identity that described first certificate card safety control device carries in being asked according to described card seeking is recognized
Card data is authenticated to the identity of described certificate card reader, in the case that certification is passed through, executes and reads to described certificate card
The step that card device returns described card seeking response.
Scheme 3, the method according to scheme 1 or 2,
The second identification authentication data is at least carried in described card seeking response;
After described certificate card reader receives the card seeking response that described first certificate card safety control device sends, will
Before described card seeking confirms data is activation to described first certificate card safety control device, methods described also includes: described certificate
Card reader is authenticated to the identity of described first certificate card safety control device according to described second identification authentication data,
In the case that certification is passed through, described card seeking is confirmed the step to described first certificate card safety control device for the data is activation by execution
Suddenly.
Scheme 4, the method according to any one of scheme 1 to 3,
Tiers e'tat authentication data is carried in described card selection request;
After stating the first certificate card safety control device and receiving described card selection request, send to described certificate card reader
Before card selection request response, methods described also includes: during described first certificate card safety control device is asked according to described card selection
The tiers e'tat authentication data carrying is authenticated to the identity of described certificate card reader, in the case that certification is passed through, holds
The step that row sends card selection request response to described certificate card reader.
Scheme 5, the method according to any one of scheme 1 to 4,
The 4th identification authentication data is at least carried in described card selection request response;
Receive the card selection request response that described first certificate card safety control device sends in described certificate card reader
Afterwards, before described card selection being confirmed data is activation to described first certificate card safety control device, methods described also includes: described
The information carrying in certificate card reader parsing described card selection request response, obtains the 4th carrying in described card selection request response
Identification authentication data, and according to described 4th identification authentication data, the identity of described first certificate card safety control device is carried out
Certification, in the case that certification is passed through, described card selection confirmation data is activation is set by execution to described first certificate card security control
Standby step.
Scheme 6, the method according to any one of scheme 1 to 5,
The 5th authentication data is at least carried in described Card Reader request;
After described first certificate card safety control device receives described Card Reader request, send out to described certificate card reader
Before sending Card Reader request response, methods described also includes: described first certificate card safety control device is asked according to described Card Reader
In described 5th authentication data that carries the identity of described certificate card reader is authenticated, in the case that certification is passed through,
Obtain the described first data to be verified, execute the step sending Card Reader request response to described certificate card reader.
Scheme 7, the method according to any one of scheme 1 to 6,
The 6th identification authentication data is also carried in described Card Reader request response;
Receive the Card Reader request response that described first certificate card safety control device sends in described certificate card reader
Afterwards, before obtaining the described first data to be verified carrying in described Card Reader request response, methods described also includes: described certificate
The information carrying in card reader parsing described Card Reader request response, obtains the 6th identity carrying in described Card Reader request response
Authentication data, and according to described 6th identification authentication data, the identity of described first certificate card safety control device is recognized
Card, in the case that certification is passed through, execution obtains the step of the described first data to be verified carrying in described Card Reader request response
Suddenly.
Scheme 8, the method according to any one of scheme 1 to 7,
Before step 6, methods described also includes: described certificate card reader is set with described first certificate card security control
Conversate between standby key agreement, and described certificate card reader obtains both sides with described first certificate card safety control device and works as
Before carry out communicate use session key;
After described certificate card reader obtains described session key with described first certificate card safety control device,
During described certificate card reader is communicated with described first certificate card safety control device, described certificate card reader
The data being sent to other side is encrypted using described session key with described first certificate card safety control device, and right
Data from other side is decrypted.
Scheme 9, the method according to any one of scheme 1 to 8, obtain described certificate card in described certificate card reader and send out
After the certificate card information sending, methods described also includes:
Described certificate card reader shows described certificate card information.
Scheme 10, the method according to any one of scheme 1 to 9,
Described first certificate card safety control device passes through server and sends information to described certificate card reader;
Described first certificate card safety control device receives the information from described certificate card reader by server.
11st, the method according to scheme 10,
Described one certificate card safety control device of server storage and the corresponding relation of at least one certificate card reader;
Described server is sending before described card seeking asks to described first certificate card safety control device, methods described
Also include:
Described server, according to described corresponding relation, selects certificate card security control corresponding with described certificate card reader
Equipment is as described first certificate card safety control device.
Scheme 12, the method according to scheme 10,
The working condition of each certificate card safety control device of described server record;
Described sending before described card seeking asks to described first certificate card safety control device, methods described is also wrapped
Include:
It is idle the first certificate card safety control device described in conduct that described server selects current operating state, and will
The working condition of described first certificate card safety control device is labeled as busy.
Scheme 13, the method according to scheme 12, methods described also includes:
Described server after described certificate card reader gets described certificate card information, by described first certificate card
The working condition of safety control device is labeled as the free time.
Scheme 14, the method according to any one of scheme 1 to 13,
Described certificate card reader passes through terminal and sends information to described first certificate card safety control device;
Described certificate card reader receives the information from described first certificate card safety control device by described terminal.
Scheme 15, the method according to scheme 14, after described certificate card reader obtains certificate card information, described side
Method also includes:
Described certificate card reader sends described certificate card information to described terminal;
Described terminal shows described certificate card information.
Scheme 16, a kind of certificate card information acquisition system, comprising: certificate card reader and the first certificate card security control set
Standby;Wherein,
Described certificate card reader includes: the first transceiver module, the second transceiver module and first processing module;
Described first certificate card safety control device includes: the 3rd transceiver module, generation module and Second processing module;
Described first transceiver module, for periodic broadcast card seeking instruction, and the response that reception certificate card returns disappears
Breath;
Described first processing module, for judging whether described response message is to confirm for the card seeking that described card seeking instructs
Data, the described card seeking instruction if it is, described first transceiver module of instruction is gone off the air, and indicate described second transceiver module
Card seeking request is sent to described first certificate card safety control device by network;
Described 3rd transceiver module, for receiving described card seeking request, is sent to described certificate card reader by network
Card seeking responds, and wherein, carries card seeking response data in described card seeking response;
Described second transceiver module, rings for receiving the described card seeking that described first certificate card safety control device sends
Should, obtain described card seeking response data, and described card seeking confirmation data is activation is set to described first certificate card security control
Standby;
Described first transceiver module, is additionally operable to send card selection instruction to described certificate card, and receives described certificate card and send out
The card selection sent confirms data, and wherein, described card selection confirms that data at least includes the unique identification information of described certificate card;
Described second transceiver module, is additionally operable to send card selection request to described first certificate card safety control device;
Described 3rd transceiver module, is additionally operable to receive described card selection request, sending card selection to described certificate card reader please
Ask response;
Described second transceiver module, is additionally operable to receive the card selection request sound that described first certificate card safety control device sends
Should, described card selection is confirmed data is activation to described first certificate card safety control device;
Described first transceiver module, is additionally operable to send Card Reader instruction to certificate card, receives the Card Reader confirmation that certificate card returns
Data;
Described second transceiver module, is additionally operable to send Card Reader request to described first certificate card safety control device;
Described 3rd transceiver module, is additionally operable to the first certificate card safety control device and receives the request of described Card Reader, to described
Certificate card reader sends Card Reader request response, wherein, at least carries the first data to be verified in described Card Reader request response;
Described second transceiver module, is additionally operable to receive the Card Reader request sound that described first certificate card safety control device sends
Should;
Described first processing module, is additionally operable to obtain the described first number to be verified carrying in described Card Reader request response
According to;
Described first transceiver module, is additionally operable to the described first data is activation to be verified to described certificate card, receives described
The certificate card authentication response that certificate card sends, wherein, carries described certificate card to described the in described certificate card authentication response
One data to be verified carries out verifying calculated first verification data;
Described second transceiver module, is additionally operable to for described certificate card authentication response to be sent to the control safely of described first certificate card
Control equipment;
Described 3rd transceiver module, is additionally operable to receive described certificate card authentication response;
Described Second processing module, for verifying to described first verification data, after being verified, instruction is described
3rd transceiver module sends certificate card certification to described certificate card reader and passes through result;
Described second transceiver module, is additionally operable to receive described certificate card certification by result;
Described first transceiver module, is additionally operable to for described certificate card certification to be sent to described certificate card by result, receives
The security control certification request that described certificate card sends;
Described second transceiver module, is additionally operable to send described security control certification request to described first certificate card safety
Control device, wherein, carries the second data to be verified in described security control certification request;
Described 3rd transceiver module, is additionally operable to receive described security control certification request;
Described Second processing module, is additionally operable to the described second checking data is calculated, obtains the second checking data;
Described 3rd transceiver module, be additionally operable to by described second checking data carry security control authentication response send to
Described certificate card reader;
Described second transceiver module, is additionally operable to receive described security control authentication response;
Described first transceiver module, is additionally operable to send described security control authentication response to described certificate card, and receives
Result is passed through in the security control certification that described certificate card sends;
Described second transceiver module, is additionally operable to send to described first certificate card described security control certification by result
Safety control device;
Described Second processing module, is additionally operable to read the certificate of storage in described certificate card by described 3rd transceiver module
Card information
Described first processing module, is additionally operable to obtain the certificate card letter that described first certificate card safety control device reads
Breath.
Scheme 17, the system according to scheme 16,
The first identification authentication data is at least carried in described card seeking request;
Described Second processing module, be additionally operable to described 3rd transceiver module to described certificate card reader return described in seek
Before card response, according to the body to described certificate card reader for described first identification authentication data carrying in the request of described card seeking
Part is authenticated, and in the case that certification is passed through, executes the operation returning described card seeking response to described certificate card reader.
Scheme 18, the system according to scheme 16 or 17,
The second identification authentication data is at least carried in described card seeking response;
Described first processing module, is additionally operable to set in the described second transceiver module described first certificate card security control of reception
After the card seeking response that preparation is sent, described card seeking is confirmed data is activation to described first certificate card peace by described second transceiver module
Before full control device, according to described second identification authentication data, the identity of described first certificate card safety control device is carried out
Certification, in the case that certification is passed through, described card seeking confirmation data is activation is given described first by described second transceiver module of triggering
Certificate card safety control device.
Scheme 19, the system according to any one of scheme 16 to 18,
Tiers e'tat authentication data is carried in described card selection request;
Described Second processing module, is additionally operable to after described 3rd transceiver module receives the request of described card selection, to described
Before certificate card reader sends card selection request response, according to the tiers e'tat authentication data carrying in the request of described card selection to institute
The identity stating certificate card reader is authenticated, and in the case that certification is passed through, triggers described 3rd transceiver module to described card
Part card reader sends card selection request response.
Scheme 20, the system according to any one of scheme 16 to 19,
The 4th identification authentication data is at least carried in described card selection request response;
Described first processing module, is additionally operable to set in the described second transceiver module described first certificate card security control of reception
After the card selection request response that preparation is sent, described card selection is confirmed data is activation to described first certificate by described second transceiver module
Before card safety control device, the information that parsing described card selection request carries in responding, obtain in described card selection request response and take
4th identification authentication data of band, and according to described 4th identification authentication data to described first certificate card safety control device
Identity is authenticated, and in the case that certification is passed through, triggers described second transceiver module and gives described card selection confirmation data is activation
Described first certificate card safety control device.
Scheme 21, the system according to any one of scheme 16 to 20,
The 5th authentication data is at least carried in described Card Reader request;
Described Second processing module, is additionally operable to after described 3rd transceiver module receives the request of described Card Reader, to described
Before certificate card reader sends Card Reader request response, according to described 5th authentication data carrying in the request of described Card Reader to institute
The identity stating certificate card reader is authenticated, in the case that certification is passed through, obtain the described first data to be verified, trigger to
Described 3rd transceiver module sends Card Reader request response to certificate card reader.
Scheme 22, the system according to any one of scheme 16 to 21, also carry the 6th in described Card Reader request response
Identification authentication data;Described first processing module, is additionally operable to receive described first certificate card safety in described second transceiver module
After the Card Reader request response that control device sends, obtain the described first data to be verified carrying in described Card Reader request response
Before, the information carrying in parsing described Card Reader request response, obtains described 6th body carrying in described Card Reader request response
Part authentication data, and according to described 6th identification authentication data, the identity of described first certificate card safety control device is recognized
Card, in the case that certification is passed through, execution obtains the behaviour of the described first data to be verified carrying in described Card Reader request response
Make.
Scheme 23, the system according to any one of scheme 16 to 22, described first processing module and described second processing
Module, is additionally operable to interact the key agreement that conversates, and obtains and currently carries out the session key using that communicates;And obtaining
After described session key, the process that communicated with described first certificate card safety control device in described certificate card reader
In, described first processing module and described Second processing module respectively using described session key to described second transceiver module and
The data that described 3rd transceiver module sends is encrypted, and described second transceiver module and described 3rd transceiver module are received
Data be decrypted.
Scheme 24, the system according to any one of scheme 16 to 23, described certificate card reader also includes: display mould
Block, for showing described certificate card information.
Scheme 25, the system according to any one of scheme 16 to 24, described system also includes: server, with described
One certificate card control device connects, for receiving and forwarding information extremely described first certificate card that described certificate card reader sends
Safety control device, and receive and forward the extremely described certificate card reading of information that described first certificate card safety control device sends
Card device.
Scheme 26, the system according to scheme 25, described server includes: memory module, for storing a certificate
Card safety control device and the corresponding relation of at least one certificate card reader;First choice module, for receive described
During card seeking request, according to described corresponding relation, certificate card safety control device corresponding with described certificate card reader is selected to make
For described first certificate card safety control device.
Scheme 27, the system according to scheme 26, described server includes: logging modle, is used for recording each certificate
The working condition of card safety control device;Second selecting module, for when receiving described card seeking request, selecting work at present
State is idle the first certificate card safety control device described in conduct;Update module, for by described first certificate card safety
The working condition of control device is labeled as busy.
Scheme 28, the system according to scheme 26, described update module is additionally operable to obtain in described certificate card reader
To after described certificate card information, the working condition of described first certificate card safety control device is labeled as the free time.
Scheme 29, the system according to any one of scheme 16 to 28, described system also includes: terminal, with described certificate
Card reader connects, and reads to described certificate card for receiving and forwarding the information that described first certificate card safety control device sends
Card device, and receive and forward information to the described first certificate card security control of described certificate card reader transmission to set
Standby.
Scheme 30, the system according to scheme 29, described certificate card reader also includes: the 4th transceiver module;Described
4th transceiver module, for sending described certificate card information to described terminal;Described terminal is additionally operable to show described certificate card
Information.
As seen from the above technical solution provided by the invention, in scheme provided in an embodiment of the present invention, by sam mould
Block removes from certificate card reader, and certificate card reader only makees the function of identity information reading, and authentication is by outside card
Part card safety control device completes, and such that it is able to reduce the cost of certificate card reader, and, multiple certificate card reader is permissible
Verified by same certificate card safety control device, thus improve the utilization rate of certificate card safety control device.
Brief description
In order to be illustrated more clearly that the technical scheme of the embodiment of the present invention, below will be to required use in embodiment description
Accompanying drawing be briefly described it should be apparent that, drawings in the following description are only some embodiments of the present invention, for this
For the those of ordinary skill in field, on the premise of not paying creative work, other can also be obtained according to these accompanying drawings
Accompanying drawing.
The configuration diagram of the certificate card Information Acquisition System that Fig. 1 provides for the embodiment of the present invention 1;
The structural representation of the certificate card reader that Fig. 2 provides for the embodiment of the present invention 1;
The structural representation of the first certificate card safety control device that Fig. 3 provides for the embodiment of the present invention 1;
A kind of signaling process figure of certificate card information getting method that Fig. 4 provides for the embodiment of the present invention 2;
In a kind of certificate card information getting method that Fig. 5 provides for the embodiment of the present invention 2, Card Reader prepares the signaling flow of flow process
Cheng Tu;
The signaling process figure of Card Reader flow process in a kind of certificate card information getting method that Fig. 6 provides for the embodiment of the present invention 2.
Specific embodiment
With reference to the accompanying drawing in the embodiment of the present invention, the technical scheme in the embodiment of the present invention is carried out clear, complete
Ground description is it is clear that described embodiment is only a part of embodiment of the present invention, rather than whole embodiments.Based on this
Inventive embodiment, the every other enforcement that those of ordinary skill in the art are obtained under the premise of not making creative work
Example, broadly falls into protection scope of the present invention.
Below in conjunction with accompanying drawing, the embodiment of the present invention is described in further detail.
For being required in each certificate card reader in prior art arrange a sam module, thus leading to identity master
The low problem of the utilization rate of the high cost of card reader and sam module, embodiments provides a kind of certificate card information and adopts
Diversity method and system.In scheme provided in an embodiment of the present invention, sam module is removed from certificate card reader, certificate card
Card reader only makees the function of identity information reading, and authentication is completed by outside certificate card safety control device, such that it is able to
Reduce the cost of certificate card reader, and, multiple certificate card reader can be entered by same certificate card safety control device
Row checking, thus improve the utilization rate of certificate card safety control device.
Embodiment 1
Present embodiments provide a kind of certificate card information acquisition system, as shown in figure 1, this system includes: n certificate card is read
Card device 10 and m certificate card safety control device 20, n is more than or equal to m it is preferred that n is more than m, i.e. multiple certificate card readers 10
Corresponding one or more certificate card safety control devices 20.
Fig. 2 is the structural representation of the arbitrary certificate card reader 10 in n certificate card reader 10 in the present embodiment, such as
Shown in Fig. 2, wherein, the arbitrary certificate card reader 10 in n certificate card reader may include that the first transceiver module 101,
Two transceiver modules 102 and first processing module 103.Fig. 3 is in m certificate card safety control device 20 in the present embodiment
(this certificate card safety control device 20 is to process certificate card reader 10 to read information to one certificate card safety control device 20
Certificate card safety control device, for the ease of description, is subsequently referred to as the first certificate card safety control device 20) structural representation
Figure, as shown in figure 3, certificate card safety control device 20 may include that the 3rd transceiver module 201 and Second processing module 202.
Wherein, the first transceiver module 101, for periodic broadcast card seeking instruction, and receives the sound that certificate card returns
Answer message;First processing module 103, for judging whether response message is to confirm data for the card seeking that card seeking instructs, if
It is card seeking instruction it indicates that the first transceiver module 101 is gone off the air, and indicate that the second transceiver module 102 passes through network to first
Certificate card safety control device sends card seeking request;3rd transceiver module 201, for receiving card seeking request, by network to card
Part card reader sends card seeking response, wherein, carries card seeking response data in card seeking response;Second transceiver module 102, is used for
Receive the card seeking response that the first certificate card safety control device sends, obtain card seeking response data, and card seeking is confirmed data
It is sent to the first certificate card safety control device;First transceiver module 101, is additionally operable to send card selection instruction to certificate card, and
Receive the card selection confirmation data that certificate card sends, wherein, card selection confirms that data at least includes the unique identification information of certificate card;The
Two transceiver modules 102, are additionally operable to send card selection request to the first certificate card safety control device;3rd transceiver module 201, also uses
In receiving card selection request, send card selection request response to certificate card reader;Second transceiver module 102, is additionally operable to receive first
The card selection request response that certificate card safety control device sends, card selection confirmation data is activation is set to the first certificate card security control
Standby;First transceiver module 101, is additionally operable to send Card Reader instruction to certificate card, receives the Card Reader confirmation data that certificate card returns;The
Two transceiver modules 102, are additionally operable to send Card Reader request to the first certificate card safety control device;3rd transceiver module 201, also uses
Receive Card Reader request in the first certificate card safety control device, send Card Reader request response, wherein, Card Reader to certificate card reader
The first data to be verified is at least carried in request response;Second transceiver module 102, is additionally operable to receive the control safely of the first certificate card
The Card Reader request response that control equipment sends;First processing module 103, be additionally operable to carry in acquisition Card Reader request response first is treated
Checking data;First transceiver module 101, is additionally operable to the first data is activation to be verified to certificate card, receives what certificate card sent
Certificate card authentication response, wherein, carries certificate card and the first data to be verified is carried out with verification calculating in certificate card authentication response
The first verification data obtaining;Second transceiver module 102, is additionally operable to for certificate card authentication response to be sent to the first certificate card safety
Control device;3rd transceiver module 201, is additionally operable to receive certificate card authentication response;Second processing module, for verifying to first
Data is verified, after being verified, instruction the 3rd transceiver module 201 sends certificate card certification to certificate card reader to be passed through
Result;Second transceiver module 102, is additionally operable to receive certificate card certification by result;First transceiver module 101, is additionally operable to demonstrate,prove
Part card certification is sent to certificate card by result, receives the security control certification request that certificate card sends;Second transceiver module
102, it is additionally operable to send security control certification request to certificate card safety control device, wherein, in security control certification request
Carry the second data to be verified;3rd transceiver module 201, is additionally operable to receive security control certification request;Second processing module
202, it is additionally operable to the second checking data is calculated, obtain the second checking data;3rd transceiver module 201, is additionally operable to
Two checking data carry and send to certificate card reader in security control authentication response;Second transceiver module 102, is additionally operable to receive
Security control authentication response;First transceiver module 101, is additionally operable to send security control authentication response to certificate card, and receives
Result is passed through in the security control certification that certificate card sends;Second transceiver module 102, is additionally operable to for security control certification to pass through result
Send to certificate card safety control device;Second processing module 202, is additionally operable to read certificate card by the 3rd transceiver module 201
The certificate card information of middle storage;First processing module 103, is additionally operable to obtain the card of the first certificate card safety control device 20 reading
Part card information.
In the present embodiment, the first certificate card safety control device 20 can be any one the certificate card safety in system
Control device, or it is also possible to set according to each the corresponding certificate card security control of certificate card reader 10 of certain rule settings
Standby 20, for example, it is possible to be divided according to geographic area, the certificate card reader 10 in same region corresponds to same certificate card
Safety control device 20, or it is also possible to distribute an id to each certificate card reader 10, divided according to No. id, id
Certificate card reader in same scope corresponds to same certificate card safety control device 20, or it is also possible to according to each
Certificate card reader 10 address (such as ip address) in a network is divided, and the concrete embodiment of the present invention is not construed as limiting.
As an optional embodiment of the embodiment of the present invention, certificate card reader 10 can using cordless with
Carry out information exchange, for example with nfc mode etc. between certificate card.Certificate card reader 10 can be using wired mode or nothing
Carry out information exchange, for example: wired mode can adopt audible, usb between line mode and certificate card safety control device
Mode or serial mode etc.;Wireless mode can be with using bluetooth approach, wifi mode, infrared mode, 2g mode, 3g mode, 4g
Mode, 2.4g mode, 900m mode or zigbee mode etc..Now, certificate card reader 10 and the first certificate card security control
Information exchange can be carried out in the way of using coupling, if for example certificate card reader 10 adopts bluetooth side between equipment 20
Formula and certificate card safety control device 20 carry out information exchange, then the first certificate card safety control device 20 is also adopted by the indigo plant mated
Tooth mode.Because certificate card reader 10 can carry out letter using various ways and the first certificate card safety control device 20
Breath interaction, improves motility and the convenience of certificate card reader 10.
In the present embodiment, certificate card reader 10 can have the function with certificate cartoon letters it is also possible to pass through for example
The equipment such as certificate card reading device (such as card reader) realize the communication with certificate card, and this is not limited in the present invention.Card
Part card reader 10 can transmit the information interacting between certificate card and the first certificate card safety control device 20, to ensure first
Certificate card safety control device can complete to read the operation of certificate card information.
In the present embodiment, in certificate card, the certificate card information of storage is encrypted transmission, due to the particularity of certificate card,
Only certificate card safety control device could be decrypted to the certificate card information of storage in certificate card.In specific implementation process
In, in Card Reader request, the content needing the first certificate card safety control device 20 to be decrypted can be configured, for example,
Can arrange the first certificate card safety control device 20 read-only take storage in certificate card essential information (for example, name, sex,
Date of birth etc.) it is also possible to setting the first certificate card safety control device 20 reads the essential information+photograph of storage in certificate card
Piece, can also arrange essential information+photo+finger print information that the first certificate card safety control device 20 reads storage in certificate card
Deng specifically being configured as needed.In specific implementation process, can be set in certificate card reader 10 by user
Put, after being provided with, certificate card reader 10, according to the setting of user, when sending Card Reader request, configuration information is sent
To the first certificate card safety control device 20.
The said system being provided by the present embodiment, by certificate card reader 10, (certificate card being equivalent to prior art is read
Read through model in read apparatus, it only has information exchange function, and the certificate card without existing certificate card reader is controlled safely
The other functions such as certification processed) (be equivalent in the certificate card reading device of prior art with the first certificate card safety control device 20
Certificate card safety control module, for certificate card is carried out with certificate card security control certification) be provided separately, by being led to
News, can share a certificate card safety control device with multiple certificate card reading devices, thus improve certificate card security control
The utilization rate of equipment, has saved cost.
The said system that the present embodiment provides, can apply in banking system, wherein, certificate card reader 10 can be
The front end of bank counter, can arrange one it is also possible to a regional agency shares one in each agency, and certificate
Card safety control device can also each agency setting one or more it is also possible to multiple agencies shared one or more
Certificate card safety control device.
In order that the first certificate card safety control device 20 can determine that card seeking asks to be sent by certificate card reader 10
, it is to avoid the attack to the first certificate card safety control device 20 for the certificate card reader 10 of illegal simulation, implement in the present invention
In one optional embodiment of example, in card seeking request, at least carry the first identification authentication data;Described Second processing module,
It is additionally operable to before described 3rd transceiver module returns described card seeking response to described certificate card reader, please according to described card seeking
Described first identification authentication data carrying in asking is authenticated to the identity of described certificate card reader, the feelings passed through in certification
Under condition, execute the operation returning described card seeking response to described certificate card reader.In this optional embodiment, alternatively,
First identification authentication data can certificate card reader 10 be carried out signing obtaining using the private key pair information to be signed of itself
Signature value, wherein, information to be signed can be the random number that certificate card reader 10 generates, and certificate card reader 10 can will be somebody's turn to do
The signature value of random number and this random number carries together and sends in card seeking request;Or, information to be signed can also be for seeking
The card seeking request data carrying in card request, concrete the present embodiment is not construed as limiting.First certificate card safety control device 20 is connecing
After receiving card seeking request, by the first identification authentication data, the identity of certificate card reader 10 can be authenticated, certification
By afterwards, just return card seeking response to certificate card reader 10.Certainly, the first identification authentication data is except being to treat label
Name information carries out signing beyond the signature value obtaining, and can also be other data, for example, to using pacifying with the first certificate card in advance
The algorithm of full control device 20 agreement is treated authentication data and is tested the test value etc. of calculating, and concrete the present embodiment does not limit
Fixed.First certificate card safety control device 20 is authenticated to the first identification authentication data using corresponding mode.
In order that certificate card reader 10 can determine that card seeking responds being sent by the first certificate card safety control device 20
, it is to avoid the first certificate card safety control device 20 of illegal simulation illegally obtains the information of storage in certificate card, in the present invention
In one optional embodiment of embodiment, in card seeking response, at least carry the second identification authentication data;Described first process
Module, the card seeking being additionally operable to receive described first certificate card safety control device transmission in described second transceiver module responds it
Afterwards, before described card seeking is confirmed data is activation to described first certificate card safety control device by described second transceiver module, root
According to described second identification authentication data, the identity of described first certificate card safety control device is authenticated, passes through in certification
In the case of, trigger described second transceiver module and described card seeking confirmation data is activation is set to described first certificate card security control
Standby.I.e. in this optional embodiment, certificate card reader 10 is only determining the first certificate card safety control device 20
In the case of identity, the confirmation data is activation just returning certificate card is to the first certificate card safety control device 20, it is to avoid card
In part card, the information of storage is illegally accessed.
In above-mentioned optional embodiment, alternatively, the second identification authentication data can be the first certificate card security control
Equipment 20 carries out, using the private key pair information to be signed of itself, the signature value obtaining of signing, and wherein, this information to be signed can be
First certificate card safety control device 20 generate random number, the first certificate card safety control device 20 can by this random number with
And the signature value of this random number carries together and is sent to the first certificate card safety control device 20 in card seeking response;Or, treat
Signing messages can also be not construed as limiting for the card seeking response data carrying in card seeking response, concrete the present embodiment.Certificate card Card Reader
Device 10, can be by the second identification authentication data to the first certificate card safety control device 20 after receiving the response of this card seeking
Identity be authenticated, certification pass through afterwards, just to the first certificate card safety control device 20 send card seeking confirm data.When
So, the second identification authentication data, except being to treat signing messages to carry out signing in addition to the signature value obtaining, can also be it
Its data, for example, to being tested the inspection of calculating using treating authentication data in advance with the algorithm of certificate card reader 10 agreement
Test value etc., concrete the present embodiment is not construed as limiting.Certificate card reader 10 is entered to the second identification authentication data using corresponding mode
Row certification.
Similarly, in order that the first certificate card safety control device 20 can determine that card selection is asked as certificate card reader 10
Sent, it is to avoid the attack to the first certificate card safety control device 20 for the certificate card reader 10 of illegal simulation, at this
In one optional embodiment of bright embodiment, in card selection request, carry tiers e'tat authentication data;Described second processing mould
Block, is additionally operable to after described 3rd transceiver module receives described card selection request, sending card selection to described certificate card reader please
Before asking response, the tiers e'tat authentication data according to carrying in the request of described card selection is entered to the identity of described certificate card reader
Row certification, in the case that certification is passed through, triggers described 3rd transceiver module and sends card selection request to described certificate card reader
Response.Similar to above-mentioned first identification authentication data, tiers e'tat authentication data can also be for certificate card reader 10 using certainly
Body private key pair information to be signed carries out the signature value obtaining of signing, or or using predetermined and the first certificate card safety
The algorithm of control device 20 agreement is treated authentication data and is tested calculated inspection location, specifically repeats no more.
In addition, in order that certificate card reader 10 can determine that card selection request response is the first certificate card safety control device
20 are sent, it is to avoid the first certificate card safety control device 20 of illegal simulation illegally obtains the information storing in certificate card,
In an optional embodiment of the embodiment of the present invention, in card selection request response, at least carry the 4th identification authentication data;
Described first processing module, is additionally operable to receive what described first certificate card safety control device sent in described second transceiver module
After card selection request response, described card selection is confirmed that data is activation is controlled safely to described first certificate card by described second transceiver module
Before control equipment, the information that parsing described card selection request carries in responding, obtain the 4th carrying in described card selection request response
Identification authentication data, and according to described 4th identification authentication data, the identity of described first certificate card safety control device is carried out
Certification, in the case that certification is passed through, described card selection confirmation data is activation is given described first by described second transceiver module of triggering
Certificate card safety control device.Equally, similar with the second identification authentication data, the 4th identification authentication data can be the first certificate
Card safety control device 20 carries out, using the private key pair information to be signed of itself, the signature value obtaining of signing, or or
Treat authentication data using the predetermined algorithm with certificate card reader 10 agreement to test calculated inspection location, specifically not
Repeat again.
Equally, in order that the first certificate card safety control device 20 can determine that Card Reader is asked as certificate card reader 10 institute
Send, it is to avoid the attack to the first certificate card safety control device 20 for the certificate card reader 10 of illegal simulation, in the present invention
In one optional embodiment of embodiment, in Card Reader request, at least carry the 5th authentication data;Described Second processing module, also
After receiving described Card Reader request in described 3rd transceiver module, send Card Reader request response to described certificate card reader
Before, according to described 5th authentication data carrying in the request of described Card Reader, the identity of described certificate card reader is recognized
Card, in the case that certification is passed through, obtains the described first data to be verified, triggers and read to certificate card to described 3rd transceiver module
Card device sends Card Reader request response.
In addition, in order that certificate card reader 10 can determine that Card Reader request response is the first certificate card safety control device
20 are sent, it is to avoid the first certificate card safety control device 20 of illegal simulation illegally obtains the information storing in certificate card,
In an optional embodiment of the embodiment of the present invention, in Card Reader request response, also carry the 6th identification authentication data;Institute
State first processing module, be additionally operable to receive, in described second transceiver module, the reading that described first certificate card safety control device sends
After card request response, before obtaining the described first data to be verified carrying in described Card Reader request response, parse described reading
The information carrying in card request response, obtains described 6th identification authentication data carrying in described Card Reader request response, and root
According to described 6th identification authentication data, the identity of described first certificate card safety control device is authenticated, passes through in certification
In the case of, execution obtains the operation of the described first data to be verified carrying in described Card Reader request response.
In order to ensure the data transmission security between certificate card reader 10 and the first certificate card safety control device 20,
In one optional embodiment of the embodiment of the present invention, described first processing module and described Second processing module, it is additionally operable to phase
The mutually interactive key agreement that conversates, obtains and currently carries out the session key using that communicates;And obtaining described session key
Afterwards, during described certificate card reader is communicated with described first certificate card safety control device, described first
Processing module and described Second processing module are received to described second transceiver module and the described 3rd using described session key respectively
The data sending out module transmission is encrypted, and the data that described second transceiver module and described 3rd transceiver module are received is carried out
Deciphering.In a particular application, first processing module and described Second processing module can send card seeking in certificate card reader 10
Conversate before request the negotiation of key or start to execute the negotiation of session key, also when sending card seeking request
Can be after certificate card reader 10 sends card seeking request to the first certificate card safety control device 20, start session close
The negotiation of key, concrete the present embodiment is not construed as limiting.Between certificate card reader 10 and the first certificate card safety control device 20
Session key agreement process may refer to the description of embodiment 2, will not be described here.
In an optional embodiment of the embodiment of the present invention, as shown in figure 1, this system can also include server
30, it is connected with the first certificate card control device, for receiving and forwarding the information of certificate card reader 10 transmission to the first certificate
Card safety control device 20, and receive and forward the information stating the first certificate card safety control device 20 transmission to read to certificate card
Card device 20.
As an optional embodiment of the embodiment of the present invention, this server 30 can also be arranged on certificate card and control safely
In system processed.For example, this certificate card safety control system has a control section, and multiple certificate card safety control devices connect
Mouthful, and multiple certificate card safety control device.I.e. this server 30 is not necessarily individualism equipment, acceptable and certificate
Card safety control device carries out integrated.
In above-mentioned optional embodiment, a server can connect multiple certificate card safety control devices, therefore,
In another optional embodiment of the present embodiment, server 30 may include that memory module, for one certificate card peace of storage
Full control device and the corresponding relation of at least one certificate card reader;First choice module, for receiving card seeking request
When, according to described corresponding relation, select certificate card safety control device corresponding with described certificate card reader as the first card
Part card safety control device 20.
Or, in another optional embodiment of the present embodiment, server 30 may include that logging modle, is used for
Record the working condition of each certificate card safety control device;Second selecting module, for when receiving card seeking request, selecting
Current operating state is idle the first certificate card safety control device described in conduct;Update module, for by the first certificate card
The working condition of safety control device is labeled as busy.Further, update module is additionally operable in described certificate card reader
After 10 get described certificate card information, the working condition of described first certificate card safety control device 20 is labeled as sky
Not busy.
I.e. server at least can select certificate card safety control device by following two modes:
(1) certificate card security control corresponding with certificate card reader 10 is selected to set from the corresponding relation prestoring
Standby, wherein, have recorded each certificate card safety control device in multiple certificate card safety control devices in this corresponding relation and correspond to
One or more terminals;
For example, server connects multiple certificate card safety control devices and sets it is possible to store multiple certificate card security controls
Each certificate card safety control device in standby and the corresponding relation of multiple terminals.Wherein, this corresponding relation can also be according to one
Set pattern is then set, for example, it is possible to be divided according to geographic area, multiple terminal-pairs in same region should same card
Part card safety control device, or it is also possible to give one id of each terminal distribution, divided according to No. id, id is in same model
Terminal-pair in enclosing should same certificate card safety control device, or it is also possible to according to each terminal address in a network
(such as ip address) is divided.By this optional embodiment, server can be passed through, multiple terminals are corresponded to a card
Part card safety control device, improves utilization rate and the system manageability of certificate card safety control device, and, by will be many
Individual terminal corresponds to a certificate card safety control device, if there is fault it is also possible to promptly position to fault.
For example, in banking system, multiple certificate card safety control devices can be set in an agency, in server
One corresponding relation can be set, the terminal of front end is numbered, in corresponding relation, then record each terminal corresponding
Certificate card safety control device.Multiple agencies are shared to the situation of multiple certificate card safety control devices, can in server
To arrange a corresponding relation, record answers certificate card safety control device from the terminal-pair of each agency, or it is also possible to
Ip address according to the terminal of front end carries out the distribution of certificate card safety control device.
(2) current operating state in the plurality of certificate card safety control device is selected to be idle certificate card security control
Equipment is as described first certificate card safety control device.
For example, server can be set with each certificate card security control in certificate card safety control devices multiple in record system
Standby working condition, when the card seeking receiving self terminal 20 is asked, server can be according to each certificate card security control
The working condition of equipment, selects current operating state to be idle certificate card safety control device as certificate corresponding with terminal
Card safety control device, and the working condition of the certificate card safety control device of selection is labeled as busy.Optional by this
Embodiment, can avoid a certificate card safety control device to be simultaneously received the information of multiple terminals, and leads to process effect
The situation that rate declines.
In an optional embodiment of the embodiment of the present invention, for quick release untapped certificate card security control
Equipment, server can with terminal with select certificate card safety control device sign off after, will select certificate card safety
The working condition of control device is labeled as the free time.Certainly, in specific implementation process, if all indentations card safety control device
All process busy state, certificate card security control can also be selected according to the load condition of each certificate card safety control device
Equipment, to reach load balancing.
For example, in banking system, can be in an agency or multiple agency or the whole network setting multiple certificate card peace
Full control device, arranges idle certificate card safety control device pond in the server, and server is receiving the end from front end
During the request that end sends, take out a certificate card safety control device from idle certificate card safety control device pond, by this certificate
Card safety control device distributes to current terminal, and the correlation being processed current terminal by this certificate card safety control device please
Ask, and this certificate card safety control device is removed from idle certificate card safety control device pond, using after complete, then will
This certificate card safety control device puts into idle certificate card safety control device pond.
By above-mentioned optional embodiment, server can select suitably according to having particular application as certificate card reader 10
Certificate card safety control device, such that it is able to, while improving the utilization rate of certificate card safety control device, improve at data
The efficiency of reason.
In an optional embodiment of the embodiment of the present invention, as shown in figure 1, this system can also include n terminal
40, each terminal 40 is connected with a certificate card reader 10, for receiving and forwarding the first certificate card safety control device 20
The information sending is to certificate card reader 10, and receives and forward extremely described first card of information that certificate card reader 10 sends
Part card safety control device 20.
As an optional embodiment of the embodiment of the present invention, terminal 40 can be fixed terminal or mobile terminal,
Such as fixed terminal can be pc machine etc., and mobile terminal can be panel computer (pad), smart mobile phone or intelligent wristwatch etc..When
So, terminal 40 can also enter row information and/or instruction input etc., will not be described here.
As an optional embodiment of the embodiment of the present invention, certificate card reader 10 can also include: the 4th transmitting-receiving
Module;4th transceiver module, for sending described certificate card information to terminal 40;Terminal is additionally operable to show described certificate card letter
Breath.Such that it is able to facilitate user to consult certificate card information.
The said system being provided by the present embodiment, certificate card safety control function is removed certificate card reader 10, can
To reduce the cost of certificate card reader 10, simultaneously as multiple certificate card reader 10 can share first certificate card
Safety control device 20, such that it is able to improve the utilization rate of certificate card safety control device 20.
In addition, adopting technical scheme provided in an embodiment of the present invention, the quantity of certificate card safety control device can be less than
The quantity of certificate card reader, reduces equipment cost, reduces cost of labor simultaneously, can also strengthen certificate card security control simultaneously
The autgmentability of equipment, for example: if whole certificate card safety control devices can not meet the demand of whole certificate card readers,
Only need to increase certificate card safety control device, if whole certificate card safety control devices can meet whole certificates
The demand of card reader, and also have other capacity, then can only increase certificate card reader.
In another optional embodiment of the embodiment of the present invention, certificate card reader 10 can also be by the card receiving
Part card information is sent to external memory storage, and therefore, in this optional embodiment, certificate card reader 10 is receiving
After certificate card information, it is additionally operable to for certificate card information to be sent to storage device;Storage device is additionally operable to store the certificate receiving
Card information.By this optional embodiment, subsequently need to produce one's papers card information when, can directly from storage device obtain,
Thus avoiding the problem that user carries with certificate card and makes troubles to user.In this optional embodiment, storage dress
Putting to be single storage device or the equipment arranging with other functions unification, for example, it is possible to be electronic signature equipment
(such as industrial and commercial bank u shield, agricultural bank's k treasured etc.).In addition, certificate card information can be stored in clear or adding in storage device
Close store in storage device, concrete the present embodiment is not construed as limiting.
In another optional embodiment of the embodiment of the present invention, certificate card reader 10 is receiving certificate card information
Afterwards, if certificate card reader 10 has display module, the certificate card information receiving can be shown by display module, such as
Fruit certificate card reader 10 does not have display module, then certificate card information can be sent to outside display by certificate card reader 10
Device stores.Therefore, in this optional embodiment, certificate card reader 10 is additionally operable to send certificate card information to display dress
Put;Display device, for showing certificate card information.By this optional embodiment, the certificate card information reading can be shown,
Such that it is able to make user know the certificate card information of storage in certificate card.
Embodiment 2
Present embodiments provide a kind of certificate card information collecting method, the method can be provided by above-described embodiment 1
System implement.
Fig. 4 is the schematic flow sheet of the certificate card information collecting method according to the present embodiment, as shown in figure 4, the method master
S401 to be comprised the following steps is to step s429.
Step s401, certificate card reader periodically broadcasts card seeking instruction.
In specific implementation process, certificate card reader can pass through its radio frequency (rf) antenna, periodically broadcasts card seeking
Instruction, if there is certificate card in the readable range of certificate card reading device, this certificate card can receive this card seeking and refer to
Order, and the instruction of this card seeking is responded.
In certificate card, the certificate card information of storage is encryption storage, due to the particularity of certificate card, only certificate card peace
Full control device could be decrypted to the certificate card information of storage in certificate card.In specific implementation process, can be follow-up
In Card Reader request, the content needing the first certificate card safety control device to be decrypted is configured, for example, it is possible to setting the
The read-only essential information (for example, name, sex, date of birth etc.) taking storage in certificate card of one certificate card safety control device,
Essential information+photo that first certificate card safety control device reads storage in certificate card can also be set, the can also be arranged
One certificate card safety control device reads essential information+photo+finger print information of storage etc. in certificate card, specifically can be according to need
It is configured.In specific implementation process, can be configured in certificate card reader by user, be provided with rear certificate card
Card reader, according to the setting of user, during Card Reader, configuration information is sent to the first certificate card safety control device.
Step s402, certificate card reader receives the response message of certificate card return.
Step s403, certificate card reader judges that response message is the card seeking confirmation data for the instruction of above-mentioned card seeking.
In the present embodiment, certificate card reader passes through its rf radio-frequency module and is sent out card seeking and refers at interval of a period of time
Order, after certificate card receives the instruction of this card seeking, returns to certificate card reader and carries the response message that card seeking confirms data, certificate
After card reader determines that the card seeking receiving certificate card transmission confirms data, execution step s404.
Step s404, certificate card reader go off the air card seeking instruction, set to the first certificate card security control by network
Preparation send card seeking to ask.
In the present embodiment, card seeking request data can be carried in card seeking request, so that certificate card safety control device energy
Enough know the type of the card seeking request receiving.
In an optional embodiment of the embodiment of the present invention, certificate card reader can directly be pacified with the first certificate card
Full control device is communicated, or, card seeking request can also be sent to server by certificate card reader, then will by server
Card seeking request is sent to the first certificate card safety control device.In the present embodiment, server can for distributed it is also possible to
For centralized, can also be virtual server, concrete the present embodiment is simultaneously not construed as limiting.In addition, server and the first certificate card
Can be by wired connection it is also possible to be connected by wireless, concrete the present embodiment is not construed as limiting between safety control device.
Or, in another optional embodiment of the embodiment of the present invention, there is no the certificate card Card Reader of network savvy
Device can be communicated with the first certificate card safety control device by host computer (mobile phone, pc or pad).
In a particular application, the certificate card being connected with server (being certificate card reader in the case of not having server)
Safety control device can be one (i.e. the first certificate card safety control device) or multiple, for multiple situations
Under, server (being certificate card reader in the case of not having server), before sending card seeking request, will be read for certificate card
Card device selects a certificate card safety control device (i.e. the first certificate card safety control device).
In an optional embodiment of the embodiment of the present invention, server (is certificate in the case of not having server
Card reader) select the mode of certificate card safety control device to include but is not limited to one below:
(1) select certificate card safety control device corresponding with certificate card reader from the corresponding relation prestoring,
Wherein, have recorded each certificate card safety control device corresponding one in multiple certificate card safety control devices in this corresponding relation
Individual or multiple certificate card readers;
For example, multiple certificate card safety control devices are connected it is possible to store in multiple certificate card safety control devices
Each certificate card safety control device and the corresponding relation of multiple certificate card readers.Wherein, this corresponding relation can also be according to
Necessarily rule is set, for example, it is possible to be divided according to geographic area, multiple certificate card readers pair in same region
Answer same certificate card safety control device, or it is also possible to distribute an id to each certificate card reader, enter according to No. id
Row divides, and certificate card reader in same scope for the id corresponds to same certificate card safety control device, or it is also possible to presses
Divided according to each certificate card reader address (such as ip address) in a network.By this optional embodiment, permissible
Pass through, multiple certificate card readers are corresponded to a certificate card safety control device, improves certificate card safety control device
Utilization rate and system manageability, and, set by multiple certificate card readers are corresponded to a certificate card security control
Standby, if there is fault it is also possible to promptly position to fault.
For example, in banking system, multiple certificate card safety control devices can be set in agency, in can set
Put a corresponding relation, the certificate card reader of front end is numbered, in corresponding relation, then record each certificate corresponding
The certificate card safety control device of card reader.Multiple agencies are shared to the situation of multiple certificate card safety control devices,
In a corresponding relation can be set, record sets from the corresponding certificate card security control of certificate card reader of each agency
Standby, or it is also possible to carry out the distribution of certificate card safety control device according to the ip address of the certificate card reader of front end.
(2) current operating state in the plurality of certificate card safety control device is selected to be idle certificate card security control
Equipment is as described first certificate card safety control device.
For example it is possible to record in multiple certificate card safety control devices in system each certificate card safety control device work
Make state, before sending card seeking request, current work can be selected according to the working condition of each certificate card safety control device
As state be idle certificate card safety control device as certificate card safety control device corresponding with certificate card reader (i.e.
First certificate card safety control device), and the working condition of the certificate card safety control device of selection is labeled as busy.Logical
Cross this optional embodiment, a certificate card safety control device can be avoided to be simultaneously received the letter of multiple certificate card readers
Breath, and lead to the situation for the treatment of effeciency decline.
In an optional embodiment of the embodiment of the present invention, for quick release untapped certificate card security control
Equipment, can with certificate card reader with select certificate card safety control device sign off after, by select certificate card peace
The working condition of full control device is labeled as the free time.Certainly, in specific implementation process, if all indentations card security control sets
For all processing busy state, certificate card can also be selected to control safely according to the load condition of each certificate card safety control device
Control equipment, to reach load balancing.
For example, in banking system, can be in an agency or multiple agency or the whole network setting multiple certificate card peace
Full control device, arranges idle certificate card safety control device pond in the server, and server is receiving the card from front end
During the card seeking request that part card reader sends, take out a certificate card security control from idle certificate card safety control device pond and set
Standby, this certificate card safety control device is distributed to current certificate card reader, is processed by this certificate card safety control device
The association requests of current certificate card reader, and by this certificate card safety control device from idle certificate card safety control device
Remove in pond, using after complete, then this certificate card safety control device is put into idle certificate card safety control device pond.
By above-mentioned optional embodiment, suitable certificate card peace can be selected according to having particular application as certificate card reader
Full control device, such that it is able to, while improving the utilization rate of certificate card safety control device, improve the efficiency of data processing.
Step s405, the first certificate card safety control device receives card seeking request, is sent out to certificate card reader by network
Send card seeking to respond, wherein, in card seeking response, carry card seeking response data.
In order that the first certificate card safety control device can determine what card seeking asked to be sent by certificate card reader, keep away
Exempt from the attack to the first certificate card safety control device of the certificate card information collecting device illegally simulated, in the embodiment of the present invention
In one optional embodiment, in the card seeking request that certificate card reader sends, at least carry the first identification authentication data;The
Before by returning card seeking response to certificate card reader, the method can also include one certificate card safety control device: the
One certificate card safety control device identity to certificate card reader according to the first identification authentication data carrying in card seeking request
It is authenticated, in the case that certification is passed through, the step by returning card seeking response to certificate card reader for the execution.
In this optional embodiment, alternatively, the first identification authentication data can be that certificate card reader uses itself
Private key pair information to be signed carry out the signature value obtaining of signing, wherein, information to be signed can be certificate card reader generate
Random number, certificate card reader can by the signature value of this random number and this random number carry together card seeking request in send out
Send;Or, information to be signed can also be not construed as limiting for the card seeking request data carrying in card seeking request, concrete the present embodiment.
First certificate card safety control device, after receiving card seeking request, can be read to certificate card by the first identification authentication data
The identity of card device is authenticated, and certification is passed through afterwards, just returns card seeking response to certificate card reader.Certainly, the first identity is recognized
Card data, except being to treat signing messages to carry out signing in addition to the signature value obtaining, can also be other data, for example, right
Tested the test value etc. of calculating using treating authentication data in advance with the algorithm of the first certificate card safety control device agreement,
Concrete the present embodiment is not construed as limiting.First certificate card safety control device is entered to the first identification authentication data using corresponding mode
Row certification.
Step s406, certificate card reader receives the card seeking response that the first certificate card safety control device sends, and acquisition is sought
Card response data.
Step s407, certificate card reader determines the response data that card seeking response data is response card seeking request, by card seeking
Confirm data is activation to the first certificate card safety control device.
In order that certificate card reader can determine that card seeking responds being sent by the first certificate card safety control device, keep away
The the first certificate card safety control device exempting from illegally to simulate illegally obtains the information of storage in certificate card, in the embodiment of the present invention
In one optional embodiment, the first certificate card safety control device, before sending card seeking response, obtains the second authentication
Data, the second identification authentication data is carried in card seeking response.Certificate card reader is receiving the first certificate card security control
After the card seeking response that equipment sends, before card seeking is confirmed data is activation to the first certificate card safety control device, according to
Second identification authentication data is authenticated to the identity of the first certificate card safety control device, in the case that certification is passed through, holds
It is about to card seeking and confirm the operation to the first certificate card safety control device for the data is activation.I.e. in this optional embodiment, certificate
Card reader only in the case of the identity determining the first certificate card safety control device, the confirmation that just certificate card returned
Data is activation gives the first certificate card safety control device, it is to avoid in certificate card, the information of storage is illegally accessed.
In above-mentioned optional embodiment, alternatively, the second identification authentication data can be the first certificate card security control
Equipment carries out, using the private key pair information to be signed of itself, the signature value obtaining of signing, and wherein, this information to be signed can be
The random number that one certificate card safety control device generates, the first certificate card safety control device can be by this random number and should be with
The signature value of machine number carries together and is sent to the first certificate card safety control device in card seeking response;Or, information to be signed
Can also be not construed as limiting for the card seeking response data carrying in card seeking response, concrete the present embodiment.Certificate card reader is receiving
To after the response of this card seeking, by the second identification authentication data, the identity of the first certificate card safety control device can be recognized
Card, certification is passed through afterwards, just sends card seeking to the first certificate card safety control device and confirms data.Certainly, the second authentication
Data, except being to treat signing messages to carry out signing in addition to the signature value obtaining, can also be other data, for example, to adopting
Tested the test value etc. of calculating with treating authentication data in advance with the algorithm of certificate card reader agreement, concrete the present embodiment
It is not construed as limiting.Certificate card reader is authenticated to the second identification authentication data using corresponding mode.
So far, the card seeking flow process of certificate card terminates, and starts to execute the card selection flow process of certificate card.
Step s408, certificate card reader sends card selection instruction to certificate card.
Step s409, certificate card reader receives the card selection confirmation data that certificate card sends, and wherein, card selection confirms data extremely
Include the unique identification information of certificate card less;
Step s410, certificate card reader passes through to send card selection request to the first certificate card safety control device;
Step s411, the first certificate card safety control device receives card selection request, and sending card selection to certificate card reader please
Ask response;
In order that the first certificate card safety control device can determine what card selection asked to be sent by certificate card reader, keep away
Exempt from the attack to the first certificate card safety control device of the certificate card reader illegally simulated, one in the embodiment of the present invention can
Select in embodiment, in the card selection request that certificate card reader sends, tiers e'tat authentication data can also be carried;First card
Part card safety control device is additionally operable to, after receiving card selection request, ask response by sending card selection to certificate card reader
Before, the tiers e'tat authentication data according to carrying in card selection request is authenticated to the identity of certificate card reader, leads in certification
In the case of crossing, execution by sending the operation of card selection request response to certificate card reader.With above-mentioned first authentication number
According to similar, tiers e'tat authentication data can also be treated signing messages for certificate card reader using own private key and carry out signing
The signature value arriving, or or adopt the predetermined algorithm with the first certificate card safety control device agreement to number to be certified
According to calculated inspection location of testing, specifically repeat no more.
Step s412, certificate card reader receives the card selection request response that the first certificate card safety control device sends, will
Card selection confirms data is activation to the first certificate card safety control device;
In order that certificate card reader can determine that card selection request response is sent by the first certificate card safety control device
, it is to avoid the first certificate card safety control device of illegal simulation illegally obtains the information of storage in certificate card, real in the present invention
Apply in an optional embodiment of example, the first certificate card safety control device also, before sending card selection request response, obtains
4th identification authentication data, the 4th identification authentication data is carried in card selection request response;Certificate card reader is receiving the
After the card selection request response that one certificate card safety control device sends, card selection is confirmed data is activation to the first certificate card safety
Before control device, the information that parsing card selection request carries in responding, obtain the 4th identity carrying in card selection request response and recognize
Card data, and according to the 4th identification authentication data, the identity of the first certificate card safety control device is authenticated, lead in certification
In the case of crossing, card selection is confirmed the operation to the first certificate card safety control device for the data is activation by execution.Equally, with the second body
Part authentication data is similar to, and the 4th identification authentication data can be that the first certificate card safety control device is treated using the private key of itself
Signing messages carries out the signature value obtaining of signing, or or using the predetermined algorithm pair with certificate card reader agreement
Data to be certified is tested calculated inspection location, specifically repeats no more.
So far, the card selection flow process of certificate card terminates, and starts the Card Reader flow process of certificate card.
Step s413, certificate card reader sends Card Reader instruction to certificate card;
Step s414, certificate card reader receives the Card Reader confirmation data that certificate card returns;
Step s415, certificate card reader passes through network and sends Card Reader request to the first certificate card safety control device;
Step s416, the first certificate card safety control device receives Card Reader request, sends to described certificate card reader and reads
Card request response, wherein, at least carries the first data to be verified in described Card Reader request response;
In order that the first certificate card safety control device can determine what Card Reader asked to be sent by certificate card reader, keep away
Exempt from the attack to the first certificate card safety control device of the certificate card reader illegally simulated, one in the embodiment of the present invention can
Select in embodiment, in the Card Reader request that certificate card reader sends, at least carry the 5th identification authentication data;First certificate card
, after receiving Card Reader request, the 5th authentication data carrying in being asked according to Card Reader is to certificate card reader for safety control device
Identity be authenticated, in the case that certification is passed through, to certificate card reader send Card Reader request response.
Step s417, certificate card reader receives the Card Reader request sound that described first certificate card safety control device sends
Should, obtain the described first data to be verified carrying in described Card Reader request response;
Step s418, the described first data is activation to be verified is given described certificate card by certificate card reader;
In order that certificate card reader can determine that Card Reader request response is sent by the first certificate card safety control device
, it is to avoid the first certificate card safety control device of illegal simulation illegally obtains the information of storage in certificate card, real in the present invention
Apply in an optional embodiment of example, in Card Reader request response, also carry the 6th identification authentication data;In certificate card Card Reader
After device receives the Card Reader request response that the first certificate card safety control device sends, obtain the carrying in Card Reader request response
Before one data to be verified, method also includes: certificate card reader parses the information carrying in Card Reader request response, obtains Card Reader
The 6th identification authentication data carrying in request response, and according to the 6th identification authentication data, the first certificate card security control is set
Standby identity is authenticated, and in the case that certification is passed through, execution obtains the first number to be verified carrying in Card Reader request response
According to step.By this optional embodiment, the reading to certificate card for the illegal certificate card safety control device can be avoided, and then
Lead to the information in certificate card dangerous.
So far, the preparation before certificate card reads, certificate card and the first certificate card security control in follow-up process are completed
Equipment interacts, to read the certificate card information of storage in certificate card.
Step s419, certificate card reader receives the certificate card authentication response that certificate card sends, and wherein, certificate card certification rings
Carry certificate card in answering the first data to be verified is carried out verifying calculated first verification data;
Step s420, certificate card authentication response is sent to the first certificate card safety control device by certificate card reader;
Step s421, the first certificate card safety control device receives certificate card authentication response, and first verification data is carried out
Checking, after being verified, sends certificate card certification to certificate card reader and passes through result;
In a particular application, the first data to be verified can be random factor, and random factor can be time factor, event
The one such as the factor, random number and random character or its combination in any.Certificate card can take following manner to be verified:
Each certificate card safety control device is all stored with master key, and be stored with each certificate card sub-key, the first card
Part card safety control device generates a random number, after certificate card obtains this random number, using the sub-key docking of itself storage
The random number received carries out mac calculating, obtains mac value (i.e. first verification data), and this mac value is carried in certificate card certification sound
It is back to the first certificate card safety control device, the first certificate card safety control device receives certificate card authentication response in answering
Afterwards, using master key, default information is carried out with hash to calculate, obtain the sub-key of this certificate card, using the sub-key pair obtaining
The random number generating carries out mac and is calculated mac check value, compare the mac value that the certificate card obtaining sends with calculated
Whether mac check value is identical, and after more identical, confirms that certification certificate card passes through, and generates certificate card certification and passes through result, and
This result is back to certificate card Card Reader.
Step s422, certificate card certification is sent to certificate card by result by certificate card reader;
Step s423, certificate card reader receives the security control certification request that certificate card sends;
Step s424, security control certification request is sent to certificate card safety control device, wherein, security control certification
The second data to be verified is carried in request;
Step s425, the first certificate card safety control device receives security control certification request, and the second checking data is entered
Row calculates, and obtains the second checking data, the second checking data is carried and sends to certificate card Card Reader in security control authentication response
Device;
Step s426, certificate card reader receives security control authentication response, and security control authentication response is sent to card
Part card;
Step s427, result is passed through in the security control certification that certificate card reader receives certificate card transmission;
Step s428, security control certification is sent by result and sets to the first certificate card security control by certificate card reader
Standby;
It should be noted that above-mentioned steps s418- step s422 and step s423- step s428 do not have sequencing,
Step s418- step s422 execution step s423- step s428 again can be first carried out, vice versa, concrete the present embodiment is not made
Limit.
In the present embodiment, the second data to be verified can also be random factor, this random factor can for time factor,
The one such as event factor, random number and random character or its combination in any.Specifically, can be authenticated in the following way:
Each certificate card safety control device is all stored with master key, and be stored with each certificate card sub-key, certificate card
Generate a random number, and this random number is carried in security control certification request, the first certificate card safety control device obtains
To after this random number, using master key, default information is carried out with hash and calculate, obtain the sub-key of this certificate card, using acquisition
Sub-key random number carried out with mac (message authentication code, message authentication code) be calculated mac value,
And this mac value is carried be back to certificate card in security control authentication response, certificate card obtains this mac value, is deposited using itself
The sub-key of storage carries out mac calculating to the random number generating, and obtains mac check value, compares the first certificate card obtaining and controls safely
Whether the mac value that control equipment sends is identical with calculated mac check value, and after more identical, confirms that certification first is demonstrate,proved
Part card safety control device passes through, and generates security control certification and passes through result, and this result is back to the first certificate card safety
Control device.
Step s429, certificate card reader obtains the certificate card information that the first certificate card safety control device reads.
In a kind of optional embodiment of the present embodiment, the first certificate card safety control device receives security control to be recognized
Card by, after result, the first certificate card safety control device and being mutually authenticated of certificate card complete, control safely by the first certificate card
Control equipment determines that certificate card is true, safety, can read the certificate card information of storage in certificate card, certificate card confirms the first certificate
Card safety control device is safe and reliable, the certificate card information of storage can be sent to the first certificate card safety control device, in
It is the certificate card information that the first certificate card safety control device reads storage in certificate card, enter to getting ground certificate card information
Row is processed, and obtains readable certificate card information (i.e. the certificate card information of plaintext), readable certificate card information is sent to certificate
Card reader.
In an optional embodiment of the embodiment of the present invention, in order to ensure information security, the first certificate card is controlled safely
Control equipment can also be encrypted to readable certificate card information (for example, using certificate card reader and the first certificate card safety
The session key consulted between control device is encrypted), the certificate card information after encryption is sent to certificate card reader, card
Part card reader is decrypted, thus obtaining certificate card information after receiving.
In an optional embodiment of the embodiment of the present invention, if having to specify in Card Reader request needing the interior of reading
Hold, then the first certificate card safety control device, according to this instruction, reads essential information (for example, name, the property of storage in certificate card
Not, date of birth etc.), or the essential information+photo reading storage in certificate card.If not specifying in Card Reader request needs
The content reading, then the certificate card information of the first certificate card safety control device reading acquiescence, for example, the base of storage in certificate card
This information.
The said method being provided by the present embodiment, certificate card reader is only carried out information exchange with certificate card, by remote
The functions such as the certificate card safety control device execution certificate card security control certification at end, can share one with multiple certificate card readers
Individual certificate card safety control device, thus improve the utilization rate of certificate card safety control device, has saved cost.
Alternatively, certificate card information, after receiving certificate card information, can be sent to display dress by certificate card reader
Put display, such that it is able to facilitate user to read certificate card information.
Alternatively, certificate card information can also be sent to storage device (for example, electronic signature sets by certificate card reader
Standby) stored.So that in follow-up use, user can be without carrying certificate card, thus avoid user carrying with
Certificate card and the problem made troubles to user.
In order to ensure the data transmission security between certificate card reader and the first certificate card safety control device, at this
In one optional embodiment of bright embodiment, start the flow process reading certificate card information in the first certificate card safety control device
Before, certificate card reader and the first certificate card safety control device pass through to hold consultation, and both sides obtain session key;In certificate
After card reader and the first certificate card safety control device obtain session key, in certificate card reader and the first certificate card peace
During the subsequent communications of full control device, both sides are encrypted reconciliation to the data sending and receiving respectively using session key
Close.In a particular application, certificate card reader can be sent in certificate card reader with the first certificate card safety control device and seek
Block the negotiation of the key that conversates before asking or start to execute the negotiation of session key when sending card seeking request,
Can also be after certificate card reader sends card seeking request to the first certificate card safety control device, start session key
Negotiation, concrete the present embodiment is not construed as limiting.
In an optional embodiment of the embodiment of the present invention, in above-mentioned flow process, the first certificate card security control sets
Send information for by server to certificate card reader;First certificate card safety control device is received from card by server
The information of part card reader.I.e. in this optional embodiment, in network side, certificate card safety control device is not directly accessed net
Network, is provided with a server in the front end of certificate card safety control device, and certificate card safety control device passes through this server
Communicated with certificate card reader.By this way, certificate card safety control device can be avoided to be directly accessed network and be subject to
To malicious attack.
In an optional embodiment of the embodiment of the present invention, in above-mentioned flow process, certificate card reader pass through terminal to
Described first certificate card safety control device sends information;Certificate card reader is received by terminal and is derived from the first certificate card safety
The information of control device.I.e. in this optional embodiment, certificate card reader is not directly accessed network, but is connect by terminal
Receive network, the data interaction with network side is forwarded by terminal.By this way, certificate card reader can be avoided to be directly accessed
Network and be subject to malicious attack.
In above-mentioned optional embodiment, after certificate card reader obtains certificate card information, can be by described certificate card
Information sends to terminal, and terminal shows or stores certificate card information.Such that it is able to facilitate the use of certificate card information.
Fig. 5 is the embodiment schematic diagram of a kind of optional Card Reader preparation flow process of the present embodiment, as shown in figure 5, can at this
Select in embodiment, Card Reader prepares flow process and mainly includes the following steps that (a1-a24):
Step a1: certificate card reader sends card seeking instruction to certificate card;
Step a2: certificate card receives card seeking instruction, and send card seeking confirmation data to certificate card reader;
Step a3: certificate card reader is encrypted to card seeking request data d1 using authenticated encryption key, obtains card seeking
Request data ciphertext d1, the first private key pair card seeking request data ciphertext using certificate card reader is signed, and obtains card seeking
Ask for an autograph value sd1;
Step a4: certificate card reader passes through to send card seeking request to the first certificate card safety control device, and card seeking is asked
Ask for an autograph value sd1, the First Certificate of certificate card reader and certificate card reader including card seeking request data ciphertext d1, card seeking
The second certificate;
In the present embodiment, certificate card reader passes through its rf radio-frequency module and is sent out card seeking and refers at interval of a period of time
Order, after certificate card receives the instruction of this card seeking, sends card seeking to certificate card reader and confirms data, certificate card reader receives
After the card seeking that certificate card sends confirms data, certificate card reader sends card seeking request to the first certificate card safety control device.
In the present embodiment, card seeking request includes card seeking request data ciphertext, card seeking asks for an autograph value, certificate card Card Reader
The First Certificate of device and the second certificate of certificate card reader.Wherein, card seeking request data ciphertext is that certificate card reader is being received
Confirm, after data, to be encrypted generation using authenticated encryption key to card seeking request data to the card seeking that certificate card sends.Profit
Can ensure that card seeking please to transmitting after the encryption of card seeking request data to the first certificate card safety control device with authenticated encryption key
Seek safety in network transmission for the data.
In the present embodiment, at least include the first public key of certificate card reader in the First Certificate of certificate card reader,
Also the second public key of certificate card reader is at least included in second certificate of certificate card reader.First card of certificate card reader
The first public key in book and the second public key in the second certificate can identical it is also possible to different, the present embodiment does not limit.This step
Used in rapid, the second public key of certificate card reader and the second private key of certificate card reader used in step a8 are a pair
Unsymmetrical key pair, is respectively used to step a6, carries out encryption and decryption computing to session key in step a8.
As a kind of optional embodiment of the present embodiment, the card seeking request data in step a3 also include timestamp and/
Or single authentication data, also include the mark of certificate card reader in card seeking request.Wherein, single authentication mark includes certificate card
Count value and/or random factor that enumerator in card reader produces.When single authentication is designated the count value of enumerator generation
When, certificate card reader often executes a certificate card information read operation, and enumerator can produce a count value, for transmission
The first packet going out is counted, for example, when certificate card reader reads certificate card a, enumerator produces count value 1, next time
When reading certificate card b, enumerator produces count value 2, by that analogy, certainly specific count value form not limited to this;Work as single
When certification is designated random factor, random factor can be one or a string random number, or can be one or a string random
Character, or the combination in any of a string random number and random character;The mark of certificate card reader can be certificate card reader
Serial number, certainly, as long as the mark of certificate card reader can uniquely represent the mark of certificate card card reader, not
It is confined to the serial number of certificate card reader.
As a kind of optional embodiment of the present embodiment, card seeking request directly can be sent to the by certificate card reader
One certificate card safety control device, it is also possible to card seeking request is sent to server, is sent to the first certificate card peace by server
Full control device.When card seeking request is sent to server, server may determine that the certificate card reader in card seeking request
Whether mark, in blacklist, if in blacklist, terminates certificate card and reads flow process;Otherwise, server is demonstrate,proved according to each
The disposal ability of part card safety control device, selects which certificate card safety control device card seeking request is sent at
Reason, card seeking request is sent to the first certificate card safety control device that this chooses by server again.By server to the first number
Carry out shunting process according to bag, Single Point of Faliure can be prevented.
As a kind of optional embodiment of the present embodiment, server receives card seeking and asks and judge certificate card reader
Mark not after blacklist, using root certificate to the First Certificate of the certificate card reader receiving and certificate card reader
Second certificate is verified, and after being verified, server can utilize the First Certificate of certificate card reader that card seeking is asked
Name of drawing lots before idols value carries out signature verification, and carries out after signature verification passes through in value that card seeking is asked for an autograph, seeking during card seeking is asked
Second certificate of card request data ciphertext and certificate card reader sends to the first certificate card safety control device.
Step a5: the first certificate card safety control device receives card seeking request, and the first card using certificate card reader
Book card seeking is asked for an autograph value sd1 carries out signature verification, and carries out after signature verification passes through, utilizing in value that card seeking is asked for an autograph
Certification decruption key is decrypted to card seeking request data ciphertext d1, obtains card seeking request data d1, according to card seeking request data
D1 generates card seeking request response data rd1;
As a kind of optional embodiment of the present embodiment, the first certificate card safety control device receives card seeking request
Afterwards, using root certificate, the First Certificate of the certificate card reader receiving and the second certificate of certificate card reader are tested
Card, to prevent illegal molecule from distorting in the first public key and certificate card reader second certificate in certificate card reader First Certificate
The second public key, realize safety certification to certificate card reader, improve the safety of both sides' interaction.
In the present embodiment, certification decruption key and the authenticated encryption key in step a3 are identical key, that is, symmetrically
Key, is built in the first certificate card safety control device and certificate card reader in advance, and certificate card reader utilizes this symmetrical
The data that key is sent to the first certificate card safety control device first to certificate card reader is encrypted, the first certificate card peace
Full control device receives the transmission of certificate card reader first using this symmetric key to the first certificate card safety control device
Data is decrypted it is ensured that the safety of certificate card reader and the first certificate card safety control device transmission data first.Can
Select, authenticated encryption key and certification decruption key are saved in key database, and the first certificate card safety control device is permissible
Read this certification decruption key from key database, and it is local to be saved in the first certificate card safety control device.Certificate card is read
Card device can also read this authenticated encryption key from key database, and it is local to be saved in certificate card reader.
Step a6: the first certificate card safety control device generates session key r3, and using session key, card seeking is asked
Response data rd1 is encrypted, and obtains card seeking request response data ciphertext rd1, and the second certificate using certificate card reader
Session key is encrypted, obtains session key ciphertext r3, and sought using the private key pair of the first certificate card safety control device
Card request response data ciphertext and session key ciphertext are signed, and obtain card seeking request response signature value srd1;
Step a7: the first certificate card safety control device sends card seeking request response to certificate card reader, card seeking is asked
Response includes: card seeking request response data ciphertext rd1, session key ciphertext r3, card seeking request response signature value srd1 and first
The certificate of certificate card safety control device;
In the present embodiment, after the first certificate card safety control device deciphering obtains card seeking request data, generating card seeking please
Seek response data, and generate session key, wherein session key can be one or a string random number, or can for one or
A string random character, or the combination in any of a string random number and random character.Using session key, number of responses is asked to card seeking
According to being encrypted the safety in network transmission it is ensured that card seeking request response data.In addition, session key is as random
The key producing, is difficult to be stolen by illegal molecule.In the present embodiment, except certificate card reader is set with the first certificate card security control
Outside the standby data transmitted first is encrypted using authenticated encryption key, follow-up certificate card reader and the first certificate card safety
The data that control device is transmitted can be encrypted by session key, is led to avoiding authenticated encryption key to be cracked
Data transmission security reduces.Because session key is in the form of random number, the random number that the data of transmission adopts every time is equal
Difference, can improve the safety of data transfer between certificate card reader and the first certificate card safety control device further.
In the present embodiment, the first certificate card safety control device utilizes the public key in the second certificate of certificate card reader
Session key is encrypted, obtains session key ciphertext it is ensured that safety in network transmission for the session key.
In the present embodiment, the first certificate card safety control device utilizes the private key pair card seeking request response of itself storage close
Literary composition and session key are signed, and can prevent illegal molecule from distorting card seeking request response cyphertext and session key.
In the present embodiment, the first certificate card safety control device asks response bag to the card seeking that certificate card reader sends
Include: card seeking request response data ciphertext, session key ciphertext, card seeking request response signature value and the first certificate card security control set
Standby certificate.Wherein, the certificate of the first certificate card safety control device includes the public key of the first certificate card safety control device,
The public key of the private key of the first certificate card safety control device and the first certificate card safety control device is a pair of unsymmetrical key pair,
For to from the first certificate card safety control device to certificate card reader in transmission data signed and sign test.
As a kind of optional embodiment of the present embodiment, card seeking can directly be asked by the first certificate card safety control device
Response is asked to send to certificate card reader;Also card seeking request response can be sent to dispatching device, dispatching device is again by card seeking
Request response sends to certificate card reader.
Step a8: certificate card reader receives card seeking request response, and the card using the first certificate card safety control device
Book asks response signature value srd1 to carry out sign test to card seeking, and card seeking is being asked response signature value carry out after sign test passes through, profit
It is decrypted with the second private key pair session key ciphertext r3 of certificate card reader, obtain session key r3, and close using session
Key is decrypted to card seeking request response data ciphertext rd1, obtains card seeking request response data rd1.
Step a9: after certificate card reader obtains card seeking request response data, send out to the first certificate card safety control device
Card seeking is sent to confirm data, card seeking flow process terminates.
As a kind of optional embodiment of the present embodiment, after certificate card reader receives card seeking request response, utilize
Root certificate is verified to the certificate of the first certificate card safety control device receiving, to prevent illegal molecule from distorting the first card
Public key in the certificate of part card safety control device, realizes the safety certification to the first certificate card safety control device, improves double
The safety of side's interaction.
As a kind of optional embodiment of the present embodiment, when the first certificate card safety control device is to be read using certificate card
Second certificate of card device is encrypted to session key and single authentication mark, when generating session key ciphertext, certificate card Card Reader
Second private key pair session ciphertext of device is decrypted, and obtains session key and single authentication mark, can be identified according to single authentication
Judgement is the response to the request of which time card seeking.
As a kind of optional embodiment of the present embodiment, before card seeking flow process, certificate card reader and the first certificate
Card safety control device can be with consulting session key to be further ensured that the safety of card seeking request data transmission, concrete consulting session
The process of key is: certificate card reader is encrypted to session key request data using authenticated encryption key, obtains session
Key request data ciphertext, the first private key pair session key request data ciphertext using certificate card reader is signed, and obtains
To session key request signature value, and send session key request to the first certificate card safety control device, session key is asked
Read including ask for an autograph value, the First Certificate of certificate card reader and certificate card of session key request data ciphertext, session key
Second certificate of card device;First certificate card safety control device receives session key request, and the using certificate card reader
One certificate session key is asked for an autograph value carries out signature verification, and carries out signature verification in value that session key is asked for an autograph and lead to
Later, using certification decruption key, session key request data ciphertext is decrypted, obtains session key request data;First
Certificate card safety control device generates session key, and session key is carried out add using the second certificate of certificate card reader
Close, obtain session key ciphertext, and signed using the private key pair session key ciphertext of the first certificate card safety control device,
Obtain session key ciphertext signature value, and send session key request response, session key request response to certificate card reader
Including: the certificate of session key ciphertext, session key ciphertext signature value and the first certificate card safety control device;Certificate card Card Reader
Device receives session key request response, and utilizes the certificate of the first certificate card safety control device to session key ciphertext signature value
Carry out sign test, and session key ciphertext signature value is being carried out after sign test passes through, using the second private key pair of certificate card reader
Session key ciphertext is decrypted, and obtains session key.
As a kind of optional embodiment of the present embodiment, when having consulted session key before card seeking flow process, on
State Card Reader prepare in flow process certificate card reader and the first certificate card safety control device can directly using session key to seeking
Card request data and card seeking request response data carry out encryption and decryption, and the card seeking flow process that above-mentioned Card Reader prepares in flow process can be replaced
For:
Step a1: certificate card reader sends card seeking instruction to certificate card;
Step a2: certificate card receives card seeking instruction, and send card seeking confirmation data to certificate card reader;
Step a3: certificate card reader is encrypted to card seeking request data using session key, obtains card seeking number of request
According to ciphertext, the first private key pair card seeking request data ciphertext using certificate card reader is signed, and obtains card seeking and asks for an autograph
Value;
Step a4: certificate card reader sends card seeking request to the first certificate card safety control device, card seeking request includes
Card seeking request data ciphertext and card seeking ask for an autograph value;
Step a5: the first certificate card safety control device receives card seeking request, and the first card using certificate card reader
Book card seeking is asked for an autograph value carries out signature verification, and carries out after signature verification passes through, utilizing in value sd1 that card seeking is asked for an autograph
Session key is decrypted to card seeking request data ciphertext d1, obtains card seeking request data d1, is given birth to according to card seeking request data d1
Become card seeking request response data rd1;
Step a6: the first certificate card safety control device carries out to card seeking request response data rd1 adding using session key
Close, obtain card seeking request response data ciphertext rd1, and rung using the private key pair card seeking request of the first certificate card safety control device
Answer data ciphertext to be signed, obtain card seeking request response signature value srd1;
Step a7: the first certificate card safety control device sends card seeking request response to certificate card reader, card seeking is asked
Response includes: card seeking request response data ciphertext and card seeking request response signature value;
Step a8: certificate card reader utilizes the certificate of the first certificate card safety control device that the card seeking request receiving is rung
Value of should signing carries out sign test, and after card seeking being asked response signature value sign test pass through, using session key to seeking of receiving
Card request response data ciphertext is decrypted, and obtains card seeking request response data.
Step a9: certificate card reader sends card seeking to the first certificate card safety control device and confirms data.
Step a1-a9 completes card seeking flow process, and card seeking flow process also includes card selection flow process after terminating, by card selection flow process first
Certificate card safety control device can confirm that the read operation being which certificate card is carried out.One kind as the present embodiment can
Select embodiment, after step a9 step, also include following card selection flow process realizes step (a10-a18):
Step a10: after certificate card reader obtains card seeking request response data, send card selection instruction to certificate card;
Step a11: certificate card receives card selection instruction, and send card selection confirmation data, wherein card selection to certificate card reader
Confirm that data at least includes the serial number of certificate card.
Step a12: certificate card reader receives card selection and confirms data, and using session key, card selection request data d2 is entered
Row encryption, obtains card selection request data ciphertext d2, the first private key pair card selection request data ciphertext using certificate card reader is entered
Row signature, obtains card selection and asks for an autograph value sd2;
Step a13: certificate card reader sends card selection request to the first certificate card safety control device, card selection request includes
Card selection request data ciphertext d2 and card selection ask for an autograph value sd2;
Step a14: the first certificate card safety control device receives card selection request, and the first card using certificate card reader
Book card selection is asked for an autograph value sd2 carries out signature verification, and carries out after signature verification passes through in value sd2 that card selection is asked for an autograph,
Using session key, card selection request data ciphertext d2 is decrypted, obtains card selection request data d2, according to card selection request data
D2 generates card selection request response data rd1;
Step a15: the first certificate card safety control device is carried out to card selection request response data rd2 using session key r3
Encryption, obtains card selection request response data ciphertext rd2, and the private key pair card selection request using the first certificate card safety control device
Response data ciphertext is signed, and obtains card selection request response signature value srd2;
Step a16: the first certificate card safety control device sends card selection request response to certificate card reader, card selection is asked
Response includes: card selection request response data ciphertext rd2 and card selection request response signature value srd2;
Step a17: certificate card reader utilizes the certificate of the first certificate card safety control device to the card selection request receiving
Response signature value srd2 carries out sign test, and after card selection being asked response signature value sign test pass through, using session key to reception
To card selection request response data ciphertext rd2 be decrypted, obtain card selection request response data rd2;
Step a18: certificate card reader, after obtaining card selection request response data, confirms number using session key to card selection
Obtain card selection confirmation data ciphertext according to being encrypted, and confirm data ciphertext using the first private key pair card selection of certificate card reader
Signed, obtain card selection and confirm data signature value, and sent card selection to the first certificate card safety control device and confirmed that data is close
Literary composition and card selection confirm data signature value;First certificate card safety control device receives card selection and confirms that data ciphertext and card selection confirm
After data signature value, the First Certificate using certificate card reader carries out signature verification to card selection data signature value, and to choosing
Card data signature value carries out after signature verification passes through, confirming that data ciphertext is decrypted using session key to card selection, being selected
Card confirms data.
In the present embodiment, a certificate card has a safe key, different certificate card, corresponding safe key
Differ, the safe key of multiple certificate cards that are stored with the first certificate card safety control device, by step a18, the first card
Part card safety control device obtains card selection and confirms data, and wherein card selection confirms that data includes the serial number of certificate card, the first card
After part card safety control device obtains the serial number of certificate card, the corresponding peace of this certificate card can be searched according to the serial number of certificate card
Full key, subsequently to realize certificate card and the two-way authentication of the first certificate card safety control device using this safe key.
After card selection flow process terminates, start the preparation before Card Reader flow process, certificate card reader obtains the in Card Reader flow process
The process of one data (being referred to as the first certification factor in the present embodiment) to be certified is following steps (step a19-a26):
Step a19: certificate card reader sends Card Reader instruction to certificate card;
Step a20: certificate card receives Card Reader instruction, and send Card Reader confirmation data to certificate card reader;
Step a21: certificate card reader is encrypted to Card Reader request data d3 using session key, obtains Card Reader request
Data ciphertext d3, and signed using the first private key pair Card Reader request data ciphertext of certificate card reader, obtaining Card Reader please
Name of drawing lots before idols value sd3;
Step a22: certificate card reader sends Card Reader request to the first certificate card safety control device, Card Reader request includes
Card Reader request data ciphertext d3 and Card Reader ask for an autograph value sd3;
Step a23: the first certificate card safety control device receives Card Reader request, and the first card using certificate card reader
Book Card Reader is asked for an autograph value sd3 carries out signature verification, and carries out after signature verification passes through, utilizing in value that Card Reader is asked for an autograph
Session key is decrypted to Card Reader request data ciphertext d3, obtains Card Reader request data d3.
Step a24: the first certificate card safety control device generates first certification factor r1;Recognized to first using session key
The card factor is encrypted, and obtains the first certification factor ciphertext r1, and the private key pair the using the first certificate card safety control device
One certification factor ciphertext is signed, and obtains the first certification factor signature value sr1.
Step a25: the first certificate card safety control device sends Card Reader request response to certificate card reader, Card Reader is asked
Response includes: the first certification factor ciphertext r1 and the first certification factor signature value sr1;
Step a26: certificate card reader receives Card Reader request response, and the card using the first certificate card safety control device
Book carries out signature verification to the first certification factor signature value sr1, and is carrying out signature verification to the first certification factor signature value sr1
By rear, using session key, the first certification factor ciphertext r1 be decrypted, obtain first certification factor r1.
It should be noted that in above-mentioned flow process, certificate card reader can directly be set with the first certificate card security control
Standby communicated, or it is also possible to by between server forwarding certificate card reader and the first certificate card safety control device
The information of transmission.
So far, Card Reader preparation flow process terminates, and the first certificate safety control device starts Card Reader flow process, gets in certificate card
The certificate card information of storage.Fig. 5 is the Card Reader schematic flow sheet in an optional embodiment of the embodiment of the present invention, such as Fig. 5
Shown, in this optional embodiment, Card Reader flow process may include that
Step b1: certificate card reader sends first certification factor r1 to certificate card;
In the present embodiment, the first certification factor can be one or a string random number, or can be one or a string
Random character, or the combination in any of a string random number and random character.
In the present embodiment, certificate card reader sends the first certification factor by non-contact interface to certificate card, wherein
Non-contact interface can be rf radio-frequency module.
Step b2: certificate card receives first certification factor r1, and the first certification factor is encrypted, and obtains the first certification
Data c1, and generate second certification factor r2;
Step b3: certificate card sends the first authentication data c1 and second certification factor r2 to certificate card reader;
In the present embodiment, certificate card can be encrypted to the first certification factor using safe key, this safe key
It is to be built in advance in legal certificate card, only legal certificate card just has this safe key.
In the present embodiment, certificate card receives, by non-contact interface, the first certification factor that certificate card reader sends,
Wherein, non-contact interface can be rf radio-frequency module.Data between certificate card reader in the present embodiment and certificate card is equal
It is that communications are carried out by non-contact interface, the data is activation being referred to below between certificate card reader and certificate card will not
Repeat specific embodiment again.
Step b4: certificate card reader receives the first authentication data and the second certification factor, and using session key to the
One authentication data and the second certification factor are encrypted, and obtain the first close e1 literary composition, and the first private using certificate card reader
Key is signed to the first ciphertext, obtains the first signature value s1;
In the present embodiment, the second certification factor can be one or a string random number, or can be one or a string
Random character, or the combination in any of a string random number and random character.It is right that certificate card can be realized using the second certification factor
The certification of the first certificate card safety control device.
In the present embodiment, session key can also be one or a string random number, or can for one or a string with
Machine character, or the combination in any of a string random number and random character.Certificate card reader and the first certificate card security control set
For using session key, encryption and decryption is carried out to the data of transmission between certificate card reader and the first certificate card safety control device.
In the present embodiment, certificate card reader is signed using first private key pair the first ciphertext of certificate card reader
Name, a kind of optional embodiment obtaining the first signature value is: certificate card reader calculates the first ciphertext using hash algorithm and obtains
To the summary of the first ciphertext, and it is encrypted using the summary of first private key pair the first ciphertext of certificate card reader, obtain
One signature value.Can prevent illegal molecule from distorting the first ciphertext by the first ciphertext is carried out with signature.It should be noted that this reality
Apply the signature process in example and all can be found in this embodiment, the process that signature is referred to below will no longer specifically repeat.
Step b5: certificate card reader sends the first data to the first certificate card safety control device in cloud authentication platform
Bag, the first packet includes: the first ciphertext e1 and the first signature value s1;
In the present embodiment, have network savvy certificate card reader can directly pass through cable network or wireless network to
First certificate card safety control device sends the first packet, and the certificate card reader without network savvy can utilize host computer
(such as mobile phone, pad (panel computer) or pc etc.) passes through cable network or wireless network to the first certificate card safety control device
Send the first packet.Optionally, certificate card reader can pass through wired mode (for example, usb interface etc.) or wireless mode (example
As, wifi, bluetooth etc.) realize communication connection with host computer.
As a kind of optional embodiment, certificate card reader can be using session key to the first authentication data and the
After the two certification factors are encrypted together, transmit to the first certificate card safety control device, it is of course also possible to recognize to first respectively
Card data and after the second certification factor is encrypted, and it is transmitted separately to the first certificate card safety control device.
As a kind of optional embodiment of the present embodiment, certificate card reader is not directly to send the first packet
To the first certificate card safety control device, but first the first packet is sent to server, then by server by the first data
Bag distribution is to the first certificate card safety control device.By server to the number that will send to the first certificate card safety control device
According to being scheduling, Single Point of Faliure can be prevented.
Step b6: the first certificate card safety control device receives the first packet;And first using certificate card reader
Certificate carries out signature verification to the first signature value s1, and the first signature value is being carried out after signature verification passes through, close using session
Key is decrypted to the first ciphertext, obtains the first authentication data c1 and second certification factor r2;And the first authentication data c1 is entered
Row checking, after the first authentication data c1 is verified, is encrypted to second certification factor r2, obtains the second certification
Data c2;And using session key, the second authentication data is encrypted, obtain the second ciphertext e2, and utilize the first certificate card
Private key pair second ciphertext of safety control device is signed, and obtains the second signature value s2;
In the present embodiment, the First Certificate of certificate card reader at least includes the first public key of certificate card reader, card
First private key of the certificate card reader in the first public key of part card reader and step b4 is a pair of unsymmetrical key.
In the present embodiment, the first certificate card safety control device utilizes the First Certificate of certificate card reader to sign to first
A kind of optional embodiment that name value carries out signature verification is: the first certificate card safety control device utilizes certificate card reader
The public key of First Certificate is decrypted to receiving the first signature value, obtains the summary of the first ciphertext, and utilizes hash algorithm pair
The first ciphertext receiving carries out being calculated the summary of the first ciphertext, and compares the summary of the first ciphertext and the meter that deciphering obtains
Whether the summary of the first ciphertext obtaining is identical, if identical, carry out signature verification to the first signature value and passes through.In this reality
Apply in example, the first certificate card safety control device carries out checking and includes two kinds of embodiments: mode one to the first authentication data:
First certificate card safety control device can be using the first certificate card safety control device built-in safe key to receiving
First authentication data is decrypted, and obtains the certification factor, and compares the certification factor and itself generates first that deciphering obtains and recognize
Whether the card factor is identical, if identical, the first authentication data is verified.Mode two: the first certificate card is controlled safely
Control equipment can be generated to itself using the corresponding safe key of this certificate card of the first certificate card safety control device storage
The first certification factor is encrypted and obtains authentication data, and compares the encryption authentication data obtaining and the first certification number receiving
According to whether identical, if identical, the first authentication data is verified.Due to meeting in legal certificate card manufacturing process
Built-in security key, also can store identical safe key in the first certificate card safety control device, so that follow-up realize being somebody's turn to do
Two-way authentication between certificate card and the first certificate card safety control device.If the first certificate card safety control device is to first
Authentication data is verified, and the peace that the safe key of certificate card use and the first certificate card safety control device use is described
Full key is identical, and certificate card is that the first certification factor that the first certificate card safety control device is generated is encrypted and obtains
First authentication data, then this certificate card is legal certificate card, and the first certificate card safety control device is by the first certification number
According to carrying out verifying the legitimacy confirming certificate card.
In the present embodiment, after the first authentication data being verified, the first certificate card safety control device utilizes
Safe key is encrypted to the second certification factor, obtains the second authentication data.Equally, the first certificate card safety control device profit
Safe key is also to be built in advance in the first certificate card safety control device, only legal the first certificate card safety
Control device just has this safe key.As a kind of optional embodiment, the first authentication data is carried out with checking illogical
Cross, then terminate certificate card and read flow process.
Step b7: the first certificate card safety control device sends the second packet, the second packet to certificate card reader
Including: the second ciphertext e2 and the second signature value s2;
In the present embodiment, if certificate card reader has network savvy, the first certificate card safety control device is permissible
Directly pass through cable network or wireless network and send the second packet to certificate card reader;If certificate card reader does not have
Network savvy, the first certificate card safety control device can send the second data by cable network or wireless network to host computer
Bag, host computer transmits the second packet to certificate card reader again.
As a kind of optional embodiment of the present embodiment, the first certificate card safety control device is not directly by second
Packet sends to certificate card reader, but first sends the second packet to server, by server by the second packet
It is forwarded to certificate card reader.
Step b8: certificate card reader receives the second packet, using the certificate pair of the first certificate card safety control device
Second signature value s2 carries out signature verification, and carrying out to the second signature value after signature verification passes through, using session key to
Two ciphertexts e2 are decrypted, and obtain the second authentication data c2;
In the present embodiment, the certificate of the first certificate card safety control device at least includes the first certificate card security control and sets
Standby public key.
Step b9: certificate card reader sends the second authentication data c2 to certificate card;
Step b10: certificate card is verified to the second authentication data c2;
Step b11: certificate card, after the second authentication data is verified, sends certificate card to certificate card reader
Data ciphertext cd1;
In the present embodiment, the specific embodiment that certificate card is verified to the second authentication data is: mode one: certificate
Card can be decrypted to the second authentication data receiving using the corresponding decruption key of the built-in safe key of certificate card, obtains
Whether to the certification factor, and it is identical with the second certification factor that itself generates to compare the certification factor that deciphering obtains, if identical,
Then the second authentication data is verified.Mode two: certificate card can utilize the safe key of certificate card that itself is generated
The second certification factor be encrypted and obtain authentication data, and compare the encryption authentication data obtaining and the second certification receiving
Whether data is identical, if identical, the second authentication data is verified.Certificate card is tested to the second authentication data
Card passes through, and illustrates that the safe key safe key built-in with certificate card that the first certificate card safety control device uses is identical, says
Bright first certificate card safety control device is the first legal certificate card safety control device, and certificate card is by the second certification number
According to carrying out verifying the legitimacy confirming the first certificate card safety control device.
In step b6, the first certificate card safety control device confirms the legitimacy of certificate card by the first certification factor,
In step b11, certificate card confirms the legitimacy of the first certificate card safety control device by the second certification factor.Two-way recognize
After card passes through, certificate card ability sends certificate card data ciphertext to certificate card reader, and wherein, certificate card data ciphertext is usually to demonstrate,prove
The ciphertext of the data such as part card number, name, photo, age, address, card service life and/or fingerprint.
Step b12: certificate card reader receives certificate card data ciphertext cd1, and using session key to certificate card data
Ciphertext is encrypted, and obtains the 3rd ciphertext e3, and is signed using the first private key pair the 3rd ciphertext of certificate card reader, obtains
To the 3rd signature value s3;
In the present embodiment, certificate card reader is encrypted it is ensured that demonstrate,proving to certificate card data ciphertext using session key
Safety in network transmission process for the part card data ciphertext.In addition, the first private key pair the 3rd ciphertext using certificate card reader
Signed, can prevent illegal molecule from distorting the 3rd ciphertext.
Step b13: certificate card reader sends the 3rd packet, the 3rd packet to the first certificate card safety control device
Including: the 3rd ciphertext e3 and the 3rd signature value s3;
Step b14: the first certificate card safety control device receives the 3rd packet, and first using certificate card reader
Certificate carries out signature verification to the 3rd signature value s3, and the 3rd signature value is being carried out after signature verification passes through, close using session
Key is decrypted to the 3rd ciphertext e3, obtains certificate card data ciphertext cd1;And certificate card data ciphertext is decrypted, obtain
Certificate card data clear text cd2;And using session key, certificate card data clear text cd2 is encrypted, obtain the 4th ciphertext e4, with
And signed using private key pair the 4th ciphertext of the first certificate card safety control device, obtain the 4th signature value s4;
Optionally, the information included by certificate card data ciphertext can once be sent to the first certificate by a packet
Card safety control device, certainly, the information included by certificate card data ciphertext can also be sent several times by multiple packets
To the first certificate card safety control device.
In the present embodiment, the first certificate card safety control device obtains certificate card data ciphertext to the 3rd ciphertext deciphering
Afterwards, using the ciphertext data reading from certificate card being decrypted of setting in the first certificate card safety control device
Module is decrypted to certificate card data ciphertext, obtains certificate card data clear text.Using session key to certificate card data clear text
It is encrypted it is ensured that safety in network transmission process for the certificate card data clear text;Set using the first certificate card security control
Standby private key pair the 4th ciphertext is signed, and can prevent illegal molecule from distorting the 4th ciphertext.
Step b15: the first certificate card safety control device sends the 4th packet, the 4th packet to certificate card reader
Including: the 4th ciphertext e4 and the 4th signature value s4;
Step b16: certificate card reader receives the 4th packet, and the certificate using the first certificate card safety control device
Signature verification is carried out to the 4th signature value s4, and the 4th signature value is being carried out after signature verification passes through, using session key pair
4th ciphertext e4 is decrypted, and obtains certificate card data clear text cd2.
In the present embodiment, certificate card data clear text usually certificate card number, name, photo, age, address, card makes
Plaintext with data such as the time limit and/or fingerprints.As a kind of optional embodiment of the present embodiment, certificate card reader is deciphered
To after certificate card data clear text, directly certificate card data clear text can be shown by certificate card reader.Certainly, certificate card reader
Also certificate card data clear text can be sent to host computer, certificate card data clear text is shown by host computer.
By above-mentioned flow process, certificate card and the first certificate card safety control device pass through the first certification factor and the second certification
The interaction of the factor completes two-way authentication, and the first certificate card safety control device is decrypted to certificate card data ciphertext to obtain
Certificate card data clear text, and it is sent to certificate card card reader, to complete the reading of certificate card.
As seen from the above technical solution provided by the invention, in scheme provided in an embodiment of the present invention, by certificate
Card safety control module removes from certificate card reader, and certificate card reader may only be communicated with certificate card, and certificate
Card information needs to complete to read by the certificate card safety control device being arranged on backstage, such that it is able to reduce certificate card radio-frequency unit
Cost, and, multiple certificate card reader can be verified by same certificate card safety control device, thus improve
The utilization rate of certificate card safety control device.
Although embodiments of the invention have been shown and described above it is to be understood that above-described embodiment is example
Property it is impossible to be interpreted as limitation of the present invention, those of ordinary skill in the art is in the principle without departing from the present invention and objective
In the case of above-described embodiment can be changed within the scope of the invention, change, replace and modification.The scope of the present invention
By claims and its equivalent limit.
Claims (11)
1. a kind of certificate card information collecting method is it is characterised in that be applied to including certificate card reader and the first certificate card peace
The system of full control device, methods described includes:
Step 1, described certificate card reader periodically broadcasts card seeking instruction;
Step 2, described certificate card reader receives the response message of certificate card return;
Step 3, described certificate card reader judges that described response message is the card seeking confirmation data for the instruction of described card seeking;
Step 4, described certificate card reader is gone off the air the instruction of described card seeking, is controlled safely to described first certificate card by network
Control equipment sends card seeking request;
Step 5, described first certificate card safety control device receives described card seeking request, by network to described certificate card Card Reader
Device sends card seeking response, wherein, carries card seeking response data in described card seeking response;
Step 6, described certificate card reader receives the described card seeking response that described first certificate card safety control device sends, and obtains
Take described card seeking response data;
Step 7, described card seeking is confirmed data is activation to described first certificate card safety control device by described certificate card reader;
Step 8, described certificate card reader sends card selection instruction to described certificate card;
Step 9: described certificate card reader receives the card selection confirmation data that described certificate card sends, and wherein, described card selection confirms
Data at least includes the unique identification information of described certificate card;
Step 10: described certificate card reader sends card selection request to described first certificate card safety control device;
Step 11: described first certificate card safety control device receives described card selection request;
Step 12: described first certificate card safety control device sends card selection request response to described certificate card reader;
Step 13: described certificate card reader receives the card selection request response that described first certificate card safety control device sends;
Step 14: described certificate card reader determines that card selection request response is the response data for card selection request, by described choosing
Card confirms data is activation to described first certificate card safety control device;
Step 15, described certificate card reader sends Card Reader instruction to certificate card;
Step 16, described certificate card reader receives the Card Reader confirmation data that described certificate card returns;
Step 17, described certificate card reader sends Card Reader request to described first certificate card safety control device;
Step 18, described first certificate card safety control device receives described Card Reader request;
Step 19: described first certificate card safety control device sends Card Reader request response to described certificate card reader, wherein,
The first data to be verified is at least carried in described Card Reader request response;
Step 20, described certificate card reader receives the Card Reader request response that described first certificate card safety control device sends;
Step 21, described certificate card reader obtains the described first data to be verified carrying in described Card Reader request response, will
Described first data is activation to be verified gives described certificate card;
Step 22, described certificate card reader receives the certificate card authentication response that described certificate card sends, wherein, described certificate card
Carry described certificate card in authentication response the described first data to be verified is carried out verifying calculated first verification data;
Step 23, described certificate card authentication response is sent to described first certificate card security control and sets by described certificate card reader
Standby;
Step 24, described first certificate card safety control device receives described certificate card authentication response, to the described first checking number
According to being verified, after being verified, send certificate card certification to described certificate card reader and pass through result;
Step 25, described certificate card certification is sent to described certificate card by result by described certificate card reader;
Step 26, described certificate card reader receives the security control certification request that described certificate card sends, and by described safety
Control certification request to send to described first certificate card safety control device, wherein, carry in described security control certification request
There is the second data to be verified;
Step 27, described first certificate card safety control device receives described security control certification request, verifies to described second
Data is calculated, and obtains the second checking data, by described second checking data carry security control authentication response send to
Described certificate card reader;
Step 28, described certificate card reader receives described security control authentication response, and described security control authentication response is sent out
Deliver to described certificate card, and receive the security control certification of described certificate card transmission and pass through result, and described security control is recognized
Card is sent to described first certificate card safety control device by result;
Step 29, described certificate card reader obtains the certificate card information that described first certificate card safety control device reads.
2. method according to claim 1 it is characterised in that
The first identification authentication data is at least carried in described card seeking request;Described first certificate card safety control device is to institute
Before stating certificate card reader return described card seeking response, methods described also includes: described first certificate card safety control device
Described first identification authentication data according to carrying in the request of described card seeking is authenticated to the identity of described certificate card reader,
In the case that certification is passed through, execute the step returning described card seeking response to described certificate card reader;And/or
The second identification authentication data is at least carried in described card seeking response;Receive described first card in described certificate card reader
After the card seeking response that part card safety control device sends, described card seeking is confirmed data is activation to described first certificate card safety
Before control device, methods described also includes: described certificate card reader is according to described second identification authentication data to described
The identity of one certificate card safety control device is authenticated, and in the case that certification is passed through, described card seeking is confirmed data by execution
The step being sent to described first certificate card safety control device;And/or
Tiers e'tat authentication data is carried in described card selection request;Receive described choosing stating the first certificate card safety control device
After card request, before sending card selection request response to described certificate card reader, methods described also includes: described first certificate
The body to described certificate card reader for the tiers e'tat authentication data that card safety control device carries in being asked according to described card selection
Part is authenticated, and in the case that certification is passed through, executes the step sending card selection request response to described certificate card reader;
And/or
The 4th identification authentication data is at least carried in described card selection request response;Receive described the in described certificate card reader
After the card selection request response that one certificate card safety control device sends, described card selection is confirmed data is activation to described first card
Before part card safety control device, methods described also includes: described certificate card reader parses in described card selection request response and takes
The information of band, obtains the 4th identification authentication data carrying in described card selection request response, and according to described 4th authentication
Data is authenticated to the identity of described first certificate card safety control device, and in the case that certification is passed through, execution will be described
Card selection confirms the step to described first certificate card safety control device for the data is activation;And/or
The 5th authentication data is at least carried in described Card Reader request;Receive described reading in described first certificate card safety control device
After card request, before sending Card Reader request response to described certificate card reader, methods described also includes: described first certificate
The body to described certificate card reader for described 5th authentication data that card safety control device carries in being asked according to described Card Reader
Part is authenticated, and in the case that certification is passed through, obtains the described first data to be verified, executes and send out to described certificate card reader
The step sending Card Reader request response;And/or
The 6th identification authentication data is also carried in described Card Reader request response;Receive described first in described certificate card reader
After the Card Reader request response that certificate card safety control device sends, obtain described first carrying in described Card Reader request response
Before data to be verified, methods described also includes: described certificate card reader parses the letter carrying in described Card Reader request response
Breath, obtains the 6th identification authentication data carrying in described Card Reader request response, and according to described 6th identification authentication data pair
The identity of described first certificate card safety control device is authenticated, and in the case that certification is passed through, execution obtains described Card Reader
The step of the described first data to be verified carrying in request response.
3. method according to claim 1 and 2 it is characterised in that
Before step 6, methods described also includes: described certificate card reader and described first certificate card safety control device it
Between conversate key agreement, described certificate card reader and described first certificate card safety control device obtain both sides when advancing
The session key that row communication uses;
After described certificate card reader obtains described session key with described first certificate card safety control device, described
During certificate card reader is communicated with described first certificate card safety control device, described certificate card reader and institute
State the first certificate card safety control device using described session key, the data being sent to other side to be encrypted, and to being derived from
The data of other side is decrypted.
4. the method according to any one of claims 1 to 3 it is characterised in that
Described first certificate card safety control device passes through server and sends information to described certificate card reader;
Described first certificate card safety control device receives the information from described certificate card reader by server.
5. the method according to any one of Claims 1-4 it is characterised in that
Described certificate card reader passes through terminal and sends information to described first certificate card safety control device;
Described certificate card reader receives the information from described first certificate card safety control device by described terminal.
6. a kind of certificate card information acquisition system is it is characterised in that include: certificate card reader and the first certificate card security control
Equipment;Wherein,
Described certificate card reader includes: the first transceiver module, the second transceiver module and first processing module;
Described first certificate card safety control device includes: the 3rd transceiver module, generation module and Second processing module;
Described first transceiver module, for periodic broadcast card seeking instruction, and receives the response message that certificate card returns;
Described first processing module, for judging whether described response message is to confirm number for the card seeking that described card seeking instructs
According to, the described card seeking instruction if it is, described first transceiver module of instruction is gone off the air, and indicate that described second transceiver module leads to
Cross network and send card seeking request to described first certificate card safety control device;
Described 3rd transceiver module, for receiving described card seeking request, sends card seeking by network to described certificate card reader
Response, wherein, carries card seeking response data in described card seeking response;
Described second transceiver module, for receiving the described card seeking response that described first certificate card safety control device sends, obtains
Take described card seeking response data, and described card seeking is confirmed data is activation to described first certificate card safety control device;
Described first transceiver module, is additionally operable to send card selection instruction to described certificate card, and receives what described certificate card sent
Card selection confirms data, and wherein, described card selection confirms that data at least includes the unique identification information of described certificate card;
Described second transceiver module, is additionally operable to send card selection request to described first certificate card safety control device;
Described 3rd transceiver module, is additionally operable to receive described card selection request, sends card selection request to described certificate card reader and ring
Should;
Described second transceiver module, is additionally operable to receive the card selection request response that described first certificate card safety control device sends,
Described card selection is confirmed data is activation to described first certificate card safety control device;
Described first transceiver module, is additionally operable to send Card Reader instruction to certificate card, receives the Card Reader confirmation data that certificate card returns;
Described second transceiver module, is additionally operable to send Card Reader request to described first certificate card safety control device;
Described 3rd transceiver module, is additionally operable to the first certificate card safety control device and receives described Card Reader request, to described certificate
Card reader sends Card Reader request response, wherein, at least carries the first data to be verified in described Card Reader request response;
Described second transceiver module, is additionally operable to receive the Card Reader request response that described first certificate card safety control device sends;
Described first processing module, is additionally operable to obtain the described first data to be verified carrying in described Card Reader request response;
Described first transceiver module, is additionally operable to the described first data is activation to be verified to described certificate card, receives described certificate
The certificate card authentication response that card sends, wherein, carries described certificate card and treats to described first in described certificate card authentication response
Checking data carries out verifying calculated first verification data;
Described second transceiver module, is additionally operable to for described certificate card authentication response to be sent to described first certificate card security control and sets
Standby;
Described 3rd transceiver module, is additionally operable to receive described certificate card authentication response;
Described Second processing module, for verifying to described first verification data, after being verified, indicates the described 3rd
Transceiver module sends certificate card certification to described certificate card reader and passes through result;
Described second transceiver module, is additionally operable to receive described certificate card certification by result;
Described first transceiver module, is additionally operable to for described certificate card certification to be sent to described certificate card by result, receives described
The security control certification request that certificate card sends;
Described second transceiver module, is additionally operable to send described security control certification request to described first certificate card security control
Equipment, wherein, carries the second data to be verified in described security control certification request;
Described 3rd transceiver module, is additionally operable to receive described security control certification request;
Described Second processing module, is additionally operable to the described second checking data is calculated, obtains the second checking data;
Described 3rd transceiver module, is additionally operable to carry the described second checking data and sends to described in security control authentication response
Certificate card reader;
Described second transceiver module, is additionally operable to receive described security control authentication response;
Described first transceiver module, is additionally operable to send described security control authentication response to described certificate card, and receives described
Result is passed through in the security control certification that certificate card sends;
Described second transceiver module, is additionally operable to send to described first certificate card safety described security control certification by result
Control device;
Described Second processing module, is additionally operable to read the certificate card letter of storage in described certificate card by described 3rd transceiver module
Cease described first processing module, be additionally operable to obtain the certificate card information that described first certificate card safety control device reads.
7. system according to claim 6 it is characterised in that
The first identification authentication data is at least carried in described card seeking request;Described Second processing module, is additionally operable to described
Before three transceiver modules return described card seeking response to described certificate card reader, according to carry in the request of described card seeking
First identification authentication data is authenticated to the identity of described certificate card reader, in the case that certification is passed through, executes to institute
State the operation that certificate card reader returns described card seeking response;And/or
The second identification authentication data is at least carried in described card seeking response;Described first processing module, is additionally operable to described
After two transceiver modules receive the card seeking response that described first certificate card safety control device sends, described second transceiver module will
Before described card seeking confirms data is activation to described first certificate card safety control device, according to described second identification authentication data
The identity of described first certificate card safety control device is authenticated, in the case that certification is passed through, described second receipts of triggering
Sending out module confirms data is activation to described first certificate card safety control device described card seeking;And/or
Tiers e'tat authentication data is carried in described card selection request;Described Second processing module, is additionally operable in described 3rd receipts
After sending out module reception described card selection request, before sending card selection request response to described certificate card reader, according to described choosing
The tiers e'tat authentication data carrying in card request is authenticated to the identity of described certificate card reader, the feelings passed through in certification
Under condition, trigger described 3rd transceiver module and send card selection request response to described certificate card reader;And/or
The 4th identification authentication data is at least carried in described card selection request response;Described first processing module, is additionally operable in institute
After stating the card selection request response that the second transceiver module receives described first certificate card safety control device transmission, described second receipts
Send out module and described card selection is confirmed data is activation to before described first certificate card safety control device, the described card selection of parsing is asked
The information carrying in response, obtains the 4th identification authentication data carrying in the request response of described card selection, and according to the described 4th
Identification authentication data is authenticated to the identity of described first certificate card safety control device, in the case that certification is passed through, touches
Send out the second transceiver module described and confirm data is activation to described first certificate card safety control device described card selection;And/or
The 5th authentication data is at least carried in described Card Reader request;Described Second processing module, is additionally operable in described 3rd transmitting-receiving
After module receives described Card Reader request, before sending Card Reader request response to described certificate card reader, according to described Card Reader
Described 5th authentication data carrying in request is authenticated to the identity of described certificate card reader, situation about passing through in certification
Under, obtain the described first data to be verified, trigger and send Card Reader request sound to described 3rd transceiver module to certificate card reader
Should;And/or also carry the 6th identification authentication data in the request response of described Card Reader;Described first processing module, is additionally operable to
After described second transceiver module receives the Card Reader request response that described first certificate card safety control device sends, obtain described
Before the described first data to be verified carrying in Card Reader request response, the information that parsing described Card Reader request carries in responding,
Obtain described 6th identification authentication data carrying in described Card Reader request response, and according to described 6th identification authentication data pair
The identity of described first certificate card safety control device is authenticated, and in the case that certification is passed through, execution obtains described Card Reader
The operation of the described first data to be verified carrying in request response.
8. the system according to claim 6 or 7 it is characterised in that
Described first processing module and described Second processing module, are additionally operable to interact the key agreement that conversates, and obtain and work as
Before carry out communicate use session key;And after obtaining described session key, described certificate card reader with described
During first certificate card safety control device is communicated, described first processing module and described Second processing module are respectively
It is encrypted using the data that described session key sends to described second transceiver module and described 3rd transceiver module, to described
The data that second transceiver module and described 3rd transceiver module receive is decrypted.
9. the system according to claim 6 to 8 is it is characterised in that described certificate card reader also includes: display module,
For showing described certificate card information.
10. the system according to any one of claim 6 to 9 is it is characterised in that described system also includes: server, with institute
State the first certificate card control device to connect, demonstrate,prove to described first for receiving and forwarding the information that described certificate card reader sends
Part card safety control device, and receive and forward the information extremely described certificate that described first certificate card safety control device sends
Card reader.
11. systems according to any one of claim 6 to 10 are it is characterised in that described system also includes: terminal, with institute
State certificate card reader to connect, for receiving and forwarding the information extremely described card that described first certificate card safety control device sends
Part card reader, and receive and forward the information extremely described first certificate card control safely that described certificate card reader sends
Control equipment.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610780374.9A CN106372554A (en) | 2016-08-30 | 2016-08-30 | Certificate card information collection method and system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610780374.9A CN106372554A (en) | 2016-08-30 | 2016-08-30 | Certificate card information collection method and system |
Publications (1)
Publication Number | Publication Date |
---|---|
CN106372554A true CN106372554A (en) | 2017-02-01 |
Family
ID=57899270
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201610780374.9A Withdrawn CN106372554A (en) | 2016-08-30 | 2016-08-30 | Certificate card information collection method and system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106372554A (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107995608A (en) * | 2017-12-05 | 2018-05-04 | 飞天诚信科技股份有限公司 | A kind of method and device being authenticated by blue tooth vehicular unit |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104639538A (en) * | 2015-01-15 | 2015-05-20 | 李明 | Identity card information obtaining method and system |
CN104899532A (en) * | 2015-05-20 | 2015-09-09 | 李明 | Method, apparatus and system for acquiring identity card information |
-
2016
- 2016-08-30 CN CN201610780374.9A patent/CN106372554A/en not_active Withdrawn
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104639538A (en) * | 2015-01-15 | 2015-05-20 | 李明 | Identity card information obtaining method and system |
CN104899532A (en) * | 2015-05-20 | 2015-09-09 | 李明 | Method, apparatus and system for acquiring identity card information |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107995608A (en) * | 2017-12-05 | 2018-05-04 | 飞天诚信科技股份有限公司 | A kind of method and device being authenticated by blue tooth vehicular unit |
CN107995608B (en) * | 2017-12-05 | 2021-01-15 | 飞天诚信科技股份有限公司 | Method and device for authentication through Bluetooth vehicle-mounted unit |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN104636777B (en) | ID card information obtains system | |
CN104521216B (en) | Authorized by portable communication equipment for user | |
CN104144424B (en) | The method, configuration equipment and wireless device of connection are established between a kind of equipment | |
CN105684483B (en) | Register meter apparatus, agent equipment, application provider and corresponding method | |
CN104010297B (en) | Wireless terminal configuration method and device and wireless terminal | |
CN104641375A (en) | Communication secured between a medical device and its remote device | |
CN107409145A (en) | The method, apparatus and computer program product locally controlled by intermediate equipment | |
CN106471514A (en) | Safe wireless charges | |
RU2014129938A (en) | SYSTEMS AND METHODS OF REMOTE MONITORING OF MEDICAL DEVICES | |
CN101114332A (en) | System and method for managing multiple smart card sessions | |
CN106027250B (en) | A kind of ID card information safe transmission method and system | |
CN105142134B (en) | Parameter acquisition and parameter transmission method and device | |
CN104899497B (en) | Identity card reading device without SAM modules, SAM apparatus and systems | |
CN102752306B (en) | Digital media management method and system based on mark | |
CN106105131A (en) | device pairing | |
CN109450648A (en) | Key generating device, data processing equipment and stream compression system | |
CN103236926A (en) | Point-to-point-based data transmission system and data transmission method | |
CN105635164B (en) | The method and apparatus of safety certification | |
CN103916851B (en) | A kind of method of safety certification, equipment and system | |
CN106357627A (en) | Method and system for reading resident identification card information and terminal | |
CN104933379B (en) | ID card information acquisition methods, apparatus and system | |
CN104579639B (en) | The realization of multi-party collaborative authorization secret key and move the system of controlled in wireless with it | |
CN106304052A (en) | A kind of method of secure communication, device, terminal and client identification module card | |
CN106372557A (en) | Method, device and system for acquiring certificate card information | |
CN106372548A (en) | Method, device and system for acquiring certificate card information |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
WW01 | Invention patent application withdrawn after publication |
Application publication date: 20170201 |
|
WW01 | Invention patent application withdrawn after publication |