CN107231404B - Data interaction method and system - Google Patents

Data interaction method and system Download PDF

Info

Publication number
CN107231404B
CN107231404B CN201611059494.6A CN201611059494A CN107231404B CN 107231404 B CN107231404 B CN 107231404B CN 201611059494 A CN201611059494 A CN 201611059494A CN 107231404 B CN107231404 B CN 107231404B
Authority
CN
China
Prior art keywords
information
authenticated
control device
identity
authentication
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201611059494.6A
Other languages
Chinese (zh)
Other versions
CN107231404A (en
Inventor
李东声
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Tendyron Corp
Original Assignee
Tendyron Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Tendyron Corp filed Critical Tendyron Corp
Priority to CN201611059494.6A priority Critical patent/CN107231404B/en
Publication of CN107231404A publication Critical patent/CN107231404A/en
Priority to PCT/CN2017/107602 priority patent/WO2018095182A1/en
Application granted granted Critical
Publication of CN107231404B publication Critical patent/CN107231404B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/20Individual registration on entry or exit involving the use of a pass
    • G07C9/22Individual registration on entry or exit involving the use of a pass in combination with an identity check of the pass holder
    • G07C9/25Individual registration on entry or exit involving the use of a pass in combination with an identity check of the pass holder using biometric data, e.g. fingerprints, iris scans or voice recognition
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/52Network services specially adapted for the location of the user terminal

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Human Computer Interaction (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)
  • Telephonic Communication Services (AREA)

Abstract

The invention provides a data interaction method and a system, wherein the method comprises the following steps: the method comprises the steps that a first server receives first information sent by a client; the first server distributes a target user for the position information and determines the identity information of the target user; the first server sends second information to the second server; the second server receives the second information and stores the second information; the authority control device detects that the first information carrier to be authenticated enters a detection range, and reads first information to be authenticated from the first information carrier to be authenticated, wherein the first information to be authenticated comprises identity information to be authenticated; the authority control device sends an identity information acquisition request to the second server; the second server receives the identity information acquisition request and sends second information to the authority control device; the authority control device receives the second information and performs first authentication on the identity information to be authenticated by using the received identity information of the target user; and the authority control device executes authorization operation after the first authentication is passed.

Description

Data interaction method and system
Technical Field
The present invention relates to the field of electronic technologies, and in particular, to a data interaction method and system.
Background
At present, in order to improve the security of a community, entrance doors of gates of some communities and entrances of buildings in the community are generally provided with entrance guards. The owner who lives in the district uses the entrance guard card issued by the district to normally go in and out the district and the building, and the personnel without the entrance guard card can not enter the district.
With the rapid development of the internet, more and more users choose to purchase goods through the internet, make an online reservation for takeout, or apply for electrical equipment maintenance on the internet, and when a service person, such as a courier or a repairman, needs to provide service at a location in a cell with a door, the service person usually cannot enter the cell. How to enable a service person without access authority to enter a cell when providing services for users is an urgent problem to be solved, and meanwhile, the security of the management of the cell is not affected.
Disclosure of Invention
The present invention is directed to solving the above problems.
The invention mainly aims to provide a data interaction method;
another object of the present invention is to provide a data interaction system.
In order to achieve the purpose, the technical scheme of the invention is realized as follows:
in the aspect of the present invention, in scheme 1, a data interaction method is further provided, including: the method comprises the steps that a first server receives first information sent by a client, wherein the first information comprises position information; the first server distributes a target user for the position information and determines the identity information of the target user; the first server sends second information to the second server, wherein the second information at least comprises identity information of a target user; the second server receives the second information and stores the second information; the authority control device detects that a first information carrier to be authenticated enters a detection range, and reads first information to be authenticated from the first information carrier to be authenticated, wherein the first information to be authenticated comprises identity information to be authenticated; the authority control device sends an identity information acquisition request to the second server; the second server receives the identity information acquisition request and sends the second information to an authority control device; the authority control device receives the second information and performs first authentication on the identity information to be authenticated by using the received identity information of the target user; and the authority control device executes authorization operation after the first authentication is passed.
Scheme 2, the method of scheme 1, further comprising: the authority control device sends a security processing instruction to the second server after the first authentication is passed or authorization operation is executed; and the second server receives the safety processing instruction, deletes the stored second information or sets the state of the second information as a failure state.
Scheme 3, the method of scheme 1, the second information further comprising: location information; before the right control device executes the authorization operation, the method further comprises the following steps: the authority control device detects that a second information carrier to be authenticated enters a detection range, and reads the second information to be authenticated, wherein the second information to be authenticated comprises: location information to be authenticated;
the authority control device carries out second authentication on the position information to be authenticated by using the received position information;
the authority control device executes authorization operation, specifically: and after the first authentication and the second authentication pass, executing authorization operation.
Scheme 4, the method of scheme 1, the second information further comprising location information; the second server sends the second information to an authority control device, and the second information comprises: and the second server sends the second information to the authority control device when the position of the authority control device is consistent with the position information.
Scheme 5, the method according to scheme 1, wherein before the authorization operation is performed by the authorization control device, the method further comprises: the authority control device detects that a second information carrier to be authenticated enters a detection range, and reads second information to be authenticated from the second information carrier to be authenticated, wherein the second information to be authenticated comprises: location information to be authenticated; the authority control device carries out second authentication on the position information to be authenticated by utilizing the position information of the authority control device; the authority control device executes authorization operation, including: and after the first authentication and the second authentication pass, executing authorization operation.
Scheme 6 shows that according to the method of any one of schemes 1 to 5, the first information carrier to be authenticated is an identity card, a graphic code carrying identity information, a bar code carrying identity information, or a biological characteristic.
Scheme 7, the method of any of schemes 1-5, further comprising: and after the first authentication is passed, the authority control device sends the identity information of the target user to the client.
In another aspect of the present invention, a data interaction system is further provided, including: the first server is used for receiving first information sent by a client, wherein the first information comprises position information; distributing a target user for the position information, and determining the identity information of the target user; sending second information to the second server, wherein the second information at least comprises identity information of a target user; the second server is used for receiving the second information and storing the second information; the authority control device is used for detecting that the first information carrier to be authenticated enters a detection range, and reading first information to be authenticated from the first information carrier to be authenticated, wherein the first information to be authenticated comprises identity information to be authenticated; and sending an identity information acquisition request to the second server; the second server is further configured to receive the identity information acquisition request and send the second information to an authority control device; the authority control device is further configured to receive the second information, and perform first authentication on the identity information to be authenticated by using the received identity information of the target user; and after the first authentication is passed, performing an authorization operation.
Scheme 9, the system according to scheme 8, the authority control device, further configured to send a security processing instruction to the second server after the first authentication is passed or an authorization operation is performed; the second server is further configured to receive the security processing instruction, delete the stored second information, or set the state of the second information to be a failure state.
Scheme 10, the system of scheme 8, the second information further comprising: location information; the authority control device is further configured to detect that a second information carrier to be authenticated enters a detection range before performing an authorization operation, and read the second information to be authenticated, where the second information to be authenticated includes: location information to be authenticated; performing second authentication on the position information to be authenticated by using the received position information; the permission control device is specifically configured to execute an authorization operation after the first authentication and the second authentication both pass.
Scheme 11, the system of scheme 8, the second information further comprising location information; and the second server is specifically used for sending the second information to the authority control device when the position of the authority control device is consistent with the position information.
Scheme 12, the system according to scheme 8, the authority control device is further configured to detect that a second information carrier to be authenticated enters a detection range before performing an authorization operation, and read second information to be authenticated from the second information carrier to be authenticated, where the second information to be authenticated includes: location information to be authenticated; performing second authentication on the position information to be authenticated by using the position information of the authority control device; the permission control device is specifically configured to execute an authorization operation after the first authentication and the second authentication both pass.
Scheme 13 and the system according to any one of schemes 8 to 12, wherein the first information carrier to be authenticated is an identity card, a graphic code carrying identity information, a barcode carrying identity information, or a biometric feature.
Scheme 14, the system according to any one of schemes 8 to 12, and the right control device are further configured to send the identity information of the target user to the client after the first authentication is passed.
The technical scheme provided by the invention can be seen that, after receiving the position information sent by the client, the first server allocates the target user and sends the identity information of the target user to the second server, the target user is a person (such as a delivery person or a meal delivery person) providing service for the client located in the position information, the second server sends the identity information of the target user to the authority control device, when the target user arrives at the position of the authority control device, the first information carrier to be authenticated is placed in the detection area of the authority control device, the authority control device detects and reads the identity information to be authenticated, performs the first authentication, and if the authentication is passed, performs the authorization operation. Therefore, in a cell provided with an access control (the access control is an authority control device), even if a target user (such as a delivery person or a food delivery person and the like) does not have an access card of the cell, the scheme of the invention can be adopted to send the identity information of the target user to the second server through the first server and send the identity information to the access control through the second server, and after the target user is authenticated by the access control through the identity information of the target user and passes the authentication, the target user can obtain authorization to enter the cell.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings needed to be used in the description of the embodiments are briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings based on the drawings without creative efforts.
Fig. 1 is a flowchart of a data interaction method according to embodiment 1 of the present invention;
fig. 2 is a schematic structural diagram of a data interaction system according to embodiment 2 of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention are clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments of the present invention without making any creative effort, shall fall within the protection scope of the present invention.
In the description of the present invention, it is to be understood that the terms "center", "longitudinal", "lateral", "up", "down", "front", "back", "left", "right", "vertical", "horizontal", "top", "bottom", "inner", "outer", and the like, indicate orientations or positional relationships based on those shown in the drawings, and are used only for convenience in describing the present invention and for simplicity in description, and do not indicate or imply that the referenced devices or elements must have a particular orientation, be constructed and operated in a particular orientation, and thus, are not to be construed as limiting the present invention. Furthermore, the terms "first," "second," and the like are used for descriptive purposes only and are not to be construed as indicating or implying a relative importance or quantity or location.
In the description of the present invention, it should be noted that, unless otherwise explicitly specified or limited, the terms "mounted," "connected," and "connected" are to be construed broadly, e.g., as meaning either a fixed connection, a removable connection, or an integral connection; can be mechanically or electrically connected; they may be connected directly or indirectly through intervening media, or they may be interconnected between two elements. The specific meanings of the above terms in the present invention can be understood in specific cases to those skilled in the art.
Embodiments of the present invention will be described in further detail below with reference to the accompanying drawings.
For the convenience of understanding the present invention, the following briefly introduces possible application scenarios in the present embodiment:
scenarios to which the present embodiment is applicable include, but are not limited to: the system comprises a client, a first server, a second server and a permission control device; the client purchases a certain service (for example, online shopping, online ordering and the like) through a client, the client sends position information (for example, a delivery address) to a first server, the first server distributes a target user (for example, a courier) for the position information and sends identity information of the target user to a second server, the second server sends the identity information of the target user to an authority control device (for example, an entrance guard set at a position identified by the delivery address), the target user holds a first information carrier to be authenticated, and when the target user reaches the position of the authority control device, the authority control device performs first authentication and authorization on the target user by using the identity information of the target user.
Example 1
In this embodiment, the second information is not stored in the permission control device, but stored in the second server, and the permission control device performs the first authentication using the received identity information of the target user after requesting to acquire the second information from the second server.
Next, a data interaction method provided in this embodiment is described in detail, and as shown in fig. 1, the method includes:
201. the method comprises the steps that a first server receives first information sent by a client, wherein the first information comprises position information;
the first server in this embodiment may communicate with the client. The first server may be a server providing online services such as online supermarkets and online food ordering, the client may be an application program for realizing online ordering, shopping or food ordering, and the client may be installed on a device (e.g., a PC, a mobile phone, a palmtop computer, etc.) held by a user.
In this embodiment, the first information may be order information, and the location information may be an order address; for example, when shopping online, the location information is specifically a delivery address, when ordering online, the location information is specifically a delivery address, and the like. In different application scenarios, the location information may represent address information with different meanings, and is not limited herein.
In addition, the first information may further include information such as an order number, order details, an order amount, an order date, a user name for placing an order, and the like, which is not limited herein.
202. The first server distributes a target user for the position information and determines the identity information of the target user;
in this embodiment, the target user is a person who provides corresponding service for the customer located in the location information, for example, when shopping online, the target user is specifically a deliverer, when ordering online, the location information is specifically a deliverer, and the like. The target user may represent a person providing different services for different application scenarios, which is not limited herein.
The identity information of the target user in this embodiment may be identity card information or may be any kind of biometric information such as fingerprint information, palm print information, or iris information. The identity card information at least comprises an identity card number, and the identity card information can be read from an identity card, or can be read from an order graphic code or an order single linear code carrying the identity card information.
203. The first server sends second information to the second server, wherein the second information at least comprises identity information of a target user;
in this embodiment, the first server and the second server are independent servers, and the respective functions are different. The first server is used for providing network services such as online shopping and online ordering, the second server is used for performing data interaction and management on the authority control device, and the first server and the second server can be communicated through a wireless network or a wired network.
204. The second server receives the second information and stores the second information;
in this embodiment, the second information at least includes identity information of the target user, and the second server stores the identity information of the target user, so that the subsequent permission control device provides the second information to the permission control device when requesting to acquire the identity information.
205. The authority control device detects that a first information carrier to be authenticated enters a detection range, and reads first information to be authenticated from the first information carrier to be authenticated, wherein the first information to be authenticated comprises identity information to be authenticated;
in this embodiment, the authority control device is provided with a module supporting an information reading function, for example, the module may be an identity card reading module reading identity card information, and correspondingly, the first information carrier to be authenticated is an identity card, and the read first information to be authenticated is identity card information; for example, the module is a code scanning module, correspondingly, the first information carrier to be authenticated can be an order graphic code or an order bar code or the like carrying identity information, and the read first information to be authenticated can be identity information of a target user read from the order graphic code or the order bar code; for another example, the module may be a biometric reading module that reads a biometric, and accordingly, the first information carrier to be authenticated is a biometric, and the read first information to be authenticated is biometric information. The biological characteristics can be fingers, and the corresponding biological characteristic information can be fingerprints; or, the biological characteristic may be a palm, and the corresponding biological characteristic information may be a palm print; alternatively, the biometric characteristic may be an eye, and the corresponding biometric information may be an iris, etc., without limitation.
206. The authority control device sends an identity information acquisition request to the second server; the second server receives the identity information acquisition request and sends the second information to an authority control device;
in this embodiment, the second server may be configured to manage the access control device, for example, in a cell with an access control, the access control device may be an access control, and the second server may be a server that can implement data interaction and management for the access control.
It should be noted that step 205 and step 206 may be executed simultaneously, or step 205 may be executed first and then step 206 is executed, which is not limited herein.
207. The authority control device receives the second information and performs first authentication on the identity information to be authenticated by using the received identity information of the target user;
208. and the authority control device executes authorization operation after the first authentication is passed.
In this embodiment, the permission control device performs first authentication on the identity information to be authenticated by using the received identity information of the target user, and may be implemented in the following manner: and judging whether the received identity information of the target user is consistent with the identity information to be authenticated, if so, passing the first authentication, and if not, failing to pass the first authentication.
In this embodiment, when the access control device is an access control device, the authorization execution operation may be as follows: and (5) unlocking the door lock.
In this embodiment, after receiving the location information sent by the client, the first server allocates a target user and sends the identity information of the target user to the second server, where the target user is a person (e.g., a delivery person or a meal delivery person) providing service for a client located in the location information, the second server stores the identity information of the target user, and sends the identity information of the target user to the authorization control device when the authorization control device requests to acquire the identity information, and when the target user arrives at the location of the authorization control device, places the first information carrier to be authenticated in the detection area of the authorization control device, and the authorization control device detects and reads the identity information to be authenticated and performs first authentication, and if the authentication passes, performs an authorization operation. It can be seen that, in a cell provided with an entrance guard (the entrance guard is an authority control device), even if a target user (such as a delivery person or a food delivery person) does not have an entrance guard card of the cell, by adopting the method provided by the invention, the identity information of the target user is sent to a second server through a first server and is stored by the second server, the identity information is acquired at the entrance guard request, the identity information of the target user is sent to the entrance guard, the entrance guard can realize the authorization of the target user by utilizing the identity information of the target user, therefore, the target user enters the cell, on one hand, a client enjoying the service provided by the target user does not need to go out to open an entrance guard for the target user, convenience is provided for the client, on the other hand, the target user is authorized to enter after passing the authentication of the authority control device when entering the cell, and the safety is guaranteed.
As an optional implementation manner of this embodiment, the method further includes: the authority control device sends a security processing instruction to the second server after the first authentication is passed or authorization operation is executed; and the second server receives the safety processing instruction, deletes the stored second information or sets the state of the second information as a failure state. In order to improve the security of the authorization operation, in this embodiment, after the authorization control device performs the current authentication or the current authorization operation by using the second information, the second server is notified to delete the stored second information, so that the second information cannot be used for the next authentication or authorization subsequently, or the second server is notified to set the state of the second information to be a failure state, that is, the second information fails after being used for the operation of the authentication and authorization once, and cannot be used for the next authentication or authorization subsequently, thereby preventing the second information from being illegally reused for the authentication and authorization in the subsequent process.
As an optional implementation manner of this embodiment, the second information further includes: location information; the position information can be used for realizing the second authentication of the target user, and the security of the authorization operation is further ensured.
As an optional implementation manner of this embodiment, the sending, by the second server, the second information to the authorization control apparatus includes: and the second server sends the second information to the authority control device when the position of the authority control device is consistent with the position information. In practical applications, the second server may manage a plurality of rights control devices, and the locations of different rights control devices are different. When the second server sends the second information, since the location information in the second information indicates the address where the target user provides the service (for example, the target user may be a courier, the location information may be a delivery address, and the access control device is an access control device), it may be determined whether the location information in the second information is consistent with the location information of the access control device (for example, it is determined whether the delivery address is consistent with the location of the access control device), and if so, the second information is sent to the access control device, and if not, the second information is not sent. In this embodiment, the authority control device whose position information is consistent with the position information in the second information receives the second information, and the authority control device whose position information is inconsistent with the position information in the second information does not receive the second information, so that the authority control device can authorize the target user when the position information of the target user is consistent with the position of the authority control device in the subsequent process, otherwise, the authority control device does not authorize the target user.
As an optional implementation manner of this embodiment, before the authorization operation is performed by the authorization control apparatus, in addition to performing the first authentication on the target user by using the identity information, the authorization control apparatus may further perform the second authentication on the target user by using the location information in the second information requested to be obtained from the second server, and specifically, the method further includes: the authority control device detects that a second information carrier to be authenticated enters a detection range, and reads the second information to be authenticated, wherein the second information to be authenticated comprises: location information to be authenticated; the authority control device carries out second authentication on the position information to be authenticated by using the received position information; the authority control device executes authorization operation, specifically: and after the first authentication and the second authentication pass, executing authorization operation.
In this embodiment, the second information carrier to be authenticated includes an order graphic code or an order barcode carrying order information, and when a target user carries a good (the goods are attached with the order graphic code or the order barcode representing the order information) to reach the location of the authority control device, the authority control device may read a delivery address from the order graphic code or the order barcode, where the delivery address is equivalent to the location information to be authenticated.
In the following, the target user is a courier, and the location information is a delivery address: for example, 8 buildings are arranged in a community, each building is provided with an entrance guard, when the entrance guard positioned in the 8 th building receives second information, if a delivery address in the second information is the 8 th building, subsequently, if a courier arrives at the 8 th building, if the delivery address of goods to be delivered by the courier is the 8 th building, the entrance guard of the 8 th building reads the delivery address by scanning order information and requests a second server to acquire the second information (the second information comprises identity information and the delivery address of the courier), and if the delivery address is consistent with the received delivery address by comparing position information, the entrance guard of the 8 th building authorizes the courier, so that the courier enters the 8 th building; and if the delivery address of the goods to be delivered by the courier is not the 8 th floor, the 8 th floor access control reads the delivery address by scanning order information, and the delivery address is inconsistent with the received delivery address according to the result obtained by comparing the position information, so that the courier cannot obtain the access control authorization of the 8 th floor, and cannot enter the 8 th floor.
As an optional implementation manner of this embodiment, before the authorization operation is performed by the authority control device, in addition to performing the first authentication on the target user by using the identity information, the authority control device may also perform the second authentication on the target user by using the location information of the authority control device, in this implementation manner, the authority control device does not need to request to acquire the location information in the second information from the second server, and performs the authentication directly by using the location information of the authority control device, specifically, before the authority control device performs the authorization operation, the method further includes: the authority control device detects that a second information carrier to be authenticated enters a detection range, and reads second information to be authenticated from the second information carrier to be authenticated, wherein the second information to be authenticated comprises: location information to be authenticated; the authority control device carries out second authentication on the position information to be authenticated by utilizing the position information of the authority control device; the authority control device executes authorization operation, including: and after the first authentication and the second authentication pass, executing authorization operation.
In this embodiment, the second information carrier to be authenticated includes an order graphic code or an order barcode carrying order information, and the like, and the authorization control device can read a delivery address from the order graphic code or the order barcode, where the delivery address is equivalent to the location information to be authenticated, and since the authorization control device also has location information, if the read location information to be authenticated is consistent with the location information of the authorization control device, the second authentication is passed, and otherwise the second authentication is not passed. That is, when the authorization control device performs the second authentication by using the location information, the authorization of the authorization control device can be obtained when the location (for example, the delivery address) of the service provided by the target user is consistent with the location information of the authorization control device, otherwise, the authorization cannot be obtained, thereby further ensuring the security of the authorization operation.
It should be noted that, in this embodiment, when both the first information carrier to be authenticated and the second information carrier to be authenticated carry the identity information and the location information of the target user, the first information carrier to be authenticated and the second information carrier to be authenticated may be the same carrier, for example, both the first information carrier to be authenticated and the second information carrier to be authenticated are order graphic codes or order bar codes, and when the order graphic codes or the order bar codes carry the identity information and the location information of the target user, the authority control device may obtain the identity information of the target user and may also obtain the location information by scanning the codes. Of course, the first information carrier to be authenticated and the second information carrier to be authenticated may be different carriers, for example, the first information carrier to be authenticated is an identity card of a target user, the second information carrier to be authenticated is an order graphic code or an order barcode, and the order graphic code or the order barcode carries location information.
As an optional implementation manner of this embodiment, the method further includes: and after the first authentication is passed, the authority control device sends the identity information of the target user to the client. The right control device sends the identity information of the target user to the client so that the client can prompt the client that the target user passes the authorization, for example, after the access control passes the first authentication of the courier, the access control sends the identity information of the courier to the client so that the client can prompt the courier that the courier passes the authentication of the access control and is about to deliver goods.
Example 2
The present embodiment provides a data interaction system, which can execute the data interaction method in the above embodiment 2, and the system includes: a first server 21, a second server 22, and a right control device 23;
the first server 21 is configured to receive first information sent by a client, where the first information includes location information; distributing a target user for the position information, and determining the identity information of the target user; sending second information to the second server, wherein the second information at least comprises identity information of a target user;
the second server 22 is configured to receive the second information and store the second information;
the authority control device 23 is configured to detect that the first information carrier to be authenticated enters a detection range, and read first information to be authenticated from the first information carrier to be authenticated, where the first information to be authenticated includes identity information to be authenticated; and sending 22 an identity information acquisition request to said second server;
the second server 22 is further configured to receive the identity information obtaining request, and send the second information to the permission control device 23;
the authority control device 23 is further configured to receive the second information, and perform first authentication on the identity information to be authenticated by using the received identity information of the target user; and after the first authentication is passed, performing an authorization operation.
The first server in this embodiment may communicate with the client. The first server may be a server providing online services such as online supermarkets and online food ordering, the client may be an application program for realizing online ordering, shopping or food ordering, and the client may be installed on a device (e.g., a PC, a mobile phone, a palmtop computer, etc.) held by a user.
In this embodiment, the first information may be order information, and the location information may be an order address; for example, when shopping online, the location information is specifically a delivery address, when ordering online, the location information is specifically a delivery address, and the like. In different application scenarios, the location information may represent address information with different meanings, and is not limited herein.
In addition, the first information may further include information such as an order number, order details, an order amount, an order date, a user name for placing an order, and the like, which is not limited herein.
In this embodiment, the target user is a person who provides corresponding service for the customer located in the location information, for example, when shopping online, the target user is specifically a deliverer, when ordering online, the location information is specifically a deliverer, and the like. The target user may represent a person providing different services for different application scenarios, which is not limited herein.
The identity information of the target user in this embodiment may be identity card information or may be any kind of biometric information such as fingerprint information, palm print information, or iris information.
In this embodiment, the first server and the second server are independent servers, and the respective functions are different. The first server is used for providing network services such as online shopping and online ordering, the second server is used for performing data interaction and management on the authority control device, and the first server and the second server can be communicated through a wireless network or a wired network.
In this embodiment, the authority control device is provided with a module supporting an information reading function, for example, the module may be an identity card reading module reading identity card information, and correspondingly, the first information carrier to be authenticated is an identity card, and the read first information to be authenticated is identity card information; for example, the module is a code scanning module, correspondingly, the first information carrier to be authenticated can be an order graphic code or an order bar code or the like carrying identity information, and the read first information to be authenticated can be identity information of a target user read from the order graphic code or the order bar code; for another example, the module may be a biometric reading module that reads a biometric, and accordingly, the first information carrier to be authenticated is a biometric, and the read first information to be authenticated is biometric information. The biological characteristics can be fingers, and the corresponding biological characteristic information can be fingerprints; or, the biological characteristic may be a palm, and the corresponding biological characteristic information may be a palm print; alternatively, the biometric characteristic may be an eye, and the corresponding biometric information may be an iris, etc., without limitation.
In this embodiment, the permission control device performs first authentication on the identity information to be authenticated by using the received identity information of the target user, and may be implemented in the following manner: and judging whether the received identity information of the target user is consistent with the identity information to be authenticated, if so, passing the first authentication, and if not, failing to pass the first authentication.
In this embodiment, when the access control device is an access control device, the authorization execution operation may be as follows: and (5) unlocking the door lock.
In this embodiment, after receiving the location information sent by the client, the first server allocates a target user and sends the identity information of the target user to the second server, where the target user is a person (e.g., a delivery person or a meal delivery person) providing service for a client located in the location information, the second server stores the identity information of the target user, and sends the identity information of the target user to the authorization control device when the authorization control device requests to acquire the identity information, and when the target user arrives at the location of the authorization control device, places the first information carrier to be authenticated in the detection area of the authorization control device, and the authorization control device detects and reads the identity information to be authenticated and performs first authentication, and if the authentication passes, performs an authorization operation. Therefore, in a cell provided with an access control (the access control is an authority control device), even if a target user (such as a delivery person or a food delivery person and the like) does not have an access card of the cell, the identity information of the target user is sent to the second server by the first server and is stored by the second server, the identity information is obtained when the access control requests, the identity information of the target user is sent to the access control, and the access control can authorize the target user by using the identity information of the target user, so that the target user enters the cell.
As an optional implementation manner of this embodiment, the authority control device is further configured to send a security processing instruction to the second server after the first authentication is passed or an authorization operation is performed; the second server is further configured to receive the security processing instruction, delete the stored second information, or set the state of the second information to be a failure state. In order to improve the security of the authorization operation, in this embodiment, after the authorization control device performs the current authentication or the current authorization operation by using the second information, the second server is notified to delete the stored second information, so that the second information cannot be used for the next authentication or authorization subsequently, or the second server is notified to set the state of the second information to be a failure state, that is, the second information fails after being used for the operation of the authentication and authorization once, and cannot be used for the next authentication or authorization subsequently, thereby preventing the second information from being illegally reused for the authentication and authorization in the subsequent process.
As an optional implementation manner of this embodiment, the second information further includes: location information; the position information can be used for realizing the second authentication of the target user, and the security of the authorization operation is further ensured.
As an optional implementation manner of this embodiment, the second server is specifically configured to send the second information to the authorization control apparatus when the location of the authorization control apparatus is consistent with the location information. In practical applications, the second server may manage a plurality of rights control devices, and the locations of different rights control devices are different. When the second server sends the second information, since the location information in the second information indicates the address where the target user provides the service (for example, the target user may be a courier, the location information may be a delivery address, and the access control device is an access control device), it may be determined whether the location information in the second information is consistent with the location information of the access control device (for example, it is determined whether the delivery address is consistent with the location of the access control device), and if so, the second information is sent to the access control device, and if not, the second information is not sent. In this embodiment, the authority control device whose position information is consistent with the position information in the second information receives the second information, and the authority control device whose position information is inconsistent with the position information in the second information does not receive the second information, so that the authority control device can authorize the target user when the position information of the target user is consistent with the position of the authority control device in the subsequent process, otherwise, the authority control device does not authorize the target user.
As an optional implementation manner of this embodiment, before the authorization operation is performed by the authorization control apparatus, in addition to performing first authentication on the target user by using the identity information, the authorization control apparatus may further perform second authentication on the target user by using location information in second information requested to be obtained from a second server, specifically, before the authorization operation is performed, the authorization control apparatus is further configured to detect that a second information carrier to be authenticated enters a detection range, and read the second information to be authenticated, where the second information to be authenticated includes: location information to be authenticated; performing second authentication on the position information to be authenticated by using the received position information; the permission control device is specifically configured to execute an authorization operation after the first authentication and the second authentication both pass.
In this embodiment, the second information carrier to be authenticated includes an order graphic code or an order barcode carrying order information, and when a target user carries a good (the goods are attached with the order graphic code or the order barcode representing the order information) to reach the location of the authority control device, the authority control device may read a delivery address from the order graphic code or the order barcode, where the delivery address is equivalent to the location information to be authenticated.
As an optional implementation manner of this embodiment, before the authorization operation is performed by the authority control device, in addition to performing the first authentication on the target user by using the identity information, the authority control device may also perform the second authentication on the target user by using the location information of the authority control device, in this implementation manner, the authority control device does not need to request to acquire the location information in the second information from the second server, and performs the authentication directly by using the location information of the authority control device, specifically, the authority control device is further configured to, before the authorization operation is performed, detect that the second information carrier to be authenticated enters a detection range, and read the second information to be authenticated from the second information carrier to be authenticated, where the second information to be authenticated includes: location information to be authenticated; performing second authentication on the position information to be authenticated by using the position information of the authority control device; the permission control device is specifically configured to execute an authorization operation after the first authentication and the second authentication both pass.
It should be noted that, in this embodiment, when both the first information carrier to be authenticated and the second information carrier to be authenticated carry the identity information and the location information of the target user, the first information carrier to be authenticated and the second information carrier to be authenticated may be the same carrier, for example, both the first information carrier to be authenticated and the second information carrier to be authenticated are order graphic codes or order bar codes, and when the order graphic codes or the order bar codes carry the identity information and the location information of the target user, the authority control device may obtain the identity information of the target user and may also obtain the location information by scanning the codes. Of course, the first information carrier to be authenticated and the second information carrier to be authenticated may be different carriers, for example, the first information carrier to be authenticated is an identity card of a target user, the second information carrier to be authenticated is an order graphic code or an order barcode, and the order graphic code or the order barcode carries location information.
As an optional implementation manner of this embodiment, the authority control device is further configured to send the identity information of the target user to the client after the first authentication is passed. The right control device sends the identity information of the target user to the client so that the client can prompt the client that the target user passes the authorization, for example, after the access control passes the first authentication of the courier, the access control sends the identity information of the courier to the client so that the client can prompt the courier that the courier passes the authentication of the access control and is about to deliver goods.
Any process or method descriptions in flow charts or otherwise described herein may be understood as representing modules, segments, or portions of code which include one or more executable instructions for implementing specific logical functions or steps of the process, and alternate implementations are included within the scope of the preferred embodiment of the present invention in which functions may be executed out of order from that shown or discussed, including substantially concurrently or in reverse order, depending on the functionality involved, as would be understood by those reasonably skilled in the art of the present invention.
It should be understood that portions of the present invention may be implemented in hardware, software, firmware, or a combination thereof. In the above embodiments, the various steps or methods may be implemented in software or firmware stored in memory and executed by a suitable instruction execution system. For example, if implemented in hardware, as in another embodiment, any one or combination of the following techniques, which are known in the art, may be used: a discrete logic circuit having a logic gate circuit for implementing a logic function on a data signal, an application specific integrated circuit having an appropriate combinational logic gate circuit, a Programmable Gate Array (PGA), a Field Programmable Gate Array (FPGA), or the like.
It will be understood by those skilled in the art that all or part of the steps carried by the method for implementing the above embodiments may be implemented by hardware related to instructions of a program, which may be stored in a computer readable storage medium, and when the program is executed, the program includes one or a combination of the steps of the method embodiments.
In addition, functional units in the embodiments of the present invention may be integrated into one processing module, or each unit may exist alone physically, or two or more units are integrated into one module. The integrated module can be realized in a hardware mode, and can also be realized in a software functional module mode. The integrated module, if implemented in the form of a software functional module and sold or used as a stand-alone product, may also be stored in a computer readable storage medium.
The storage medium mentioned above may be a read-only memory, a magnetic or optical disk, etc.
In the description herein, references to the description of the term "one embodiment," "some embodiments," "an example," "a specific example," or "some examples," etc., mean that a particular feature, structure, material, or characteristic described in connection with the embodiment or example is included in at least one embodiment or example of the invention. In this specification, the schematic representations of the terms used above do not necessarily refer to the same embodiment or example. Furthermore, the particular features, structures, materials, or characteristics described may be combined in any suitable manner in any one or more embodiments or examples.
Although embodiments of the present invention have been shown and described above, it is understood that the above embodiments are exemplary and should not be construed as limiting the present invention, and that variations, modifications, substitutions and alterations can be made in the above embodiments by those of ordinary skill in the art without departing from the principle and spirit of the present invention. The scope of the invention is defined by the appended claims and equivalents thereof.

Claims (12)

1. A method for data interaction, comprising:
the method comprises the steps that a first server receives first information sent by a client, wherein the first information comprises position information;
the first server allocates a target user for the position information, and determines identity information of the target user, wherein the identity information of the target user comprises: identity card information or biometric information, wherein the identity card information is read from an identity card of the target user;
the first server sends second information to a second server, wherein the second information at least comprises identity information and position information of the target user;
the second server receives the second information and stores the second information;
the method comprises the steps that an authority control device detects that a first information carrier to be authenticated enters a detection range, and reads first information to be authenticated from the first information carrier to be authenticated, wherein the first information to be authenticated comprises identity information to be authenticated; the authority control device sends an identity information acquisition request to the second server; the second server receives the identity information acquisition request, and sends the second information to the authority control device when the position of the authority control device is consistent with the position information;
the authority control device receives the second information and performs first authentication on the identity information to be authenticated by using the received identity information of the target user;
the authority control device executes authorization operation after the first authentication is passed, wherein the identity information to be authenticated comprises identity card information under the condition that the first information carrier to be authenticated is an identity card; and under the condition that the first information carrier to be authenticated is the biological characteristic, the identity information to be authenticated comprises biological characteristic information.
2. The method of claim 1, further comprising: the authority control device sends a security processing instruction to the second server after the first authentication is passed or authorization operation is executed; and the second server receives the safety processing instruction, deletes the stored second information or sets the state of the second information as a failure state.
3. The method of claim 1,
before the right control device executes the authorization operation, the method further comprises the following steps:
the authority control device detects that a second information carrier to be authenticated enters a detection range, and reads the second information to be authenticated, wherein the second information to be authenticated comprises: location information to be authenticated;
the authority control device carries out second authentication on the position information to be authenticated by using the received position information;
the authority control device executes authorization operation, specifically: and after the first authentication and the second authentication pass, executing authorization operation.
4. The method of claim 1, wherein before the authorization control device performs the authorization operation, the method further comprises:
the authority control device detects that a second information carrier to be authenticated enters a detection range, and reads second information to be authenticated from the second information carrier to be authenticated, wherein the second information to be authenticated comprises: location information to be authenticated;
the authority control device carries out second authentication on the position information to be authenticated by utilizing the position information of the authority control device;
the authority control device executes authorization operation, including: and after the first authentication and the second authentication pass, executing authorization operation.
5. The method according to any one of claims 1 to 4, wherein the first information carrier to be authenticated is an identity card, a graphic code carrying identity information, a bar code carrying identity information, or a biometric feature.
6. The method according to any one of claims 1-4, further comprising: and after the first authentication is passed, the authority control device sends the identity information of the target user to the client.
7. A data interaction system, comprising:
the first server is used for receiving first information sent by a client, wherein the first information comprises position information; distributing a target user for the position information, and determining the identity information of the target user; sending second information to a second server, wherein the second information at least comprises the identity information and the position information of the target user, and the identity information of the target user comprises: identity card information or biometric information, wherein the identity card information is read from an identity card of the target user;
the second server is used for receiving the second information and storing the second information;
the authority control device is used for detecting that the first information carrier to be authenticated enters a detection range, and reading first information to be authenticated from the first information carrier to be authenticated, wherein the first information to be authenticated comprises identity information to be authenticated; and sending an identity information acquisition request to the second server;
the second server is further configured to receive the identity information acquisition request, and send the second information to the permission control device when the position of the permission control device is consistent with the position information;
the authority control device is further configured to receive the second information, and perform first authentication on the identity information to be authenticated by using the received identity information of the target user; after the first authentication is passed, performing an authorization operation, wherein the identity information to be authenticated comprises identity card information under the condition that the first information carrier to be authenticated is an identity card; and under the condition that the first information carrier to be authenticated is the biological characteristic, the identity information to be authenticated comprises biological characteristic information.
8. The system according to claim 7, wherein the right control device is further configured to send a security processing instruction to the second server after the first authentication is passed or an authorization operation is performed;
the second server is further configured to receive the security processing instruction, delete the stored second information, or set the state of the second information to be a failure state.
9. The system of claim 7,
the authority control device is further configured to detect that a second information carrier to be authenticated enters a detection range before performing an authorization operation, and read the second information to be authenticated, where the second information to be authenticated includes: location information to be authenticated; performing second authentication on the position information to be authenticated by using the received position information;
the permission control device is specifically configured to execute an authorization operation after the first authentication and the second authentication both pass.
10. The system of claim 7,
the authority control device is further configured to detect that a second information carrier to be authenticated enters a detection range before performing an authorization operation, and read second information to be authenticated from the second information carrier to be authenticated, where the second information to be authenticated includes: location information to be authenticated; performing second authentication on the position information to be authenticated by using the position information of the authority control device;
the permission control device is specifically configured to execute an authorization operation after the first authentication and the second authentication both pass.
11. The system according to any one of claims 7 to 10, wherein the first information carrier to be authenticated is an identity card, a graphic code carrying identity information, a bar code carrying identity information, or a biometric feature.
12. The system according to any one of claims 7-10, wherein the right control device is further configured to send the identity information of the target user to the client after the first authentication is passed.
CN201611059494.6A 2016-11-25 2016-11-25 Data interaction method and system Active CN107231404B (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN201611059494.6A CN107231404B (en) 2016-11-25 2016-11-25 Data interaction method and system
PCT/CN2017/107602 WO2018095182A1 (en) 2016-11-25 2017-10-25 Method and system for data exchange

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201611059494.6A CN107231404B (en) 2016-11-25 2016-11-25 Data interaction method and system

Publications (2)

Publication Number Publication Date
CN107231404A CN107231404A (en) 2017-10-03
CN107231404B true CN107231404B (en) 2020-06-09

Family

ID=59932433

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201611059494.6A Active CN107231404B (en) 2016-11-25 2016-11-25 Data interaction method and system

Country Status (1)

Country Link
CN (1) CN107231404B (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2018095182A1 (en) * 2016-11-25 2018-05-31 天地融科技股份有限公司 Method and system for data exchange
CN109754509A (en) * 2019-01-08 2019-05-14 浙江汉默生链商科技有限公司 Personnel pass in and out the safe verification method of closed area, device and system
CN111325878B (en) * 2020-01-20 2022-04-26 北京京东振世信息技术有限公司 Method, apparatus and medium for information interaction

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103810552A (en) * 2012-11-09 2014-05-21 西安景行数创信息科技有限公司 Snack industry meal serving scheduling system
CN105095978A (en) * 2015-09-30 2015-11-25 张华� Ordering method and device based on two-dimension code and door control system
CN105528816A (en) * 2014-09-28 2016-04-27 中国移动通信集团辽宁有限公司 Intelligent gate inhibition realization method, terminal, gate inhibition identification apparatus and user authorization service center
CN105741395A (en) * 2016-02-03 2016-07-06 慧锐通智能科技股份有限公司 Entrance guard access method and system based on two-dimension code and face identification

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103810552A (en) * 2012-11-09 2014-05-21 西安景行数创信息科技有限公司 Snack industry meal serving scheduling system
CN105528816A (en) * 2014-09-28 2016-04-27 中国移动通信集团辽宁有限公司 Intelligent gate inhibition realization method, terminal, gate inhibition identification apparatus and user authorization service center
CN105095978A (en) * 2015-09-30 2015-11-25 张华� Ordering method and device based on two-dimension code and door control system
CN105741395A (en) * 2016-02-03 2016-07-06 慧锐通智能科技股份有限公司 Entrance guard access method and system based on two-dimension code and face identification

Also Published As

Publication number Publication date
CN107231404A (en) 2017-10-03

Similar Documents

Publication Publication Date Title
CN107230265B (en) Data interaction method and system
US10059358B2 (en) Method and system for preventing shopping cart theft
AU2016273888B2 (en) Controlling physical access to secure areas via client devices in a networked environment
CN104484617B (en) A kind of Access and control strategy of database method based on many strategy fusions
US10163288B2 (en) Access control using portable electronic devices
US9286741B2 (en) Apparatus and method for access control
CA2924381C (en) Access control using portable electronic devices
CN109074693B (en) Virtual panel for access control system
KR20200003379A (en) Resource transfer method, fund payment method, and electronic device
CN108694760B (en) Access control card issuing method, access control card management method, visitor system and self-service terminal
CN103971039B (en) Access control system and method with GPS location verification
JP6081859B2 (en) Entrance / exit management system and entrance / exit management method
US20210073760A1 (en) Automated transaction machine with associated beacon
CN107273991A (en) The quick cloud service system of shared lodging of identity-based Intelligent Recognition
WO2020014311A1 (en) Applying image analytics and machine learning to lock systems in hotels
CN107231404B (en) Data interaction method and system
US20120227092A1 (en) Controlling user access to electronic resources without password
EP3483102B1 (en) Elevator request authorization system
CN107231340B (en) Data interaction method and system
CN110969474B (en) Resource acquisition processing method, data processing system, storage medium and processor
US20220262184A1 (en) Property management systems
US20180114005A1 (en) System and method for managing identity information stored in a cloud server
WO2018095182A1 (en) Method and system for data exchange
NL2025889B1 (en) Systems, methods, computer program product and interfaces for controlling authorizations to access and/or use a physical space by a person, and spaces controlled thereby
JP2024122319A (en) User authentication system, authentication terminal, management server, business device, user terminal, and user authentication method using the user authentication system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant