CN109920100B

CN109920100B - Unlocking method and system of intelligent lock

Info

Publication number: CN109920100B
Application number: CN201910105113.0A
Authority: CN
Inventors: 李东声
Original assignee: Tendyron Corp
Current assignee: Tendyron Corp
Priority date: 2019-02-01
Filing date: 2019-02-01
Publication date: 2021-02-19
Anticipated expiration: 2039-02-01
Also published as: CN109920100A

Abstract

The invention provides an intelligent lock unlocking method and an intelligent lock unlocking system, wherein the intelligent lock unlocking method comprises the following steps: the intelligent lock has the advantages that the intelligent password key of the administrator is authorized through the authorized administrator identity card, the visitor identity card is authorized through the authorized administrator intelligent password key, the intelligent password key of the visitor is authorized through the authorized visitor identity card, the intelligent password key of the visitor can obtain unlocking permission when the administrator identity card has the permission to unlock the intelligent lock, the visitor can use the intelligent password key of the visitor to unlock the intelligent lock, the intelligent lock can also be unlocked through the visitor identity card, the administrator can also use the administrator identity card and the administrator intelligent password key to unlock the intelligent lock, on one hand, the administrator can conveniently authorize and use other intelligent lock users, on the other hand, the safety of the intelligent lock is improved.

Description

Unlocking method and system of intelligent lock

Technical Field

The invention relates to the technical field of electronics, in particular to an unlocking method and system of an intelligent lock.

Background

For many years, along with the rapid development of electronic technology, more and more intelligent locks have appeared in the market, current intelligent lock uses biological information (such as iris, fingerprint, etc.), mode such as IC-card is accomplished and is unblanked usually, above-mentioned intelligent lock is compared in traditional lock, it is higher to have the security, the key carries advantages such as more convenient, but when many people share same lock, still there is the cost of biological identification lock higher, it is difficult to bear, and the unstable problem of identification result, IC-card lock need be equipped with the IC-card and manage for every lock user, administrator's burden has been increased.

Disclosure of Invention

The present invention is directed to solving the above problems.

The invention mainly aims to provide an unlocking method of an intelligent lock, which is characterized by comprising the following steps: the intelligent lock completes network connection, and an intelligent lock client of the administrator terminal is bound with the intelligent lock; the administrator terminal is connected with the first identity card information reading device and the administrator intelligent password key, an intelligent lock client of the administrator terminal obtains a registration request of the administrator intelligent password key, and the intelligent lock client displays prompt information for reading identity card information; the first identity card information reading equipment reads the administrator identity card information and sends the administrator identity card information to the administrator terminal, and the administrator terminal at least sends the administrator identity card information and the serial number of the intelligent lock to the background system server; the method comprises the steps that an administrator terminal receives first matching information which is sent by a background system server and is obtained according to the fact that whether the administrator identity card information is matched with identity card information bound with an intelligent lock or not is judged, if the first matching information is matched successfully, the administrator terminal obtains face image information of an administrator by using a camera, and at least sends the face image information of the administrator to the background system server; the method comprises the steps that an administrator terminal receives first comparison result information which is sent by a background system server and is obtained according to the fact that whether image information in administrator identity card information is consistent with an administrator face image or not through comparison, if the first comparison result information is that the comparison is passed, first identity card information reading equipment is informed to sign first information to be signed, the administrator signature information is obtained and sent to the background system server, and the first information to be signed at least comprises the administrator identity card information and administrator intelligent password key information; the method comprises the steps that an administrator terminal receives binding success notification information which is sent by a background system server and obtained by binding administrator intelligent password key information and a serial number of an intelligent lock after verifying and passing administrator signature information, and receives an application program of the intelligent lock and a first intelligent lock application certificate which are sent by the background system server; the administrator terminal sends the application program of the intelligent lock and the first intelligent lock application certificate to the administrator intelligent password key; an intelligent lock client of an administrator terminal acquires a visitor identity card registration request, the intelligent lock client displays prompt information for acquiring visitor identity card information, the administrator terminal receives the visitor identity card information and visitor facial image information, and the administrator terminal sends the visitor identity card information and the visitor facial image information to a background system server; the administrator terminal receives second comparison result information which is sent by the background system server and is obtained according to whether image information in the visitor identity card information is consistent with the face image of the visitor or not, if the second comparison result information is that comparison is passed, the administrator terminal is informed of signing the visitor identity card information by the intelligent password key, obtains visitor identity card signing information and sends the visitor identity card signing information to the background system server; the method comprises the steps that an administrator terminal receives a successful binding notification message which is sent by a background system server and obtained by binding visitor identity card information with a serial number of an intelligent lock after the visitor identity card signature information is verified and passes; the intelligent lock completes network connection, and an intelligent lock client of the visitor terminal is bound with the intelligent lock; the visitor terminal is connected with the second identity card information reading device and the visitor intelligent password key, an intelligent lock client of the visitor terminal obtains a registration request of the visitor intelligent password key, and the intelligent lock client displays prompt information for reading the identity card information; the second identity card information reading equipment reads the visitor identity card information and sends the visitor identity card information to the visitor terminal, and the visitor terminal at least sends the visitor identity card information and the serial number of the intelligent lock to the background system server; the visitor terminal receives second matching information which is sent by the background system server and is obtained according to the judgment whether the visitor identity card information is matched with the visitor identity card information bound with the intelligent lock or not, if the second matching information is successful, the visitor terminal obtains the image information of the face of the visitor and at least sends the image information of the face of the visitor to the background system server; the visitor terminal receives third comparison result information which is sent by the background system server and is obtained according to whether image information in the visitor identity card information is consistent with a visitor facial image or not through comparison, if the third comparison result information is that the comparison is passed, the visitor terminal informs second identity card information reading equipment to sign second information to be signed, visitor signature information is obtained and sent to the background system server, and the second information to be signed at least comprises the visitor identity card information and visitor intelligent password key information; the visitor terminal receives a binding success notification message which is sent by the background system server and obtained by binding visitor intelligent password key information with the serial number of the intelligent lock after verifying visitor signature information and passing the visitor signature information, and receives an application program of the intelligent lock and a second intelligent lock application certificate which are sent by the background system server; the visitor terminal sends the application program of the intelligent lock and the second intelligent lock application certificate to the visitor intelligent password key; and the visitor intelligent password key sends an unlocking request to the intelligent lock to complete unlocking operation.

In addition, the first identification card information reading device and the administrator intelligent password key are the same device.

In addition, the administrator intelligent password key is a safety device which is built in the administrator terminal; or the visitor intelligent password key is a safety device which is arranged in the administrator terminal; or, the administrator smart key is a security device built in the administrator terminal, and the visitor smart key is a security device built in the administrator terminal.

In addition, the second identification card information reading device and the visitor intelligent password key are the same device.

In addition, after receiving the successful binding notification message which is sent by the background server and obtained by binding the visitor identity card information with the sequence number of the intelligent lock, the administrator terminal further comprises the intelligent lock receiving the visitor identity card information sent by the visitor identity card and completing the unlocking operation.

Another object of the present invention is to provide an unlocking system for an intelligent lock, comprising: the intelligent lock comprises an intelligent lock, an administrator terminal, an administrator intelligent password key, a first identity card information reading device, a visitor terminal, a second identity card information reading device and a visitor intelligent password key; the intelligent lock is used for completing network connection and binding with an intelligent lock client of the administrator terminal; the intelligent lock system comprises an administrator terminal, an intelligent lock client and an intelligent lock client, wherein the administrator terminal is used for establishing connection with first identity card information reading equipment and an administrator intelligent password key; after receiving the administrator identity card information sent by the first identity card information reading device, at least sending the administrator identity card information and the serial number of the intelligent lock to a background system server; receiving first matching information which is sent by a background system server and is obtained according to the fact that whether the administrator identity card information is matched with the identity card information bound with the intelligent lock or not is judged, if the first matching information is matched successfully, the administrator terminal obtains the facial image information of the administrator by using a camera, and at least sends the facial image information of the administrator to the background system server; receiving first comparison result information which is sent by a background system server and is obtained according to the fact that whether image information in the administrator identity card information is consistent with an administrator face image or not through comparison, if the first comparison result information is that the comparison is passed, informing first identity card information reading equipment to sign information to be signed, obtaining administrator signature information and sending the administrator signature information to the background system server, wherein the information to be signed at least comprises the administrator identity card information and administrator intelligent password key information; receiving binding success notification information which is sent by a background system server and obtained by binding the intelligent password key information of the administrator with the serial number of the intelligent lock after the signature information of the administrator is verified and passes, and receiving an application program of the intelligent lock and a first intelligent lock application certificate which are sent by the background system server; sending an application program of the intelligent lock and a first intelligent lock application certificate to an administrator intelligent password key; an intelligent lock client of the administrator terminal receives a visitor identity card registration request, and the intelligent lock client displays prompt information for acquiring visitor identity card information; receiving visitor identity card information and visitor facial image information, and sending the visitor identity card information and the visitor facial image information to a background system server; receiving second comparison result information which is sent by a background system server and is obtained according to whether image information in the visitor identity card information is consistent with a face image of the visitor or not through comparison, if the second comparison result information is that the comparison is passed, informing an administrator of signing the visitor identity card information through an intelligent password key, receiving the visitor identity card signing information, and sending the visitor identity card signing information to the background system server; receiving successful binding notification information which is sent by a background system server and obtained by binding the visitor identity card information with the serial number of the intelligent lock after the visitor identity card signing information is verified and passes; the first identity card information reading equipment is used for reading the administrator identity card information and sending the administrator identity card information to the administrator terminal; receiving a notice of signing the information to be signed sent by the administrator terminal, signing the information to be signed to obtain administrator signature information and sending the administrator signature information to the administrator terminal; the intelligent password key of the administrator is used for receiving the application program of the intelligent lock and the first intelligent lock application certificate sent by the administrator terminal; receiving a notice of signing the visitor identity card information sent by the administrator terminal, signing the visitor identity card information to obtain visitor identity card signing information and sending the visitor identity card signing information to the administrator terminal; the intelligent lock is also used for being bound with an intelligent lock client of the visitor terminal; receiving an unlocking request sent by a visitor intelligent password key to the intelligent lock, and completing unlocking operation; the visitor terminal is used for establishing connection with the second identity card information reading device and the visitor intelligent password key, an intelligent lock client of the visitor terminal receives a registration request of the visitor intelligent password key, and the intelligent lock client displays prompt information for reading the identity card information; at least sending the visitor identity card information and the serial number of the intelligent lock to a background system server; receiving second matching information which is sent by a background system server and is obtained according to the judgment of whether the visitor identity card information is matched with the visitor identity card information bound with the intelligent lock or not, if the second matching information is matched successfully, obtaining the facial image information of the visitor by a visitor terminal, and at least sending the facial image information of the visitor to the background system server; receiving third comparison result information which is sent by the background system server and is obtained according to whether image information in the visitor identity card information is consistent with a face image of the visitor or not through comparison, if the third comparison result information is that the comparison is passed, notifying second identity card information reading equipment to sign second information to be signed, obtaining visitor signature information and sending the visitor signature information to the background system server, wherein the second information to be signed at least comprises the visitor identity card information and visitor intelligent password key information; receiving a binding success notification message which is sent by a background system server and obtained by binding the visitor intelligent password key information with the intelligent lock serial number after the visitor signature information is verified and passed, and receiving an application program of the intelligent lock and a second intelligent lock application certificate which are sent by the background system server; sending the application program of the intelligent lock and the second intelligent lock application certificate to the visitor intelligent password key; the second identity card information reading equipment is used for reading the identity card information of the visitor and sending the identity card information to the visitor terminal; receiving a notice of signing the second information to be signed sent by the visitor terminal, signing the second information to be signed to obtain visitor signature information, and sending the visitor signature information to the visitor terminal; the visitor intelligent password key is used for receiving an application program of the intelligent lock and a second intelligent lock application certificate sent by the visitor terminal; and sending an unlocking request to the intelligent lock.

In addition, after receiving the successful binding notification message which is sent by the background server and obtained by binding the visitor identity card information with the serial number of the intelligent lock, the administrator terminal is also used for receiving the visitor identity card information sent by the visitor identity card and completing the unlocking operation.

The intelligent lock unlocking method and the intelligent lock unlocking system provided by the invention can be seen that the administrator intelligent password key is authorized through the authorized administrator identity card, the visitor identity card is authorized through the authorized administrator intelligent password key, and the visitor intelligent password key is authorized through the authorized visitor identity card, so that when the administrator identity card has the authority of unlocking the intelligent lock, the authorized visitor intelligent password key obtains the unlocking authority, the visitor can use the intelligent password key to unlock the intelligent lock, the visitor identity card can also be used to unlock the intelligent lock, the administrator can also use the administrator identity card and the administrator intelligent password key to unlock the intelligent lock, on one hand, the authorization and the use of other intelligent lock users by the administrator are greatly facilitated, and on the other hand, the safety of the intelligent lock is improved.

Drawings

In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings needed to be used in the description of the embodiments are briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings based on the drawings without creative efforts.

Fig. 1 is a flowchart of an unlocking method of an intelligent lock according to embodiment 1 of the present invention;

fig. 2 is a schematic structural diagram of an intelligent lock unlocking system provided in embodiment 1 of the present invention.

Detailed Description

The technical solutions in the embodiments of the present invention are clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments of the present invention without making any creative effort, shall fall within the protection scope of the present invention.

In the description of the present invention, it is to be understood that the terms "center", "longitudinal", "lateral", "up", "down", "front", "back", "left", "right", "vertical", "horizontal", "top", "bottom", "inner", "outer", and the like, indicate orientations or positional relationships based on those shown in the drawings, and are used only for convenience in describing the present invention and for simplicity in description, and do not indicate or imply that the referenced devices or elements must have a particular orientation, be constructed and operated in a particular orientation, and thus, are not to be construed as limiting the present invention. Furthermore, the terms "first," "second," and the like are used for descriptive purposes only and are not to be construed as indicating or implying a relative importance or quantity or location.

In the description of the present invention, it should be noted that, unless otherwise explicitly specified or limited, the terms "mounted," "connected," and "connected" are to be construed broadly, e.g., as meaning either a fixed connection, a removable connection, or an integral connection; can be mechanically or electrically connected; they may be connected directly or indirectly through intervening media, or they may be interconnected between two elements. The specific meanings of the above terms in the present invention can be understood in specific cases to those skilled in the art.

Embodiments of the present invention will be described in further detail below with reference to the accompanying drawings.

Example 1

In this embodiment, the smart lock is a device that is installed on a door and can complete an unlocking operation through an identity card, a mobile phone shield and a smart password key; the intelligent password key can be a security device capable of realizing functions of encrypting data, signing and the like, such as USBKEY, U shield and the like; the administrator terminal and the visitor terminal can be devices such as smart phones, tablet computers and PCs, which can be provided with smart lock clients and can complete data communication in a WIFI (wireless fidelity) mode, a mobile communication network mode and the like; the intelligent lock client is a terminal application program which is installed on a terminal and can realize functions of unlocking the intelligent lock and the like.

Fig. 1 shows a flowchart of an intelligent lock unlocking method according to embodiment 1 of the present invention, and referring to fig. 1, the intelligent lock unlocking method according to embodiment 1 of the present invention includes the following steps:

step 101, an intelligent lock completes network connection, and an intelligent lock client of an administrator terminal is bound with the intelligent lock;

specifically, the intelligent lock can complete network connection in the following way: after the intelligent lock is powered on, receiving a reset instruction, and entering an interception mode; after the administrator terminal is connected with WIFI, an intelligent lock client of the administrator terminal receives an SSID (Service Set Identifier) and a password of the WIFI, and the administrator terminal sends a broadcast packet containing the SSID and the password through the WIFI; the intelligent lock receives the broadcast packet, extracts the SSID and the password, and is connected with the WIFI through the SSID and the password. After the intelligent lock completes network connection, the intelligent lock client side of the administrator terminal and the intelligent lock can be bound in the following mode: the intelligent lock client receives the serial number of the intelligent lock sent by the intelligent lock through the WIFI, and the intelligent lock client is bound with the intelligent lock in a mode of binding the serial number of the intelligent lock. The intelligent lock completes network connection, the intelligent lock is convenient to perform data interaction with other equipment, unlocking and other operations are completed, the intelligent lock client side of the administrator terminal is bound with the intelligent lock, the connection process of the intelligent lock client side and the intelligent lock when unlocking can be reduced, and the unlocking speed of the intelligent lock is improved.

In an optional implementation manner of this embodiment, after the smart lock completes network connection, the smart lock sends a networking notification to the background server, the smart lock receives a networking response sent by the background server, and the smart lock completes network connection with the background server. The intelligent lock and the background server are connected through a network, so that the intelligent lock can conveniently and safely interact data with the background server when the unlocking operation is completed, and the unlocking convenience of the intelligent lock is improved.

In an optional implementation manner of this embodiment, a secure channel may be established between the smart lock and the backend server to ensure security of data interaction, where the establishment of the secure channel may complete a session key agreement operation with the backend server through the smart lock to obtain a session key, so that the session key agreement may be implemented by encrypting using the session key when the smart lock and the backend server complete data interaction, and the session key agreement may be implemented in the following manner: the intelligent lock sends an intelligent lock device certificate to a background server, the background server verifies the intelligent lock device certificate, after the verification is passed, the background server generates a first random number, and sends a first random number ciphertext and the background server certificate to the intelligent lock; the intelligent lock receives the first random number and the background server certificate, verifies the background server certificate, generates a second random number after the verification is passed, encrypts the second random number by using a background server public key to obtain a second random number ciphertext, signs a data packet to be signed to obtain a signature data packet, wherein the data packet to be signed comprises the first random number and the second random number ciphertext, and sends the second random number ciphertext and the signature data packet to the background server; and the background server receives the second random number ciphertext and the signature data packet, checks the signature of the signature data packet, decrypts the second random number ciphertext by using a private key of the background server after the signature is checked to obtain a second random number, and uses the second random number as a session key of the communication data of the intelligent lock and the background server. Data interaction between the background server and the intelligent lock is encrypted by using the session key, so that the clear data can only be obtained by the server and the intelligent lock, and the communication safety is improved.

102, the administrator terminal is connected with the first identity card information reading device and the administrator intelligent password key, an intelligent lock client of the administrator terminal obtains a registration request of the administrator intelligent password key, and the intelligent lock client displays prompt information for reading identity card information.

In this embodiment, the first id card information reading device is a legal device trusted by the backend server, and for example, may be a device produced or issued by a manager or an associated provider of the backend server, or a device verified by the backend server, and the backend server is configured to distrust data sent by other illegal devices, so that while the authenticity of information is guaranteed, the backend server is prevented from being attacked by the illegal devices, and loss is caused.

In this embodiment, the connection between the administrator terminal and the first identification card information reading device and the administrator smart key may be established through a wired connection (for example, through a USB interface, an audio interface, and the like), or through a wireless connection (for example, through an infrared, bluetooth, NFC, and the like). The registration request of the administrator smart key may include identity information such as a serial number of the administrator smart key. The request for obtaining the registration of the administrator intelligent password key by the intelligent lock client may be: the method comprises the following steps that an administrator directly initiates a registration process on an intelligent lock client, the intelligent lock client generates a registration request, and the registration request is generated inside the intelligent lock client, so that the safety of the intelligent lock client is improved, and the intelligent lock client is prevented from receiving illegal information; or after the administrator selects the registration operation on the administrator intelligent password key, the administrator intelligent password key generates a registration request and sends the registration request to the intelligent lock client, and the administrator intelligent password key can synchronously enter a registration mode, so that the manual operation of the administrator is reduced.

103, the first identity card information reading device reads the administrator identity card information and sends the administrator identity card information to the administrator terminal, and the administrator terminal at least sends the administrator identity card information and the serial number of the intelligent lock to a background server.

Specifically, the serial number of the intelligent lock can be acquired and stored by the administrator terminal when the client of the administrator terminal is bound with the intelligent lock, so that the serial number of the intelligent lock is prevented from being acquired for many times, and the data interaction efficiency is improved.

And 104, the administrator terminal receives first matching information which is sent by the background server and is obtained according to the judgment of whether the administrator identity card information is matched with the identity card information bound with the intelligent lock, if the first matching information is matched successfully, the administrator terminal obtains administrator face image information by using a camera, and at least sends the administrator face image information to the background server.

In an optional implementation manner of this embodiment, the administrator identification card information may be directly stored in the backend server by the administrator of the backend server at any time before step 104, which ensures that the administrator may have the highest authority to manage the intelligent lock based on the identification card information of the administrator, so that the administrator completes subsequent operations.

In an optional implementation manner of this embodiment, if the first identification card information reading device includes the SAM module, the backend server does not need to process the administrator identification card information sent by the first identification card information reading device, and can complete the matching operation.

And 105, the administrator terminal receives first comparison result information which is sent by the background server and is obtained according to whether image information in the administrator identity card information is consistent with the administrator face image or not through comparison, if the first comparison result information is passed through comparison, the first identity card information reading device is informed to sign information to be signed, administrator signature information is obtained and sent to the background server, and the information to be signed at least comprises the administrator identity card information and administrator intelligent password key information.

In this embodiment, the background server compares that the image information in the administrator identification card information is consistent with the administrator facial image information, and can determine that the administrator identification card is used by the administrator, so that the use safety of the intelligent lock is further improved, and the security risk caused by the fact that other people steal the administrator identification card to authorize other equipment is prevented. The first comparison result information is received at the administrator terminal, the first comparison result information is passed through comparison, the first identity card information reading device is informed to sign the information to be signed after the administrator identity card is determined to be used by the administrator, the signing operation is guaranteed to be operation agreed by the administrator, the operation is not illegal operation of other people, and safety is improved.

106, the administrator terminal receives a binding success notification message which is sent by the background server and obtained by binding the administrator intelligent password key information with the serial number of the intelligent lock after the administrator signature message is verified and passes, and receives an application program of the intelligent lock and a first intelligent lock application certificate which are sent by the background server; and the administrator terminal sends the application program of the intelligent lock and the first intelligent lock application certificate to the administrator intelligent password key.

In this embodiment, the background server prestores a public key of the first identification card information reading device, and the background server can verify the administrator signature information by using the public key, and if the administrator signature information passes verification, it is determined that the administrator signature information is trusted data read and sent by the first identification card information reading device, so that the security of the intelligent lock and the safety of the background server are guaranteed. The backstage supporter server is binding administrator's intelligent password key information and the serial number of intelligent lock after examining the sign and passing, and when being convenient for follow-up use administrator's intelligent password key to carry out the operation of unblanking, backstage supporter server judges whether this intelligent password key has the authority to open the intelligent lock.

In this embodiment, the application program of the smart lock and the first smart lock application certificate are issued to the administrator smart key by the backend server, and the administrator smart key can use the smart lock application program and the independent smart lock application certificate to complete the unlocking operation of the smart lock, so that the use of other application programs of the administrator smart key and the security of the certificate are not affected.

In this embodiment, before issuing the application program of the smart lock and the first smart lock application certificate to the background server, the method further includes the following steps: the intelligent lock application public key and the intelligent lock application private key pair are generated inside the administrator intelligent password key, the administrator intelligent password key sends the intelligent lock application public key to an administrator terminal, the administrator terminal sends the intelligent lock application public key to a background server, and the first intelligent lock application certificate is a certificate which is generated by the background server and contains the intelligent lock application public key. For example, in step 102, after the administrator client generates the registration request, the administrator terminal sends a key generation instruction to the administrator intelligent cryptographic key, the administrator intelligent cryptographic key receives the key generation instruction, internally generates an intelligent lock application public key and an intelligent lock application private key pair, and sends the intelligent lock application public key to the administrator terminal, or after the administrator selects the registration operation on the administrator intelligent cryptographic key, the administrator intelligent cryptographic key generates the registration request, the intelligent lock application public key and the intelligent lock application private key pair, and the administrator intelligent cryptographic key sends the registration request and the intelligent lock application public key to the administrator terminal. The operation of sending the received intelligent lock application public key to the background server by the administrator terminal can be realized in any step of data interaction between the administrator terminal and the background server, for example: in step 103, the administrator terminal sends at least the administrator identification card information, the serial number of the intelligent lock and the intelligent lock application public key to a background server; or in step 104, the administrator terminal sends at least the administrator facial image information and the public key generated by the intelligent password key to the background server; the administrator terminal may also send the administrator signature information and the public key generated by the smart key to the background server in step 105. The intelligent lock application private key is not exported or imported by other equipment, so that the absolute safety of the intelligent lock application private key is guaranteed, and the safety of the intelligent lock is improved.

In an optional implementation manner of this embodiment, after the administrator smart code key receives the application program of the smart lock and the first smart lock application certificate, the administrator may use the administrator smart code key to complete the unlocking operation: the intelligent lock generates a random number and sends the random number to the intelligent password key of the administrator after receiving the unlocking request; the administrator intelligent password key signs the random number by using a corresponding private key of the first intelligent lock certificate to obtain signature data, and the signature data and the first intelligent lock certificate are sent to the intelligent lock; the intelligent lock verifies the first intelligent lock certificate by using a preset root certificate, and after the verification is passed, the signature verification is carried out on the signature data by using a public key; and after the verification passes, generating a log and completing unlocking operation. The administrator uses the administrator intelligent password key to complete the unlocking operation, and the method has better safety and convenience.

In an optional implementation manner of this embodiment, the first identification card information reading device and the administrator smart key are the same device, that is, the administrator smart key has a function of reading identification card information, and is a legal device trusted by the backend server, and after being bound by the backend server with the smart lock and obtaining the application program of the smart lock and the first smart lock application certificate issued by the backend server, the administrator smart key has a function of unlocking the smart lock. When the first identity card information reading device and the administrator intelligent password key are the same device, the administrator terminal only needs to be connected with one device and interact with the device, the operation of reading the administrator identity card information and registering the administrator intelligent password key can be completed, and the operation of the administrator is simple.

And 107, the intelligent lock client of the administrator terminal acquires a visitor identity card registration request, the intelligent lock client displays prompt information for acquiring visitor identity card information, the administrator terminal receives the visitor identity card information and the visitor facial image information, and the administrator terminal sends the visitor identity card information and the visitor facial image information to the background server.

In an optional implementation manner of the embodiment, the method for receiving the visitor identification card information and the visitor facial image information by the administrator terminal may include the following two types: in the first mode, the visitor sends visitor identity card information and visitor facial image information through remote equipment; and in the second mode, the administrator terminal is connected with the identity card information reading equipment, the identity card information reading equipment reads the visitor identity card information of the visitor identity card and sends the visitor identity card information to the administrator terminal, and the administrator terminal uses the camera of the administrator terminal to read the facial image information of the visitor. In the two modes, the first mode is adopted, so that an administrator can conveniently use the administrator terminal to remotely authorize the visitor identity card, and the operation is easy; and in the second mode, the administrator can conveniently find the safety problems such as the impersonation of the identity of the visitor in time, and the safety is higher. In this optional embodiment, the device for reading the visitor identity card information connected to the remote device in the first mode and the identity card information reading device in the second mode both should be a legal device trusted by the background server, for example, the legal device may be a device produced or issued by a manager or an affiliate of the background server, and the background server is set to distrust data sent by other illegal devices, so that the background server is prevented from being attacked by the illegal devices and causing loss while the authenticity of the information is guaranteed. In above-mentioned optional implementation, ID card information reading equipment and administrator's intelligent password key can be same equipment, namely, administrator's intelligent password key possesses the function of reading ID card information, and for the equipment that the completion registered that backstage server trusts binds with the smart lock, the administrator can use administrator's intelligent password key to read visitor's ID card information promptly, when ID card information reading equipment and administrator's intelligent password key are same equipment, administrator's terminal only need be connected with an equipment and mutual, can accomplish visitor's ID card information and read and for visitor's ID card operation of registering, administrator's easy operation, it is safer.

In the embodiment, the intelligent lock client of the administrator terminal acquires the visitor identity card registration request, which can be that an administrator or a visitor directly initiates a registration process at the intelligent lock client of the administrator terminal, the intelligent lock client generates the identity card registration request, and the registration request is generated inside the intelligent lock client, so that the safety of the intelligent lock client is improved, and the intelligent lock client is prevented from receiving illegal information; or under the condition that the identity card information reading device is connected with the administrator terminal, the administrator or the visitor directly operates on the identity card information reading device to initiate the registration process, and initiates the registration process on the identity card information reading device, so that the identity card information reading device can conveniently enter the registration state, and the operation process and the device interaction time of the administrator or the visitor are reduced.

And step 108, the administrator terminal receives second comparison result information which is sent by the background server and is obtained according to whether the image information in the visitor identity card information is consistent with the face image of the visitor or not through comparison, if the second comparison result information is that the comparison is passed, the administrator terminal is informed that the intelligent password key signs the visitor identity card information, and the administrator terminal obtains visitor identity card signing information and sends the visitor identity card signing information to the background server.

In this embodiment, the image information that the backstage server compared in visitor's ID card information is unanimous with visitor's facial image information, can confirm that visitor's ID card is used by visitor's self, has further improved the security that the intelligence lock used, prevents that other people from embezzleing the security risk that authorizes the cause for this ID card behind the visitor's ID card. And receiving second comparison result information at the administrator terminal, wherein the second comparison result information is compared and passed, and after determining that the visitor identity card is used by the visitor, informing the administrator of signing the visitor identity card information by the intelligent password key, thereby further improving the safety.

And step 109, the administrator terminal receives a binding success notification message which is obtained by binding the visitor identity card information and the sequence number of the intelligent lock after the visitor identity card signature information sent by the background server is verified and passes.

In this embodiment, since the background server stores the public key of the administrator's smart key, the background server can use the public key to verify the guest id card signing information, and if the guest id card signing information passes the verification, it is determined that the guest id card signing information is the trusted data read and sent by the administrator's smart key, and the administrator himself confirms the registration request for the guest id card, thereby avoiding the possibility that the background server performs the registration operation on the id card which is not authorized by the administrator, and improving the security of the smart lock and the security of the background server. The backstage supporter server is after checking the sign and passing, bind visitor's ID card information and the serial number of intelligent lock, when the intelligent lock is in the networking mode, the backstage supporter server is through judging whether the ID card information that receives belongs to the ID card information that has bound with the serial number of intelligent lock, decide whether inform the intelligent lock and accomplish the operation of unblanking, also can be for the intelligent lock update contain rather than the list of accomplishing the ID card information of binding, when making the intelligent lock use off-line, can judge whether the ID card information that it read is in this list, thereby judge whether to accomplish the operation of unblanking. The background server binds the visitor identity card information with the serial number of the intelligent lock, and the unlocking convenience of the intelligent lock is improved.

In an optional implementation manner of this embodiment, after the server in the background completes binding the visitor identity card information and the serial number of the smart lock, and after the smart lock completes sending the networking notification to the background server through the access network, a networking response sent by the background server is received, where the networking response includes a list (white list) of the identity card information of the administrator or the visitor that completes binding with the smart lock. In the use of intelligence lock, if the intelligence lock does not insert the network, can be through judging whether the visitor's ID card information that the intelligence lock read is in this white list, if yes, accomplish the operation of unblanking. For example, when the smart lock is not connected to the network, the unlocking may be configured to be completed by: the intelligent lock sends a card searching instruction to the visitor identity card; receiving a card searching instruction response sent by the visitor identity card; the intelligent lock sends a card reading instruction to the visitor identity card; receiving identity card information sent by a visitor identity card; the intelligent lock judges whether the identity card information is in a white list or not, and if so, unlocking operation is completed. In this optional implementation mode, will at the background server visitor's ID card information with the back is bound to the serial number of intelligence lock, and the visitor uses visitor's ID card to unblank, and the operation of unblanking is more convenient simple.

Step 110, the intelligent lock completes network connection, and an intelligent lock client of the visitor terminal is bound with the intelligent lock;

as an optional implementation manner of this embodiment, after the smart lock completes network connection, the smart lock client of the guest terminal is bound with the smart lock in the following manner: the intelligent lock client of the visitor terminal receives the serial number of the intelligent lock sent by the intelligent lock through the WIFI, and the intelligent lock client is bound with the intelligent lock in a mode of binding the serial number of the intelligent lock. The intelligent lock client side of the visitor terminal is bound with the intelligent lock, so that the connection process between the intelligent lock client side and the intelligent lock when the intelligent lock client side is unlocked can be reduced, and the unlocking speed of the intelligent lock is improved.

And step 111, the visitor terminal is connected with the second identity card information reading device and the visitor intelligent password key, the intelligent lock client of the visitor terminal acquires the registration request of the visitor intelligent password key, and the intelligent lock client displays the prompt information for reading the identity card information.

In this embodiment, the second identification card information reading device is a legal device trusted by the backend server, and may be, for example, a device produced or issued by a manager or an associated provider of the backend server, and the backend server is configured to distrust data sent by other illegal devices, so that the authenticity of information is guaranteed, and the backend server is prevented from being attacked by the illegal devices, which causes loss.

In this embodiment, the connection between the visitor terminal and the second id card information reading device and the visitor smart key may be established through a wired connection (for example, through a USB interface, an audio interface, etc.), or through a wireless connection (for example, through an infrared, bluetooth, NFC, etc.). The registration request of the visitor intelligent password key comprises identity information such as a serial number of the visitor intelligent password key. The smart lock client receives a registration request of the visitor smart key, which may be: the visitor directly initiates a registration process on the intelligent lock client, the intelligent lock client generates a registration request, and the registration request is generated inside the intelligent lock client, so that the safety of the intelligent lock client is improved, and the intelligent lock client is prevented from receiving illegal information; or after the visitor selects the registration operation on the visitor intelligent password key, the visitor intelligent password key generates a registration request and sends the registration request to the intelligent lock client, and the visitor intelligent password key can synchronously enter a registration mode, so that the manual operation of the visitor is reduced.

And step 112, the second identity card information reading device reads the visitor identity card information and sends the visitor identity card information to the visitor terminal, and the visitor terminal at least sends the visitor identity card information and the sequence number of the intelligent lock to the background server.

Specifically, the serial number of the intelligent lock can be acquired and stored by the visitor terminal when the client of the visitor terminal is bound with the intelligent lock, so that the serial number of the intelligent lock is prevented from being acquired for many times, and the data interaction efficiency is improved.

And 113, the visitor terminal receives second matching information which is sent by the background server and is obtained according to the judgment of whether the visitor identity card information is matched with the visitor identity card information bound with the intelligent lock, if the second matching information is matched successfully, the visitor terminal acquires the facial image information of the visitor by using a camera and at least sends the facial image information of the visitor to the background server.

In an optional implementation manner of this embodiment, if the second identification card information reading device includes the SAM module, the background server processes the visitor identification card information sent by the second identification card information reading device, so as to complete the matching operation, and if the second identification card information reading device does not include the SAM module, the background server needs to include the SAM module, and after the SAM module is used to decrypt the visitor identification card information, the matching operation is completed.

And step 114, the visitor terminal receives third comparison result information which is sent by the background server and is obtained according to whether the image information in the visitor identity card information is consistent with the face image of the visitor or not through comparison, if the third comparison result information is that the comparison is passed, the visitor terminal informs the second identity card information reading equipment to sign the information to be signed, so that visitor signature information is obtained and sent to the background server, and the information to be signed at least comprises the visitor identity card information and the visitor intelligent password key information.

In this embodiment, the image information that the backstage server compared in visitor's ID card information is unanimous with visitor's facial image information, can ensure that the ID card that is the visitor uses by visitor's self, has further improved the security that the intelligence lock used, prevents that other people from embezzled the safety risk that visitor's ID card authorized and cause for other equipment. And the third comparison result information is received at the visitor terminal, and the third comparison result information is compared and passed, after the visitor identity card is determined to be used by the visitor, the second identity card information reading device is informed to sign the information to be signed, so that the signature operation is ensured to be agreed by the visitor and not be illegal operation of other people, and the safety is improved.

Step 115, the visitor terminal receives a binding success notification message which is sent by the background server and obtained by binding the visitor intelligent password key information with the serial number of the intelligent lock after the visitor signature information is verified and passed, and receives the application program of the intelligent lock and a second intelligent lock application certificate which are sent by the background server; and the visitor terminal sends the application program of the intelligent lock and the second intelligent lock application certificate to the visitor intelligent password key.

In this embodiment, the background server prestores a public key of the second identification card information reading device, the background server can verify the visitor signature information by using the public key, and if the visitor signature information passes verification, the visitor signature information is trusted data read and sent by the second identification card information reading device, so that the security of the intelligent lock and the safety of the background server are guaranteed. After the verification is passed, the background server binds the information of the visitor intelligent password key with the serial number of the intelligent lock, and when the subsequent use of the visitor intelligent password key for unlocking is facilitated, the background server judges whether the intelligent password key has the authority to open the intelligent lock.

In this embodiment, the background server issues the application program of the smart lock and the second smart lock application certificate to the smart key of the visitor, and the smart key of the visitor can use the smart lock application program and the independent smart lock application certificate to complete the unlocking operation of the smart lock, so that the use of other application programs of the smart key of the visitor and the security of the certificate are not affected.

In this embodiment, before issuing the application program of the smart lock and the second smart lock application certificate to the background server, the method further includes the following steps: the intelligent lock application public key and the intelligent lock application private key pair are generated inside the visitor intelligent password key, the visitor intelligent password key sends the intelligent lock application public key to the visitor terminal, and the visitor terminal sends the intelligent lock application public key to the background server. The intelligent lock application certificate is a certificate which is generated by the background server and contains an intelligent lock application public key. For example, in step 111, after a guest client generates a registration request, the guest terminal sends a key generation instruction to the guest smart key, the guest smart key receives the key generation instruction, internally generates a smart lock application public key and a smart lock application private key pair, and sends the smart lock application public key to the guest terminal, or after the guest selects a registration operation on the guest smart key, the guest smart key generates the registration request, the smart lock application public key and the smart lock application private key pair, and the guest smart key sends the registration request and the smart lock application public key to the guest terminal. The operation that the visitor terminal sends the received intelligent lock application public key to the background server can be realized in any step of data interaction between the visitor terminal and the background server, for example: the visitor terminal may send at least the visitor identity card information, the serial number of the smart lock, and the smart lock application public key to a background server in step 112; or in step 113, the visitor terminal sends at least the visitor facial image information and the public key generated by the smart key to the background server; the guest terminal may also send the guest signature information and the public key generated by the smart key to the background server in step 114. The visitor intelligent password key is adopted to generate the intelligent lock application public key and the intelligent lock application private key pair in the visitor intelligent password key and send the public key and the intelligent lock application private key pair out, the intelligent lock application private key is not exported, and the secret key is not imported by other equipment, so that the absolute safety of the intelligent lock application private key is guaranteed, and the safety of the intelligent lock is improved.

And step 116, the visitor intelligent password key sends an unlocking request to the intelligent lock to complete the unlocking operation.

As an optional implementation manner of this embodiment, when the smart lock accesses the WIFI network, the visitor smart password key may complete the unlocking operation in the following manner: the visitor intelligent password key sends an unlocking request to the intelligent lock, the intelligent lock receives the unlocking request and sends the unlocking request to the background server, and the background server generates a random number and sends the random number to the visitor intelligent password key through the intelligent lock; the visitor intelligent password key signs the random number by using the intelligent lock application private key corresponding to the second intelligent lock certificate to obtain signature data, and the signature data are sent to the intelligent lock; the smart lock receives the signature data and sends the signature data to the background server, and the background server applies a public key to the smart lock using the visitor smart password key to verify the signature of the signature data; and after the verification is passed, the intelligent lock is informed to generate an unlocking log and the unlocking operation is completed.

As an optional implementation manner of this embodiment, when the smart lock does not access the WIFI network, the visitor smart key may complete the unlocking operation in the following manner: the visitor intelligent password key sends an unlocking request to the intelligent lock, and the intelligent lock generates a random number after receiving the unlocking request and sends the random number to the visitor intelligent password key; the visitor intelligent password key signs the random number by using the intelligent lock application private key corresponding to the second intelligent lock certificate to obtain signature data, and the signature data and the second intelligent lock certificate are sent to the intelligent lock; the intelligent lock verifies the second intelligent lock certificate by using a preset root certificate, and after the verification is passed, the intelligent lock application public key in the second intelligent lock certificate is used for verifying the signature of the signature data; and after the verification passes, generating an unlocking log and completing unlocking operation.

In an optional implementation manner of this embodiment, the administrator intelligent password key and/or the visitor intelligent password key are/is respectively embedded in the security equipment of administrator terminal and visitor terminal, and the unlocking operation of the intelligent lock can be completed only by the portable terminal, so that the intelligent lock is more convenient to unlock.

In an optional implementation manner of this embodiment, the second identification card information reading device and the guest smart key are the same device, that is, the guest smart key has a function of reading identification card information, and is a legal device trusted by the background server, and the guest smart key can bind its serial number with the smart lock by the background server, and has a function of unlocking the smart lock after obtaining the application program of the smart lock and the second smart lock application certificate issued by the background server. When the second identity card information reading device and the visitor intelligent password key are the same device, the visitor terminal only needs to be connected with and interacted with one device, the visitor identity card information reading and the visitor intelligent password key registering operation can be completed, and the operation is simple.

In an optional implementation manner of this embodiment, in a case where the smart lock accesses the network, the manager of the smart lock may set an unlocking process that the security is higher and the unlocking process is performed by using the id card, which is described below by taking a visitor as an example: the intelligent lock sends a card searching instruction to the visitor identity card; receiving a card searching instruction response sent by the visitor identity card; the intelligent lock sends an intelligent lock preset certificate to a background server; the background server verifies the intelligent lock threshold certificate; after the verification is passed, generating a first random number, and sending the first random number and the background server certificate to the intelligent lock; the intelligent lock verifies the background server certificate; after the verification is passed, generating a second random number, and encrypting the second random number by using a public key of the background server to obtain a second random number ciphertext; the intelligent lock signs the second random number ciphertext and the first random number to obtain signature data, and sends the signature data and the second random number ciphertext to the background server; the background server checks the signature data; if the signature verification passes, decrypting the second random number ciphertext by using a background server private key to obtain a second random number; the background server encrypts the certificate reading instruction by using a second random number to obtain a certificate reading instruction ciphertext and sends the certificate reading instruction ciphertext to the intelligent lock; the intelligent lock decrypts the certificate reading instruction ciphertext by using the second random number to obtain a certificate reading instruction and sends the certificate reading instruction to the visitor identity card; the visitor identity card sends the first visitor identity card data to the intelligent lock; the intelligent lock encrypts the first visitor identity card data by using a second random number to obtain a first visitor identity card data ciphertext and sends the first visitor identity card data ciphertext to the background server, wherein the first identity card data can be information such as an identity card DN (the DN is a card body management number, namely a serial number of a special integrated circuit for storing the certificate and a serial number of the certificate card); the background server receives the first visitor identity card data ciphertext, decrypts the first visitor identity card data ciphertext by using the second random number to obtain first visitor identity card information, encrypts the first visitor identity card information by using the second random number to obtain the first visitor identity card information ciphertext and sends the first visitor identity card information ciphertext to the intelligent lock; the intelligent lock receives and decrypts the first visitor identity card information ciphertext to obtain first visitor identity card information and sends the first visitor identity card information to the visitor identity card; the visitor identity card receives and verifies the information of the first visitor identity card, and if the verification is passed, second visitor identity card data are sent to the intelligent lock; the intelligent lock receives the second visitor identity card data and encrypts the second visitor identity card data by using a second random number to obtain a second visitor identity card data ciphertext and sends the second visitor identity card data ciphertext to the background server; the background server receives the second visitor identity card data ciphertext and decrypts the second visitor identity card data ciphertext by using a second random number to obtain second visitor identity card information, encrypts the second visitor identity card information by using the second random number to obtain a second visitor identity card information ciphertext and sends the second visitor identity card information ciphertext to the intelligent lock; the intelligent lock receives the second visitor identity card information ciphertext and decrypts the second visitor identity card information by using a second random number to obtain second visitor identity card information, and judges whether the second visitor identity card information is matched with the identity card information which is bound with the intelligent lock; and if the matching is carried out, the unlocking operation is finished. When the intelligent lock is connected to the network, unlocking is completed by adopting the unlocking mode, the safety is higher, and the condition that the newly bound identity card or the intelligent password key cannot be unlocked due to untimely updating can be avoided.

According to the intelligent lock unlocking method provided by the embodiment, the administrator intelligent password key is authorized through the authorized administrator identity card, the visitor identity card is authorized through the authorized administrator intelligent password key, the visitor intelligent password key is authorized through the authorized visitor identity card, when the administrator identity card has the authority of unlocking the intelligent lock, the authorized visitor intelligent password key obtains unlocking authority, the visitor can use the identity card or the intelligent password key to unlock the intelligent lock, the administrator can also use the administrator identity card and the administrator intelligent password key to unlock the intelligent lock, on one hand, the administrator can greatly facilitate the authorization and the use of other intelligent lock users, and on the other hand, the safety of the intelligent lock is improved.

Example 2

The embodiment provides an intelligent lock unlocking system, which corresponds to the intelligent lock unlocking method provided by embodiment 1 one to one, and the same parts are not repeated and only briefly described.

Fig. 2 is a schematic structural diagram of an intelligent lock unlocking system provided in this embodiment, and as shown in fig. 2, the intelligent lock unlocking system includes an intelligent lock 201, an administrator terminal 202, a first identification card information reading device 203, an administrator intelligent password key 204, a guest terminal 205, a second identification card information reading device 206, and a guest intelligent password key 207, where:

the intelligent lock 201 is used for completing network connection and binding with an intelligent lock client of the administrator terminal 202;

the administrator terminal 202 is configured to establish connection with the first identification card information reading device 203 and the administrator intelligent password key 204, an intelligent lock client of the administrator terminal 202 obtains a registration request of the administrator intelligent password key 204, and the intelligent lock client displays prompt information for reading the identification card information; after receiving the administrator identification card information sent by the first identification card information reading 203 device, sending at least the administrator identification card information and the serial number of the smart lock 201 to a background server; receiving first matching information which is sent by the background server and is obtained according to the judgment of whether the administrator identity card information is matched with the identity card information bound with the intelligent lock 201, if the first matching information is successful, the administrator terminal 202 acquires administrator facial image information by using a camera, and at least sends the administrator facial image information to the background server; receiving first comparison result information which is sent by the background server and is obtained according to whether image information in the administrator identity card information is consistent with the administrator face image or not through comparison, if the first comparison result information is that the comparison is passed, informing the first identity card information reading device 203 to sign information to be signed, obtaining administrator signature information and sending the administrator signature information to the background server, wherein the information to be signed at least comprises the administrator identity card information and administrator intelligent password key information; receiving binding success notification information which is sent by the background server and obtained by binding the administrator intelligent password key information with the serial number of the intelligent lock after the administrator signature information is verified and passes, and receiving an application program of the intelligent lock and a first intelligent lock application certificate which are sent by the background server; sending an application of a smart lock and the first smart lock application certificate to the administrator smart key 204; an intelligent lock client of the administrator terminal 202 acquires a visitor identity card registration request, and the intelligent lock client displays prompt information for acquiring visitor identity card information; receiving visitor identity card information and visitor facial image information, and sending the visitor identity card information and the visitor facial image information to the background server; receiving second comparison result information which is sent by the background server and is obtained according to whether image information in the visitor identity card information is consistent with the visitor facial image or not through comparison, if the second comparison result information is that the comparison is passed, informing the administrator of signing the visitor identity card information through the intelligent password key 204, receiving visitor identity card signing information, and sending the visitor identity card signing information to the background server; receiving a successful binding notification message which is sent by the background server and obtained by binding the visitor identity card information with the serial number of the intelligent lock after the visitor identity card signing information is verified and passes through;

the first identification card information reading device 203 is configured to read the administrator identification card information and send the administrator identification card information to the administrator terminal 202; receiving a notification of signing the information to be signed sent by the administrator terminal 202, signing the information to be signed, obtaining the administrator signature information, and sending the administrator signature information to the administrator terminal 202;

the administrator intelligent password key 204 is configured to receive the application program of the intelligent lock and the first intelligent lock application certificate sent by the administrator terminal 202; receiving a notification sent by the administrator terminal 202 to sign the visitor identity card information, signing the visitor identity card information to obtain visitor identity card signing information, and sending the visitor identity card signing information to the administrator terminal 202;

the smart lock 201 is further configured to bind with a smart lock client of the guest terminal 205 after completing network connection; receiving an unlocking 201 request sent by the visitor intelligent password key 207 to the intelligent lock, and completing unlocking operation;

the visitor terminal 205 is configured to establish a connection with the second identification card information reading device 206 and the visitor smart password key 207, an intelligent lock client of the visitor terminal 205 obtains a registration request of the visitor smart password key 207, and the intelligent lock client displays prompt information for reading the identification card information; at least sending the visitor identity card information and the serial number of the intelligent lock to the background server; receiving second matching information which is sent by the background server and is obtained according to the judgment of whether the visitor identity card information is matched with the visitor identity card information bound with the intelligent lock 201, if the second matching information is successful, obtaining the facial image information of the visitor by the visitor terminal 205, and at least sending the facial image information of the visitor to the background server; receiving third comparison result information which is sent by the background server and is obtained according to whether image information in the visitor identity card information is consistent with the visitor facial image or not through comparison, if the third comparison result information is that the comparison is passed, informing the second identity card information reading equipment to sign second information to be signed to obtain visitor signature information and sending the visitor signature information to the background server, wherein the second information to be signed at least comprises the visitor identity card information and visitor intelligent password key information; receiving a binding success notification message which is sent by the background server and obtained by binding the visitor smart key information 207 with the serial number of the smart lock 201 after the visitor signature information is verified and passed, and receiving an application program of the smart lock 201 and a second smart lock application certificate which are sent by the background server; sending the smart lock application and the second smart lock application certificate to the guest smart key 207;

the second identification card information reading device 206 is configured to read the visitor identification card information and send the visitor identification card information to the visitor terminal 205; receiving a notification sent by the visitor terminal 205 to sign the second information to be signed, signing the second information to be signed to obtain the visitor signature information, and sending the visitor signature information to the visitor terminal 205;

the guest smart password key 207 is configured to receive the smart lock application program and the second smart lock application certificate sent by the guest terminal 205; and sending an unlocking request to the intelligent lock 201.

In an optional implementation manner of this embodiment, the first identification card information reading device 203 and the administrator smart key 204 are the same device, that is, the administrator smart key 204 has a function of reading identification card information, and is a legal device trusted by the backend server, and after being bound by the backend server with the smart lock and obtaining the application program of the smart lock 201 and the first smart lock application certificate issued by the backend server, the first identification card information reading device has a function of unlocking the smart lock 201. When the first identification card information reading device 203 and the administrator intelligent password key 204 are the same device, the administrator terminal 202 only needs to be connected with and interact with one device, so that the operation of reading the administrator identification card information and registering for the administrator intelligent password key 204 can be completed, and the operation of the administrator is simple.

In an optional implementation manner of this embodiment, the administrator smart key 204 and/or the visitor smart key 207 are security devices respectively embedded in the administrator terminal 202 and the visitor terminal 205, and the administrator and the visitor can complete the unlocking operation of the smart lock 201 only by carrying the terminals, so that the smart lock 201 is more convenient to unlock.

In an optional implementation manner of this embodiment, the second identification card information reading device 206 and the guest smart key 207 are the same device, that is, the guest smart key 207 has a function of reading identification card information, and is a legal device trusted by the backend server, and may have a function of unlocking the smart lock 201 after being bound with the smart lock 201 by the backend server and obtaining the application program of the smart lock 201 and the second smart lock application certificate issued by the backend server. When the second identification card information reading device 206 and the visitor smart key 207 are the same device, the visitor terminal 205 only needs to be connected and interacted with one device, so that the visitor identification card information reading and the operation of registering for the visitor smart key 207 can be completed, and the visitor operation is simple.

In an optional implementation manner of this embodiment, after the server completes binding the visitor identity card information with the serial number of the smart lock 201, when the smart lock 201 completes accessing the network, a networking response sent by the background server is received, where the networking response includes a list (white list) of the identity card information of the administrator or the visitor that completes binding with the smart lock 201. In the using process of the intelligent lock 201, if the intelligent lock 201 is not connected to the network, the unlocking operation can be completed by judging whether the identity card information of the visitor identity card read by the intelligent lock 201 is in the white list or not, and if so, completing the unlocking operation. For example, when the smart lock 201 does not access the network, it may be set to unlock by: the intelligent lock 201 sends a card searching instruction to the visitor identity card; receiving a card searching instruction response sent by the visitor identity card; the intelligent lock 201 sends a card reading instruction to the visitor identity card; receiving identity card information sent by a visitor identity card; the intelligent lock 201 judges whether the information of the identity card is in a white list or not, and if so, the unlocking operation is completed. In this optional implementation, the visitor uses the visitor identity card to unlock after the visitor identity card information is bound with the serial number of the intelligent lock 201 at the background server, and the unlocking operation is more convenient and simple.

Through the intelligent lock unlocking system provided by the embodiment, the administrator intelligent password key 204 is authorized through the authorized administrator identity card, the visitor identity card is authorized through the authorized administrator intelligent password key 204, the visitor intelligent password key 207 is authorized through the authorized visitor identity card, when the administrator identity card has the authority to open the intelligent lock 201, the authorized visitor intelligent password key 207 obtains the unlocking authority, the purpose that the visitor can use the identity card or the visitor intelligent password key 207 to open the intelligent lock is achieved, the administrator can also use the administrator identity card and the administrator intelligent password key 204 to open the intelligent lock 201 is achieved, on one hand, the administrator can greatly facilitate the authorization and the use of other intelligent lock 201 users, on the other hand, the safety of the intelligent lock 201 is improved.

Any process or method descriptions in flow charts or otherwise described herein may be understood as representing modules, segments, or portions of code which include one or more executable instructions for implementing specific logical functions or steps of the process, and alternate implementations are included within the scope of the preferred embodiment of the present invention in which functions may be executed out of order from that shown or discussed, including substantially concurrently or in reverse order, depending on the functionality involved, as would be understood by those reasonably skilled in the art of the present invention.

It should be understood that portions of the present invention may be implemented in hardware, software, firmware, or a combination thereof. In the above embodiments, the various steps or methods may be implemented in software or firmware stored in memory and executed by suitable instructions. For example, if implemented in hardware, as in another embodiment, any one or combination of the following techniques, which are known in the art, may be used: a discrete logic circuit having a logic gate circuit for implementing a logic function on a data signal, an application specific integrated circuit having an appropriate combinational logic gate circuit, a Programmable Gate Array (PGA), a Field Programmable Gate Array (FPGA), or the like.

It will be understood by those skilled in the art that all or part of the steps carried by the method for implementing the above embodiments may be implemented by hardware related to instructions of a program, which may be stored in a computer readable storage medium, and when the program is executed, the program includes one or a combination of the steps of the method embodiments.

In addition, functional units in the embodiments of the present invention may be integrated into one processing module, or each unit may exist alone physically, or two or more units are integrated into one module. The integrated module can be realized in a hardware mode, and can also be realized in a software functional module mode. The integrated module, if implemented in the form of a software functional module and sold or used as a stand-alone product, may also be stored in a computer readable storage medium.

The storage medium mentioned above may be a read-only memory, a magnetic or optical disk, etc.

In the description herein, references to the description of the term "one embodiment," "some embodiments," "an example," "a specific example," or "some examples," etc., mean that a particular feature, structure, material, or characteristic described in connection with the embodiment or example is included in at least one embodiment or example of the invention. In this specification, the schematic representations of the terms used above do not necessarily refer to the same embodiment or example. Furthermore, the particular features, structures, materials, or characteristics described may be combined in any suitable manner in any one or more embodiments or examples.

Although embodiments of the present invention have been shown and described above, it is understood that the above embodiments are exemplary and should not be construed as limiting the present invention, and that variations, modifications, substitutions and alterations can be made in the above embodiments by those of ordinary skill in the art without departing from the principle and spirit of the present invention. The scope of the invention is defined by the appended claims and equivalents thereof.

Claims

1. An intelligent lock unlocking method is characterized by comprising the following steps:

the intelligent lock completes network connection, and an intelligent lock client of the administrator terminal is bound with the intelligent lock;

the administrator terminal is connected with the first identity card information reading device and the administrator intelligent password key, an intelligent lock client of the administrator terminal obtains a registration request of the administrator intelligent password key, and the intelligent lock client displays prompt information for reading identity card information; the administrator intelligent password key is a safety device for realizing the functions of encrypting and signing data;

the first identity card information reading equipment reads administrator identity card information and sends the administrator identity card information to the administrator terminal, and the administrator terminal at least sends the administrator identity card information and the serial number of the intelligent lock to the background system server;

the administrator terminal receives first matching information which is sent by the background system server and is obtained according to the judgment of whether the administrator identity card information is matched with the identity card information bound with the intelligent lock or not, if the first matching information is matched successfully, the administrator terminal obtains administrator face image information by using a camera and at least sends the administrator face image information to the background system server;

the administrator terminal receives first comparison result information which is sent by the background system server and is obtained according to whether image information in the administrator identity card information is consistent with the administrator face image or not through comparison, if the first comparison result information is that the comparison is passed, the administrator terminal informs the first identity card information reading device to sign first information to be signed, so that administrator signature information is obtained and sent to the background system server, and the first information to be signed at least comprises the administrator identity card information and administrator intelligent password key information;

the administrator terminal receives binding success notification information which is sent by the background system server and obtained by binding the administrator intelligent password key information with the serial number of the intelligent lock after the administrator signature information is verified and passes, and receives an application program of the intelligent lock and a first intelligent lock application certificate which are sent by the background system server; the administrator terminal sends an application program of the intelligent lock and the first intelligent lock application certificate to the administrator intelligent password key;

the intelligent lock client of the administrator terminal acquires a visitor identity card registration request, the intelligent lock client displays prompt information for acquiring visitor identity card information, the administrator terminal receives the visitor identity card information and visitor facial image information, and the administrator terminal sends the visitor identity card information and the visitor facial image information to the background system server;

the administrator terminal receives second comparison result information which is sent by the background system server and is obtained according to whether image information in the visitor identity card information is consistent with the visitor facial image or not through comparison, if the second comparison result information is that the comparison is passed, the administrator terminal is informed of signing the visitor identity card information through an intelligent password key, the administrator terminal obtains visitor identity card signing information, and the visitor identity card signing information is sent to the background system server;

the administrator terminal receives a binding success notification message which is sent by the background system server and obtained by binding the visitor identity card information with the serial number of the intelligent lock after the visitor identity card signing information is verified and passes;

the intelligent lock completes network connection, and an intelligent lock client of the visitor terminal is bound with the intelligent lock;

the visitor terminal is connected with a second identity card information reading device and a visitor intelligent password key, an intelligent lock client of the visitor terminal acquires a registration request of the visitor intelligent password key, and the intelligent lock client displays prompt information for reading identity card information; the visitor intelligent password key is a safety device for realizing the functions of encrypting and signing data;

the second identity card information reading equipment reads the visitor identity card information and sends the visitor identity card information to the visitor terminal, and the visitor terminal at least sends the visitor identity card information and the serial number of the intelligent lock to the background system server;

the visitor terminal receives second matching information which is sent by the background system server and is obtained according to the judgment whether the visitor identity card information is matched with the visitor identity card information bound with the intelligent lock or not, and if the second matching information is matched successfully, the visitor terminal obtains the visitor facial image information and at least sends the visitor facial image information to the background system server;

the visitor terminal receives third comparison result information which is sent by the background system server and is obtained according to whether image information in the visitor identity card information is consistent with the visitor facial image or not through comparison, if the third comparison result information is that the comparison is passed, the visitor terminal informs the second identity card information reading equipment to sign second information to be signed, visitor signature information is obtained and sent to the background system server, and the second information to be signed at least comprises the visitor identity card information and visitor intelligent password key information;

the visitor terminal receives a binding success notification message which is sent by the background system server and obtained by binding the visitor intelligent password key information with the serial number of the intelligent lock after the visitor signature information is verified and passes, and receives an application program of the intelligent lock and a second intelligent lock application certificate which are sent by the background system server; the visitor terminal sends the application program of the intelligent lock and the second intelligent lock application certificate to the visitor intelligent password key;

and the visitor intelligent password key sends an unlocking request to the intelligent lock to complete unlocking operation.

2. The method of claim 1,

the first identity card information reading device and the administrator intelligent password key are the same device.

3. The method of claim 1,

the administrator intelligent password key is a safety device which is built in the administrator terminal;

or the visitor intelligent password key is a safety device built in the visitor terminal;

or, the administrator intelligent password key is built-in security equipment in the administrator terminal, and the visitor intelligent password key is built-in security equipment in the visitor terminal.

4. The method according to any one of claims 1 to 3,

the second identity card information reading device and the visitor intelligent password key are the same device.

5. The method according to any one of claims 1 to 3,

the method comprises the following steps that the administrator terminal receives visitor identity card information sent by the background server and visitor identity card information sent by a visitor, and after the visitor identity card information and the sequence number of the intelligent lock are bound, binding success notification information is obtained, and the intelligent lock receives the visitor identity card information sent by the visitor identity card and completes unlocking operation.

6. An intelligent lock unlocking system, comprising: the intelligent lock comprises an intelligent lock, an administrator terminal, an administrator intelligent password key, a first identity card information reading device, a visitor terminal, a second identity card information reading device and a visitor intelligent password key; wherein,

the intelligent lock is used for completing network connection and binding with an intelligent lock client of the administrator terminal;

the administrator terminal is used for establishing connection with the first identity card information reading device and an administrator intelligent password key, an intelligent lock client of the administrator terminal receives a registration request of the administrator intelligent password key, and the intelligent lock client displays prompt information for reading identity card information; the administrator intelligent password key is a safety device for realizing the functions of encrypting and signing data; after receiving the administrator identity card information sent by the first identity card information reading device, at least sending the administrator identity card information and the serial number of the intelligent lock to a background system server; receiving first matching information which is sent by the background system server and is obtained according to the judgment of whether the administrator identity card information is matched with the identity card information bound with the intelligent lock or not, if the first matching information is successful, the administrator terminal acquires administrator facial image information by using a camera and at least sends the administrator facial image information to the background system server; receiving first comparison result information which is sent by the background system server and is obtained according to whether image information in the administrator identity card information is consistent with the administrator face image or not through comparison, if the first comparison result information is comparison pass, informing the first identity card information reading equipment to sign information to be signed to obtain administrator signature information, and sending the administrator signature information to the background system server, wherein the information to be signed at least comprises the administrator identity card information and administrator intelligent password key information; receiving binding success notification information which is sent by the background system server and obtained by binding the administrator intelligent password key information with the serial number of the intelligent lock after the administrator signature information is verified and passes, and receiving an application program of the intelligent lock and a first intelligent lock application certificate which are sent by the background system server; sending an application program of a smart lock and the first smart lock application certificate to the administrator smart key; an intelligent lock client of the administrator terminal receives a visitor identity card registration request, and the intelligent lock client displays prompt information for acquiring visitor identity card information; receiving visitor identity card information and visitor facial image information, and sending the visitor identity card information and the visitor facial image information to the background system server; receiving second comparison result information which is sent by the background system server and is obtained according to whether image information in the visitor identity card information is consistent with the visitor facial image or not through comparison, if the second comparison result information is that the comparison is passed, informing the administrator of signing the visitor identity card information through an intelligent password key, receiving visitor identity card signing information, and sending the visitor identity card signing information to the background system server; receiving a successful binding notification message which is sent by the background system server and obtained by binding the visitor identity card information with the serial number of the intelligent lock after the visitor identity card signing information is verified and passes through;

the first identity card information reading device is used for reading the administrator identity card information and sending the administrator identity card information to the administrator terminal; receiving a notice of signing the information to be signed sent by the administrator terminal, signing the information to be signed, obtaining the administrator signature information and sending the administrator signature information to the administrator terminal;

the administrator intelligent password key is used for receiving the application program of the intelligent lock and the first intelligent lock application certificate sent by the administrator terminal; receiving a notice of signing visitor identity card information sent by the administrator terminal, signing the visitor identity card information to obtain visitor identity card signing information and sending the visitor identity card signing information to the administrator terminal;

the intelligent lock is also used for being bound with an intelligent lock client of the visitor terminal; receiving an unlocking request sent by a visitor intelligent password key to the intelligent lock, and completing unlocking operation; the visitor intelligent password key is a safety device for realizing the functions of encrypting and signing data;

the visitor terminal is used for establishing connection with the second identity card information reading equipment and the visitor intelligent password key, an intelligent lock client of the visitor terminal receives a registration request of the visitor intelligent password key, and the intelligent lock client displays prompt information for reading identity card information; at least sending the visitor identity card information and the serial number of the intelligent lock to the background system server; receiving second matching information which is sent by the background system server and is obtained according to the judgment of whether the visitor identity card information is matched with the visitor identity card information bound with the intelligent lock, and if the second matching information is matched successfully, the visitor terminal acquires the visitor facial image information and at least sends the visitor facial image information to the background system server; receiving third comparison result information which is sent by the background system server and is obtained according to whether image information in the visitor identity card information is consistent with the visitor facial image or not through comparison, if the third comparison result information is that the comparison is passed, informing the second identity card information reading equipment to sign second information to be signed to obtain visitor signature information and sending the visitor signature information to the background system server, wherein the second information to be signed at least comprises the visitor identity card information and the visitor intelligent password key information; receiving a successful binding notification message which is sent by the background system server and obtained by binding the visitor intelligent password key information with the serial number of the intelligent lock after the visitor signature information is verified and passes, and receiving an application program of the intelligent lock and a second intelligent lock application certificate which are sent by the background system server; sending an application of the smart lock and the second smart lock application certificate to the guest smart key;

the second identity card information reading device is used for reading the visitor identity card information and sending the visitor identity card information to the visitor terminal; receiving a notice of signing the second information to be signed sent by the visitor terminal, signing the second information to be signed to obtain the visitor signature information, and sending the visitor signature information to the visitor terminal;

the visitor intelligent password key is used for receiving the application program of the intelligent lock and the second intelligent lock application certificate sent by the visitor terminal; and sending an unlocking request to the intelligent lock.

7. The system of claim 6,

8. The system of claim 6,

9. The system according to any one of claims 6 to 8,

10. The system according to any one of claims 6 to 8,

after receiving the successful binding notification message which is sent by the background server and obtained by binding the visitor identity card information with the sequence number of the intelligent lock, the administrator terminal is also used for receiving the visitor identity card information sent by the visitor identity card and completing the unlocking operation.