CN112562151A - Access control system based on bloom filter - Google Patents
Access control system based on bloom filter Download PDFInfo
- Publication number
- CN112562151A CN112562151A CN202011393624.6A CN202011393624A CN112562151A CN 112562151 A CN112562151 A CN 112562151A CN 202011393624 A CN202011393624 A CN 202011393624A CN 112562151 A CN112562151 A CN 112562151A
- Authority
- CN
- China
- Prior art keywords
- token
- access control
- personnel
- information
- access
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07C—TIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
- G07C9/00—Individual registration on entry or exit
- G07C9/20—Individual registration on entry or exit involving the use of a pass
- G07C9/22—Individual registration on entry or exit involving the use of a pass in combination with an identity check of the pass holder
- G07C9/25—Individual registration on entry or exit involving the use of a pass in combination with an identity check of the pass holder using biometric data, e.g. fingerprints, iris scans or voice recognition
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/321—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
- H04L9/3213—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority using tickets or tokens, e.g. Kerberos
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Human Computer Interaction (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Lock And Its Accessories (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The invention provides an access control system based on a bloom filter, which belongs to the technical field of software engineering/system software, and is characterized in that the bloom filter is arranged in front of an access control end, so that unauthorized persons are directly intercepted, the identification speed of the unauthorized persons is increased, the access to a rear-end database is reduced, the access control system can be used in cooperation with a mobile phone NFC (near field communication) identification technology or a face identification technology, the interception efficiency of the access control system is improved, the error identification rate caused by error triggering is reduced, and the access control system is more suitable for an automatic identification scene with high mobility of persons and dense access.
Description
Technical Field
The invention relates to the technical field of software engineering/system software, in particular to an entrance guard system based on a bloom filter.
Background
The entrance guard system is a concept in the field of intelligent buildings, refers to the prohibition authority of a door, and is used for guard and prevention of the door. The "door" herein, in a broad sense, includes various passages that can pass, including a door through which people pass, a door through which vehicles pass, and the like. Thus, access control also includes vehicle access control.
The entrance guard safety management system is a modern safety management system, it integrates microcomputer automatic identification technology and modern safety management measures into one body, it relates to many new technologies of electronics, machinery, optics, computer technology, communication technology and biological technology. The method is an effective measure for realizing safety precaution management at the entrance and exit of important departments. The system is suitable for various essential departments, such as banks, hotels, parking lot management, machine rooms, ordnance depots, key rooms, office rooms, intelligent districts, factories and the like.
The entrance guard system surpasses the simple gateway and key management, and has gradually developed into a set of complete entrance and exit management system. The system plays a great role in administrative management work such as work environment safety, personnel attendance management and the like.
Bloom filters were proposed in 1970 by bloom. It is effectively a long binary vector and a series of random mapping functions. A bloom filter may be used to retrieve whether an element is in a collection. Its advantages are high space efficiency and inquiry time, high error recognition rate and high deletion difficulty.
Before the bloom filter appeared, if it was desired to determine whether an element was in a set, it was common to store all elements and then determine them by comparison. But as the number of elements in the set increases, more storage space is required and the retrieval speed also becomes slower (o (n), o (logn)). The underlying principle of a bloom filter is the Hash algorithm. A Hash algorithm (Hash, which is generally translated as a Hash, or transliteration into a Hash) transforms an input of arbitrary length (also called a pre-mapped pre-image) into a fixed-length output, which is a Hash value, by a Hash algorithm. This transformation is a kind of compression mapping, i.e. the space of hash values is usually much smaller than the space of inputs, different inputs may hash to the same output, so it is not possible to determine a unique input value from a hash value. In short, it is a function of compressing a message of an arbitrary length to a message digest of a certain fixed length. [3] A Hash table (also called Hash table) is a data structure that maps an element to one or several points in a Bit array (Bit array) by a Hash function. By comparing whether the value (0 or 1) at the point of the bit array in the hash table matches the corresponding bit of the bit array after the hash function hash of the element to be determined, it can be determined whether the element is not present in the known hash table. This is the basic idea of a bloom filter.
Compared with other data structures, bloom filters have great advantages in both space and time. Both bloom filter storage space and insert/query time are constants. In addition, the Hash functions have no relation with each other, and are conveniently realized by hardware in parallel. Bloom filters do not require storage elements themselves and are advantageous in certain situations where privacy requirements are very stringent.
The working of a bloom filter is characterized in that when the bloom filter judges that a certain value exists, the value may not exist; when the bloom filter judges that a certain value does not exist, the bloom filter does not exist.
Disclosure of Invention
Based on the problems, the invention provides an access control system based on a bloom filter, which is used for carrying out identity identification code verification on a person requesting to pass through the access control system by introducing the bloom filter so as to achieve the purposes of identifying unauthorized persons more quickly, preventing the unauthorized persons from passing through the access control system and reducing the error identification rate caused by error triggering.
Based on the characteristics of the bloom filter, the invention provides the access control system, the identification code of personnel in a community or a unit is input into the bloom filter, the identification code judgment is carried out on the personnel requesting to pass through the access control system through the bloom filter, the unauthorized personnel are prevented from passing through the access control system, the operations such as identity registration and visitor registration are carried out through the identification code of a software system maintainer, and the bloom filter is regularly refreshed through a timing task, so that the updating and maintenance of the authorized personnel of the system are realized.
The technical scheme of the invention is as follows:
an access control system based on a bloom filter comprises 1) an access control terminal, 2) an access control management terminal, 3) an access control core system and 4) a database;
1) the entrance guard terminal consists of an identifier, a bloom filter and an entrance guard controller; wherein
The recognizer is used for recognizing identity information of the access control personnel; the identity information of the access control personnel comprises face recognition, fingerprint recognition or an NFC card reader;
if the face recognition is carried out, the function of the component is to extract a feature code (face ID) from face information, and if the NFC card reader is used, the function of the component is to read card ID information.
The bloom filter is used for verifying whether the personnel identity information does not exist or not and intercepting an invalid request;
the controller is used for controlling the opening and closing of the door and feeding back an identity verification result to personnel;
2) the entrance guard management end consists of three functional modules of access rule maintenance, token maintenance and personnel maintenance; wherein
Setting and modifying an access rule of the access control system through an access rule maintenance function;
entering a personnel list which can pass through the entrance guard through personnel maintenance;
applying for and canceling tokens for the personnel through a token maintenance function;
3) the access control core system consists of four services of access control, token management, personnel management and filter maintenance; wherein
The access control service is used for maintaining access rules, carrying out identity verification on personnel according to the access rules and sending a release or release refusing signal to the access control terminal controller;
the token management service is used for applying for a token or canceling the token for a person, and the token is maintained for the validity period;
the personnel management service is used for maintaining personnel information of the access control system;
the filter maintenance service is used for loading token information into the filter after generating the token or resetting the filter periodically;
4) the database is used for storing the access rules, the personnel tokens and the personnel information.
Furthermore, the access rule is set through the access rule maintenance function of the access control terminal, and the access control terminal calls the access control service to update the set access rule information to the database.
Further, the personnel information is collected through the line, the personnel maintenance function of the access control management terminal is used for inputting and updating the personnel information, and the personnel management service of the access control core system is called by the access control management terminal to update the personnel information in the database.
Further, in the above-mentioned case,
after receiving the offline application of the request through the access control system personnel, the access control system administrator applies for tokens for the personnel who pass the audit through the token maintenance function of the access control management end, the token maintenance function calls the token management service of the access control core system to generate the tokens and stores the tokens in the database, then the token attribute of the personnel information is updated, the filter maintenance service is called to load the token information into a bloom filter of the access control terminal, and finally the personnel information after the token information is updated persistently is sent to the database.
When the personnel no longer need to pass through the access control system, the access control system administrator logs off the token through the token maintenance function of the access control management terminal, the token maintenance function calls the token management service of the access control core system to update the token information to be invalid, and the token information is stored in the database.
Further, in the above-mentioned case,
when an access control system administrator applies for a token, a token management service of an access control core system calls a filter maintenance service to add the token information into a bloom filter, when the access control system administrator logs out the token or the token is expired, the bloom filter cannot immediately update the token information, and the token is re-loaded into the filter after the bloom filter needs to be emptied through a night timing task.
When a person applies for passing the access control, token authentication is carried out through an identifier of the access control terminal, and the identifier acquires token information and then transmits the token information to the bloom filter for comparison and verification;
if the bloom filter judges that the token does not exist, the access controller prompts that the personnel are not authorized and refuses the personnel to pass;
if the bloom filter judges that the token possibly exists, the identifier sends the token information to an access control service of an access control core system and applies for access;
after the admission control service receives the admission request of the identifier, the admission control service inquires whether the token exists or is not overdue through token management, if the token does not exist or is overdue, the access controller prompts personnel that the token does not exist or is overdue, and the personnel are refused to pass.
If the token is verified to be valid, the admission control service calls token management service to inquire personnel information through the token, calls the admission control service to inquire admission rules, judges whether the personnel type and the current time meet the admission rules, if the rules are met, the admission controller returns an admission instruction to the access terminal controller, the access controller opens the door and prompts welcome information, otherwise, the access controller prompts that the user has insufficient authority to refuse the personnel to enter.
The invention judges whether the personnel identity identification exists in the known data set by using the bloom filter, is applied to the identification end of the access control system and provides an access control management end system by virtue of the characteristics of easy realization and high identification efficiency of the bloom filter, can be used by matching with various technical realization modes (face identification, near field communication and the like), and is used for solving the problem of personnel identity identification of communities or enterprises and public institutions.
The invention has the advantages that
Compare in traditional access control system and directly with the comparison of authorized personnel's identification code or facial feature code and rear end database, this system is through at the leading bloom filter of entrance guard end, directly intercept unauthorized personnel, the recognition rate of unauthorized personnel has been accelerated, and reduced the visit to the rear end database, can cooperate cell-phone NFC recognition technology or face identification technology to use, improve access control system's interception efficiency and reduce the error recognition rate that the false triggering leads to, be more suitable for personnel's mobility big, visit intensive automatic identification scene.
The access control system can be independently used as an access control system, and can be matched with a company attendance system to carry out attendance statistics and community property management through expanding an external interface.
Drawings
FIG. 1 is a schematic representation of a bloom filter;
FIG. 2 is a system architecture diagram;
figure 3 is a schematic diagram of admission rule maintenance;
figure 4 is a diagram of admission rule maintenance activities;
FIG. 5 is a schematic view of personnel maintenance;
FIG. 6 is a personnel maintenance activity diagram;
FIG. 7 is a schematic diagram of token maintenance;
FIG. 8 is a diagram of application token activity;
FIG. 9 is a logoff token activity diagram;
FIG. 10 is a schematic view of filter maintenance;
FIG. 11 is a write filter activity diagram;
FIG. 12 is an emptying filter activity diagram;
figure 13 is an admission control diagram;
figure 14 is an admission control activity diagram;
FIG. 15 is a schematic view of a corporate door access;
FIG. 16 is a schematic view of a community gate inhibition.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer and more complete, the technical solutions in the embodiments of the present invention will be described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, but not all, embodiments of the present invention, and based on the embodiments of the present invention, all other embodiments obtained by a person of ordinary skill in the art without creative efforts belong to the scope of the present invention.
As shown in fig. 1: the data structure of the bloom filter is an extremely large array of bits (lowest in the figure), where each bit can hold a binary 0 or 1. element1 and element2 are two elements that require a hash (hereinafter hash) algorithm to be used to store the bit array. f, (e), g, (e) and h (e) are three hash functions (hereinafter, referred to as hash functions), elements to be hashed are provided to the hash functions as input parameters, different values are obtained through a blind hash algorithm, the values are finally mapped to different positions in a bit array, and the corresponding position is set to be 1, namely, the value obtained after the element is calculated through the hash function is represented. When the bit array is extremely large, the points located in the bit array obtained after different elements are mapped by the hash function are very sparse, and therefore the probability that different elements are mapped to the same point after hashing is greatly reduced.
When elements are added to the bloom filter, a plurality of hash functions are used for hash of the elements to obtain an integer index value, then modulo operation is carried out on the length of the bit array to obtain a position, and each hash function can obtain a different position. And setting all the bits of the bit array to be 1, the adding operation is completed.
When the bloom filter is inquired whether an element exists, as well as the addition, the hash positions are calculated, whether the positions in the bit array are all 1 is seen, and as long as one bit is 0, the element does not exist in the bloom filter. If the positions are all 1, it cannot be said that the element is always present, but is most likely to be present, because the positions set to 1 may be due to the presence of other keys. If the bit array is large enough, the stored bits are sparse, the probability of judging the correctness is very high, otherwise, the probability is low.
The working principle of the system is as follows:
the system administrator sets an access rule (access time interval or type of access personnel, related contents of personnel roles are omitted for simplifying the description, and addition can be considered during actual operation) through an access control system management end, and after the access personnel are input (personnel information is collected through lines), tokens (fingerprints, facial recognition input or IC card making) are applied and issued for the access personnel. After the token management module generates the issuing token, the token is transmitted to a bloom filter integrated in the access control terminal through a filter maintenance module, and the bloom filter maps the corresponding token to each bit of the bit array through a hash function. When a person accesses the access control system to apply access (card punching/fingerprint swiping/face swiping), the identifier reads token information and transmits the token information to a bloom filter, the filter uses the same hash function to map, the mapped result is compared with each bit in a bit array, if any bit is different, the person who requests the access is considered to have an invalid token, the access request is directly refused, otherwise, the token is transmitted to an access control module of the access control core system, the access control module calls a token management module to inquire whether the token which applies the access exists in a database, whether the token is released or not is judged according to access rules maintained by a system administrator, and if the token can be released, a release instruction is transmitted to a controller of the access control terminal to allow the person to pass.
1. System architecture
The system architecture is shown in fig. 2, and the access control system is composed of an access control terminal, an access control management terminal, an access control core system and a database.
The entrance guard terminal is composed of an identifier, a bloom filter and an entrance guard controller. The recognizer is used for recognizing identity information of a person requesting access control, and the specific implementation can be face recognition, fingerprint recognition or an NFC card reader (if the face recognition is carried out, the function of the component is to extract a feature code (face ID) from the face information, and if the NFC card reader is carried out, the ID information of the card is read); the bloom filter is used for verifying whether the personnel identity information does not exist or not and intercepting an invalid request; the controller is used for controlling the opening and closing of the door and feeding back the identity verification result to the personnel.
The entrance guard management end consists of three functional modules of entrance guard rule maintenance, token maintenance and personnel maintenance and is a web application or a client application. An access control system administrator sets and modifies access rules of the access control system through an access rule maintenance function (such as night prohibition, time period control on access of specific identity personnel and the like); a person list (person in a unit, visitor registration and the like) which can pass through the entrance guard is input through personnel maintenance; and applying for and canceling the token for the personnel through the token maintenance function.
The access control core system consists of four services of access control, token management, personnel management and filter maintenance, and is one or more back-end service applications. The access control service is used for maintaining access rules, carrying out identity verification on personnel according to the access rules and sending a release or release refusing signal to the access control terminal controller; the token management service is used for applying for tokens or canceling tokens for personnel, maintaining the validity period of the tokens and the like; the personnel management service is used for maintaining personnel information of the access control system; the filter maintenance service is used to load token information to the filter after generating the token or to periodically reset the filter.
The database is used for storing the access rules, the personnel tokens and the personnel information.
2. Admission rule maintenance
As shown in fig. 3, the administrator of the access control system sets the access rules through the access rule maintenance function of the access control terminal, and the access control terminal calls the access control service to update the set access rule information to the database. The active view is shown in fig. 4.
3. Personnel maintenance
As shown in fig. 5, the administrator of the access control system collects the information of the personnel through the line, and uses the personnel maintenance function of the access control management terminal to enter and update the information of the personnel, and the access control management terminal calls the personnel management service of the access control core system to update the information of the personnel in the database. The active view is shown in fig. 4.
4. Token maintenance
As shown in fig. 7, after receiving the offline application of the request through the access control system personnel, the access control system administrator applies for a token through the token maintenance function of the access control management end for the personnel who pass the audit, the token maintenance function calls the token management service of the access control core system to generate a token, and stores the token into the database, then updates the token attribute of the personnel information, calls the filter maintenance service to load the token information into the bloom filter of the access control terminal, and finally persistently updates the personnel information after the token information is updated to the database, wherein the activity flow is shown in fig. 8.
When the personnel no longer need to pass through the access control system (personnel leave the office or migrate), the administrator logs off the token through the token maintenance function of the access control management end, the token maintenance function calls the token management service of the access control core system to update the token information to be invalid, the token information is stored in the database, and the activity flow is as shown in fig. 9.
5. Filter maintenance
As shown in fig. 10, after the administrator of the access control system applies for the token, the token management service of the access control core system calls the filter maintenance service to add the token information into the bloom filter, and the activity flow is as shown in fig. 11; when the access control system administrator logs out the token or the token expires, the bloom filter does not immediately update the token information, and after the bloom filter needs to be cleared by the night timing task, the token is loaded into the filter again, and the clearing flow is as shown in fig. 12.
6. Admission control
As shown in fig. 13, when a person applies for passing through the access control, token authentication (face brushing, fingerprint brushing, and card punching) is performed through the identifier of the access control terminal, and the identifier obtains token information and then transmits the token information to the bloom filter for comparison and verification. If the bloom filter judges that the token does not exist, the access controller prompts that the personnel are not authorized and refuses the personnel to pass. If the bloom filter judges that the token possibly exists, the identifier sends the token information to the admission control service of the access control core system and applies for admission.
After the admission control service receives the admission request of the identifier, the admission control service inquires whether the token exists (and is not expired) through token management, if the token does not exist (or is expired), the access controller prompts a person that the token does not exist (or is expired), and the person is refused to pass.
If the token is verified to be valid, the admission control service calls token management service to inquire personnel information through the token, calls the admission control service to inquire admission rules, judges whether the personnel type and the current time meet the admission rules, if the rules are met, the admission controller returns an admission instruction to the access terminal controller, the access controller opens the door and prompts welcome information, otherwise, the access controller prompts that the user has insufficient authority to refuse the personnel to enter.
The access control system can be independently used as an access control system, and can be matched with a company attendance system to carry out attendance statistics and community property management through expanding an external interface.
As shown in fig. 15, the system can be used for company entrance guard, and in this scenario, the attendance management interface can be expanded to call the attendance registration service of the company attendance system to manage and monitor the attendance and activities of the person.
As shown in fig. 16, the system can be used for community gate inhibition, and in this scenario, a property payment query interface can be extended to perform time limit control on a gate inhibition token by querying property payment information.
The system greatly improves the anti-interference capability of the system by introducing the bloom filter, can filter most interference signals (such as IC card misreading, face mistaken swiping or fingerprint mistaken touching) compared with the traditional access control system, lightens the query burden of a database, is particularly suitable for scenes of requesting access in a large amount in a short time when an enterprise and public institution goes to work or leaves work, improves the identification efficiency, reduces the passing time of personnel, and saves the management cost of the enterprise and public institution.
The above description is only a preferred embodiment of the present invention, and is only used to illustrate the technical solutions of the present invention, and not to limit the protection scope of the present invention. Any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention shall fall within the protection scope of the present invention.
Claims (9)
1. An entrance guard system based on a bloom filter is characterized in that,
the system consists of 1) an access control terminal, 2) an access control management terminal, 3) an access control core system and 4) a database;
1) the entrance guard terminal consists of an identifier, a bloom filter and an entrance guard controller; wherein
The recognizer is used for recognizing identity information of the access control personnel;
the bloom filter is used for verifying whether the personnel identity information does not exist or not and intercepting an invalid request;
the controller is used for controlling the opening and closing of the door and feeding back an identity verification result to personnel;
2) the entrance guard management end consists of three functional modules of access rule maintenance, token maintenance and personnel maintenance; wherein
Setting and modifying an access rule of the access control system through an access rule maintenance function;
entering a personnel list which can pass through the entrance guard through personnel maintenance;
applying for and canceling tokens for the personnel through a token maintenance function;
3) the access control core system consists of four services of access control, token management, personnel management and filter maintenance; wherein
The access control service is used for maintaining access rules, carrying out identity verification on personnel according to the access rules and sending a release or release refusing signal to the access control terminal controller;
the token management service is used for applying for a token or canceling the token for a person, and the token is maintained for the validity period;
the personnel management service is used for maintaining personnel information of the access control system;
the filter maintenance service is used for loading token information into the filter after generating the token or resetting the filter periodically;
4) the database is used for storing the access rules, the personnel tokens and the personnel information.
2. The system of claim 1,
the identity information of the access control personnel comprises face recognition, fingerprint recognition or an NFC card reader;
if the face recognition is carried out, the function of the component is to extract a feature code (face ID) from face information, and if the NFC card reader is used, the function of the component is to read card ID information.
3. The system of claim 1,
the access rule is set through the access rule maintenance function of the access control terminal, and the access control terminal calls the access control service to update the set access rule information to the database.
4. The system of claim 1,
and summarizing the personnel information under the line, inputting and updating the personnel information by using the personnel maintenance function of the access control management terminal, and calling the personnel management service of the access control core system by the access control management terminal to update the personnel information in the database.
5. The system of claim 1,
after receiving the offline application of the request through the access control system personnel, the access control system administrator applies for tokens for the personnel who pass the audit through the token maintenance function of the access control management end, the token maintenance function calls the token management service of the access control core system to generate the tokens and stores the tokens in the database, then the token attribute of the personnel information is updated, the filter maintenance service is called to load the token information into a bloom filter of the access control terminal, and finally the personnel information after the token information is updated persistently is sent to the database.
6. The system of claim 5,
when the personnel no longer need to pass through the access control system, the access control system administrator logs off the token through the token maintenance function of the access control management terminal, the token maintenance function calls the token management service of the access control core system to update the token information to be invalid, and the token information is stored in the database.
7. The system of claim 1,
when an access control system administrator applies for a token, a token management service of an access control core system calls a filter maintenance service to add the token information into a bloom filter, when the access control system administrator logs out the token or the token is expired, the bloom filter cannot immediately update the token information, and the token is re-loaded into the filter after the bloom filter needs to be emptied through a night timing task.
8. The system of claim 1,
when a person applies for passing the access control, token authentication is carried out through an identifier of the access control terminal, and the identifier acquires token information and then transmits the token information to the bloom filter for comparison and verification;
if the bloom filter judges that the token does not exist, the access controller prompts that the personnel are not authorized and refuses the personnel to pass;
if the bloom filter judges that the token possibly exists, the identifier sends the token information to an access control service of an access control core system and applies for access;
after the admission control service receives the admission request of the identifier, the admission control service inquires whether the token exists or is not overdue through token management, if the token does not exist or is overdue, the access controller prompts personnel that the token does not exist or is overdue, and the personnel are refused to pass.
9. The system of claim 8,
if the token is verified to be valid, the admission control service calls token management service to inquire personnel information through the token, calls the admission control service to inquire admission rules, judges whether the personnel type and the current time meet the admission rules, if the rules are met, the admission controller returns an admission instruction to the access terminal controller, the access controller opens the door and prompts welcome information, otherwise, the access controller prompts that the user has insufficient authority to refuse the personnel to enter.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011393624.6A CN112562151B (en) | 2020-12-03 | 2020-12-03 | Entrance guard system based on bloom filter |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011393624.6A CN112562151B (en) | 2020-12-03 | 2020-12-03 | Entrance guard system based on bloom filter |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN112562151A true CN112562151A (en) | 2021-03-26 |
| CN112562151B CN112562151B (en) | 2023-07-21 |
Family
ID=75047301
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011393624.6A Active CN112562151B (en) | 2020-12-03 | 2020-12-03 | Entrance guard system based on bloom filter |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112562151B (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113903444A (en) * | 2021-12-02 | 2022-01-07 | 白杨智慧医疗信息科技(北京)有限公司 | Access method and device for operating room and server |
| CN114780769A (en) * | 2022-06-13 | 2022-07-22 | 杭州合众数据技术有限公司 | Personnel checking method based on bloom filter |
| CN116094748A (en) * | 2022-11-23 | 2023-05-09 | 紫光云技术有限公司 | Message signature interception system based on bloom filter |
Citations (14)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20150312241A1 (en) * | 2012-03-30 | 2015-10-29 | Nokia Corporation | Identity based ticketing |
| CN106205025A (en) * | 2016-09-27 | 2016-12-07 | 北海益生源农贸有限责任公司 | A kind of intelligent security protection management system |
| US20170099281A1 (en) * | 2015-10-05 | 2017-04-06 | Kony, Inc. | Identity management over multiple identity providers |
| CN206388255U (en) * | 2016-11-30 | 2017-08-08 | 北京铁路信号有限公司 | A kind of gate control system |
| CN206557866U (en) * | 2016-08-31 | 2017-10-13 | 北京厚文知识产权顾问有限公司 | A kind of gate control system based on GPS location |
| CN107657706A (en) * | 2017-10-27 | 2018-02-02 | 佛山科学技术学院 | A kind of gate control system based on RFID and recognition of face and combine recognition methods |
| US20190050550A1 (en) * | 2011-05-18 | 2019-02-14 | Nextgenid, Inc. | Device for collecting personal data from user |
| WO2019060000A1 (en) * | 2017-09-25 | 2019-03-28 | Microsoft Technology Licensing, Llc | System of mobile notification delivery utilizing bloom filters |
| CN109614407A (en) * | 2018-12-10 | 2019-04-12 | 北京奇艺世纪科技有限公司 | A kind of request processing method and equipment |
| CN110718010A (en) * | 2019-10-08 | 2020-01-21 | 八兔软件科技(上海)有限公司 | Property access control system |
| CN110827458A (en) * | 2019-12-20 | 2020-02-21 | 江苏瑞孚特物联网科技有限公司 | Hospital visiting management system and method based on face recognition |
| US10650003B1 (en) * | 2016-03-31 | 2020-05-12 | Amazon Technologies, Inc. | Expiration of elements associated with a probabilistic data structure |
| US20200254974A1 (en) * | 2019-02-11 | 2020-08-13 | Ford Global Technologies, Llc | Systems and methods for providing vehicle access using biometric data |
| CN111654665A (en) * | 2020-05-15 | 2020-09-11 | 合肥极光科技股份有限公司 | Intelligent tail money cabinet monitoring system |
-
2020
- 2020-12-03 CN CN202011393624.6A patent/CN112562151B/en active Active
Patent Citations (14)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20190050550A1 (en) * | 2011-05-18 | 2019-02-14 | Nextgenid, Inc. | Device for collecting personal data from user |
| US20150312241A1 (en) * | 2012-03-30 | 2015-10-29 | Nokia Corporation | Identity based ticketing |
| US20170099281A1 (en) * | 2015-10-05 | 2017-04-06 | Kony, Inc. | Identity management over multiple identity providers |
| US10650003B1 (en) * | 2016-03-31 | 2020-05-12 | Amazon Technologies, Inc. | Expiration of elements associated with a probabilistic data structure |
| CN206557866U (en) * | 2016-08-31 | 2017-10-13 | 北京厚文知识产权顾问有限公司 | A kind of gate control system based on GPS location |
| CN106205025A (en) * | 2016-09-27 | 2016-12-07 | 北海益生源农贸有限责任公司 | A kind of intelligent security protection management system |
| CN206388255U (en) * | 2016-11-30 | 2017-08-08 | 北京铁路信号有限公司 | A kind of gate control system |
| WO2019060000A1 (en) * | 2017-09-25 | 2019-03-28 | Microsoft Technology Licensing, Llc | System of mobile notification delivery utilizing bloom filters |
| CN107657706A (en) * | 2017-10-27 | 2018-02-02 | 佛山科学技术学院 | A kind of gate control system based on RFID and recognition of face and combine recognition methods |
| CN109614407A (en) * | 2018-12-10 | 2019-04-12 | 北京奇艺世纪科技有限公司 | A kind of request processing method and equipment |
| US20200254974A1 (en) * | 2019-02-11 | 2020-08-13 | Ford Global Technologies, Llc | Systems and methods for providing vehicle access using biometric data |
| CN110718010A (en) * | 2019-10-08 | 2020-01-21 | 八兔软件科技(上海)有限公司 | Property access control system |
| CN110827458A (en) * | 2019-12-20 | 2020-02-21 | 江苏瑞孚特物联网科技有限公司 | Hospital visiting management system and method based on face recognition |
| CN111654665A (en) * | 2020-05-15 | 2020-09-11 | 合肥极光科技股份有限公司 | Intelligent tail money cabinet monitoring system |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113903444A (en) * | 2021-12-02 | 2022-01-07 | 白杨智慧医疗信息科技(北京)有限公司 | Access method and device for operating room and server |
| CN114780769A (en) * | 2022-06-13 | 2022-07-22 | 杭州合众数据技术有限公司 | Personnel checking method based on bloom filter |
| CN114780769B (en) * | 2022-06-13 | 2022-09-13 | 杭州合众数据技术有限公司 | Personnel checking method based on bloom filter |
| CN116094748A (en) * | 2022-11-23 | 2023-05-09 | 紫光云技术有限公司 | Message signature interception system based on bloom filter |
Also Published As
| Publication number | Publication date |
|---|---|
| CN112562151B (en) | 2023-07-21 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN112562151A (en) | Access control system based on bloom filter | |
| CN105975948B (en) | Cloud service platform framework for recognition of face | |
| US8364646B2 (en) | Scalable searching of biometric databases using dynamic selection of data subsets | |
| US7205882B2 (en) | Actuating a security system using a wireless device | |
| US20030182182A1 (en) | Biometrics-based voting | |
| GB2381916A (en) | Encrypting biometrics template | |
| JP2010287124A (en) | Biometric matching system and biometric matching method | |
| CN111353925B (en) | Block chain-based fraud prevention system and method | |
| CN109544749A (en) | A kind of visitor's processing system and method based on face recognition technology | |
| CN101699435A (en) | Method for querying and authenticating second-generation ID card based on key information | |
| CN109377618A (en) | Guard method and device | |
| US8931080B2 (en) | Method and system for controlling the execution of a function protected by authentification of a user, in particular for the access to a resource | |
| CN114360129A (en) | Access control management method, system and equipment, and storage medium | |
| CN111553704A (en) | Block chain method and system with access level limitation | |
| CN210442852U (en) | Fingerprint access control system | |
| US6983485B1 (en) | Method and apparatus for authentication for a multiplicity of services | |
| EP1261941A1 (en) | Management of permit codes | |
| CN116982332A (en) | Method for authorizing a first participant in a communication network, processor device, motor vehicle and infrastructure device | |
| NL7907247A (en) | METHOD FOR SUBSCRIBER RECOGNITION. | |
| JP2005004253A (en) | Personal identification system | |
| CN108711118A (en) | Self-service system for hotel and its method | |
| KR102648247B1 (en) | Vehicle access control system with multiple authentication procedures | |
| JP2001236318A (en) | Method for changing and reissuing password | |
| Beynon-Davies | Personal identification in the information age: the case of the national identity card in the UK | |
| CN111324903A (en) | Scenic spot management system and method based on block chain technology |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |