CN110021088B - Page control door opening system and method of distributed authorization architecture - Google Patents

Page control door opening system and method of distributed authorization architecture Download PDF

Info

Publication number
CN110021088B
CN110021088B CN201811270211.1A CN201811270211A CN110021088B CN 110021088 B CN110021088 B CN 110021088B CN 201811270211 A CN201811270211 A CN 201811270211A CN 110021088 B CN110021088 B CN 110021088B
Authority
CN
China
Prior art keywords
user
access control
authority
openid
application server
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201811270211.1A
Other languages
Chinese (zh)
Other versions
CN110021088A (en
Inventor
周韦华
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen City Ajar Linkage Technology Ltd
Original Assignee
Shenzhen City Ajar Linkage Technology Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen City Ajar Linkage Technology Ltd filed Critical Shenzhen City Ajar Linkage Technology Ltd
Priority to CN201811270211.1A priority Critical patent/CN110021088B/en
Publication of CN110021088A publication Critical patent/CN110021088A/en
Application granted granted Critical
Publication of CN110021088B publication Critical patent/CN110021088B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00309Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00571Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated by interacting with a central unit
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/30Individual registration on entry or exit not involving the use of a pass
    • G07C9/32Individual registration on entry or exit not involving the use of a pass in combination with an identity check
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/30Individual registration on entry or exit not involving the use of a pass
    • G07C9/38Individual registration on entry or exit not involving the use of a pass with central registration
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2141Access rights, e.g. capability lists, access control lists, access tables, access matrices
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C2209/00Indexing scheme relating to groups G07C9/00 - G07C9/38
    • G07C2209/04Access control involving a hierarchy in access rights

Landscapes

  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • General Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Databases & Information Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Lock And Its Accessories (AREA)
  • Time Recorders, Dirve Recorders, Access Control (AREA)

Abstract

The invention relates to a page control door opening system and method of a distributed authorization architecture. A part of data for realizing authentication is arranged on a third-party server, and the other part of data is arranged on an access control application server, so that a distributed authorization framework is formed. The association relationship between the authority and the authority can be established on the access control application server at one time according to the existing logic, namely, a complete authorization database does not need to be established and maintained on the access control application server for realizing authentication, so that the deployment speed of the access control service can be increased, and the safety of user information can also be improved. In addition, direct user information is not contained in the door opening request sent by the user triggering the preset control of the WeChat public number page and in the subsequent authentication process, namely, the access control application server is prevented from associating the authority information with specific personal information in the authentication process, and therefore the information safety of the user is further improved.

Description

Page control door opening system and method of distributed authorization architecture
Technical Field
The invention relates to the field of access control, in particular to a page control door opening system and method of a distributed authorization architecture.
Background
In order to facilitate the use of access service, an existing access control scheme can be opened by using mobile phone WeChat, and the basic steps of the scheme comprise the steps of establishing an authorization database in advance and scanning and opening the access control of a cell by using a WeChat application program installed on a mobile phone to realize authentication in the later period.
However, in the existing access control scheme, firstly, an administrator and all users who need to use the access control service are required to cooperate to establish an authorization database on an access control server one by one, so that the required time is long, and rapid deployment is difficult to achieve. Secondly, along with the deep application of the internet, other property services except the access control service also adopt similar authorization processes. Thus, there is a scenario in which, if the access control service is a relatively newly deployed service, the user has repeated a plurality of times to cooperate to complete the corresponding authorization in order to use the community service before that. At this time, if the same authorization flow is still adopted, the user needs to be troubled again to cooperate with the flows of registration binding and the like, so that not only the deployment time is long, but also the user can suffer from the conflicting emotion, and the deployment of the access control service can be further delayed due to the situation. Thirdly, building databases between personal information and authorities for different services respectively is also easy to have potential safety hazards. Fourthly, when the residents move in or out, the property needs to add or delete the resident information on a plurality of service platforms, which is troublesome and troublesome in management. The above influences the deployment of the access control service and promotes the safety risk of user information.
Disclosure of Invention
The technical problem to be solved by the present invention is to provide a system and a method for opening a page control with a distributed authorization architecture, aiming at the above-mentioned defects in the prior art, so as to overcome the defects of low deployment efficiency and high user information security risk in the prior art.
The technical scheme adopted by the invention for solving the technical problems is as follows: a page control door opening system of a distributed authorization architecture is provided, which comprises:
the entrance guard unit comprises an electronic lock, an entrance guard controller electrically connected with the electronic lock and an entrance guard gateway electrically connected with the entrance guard controller; and an access control application server, a third party server, wherein,
the access control application server is used for receiving a door opening request triggered by a preset control of a WeChat public number page on user terminal equipment, wherein the door opening request comprises a public number identifier and a user openid;
the access control application server is also used for sending a user openid request to a third-party server according to the data interface of the public number identifier after receiving a door opening request and returning authority information related to the user openid;
the third-party server is used for inquiring the stored personal information, the stored user openid and the incidence relation among the authority information according to the user openid and returning the authority information corresponding to the user openid to the access control application server;
the access control application server is also used for judging whether the openid of the user has the authority according to the returned result of the authority information, and the access control application server is pre-established with the association relationship between the authority information and the authority;
the access control application server is also used for returning an access control identification list corresponding to the authority to a WeChat public number page of the user terminal equipment if the user openid has the authority;
the access control application server is also used for receiving an access control identifier which is selected and input from the permission list through the WeChat public number page on the user terminal equipment, and sending a corresponding unlocking instruction to the access control device according to the obtained access control identifier.
The invention also provides a page control door opening method of the distributed authorization architecture, which comprises the following steps:
step 100: the method comprises the steps that an access control application server receives a door opening request triggered by a preset control of a WeChat public number page on user terminal equipment, wherein the door opening request comprises a public number identification and a user openid;
step 120: the access control application server sends a user openid request to a third-party server according to the data interface of the public number identifier and returns authority information related to the user openid;
step 130: the third-party server inquires the stored personal information, the stored user openid and the incidence relation among the authority information according to the user openid and returns the authority information corresponding to the user openid to the access control application server;
step 140: the access control application server judges whether the openid of the user has the authority according to the returned result of the authority information, and the access control application server establishes an association relationship between the authority information and the authority in advance;
step 160: if the judgment result in the step 140 is yes, the access control application server returns an access control identification list corresponding to the authority to a WeChat public number page of the user terminal equipment;
step 180: the entrance guard application server receives an entrance guard identification which is selected and input from the authority list through a WeChat public number page on the user terminal equipment;
step 200: and the access control application server sends a corresponding unlocking instruction to the access control controller according to the acquired access control identification.
The invention has the beneficial effect that a part of the data for realizing the authentication is arranged on the third-party server, and the other part of the data is arranged on the access control application server, so that a distributed authorization framework is formed. Specifically, on the basis of the association relationship among the personal information, the user openid and the authority information stored in the third-party server, the association relationship between the authority and the authority can be established on the access control application server at one time according to the existing logic, that is, a complete authorization database does not need to be established and maintained on the access control application server in order to realize authentication, so that the deployment speed of the access control service can be increased, and the security of the user information can also be improved. In addition, the information related to the user in the door opening request sent by the user triggering the preset control of the WeChat public number page is the user openid, but not the direct user information; the same is true for the authority information returned to the access control application server by the third-party server, and direct user information is not included, namely, the access control application server is prevented from associating the authority information to specific personal information in the authentication process, so that the information security of the user is further improved.
Drawings
The invention will be further described with reference to the accompanying drawings and examples, in which:
FIG. 1 is a schematic diagram of an embodiment of a distributed authorization architecture page control door opening system of the present invention;
FIG. 2 is a flowchart illustrating a first embodiment of a method for opening a door of a page control of a distributed authorization architecture according to the present invention;
FIG. 3 is a flowchart illustrating a second embodiment of a method for opening a door of a page control of a distributed authorization architecture according to the present invention;
FIG. 4 is a flowchart illustrating a third embodiment of a method for opening a door by a page control of a distributed authorization architecture according to the present invention;
FIG. 5 is a flowchart illustrating a fourth embodiment of a method for opening a door by a page control of a distributed authorization architecture according to the present invention;
FIG. 6 is a flowchart illustrating a fifth embodiment of a method for opening a door by a page control of a distributed authorization architecture according to the present invention;
fig. 7 is a flowchart illustrating a sixth embodiment of a method for opening a door by a page control of a distributed authorization architecture according to the present invention.
Detailed Description
The preferred embodiments of the present invention will now be described in detail with reference to the accompanying drawings.
As shown in fig. 1, a page control door opening system of a distributed authorization architecture of this embodiment includes:
the entrance guard unit comprises an electronic lock, an entrance guard controller electrically connected with the electronic lock and an entrance guard gateway electrically connected with the entrance guard controller; and an access control application server, a third party server, wherein,
the access control application server is used for receiving a door opening request triggered by a preset control of a WeChat public number page on user terminal equipment, wherein the door opening request comprises a public number identifier and a user openid;
the access control application server is also used for sending a user openid request to a third-party server according to the data interface of the public number identifier after receiving a door opening request and returning authority information related to the user openid;
the third-party server is used for inquiring the stored personal information, the stored user openid and the incidence relation among the authority information according to the user openid and returning the authority information corresponding to the user openid to the access control application server;
the access control application server is also used for judging whether the openid of the user has the authority according to the returned result of the authority information, and the access control application server is pre-established with the association relationship between the authority information and the authority;
the access control application server is also used for returning an access control identification list corresponding to the authority to a WeChat public number page of the user terminal equipment if the user openid has the authority;
the access control application server is also used for receiving an access control identifier which is selected and input from the permission list through the WeChat public number page on the user terminal equipment, and sending a corresponding unlocking instruction to the access control device according to the obtained access control identifier.
In the embodiment of the present invention, the electronic lock is an electric locking or unlocking device, for example, an electromagnetic retractable lock, which switches between locking and unlocking by electrically driving a movable member, is commonly used. The entrance guard controller is used for controlling the action of the electronic lock, for example, a main control board of the entrance guard controller is provided with a driving circuit or an instruction receiving and transmitting module matched with the electronic lock. The entrance guard gateway is used for receiving or analyzing a control command sent by a superior network, for example, receiving the control command through a wired broadband, a wireless 4g, a Bluetooth or a narrow-band network, and sending the analyzed control command to the entrance guard controller so that the entrance guard controller can control the electronic lock.
The access control application server is generally provided by a service provider, such as micro-open internet technology. The access control application server can be a cloud server, so that the access control application server can conveniently serve different communities simultaneously. The remote control of the entrance guard controller can be achieved by the electric connection or the communication connection with the entrance guard controller.
The user operates the user terminal equipment, logs in the WeChat application program and enters the public number page, and a door opening request can be sent out through the user terminal equipment by touching a control part of a 'one-key door opening' word, such as a word or an icon. Here, the first and second liquid crystal display panels are,
the user is an authority person of an authority object, for example, an owner is an authority person of a certain property of a certain unit of a certain cell, and the owner/owner has access rights of the cell and the building unit.
The user terminal device generally refers to a mobile phone commonly used by a user, and can send an authority check request by using the inherent function of the mobile phone or installing an application program such as WeChat on the mobile phone.
The openid is a hidden identifier, and the openid is the unique user identifier of the wechat user under the public number identifier (the obtained openid is different if the public number identifiers are different), and can be used for permanently marking one user.
A data interface for connecting a third-party server is pre-established in the public number configuration file, and a request for acquiring information is sent to the third-party server by carrying openid. In the step, the access control application server only contacts the recessive identification, so that the personal information of the user is prevented from being exposed. For example, the access control application server cannot initiate a request of 'trusted friends' to the user in the case of only openid.
The third-party server is generally configured by a hony community platform of Tencent or a property of a cell, for an example, if a cell has 1000 house owners, each house owner registers and binds house information in the hony server serving as the third-party server, the personal information can comprise a micro signal and a mobile phone number, and a hidden identifier is openid, so that the hony server establishes such a correlation record for each house owner;
field 1 Field 2 Field 3 Field 4
Micro-signal … … openid…… Mobile phone number … … Authority … …
Assuming that such a record exists on the third party server;
field 1 Field 2 Field 3 Field 4
Micro-signal user A openid user A Mobile phone number 135 … … Star district 1-102 house
Then a string such as "star cell 1-102 house" may be returned to the access control application server using the field 2 "openid user a" query.
The rights object may correspond to a residential room, a laboratory, a hotel room, etc.; the door opening permission of the gate of the corresponding community and the building unit can be used for the community room; the laboratory corresponds to a gate of the laboratory; a hotel room corresponds to a room door;
when the method is applied to the community access control, the specific room and the community gate or the community gate authority relationship is fixed, so that the association relationship table can be established quickly.
Following the example above where the han server has authenticated user a, assume that the gate application server has established an association table:
field 1 Authority
Star district 1-102 house 1 unit door, gate 1 and gate 2
Star district 2-101 house 2 unit door, gate 1 and gate 2
And returning 1 unit door, a gate 1 and a gate 2 for further selection by the user according to the 'rights object 1-102 house' returned by the Haina server. If the user is outside the gate 1, the user can select the authority corresponding to the gate 1 according to the returned authority list, and thus, the access control identification corresponding to the gate 1 is sent to the access control application server. And the access control application server sends an unlocking instruction to the access control controller of the gate 1 according to the access control identification of the gate 1 so as to open the gate 1 for the user.
The invention has the beneficial effect that a part of the data for realizing the authentication is arranged on the third-party server, and the other part of the data is arranged on the access control application server, so that a distributed authorization framework is formed. Specifically, on the basis of the association relationship among the personal information, the user openid and the authority information stored in the third-party server, the association relationship between the authority and the authority can be established on the access control application server at one time according to the existing logic, that is, a complete authorization database does not need to be established and maintained on the access control application server in order to realize authentication, so that the deployment speed of the access control service can be increased, and the security of the user information can also be improved. In addition, the information related to the user in the door opening request sent by the user triggering the preset control of the WeChat public number page is the user openid, but not the direct user information; the same is true for the authority information returned to the access control application server by the third-party server, and direct user information is not included, namely, the access control application server is prevented from associating the authority information to specific personal information in the authentication process, so that the information security of the user is further improved.
The data of the association relation is stored under cooperation of residents when other services are carried out by a community property department, the data is managed and maintained by a third party (or the property department), and the association relation has the characteristics of accuracy, comprehensiveness and the like, for example, the property department acquires relevant information of residents when charging living expenses such as property expenses, water, gas and the like, the information usually covers almost all properties of the whole community, generally comprises personal information of a house owner, the implicit identification and corresponding property information, sometimes also comprises personal information of a main family member (such as a house owner spouse), and the personal information of the main family member is also associated with the corresponding property.
Therefore, the user data of the third-party server are butted, so that the process that the user coordinates to authorize again for using the access control service can be omitted, and the use experience of the user is improved. Meanwhile, the access control application server can avoid the requirement of local data storage and maintenance through the butt joint of the user data of the third-party server, and the storage and operation expenses of the server are saved.
For example, the user a is a resident of a certain cell and is the identity of a homeowner or a family member, the access control service of the cell opens the third-party user data docking service, and the user a has previously retained the association relationship between personal information, implicit identification (user openid) and property information when handling other services. Therefore, when the user A enters the access control service public number, the authentication can be realized without any operation of registration binding.
In the prior art, when the user performs authentication required by using the access control service, the user always needs to manually input the home address and the personal information in advance and can realize self binding after the authentication.
The distributed authorization architecture of the access control service is characterized in that the association among the personal information, the user openid and the authority information on the third-party server is a first association, the association between the authority information and the authority established on the access control application server is a second association, the core of the first association is that authentication is required and the association between the personal information and the authority information is established, the first association is established before the access control service in use time of a user, re-authentication of most users or all users can be avoided, and specifically, the number of information pieces with the authority information in the first association and the authority information in the second association is approximately close to or equal to the number of the authority information pieces in the second association. That is, the user authenticated in advance on the access control application server does not need to be authenticated again when the door opening system of the invention is used for the first time. In addition, the second association relationship is mainly used for establishing the association relationship between the authority object information and the authority, and the establishment of the relationship can be established at one time according to known logic. In general, the first association relationship is authenticated before the entrance guard service is deployed, and the second association relationship can be established at one time without the participation of a user, so that the deployment speed of the entrance guard service is improved by the distributed authorization architecture.
Further, the access control application server is specifically configured to, when determining whether the user openid has an authority according to the result returned by the authority information:
judging whether the user binds the authority information in the third-party server according to the authority information return result;
if the user binds the authority information in the third-party server, whether an authority record corresponding to the authority information exists is further judged.
In this embodiment, if the returned result of the rights object is null, it may be determined that the user has not bound any rights object information at the third-party server. Also taking the above cell as an example, if the rights object information does not correspond to the cell, the rights object does not have the rights record corresponding to the cell. If a user is a user of the moon cell, the user logs in the public number associated with the star cell and touches a preset door opening control, and then the access control application server cannot inquire the authority record corresponding to the authority object information of the user.
Further, if the access control application server is used for judging that the user openid has no authority according to the result returned by the authority information, the access control application server is further used for: sending a registration address of a third-party server to user terminal equipment;
the third-party server is also used for receiving a registration request sent by the user terminal equipment according to the registration address, wherein the registration request comprises the user openid and the personal information;
the third-party server is also used for establishing an incidence relation between the personal information and the user openid according to the registration request;
the third-party server is further used for receiving a binding request sent by the user terminal equipment according to the binding address, wherein the binding request comprises personal information, user openid and authority information.
The third-party server is further used for auditing the binding request and judging whether the audit is passed, and if the audit is passed, the incidence relation among the personal information, the user openid and the authority information is established according to the binding request.
In this embodiment, if the access control application server is used for determining that the openid of the user has no authority according to the result returned by the authority information, two situations exist, one is unregistered, and the other is registered but unbound, in any case, the user is guided to the registration page of the third-party server first, so that the user can use the access control service smoothly, and the judgment process can be set to play a role in supplementation.
Generally, only a few users in a cell have not been authenticated at the third-party server, so the users do not have records at the third-party server; for example, a user who first enters a cell after the house purchased by the cell has been left empty for a period of time or purchased a second house of the cell, because no property service of the cell is used and therefore no property is registered or bound with a third party server. By guiding partial user registration and binding in the step, the registration data of the third-party server is more complete. In order to further realize the permission check, the user needs to register to a third-party server in a matching manner so as to facilitate further binding of the information of the permission.
Since binding the implicit identification and the personal information generally does not involve substantial rights, the third-party server can automatically establish the association relationship between the personal information and the implicit identification after receiving the registration request.
The user associates the personal information with the recessive identification information when registering in the third-party server; and the personal information is required to be authenticated when the authority information of the authority is confirmed, and the request for binding is to bind the recessive identification and the authority information by binding the personal information and the authority information.
The third-party server can realize machine verification through an artificial intelligence recognition technology, and can also forward the binding request to an administrator to ensure that the administrator verifies and authenticates the content of the binding request. For example, the binding between the mobile phone number and the specific property, the administrator calls the mobile phone number of the user to ask the user to submit other necessary data, or checks whether the mobile phone number should be bound with the specific property according to the recorded data.
If the administrator considers that the personal information provided by the user does not correspond to the rights object information, binding can be refused, namely the corresponding verification result is not passed. The mobile phone number is generally verified in real name, and if the corresponding user name of the mobile phone number is consistent with the name of the owner of the house property, the verification is passed. And the administrator forwards the auditing result to the third-party server so that the third-party server can further process the auditing result.
And if the third-party server passes the verification, establishing an association relation among the personal information, the recessive identification and the authority information, and facilitating the calling of the access control server. Therefore, the binding data of the third-party server is more complete by guiding and binding the application access control server, so that the system can serve more extensive users.
Further, the access control application server is used for requesting to return personal information when sending a user openid request to a third-party server according to the data interface of the public number identifier and returning authority information related to the user openid;
the third-party server is used for inquiring the stored personal information, the stored user openid and the incidence relation among the authority information according to the user openid and returning the authority information corresponding to the user openid to the access control application server, and is also used for returning the personal information identifier corresponding to the personal information;
the access control application server is specifically used for judging whether the user binds the authority information in the third-party server according to the authority information return result:
judging whether the returned result of the authority information is empty or not;
if the authority information return result is not null, the access control application server further judges whether the personal information return result is null or not;
the access control application server is also used for sending the binding address of the third-party server to the user terminal equipment when the returned result of the authority information is empty;
the third-party server is also used for receiving a registration request sent by the user terminal equipment according to the registration address, wherein the registration request comprises the user openid and the personal information;
the third-party server is also used for establishing an incidence relation between the personal information and the user openid according to the registration request;
the third-party server is further used for receiving a binding request sent by the user terminal equipment according to the binding address, wherein the binding request comprises personal information, user openid and authority information.
The third-party server is further used for auditing the binding request and judging whether the audit is passed, and if the audit is passed, the incidence relation among the personal information, the user openid and the authority information is established according to the binding request.
In this embodiment, the personal information requested to be returned by the access control application server may be a mobile phone number, a name, or an identity card number, and whether the user has completed registration in the third-party server may be conveniently checked by using the returned personal information.
In order to ensure the privacy of the user, when the access control application server requests to return the personal information, only the personal information identifier corresponding to the personal information is returned. For example, if the personal information is an 11-digit mobile phone number, a mobile phone number with a plurality of digits omitted is returned, that is, the mobile phone number with the digits omitted is used as the identifier of the mobile phone number, specifically, the identifier of the mobile phone number with the beginning of 135 and the end of 3356 is 135 × 3356.
The following describes in detail embodiments of the method for opening a door of a page control of a distributed authorization architecture according to the present invention.
Referring to fig. 2, in a first embodiment of a method for opening a page control of a distributed authorization architecture, the method includes:
step 100: the method comprises the steps that an access control application server receives a door opening request triggered by a preset control of a WeChat public number page on user terminal equipment, wherein the door opening request comprises a public number identification and a user openid;
specifically, after the user logs in the public number, the user can trigger the door opening request by touching the webpage control of 'one-key door opening'. If the user does not pay attention to the public number, the user can pay attention in a scanning mode or a public number searching mode.
The user is an authority person of an authority object, for example, an owner is an authority person of a certain property of a certain unit of a certain cell, and the owner/owner has access rights of the cell and the building unit.
The terminal device generally refers to a mobile phone commonly used by a user, and can send a permission check request by using the inherent function of the mobile phone or installing an application program such as WeChat on the mobile phone.
The access control application server is generally provided by a service provider, such as micro-open internet technology. The access control application server can be a cloud server, so that the access control application server can conveniently serve different communities simultaneously. The remote control of the entrance guard controller can be achieved by the electric connection or the communication connection with the entrance guard controller.
The openid is a hidden identifier, and the openid is the unique user identifier of the wechat user under the public number identifier (the obtained openid is different if the public number identifiers are different), and can be used for permanently marking one user. The hidden mark is information which can not be directly utilized by the public and can be contacted with the user, and the personal information belongs to information which can be directly utilized by the public and can be contacted with the user. Such as micro-signals, mobile phone numbers, belonging to personal information. The user uses the micro signal to log in the micro information public number, the micro information platform distributes openid related to the micro information public number for the micro signal, and the public can not directly contact the user by using the openid.
Step 120: the access control application server sends a user openid request to a third-party server according to the data interface of the public number identifier and returns authority information related to the user openid;
a data interface for connecting a third-party server is pre-established in the public number configuration file, and a request for acquiring information is sent to the third-party server by carrying openid. In the step, the access control application server only contacts the recessive identification, so that the personal information of the user is prevented from being exposed. For example, the access control application server cannot initiate a request of 'trusted friends' to the user in the case of only openid.
The third-party server is generally configured by a hony community platform of Tencent or a property of a cell, for an example, if a cell has 1000 house owners, each house owner registers and binds house information in the hony server serving as the third-party server, the personal information can comprise a micro signal and a mobile phone number, and a hidden identifier is openid, so that the hony server establishes such a correlation record for each house owner;
field 1 Field 2 Field 3 Field 4
Micro-signal … … openid…… Mobile phone number … … Authority … …
Step 130: the third-party server inquires the stored personal information, the stored user openid and the incidence relation among the authority information according to the user openid and returns the authority information corresponding to the user openid to the access control application server;
assuming that such a record exists on the third party server;
field 1 Field 2 Field 3 Field 4
Micro-signal user A openid user A Mobile phone number 135 … … Star district 1-102 house
Then a string such as "star cell 1-102 house" may be returned to the access control application server using the field 2 "openid user a" query.
Step 140: the access control application server judges whether the openid of the user has the authority according to the returned result of the authority information, and the access control application server establishes an association relationship between the authority information and the authority in advance;
it can be understood that, if the field corresponding to the rights object information and the field corresponding to the rights are not empty, it may be determined that the openID of the user has the rights.
The rights object may correspond to a residential room, a laboratory, a hotel room, etc.; the door opening permission of the gate of the corresponding community and the building unit can be used for the community room; the laboratory corresponds to a gate of the laboratory; a hotel room corresponds to a room door;
when the method is applied to the community access control, the specific room and the community gate or the community gate authority relationship is fixed, so that the association relationship table can be established quickly.
Following the example above where the han server has authenticated user a, assume that the gate application server has established an association table:
field 1 Authority
Star district 1-102 house 1 unit door, gate 1 and gate 2
Star district 2-101 house 2 unit door, gate 1 and gate 2
Step 160: if the judgment result in the step 140 is yes, the access control application server returns an access control identification list corresponding to the authority to a WeChat public number page of the user terminal equipment;
following the above example, if the hainer server returns "rights object 1-102 house", the access control application server returns 1 unit door, gate 1, gate 2 for further selection by the user.
Step 180: the entrance guard application server receives an entrance guard identification which is selected and input from the authority list through a WeChat public number page on the user terminal equipment;
if the user is outside the gate 1, the user can select the authority corresponding to the gate 1 according to the returned authority list, and thus, the access control identification corresponding to the gate 1 is sent to the access control application server.
Step 200: and the access control application server sends a corresponding unlocking instruction to the access control controller according to the acquired access control identification.
And the access control application server sends an unlocking instruction to the access control controller of the gate 1 according to the access control identification of the gate 1 so as to open the gate 1 for the user.
Further, referring to fig. 3, in a second embodiment of the method for opening a door of a page control with a distributed authorization architecture, step 140 specifically includes:
step 141: the access control application server judges whether the user binds the authority information in the third-party server according to the returned result of the authority information;
if the returned result of the rights object is null, it can be judged that the user has not bound any rights object information at the third-party server.
Step 142: if the determination result in step 141 is yes, the access control application server further determines whether there is an authority record corresponding to the authority information.
Also taking the above cell as an example, if the rights object information does not correspond to the cell, the rights object does not have the rights record corresponding to the cell. For example, a user in a moon cell logs in a public number of a starry cell to touch a preset control to open a door, and even if the returned authority object information is not empty, the corresponding authority record cannot be found.
Further, referring to fig. 4, in a third embodiment of the method for opening a door of a page control of a distributed authorization architecture, the method further includes:
step 220: if the judgment result in the step 140 is negative, the access control application server sends the registration address of the third-party server to the user terminal equipment;
it can be understood that if the determination result in step 140 is no, there are two cases, the first case is not registered, and the second case is registered but not bound, and in any case, the user is guided to the registration page of the third-party server first, so that the user can use the access control service smoothly, and the determination process is set, thereby playing a complementary role. Generally, only a few users in a cell have not been authenticated at the third-party server, so the users do not have records at the third-party server; for example, a user who first enters a cell after the house purchased by the cell has been left empty for a period of time or purchased a second house of the cell, because no property service of the cell is used and therefore no property is registered or bound with a third party server. By guiding partial user registration and binding in the step, the registration data of the third-party server is more complete.
Step 240: the third-party server receives a registration request sent by the user terminal equipment according to the registration address, wherein the registration request comprises user openid and personal information;
in order to further realize the permission check, the user needs to register to a third-party server in a matching manner so as to facilitate further binding of the information of the permission.
Step 260: the third-party server establishes an incidence relation between the personal information and the user openid according to the registration request;
since binding the implicit identification and the personal information generally does not involve substantial rights, the third-party server can automatically establish the association relationship between the personal information and the implicit identification after receiving the registration request.
Step 300: the third-party server receives a binding request sent by the user terminal equipment according to the binding address, wherein the binding request comprises personal information, user openid and authority information;
the user associates the personal information with the recessive identification information when registering in the third-party server; and the personal information is required to be authenticated when the authority information of the authority is confirmed, and the request for binding is to bind the recessive identification and the authority information by binding the personal information and the authority information.
Step 320: the third party server checks the binding request;
it can be understood that the third-party server may implement machine auditing by combining with the face recognition technology, and may also forward the binding request to the administrator, so that the administrator verifies and authenticates the content of the binding request. For example, the binding between the mobile phone number and the specific property, the administrator calls the mobile phone number of the user to ask the user to submit other necessary data, or checks whether the mobile phone number should be bound with the specific property according to the recorded data.
Step 340: whether the audit is passed or not is checked;
if the machine is checked, immediately acquiring a checking result after the checking is finished; if the verification is performed manually by the administrator, the administrator considers that the personal information provided by the user does not correspond to the authority information, binding can be refused, and the corresponding verification result is failed. The mobile phone number is generally verified in real name, and if the corresponding user name of the mobile phone number is consistent with the name of the owner of the house property, the verification is passed. And the administrator forwards the auditing result to the third-party server so that the third-party server can further process the auditing result.
Step 360: and if the verification result in the step 340 is that the verification result is passed, the third-party server establishes an association relationship among the personal information, the user openid and the authority information according to the binding request.
After the binding request is approved, the third-party server establishes the association relationship among the personal information, the recessive identification and the authority information, and the access control server is convenient to use for calling. Therefore, the binding data of the third-party server is more complete by guiding and binding the application access control server, so that the system can serve more extensive users.
Preferably, the method further comprises: step 380: and sending prompt information to an access control application server or user terminal equipment. Therefore, the access control application server can further serve the user according to the prompt message. For example, to inform the user of the specific reason for not passing the permission check or to direct the user to do further work; the authorization information submitted by the user is wrong, and the authorization information is not approved; or the user belongs to a malicious binding, etc. The authority check result is directly sent to the user terminal equipment, so that the user can know the authority check result conveniently.
Further, referring to fig. 5, in a fourth embodiment of the method for opening a page control of a distributed authorization architecture,
step 120 specifically includes: the access control application server sends a user openid request to a third-party server according to the data interface of the public number identifier and returns authority information associated with the user openid and personal information;
the personal information requested to be returned can be a mobile phone number, a name or an identification number, and whether the user finishes registration in the third-party server can be conveniently checked by utilizing the returned personal information.
Step 130 specifically includes: the third-party server inquires the stored personal information, the stored user openid and the incidence relation among the authority information according to the user openid, and returns the corresponding authority information and the personal information identifier corresponding to the personal information to the access control application server;
in order to ensure the privacy of the user, when the access control application server requests to return the personal information, only the personal information identifier associated with the personal information is returned. For example, if the personal information is a mobile phone number which is not 11, a mobile phone number with a plurality of digits omitted is returned, that is, the mobile phone number with the digits omitted is used as the identifier of the mobile phone number, specifically, the identifier of the mobile phone number with the beginning of 135 and the end of 3356 is 135 x 3356.
Step 141 specifically includes:
step 141 a: the access control application server judges whether the returned result of the authority information is empty;
and judging whether the returned result of the authority information is null or not, and judging whether the openid of the user is registered in the third-party server or not. And if the returned result of the authority information is not null, the current user openid of the specification is registered in the third-party server.
Step 141 b: if the judgment result in the step 141a is no, the access control application server further judges whether the personal information return result is empty;
if the returned result of the authority information is not null, whether the returned result of the personal information is null or not is judged, and whether the current openid is bound with the personal information or not can be judged.
The method further comprises the following steps:
step 400: if the judgment result in the step 141a is yes, the access control application server sends the binding address of the third-party server to the user terminal equipment;
the openid of the user is registered but not bound, and the binding operation of the user can be guided by sending the binding address of the third-party server to the user terminal equipment, so that the invention is a basis for the authentication of the access control service component.
Step 420: the third-party server receives a binding request sent by the user terminal equipment according to the binding address, wherein the binding request comprises personal information, user openid and authority information;
the user associates the personal information with the recessive identification information when registering in the third-party server; and the personal information is required to be authenticated when the authority information of the authority is confirmed, and the request for binding is to bind the recessive identification and the authority information by binding the personal information and the authority information.
Step 440: the third party server checks the binding request;
as in step 320, it is understood that the third-party server may implement machine auditing by combining with the face recognition technology, or may forward the binding request to the administrator, so that the administrator verifies and authenticates the content of the binding request. For example, the binding between the mobile phone number and the specific property, the administrator calls the mobile phone number of the user to ask the user to submit other necessary data, or checks whether the mobile phone number should be bound with the specific property according to the recorded data.
Step 460: whether the audit is passed or not is checked;
similar to step 340, if the machine is checked, the checking result is immediately obtained after the checking is finished; if the verification is performed manually by the administrator, the administrator considers that the personal information provided by the user does not correspond to the authority information, binding can be refused, and the corresponding verification result is failed. The mobile phone number is generally verified in real name, and if the corresponding user name of the mobile phone number is consistent with the name of the owner of the house property, the verification is passed. And the administrator forwards the auditing result to the third-party server so that the third-party server can further process the auditing result.
Step 480: and the third-party server establishes the association relation among the personal information, the user openid and the authority information according to the binding request.
The same as the step 360, after the binding request is approved, the third-party server establishes the association relationship among the personal information, the recessive identification and the authority information, and the access control server is convenient to use for calling. Therefore, the binding data of the third-party server is more complete by guiding and binding the application access control server, so that the system can serve more extensive users.
Further, referring to fig. 6, in a fifth embodiment of the method for opening a door of a page control of a distributed authorization architecture, the method further includes:
step 220: the access control application server sends a registration address of a third-party server to the user terminal equipment;
step 240: the third-party server receives a registration request sent by the user terminal equipment according to the registration address, wherein the registration request comprises user openid and personal information;
step 260: the third-party server establishes an incidence relation between the personal information and the user openid according to the registration request;
step 520: and the third-party server sends the binding address of the third-party server to the user terminal equipment.
Further, referring to fig. 7, in a sixth embodiment of the method for opening a page control of a distributed authorization architecture,
the step 200 specifically includes: and the access control server sends a corresponding unlocking instruction to the access control controller according to the acquired access control identification, and sends an unlocked notification to the user terminal equipment. The user can be informed that unlocking is completed on the program by sending a notice, and if the door lock is not opened actually, the user can find property feedback according to the notice.
It should be understood that the above embodiments are only used for illustrating the technical solutions of the present invention, and not for limiting the same, and those skilled in the art can modify the technical solutions described in the above embodiments, or make equivalent substitutions for some technical features; and all such modifications and alterations are intended to fall within the scope of the appended claims.

Claims (10)

1. A system for opening a door by a page control of a distributed authorization architecture is characterized by comprising:
the entrance guard unit comprises an electronic lock and an entrance guard controller electrically connected with the electronic lock;
an access control application server, and a third party server, wherein,
the access control application server is used for receiving a door opening request triggered by a preset control of a WeChat public number page on user terminal equipment, wherein the door opening request comprises a public number identifier and a user openid;
the access control application server is also used for sending a user openid request to a third-party server according to the data interface of the public number identifier after receiving a door opening request and returning authority information related to the user openid;
the third-party server stores the incidence relation data of personal information, user openid and authority information according to other services except the access control service;
the third-party server is used for inquiring the stored personal information, the stored user openid and the incidence relation among the authority information according to the user openid and returning the authority information corresponding to the user openid to the access control application server;
the access control application server is also used for judging whether the openid of the user has the authority according to the returned result of the authority information, and the access control application server is pre-established with the association relationship between the authority information and the authority;
the access control application server is also used for returning an access control identification list corresponding to the authority to a WeChat public number page of the user terminal equipment if the user openid has the authority;
the access control application server is also used for receiving an access control identifier which is selected and input from the permission list through the WeChat public number page on the user terminal equipment, and sending a corresponding unlocking instruction to the access control device according to the obtained access control identifier.
2. The distributed authorization architecture page control door opening system of claim 1,
the access control application server is specifically used for judging whether the user openid has the right according to the result returned by the right information:
judging whether the user binds the authority information in the third-party server according to the authority information return result;
if the user binds the authority information in the third-party server, whether an authority record corresponding to the authority information exists is further judged.
3. The distributed authorization architecture page control door opening system of claim 2,
if the access control application server is used for judging that the user openid has no authority according to the authority information return result, the access control application server is further used for: sending a registration address of a third-party server to user terminal equipment;
the third-party server is also used for receiving a registration request sent by the user terminal equipment according to the registration address, wherein the registration request comprises the user openid and the personal information;
the third-party server is also used for establishing an incidence relation between the personal information and the user openid according to the registration request;
the third-party server is further used for receiving a binding request sent by the user terminal equipment according to the binding address, wherein the binding request comprises personal information, user openid and authority information;
the third-party server is further used for auditing the binding request and judging whether the audit is passed, and if the audit is passed, the incidence relation among the personal information, the user openid and the authority information is established according to the binding request.
4. The distributed authorization architecture page control door opening system of claim 2,
the access control application server is used for requesting to return personal information when sending a user openid request to a third-party server according to the data interface of the public number identifier and returning authority information related to the user openid;
the third-party server is used for inquiring the stored personal information, the stored user openid and the incidence relation among the authority information according to the user openid and returning the authority information corresponding to the user openid to the access control application server, and is also used for returning the personal information identifier corresponding to the personal information;
the access control application server is specifically used for judging whether the user binds the authority information in the third-party server according to the authority information return result:
judging whether the returned result of the authority information is empty or not;
if the authority information return result is not null, the access control application server further judges whether the personal information return result is null or not;
the access control application server is also used for sending the binding address of the third-party server to the user terminal equipment when the returned result of the authority information is empty;
the third-party server is also used for receiving a registration request sent by the user terminal equipment according to the registration address, wherein the registration request comprises the user openid and the personal information;
the third-party server is also used for establishing an incidence relation between the personal information and the user openid according to the registration request;
the third-party server is further used for receiving a binding request sent by the user terminal equipment according to the binding address, wherein the binding request comprises personal information, user openid and authority information;
the third-party server is further used for auditing the binding request and judging whether the audit is passed, and if the audit is passed, the incidence relation among the personal information, the user openid and the authority information is established according to the binding request.
5. A method for opening a door of a page control of a distributed authorization architecture is characterized by comprising the following steps:
step 100: the method comprises the steps that an access control application server receives a door opening request triggered by a preset control of a WeChat public number page on user terminal equipment, wherein the door opening request comprises a public number identification and a user openid;
step 120: the access control application server sends a user openid request to a third-party server according to the data interface of the public number identifier and returns authority information related to the user openid;
step 130: the third-party server inquires the stored personal information, the stored user openid and the incidence relation among the authority information according to the user openid and returns the authority information corresponding to the user openid to the access control application server; the third-party server stores the incidence relation data of personal information, user openid and authority information according to other services except the access control service;
step 140: the access control application server judges whether the openid of the user has the authority according to the returned result of the authority information, and the access control application server establishes an association relationship between the authority information and the authority in advance;
step 160: if the judgment result in the step 140 is yes, the access control application server returns an access control identification list corresponding to the authority to a WeChat public number page of the user terminal equipment;
step 180: the entrance guard application server receives an entrance guard identification which is selected and input from the authority list through a WeChat public number page on the user terminal equipment;
step 200: and the access control application server sends a corresponding unlocking instruction to the access control controller according to the acquired access control identification.
6. The method for opening a door of a page control of a distributed authorization architecture of claim 5,
step 140 specifically includes:
step 141: the access control application server judges whether the user binds the authority information in the third-party server according to the returned result of the authority information;
step 142: if the determination result in step 141 is yes, the access control application server further determines whether there is an authority record corresponding to the authority information.
7. The method of claim 6, wherein the method further comprises:
step 220: if the judgment result in the step 140 is negative, the access control application server sends the registration address of the third-party server to the user terminal equipment;
step 240: the third-party server receives a registration request sent by the user terminal equipment according to the registration address, wherein the registration request comprises user openid and personal information;
step 260: the third-party server establishes an incidence relation between the personal information and the user openid according to the registration request;
step 300: the third-party server receives a binding request sent by the user terminal equipment according to the binding address, wherein the binding request comprises personal information, user openid and authority information;
step 320: the third party server checks the binding request;
step 340: whether the audit is passed or not is checked;
step 360: and if the verification result in the step 340 is that the verification result is passed, the third-party server establishes an association relationship among the personal information, the user openid and the authority information according to the binding request.
8. The method for opening a door of a page control of a distributed authorization architecture according to claim 6, wherein step 120 specifically includes: the access control application server sends a user openid request to a third-party server according to the data interface of the public number identifier and returns authority information associated with the user openid and personal information;
step 130 specifically includes: the third-party server inquires the stored personal information, the stored user openid and the incidence relation among the authority information according to the user openid, and returns the corresponding authority information and the personal information identifier corresponding to the personal information to the access control application server;
step 141 specifically includes:
step 141 a: the access control application server judges whether the returned result of the authority information is empty;
step 141 b: if the judgment result in the step 141a is no, the access control application server further judges whether the personal information return result is empty;
the method further comprises the following steps:
step 400: if the judgment result in the step 141a is yes, the access control application server sends the binding address of the third-party server to the user terminal equipment;
step 420: the third-party server receives a binding request sent by the user terminal equipment according to the binding address, wherein the binding request comprises personal information, user openid and authority information;
step 440: the third party server checks the binding request;
step 460: whether the audit is passed or not is checked;
step 480: and the third-party server establishes the association relation among the personal information, the user openid and the authority information according to the binding request.
9. The method of claim 8, wherein the method further comprises:
step 220: the access control application server sends a registration address of a third-party server to the user terminal equipment;
step 240: the third-party server receives a registration request sent by the user terminal equipment according to the registration address, wherein the registration request comprises user openid and personal information;
step 260: the third-party server establishes an incidence relation between the personal information and the user openid according to the registration request;
step 520: and the third-party server sends the binding address of the third-party server to the user terminal equipment.
10. The distributed authorization architecture page control door opening method of any of claims 5-9,
the step 200 specifically includes: and the access control server sends a corresponding unlocking instruction to the access control controller according to the acquired access control identification, and sends an unlocked notification to the user terminal equipment.
CN201811270211.1A 2018-10-29 2018-10-29 Page control door opening system and method of distributed authorization architecture Active CN110021088B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811270211.1A CN110021088B (en) 2018-10-29 2018-10-29 Page control door opening system and method of distributed authorization architecture

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811270211.1A CN110021088B (en) 2018-10-29 2018-10-29 Page control door opening system and method of distributed authorization architecture

Publications (2)

Publication Number Publication Date
CN110021088A CN110021088A (en) 2019-07-16
CN110021088B true CN110021088B (en) 2021-06-29

Family

ID=67188501

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811270211.1A Active CN110021088B (en) 2018-10-29 2018-10-29 Page control door opening system and method of distributed authorization architecture

Country Status (1)

Country Link
CN (1) CN110021088B (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111192393B (en) * 2019-09-19 2022-04-22 腾讯科技(深圳)有限公司 Network door opening method and device and computer equipment
CN114677810B (en) * 2021-05-20 2023-06-06 腾讯云计算(北京)有限责任公司 Storage data processing method and device, electronic equipment and medium

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104240342A (en) * 2014-08-25 2014-12-24 中国航天科工集团第四研究院指挥自动化技术研发与应用中心 Access control method and device
CN105049653A (en) * 2015-05-29 2015-11-11 深圳光启智能光子技术有限公司 Method and system for controlling unlocking authority of locks based on network
CN105869238A (en) * 2016-03-24 2016-08-17 深圳市前海铂智科技有限公司 Access control system based on WeChat platform and WeChat control method
CN106447849A (en) * 2016-08-31 2017-02-22 北京厚文知识产权顾问有限公司 Authenticating method of door access system based on WeChat services
CN108230508A (en) * 2018-01-09 2018-06-29 桑田智能技术(上海)有限公司 One kind is based on the control of Internet of Things intelligent object Yunmen access control system and management method
CN108597080A (en) * 2018-04-24 2018-09-28 吴东辉 Door-access control method and device based on instant messaging and system

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030152231A1 (en) * 2002-02-07 2003-08-14 Minolta Co., Ltd. Verification system, server, and electronic instrument
CN105735826B (en) * 2016-04-08 2017-12-29 国网安徽省电力公司宣城供电公司 Intelligent key management box system
CN106373237A (en) * 2016-08-31 2017-02-01 北京厚文知识产权顾问有限公司 Remote control door lock system based on Wechat
CN108734813B (en) * 2017-04-19 2022-08-23 腾讯科技(深圳)有限公司 Method and device for issuing temporary access control card

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104240342A (en) * 2014-08-25 2014-12-24 中国航天科工集团第四研究院指挥自动化技术研发与应用中心 Access control method and device
CN105049653A (en) * 2015-05-29 2015-11-11 深圳光启智能光子技术有限公司 Method and system for controlling unlocking authority of locks based on network
CN105869238A (en) * 2016-03-24 2016-08-17 深圳市前海铂智科技有限公司 Access control system based on WeChat platform and WeChat control method
CN106447849A (en) * 2016-08-31 2017-02-22 北京厚文知识产权顾问有限公司 Authenticating method of door access system based on WeChat services
CN108230508A (en) * 2018-01-09 2018-06-29 桑田智能技术(上海)有限公司 One kind is based on the control of Internet of Things intelligent object Yunmen access control system and management method
CN108597080A (en) * 2018-04-24 2018-09-28 吴东辉 Door-access control method and device based on instant messaging and system

Also Published As

Publication number Publication date
CN110021088A (en) 2019-07-16

Similar Documents

Publication Publication Date Title
US10810817B2 (en) Remote guest access to a secured premises
CN110121873B (en) Access token management method, terminal and server
US9396598B2 (en) Remote guest access to a secured premises
CN110021086B (en) Openid-based temporary authorization access control method
CN110021092B (en) Tenant access control method based on openid
JP5311039B2 (en) COMMUNICATION SYSTEM AND COMMUNICATION METHOD THEREOF
CN110021087B (en) Method for quickly binding rooms based on WeChat door opening
CN104157029A (en) Access control system, mobile terminal based control method thereof and mobile terminal
CN104732636A (en) Bluetooth cellphone-based intelligent community access control system and method
KR20120064916A (en) Method and apparatus for controlling home network access using phone numbers, and system thereof
CN106355708A (en) Door control system capable of conferring opening authority to visitors and door control management method
CN110021093B (en) Door access control method based on openid
CN105528816A (en) Intelligent gate inhibition realization method, terminal, gate inhibition identification apparatus and user authorization service center
CN105915723B (en) Building intercom method, system and entrance machine
CN110021088B (en) Page control door opening system and method of distributed authorization architecture
CN106296946A (en) Visitor's gate control system based on wechat and visitor's door opening method
CN109584410B (en) Data processing method of electronic lock, computer equipment and storage medium
CN110572458A (en) property management owner end system
CN112927408A (en) Visitor visiting processing method and device
CN103516674B (en) Quickly and the method for network device online and control device
US20200357214A1 (en) Managing and controlling access to secured areas
CN110021084B (en) Code scanning door opening system and method of distributed authorization architecture
CN105516054A (en) User authentication method and user authentication device
CN108876987A (en) Building access control method, Cloud Server and computer readable storage medium
WO2017181846A1 (en) Vehicle monitoring method, device and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant