The application is a divisional application of a patent with the application date of 2016, 10, 25 and the application number of 201610932849.1, namely a virtual key method and a device, a background system and a user terminal applying the method.
Disclosure of Invention
The invention aims to provide a safe, reliable and flexible method for operating a lock command by a virtual key operation access control device, and a device, a background system and a user terminal applying the method.
The method specifically comprises the following steps:
generating and storing a device public key and a device private key of the access control device for the access control device by the background system, delivering the device public key to the access control device for storage, and returning and storing a project domain key;
the background system generates and stores a public key and a private key of a user when the user terminal registers a new user, and the user public key is delivered to the user terminal for storage;
the background system generates a virtual key affix for an access control device needing to generate a virtual key in a virtual key package of a user, wherein the virtual key affix is formed by encrypting a private key of the user by using a device public key corresponding to the access control device;
the virtual key package data transmitted to the user terminal by the background system comprises one or more (device identification, virtual key affix) element groups;
the access control device recognizes that the user terminal approaches from the short-distance input module, receives data related to the virtual key from the user terminal and completes the locking command operation of the virtual key, and the specific steps comprise:
s1, the user terminal approaches the short distance input module of the access control device, and the access control device confirms and starts to receive input;
s2, the user terminal sends the user mark to the access control device;
s3, the access control device receives the user identification and searches whether the key authority record of the user identification exists locally, if not, the operation is terminated;
s4, the access control device sends the device identification, the project domain key and the first time stamp data to the user terminal for authentication;
s5, the user terminal receives the device identifier, the project domain key, and the first timestamp data required for authentication, and finds a corresponding virtual key affix and a virtual key record in the virtual key package of the user, where the virtual key record and the command type form a first key, where the command type includes: unlocking, locking and back locking;
s6, returning an authentication response to the access control device, the response parameters including: step S6-1, calculating a first symmetric key through a hash algorithm pair (a first timestamp, a device identifier, an item domain key and a user identifier), step S6-2, encrypting the first encrypted virtual key data by using the first symmetric key and a symmetric encryption algorithm, and step S6-3, calculating a first signature;
after receiving the authentication response, the access control device of S7 executes the following steps:
s7-1, checking the first signature data, if the signature data do not accord with each other, the operation is terminated;
s7-2, using the private key of the device to decrypt the private key of the user in the virtual key patch, and if the decryption fails, terminating the operation;
s7-3, decrypting the virtual lock cylinder data in the key authority record by using the decrypted user private key to obtain first lock cylinder data, and if decryption fails, terminating the operation;
s7-4, calculating a first symmetric key according to the data including the data related to the virtual key;
s7-5, decrypting the first encrypted virtual key data by using the first symmetric key to obtain first key data, and if the decryption fails, terminating the operation;
s7-6, checking specific parameters in the first lock cylinder data and the first key data, and if the checking is incorrect, terminating the operation;
and S7-7, after all the first key data are checked to be correct, sending a corresponding lock command to the electric lock control interface according to the command type parameter in the first key data, and if no command type parameter is found, sending an unlocking command by default.
The method is applicable to user terminals using NFC near-field communication and bluetooth low energy communication, and only needs to use a corresponding communication protocol and a corresponding message processing flow, which may be referred to as an embodiment in the detailed description. The method can also be realized by other short-distance wireless communication networks or point-to-point wireless communication modes.
The method is not only suitable for common intelligent access control devices, but also suitable for intelligent lock devices with networking functions. In some embodiments, the access control device can be connected and communicated with a vehicle control system to realize the control of opening the door and unlocking the door, thereby realizing safe, flexible and convenient vehicle renting management. The same is true for other movable objects, such as smart lock devices on objects such as safe deposit boxes, safes, etc. In addition, the method may also operate the access control device to perform an anti-lock function.
The technical scheme has the design idea that a background system generates a virtual lock cylinder corresponding to each virtual key of each access control device aiming at each access control device and stores the virtual lock cylinder in the access control device, the virtual lock cylinder can be opened and read only by the combination of the corresponding virtual key and a virtual key patch, and the virtual key patch are generated by the background system and transmitted to a user terminal of an authorized user for storage; the user terminal transmits the virtual key and the virtual key affix to the access control device in a specially designed mode to complete operations of pairing, unlocking and detailed information comparison with the virtual lock cylinder. The data in the whole processing process has the capabilities of preventing falsification, brute force and cracking, information leakage and counterfeiting. At the same time, the flexibility of lock control information is maintained. In addition, when the access control device is temporarily disconnected from the network, the user terminal and the access control device can complete unlocking, locking or back-locking operations, and are not affected by the disconnection of the network. And the data in the access control device does not store the private sensitive information of the user, and the risk of data leakage, falsification and forgery is avoided.
The access control device receives the virtual key updating message from the background system only when the background system has the virtual key aiming at the device to be updated so as to keep the consistency of the data in the device and the background system data. When the virtual key in the virtual key packet of the user changes, the background system sends a virtual key update message to the corresponding access control device, and the virtual key record comprises: authorizers, authorized persons, virtual cylinder data; the access control device updates the virtual key data stored in the device after receiving the virtual key update message.
In order to strengthen the security of transferring the virtual key and the virtual key affix between the user terminal and the access control device, the scheme uses a dynamic time stamp to require the user terminal to encrypt and sign so as to ensure a high level of anti-attack and anti-information leakage capability. The time stamp may be replaced by a pseudo-random number, with equal effect.
In order to increase the encryption strength and the matching precision, the technical scheme also designs the use of a project domain key. The similar access control devices deployed in the same project domain all have the same project domain description, the project domain description comprises a project domain key, and the key is generated by a background system and is sent to the access control device for storage and use. The method can enhance the data security during data transmission and facilitate the user terminal to manage the virtual key packet. In different embodiments, a project domain description of a specific format may also be used to indicate that different encryption/decryption algorithms, public-private key pair strengths, and hashing algorithms are used, highlighting the scalability of this scheme.
The invention does not limit what kind of asymmetric encryption and decryption algorithm and key strength are used, and the invention only needs to support the asymmetric encryption and decryption algorithm of the public and private key pair and meet the requirements of the application scene on safety and performance. In general, RSA, ECC, SM2 may be used.
In implementation, the hash algorithm may also be selected from commonly used algorithms such as MD5, SHA1, SHA256, SM3, etc., as needed. The signature algorithm may be a hash algorithm, or in a less demanding scenario, CRC32 or even CRC16 may be used.
In practice, the symmetric encryption algorithm recommends the use of an algorithm such as AES-128, AES-192 or AES-256.
In the above step S7-6, the first cylinder data and the first key data each include: validity period, type includes: the preparation method is not limited to one time and is only once every day in the validity period. This is where virtual key technology is more flexible, convenient and extensible than physical keys or physical cards. More flexible and convenient authorization modes can be designed in implementation to meet the requirements of users and markets, and more field data and subsequent processing can be added to enhance the safety.
For the virtual key only used once, after unlocking, the access control device removes the record from the key authority table and sends a first notification message to the background system, wherein the message parameters comprise device identification, user identification and time. And the background system receives the first notification message from the access control device, records the first notification message in a log, updates the state data of the corresponding virtual key in the virtual key packet of the user, and then sends the updated virtual key data to the user terminal through a second notification message. And the user terminal receives a second notification message from the background system and updates the locally stored virtual key data.
In different embodiments, the user terminal may be an intelligent device with different communication modules, display modes, and interaction modes, such as a smart phone, a tablet computer, a smart watch, a vehicle-mounted device, smart glasses, a smart robot, and the like.
A second object of the present invention is to provide a method for unlocking a medium using a bluetooth accessory device as a virtual key, and an access control device, a background system, and a user terminal applying the method. The specific method comprises the following steps:
the access control device with the low-power-consumption Bluetooth module further comprises an accessory authority list, wherein an accessory list which can be used for the access control device to unlock the electric lock is recorded, and each record content comprises: the accessory identification, the second timestamp, the virtual accessory lock cylinder data encrypted by using the symmetric encryption algorithm and the second signature data are sent to the access control device in a mode of receiving a virtual key updating message sent by the background system and are stored; the access control device communicates with a Bluetooth accessory device close to the access control device through Bluetooth wireless connection to obtain a Bluetooth address identifier of the Bluetooth accessory device; checking the received Bluetooth address identifier in an accessory authority list, wherein the steps comprise:
b1, converting the Bluetooth address identifier into an accessory identifier;
b2, searching whether a corresponding attachment authority record exists in the attachment authority list by using the attachment identification, and if not, checking to terminate;
b3, taking out a second time stamp in the attachment authority record;
b4, calculating the private key fingerprint of the device by using a data fingerprint algorithm;
b5, calculating a second symmetric key using a hash algorithm pair (second timestamp, device identification, accessory identification, item domain key, device private key fingerprint);
b6, decrypting the virtual accessory lock cylinder data in the accessory authority record by using the second symmetric key to obtain accessory lock cylinder data;
b7, carrying out signature calculation according to the data (the second timestamp, the device identifier, the accessory lock cylinder data, the project domain key and the device private key fingerprint) to obtain a second verification signature;
b8, checking the second verification signature with the second signature data in the attachment authority record, and terminating if the check is not in accordance;
b9, checking the valid period time and the state in the accessory lock cylinder data, wherein the state comprises the following steps: effective and ineffective;
b10, if the valid period is within and the state is valid, the verification is successful, and an unlocking command is sent to the electric lock control interface; and if the type in the accessory lock cylinder data is only one-time type, after unlocking is finished, the access control device removes the accessory authority record from the accessory authority table and sends a first notification message to the background system, wherein the message parameters comprise device identification, user identification and time.
The method for generating the virtual key update message required by the accessory device by the background system comprises the following steps: the authorized person information in the virtual key record comprises identification information of the short-distance wireless accessory device bound by the user at the user terminal, namely an accessory identification, and the virtual key updating message also comprises a second timestamp, virtual accessory lock cylinder data encrypted by using a symmetric encryption algorithm and second signature data; the second time stamp is dynamically generated by the background system; the virtual accessory lock cylinder data is formed by encrypting a second symmetric key, and the second symmetric key is obtained by calculating a hash algorithm pair (a second timestamp, an access control device identifier, an accessory identifier, an item domain key and a device private key fingerprint); and the second signature data is obtained by performing signature algorithm calculation according to the data (the second timestamp, the device identifier, the accessory lock cylinder data, the project domain key and the device private key fingerprint). The device private key fingerprint is a hash calculation of the payload data of the device private key. The algorithm solves the problem that the Bluetooth accessory device cannot store and transmit the encrypted user private key, and has higher safety.
For the access control device receiving the virtual key update message, if the authorizer of the received virtual key is the virtual key user, the authorizer information in the virtual key record includes the identification information of the short-distance wireless accessory device bound by the user at the user terminal, namely the accessory identification, and meanwhile, the virtual key update message also includes a second timestamp, virtual accessory lock cylinder data encrypted by using a symmetric encryption algorithm, and second signature data; and when the access control device receives the virtual key updating message of the type, the access control device updates the related data to the accessory authority table.
The technical scheme solves the problem that a user can wear a Bluetooth wearable device bound with authorization in advance because the user does not temporarily carry a mobile phone, such as a bracelet, a watch and other portable devices. However, in general, these bluetooth devices cannot be reprogrammed to implement the communication method (the method of dynamically transferring the virtual key and performing verification) in the previous technical solution of the present invention, and as a compromise, this technical solution selects a method of converting the bluetooth address of the bluetooth accessory device into an accessory identifier and generating corresponding virtual accessory cylinder data for it. Although the method does not use an asymmetric encryption and decryption algorithm, the security is slightly low, but the method is simple, convenient and easy to implement for users and has low cost.
In specific implementation, the technical scheme can also be used for binding the existing NFC compatible format ID card in the general format with the user account, but does not suggest to do so, and after all, the technical scheme has the problems and risks of troublesome management and easy copying.
Generally, the invention provides a safe, reliable, convenient, intelligent and large-scale popularization virtual key technical scheme.
Detailed Description
The following description is presented to enable any person skilled in the art to make and use the embodiments, and is provided in the context of a particular application and its requirements. Various modifications to the disclosed embodiments will be readily apparent to those skilled in the art, and the general principles defined herein may be applied to other embodiments and applications without departing from the spirit and scope of the present disclosure. Thus, the present invention is not intended to be limited to the embodiments shown, but is to be accorded the widest scope consistent with the principles and features disclosed herein.
The data structures and code described in the detailed description are typically stored on a computer-readable storage medium, which can be any device or medium that can store code and/or data for use by a computer system. Computer-readable storage media include, but are not limited to, volatile memory, non-volatile memory, magnetic storage devices, and optical storage devices (e.g., disk drives, magnetic tape, CDs (compact discs), DVDs (digital versatile discs or digital video discs), or other media capable of storing code and/or data now known or later developed.
The methods and processes described in the detailed description section can be implemented as code and/or data, which can be stored in a computer-readable storage medium as described above. When a computer system reads and executes the code and/or data stored on the computer-readable storage medium, the computer system performs the methods and processes embodied as data structures and code and stored within the computer-readable storage medium.
Also, the methods and processes described herein can be embodied within hardware modules or devices. These modules or devices may include, but are not limited to, an Application Specific Integrated Circuit (ASIC) chip, a Field Programmable Gate Array (FPGA), a dedicated or shared processor that executes a particular software module or piece of code at a particular time, and/or other programmable logic devices now known or later developed. When activated, the hardware modules or devices perform the methods and processes contained within them.
FIG. 1 illustrates a backend system 100 according to one embodiment. The background system 100 may correspond to a server, a cluster, a service program running on a virtual machine, and a service program running in a cloud system container, where each module may also be a server, a cluster, a service program running on a virtual machine, and a service program running in a cloud system container. Referring to fig. 1, the user service module 101 processes a request from a user terminal 300: registration request processing 133, registration request processing 132, and virtual key-related request processing 131. When the virtual key data is updated, the message processing module 105 sends a virtual key update message to the access control device 200, and the new virtual key data is also returned to the user terminal 300. The user service module 101 accesses the access control device table 122 through the global object access service 111 interface access object access authority table 125 and the project domain information access service 110 interface access control device table. The user's virtual key package and virtual key data are stored in the user key package 126 database, while the user account database 127 only stores data relevant for user login; all operations for the user account and virtual key package, virtual key, are recorded in the database user access log 128. The system management module 104 manages and monitors the system-wide running status of the backend system 100, and particularly, the system management module 104 manages the starting and running of a plurality of instances of the project domain management module 102, wherein the instances are isolated and independent from each other without interference and influence, and the database between the instances is also isolated and independent. Each project domain manager logs in the background management 130 of the project domain through the project domain manager terminal 199 to complete the entry and editing management of the object owner information 120, the object information 121, and the access control device table 122. The information in the access control device table includes: area number, device hardware identification, device type, associated device list, device installation information, which should be entered when installing and configuring the access control device. The global project domain information summarization 136 service is used to automatically summarize data in different instances of the project domain management module 102, and the summarized results are stored in the object access permission table 125.
The global object access service module 103 further includes a device public/private key table 129 that records public and private keys of all service control devices, where the public and private keys are generated by the background system after the devices are successfully registered, and return the device private key to the access control device. The global object access service 111 provides access operations to other modules of the backend system to include the device public and private key table 129.
The user account 127 is also used to store the user's public and private keys, which are generated by the back-end system at the time of user registration and return the user's public key to the user terminal.
In the embodiment shown in fig. 1, a system administrator of the backend system 100 uses a system administrator terminal 198 to log in the system management module 104 for system level management and maintenance.
In some embodiments, the manager of the community property service company inputs the house information, owner information, building information, and entrance guard equipment information of the community into the corresponding background management operation interface of the community.
In some embodiments, the manager serving the apartment enters the house information, the floor information and the intelligent lock device information of the apartment in the background management operation interface corresponding to the apartment project.
In some embodiments, a manager of a car rental company inputs car information and intelligent car lock device information in a corresponding background management operation interface of the company.
In some embodiments, the project domain management module also implements device, manager monitoring 137. Each project domain manager can complete the entry and editing management of the manager identification information 123 and the object partition number list 124 by the project domain manager logging in the background management 130 of the project domain through the terminal 199. This information is also automatically summarized into the object access rights table 125.
In some embodiments, the manager of the community property service company also inputs property service personnel information, building partition information and property service personnel partition service information of the community into the corresponding background management operation interface of the community.
In some embodiments, a manager serving an apartment enters information such as management and service personnel information, partition authority and the like of the apartment in a background management operation interface corresponding to an apartment project.
In some embodiments, the virtual key record includes: authorizer, authorizee, authorization validity period, authorization type, access control device information of authorized access. According to the embodiment of different application scenes, richer virtual key record information can be designed to meet the requirements of the application scenes. For example, in some embodiments, a single access control device may manage and control a group of multiple safe deposit boxes, in which case the opening of a particular sub-safe deposit box may be controlled by simply adding the number of the sub-box to the virtual key record for verification.
Fig. 2 illustrates an access control device 200 according to an embodiment. The access control device 200 may be implemented as various access devices, various smart locks, and various entry and exit gates. Referring to fig. 2, the central processing unit 212 is responsible for controlling and managing the operation of all the processing units of the processor 201. The network module 204 is used for connecting the access control device 200 to the backend system 100, and after the login to the backend system 100 is completed through the login registration processing unit 204, the service of the backend system 100 can be accessed, and the virtual key update message from the backend system 100 is received. If the virtual key update message from the background system 100 is received, the message processing unit 213 delivers the message to the virtual key processing unit 210 for processing, and the virtual key processing unit 210 verifies the message first and updates the message to the virtual key library encrypted and stored in the device local storage 202 after the verification is successful. The input module 203 receives the data related to the virtual key from the user terminal 300, the received data related to the virtual key is sent to the input identification processing unit 211 for processing, and the identification and processing are completed, and then the virtual key processing unit 210 performs further checksum processing. If the received data related to the virtual key passes the verification, the central processing unit 212 sends a lock command to the electric lock control interface 205 to drive the electric lock 299 to perform the operation of the lock command.
In some embodiments, the input module comprises: NFC near field communication unit, low-power consumption bluetooth communication unit, two-dimensional code scanning unit.
Fig. 3 illustrates a user terminal 300 according to an embodiment. The user terminal 300 may be various mobile terminals, smart phones, tablet computers, notebook computers, smart watches, smart glasses, vehicle-mounted computers, and the like. Referring to fig. 3, the central processing unit 313 is responsible for controlling and managing the operation of all the processing units of the processor 301. The network module 303 is used for the user terminal 300 to connect to the backend system 100, and after completing the login to the backend system 100 through the login registration processing unit 316, the user terminal can access the service of the backend system 100 and receive the virtual key update message from the backend system 100. If the virtual key update message from the background system 100 is received, the message processing unit 314 delivers the message to the virtual key processing unit 311 for processing, and the virtual key processing unit 311 verifies the message first, and updates the message to the virtual key library encrypted and stored in the device local storage 302 after the verification is successful. The input module 305 receives an operation input of a user, the output module 304 outputs a feedback to the user, the user interaction processing unit 315 completes interaction with the user through the input module 305 and the output module 304, such as interaction operations of selection and viewing of a virtual key package, member management, management and addition authorization of a virtual key, and then sends a virtual key request to the background system 100 through the virtual key processing unit 311, the virtual key request unit 312, the network connection processing unit 317, and the network module 303. After logging in to the background system 100, the saved virtual key package data is decrypted from the local storage 302, and if not found, a request for obtaining the virtual key package is sent to the background system 100. The short-range communication module 306 can transmit the virtual key data to the access control device 200 to perform the lock command operation.
In some embodiments, the short-range communication module 306 includes an NFC near-field communication unit, a bluetooth low energy communication unit. The short-range communication processing unit 319 is responsible for processing the connection and communication of these short-range communications.
In some embodiments, the binding with the short-range wireless accessory device 399 may be accomplished via the user interaction processing unit 315, the accessory processing unit 310, and the short-range communication module 306, and then the add virtual key request may be sent to the background system 100 via the virtual key unit 311, the virtual key request unit 312, authorizing the short-range wireless accessory device to perform a virtual key unlock operation.
In some embodiments, the virtual key may be output to the display screen through the output module 304 in the form of a two-dimensional code for recognition by the two-dimensional code recognition unit of the access control device 200 or after being photographed by the camera unit.
Fig. 4 presents a schematic diagram illustrating a process for generating a virtual lock cylinder, virtual keymat by a backend system according to an embodiment.
First, for the existing virtual key record, the items used for checking and checking are extracted, these items include (validity period, type), and the first lock cylinder is formed (step 400). The authorized person information in the virtual key record is then used to retrieve from the user account 127 database the user public key and the user private key of the user authorized to use the virtual key (step 402). The first lock core data is then encrypted using an asymmetric encryption algorithm using the user public key just obtained as the key (step 404). The encrypted result forms a virtual lock cylinder (step 406).
Next, the global object access service 111 is called using the device information in the virtual key record (step 410), and the device public key is acquired (step 412). The user private key obtained at step 402 is encrypted using the device public key just obtained as a key with an asymmetric encryption algorithm (step 414). The encryption results in the formation of a virtual key (step 416).
Each time there is a change in the virtual key record in the back-end system, the virtual lock cylinder and virtual key affix (if there is a change in device information) need to be regenerated. The updated virtual cylinder data is sent to the access control device 200 by the back-office system 100 in a virtual key update message. The virtual key typically is part of a user virtual key package and is returned to the user terminal 300 when the user terminal 300 sends a request to the background system 100 to obtain the virtual key package.
Fig. 5 is a schematic diagram illustrating data processing performed when the unlocking operation is completed through NFC or bluetooth communication between the access control device and the user terminal according to an embodiment (note: the signature verification process is omitted because the signature verification process itself is verified during NFC or bluetooth communication, and a simple verification value is calculated by using a common CRC16 or CRC32 algorithm during implementation, so that the response time of the user terminal to the NFC command can be saved). Referring to fig. 5:
step S1, the user terminal approaches the short distance input module of the access control device, and the access control device confirms and starts to receive input;
step S2, the user terminal sends the user mark to the access control device;
step S3, the access control device receives the user identification and searches whether there is the key authority record of the user identification locally, if not, the operation is terminated;
step S4, the access control device sends the device identification, project domain key and first time stamp data to the user terminal for authentication;
step S5, the user terminal receives the device identifier, the project domain key, and the first timestamp data required for authentication, and finds a corresponding virtual key affix and a virtual key record in the virtual key package of the user, where the virtual key record and the command type form a first key, where the command type includes: unlocking, locking and back locking;
step S6, an authentication response is returned to the access control device, and the response parameters include: step S6-1, calculating a first symmetric key through a hash algorithm pair (a first timestamp, a device identifier, an item domain key and a user identifier), and step S6-2, encrypting the first encrypted virtual key data by using a symmetric encryption algorithm on the first key through the first symmetric key; step S6-3 calculating a first signature;
in step S7, after receiving the authentication response, the access control device executes the following steps:
step S7-1, checking the first signature data, if the signature data do not conform, the operation is terminated (the step is not shown in the figure);
step S7-2, using the private key of the device to decrypt the private key of the user in the virtual key patch, and if the decryption fails, terminating the operation;
step S7-3, decrypting the virtual lock core data in the key authority record by using the decrypted user private key to obtain first lock core data, and if decryption fails, terminating the operation;
step S7-4, calculating a first symmetric key according to data including data related to the virtual key;
step S7-5, decrypting the first encrypted virtual key data by using the first symmetric key to obtain first key data, and if the decryption fails, terminating the operation;
step S7-6, checking specific parameters in the first lock cylinder data and the first key data, and if the checking is incorrect, terminating the operation;
and step S7-7, after all the first key data are checked to be correct, sending a corresponding lock command to the electric lock control interface according to the command type parameter in the first key data, and if no command type parameter is available, sending an unlocking command by default.
In some embodiments, no command type may be added to the first key in step S5, so that only an unlocking operation is possible. In some embodiments, the interactive interface on the user terminal 300 may specify whether to unlock or lock or unlock the user terminal 300 next to the access control device 200.
FIG. 6 presents a process diagram illustrating a background system generating a virtual accessory lock cylinder and a second signature for a Bluetooth accessory device in accordance with one embodiment.
First, for the existing virtual key record, the items used for verification and check are extracted, these items include (validity period, type), and the accessory lock cylinder is formed (step 600). A second timestamp is then generated (step 602). The fingerprint of the device private key is then computed using a data fingerprinting algorithm, resulting in a device private key fingerprint (step 604). Then, in step 606, a hash value of (second timestamp, device identification, accessory identification entry domain key, device private key fingerprint) is calculated, wherein the accessory identification is derived from the authorizer information in the virtual key. The result of the calculation of step 606 is a second symmetric key (step 608). The accessory cylinder data is encrypted using a symmetric encryption algorithm with the second symmetric key as the key (step 610). The result of the encryption is a virtual accessory cylinder (step 612). Then the signature data is computed and at step 614 the signature computation is performed on (second timestamp, device identification, accessory cylinder second cylinder, project domain key, device private key fingerprint). The result of the computation is a second signature (step 616).
Fig. 7 presents a process diagram illustrating an access control device receiving a user unlocking operation using a bluetooth accessory device in accordance with one embodiment. Firstly, the access control device finds that the Bluetooth accessory device is close to the access control device, and after entering a certain distance range, the access control device carries out the following processing steps:
b1, converting the Bluetooth address identifier of the Bluetooth accessory device into an accessory identifier;
b2, searching whether a corresponding attachment authority record exists in the attachment authority list by using the attachment identification, and if not, checking to terminate;
b3, taking out a second time stamp in the attachment authority record;
b4, calculating the private key fingerprint of the device by using a data fingerprint algorithm;
b5, calculating a second symmetric key using a hash algorithm pair (second timestamp, device identification, accessory identification, item domain key, device private key fingerprint);
b6, decrypting the virtual accessory lock cylinder data in the accessory authority record by using the second symmetric key to obtain accessory lock cylinder data;
b7, carrying out signature calculation according to the data (the second timestamp, the device identifier, the accessory lock cylinder data, the project domain key and the device private key fingerprint) to obtain a second verification signature;
b8, checking the second verification signature with the second signature data in the corresponding record, and terminating if the checking is not consistent;
b9, checking the valid period time and the state in the accessory lock cylinder data, wherein the state comprises the following steps: effective and ineffective;
b10, if the valid period is within and the state is valid, the verification is successful, and an unlocking command is sent to the electric lock control interface; and if the type in the accessory lock cylinder data is only one-time type, after unlocking is finished, removing the record from the accessory authority list by the device and sending a first notification message to the background system, wherein the message parameters comprise device identification, user identification and time.
Fig. 8 is a schematic diagram illustrating a process of an access control device performing an unlocking operation through NFC communication with a user terminal according to an embodiment. Referring to FIG. 8, the steps therein can be seen in contrast to the steps in FIG. 5. The difference is mainly that fig. 5 is a processing flow based on a data structure, and fig. 8 is a processing flow when NFC communication is specifically used.
First, after the access control device 200 is started, the input recognition unit 211 finds that the NFC communication unit is in the input module 203, and starts the card reader mode of the NFC HCE mode to wait for recognizing that the user terminal 300 subjected to the NFC card simulation approaches. When the user terminal 300 having the NFC card emulation is found to be in proximity to the access control device 200, an NFC command SELECT FILE APDU is sent to the user terminal 300. Note that: for related NFC APDU commands, see ISO-IEC-7816-4 specification, and for NFC HCE mode, see ISO 14443-4 specification.
On the side of the user terminal 300, the short-range communication processing unit 319 has an NFC card emulation processing program for processing an NFC command received from the NFC communication unit in the short-range communication module 306. In an embodiment, only SELECT FILE and INTERNAL AUTHENTICATE commands from access control terminal 200 are processed.
After the user terminal 300 has executed step S6, the access control terminal 200 starts the respective substeps of step S7.
Fig. 9 is a schematic diagram illustrating a process of an access control device performing an unlocking operation with a user terminal through bluetooth communication according to an embodiment. Referring to FIG. 9, the steps therein can be seen in contrast to the steps in FIG. 5. The difference is that fig. 5 is a process flow based on a data structure, and fig. 9 is a process flow when bluetooth communication is used specifically.
First, when the access control device 200 is activated, the input recognition unit 211 finds that there is a bluetooth low energy communication unit in the input module 203, and then the bluetooth enabled peripheral mode waits for the user terminal 300 that also uses bluetooth communication to approach and connect. When the user approaches the access control device 200, the user terminal 300 is opened, and the bluetooth unlocking is started through the interactive operation. The bluetooth processing program in the short-range communication processing unit 319 in the user terminal 300 searches whether there is a bluetooth peripheral (attached to the access control device 200) of a specified type in the vicinity, and inquires whether there is a custom bluetooth virtual key unlocking service after the search (step S1), and if so, the connection is successful. The customized Bluetooth virtual key unlocking service is a Bluetooth service defined by the embodiment, and provides a series of read/write services with customized attributes. Then, the user terminal 300 transmits a command to write the user identification attribute (step S2). The access control device 200 checks whether a record of the user identifier exists after receiving the user identifier (step S3), and if not, returns an error response, otherwise, returns a success response. After receiving the success response, the user terminal 300 transmits a read authentication credential attribute command to the access control apparatus 200 (step S4); the access control device 200 then calculates a time stamp and returns the attribute data (device identification, project domain key, time stamp) requested by the user terminal 300; the subsequent steps are substantially the same as the processing flow in fig. 5, except that the communication is realized by using the bluetooth write attribute.
It will be appreciated by those skilled in the art that the components of the apparatus and steps of the method provided in the embodiments of the invention described above may be centralized on a single computing device or distributed across a network of multiple computing devices. Alternatively, they may be implemented in program code executable by a computing device. Thus, they may be stored in a memory device for execution by a computing device, or they may be separately fabricated as individual integrated circuit modules, or multiple modules or steps thereof may be fabricated as a single integrated circuit module for implementation. Thus, the present invention is not limited to any specific combination of hardware and software.
The above description is only a preferred embodiment of the present invention, but should not be taken as limiting the scope of the invention, which is defined by the appended claims.