CN107302435A - Identity information processing method, system and its corresponding server - Google Patents

Identity information processing method, system and its corresponding server Download PDF

Info

Publication number
CN107302435A
CN107302435A CN201710601290.9A CN201710601290A CN107302435A CN 107302435 A CN107302435 A CN 107302435A CN 201710601290 A CN201710601290 A CN 201710601290A CN 107302435 A CN107302435 A CN 107302435A
Authority
CN
China
Prior art keywords
eid
server
information
codings
identity
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201710601290.9A
Other languages
Chinese (zh)
Other versions
CN107302435B (en
Inventor
董成根
严硕
刘海龙
郭宏杰
亓文华
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Eidlink Information Technology Co Ltd
Original Assignee
Eidlink Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Eidlink Information Technology Co Ltd filed Critical Eidlink Information Technology Co Ltd
Priority to CN201710601290.9A priority Critical patent/CN107302435B/en
Publication of CN107302435A publication Critical patent/CN107302435A/en
Application granted granted Critical
Publication of CN107302435B publication Critical patent/CN107302435B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0853Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0861Network architectures or network communication protocols for network security for authentication of entities using biometrical features, e.g. fingerprint, retina-scan

Abstract

The present invention relates to Internet technical field, there is provided a kind of identity information processing method, system and its corresponding server, the identity information processing system includes the terminal with reading identity card function, for control terminal reading identity card, and the client of the identity card cipher-text information not decoded that receiving terminal is read, the identity card cipher-text information not decoded received to client carries out the cloud decoding server of decoding relevant treatment, the cloud decoding server is remotely connected with client by internet, eID special equipments for generating eID codings, the client-server of background service is provided for client, and receive the identity information that cloud decoding server is uploaded, the supervision server of eID codings.In the present invention, realize while user real identification information privacy is protected, improve the authenticity of authentication and the purpose of security, and ensure that timely grasp of the supervision server to identity information is supervised.

Description

Identity information processing method, system and its corresponding server
Technical field
The present invention relates to Internet technical field, more particularly to a kind of identity information processing method, system and its correspondingly Server.
Background technology
EID is encoded, and is the abbreviation of Ministry of Public Security citizen network identity application identities (appeIDcode), is referred to user specific Identity Code used in network application, is widely used in the fields such as secret protection, real-name authentication.The coding is believed by identity Breath is generated by special equipment, and same user can obtain different codings, i.e. appeIDcode in different network applications. AppeIDcode can effectively prevent behavioral data of the user in heterogeneous networks application to be accumulated, analyze and follow the trail of, at utmost Protection personal identification and privacy information.
By foreground third party app or background service interface, provide corresponding with subscriber identity information to application AppeIDcode, replaces identity information with appeIDcode, so that " the foreground anonymity backstage real name " of subscriber identity information is realized, To reduce risk of the personally identifiable informations such as name, identification card number in online retention, leakage or crime of illegal collecting and supplying blood.
The real-name authentication used on the market probably has following several ways:
One, pass through the information in the reader reading identity card chip with reading identity card function.
It is divided into 2 kinds of patterns, off-line mode or online mode using the mode of identity card reader.It has been widely used in The fields such as bank, lodging, Internet bar.
Off-line mode needs to be embedded in private identity card kernel control module (SAM) in identity card reader, wirelessly to pass Defeated mode carries out safety with the special chip in second generation identity card and veritified after certification, and the personal information data in chip is understood Exported with correspondence, then by USB interface of computer, this information is uploaded to computer.Read soft by the way that computer is mounted Part, decodes the information into lteral data and photograph shows, points out and stored on computers.
Online mode, computer is interacted by internet with high in the clouds identity card kernel control module (SAM), then is passed through The Card Reader instruction that USB sends SAM is transferred in identity card reader, and the cipher-text information in the identity card chip read is passed High in the clouds SAM modules are defeated by, passback lteral data information is to computer after SAM decrypts ciphertext, and computer completes cleartext information Storage.
Two, pass through the information printed by manual type reading identity card positive and negative.
Business personnel compares the photo on identity card and the goodness of fit of people, it is determined that manual entry identity card positive and negative letter after me Breath.
Three, compared or bio-identification mode, be compared with the characteristic value of storage by associating.
" association compare " method, i.e., the personal information such as " name+identification card number " inputted user, passes to backstage to individual The correctness of information is compared to assert its identity;Bio-identification is that the information such as the portrait or fingerprint of user is corresponding with backstage Personal data are compared.
Four, complete real-name authentication by the way of eID carriers
EID is network electronic identity, is uniformly signed and issued, is stepped on by eID by " Ministry of Public Security citizen network identity identifying system " It is issued to after note issuer (current main registration issuer is industrial and commercial bank) face label in citizen's hand, by testing during real name EID carriers and eID passwords are demonstrate,proved, real-name authentication is completed.
Need to store the identity information of user and business letter according to above-mentioned several ways, in computer or in server Breath, once there is system problem, is likely to result in the privacy leakage of user.
Although using eID modes personal identification can be avoided illegally to be followed the trail of, because eID carriers on the market activation amount compared with Low, citizen is relatively low to eID cognition degree, can't widely use.
The content of the invention
The present invention provides a kind of identity information processing method, system and its corresponding server, to protect user real identification While information privacy, the authenticity of authentication is improved, and ensures that timely grasp of the supervision server to identity information is supervised Pipe.
The invention provides a kind of identity information processing method, applied to cloud decoding server, methods described includes:
The eID coding registration requests that client is sent are received, the identity card carried in the eID codings registration request is obtained Cipher-text information and appid;
Corresponding eID codings and identity information are determined according to the identity card cipher-text information and appid;
To supervision server eID coding and identity information are sent, so that the supervision server is according to receiving Business information, eID codings and identity information carry out business association.
It is preferably, described that corresponding eID codings and identity information are determined according to the identity card cipher-text information and appid, Including:
The identity card cipher-text information is decoded, identity information is obtained;
EID codings are obtained according to the identity information and appid.
Preferably, it is described that eID codings are obtained according to the identity information and appid, specifically include:
EID coding generation requests are sent to eID special equipments according to the identity information and appid;
Receive the correspondence identity information of the eID special equipments return and appid eID codings.
Preferably, business information is not carried in the eID codings registration request, methods described also includes:
The eID codings are sent to the client and to the notification message of the identity card cipher-text information successfully decoded, So that eID codings and business information are sent to the supervision server through client-server and enter industry by the client Business association.
Preferably, business information is not carried in the eID codings registration request, methods described also includes:
The notification message to the identity card cipher-text information successfully decoded is sent to the client;
The eID coded queries request that client-server is sent is received, business is carried in the eID coded queries request Serial number;
The eID codings corresponding to the business serial number are sent to the client-server, so that the client takes The eID business information for encoding and receiving the client transmission is sent to the supervision server and carries out business by business device Association.
Preferably, business information is carried in the eID codings registration request, methods described also includes:
The business information is sent to the supervision server;
The business information, eID codings are sent to client-server and the identity card cipher-text information is decoded into The notification message of work(.
Preferably, methods described also includes:
Receive the Card Reader instruction request for the reading identity card cipher-text information that client is sent;
Card Reader instruction response is returned to, being carried in the Card Reader instruction response allows the response of reading identity card cipher-text information Message.
The invention also discloses a kind of identity information processing method, applied to supervision server, methods described includes:
Receive eID codings and identity information that cloud decoding server is sent;
Business association is carried out according to the business information received and eID codings and identity information.
Preferably, the business information received is by cloud decoding server transmission or by client-server Send.
Preferably, when the business information received is that the cloud decoding server is sent, methods described also includes:
It is close to identity card that the business information, eID codings and the cloud decoding server are sent to client-server The notification message of literary information successfully decoded.
The invention also discloses a kind of cloud decoding server, including:
First processing units, the eID for receiving client transmission encodes registration request, obtains the eID codings registration The identity card cipher-text information and appid carried in request;
Second processing unit, for determining corresponding eID codings and identity according to the identity card cipher-text information and appid Information;
Transmitting element, for sending the eID codings and identity information to supervision server.
Preferably,
The second processing unit, for being decoded to the identity card cipher-text information, obtains identity information;According to the body Part information and appid obtain eID codings.
Preferably,
The transmitting element, is additionally operable to send eID coding lifes to eID special equipments according to the identity information and appid Into request;
The second processing unit, specifically for receive the correspondence identity information that the eID special equipments return and Appid eID codings.
Preferably, business information is not carried in the eID codings registration request,
The transmitting element, is additionally operable to send the eID codings and to the identity card cipher-text information to the client The notification message of successfully decoded.
Preferably, business information is not carried in the eID codings registration request,
The transmitting element, is additionally operable to send the notice to the identity card cipher-text information successfully decoded to the client Message;
The first processing units, the eID coded queries request for receiving client-server transmission, the eID is compiled Business serial number is carried in code inquiry request;
The transmitting element, is additionally operable to send the eID volumes corresponding to the business serial number to the client-server Code.
Preferably, business information is carried in the eID codings registration request,
The transmitting element, is additionally operable to send the business information to the supervision server;Sent out to client-server Send the business information, eID codings and to the notification message of the identity card cipher-text information successfully decoded.
Preferably,
The second processing unit, the Card Reader instruction for being additionally operable to receive the reading identity card cipher-text information that client is sent please Ask;Card Reader instruction response is returned to, being carried in the Card Reader instruction response allows the response message of reading identity card cipher-text information.
The invention also discloses a kind of supervision server, including:
Receiving unit, eID codings and identity information for receiving the transmission of cloud decoding server;
Processing unit, for carrying out business pass according to business information and the eID coding and identity information that receive Connection.
Preferably, the business information that the receiving unit is received is by cloud decoding server transmission or by client Hold what server was sent.
Preferably, when the business information that the receiving unit is received is to be sent by the cloud decoding server, also wrap Include:
Transmitting element, for sending the business information, eID codings and the cloud decoding service to client-server Notification message of the device to identity card cipher-text information successfully decoded.
The invention also discloses a kind of identity information processing system, the processing system includes cloud decoding server and supervision Server;
The cloud decoding server, the eID for receiving client transmission encodes registration request, obtains the eID codings The identity card cipher-text information and appid carried in registration request;Determined according to the identity card cipher-text information and appid corresponding EID is encoded and identity information;The eID codings and identity information are sent to supervision server;
The supervision server, eID codings and identity information for receiving the transmission of cloud decoding server;According to receiving Business information and the eID coding and identity information carry out business association.
Preferably, in addition to:
Client, the Card Reader instruction request for sending reading identity card cipher-text information;Receive the cloud decoding server The Card Reader instruction response of return, being carried in the Card Reader instruction response allows the response message of reading identity card cipher-text information; It is additionally operable to receive the identity card cipher-text information that card-reading terminal is sent;EID coding registration requests are sent to the cloud decoding server, The identity card cipher-text information and appid are carried in the eID codings registration request;Receive the cloud decoding server or visitor Notification message of the cloud decoding server that family end server is sent to the identity card cipher-text information successfully decoded;
Client-server, is asked for sending eID coded queries to the cloud decoding server, and the eID codings are looked into Ask in request and carry business serial number;Receive the eID corresponding to the business serial number that the cloud decoding server is sent Coding, and the eID business information for encoding and receiving the client transmission is sent to the supervision server;Receive The cloud decoding server that the cloud decoding server or the supervision server are sent is to the identity card cipher-text information solution The successful notification message of code;
EID special equipments, for receiving the eID coding generation requests that the cloud decoding server is sent;According to the eID The identity information and appid generation eID codings carried in coding generation request;The eID is sent to the cloud decoding server Coding.
Compared with prior art, the present invention at least has advantages below:
In the present invention, corresponding eID codings and identity information are determined by identity card cipher-text information and appid, is realized While user real identification information privacy is protected, the authenticity of authentication and the purpose of security are improved;And The business information received, eID codings and identity information are subjected to business association in supervision server, policing services are realized Timely grasp of the device to identity information is supervised.
Brief description of the drawings
Fig. 1 is the schematic flow sheet for the identity information processing method applied to cloud decoding server that the present invention is provided;
Fig. 2 is the schematic flow sheet for the identity information processing method applied to supervision server that the present invention is provided;
Fig. 3 is the overall structure diagram of the identity information processing system for the embodiment one that the present invention is provided;
Fig. 4 is the schematic flow sheet of the identity information processing method for the embodiment one that the present invention is provided;
Fig. 5 is the overall structure diagram of the identity information processing system for the embodiment two that the present invention is provided;
Fig. 6 is the schematic flow sheet of the identity information processing method for the embodiment two that the present invention is provided;
Fig. 7 is the overall structure diagram of the identity information processing system for the embodiment three that the present invention is provided;
Fig. 8 is the schematic flow sheet of the identity information processing method for the embodiment three that the present invention is provided;
Fig. 9 is the overall structure diagram of the identity information processing system for the example IV that the present invention is provided;
Figure 10 is the schematic flow sheet of the identity information processing method for the example IV that the present invention is provided;
Figure 11 is the structural representation for the cloud decoding server that the present invention is provided;
Figure 12 is the structural representation for the supervision end server that the present invention is provided.
Embodiment
The present invention proposes a kind of identity information processing method, system and its corresponding server, below in conjunction with the accompanying drawings, to this hair Bright embodiment is described in detail.
Embodiments of the invention are described below in detail, the example of the embodiment is shown in the drawings, wherein from beginning to end Same or similar label represents same or similar element or the element with same or like function.Below with reference to attached The embodiment of figure description is exemplary, is only used for explaining the present invention, and is not construed as limiting the claims.
Those skilled in the art of the present technique are appreciated that unless expressly stated, singulative " one " used herein, " one It is individual ", " described " and "the" may also comprise plural form.It is to be further understood that what is used in the specification of the present invention arranges Diction " comprising " refer to there is the feature, integer, step, operation, element and/or component, but it is not excluded that in the presence of or addition Other one or more features, integer, step, operation, element, component and/or their group.It should be understood that when we claim member Part is " connected " or during " coupled " to another element, and it can be directly connected or coupled to other elements, or can also exist Intermediary element.In addition, " connection " used herein or " coupling " can include wireless connection or wireless coupling.It is used herein to arrange Taking leave "and/or" includes one or more associated wholes or any cell for listing item and all combines.
Those skilled in the art of the present technique are appreciated that unless otherwise defined, all terms used herein (including technology art Language and scientific terminology), with the general understanding identical meaning with the those of ordinary skill in art of the present invention.Should also Understand, those terms defined in such as general dictionary, it should be understood that with the context with prior art The consistent meaning of meaning, and unless by specific definitions as here, otherwise will not use idealization or excessively formal implication To explain.
The invention provides identity information processing system, in the system architecture, including with reading identity card function Terminal (identity card reader), the identity card ciphertext not decoded read for control terminal reading identity card, receiving terminal The client (can be the application program in PC or APP in mobile phone etc.) of information, the body not decoded received to client Part card cipher-text information carries out the cloud decoding server of decoding relevant treatment, and the cloud decoding server and client are remote by internet Journey is connected, the eID special equipments for generating eID codings, and the client-server of background service, Yi Jijie are provided for client The supervision server of identity information, eID codings that cloud decoding server is uploaded etc. is received, the supervision server is the prison of supervision department Control means.
The identity information processing system provided based on the invention described above, the invention provides identity information processing method, As shown in figure 1, applied to cloud decoding server, this method includes:
Step 101, the eID coding registration requests that client is sent are received, obtains and is carried in the eID codings registration request Identity card cipher-text information and appid.
Before this step, this method also includes:
Receive the Card Reader instruction request for the reading identity card cipher-text information that client is sent;
Card Reader instruction response is returned to, being carried in the Card Reader instruction response allows the response of reading identity card cipher-text information Message.
Step 102, corresponding eID codings and identity information are determined according to the identity card cipher-text information and appid.
It is described to determine that corresponding eID codings and identity are believed according to the identity card cipher-text information and appid in this step Breath, including:
The identity card cipher-text information is decoded, identity information is obtained;
EID codings are obtained according to the identity information and appid.
Further, it is described that eID codings are obtained according to the identity information and appid, specifically include:
EID coding generation requests are sent to eID special equipments according to the identity information and appid;
Receive the correspondence identity information of the eID special equipments return and appid eID codings.
Further, whether it is carried in eID coding registration requests, is set forth separately below for business information.
Business information is not carried in the eID codings registration request, and methods described also includes:
The eID codings are sent to the client and to the notification message of the identity card cipher-text information successfully decoded, So that eID codings and business information are sent to the supervision server through client-server and enter industry by the client Business association.
Or,
Business information is not carried in the eID codings registration request, and methods described also includes:
The notification message to the identity card cipher-text information successfully decoded is sent to the client;
The eID coded queries request that client-server is sent is received, business is carried in the eID coded queries request Serial number;
The eID codings corresponding to the business serial number are sent to the client-server, so that the client takes The eID business information for encoding and receiving the client transmission is sent to the supervision server and carries out business by business device Association.
Business information is carried in the eID codings registration request, methods described also includes:
The business information is sent to the supervision server;
The business information, eID codings are sent to client-server and the identity card cipher-text information is decoded into The notification message of work(.
Step 103, eID coding and identity information are sent to supervision server so that the supervision server according to Business information, eID codings and the identity information received carries out business association.
In another identity information processing method provided by the present invention, taken as shown in Fig. 2 this method is applied to supervision Business device, including:
Step 201, eID codings and identity information that cloud decoding server is sent are received.
Step 202, business association is carried out according to the business information received and eID codings and identity information.
Wherein, the business information received is sent by the cloud decoding server or sent out by client-server Send.
Further, when the business information received is that the cloud decoding server is sent, methods described also includes:
It is close to identity card that the business information, eID codings and the cloud decoding server are sent to client-server The notification message of literary information successfully decoded.
The identity information processing method and inquiry system provided based on the invention described above, below with four specific embodiments Elaborate.
Embodiment one
In the present embodiment, as shown in figs. 34, overall architecture relation for the embodiment and the signal of operation flow step Figure, comprises the following steps:
Wherein, cloud decoding server distributes application number (appid) for client in advance;Cloud decoding server provides business Serial number create-rule is to client.
1st, identity card reader has detected identity card and can be read;
2nd, client request cloud decoding server obtains the Card Reader instruction that Card Reader instructs and receives return;
3rd, Card Reader instruction is sent to identity card reader by client is used for reading identity card card image;
4th, the identity card cipher-text information not decoded read is given to client by identity card reader, and client will be advance The appid of distribution and the identity card cipher-text information not decoded received are sent to cloud decoding server;
Wherein, above-mentioned 2-4 requirementss of process are performed repeatedly, are adopted with completing the information in identity card chip after multiple Card Reader Collection.
5th, cloud decoding server is decoded to identity card cipher-text information, and generates eID codings (appeIDcode), and will The information of successfully decoded notifies client;Wherein, the generating process of eID codings is:Cloud decoding server is by appid, body The incoming eID special equipments of parameter such as part information, the generation that eID is encoded on eID special equipments, and receive eID special equipments The eID codings of return;
6th, client notification client-server successfully decoded, and upload business serial number and business information (business information Require that the sector network operator needs the information for being used to supervise uploaded for supervision department, potentially include:Hotel occupancy information, express delivery Single information etc.);Business serial number is uploaded to cloud decoding server by client-server, for obtaining eID codings;
7th, the eID codings of generation and the eID are encoded corresponding identity information and upload to supervision department by cloud decoding server Supervision server in;EID codings are returned to client-server by cloud decoding server simultaneously, complete client-server Real-name authentication;
8th, client-server uploads business information and eID is encoded to supervision server;
9th, supervision server is matched according to the eID of cloud decoding server and client-server codings, finishing service Information is associated with identity information.
Certainly, the cloud decoding server can also return to identity information client-server, and identity information is not carried The purpose of supply client-server is in order at secret protection.
Embodiment two
In the present embodiment, as shown in Fig. 5~6, overall architecture relation and the signal of operation flow step for the embodiment Figure, comprises the following steps:
Wherein, cloud decoding server distributes application number (appid) for client in advance.
1st, identity card reader has detected identity card and can be read;
2nd, client request cloud decoding server obtains the Card Reader instruction that Card Reader instructs and receives return;
3rd, Card Reader instruction is sent to identity card reader by client is used for reading identity card card image;
4th, the identity card cipher-text information not decoded read is given to client by identity card reader, and client will be advance The appid of distribution and the identity card cipher-text information not decoded received are sent to cloud decoding server;
Wherein, above-mentioned 2-4 requirementss of process are performed repeatedly, are adopted with completing the information in identity card chip after multiple Card Reader Collection.
5th, cloud decoding server is decoded to identity card cipher-text information, and generates eID codings (appeIDcode);Its In, the generating process of eID codings is:Cloud decoding server uses the incoming eID special equipments of the parameters such as appid, identity information The generation encoded in eID on eID special equipments, and receive the eID codings of eID special equipments return;
6th, the eID codings of generation and the eID are encoded corresponding identity information and upload to supervision department by cloud decoding server Supervision server in;EID codings are returned to client by cloud decoding server simultaneously;
7th, client uploads eID codings and business information to client-server, and the real name for completing client-server is recognized Card;Client-server forwarding eID codings and supervision server of the business information to supervision department;
8th, the eID that the eID codings and client-server that supervision server is uploaded according to cloud decoding server are uploaded is encoded Matched, after the match is successful, finishing service information is associated with identity information.
Certainly, the cloud decoding server can also return to identity information client-server, and identity information is not carried The purpose of supply client-server is in order at secret protection.
Embodiment three
In the present embodiment, as shown in Fig. 7~8, overall architecture relation and the signal of operation flow step for the embodiment Figure, comprises the following steps:
Wherein, cloud decoding server distributes application number (appid) for client in advance.
1st, identity card reader has detected identity card and can be read;
2nd, client request cloud decoding server obtains the Card Reader instruction that Card Reader instructs and receives return;
3rd, Card Reader instruction is sent to identity card reader by client is used for reading identity card card image;
4th, the identity card cipher-text information not decoded read is given to client by identity card reader, and client will be advance The appid of distribution, the identity card cipher-text information not decoded received and business information are sent to cloud decoding server;
Wherein, above-mentioned 2-4 requirementss of process are performed repeatedly, are adopted with completing the information in identity card chip after multiple Card Reader Collection.
5th, cloud decoding server is decoded to identity card cipher-text information, and generates eID codings (appeIDcode);Its In, the generating process of eID codings is:Cloud decoding server uses the incoming eID special equipments of the parameters such as appid, identity information The generation encoded in eID on eID special equipments, and receive the eID codings of eID special equipments return;
6th, eID codings, the eID of generation are encoded corresponding identity information by cloud decoding server and business information is uploaded Into the supervision server of supervision department, finishing service information is associated with identity information;Client-server is notified to be decoded into Work(, while eID codings and business information returned into client-server, completes the real-name authentication of client-server, then by Client-server associates completed notification message to what client sent business information and identity information.
Certainly, the supervision server can also return to identity information client-server, and identity information is not provided Purpose to client-server is in order at secret protection.
Example IV
In the present embodiment, as shown in Fig. 9~10, overall architecture relation and the signal of operation flow step for the embodiment Figure, comprises the following steps:
Wherein, cloud decoding server distributes application number (appid) for client in advance.
1st, identity card reader has detected identity card and can be read;
2nd, client request cloud decoding server obtains the Card Reader instruction that Card Reader instructs and receives return;
3rd, Card Reader instruction is sent to identity card reader by client is used for reading identity card card image;
4th, the identity card cipher-text information not decoded read is given to client by identity card reader, and client will be advance The appid of distribution, the identity card cipher-text information not decoded received and business information are sent to cloud decoding server;
Wherein, above-mentioned 2-4 requirementss of process are performed repeatedly, are adopted with completing the information in identity card chip after multiple Card Reader Collection.
5th, cloud decoding server is decoded to identity card cipher-text information, and generates eID codings (appeIDcode);Its In, the generating process of eID codings is:Cloud decoding server uses the incoming eID special equipments of the parameters such as appid, identity information The generation encoded in eID on eID special equipments, and receive the eID codings of eID special equipments return;
6th, eID codings, the eID of generation are encoded corresponding identity information by cloud decoding server and business information is uploaded Into the supervision server of supervision department, finishing service information is associated with identity information;Notified simultaneously by cloud decoding server Client-server successfully decoded, and eID codings and business information are returned into client-server, complete client-server Real-name authentication, then disappeared from the completed notice that associates that client-server sends business information and identity information to client Breath.
Certainly, the cloud decoding server can also return to identity information client-server, and identity information is not carried The purpose of supply client-server is in order at secret protection.
The identity information processing method provided based on the invention described above, the invention provides corresponding cloud decoding server And client-server, specifically,
Present invention also offers a kind of cloud decoding server, as shown in figure 11, including:
First processing units 1101, the eID for receiving client transmission encodes registration request, obtains the eID codings The identity card cipher-text information and appid carried in registration request;
Second processing unit 1102, for according to the identity card cipher-text information and appid determine corresponding eID coding and Identity information;
Transmitting element 1103, for sending the eID codings and identity information to supervision server.
Wherein, second processing unit 1102, for being decoded to the identity card cipher-text information, obtains identity information;According to The identity information and appid obtain eID codings.
Transmitting element 1103, is additionally operable to send eID coding lifes to eID special equipments according to the identity information and appid Into request;
The second processing unit 1102, the correspondence identity returned specifically for receiving the eID special equipments is believed Breath and appid eID are encoded.
When not carrying business information in eID coding registration requests,
The transmitting element 1103, is additionally operable to send the eID codings and to the identity card ciphertext to the client The notification message of information successfully decoded.
Or, the transmitting element 1103, it is additionally operable to be decoded into the identity card cipher-text information to client transmission The notification message of work(;
The first processing units 1101, the eID coded queries request for receiving client-server transmission is described Business serial number is carried in the request of eID coded queries;
The transmitting element 1103, is additionally operable to send corresponding to the business serial number to the client-server EID is encoded.
When carrying business information in eID coding registration requests,
The transmitting element 1103, is additionally operable to send the business information to the supervision server;To client service Device sends the business information, eID codings and to the notification message of the identity card cipher-text information successfully decoded.
Preferably,
Second processing unit 1102, the Card Reader instruction for being additionally operable to receive the reading identity card cipher-text information that client is sent please Ask;Card Reader instruction response is returned to, being carried in the Card Reader instruction response allows the response message of reading identity card cipher-text information.
End server is supervised present invention also offers one kind, as shown in figure 12, including:
Receiving unit 1201, eID codings and identity information for receiving the transmission of cloud decoding server;
Processing unit 1202, for entering industry according to business information and the eID coding and identity information that receive Business association.
The business information that the receiving unit is received is by cloud decoding server transmission or by client service What device was sent.
Wherein, when the business information that the receiving unit is received is to be sent by the cloud decoding server, in addition to:
Transmitting element 1203, is decoded for sending the business information, eID codings and the cloud to client-server Notification message of the server to identity card cipher-text information successfully decoded.
Present invention also offers a kind of identity information processing system, the processing system includes:
Cloud decoding server, the eID for receiving client transmission encodes registration request, obtains the eID codings registration The identity card cipher-text information and appid carried in request;Corresponding eID is determined according to the identity card cipher-text information and appid Coding and identity information;The eID codings and identity information are sent to supervision server;
Supervision server, eID codings and identity information for receiving the transmission of cloud decoding server;According to the industry received Information of being engaged in and eID codings and identity information carry out business association.
Client, the Card Reader instruction request for sending reading identity card cipher-text information;Receive the cloud decoding server The Card Reader instruction response of return, being carried in the Card Reader instruction response allows the response message of reading identity card cipher-text information; It is additionally operable to receive the identity card cipher-text information that card-reading terminal is sent;EID coding registration requests are sent to the cloud decoding server, The identity card cipher-text information and appid are carried in the eID codings registration request;Receive the cloud decoding server or visitor Notification message of the cloud decoding server that family end server is sent to the identity card cipher-text information successfully decoded;
Client-server, is asked for sending eID coded queries to the cloud decoding server, and the eID codings are looked into Ask in request and carry business serial number;Receive the eID corresponding to the business serial number that the cloud decoding server is sent Coding, and the eID business information for encoding and receiving the client transmission is sent to the supervision server;Receive The cloud decoding server that the cloud decoding server or the supervision server are sent is to the identity card cipher-text information solution The successful notification message of code;
EID special equipments, for receiving the eID coding generation requests that the cloud decoding server is sent;According to the eID The identity information and appid generation eID codings carried in coding generation request;The eID is sent to the cloud decoding server Coding.
This identity information processing system is identity information acquisition, storage and supervision processing provide new mode, is passed through Real ID card information is gathered, has effectively prevented false, the transmission otherness of the information of client upload.
Identity information processing method, system and its corresponding server provided based on the invention described above, is realized as follows Purpose:
1st, storage eID codings, had both completed the real-name authentication demand of supervision department's requirement, and in turn ensure that privacy was let out in system The risk of dew, even if system is revealed caused by artificial or abnormal, other people can not also correspond to eID codings and the relation of citizenship.
2nd, present treatment system is by reading identity card chip information, can be effectively ensured upload identity information it is true Property, associated compared to artificial reading identity card positive and negative information with use than Peer, it is higher on identity intensity is ensured.
3rd, because the eID amount vectors issued using market are less, and understanding eID citizen is very little, using eID modes Although personal identification can be avoided illegally to be followed the trail of, it can't widely use.
4th, ID card information is decoded by the cloud decoding server in high in the clouds, the pattern of eID codings is returned, because of identity card letter Breath only has the SAM modules in the cloud decoding server of Ministry of Public Security's accreditation to decrypt, and eID coding informations also only have Ministry of Public Security's accreditation Encryption device can generate and irreversible push away;So present system guarantees that identity information all during the Internet transmission is equal Secrecy processing is done, it is high that the secrecy processing mode breaks through difficulty, compared to the encryption mode such as soft key on the market, the system is in letter Accomplish safer in breath secrecy.
Those skilled in the art of the present technique be appreciated that can be realized with computer program instructions these structure charts and/or The combination of each frame and these structure charts and/or the frame in block diagram and/or flow graph in block diagram and/or flow graph.This technology is led Field technique personnel be appreciated that these computer program instructions can be supplied to all-purpose computer, special purpose computer or other The processor of programmable data processing method is realized, so as to pass through the processing of computer or other programmable data processing methods The scheme that device is specified in the frame or multiple frames to perform structure chart disclosed by the invention and/or block diagram and/or flow graph.
Wherein, the modules of apparatus of the present invention can be integrated in one, and can also be deployed separately.Above-mentioned module can be closed And be a module, multiple submodule can also be further split into.
It will be appreciated by those skilled in the art that accompanying drawing is the schematic diagram of a preferred embodiment, module or stream in accompanying drawing Journey is not necessarily implemented necessary to the present invention.
It will be appreciated by those skilled in the art that the module in device in embodiment can be divided according to embodiment description It is distributed in the device of embodiment, respective change can also be carried out and be disposed other than in one or more devices of the present embodiment.On The module for stating embodiment can be merged into a module, can also be further split into multiple submodule.
The invention described above sequence number is for illustration only, and the quality of embodiment is not represented.
Disclosed above is only several specific embodiments of the present invention, and still, the present invention is not limited to this, any ability What the technical staff in domain can think change should all fall into protection scope of the present invention.

Claims (22)

1. a kind of identity information processing method, it is characterised in that applied to cloud decoding server, methods described includes:
The eID coding registration requests that client is sent are received, the identity card ciphertext carried in the eID codings registration request is obtained Information and appid;
Corresponding eID codings and identity information are determined according to the identity card cipher-text information and appid;
The eID codings and identity information are sent to supervision server, so that the supervision server is according to the business received Information, eID codings and identity information carry out business association.
2. identity information processing method as claimed in claim 1, it is characterised in that described according to the identity card cipher-text information Corresponding eID codings and identity information are determined with appid, including:
The identity card cipher-text information is decoded, identity information is obtained;
EID codings are obtained according to the identity information and appid.
3. identity information processing method as claimed in claim 2, it is characterised in that it is described according to the identity information and Appid obtains eID codings, specifically includes:
EID coding generation requests are sent to eID special equipments according to the identity information and appid;
Receive the correspondence identity information of the eID special equipments return and appid eID codings.
4. identity information processing method as claimed in claim 2, it is characterised in that do not taken in the eID codings registration request With business information, methods described also includes:
The eID codings are sent to the client and to the notification message of the identity card cipher-text information successfully decoded, so that EID codings and business information are sent to the supervision server through client-server and carry out business pass by the client Connection.
5. identity information processing method as claimed in claim 2, it is characterised in that do not taken in the eID codings registration request With business information, methods described also includes:
The notification message to the identity card cipher-text information successfully decoded is sent to the client;
The eID coded queries request that client-server is sent is received, business flowing water is carried in the eID coded queries request Number;
The eID codings corresponding to the business serial number are sent to the client-server, so that the client-server The eID business information for encoding and receiving the client transmission is sent to the supervision server and carries out business pass Connection.
6. identity information processing method as claimed in claim 2, it is characterised in that carried in the eID codings registration request There is business information, methods described also includes:
The business information is sent to the supervision server;
The business information, eID codings are sent to client-server and to the identity card cipher-text information successfully decoded Notification message.
7. the identity information processing method as any one of claim 1-6, it is characterised in that methods described also includes:
Receive the Card Reader instruction request for the reading identity card cipher-text information that client is sent;
Card Reader instruction response is returned to, being carried in the Card Reader instruction response allows the response of reading identity card cipher-text information to disappear Breath.
8. a kind of identity information processing method, it is characterised in that applied to supervision server, methods described includes:
Receive eID codings and identity information that cloud decoding server is sent;
Business association is carried out according to the business information received and eID codings and identity information.
9. identity information processing method as claimed in claim 8, it is characterised in that the business information received is by institute State the transmission of cloud decoding server or being sent by client-server.
10. identity information processing method as claimed in claim 9, it is characterised in that when the business information received is described When cloud decoding server is sent, methods described also includes:
The business information, eID codings and the cloud decoding server are sent to client-server to believe identity card ciphertext Cease the notification message of successfully decoded.
11. a kind of cloud decoding server, it is characterised in that including:
First processing units, the eID for receiving client transmission encodes registration request, obtains the eID codings registration request The identity card cipher-text information and appid of middle carrying;
Second processing unit, for determining that corresponding eID codings and identity are believed according to the identity card cipher-text information and appid Breath;
Transmitting element, for sending the eID codings and identity information to supervision server.
12. cloud decoding server as claimed in claim 11, it is characterised in that
The second processing unit, for being decoded to the identity card cipher-text information, obtains identity information;Believed according to the identity Breath and appid obtain eID codings.
13. cloud decoding server as claimed in claim 12, it is characterised in that
The transmitting element, being additionally operable to please to the transmission eID coding generations of eID special equipments according to the identity information and appid Ask;
The second processing unit, specifically for receiving the correspondence identity information and appid that the eID special equipments are returned EID coding.
14. cloud decoding server as claimed in claim 12, it is characterised in that do not carried in the eID codings registration request There is business information,
The transmitting element, is additionally operable to send the eID codings to the client and the identity card cipher-text information is decoded Successful notification message.
15. cloud decoding server as claimed in claim 12, it is characterised in that do not carried in the eID codings registration request There is business information,
The transmitting element, is additionally operable to disappear to the notice of the identity card cipher-text information successfully decoded to client transmission Breath;
The first processing units, the eID coded queries request for receiving client-server transmission, the eID codings are looked into Ask in request and carry business serial number;
The transmitting element, is additionally operable to send the eID codings corresponding to the business serial number to the client-server.
16. cloud decoding server as claimed in claim 12, it is characterised in that carried in the eID codings registration request Business information,
The transmitting element, is additionally operable to send the business information to the supervision server;Institute is sent to client-server State business information, eID codings and to the notification message of the identity card cipher-text information successfully decoded.
17. the cloud decoding server as any one of claim 11-16, it is characterised in that also include:
Second processing unit, the Card Reader instruction request of the reading identity card cipher-text information for receiving client transmission;Return and read Card instruction response, being carried in the Card Reader instruction response allows the response message of reading identity card cipher-text information.
18. a kind of supervision server, it is characterised in that including:
Receiving unit, eID codings and identity information for receiving the transmission of cloud decoding server;
Processing unit, for carrying out business association according to business information and the eID coding and identity information that receive.
19. supervision server as claimed in claim 18, it is characterised in that the business information that the receiving unit is received is It is being sent by the cloud decoding server or being sent by client-server.
20. supervision server as claimed in claim 19, it is characterised in that the business information received when the receiving unit During to be sent by the cloud decoding server, in addition to:
Transmitting element, for sending the business information, eID codings and the cloud decoding server pair to client-server The notification message of identity card cipher-text information successfully decoded.
21. a kind of identity information processing system, it is characterised in that the processing system includes cloud decoding server and policing services Device;
The cloud decoding server, the eID for receiving client transmission encodes registration request, obtains the eID codings registration The identity card cipher-text information and appid carried in request;Corresponding eID is determined according to the identity card cipher-text information and appid Coding and identity information;The eID codings and identity information are sent to supervision server;
The supervision server, eID codings and identity information for receiving the transmission of cloud decoding server;According to the industry received Information of being engaged in and eID codings and identity information carry out business association.
22. eID coded queries device as claimed in claim 21, it is characterised in that also include:
Client, the Card Reader instruction request for sending reading identity card cipher-text information;The cloud decoding server is received to return Card Reader instruction response, being carried in Card Reader instruction response allows the response message of reading identity card cipher-text information;Also use In the identity card cipher-text information for receiving card-reading terminal transmission;EID coding registration requests are sent to the cloud decoding server, it is described The identity card cipher-text information and appid are carried in eID coding registration requests;Receive the cloud decoding server or client Notification message of the cloud decoding server that server is sent to the identity card cipher-text information successfully decoded;
Client-server, is asked, the eID coded queries please for sending eID coded queries to the cloud decoding server Business serial number is carried in asking;The eID codings corresponding to the business serial number that the cloud decoding server is sent are received, And the eID business information for encoding and receiving the client transmission is sent to the supervision server;Receive described The cloud decoding server that cloud decoding server or the supervision server are sent is decoded into the identity card cipher-text information The notification message of work(;
EID special equipments, for receiving the eID coding generation requests that the cloud decoding server is sent;Encoded according to the eID The identity information and appid generation eID codings carried in generation request;The eID codings are sent to the cloud decoding server.
CN201710601290.9A 2017-07-21 2017-07-21 Identity information processing method and system and corresponding server Active CN107302435B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710601290.9A CN107302435B (en) 2017-07-21 2017-07-21 Identity information processing method and system and corresponding server

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710601290.9A CN107302435B (en) 2017-07-21 2017-07-21 Identity information processing method and system and corresponding server

Publications (2)

Publication Number Publication Date
CN107302435A true CN107302435A (en) 2017-10-27
CN107302435B CN107302435B (en) 2020-12-04

Family

ID=60133060

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710601290.9A Active CN107302435B (en) 2017-07-21 2017-07-21 Identity information processing method and system and corresponding server

Country Status (1)

Country Link
CN (1) CN107302435B (en)

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107809432A (en) * 2017-11-06 2018-03-16 广州市森锐科技股份有限公司 A kind of acquisition of ID card information and anti-tamper system and method
CN108961485A (en) * 2018-05-07 2018-12-07 金联汇通信息技术有限公司 Intelligent door lock, auth method and device
CN109447029A (en) * 2018-11-12 2019-03-08 公安部第三研究所 Electronic identity license generates system and method
CN109951423A (en) * 2017-12-20 2019-06-28 金联汇通信息技术有限公司 System, method, apparatus and the server of authentication
CN110300083A (en) * 2018-03-22 2019-10-01 华为技术有限公司 A kind of method, terminal and authentication server obtaining identity information
CN110855606A (en) * 2019-09-27 2020-02-28 金联汇通信息技术有限公司 User identity authentication method, cloud decoding server, client and system
CN111506894A (en) * 2019-01-31 2020-08-07 金联汇通信息技术有限公司 Data processing method, system, electronic device and computer readable storage medium
CN111885203A (en) * 2020-08-04 2020-11-03 浪潮云信息技术股份公司 Method for remote management based on CMSP
CN116319067A (en) * 2023-05-10 2023-06-23 金联汇通信息技术有限公司 Information verification method, terminal, cloud server, background and electronic equipment

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102868701A (en) * 2012-09-27 2013-01-09 公安部第三研究所 Method for achieving electronic identity (eID) state moving between eID carrier terminal and eID service system
CN104601593A (en) * 2015-02-04 2015-05-06 公安部第三研究所 Anti-tracking method in network electronic identity authentication process based on challenge modes
US20160099923A1 (en) * 2014-10-06 2016-04-07 Stmicroelectronics, Inc. Client accessible secure area in a mobile device security module
CN106487518A (en) * 2016-10-31 2017-03-08 金联汇通信息技术有限公司 A kind of real-name authentication system and method for express delivery industry
CN106713257A (en) * 2015-11-18 2017-05-24 北京奇虎科技有限公司 Method and device for service processing based on mobile device
CN106790070A (en) * 2016-12-21 2017-05-31 杨宪国 Electronic ID card identification service system based on authentication device

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102868701A (en) * 2012-09-27 2013-01-09 公安部第三研究所 Method for achieving electronic identity (eID) state moving between eID carrier terminal and eID service system
US20160099923A1 (en) * 2014-10-06 2016-04-07 Stmicroelectronics, Inc. Client accessible secure area in a mobile device security module
CN104601593A (en) * 2015-02-04 2015-05-06 公安部第三研究所 Anti-tracking method in network electronic identity authentication process based on challenge modes
CN106713257A (en) * 2015-11-18 2017-05-24 北京奇虎科技有限公司 Method and device for service processing based on mobile device
CN106487518A (en) * 2016-10-31 2017-03-08 金联汇通信息技术有限公司 A kind of real-name authentication system and method for express delivery industry
CN106790070A (en) * 2016-12-21 2017-05-31 杨宪国 Electronic ID card identification service system based on authentication device

Cited By (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107809432A (en) * 2017-11-06 2018-03-16 广州市森锐科技股份有限公司 A kind of acquisition of ID card information and anti-tamper system and method
CN109951423A (en) * 2017-12-20 2019-06-28 金联汇通信息技术有限公司 System, method, apparatus and the server of authentication
CN109951423B (en) * 2017-12-20 2021-09-10 金联汇通信息技术有限公司 System, method and device for identity authentication and server
CN110300083A (en) * 2018-03-22 2019-10-01 华为技术有限公司 A kind of method, terminal and authentication server obtaining identity information
CN108961485A (en) * 2018-05-07 2018-12-07 金联汇通信息技术有限公司 Intelligent door lock, auth method and device
CN109447029A (en) * 2018-11-12 2019-03-08 公安部第三研究所 Electronic identity license generates system and method
CN109447029B (en) * 2018-11-12 2022-09-02 公安部第三研究所 Electronic identity card photo generation system and method
CN111506894A (en) * 2019-01-31 2020-08-07 金联汇通信息技术有限公司 Data processing method, system, electronic device and computer readable storage medium
CN110855606A (en) * 2019-09-27 2020-02-28 金联汇通信息技术有限公司 User identity authentication method, cloud decoding server, client and system
CN111885203A (en) * 2020-08-04 2020-11-03 浪潮云信息技术股份公司 Method for remote management based on CMSP
CN116319067A (en) * 2023-05-10 2023-06-23 金联汇通信息技术有限公司 Information verification method, terminal, cloud server, background and electronic equipment
CN116319067B (en) * 2023-05-10 2023-08-29 金联汇通信息技术有限公司 Information verification method, terminal, cloud server, background and electronic equipment

Also Published As

Publication number Publication date
CN107302435B (en) 2020-12-04

Similar Documents

Publication Publication Date Title
CN107302435A (en) Identity information processing method, system and its corresponding server
US10681025B2 (en) Systems and methods for securely managing biometric data
Zhang et al. A review of compressive sensing in information security field
CN1860724B (en) Method for identification
CN103812854B (en) Identity authentication system, device and method and identity authentication requesting device
CN110086634B (en) System and method for security authentication and access of intelligent camera
CN106789077A (en) A kind of real name identification method and system
US20230198745A1 (en) Method and system for selective and privacy-preserving anonymization
CN107404478A (en) EID coded queries method, system and its corresponding server
CN116490877A (en) System and method for face recognition authentication of mask wearer
KR20190081297A (en) Image processing system comprising image transmitter and image receiver based on internet of things, and image processing method using the same
CN106650372B (en) The activating method and device of administrator right
CN108959891A (en) Brain electricity identity identifying method based on privacy sharing
CN115810232A (en) Passage control method based on offline two-dimensional code and face characteristic value
CN104899500B (en) A kind of elevator customer Rights Management System and method
CN106101140B (en) A kind of method and server of authentification of message
CN114090994A (en) Face recognition authentication method and system based on block chain
CN106790135B (en) Data encryption method and system based on cloud and communication equipment
KR101331201B1 (en) Cctv media secure transmission system and method thereof
CN107682156A (en) A kind of encryption communication method and device based on SM9 algorithms
CN102571341B (en) A kind of Verification System based on dynamic image and authentication method
CN111698253A (en) Computer network safety system
CN109064602B (en) Identification method based on mobile terminal and two-dimensional code dynamic identity authentication
CN110582986B (en) Security authentication method for generating security key by combining authentication factors of multiple users
CN116756750A (en) Medical sensitive data acquisition desensitization method

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant