CN109951294B

CN109951294B - Information updating management method in electronic label system and related equipment

Info

Publication number: CN109951294B
Application number: CN201910128089.2A
Authority: CN
Inventors: 张景; 王倩; 赵志凤; 刘义
Original assignee: Zhongyun Xin'an Shenzhen Technology Co ltd
Current assignee: Zhongyun Xin'an Shenzhen Technology Co ltd
Priority date: 2019-02-21
Filing date: 2019-02-21
Publication date: 2021-12-14
Anticipated expiration: 2039-02-21
Also published as: CN109951294A

Abstract

The invention discloses an information updating management method and related equipment in an electronic label system, wherein the method comprises the following steps: responding to an information updating request sent by the electronic signature terminal, and acquiring the signature of the electronic signature terminal; performing signature authentication on the electronic signature terminal based on a preset signature authentication algorithm and the signature of the electronic signature terminal; if the electronic signature terminal passes signature authentication, acquiring a ciphertext obtained by encrypting target display information updated by the electronic signature terminal from the electronic signature terminal; decrypting the ciphertext based on a preset decryption algorithm to obtain target display information updated by the electronic signature terminal; and displaying the target display information on a display interface. The method improves the safety and credibility of the display information in the electronic tag.

Description

Information updating management method in electronic label system and related equipment

Technical Field

The present invention relates to the field of information security, and in particular, to an information update management method and related devices in an electronic tag system.

Background

In daily life, the maintenance and management of fire-fighting equipment and special equipment are in practical relation with the life and property safety of people. For these devices, legal professional organizations should regularly check and maintain the devices, and correspondingly update the tag information on the devices. However, in order to save labor and financial cost, some users of the equipment may not request legal professional institutions to maintain the equipment according to safety regulations. When the security department performs the inspection, the personnel (for example, the user of the device) who have no authority to change the tag information on the device may tamper the tag information on the device, change the service life of the device or forge the maintenance records of the device, etc., so as to deal with the inspection, thereby leaving behind numerous security risks.

Disclosure of Invention

Based on this, the invention provides an information update management method in an electronic tag system and related equipment, in order to solve the technical problem in the related art of how to improve the security of the displayed information in the update tag from the technical aspect.

In a first aspect, a method for managing information update in an electronic tag system is provided, where the electronic tag system includes an electronic tag and an electronic signature terminal, and the method is performed by the electronic tag and includes:

responding to an information updating request sent by the electronic signature terminal, and acquiring the signature of the electronic signature terminal;

performing signature authentication on the electronic signature terminal based on a preset signature authentication algorithm and the signature of the electronic signature terminal;

if the electronic signature terminal passes signature authentication, acquiring a ciphertext obtained by encrypting target display information updated by the electronic signature terminal from the electronic signature terminal;

decrypting the ciphertext based on a preset decryption algorithm to obtain target display information updated by the electronic signature terminal;

and displaying the target display information on a display interface.

In an exemplary embodiment of the present disclosure, before acquiring the signature of the electronic signature terminal, the method includes:

and establishing connection with the electronic signature terminal through Near Field Communication (NFC).

generating first information to be signed;

and sending the first information to be signed to the electronic signature terminal so that the electronic signature terminal generates an electronic signature for the first information to be signed.

In an exemplary embodiment of the present disclosure, the first information to be signed includes: random numbers generated by the electronic tag.

In an exemplary embodiment of the present disclosure, the first information to be signed includes: chip serial number of the electronic tag.

In an exemplary embodiment of the disclosure, the generating, by the electronic signature terminal, an electronic signature terminal signature for the first information to be signed includes:

the electronic signature terminal acquires first information to be signed sent by the electronic tag;

the electronic signature terminal generates an electronic signature terminal signature by using a private key of the electronic signature terminal and the first information to be signed based on a preset signature generation algorithm;

and the electronic signature terminal sends the signature of the electronic signature terminal to the electronic tag so that the electronic tag can carry out signature authentication on the electronic signature terminal based on a preset signature authentication algorithm and the signature of the electronic signature terminal.

In an exemplary embodiment of the present disclosure, the generating, by an electronic signature terminal, an electronic signature terminal signature using a private key of the electronic signature terminal and the first information to be signed based on a predetermined signature generating algorithm includes:

and the electronic signature terminal encrypts the first information to be signed by using a private key of the electronic signature terminal based on a preset asymmetric key algorithm to obtain the signature of the electronic signature terminal.

In an exemplary embodiment of the present disclosure, the electronic signature terminal generates an electronic signature terminal signature using a private key of the electronic signature terminal and the first information to be signed based on a predetermined signature generation algorithm, and further includes:

the electronic signature terminal performs summary operation on the first information to be signed to obtain a summary value corresponding to the first information to be signed;

and the electronic signature terminal encrypts the digest value by using a private key of the electronic signature terminal based on a preset asymmetric key algorithm to obtain the signature of the electronic signature terminal.

In an exemplary embodiment of the present disclosure, performing signature authentication on the electronic signature terminal based on a predetermined signature authentication algorithm and the electronic signature terminal signature includes:

acquiring the identifier of the electronic signature terminal;

acquiring a public key of the electronic signature terminal based on the identifier of the electronic signature terminal;

based on a preset signature authentication algorithm, decrypting the signature of the electronic signature terminal by using the public key of the electronic signature terminal to obtain first signature decryption information;

and comparing the first de-signing information with the first information to be signed to determine whether the electronic signature terminal passes signature authentication.

In an exemplary embodiment of the present disclosure, comparing the first de-signing information with the first information to be signed to determine whether the electronic signature terminal passes signature authentication includes:

if the first de-signature information is consistent with the first information to be signed, determining that the electronic signature terminal passes signature authentication;

and if the first de-signature information is inconsistent with the first information to be signed, determining that the electronic signature terminal does not pass signature authentication.

In an exemplary embodiment of the present disclosure, comparing the first de-signing information with the first information to be signed to determine whether the electronic signature terminal passes signature authentication further includes:

performing summary operation on the first information to be signed to obtain a summary value corresponding to the first information to be signed;

if the first de-signature information is consistent with the digest value, determining that the electronic signature terminal passes signature authentication;

and if the first de-signature information is inconsistent with the digest value, determining that the electronic signature terminal does not pass signature authentication.

In an exemplary embodiment of the present disclosure, before obtaining, from the electronic signature terminal, a ciphertext obtained by encrypting target display information updated by the electronic signature terminal, the method includes:

acquiring second information to be signed sent by the electronic signature terminal;

generating an electronic tag signature by using a private key of the electronic tag and the second information to be signed based on a preset signature generation algorithm;

and sending the electronic tag signature to the electronic signature terminal so that the electronic signature terminal can carry out signature authentication on the electronic tag based on a preset signature authentication algorithm and the electronic tag signature.

In an exemplary embodiment of the present disclosure, the second information to be signed includes: and the random number is generated by the electronic signature terminal.

In an exemplary embodiment of the present disclosure, the second information to be signed includes: chip serial number of the electronic signature terminal.

In an exemplary embodiment of the present disclosure, generating an electronic tag signature using a private key of the electronic tag and the second information to be signed based on a predetermined signature generation algorithm includes:

and based on a preset asymmetric key algorithm, encrypting the second information to be signed by using a private key of the electronic tag to obtain the signature of the electronic tag.

In an exemplary embodiment of the present disclosure, the generating an electronic tag signature using a private key of the electronic tag and the second information to be signed based on a predetermined signature generating algorithm further includes:

performing summary operation on the second information to be signed to obtain a summary value corresponding to the second information to be signed;

and based on a preset asymmetric key algorithm, encrypting the digest value by using a private key of the electronic tag to obtain the electronic tag signature.

In an exemplary embodiment of the present disclosure, the signature authentication of the electronic tag by the electronic signature terminal based on a predetermined signature authentication algorithm includes:

the electronic signature terminal acquires the identification of the electronic tag;

the electronic signature terminal acquires a public key of the electronic tag based on the identifier of the electronic tag;

the electronic signature terminal decrypts the electronic tag signature by using the public key of the electronic tag based on a preset signature authentication algorithm to obtain second signature decryption information;

and the electronic signature terminal compares the second de-signature information with the second information to be signed to determine whether the electronic tag passes signature authentication.

In an exemplary embodiment of the present disclosure, the comparing, by the electronic signature terminal, the second de-signing information with the second information to be signed, and determining whether the electronic tag passes signature authentication includes:

if the second de-signing information is consistent with the second information to be signed, determining that the electronic tag passes signature authentication;

and if the second de-signature information is inconsistent with the second information to be signed, determining that the electronic tag does not pass signature authentication.

In an exemplary embodiment of the present disclosure, the electronic signature terminal compares the second de-signing information with the second information to be signed, and determines whether the electronic signature terminal passes signature authentication, further including:

the electronic signature terminal performs summary operation on the second information to be signed to obtain a summary value corresponding to the second information to be signed;

if the second de-signature information is consistent with the digest value, determining that the electronic tag passes signature authentication;

and if the second de-signature information is inconsistent with the digest value, determining that the electronic tag does not pass signature authentication.

In an exemplary embodiment of the present disclosure, if the electronic signature terminal passes signature authentication, before obtaining a ciphertext obtained by encrypting target display information updated by the electronic signature terminal from the electronic signature terminal, the method includes:

if the electronic signature terminal passes signature authentication, determining the authority of the electronic signature terminal based on the identifier of the electronic signature terminal and a preset authority configuration table, wherein the authority configuration table describes the identifier of the electronic signature terminal and the corresponding authority of the electronic signature terminal;

and opening a corresponding data uploading interface to the electronic signature terminal based on the authority of the electronic signature terminal, so that the electronic signature terminal can only send corresponding target display information from the interface.

In an exemplary embodiment of the present disclosure, after displaying the target display information on a display interface, the displaying includes:

and sending the information of the updated display information in the electronic tag to the electronic signature terminal.

In an exemplary embodiment of the present disclosure, after sending information of display information in an updated electronic tag to the electronic signature terminal, the method includes:

and the electronic signature terminal responds to the received information of the display information in the updated electronic tag and sends the target display information to a server so that the server records the target display information.

According to a second aspect of the present disclosure, there is provided an electronic tag comprising:

the first acquisition module is used for responding to an information updating request sent by the electronic signature terminal and acquiring the signature of the electronic signature terminal;

the signature authentication module is used for performing signature authentication on the electronic signature terminal based on a preset signature authentication algorithm and the signature of the electronic signature terminal;

the second acquisition module is used for acquiring a ciphertext obtained by encrypting the target display information updated by the electronic signature terminal from the electronic signature terminal if the electronic signature terminal passes signature authentication;

the decryption module is used for decrypting the ciphertext based on a preset decryption algorithm to obtain target display information updated by the electronic signature terminal;

and the electronic ink paper display module is used for displaying the target display information on a display interface.

According to a third aspect of the present disclosure, there is provided an electronic tag comprising:

a memory configured to store executable instructions;

a processor configured to execute executable instructions stored in the memory to perform the above-described method.

According to a fourth aspect of the present disclosure, there is provided a computer readable storage medium storing computer program instructions which, when executed by a computer, cause the computer to perform the method described above.

Information supervision (e.g., production date, maintenance records) for fire fighting equipment and special equipment in the prior art relies on paper labels on the equipment. However, because the paper label can be easily forged by illegal persons, and the information on the paper label can be easily tampered by illegal persons, and the like, a significant security hole exists in the paper label for monitoring the fire-fighting equipment and the special equipment. Therefore, the embodiment of the present disclosure provides an electronic tag system. In the electronic label system, modifiable display information (such as maintenance records) in the electronic label can be modified only through a legal electronic signature terminal. The identity authentication between the electronic tag and the electronic signature terminal is based on a financial-level password technology, so that the safety of the display information in the electronic tag is ensured.

Additional features and advantages of the disclosure will be set forth in the detailed description which follows, or in part will be obvious from the description, or may be learned by practice of the disclosure.

It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory only and are not restrictive of the disclosure.

Drawings

The above and other objects, features and advantages of the present disclosure will become more apparent by describing in detail exemplary embodiments thereof with reference to the attached drawings

Fig. 1 shows a flowchart of an information update management method in an electronic label system according to an embodiment of the present disclosure.

Fig. 2 shows a specific flowchart of signature authentication of the electronic signature terminal based on a predetermined signature authentication algorithm and the electronic signature terminal signature according to an embodiment of the present disclosure.

FIG. 3 illustrates an interaction diagram for information update management in an electronic label system according to one embodiment of the present disclosure.

FIG. 4 shows a block diagram of an electronic tag according to one embodiment of the present disclosure.

Fig. 5 shows a hardware structure diagram of an electronic tag according to an embodiment of the present disclosure.

FIG. 6 illustrates a computer-readable storage medium diagram of information update management in an electronic label system according to one embodiment of the present disclosure.

Detailed Description

Example embodiments will now be described more fully with reference to the accompanying drawings. Example embodiments may, however, be embodied in many different forms and should not be construed as limited to the examples set forth herein; rather, these example embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the concept of example embodiments to those skilled in the art. The drawings are merely schematic illustrations of the present disclosure and are not necessarily drawn to scale. The same reference numerals in the drawings denote the same or similar parts, and thus their repetitive description will be omitted.

Furthermore, the described features, structures, or characteristics may be combined in any suitable manner in one or more example embodiments. In the following description, numerous specific details are provided to give a thorough understanding of example embodiments of the disclosure. One skilled in the relevant art will recognize, however, that the subject matter of the present disclosure can be practiced without one or more of the specific details, or with other methods, components, steps, and so forth. In other instances, well-known structures, methods, implementations, or operations are not shown or described in detail to avoid obscuring aspects of the disclosure.

Some of the block diagrams shown in the figures are functional entities and do not necessarily correspond to physically or logically separate entities. These functional entities may be implemented in the form of software, or in one or more hardware modules or integrated circuits, or in different networks and/or processor devices and/or microcontroller devices.

The electronic tag system in the embodiment of the disclosure comprises an electronic tag and an electronic signature terminal. The electronic tag is used for displaying various information (such as production date of the equipment and maintenance record of the equipment) of related equipment (such as fire fighting equipment and special equipment); the electronic signature terminal is authorized in advance and used for updating updatable information (such as a maintenance record of the equipment) of the electronic tag. Before the electronic signature terminal updates the information in the electronic tag, the two parties can perform mutual identity authentication. Only after the two parties pass identity authentication, the electronic signature terminal can successfully update the information in the electronic tag, so that the safety of the displayed information in the electronic tag is ensured.

The process of the embodiments of the present disclosure will be described below with reference to the drawings.

Fig. 1 shows a flowchart of an information update management method in an electronic tag system according to an example embodiment of the present disclosure, wherein the method is performed by an electronic tag, and the method includes:

step S100: responding to an information updating request sent by the electronic signature terminal, and acquiring the signature of the electronic signature terminal;

step S110: performing signature authentication on the electronic signature terminal based on a preset signature authentication algorithm and the signature of the electronic signature terminal;

step S120: if the electronic signature terminal passes signature authentication, acquiring a ciphertext obtained by encrypting target display information updated by the electronic signature terminal from the electronic signature terminal;

step S130: decrypting the ciphertext based on a preset decryption algorithm to obtain target display information updated by the electronic signature terminal;

step S140: and displaying the target display information on a display interface.

The following describes specific procedures of each step of the information update management method in the electronic tag system.

First, a process of establishing a connection between the electronic tag and the electronic signature terminal is described.

In one embodiment, in step S100: responding to an information updating request sent by an electronic signature terminal, and before acquiring the signature of the electronic signature terminal, the method comprises the following steps:

NFC: near F i e l d Commun i cat, i.e. short-range wireless communication technology. NFC is a non-contact identification and interconnection technology, and can allow devices with a distance less than or equal to 0.1m to automatically and quickly connect (the connection time is less than 0.1s) and communicate.

In this embodiment, the electronic signature terminal needs to keep a sufficiently close distance from the electronic tag to update information in the electronic tag, so that the electronic tag can obtain electric energy from the electronic signature terminal that is close to the electronic tag through the built-in NFC communication module to supply power to other components in the electronic tag, so that the electronic tag can complete the information update management method in the electronic tag system.

The embodiment has the advantage that the NFC communication module is adopted to supply power to the electronic tag, so that the volume of the electronic tag is reduced, and the energy consumption is saved.

The following describes a process after the electronic tag establishes a connection with the electronic signature terminal and before the electronic signature terminal is authenticated.

In the embodiment of the disclosure, after the electronic tag is connected with the electronic signature terminal, in order to ensure that the electronic signature terminal has the authority to update the display information of the electronic tag, that is, the electronic signature terminal is authenticated according to the built-in communication protocol. The authentication process is performed by signature authentication.

generating first information to be signed;

The first information to be signed is information generated by the electronic tag and used for generating the signature of the electronic signature terminal by the electronic signature terminal. The electronic tag can authenticate the electronic signature terminal according to the signature of the electronic signature terminal and the first information to be signed.

In an embodiment, the first information to be signed includes: random numbers generated by the electronic tag.

In this embodiment, after the electronic tag is connected to the electronic signature terminal, a random number is generated by a built-in random number generator, and the random number is sent to the electronic signature terminal to request the electronic signature terminal to generate an electronic signature terminal signature according to the random number.

This embodiment has the advantage that since the random number is generated by the electronic tag, it is unpredictable for other terminals, thereby improving the trustworthiness of the signature of the electronic signature terminal.

In an embodiment, the first information to be signed includes: chip serial number of the electronic tag.

In this embodiment, after the electronic tag is connected to the electronic signature terminal, the chip serial number of the electronic tag is sent to the electronic signature terminal, and the electronic signature terminal is required to generate an electronic signature terminal signature according to the chip serial number.

The embodiment has the advantages that the electronic tag can send the first information to be signed to the electronic signature terminal without complex operation, and the operation burden of the electronic tag is reduced.

The following describes a process in which the electronic signature terminal sends an electronic signature terminal signature to the electronic tag.

In the disclosed embodiment, the predetermined signature generation algorithm used to generate the signature is based on an asymmetric key algorithm (e.g., SM2 algorithm, RSA algorithm). Before the electronic tag and the electronic signature terminal complete factory setting, a pair of public/private keys is respectively distributed. The private key of the electronic tag can be accessed only by the electronic tag, and the private key of the electronic signature terminal can be accessed only by the electronic signature terminal; the public key of the electronic tag is disclosed to all electronic signature terminals, and the public key of the electronic signature terminal is disclosed to all electronic tags. Due to the nature of asymmetric key algorithms: the private key cannot be forged; meanwhile, the signature obtained by using the private key for encryption can only be correctly decrypted by the corresponding public key. Therefore, the purpose of authenticating the identity of the electronic signature terminal can be achieved by authenticating the signature of the electronic signature terminal, and further, the authority of the electronic signature terminal can be verified.

In an embodiment, the generating, by the electronic signature terminal, an electronic signature terminal signature for the first information to be signed includes:

In this embodiment, after receiving the first information to be signed sent by the electronic tag, the electronic signature terminal generates the signature of the electronic signature terminal according to a predetermined signature generation algorithm based on an asymmetric key algorithm (e.g., RSA algorithm) in combination with its own private key and the first information to be signed. The electronic signature terminal signature is generated by encrypting the private key of the electronic signature terminal, and the public key of the electronic signature terminal is public, so that the electronic tag can authenticate the electronic signature terminal signature, and whether the electronic signature terminal has the authority to update the information of the electronic tag is confirmed.

The following describes a process in which the electronic signature terminal generates an electronic signature terminal signature.

In an embodiment, the generating, by the electronic signature terminal, a signature of the electronic signature terminal based on a predetermined signature generating algorithm by using a private key of the electronic signature terminal and the first information to be signed includes:

In this embodiment, the electronic signature terminal encrypts, based on an asymmetric key algorithm (e.g., RSA algorithm), the first information to be signed (e.g., a random number generated by the electronic tag and a chip serial number of the electronic tag) using its own private key, so as to obtain an electronic signature terminal signature capable of certifying the identity of the electronic signature terminal.

The embodiment has the advantage of improving the efficiency of generating the electronic signature terminal signature by the electronic signature terminal.

In an embodiment, the electronic signature terminal generates an electronic signature terminal signature using a private key of the electronic signature terminal and the first information to be signed based on a predetermined signature generation algorithm, and further includes:

In this embodiment, after receiving the first information to be signed, the electronic signature terminal performs digest operation (for example, SM3 operation) on the first information to be signed, and then encrypts the obtained digest value using its own private key, thereby obtaining an electronic signature terminal signature capable of certifying the identity of the electronic signature terminal.

The embodiment has the advantages that the first information to be signed is subjected to digest operation, and then the electronic signature terminal signature is generated based on the obtained digest value, so that the security of the electronic signature terminal signature is improved.

The following describes a process of the electronic tag authenticating the electronic signature terminal signature.

In one embodiment, as shown in fig. 2, in step S110: based on a preset signature authentication algorithm and the signature of the electronic signature terminal, the signature authentication of the electronic signature terminal comprises the following steps:

step S1101: acquiring the identifier of the electronic signature terminal;

step S1102: acquiring a public key of the electronic signature terminal based on the identifier of the electronic signature terminal;

step S1103: based on a preset signature authentication algorithm, decrypting the signature of the electronic signature terminal by using the public key of the electronic signature terminal to obtain first signature decryption information;

step S1104: and comparing the first de-signing information with the first information to be signed to determine whether the electronic signature terminal passes signature authentication.

The identifier of the electronic signature terminal is information that can uniquely identify the electronic signature terminal. The identifier of the electronic signature terminal may be a chip number of the terminal or an account number logged in an application of the terminal.

In this embodiment, the electronic tag stores a public key configuration table, where the public key configuration table describes the electronic signature terminal identifier and the public key of the corresponding electronic signature terminal. After the electronic tag is connected with the electronic signature terminal, the identifier of the electronic signature terminal (for example, a user account which is logged in an application of the electronic signature terminal and is specially used for updating electronic tag information) is acquired. And acquiring the public key of the electronic signature terminal according to the identifier of the electronic signature terminal through a public key configuration table. And decrypting the received electronic signature terminal signature by using the public key according to a predetermined asymmetric key algorithm (such as RSA algorithm) to obtain first de-signature information. And comparing the first de-signature information with the corresponding first information to be signed, thereby performing signature authentication on the electronic signature terminal.

The embodiment has the advantages that signature authentication is carried out on the electronic signature terminal based on the asymmetric key algorithm, the electronic tag information can be updated only by the terminal with the authority, and the safety of the electronic tag information is improved.

The following describes a process in which the electronic tag determines whether the electronic signature terminal passes signature authentication.

In an embodiment, comparing the first de-signing information with the first information to be signed to determine whether the electronic signature terminal passes signature authentication includes:

In this embodiment, the electronic signature terminal directly encrypts the first information to be signed according to a predetermined asymmetric key algorithm, thereby obtaining the signature of the electronic signature terminal. Therefore, the first de-signature information obtained by decrypting the electronic signature terminal signature according to the asymmetric key algorithm is consistent with the corresponding first information to be signed.

For example, when the first de-signature information obtained by the electronic tag using the public key of the electronic signature terminal a is consistent with the corresponding first information to be signed, it means that the electronic signature terminal connected to the electronic tag must be the electronic signature terminal a, because only the electronic signature terminal a can generate the electronic signature terminal signature in which the first de-signature information obtained by de-signing using the public key of the electronic signature terminal a is consistent with the first information to be signed. Thereby, the electronic tag determines that the electronic signature terminal a passes the signature authentication.

In an embodiment, comparing the first de-signing information with the first information to be signed to determine whether the electronic signature terminal passes signature authentication further includes:

In this embodiment, after receiving the first information to be signed, the electronic signature terminal performs digest operation on the first information to be signed to obtain a digest value, and then encrypts the digest value according to an asymmetric key algorithm to obtain the signature of the electronic signature terminal. Therefore, the first de-signature information obtained by decrypting the electronic signature terminal signature according to the asymmetric key algorithm is consistent with the digest value of the first information to be signed.

Due to uniqueness and unidirectionality of the digest operation, the electronic tag can only calculate the digest value of the first information to be signed first, and then perform signature authentication on the electronic signature terminal according to comparison between the digest value and the first decryption name information. If the first de-signature information obtained by the electronic tag by using the public key of the electronic signature terminal a is consistent with the digest value of the corresponding first information to be signed, it is indicated that the electronic signature terminal connected with the electronic tag is definitely the electronic signature terminal a. Thereby, the electronic tag determines that the electronic signature terminal a passes the signature authentication.

The following describes a process of signature authentication of the electronic tag by the electronic signature terminal.

In the embodiment of the disclosure, in order to determine the identity of the electronic signature terminal, the electronic tag needs to perform signature authentication on the electronic signature terminal; meanwhile, the electronic signature terminal also needs to perform signature authentication on the electronic tag in order to confirm the identity of the electronic tag. That is, the signature authentication between the electronic tag and the electronic signature terminal is bidirectional.

First, a process of transmitting an electronic tag signature to an electronic signature terminal by an electronic tag will be described.

In one embodiment, before obtaining, from the electronic signature terminal, a ciphertext obtained by encrypting target display information updated by the electronic signature terminal, the method includes:

The second information to be signed is information which is generated by the electronic signature terminal and used for generating an electronic tag signature by the electronic tag. And the electronic signature terminal can authenticate the electronic tag according to the electronic tag signature and the second information to be signed.

The specific implementation of this embodiment is similar to the above-mentioned corresponding specific implementation of sending the electronic signature terminal signature to the electronic tag by the electronic signature terminal, and therefore, the detailed description thereof is omitted here.

In an embodiment, the second information to be signed includes: and the random number is generated by the electronic signature terminal.

The specific implementation of this embodiment is the same as the above-mentioned specific implementation of generating the first information to be signed by the electronic tag, and therefore, the detailed description thereof is omitted here.

In an embodiment, the second information to be signed includes: chip serial number of the electronic signature terminal.

The following describes a process of generating an electronic tag signature by an electronic tag.

In an embodiment, generating an electronic tag signature using a private key of the electronic tag and the second information to be signed based on a predetermined signature generation algorithm includes:

The specific implementation of this embodiment is similar to the above-mentioned corresponding specific implementation of generating an electronic signature terminal signature by an electronic signature terminal, and therefore, the detailed description thereof is omitted here.

The following describes a process of authenticating the electronic tag signature by the electronic signature terminal.

In one embodiment, the signature authentication of the electronic tag by the electronic signature terminal based on a predetermined signature authentication algorithm includes:

The specific implementation manner of this embodiment is the same as the above-mentioned corresponding specific implementation manner in which the electronic tag authenticates the signature of the electronic signature terminal, and therefore, the detailed description thereof is omitted here.

The following describes a process in which the electronic signature terminal determines whether the electronic tag passes signature authentication.

In an embodiment, the step of comparing, by the electronic signature terminal, the second de-signature information with the second information to be signed to determine whether the electronic tag passes signature authentication includes:

The specific implementation manner of this embodiment is the same as the above-mentioned specific implementation manner in which the electronic tag determines whether the electronic signature terminal passes the signature authentication, and therefore, the detailed description thereof is omitted here.

In an embodiment, the electronic signature terminal compares the second de-signature information with the second information to be signed, and determines whether the electronic signature terminal passes the signature authentication, further including:

The following describes a process of data transmission after the electronic tag and the electronic signature terminal mutually pass signature authentication.

In one embodiment, in step S120: if the electronic signature terminal passes the signature authentication, before acquiring a ciphertext obtained by encrypting target display information updated by the electronic signature terminal from the electronic signature terminal, the method comprises the following steps:

In this embodiment, the electronic tag and the electronic signature terminal pass signature authentication with each other, and before the electronic signature terminal sends updated target display information to the electronic tag, the electronic tag first performs permission judgment on the electronic signature terminal to determine which information in the electronic tag the electronic signature terminal has permission to update. The authority determination is performed through an authority configuration table stored in the electronic tag, wherein the content of the authority configuration table describes which electronic signature terminals corresponding to the electronic signature terminal identifications can update which types of information. For example: the electronic signature terminal with the electronic signature terminal identification 001 can only newly add maintenance records in the electronic tag; the electronic signature terminal identified as 002 is capable of modifying … … the specific parameters displayed in the electronic tag (e.g., modifying the maintenance period displayed in the electronic tag from 30 days to 20 days)

Therefore, after the electronic tag compares the acquired electronic signature terminal identification with the authority configuration table, the authority of the electronic signature terminal is determined, and a corresponding data uploading interface is opened to the electronic signature terminal according to the authority, so that the electronic signature terminal can only send the data meeting the data uploading interface specification to the electronic tag through the opened data uploading interface.

The embodiment has the advantage that the process of updating the electronic tag for the electronic signature terminal is more reliable through the authority judgment.

The following describes a process in which the electronic tag acquires target display information updated by the electronic signature terminal from the electronic signature terminal.

In the embodiment of the disclosure, when information is transmitted between the electronic tag and the electronic signature terminal, in order to ensure the security of the process, the information is encrypted symmetrically by using a key distributed in advance (for example, encryption using DES algorithm) before being sent. The party receiving the information decrypts the ciphertext by using the key, thereby obtaining the content of the information.

In step S120, if the electronic signature terminal passes the signature authentication, a ciphertext obtained by encrypting the target display information updated by the electronic signature terminal is acquired from the electronic signature terminal.

In one embodiment, the electronic tag opens a data transmission interface to the electronic signature terminal which passes signature authentication, so as to receive a ciphertext sent by the electronic signature terminal.

In step S130, the ciphertext is decrypted based on a predetermined decryption algorithm, so as to obtain target display information updated by the electronic signature terminal.

In an embodiment, the information obtained by decrypting the ciphertext by the electronic tag is "repair date: XX/XX/XX; and (4) overhauling results: safe ", the information is determined as updated target display information that needs to be displayed.

In step S140, the target display information is displayed on a display interface.

In an embodiment, the target display information obtained by the electronic tag is "repair date: XX/XX/XX; and (4) overhauling results: safety ", the electronic tag stores the target display information in a built-in storage space, and then displays the target display information through a display interface (for example, electronic ink paper in the electronic tag).

The embodiment has the advantage that due to the physical characteristics of the display interface (such as electronic ink paper in the electronic tag), even if the electronic tag is disconnected with the electronic signature terminal, the information can be continuously displayed after the power is lost, so that any person can acquire the relevant information of the relevant equipment from the electronic tag at any time point.

The following describes a process in which the electronic signature terminal backs up updated information after the display information in the electronic tag is updated and displayed.

In an embodiment, after displaying the target display information on a display interface, the method includes:

In this embodiment, after the electronic tag displays the target display information, the information of the updated display information is returned to the electronic signature terminal.

In one embodiment, after sending the information of the updated display information in the electronic tag to the electronic signature terminal, the method includes:

In this embodiment, after the electronic signature terminal confirms that the electronic tag completes updating and displaying of the target display information, the target display information updated this time is uploaded to the server for backup, so that the related devices associated with the electronic tag are monitored according to the information update record stored in the server in the following.

The embodiment has the advantages that the updated target display information is backed up in the server, and the management efficiency of the electronic tag information is improved.

The following describes an interaction flow of information management in the electronic tag system with reference to fig. 3: the electronic tag and the electronic signature terminal are connected through NFC; the electronic tag and the electronic signature terminal mutually perform signature authentication; after the electronic tag and the electronic signature terminal mutually pass signature authentication, the electronic signature terminal sends a ciphertext obtained by encrypting the target display information to the electronic tag; the electronic tag decrypts the ciphertext to obtain target display information, and the target display information is displayed on a display interface; the electronic tag sends the information of the updated display information in the electronic tag to the electronic signature terminal; and the electronic signature terminal sends the target display information to the server for backup.

According to an embodiment of the present disclosure, as shown in fig. 4, there is also provided an electronic tag, including:

a first obtaining module 210, configured to obtain an electronic signature terminal signature in response to an information update request sent by an electronic signature terminal;

the signature authentication module 220 is configured to perform signature authentication on the electronic signature terminal based on a predetermined signature authentication algorithm and the signature of the electronic signature terminal;

a second obtaining module 230, configured to obtain, from the electronic signature terminal, a ciphertext obtained by encrypting target display information updated by the electronic signature terminal if the electronic signature terminal passes signature authentication;

a decryption module 240, configured to decrypt the ciphertext based on a predetermined decryption algorithm to obtain target display information updated by the electronic signature terminal;

and the electronic ink paper display module 250 is configured to display the target display information on a display interface.

In one embodiment, before acquiring the electronic signature terminal signature, the method comprises the following steps:

generating first information to be signed;

In one embodiment, the signature authentication of the electronic signature terminal based on a predetermined signature authentication algorithm and the signature of the electronic signature terminal includes:

acquiring the identifier of the electronic signature terminal;

In an embodiment, the generating an electronic tag signature using a private key of the electronic tag and the second information to be signed based on a predetermined signature generating algorithm further includes:

In an embodiment, the comparing, by the electronic signature terminal, the second de-signature information with the second information to be signed to determine whether the electronic tag passes signature authentication includes:

In an embodiment, if the electronic signature terminal passes the signature authentication, before obtaining a ciphertext obtained by encrypting the target display information updated by the electronic signature terminal from the electronic signature terminal, the method includes:

The information update management method in the electronic tag system according to the embodiment of the present disclosure may be implemented by the electronic tag 400 of fig. 5. An electronic tag 400 according to an embodiment of the present disclosure is described below with reference to fig. 5. The electronic tag 400 shown in fig. 5 is only an example, and should not bring any limitation to the functions and the scope of use of the embodiments of the present disclosure.

As shown in fig. 5, the electronic tag 400 is in the form of a general purpose computing device. The components of the electronic tag 400 may include, but are not limited to: the at least one processing unit 410, the at least one memory unit 420, and a bus 430 that couples various system components including the memory unit 420 and the processing unit 410.

Wherein the storage unit stores program code executable by the processing unit 410 to cause the processing unit 410 to perform steps according to various exemplary embodiments of the present invention as described in the description part of the above exemplary methods of the present specification. For example, the processing unit 410 may perform the various steps as shown in fig. 1.

The storage unit 420 may include readable media in the form of volatile memory units, such as a random access memory unit (RAM)4201 and/or a cache memory unit 4202.

The storage unit 420 may also include a program/utility 4203 having a set (at least one) of program modules 4204, such program modules 4204 including, but not limited to: an operating system, one or more application programs, other program modules, and program data, each of which, or some combination thereof, may comprise an implementation of a network environment.

Bus 430 may be any bus representing one or more of several types of bus structures, including a memory unit bus or memory unit controller, a peripheral bus, an accelerated graphics port, a processing unit, or a local bus using any of a variety of bus architectures.

The electronic tag 400 may communicate with an external device 500 (e.g., NFC device, etc.). Such communication may occur via input/output (I/O) interfaces 450. It should be appreciated that although not shown in the figures, other hardware and/or software modules may be used in conjunction with the electronic tag 400, including but not limited to: microcode, device drivers, redundant processing units, external disk drive arrays, RAI D systems, tape drives, and data backup storage systems, etc.

Through the above description of the embodiments, those skilled in the art will readily understand that the exemplary embodiments described herein may be implemented by software, or by software in combination with necessary hardware. Therefore, the technical solution according to the embodiments of the present disclosure may be embodied in the form of a software product, which may be stored in a non-volatile storage medium (which may be a CD-ROM, a usb disk, a removable hard disk, etc.) or on a network, and includes several instructions to enable a computing device (which may be a personal computer, a server, a terminal device, or a network device, etc.) to execute the method according to the embodiments of the present disclosure.

In an exemplary embodiment of the present disclosure, there is also provided a computer program medium having stored thereon computer readable instructions which, when executed by a processor of a computer, cause the computer to perform the method described in the above method embodiment section.

According to an embodiment of the present disclosure, referring to fig. 6, there is also provided a program product 600 for implementing the method in the above method embodiment, which may employ a portable compact disc read only memory (CD-ROM) and include program code, and may be run on a terminal device, such as a personal computer. However, the program product of the present invention is not limited in this regard and, in the present document, a readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device.

The program product may employ any combination of one or more readable media. The readable medium may be a readable signal medium or a readable storage medium. A readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples (a non-exhaustive list) of the readable storage medium include: an electrical connection having one or more wires, a portable disk, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.

A computer readable signal medium may include a propagated data signal with readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A readable signal medium may also be any readable medium that is not a readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device.

Program code embodied on a readable medium may be transmitted using any appropriate medium, including but not limited to wireless, wireline, optical fiber cable, RF, etc., or any suitable combination of the foregoing.

Program code for carrying out operations for aspects of the present invention may be written in any combination of one or more programming languages, including an object oriented programming language such as Java, C + + or the like and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computing device, partly on the user's device, as a stand-alone software package, partly on the user's computing device and partly on a remote computing device, or entirely on the remote computing device or server. In the case of a remote computing device, the remote computing device may be connected to the user computing device through any kind of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or may be connected to an external computing device (e.g., through the internet using an internet service provider).

It should be noted that although in the above detailed description several modules or units of the device for action execution are mentioned, such a division is not mandatory. Indeed, the features and functionality of two or more modules or units described above may be embodied in one module or unit, according to embodiments of the present disclosure. Conversely, the features and functions of one module or unit described above may be further divided into embodiments by a plurality of modules or units.

Furthermore, the above-described figures are merely schematic illustrations of processes involved in methods according to exemplary embodiments of the invention, and are not intended to be limiting. It will be readily understood that the processes shown in the above figures are not intended to indicate or limit the chronological order of the processes. In addition, it is also readily understood that these processes may be performed synchronously or asynchronously, e.g., in multiple modules.

Other embodiments of the disclosure will be apparent to those skilled in the art from consideration of the specification and practice of the disclosure disclosed herein. This application is intended to cover any variations, uses, or adaptations of the disclosure following, in general, the principles of the disclosure and including such departures from the present disclosure as come within known or customary practice within the art to which the disclosure pertains. It is intended that the specification and examples be considered as exemplary only, with a true scope and spirit of the disclosure being indicated by the following claims.

Claims

1. An information updating management method in an electronic tag system, wherein the electronic tag system comprises an electronic tag and an electronic signature terminal, the electronic tag is used for displaying relevant information of fire fighting equipment or special equipment, the relevant information comprises a maintenance record and a maintenance period, the method is executed by the electronic tag, and the method comprises the following steps:

if the electronic signature terminal passes signature authentication, determining the authority of the electronic signature terminal for each type of information of the electronic tag based on the identifier of the electronic signature terminal and a preset authority configuration table;

opening a corresponding data uploading interface to the electronic signature terminal based on the authority of the electronic signature terminal for each type of information of the electronic tag;

receiving a ciphertext obtained by updating and encrypting target display information by the electronic signature terminal through the data uploading interface;

and displaying the target display information updated by the electronic signature terminal on a display interface of the electronic tag.

2. The method of claim 1, prior to said obtaining an electronic signature terminal signature, comprising:

3. The method of claim 1, prior to said obtaining an electronic signature terminal signature, comprising:

generating first information to be signed;

4. The method of claim 3, wherein the electronic signature terminal generates an electronic signature terminal signature for the first information to be signed, and the method comprises:

5. The method according to claim 4, wherein the signature authentication of the electronic signature terminal based on a predetermined signature authentication algorithm and the electronic signature terminal signature comprises:

acquiring the identifier of the electronic signature terminal;

6. The method according to claim 1, before receiving, through the data upload interface, a ciphertext obtained by updating and encrypting target display information by the electronic signature terminal, the method includes:

7. The method according to claim 6, wherein the electronic signature terminal performs signature authentication on the electronic tag based on a predetermined signature authentication algorithm, and comprises:

8. An electronic tag, characterized in that, the electronic tag is used for displaying the relevant information of fire fighting equipment or special equipment, the relevant information includes maintenance record and maintenance cycle, the electronic tag includes:

the permission determining module is used for determining the permission of the electronic signature terminal for each type of information of the electronic tag based on the identification of the electronic signature terminal and a preset permission configuration table if the electronic signature terminal passes signature authentication;

the interface opening module is used for opening a corresponding data uploading interface to the electronic signature terminal based on the authority of the electronic signature terminal aiming at each type of information of the electronic tag;

the ciphertext receiving module is used for receiving a ciphertext obtained by updating and encrypting the target display information by the electronic signature terminal through the data uploading interface;

and the electronic ink paper display module is used for displaying the target display information updated by the electronic signature terminal on the display interface of the electronic tag.

9. An electronic tag, comprising:

a memory configured to store executable instructions;

a processor configured to execute executable instructions stored in the memory to perform the method of any of claims 1-7.

10. A computer-readable storage medium storing computer program instructions which, when executed by a computer, cause the computer to perform the method of any one of claims 1 to 7.