CN109286921B - Portable multi-scene teaching identity authentication method - Google Patents
Portable multi-scene teaching identity authentication method Download PDFInfo
- Publication number
- CN109286921B CN109286921B CN201811119566.0A CN201811119566A CN109286921B CN 109286921 B CN109286921 B CN 109286921B CN 201811119566 A CN201811119566 A CN 201811119566A CN 109286921 B CN109286921 B CN 109286921B
- Authority
- CN
- China
- Prior art keywords
- teaching terminal
- ciphertext
- teaching
- pairing device
- cloud server
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 15
- 238000004891 communication Methods 0.000 claims abstract description 63
- 238000013459 approach Methods 0.000 claims abstract description 6
- 238000012795 verification Methods 0.000 claims description 8
- 230000008569 process Effects 0.000 abstract description 5
- 238000012545 processing Methods 0.000 description 4
- 230000007246 mechanism Effects 0.000 description 3
- 241000700605 Viruses Species 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W4/00—Services specially adapted for wireless communication networks; Facilities therefor
- H04W4/80—Services using short range communication, e.g. near-field communication [NFC], radio-frequency identification [RFID] or low energy communication
-
- H04B5/77—
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W76/00—Connection management
- H04W76/10—Connection setup
- H04W76/14—Direct-mode setup
Abstract
The invention provides a portable multi-scene teaching system, which comprises the following steps: step S1, writing the identity information, the public key and the private key into the teaching terminal and the cloud server; step S2, when the teaching terminal approaches the mate, a first data communication connection is established, and the mate encrypts a public key to generate a first ciphertext and sends the first ciphertext to the teaching terminal; step S3, the teaching terminal decrypts the first ciphertext and compares the first ciphertext with a public key stored by the teaching terminal to determine whether the first ciphertext is consistent with the public key stored by the teaching terminal; step S4, the teaching terminal encrypts the private key to generate a second ciphertext and sends the second ciphertext and the identity information to the pairing device; step S5, the pairing device decrypts the second ciphertext and sends the second ciphertext to the cloud server, and the cloud server informs the pairing device after confirming that the identity is legal; step S6, the pairing device establishes a second data communication connection; step S7, the pairing device encrypts the user name and the password to generate a third ciphertext and sends the third ciphertext to the teaching terminal; and step S8, the teaching terminal decrypts the third ciphertext to obtain the user name and the password. The invention has the advantages that: the safety of the teaching terminal identity authentication process is improved.
Description
Technical Field
The invention relates to an identity authentication method, in particular to a portable multi-scene teaching identity authentication method.
Background
With the progress of technology, the equipment of the classroom is advanced all the time, various teaching equipment is updated, and multimedia teaching becomes an indispensable teaching form for each classroom. In the current classroom, a set of multimedia equipment and corresponding teaching terminals are installed, and each teaching terminal correspondingly controls various sub-devices under one set of multimedia equipment in one classroom.
In order to manage the teaching terminal and the multimedia equipment and check attendance of teachers during class time and class time, identity recognition and account and password matching operation needs to be carried out on the teaching terminal. However, if some unauthorized persons know the pairing code through an illegal way, the pairing code can be connected with and control the multimedia equipment by themselves, viruses are implanted, and potential safety hazards are caused. Therefore, how to improve the security of the identity authentication process of the teaching terminal becomes a problem to be solved.
Disclosure of Invention
The invention aims to provide a portable multi-scene teaching identity authentication method, which is used for improving the safety of the identity authentication process of a teaching terminal.
The invention is realized by the following steps: a portable multi-scene teaching identity authentication method comprises the following steps:
step S1, the teacher writes the teacher' S identity information, public key and private key into the database of the teaching terminal and cloud server respectively; the teaching terminal and the pairing device store the same encryption algorithm;
step S2, when the teaching terminal approaches the mate, the teaching terminal establishes a first data communication connection with the mate, the mate generates a random data string, the mate encrypts a public key by using an encryption algorithm and the random data string to generate a first ciphertext, and sends the first ciphertext and the random data string to the teaching terminal;
s3, the teaching terminal decrypts the first ciphertext by using the encryption algorithm and the random data string, compares the decrypted public key with a public key stored by the teaching terminal, and if the public key is consistent with the public key stored by the teaching terminal, passes the first verification and enters S4; if not, ending the flow;
step S4, the teaching terminal generates a second ciphertext by using the encryption algorithm and the random data string encryption private key, and sends the second ciphertext and the identity information to the pairing device;
step S5, the pairing device decrypts the second ciphertext through the encryption algorithm and the random data string, sends the identity information and the private key obtained through decryption to the cloud server, the cloud server confirms whether the received identity information is recorded in the database or not, and if yes, the step S6 is executed; if not, ending the flow;
step S6, the cloud server confirms whether the received private key is consistent with the private key stored in the cloud server, if so, the cloud server sends an identity legal message to the pairing device, and the step S7 is carried out; if not, ending the flow;
step S7, after the identity legal message is received by the pairing device, the second verification is passed, the first data communication connection is disconnected, and the second data communication connection is established between the teaching terminal and the pairing device;
step S8, the pairing device generates a third ciphertext by using the encryption algorithm and the user name and the password of the random data string encryption device, and sends the third ciphertext to the teaching terminal;
and step S9, the teaching terminal decrypts the third ciphertext by using the encryption algorithm and the random data string, and the teaching terminal connects the multimedia equipment group by using the user name and the password of the equipment to carry out teaching.
Further, in step S2, when the teaching terminal approaches the pairing device, the establishing of the first data communication connection between the teaching terminal and the pairing device specifically includes: when the teaching terminal is close to the pairing device, the teaching terminal and the pairing device establish first data communication connection through the second near field communication module and the third near field communication module.
Further, in step S7, the establishing of the second data communication connection between the teaching terminal and the pairing device specifically includes: and the teaching terminal and the pairing device establish second data communication connection through the first wireless communication module and the second communication module.
The invention has the advantages that:
1. the teaching terminal and the pairing device establish first data communication connection through the second near field communication module and the third near field communication module, so that the connection and pairing speed is high, and the user experience is good;
2. the teaching terminal and the pairing device establish second data communication connection through the first wireless communication module and the second communication module, so that the teaching terminal can keep a distance from the pairing device and is prevented from being disconnected;
3. the identity authentication is carried out on the teaching terminal through the public key, the private key, the encryption algorithm and the random data string, so that the safety of the identity authentication process of the teaching terminal is improved;
4. the identity information, the public key and the private key of the teacher are stored in the cloud server, and the safety of the identity information, the public key and the private key of the teacher is guaranteed by using the safety mechanism of the cloud server.
Drawings
The invention will be further described with reference to the following examples with reference to the accompanying drawings.
FIG. 1 is a flow chart of a portable multi-scenario teaching identity authentication method of the present invention.
FIG. 2 is a schematic block diagram of the circuit of a portable multi-scenario teaching system of the present invention.
Description of the drawings:
100-a teaching system, 1-a cloud server, 2-a centralized control device, 3-a multimedia equipment group, 4-a pair, 5-a card distributor, 6-a teaching terminal, 41-a first MCU, 42-a second near field communication module, 43-a first wireless communication module, 51-a first near field communication module, 61-a second MCU, 62-a third near field communication module, 63-a second wireless communication module, 64-a pickup processing module, 65-a key group, 66-a power module, 67-a display screen and 68-a laser transmitter.
Detailed Description
Referring to fig. 1 to 2, a preferred embodiment of a portable multi-scenario teaching system according to the present invention includes a cloud server 1, a centralized control device 2, a multimedia device set 3, a pairing device 4, a card distribution device 5, and a teaching terminal 6; the cloud server 1 is connected with the centralized control device 2; the multimedia equipment group 3 is connected with the centralized control device 2; the input end of the card distributor 5 is connected with the centralized control device 2, and the output end of the card distributor is connected with the teaching terminal 6; one end of the pairing device 4 is connected with the centralized control device 2, and the other end of the pairing device is connected with the teaching terminal 6; the cloud server 1 is used for managing the multimedia equipment groups 3 in each classroom and setting permissions according to different teachers; the pairing device 5 is used for identifying the identity of the teaching terminal 6; the card distributor 5 is used for inputting the identity information of a teacher into the teaching terminal 6; the centralized control device 2 includes a PC (not shown) and a control module circuit (not shown) for connecting and controlling the multimedia device group 3.
The teaching terminal 6 comprises a second MCU61, a third nfc module 62, a second wireless communication module 63, a sound pickup processing module 64, a key set 65, a power module 66, a display screen 67 and a laser transmitter 68; one end of the third near field communication module 62 is connected to the second MCU61, and the other end is connected to the pairing device 4 and the card adapter 5; one end of the second wireless communication module 63 is connected with the second MCU61, and the other end is connected with the pairing device 4; the pickup processing module 64, the key group 65, the power supply module 66, the display screen 67 and the laser transmitter 68 are all connected with the second MCU 61; the pickup processing module 64 is used for amplifying sound for teaching; the button group 65 can define functions by self, and can realize functions of PPT (power point) wireless page turning and the like; the power module 66 supplies power to the teaching terminal 6 and also supplies power to external electronic equipment; the display screen 67 is used for indicating the working state of the multimedia device group 3; the laser transmitter 68 is used as a laser pointer; the second MCU61 is used to control each module under the teaching terminal 6, and as long as the MCU capable of achieving the purpose is feasible, a person skilled in the art can obtain the MCU without creative work, for example, the MCU of STM32F103 series; the power module 66 is used for supplying power to the teaching terminal 6, and any power module capable of supplying power to the teaching terminal 6 can be used, and the power module is not limited to a specific model and can be obtained by a person skilled in the art without creative labor.
The third near field communication module 62 is an NFC module or an RFID module; the second wireless communication module 63 is a bluetooth module, a wifi module or a 2.4G radio frequency module.
The pairing apparatus 4 comprises a first MCU41, a second near field communication module 42 and a first wireless communication module 43; one end of the second near field communication module 42 is connected with the first MCU41, and the other end is connected with the teaching terminal 6; one end of the first wireless communication module 43 is connected with the first MCU41, and the other end is connected with the teaching terminal 6; the first MCU41 is connected with the centralized control device 2; the first MCU2 is used to realize the control of the second near field communication module 42 and the first wireless communication module 43, and as long as an MCU capable of achieving this is available, it is available to those skilled in the art without any inventive effort, for example, MCUs of the STM32F103 series.
The second near field communication module 42 is an NFC module or an RFID module; the first wireless communication module 43 is a bluetooth module, a wifi module or a 2.4G radio frequency module.
The card distributor 5 is provided with a first near field communication module 51 for inputting the identity information of the teacher into the teaching terminal.
The first near field communication module 51 is an NFC module or an RFID module.
The multimedia device set 3 includes a projector (not shown), a lighting device set (not shown), a sound set (not shown), a power curtain set (not shown), a mouse (not shown), and a keyboard (not shown); the projector, the lighting equipment group, the sound group, the electric curtain group, the mouse and the keyboard are all connected with the centralized control device 2.
The invention discloses a better embodiment of a portable multi-scene teaching identity authentication method, which comprises the following steps:
step S1, the educational administration department writes the identity information, the public key and the private key of the teacher into databases of the teaching terminal and the cloud server respectively, and the security of the identity information, the public key and the private key of the teacher is guaranteed by using the security mechanism of the cloud server; the teaching terminal and the pairing device store the same encryption algorithm;
step S2, when the teaching terminal approaches the mate, the teaching terminal establishes a first data communication connection with the mate, the mate generates a random data string, the mate encrypts a public key by using an encryption algorithm and the random data string to generate a first ciphertext, and sends the first ciphertext and the random data string to the teaching terminal;
s3, the teaching terminal decrypts the first ciphertext by using the encryption algorithm and the random data string, compares the decrypted public key with a public key stored by the teaching terminal, and if the public key is consistent with the public key stored by the teaching terminal, passes the first verification and enters S4; if not, ending the flow; the first verification is to confirm that the teaching terminal is the equipment of the system by using a public key;
step S4, the teaching terminal generates a second ciphertext by using the encryption algorithm and the random data string encryption private key, and sends the second ciphertext and the identity information to the pairing device;
step S5, the pairing device decrypts the second ciphertext through the encryption algorithm and the random data string, sends the identity information and the private key obtained through decryption to the cloud server, the cloud server confirms whether the received identity information is recorded in the database or not, and if yes, the step S6 is executed; if not, ending the flow;
step S6, the cloud server confirms whether the received private key is consistent with the private key stored in the cloud server, if so, the cloud server sends an identity legal message to the pairing device, and the step S7 is carried out; if not, ending the flow;
step S7, after the identity legal message is received by the pairing device, the second verification is passed, the first data communication connection is disconnected, and the second data communication connection is established between the teaching terminal and the pairing device; the second verification is to confirm the identity information of the teaching terminal by using a private key;
step S8, the pairing device generates a third ciphertext by using the encryption algorithm and the user name and the password of the random data string encryption device, and sends the third ciphertext to the teaching terminal;
step S9, the teaching terminal decrypts the third ciphertext by using the encryption algorithm and the random data string, and the teaching terminal connects the multimedia equipment group by using the user name and the password of the equipment to carry out teaching; the random data string used for each encryption may be different to improve encryption security.
In step S2, when the teaching terminal approaches the pairing device, the establishing of the first data communication connection between the teaching terminal and the pairing device specifically includes: when the teaching terminal is close to the pairing device, the teaching terminal and the pairing device establish first data communication connection through the second near field communication module and the third near field communication module, so that connection pairing speed is high, and user experience is good.
In step S7, the step of establishing the second data communication connection between the teaching terminal and the pairing device specifically includes: the teaching terminal and the pairing device establish second data communication connection through the first wireless communication module and the second communication module, so that the teaching terminal and the pairing device can keep a distance and can not be disconnected.
In summary, the invention has the advantages that:
1. the teaching terminal and the pairing device establish first data communication connection through the second near field communication module and the third near field communication module, so that the connection and pairing speed is high, and the user experience is good;
2. the teaching terminal and the pairing device establish second data communication connection through the first wireless communication module and the second communication module, so that the teaching terminal can keep a distance from the pairing device and is prevented from being disconnected;
3. the identity authentication is carried out on the teaching terminal through the public key, the private key, the encryption algorithm and the random data string, so that the safety of the identity authentication process of the teaching terminal is improved;
4. the identity information, the public key and the private key of the teacher are stored in the cloud server, and the safety of the identity information, the public key and the private key of the teacher is guaranteed by using the safety mechanism of the cloud server.
Although specific embodiments of the invention have been described above, it will be understood by those skilled in the art that the specific embodiments described are illustrative only and are not limiting upon the scope of the invention, and that equivalent modifications and variations can be made by those skilled in the art without departing from the spirit of the invention, which is to be limited only by the appended claims.
Claims (1)
1. A portable multi-scene teaching identity authentication method is characterized in that: the method comprises the following steps:
step S1, the teacher writes the teacher' S identity information, public key and private key into the database of the teaching terminal and cloud server respectively; the teaching terminal and the pairing device store the same encryption algorithm;
step S2, when the teaching terminal approaches the mate, the teaching terminal and the mate establish a first data communication connection through a second near field communication module and a third near field communication module, the mate generates a random data string, the mate generates a first ciphertext by using an encryption algorithm and a random data string encryption public key, and sends the first ciphertext and the random data string to the teaching terminal;
s3, the teaching terminal decrypts the first ciphertext by using the encryption algorithm and the random data string, compares the decrypted public key with a public key stored by the teaching terminal, and if the public key is consistent with the public key stored by the teaching terminal, passes the first verification and enters S4; if not, ending the flow;
step S4, the teaching terminal generates a second ciphertext by using the encryption algorithm and the random data string encryption private key, and sends the second ciphertext and the identity information to the pairing device;
step S5, the pairing device decrypts the second ciphertext through the encryption algorithm and the random data string, sends the identity information and the private key obtained through decryption to the cloud server, the cloud server confirms whether the received identity information is recorded in the database or not, and if yes, the step S6 is executed; if not, ending the flow;
step S6, the cloud server confirms whether the received private key is consistent with the private key stored in the cloud server, if so, the cloud server sends an identity legal message to the pairing device, and the step S7 is carried out; if not, ending the flow;
step S7, after the identity legal message is received by the pairing device, the pairing device passes the second verification and breaks the first data communication connection, and the teaching terminal and the pairing device establish a second data communication connection through the first wireless communication module and the second communication module;
step S8, the pairing device generates a third ciphertext by using the encryption algorithm and the user name and the password of the random data string encryption device, and sends the third ciphertext to the teaching terminal;
and step S9, the teaching terminal decrypts the third ciphertext by using the encryption algorithm and the random data string, and the teaching terminal connects the multimedia equipment group by using the user name and the password of the equipment to carry out teaching.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811119566.0A CN109286921B (en) | 2018-09-25 | 2018-09-25 | Portable multi-scene teaching identity authentication method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811119566.0A CN109286921B (en) | 2018-09-25 | 2018-09-25 | Portable multi-scene teaching identity authentication method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN109286921A CN109286921A (en) | 2019-01-29 |
| CN109286921B true CN109286921B (en) | 2021-07-02 |
Family
ID=65181468
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811119566.0A Active CN109286921B (en) | 2018-09-25 | 2018-09-25 | Portable multi-scene teaching identity authentication method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109286921B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110022320B (en) * | 2019-04-08 | 2020-12-18 | 北京纬百科技有限公司 | Communication pairing method and communication device |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101271534A (en) * | 2008-03-25 | 2008-09-24 | 华南理工大学 | RFID label and reading device thereof, reading system and safety authentication method |
| CN102202040A (en) * | 2010-03-26 | 2011-09-28 | 联想(北京)有限公司 | Client authentication method and device |
| CN102916982A (en) * | 2012-11-22 | 2013-02-06 | 青岛海信宽带多媒体技术有限公司 | Network equipment identity authentication method |
| CN105722067A (en) * | 2014-12-02 | 2016-06-29 | 阿里巴巴集团控股有限公司 | Mobile terminal data encryption/decryption method and mobile terminal data encryption/decryption device |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP2014053797A (en) * | 2012-09-07 | 2014-03-20 | Toshiba Corp | Device and program for electronic document management |
-
2018
- 2018-09-25 CN CN201811119566.0A patent/CN109286921B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101271534A (en) * | 2008-03-25 | 2008-09-24 | 华南理工大学 | RFID label and reading device thereof, reading system and safety authentication method |
| CN102202040A (en) * | 2010-03-26 | 2011-09-28 | 联想(北京)有限公司 | Client authentication method and device |
| CN102916982A (en) * | 2012-11-22 | 2013-02-06 | 青岛海信宽带多媒体技术有限公司 | Network equipment identity authentication method |
| CN105722067A (en) * | 2014-12-02 | 2016-06-29 | 阿里巴巴集团控股有限公司 | Mobile terminal data encryption/decryption method and mobile terminal data encryption/decryption device |
Non-Patent Citations (3)
| Title |
|---|
| 《Mitigation of insider and outsider DoS attack against signature based authentication in VANETs》;B.Pooja;《 2014 Asia-Pacific Conference on Computer Aided System Engineering (APCASE)》;20141016;全文 * |
| 《云数据传输加密及完整性校验方案》;陈庄;《信息安全研究》;20170731;全文 * |
| 《移动应用安全生态链构建方法》;杨昕雨;《软件学报》;20171130;全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN109286921A (en) | 2019-01-29 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| AU2019344067B2 (en) | Wireless access credential system | |
| CN107113315B (en) | Identity authentication method, terminal and server | |
| US9130753B1 (en) | Authentication using security device with electronic interface | |
| CN106023369A (en) | Cloud platform-based combined safety lock system and control method thereof | |
| US20100218249A1 (en) | Authentication via a device | |
| CN105246026B (en) | A kind of safe matching method of intelligence wearable device and other equipment | |
| CN106060073B (en) | Channel key machinery of consultation | |
| CN108768628B (en) | Equipment end encryption method, device, system and gateway | |
| CN105228149A (en) | Access point method of attachment, device and access point | |
| CN103729903A (en) | Authentication system and method using handset as validation terminal | |
| JP2019071559A (en) | Car sharing system | |
| CN105064805A (en) | Intelligent door lock control system | |
| CN103839160A (en) | Network transaction digital signing method and device | |
| CN109286921B (en) | Portable multi-scene teaching identity authentication method | |
| US20140025946A1 (en) | Audio-security storage apparatus and method for managing certificate using the same | |
| CN106650372A (en) | open method and device of administrator authority | |
| CN108696361A (en) | Configuration method, generation method and the device of smart card | |
| CN104992489A (en) | Intelligent switch system | |
| CN109063460B (en) | Portable multi-scene teaching system and method | |
| CN107294822A (en) | A kind of intelligent home control system and method | |
| CN107070663B (en) | Mobile terminal-based field authentication method and field authentication system | |
| CN109039588A (en) | A kind of data safe transmission method and equipment based on block chain | |
| US20140380061A1 (en) | Implementation Method of a Multifunctional MCU and such Multifunctional MCU | |
| CN108875398B (en) | Encryption and decryption system based on certificate chain technology and application method thereof | |
| CN104113417A (en) | Dynamic password identity authentication method and system based on near field communication (NFC) |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |