CN113421362B - CTID-based intelligent door lock real-name authentication method, device and system - Google Patents
CTID-based intelligent door lock real-name authentication method, device and system Download PDFInfo
- Publication number
- CN113421362B CN113421362B CN202110691446.3A CN202110691446A CN113421362B CN 113421362 B CN113421362 B CN 113421362B CN 202110691446 A CN202110691446 A CN 202110691446A CN 113421362 B CN113421362 B CN 113421362B
- Authority
- CN
- China
- Prior art keywords
- door lock
- information
- intelligent door
- module
- management system
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07C—TIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
- G07C9/00—Individual registration on entry or exit
- G07C9/00174—Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
- G07C9/00309—Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07C—TIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
- G07C9/00—Individual registration on entry or exit
- G07C9/00174—Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
- G07C9/00563—Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys using personal physical data of the operator, e.g. finger prints, retinal images, voicepatterns
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07C—TIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
- G07C9/00—Individual registration on entry or exit
- G07C9/00174—Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
- G07C9/00571—Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated by interacting with a central unit
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04M—TELEPHONIC COMMUNICATION
- H04M1/00—Substation equipment, e.g. for use by subscribers
- H04M1/72—Mobile telephones; Cordless telephones, i.e. devices for establishing wireless links to base stations without route selection
- H04M1/724—User interfaces specially adapted for cordless or mobile telephones
- H04M1/72403—User interfaces specially adapted for cordless or mobile telephones with means for local support of applications that increase the functionality
- H04M1/72409—User interfaces specially adapted for cordless or mobile telephones with means for local support of applications that increase the functionality by interfacing with external accessories
- H04M1/72415—User interfaces specially adapted for cordless or mobile telephones with means for local support of applications that increase the functionality by interfacing with external accessories for remote control of appliances
Landscapes
- Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computer Networks & Wireless Communication (AREA)
- Human Computer Interaction (AREA)
- Signal Processing (AREA)
- Lock And Its Accessories (AREA)
Abstract
The invention discloses a CTID-based intelligent door lock real-name authentication method, a CTID-based intelligent door lock real-name authentication device and a CTID-based intelligent door lock real-name authentication system.
Description
Technical Field
The invention relates to the technical field of intelligent door locks, in particular to a CTID-based intelligent door lock real-name authentication method, device and system.
Background
In recent years, intelligent door locks are more and more widely applied, and safety is a relatively important research hotspot of intelligent door locks. Wherein, if the door lock and the unlocked entrance guard have no security authentication, a hacker can adopt disguised attack. In the prior art, the security of the NFC card is only verified on the intelligent door lock, but for other modes, especially the situation that the unlocking is carried out by adopting a mobile phone, the security verification is not carried out. In addition, the existing intelligent door lock cannot ensure that the information of the personnel who show the network certificate is consistent with the information of the personnel in the network certificate, and if A is an authorized person, B can open the intelligent door lock by holding the network certificate information of A.
At present, no technical scheme for carrying out intelligent door lock verification and unlocking through a mobile phone is available.
Disclosure of Invention
Aiming at the defects of the prior art, the invention aims to provide a CTID-based intelligent door lock real-name authentication method, device and system.
In order to achieve the purpose, the invention adopts the following technical scheme:
a CTID-based intelligent door lock real-name authentication method comprises the following steps:
s1, an intelligent door lock acquires network license information of personnel;
s2, the intelligent door lock acquires face information of a person;
s3, the intelligent door lock binds the acquired network card information and the acquired face information into information of the same person, and starts real-name authentication;
s4, the main control module of the intelligent door lock calls a local security module to perform security encryption on the acquired network certificate information and the acquired face information; the main control module of the intelligent door lock acquires intelligent door lock information from a local safety module, and then performs mutual safety authentication with a background door lock management system through a communication module; the intelligent door lock information comprises an intelligent door lock equipment number and safety certification information;
s5, after the safety certification and verification are passed, a main control module of the intelligent door lock establishes a safety communication link with a background intelligent door lock system through a communication module;
s6, the communication module sends the network card information and the face information which are encrypted safely to a background door lock management system; the background door lock management system decrypts the received information and inquires whether corresponding network card information and face information comparison record data exist in a buffer area of the background door lock management system; if yes, the background door lock management system directly performs real-name authentication comparison of the network certificate information and the face information by using the network certificate information and the face information comparison record data in the cache region, and then executes the step S9; if not, executing step S7;
s7, the background door lock management system carries out real-name authentication comparison on the decrypted network certificate information and the face information by calling the network certificate information and the face information real-name authentication interface of the CTID platform;
s8, the CTID platform returns the real-name authentication comparison result to the background door lock management system;
s9, if the real-name authentication comparison result shows that the authentication fails, the background door lock management system returns a dynamically encrypted authentication failure unlocking refusing instruction to the intelligent door lock; if the real-name authentication is successful, judging whether the personnel has the right of passage according to the preset service requirement, if the personnel has the right of passage, dynamically encrypting the unlocking instruction and then sending the unlocking instruction to the intelligent door lock, otherwise, returning the dynamically encrypted unauthorized unlocking instruction;
s10, the communication module of the intelligent door lock returns the received instruction to the main control module of the intelligent door lock;
s11, the main control module of the intelligent door lock calls the safety module to decrypt and verify the validity of the instruction, and after the validity is verified, if the instruction is an unlocking instruction, the door lock module is controlled to unlock the door lock.
Further, in step S1, the intelligent door lock obtains the network license information of the person through any one of the following modes:
(1) Scanning the network certificate information in a two-dimensional code form shown by a person through a code scanning module;
(2) The method comprises the steps that a mobile terminal connected with personnel through Bluetooth acquires personnel network license information which is opened and downloaded on the mobile terminal;
(3) The intelligent door lock is connected with a mobile terminal of a person through WiFi to acquire network license information of the person;
(4) The intelligent door lock is connected with the mobile terminal of the personnel through a mobile wireless network to acquire the network license information of the personnel.
Further, in step S2, the intelligent door lock obtains the face information of the person through any one of the following modes:
(1) The intelligent door lock acquires a face information image through a shooting module;
(2) The intelligent door lock acquires a face video through the shooting module, and then extracts a face information image from the video.
Further, in step S2, the live body detection is performed before the acquired face information, and the face information is acquired after the live body detection is passed.
The invention also provides another CTID-based intelligent door lock real-name authentication method, which comprises the following specific processes:
s1, a main control module of an intelligent door lock reads dynamically encrypted intelligent door lock information from a security module, wherein the intelligent door lock information comprises an intelligent door lock equipment number and security authentication information;
s2, the main control module of the intelligent door lock sends the intelligent door lock information to an interaction module of the intelligent door lock, and the interaction module displays the intelligent door lock information;
s3, obtaining intelligent door lock information by a person through a door lock information obtaining module on the mobile terminal;
s4, the door lock information acquisition module of the mobile terminal sends the acquired intelligent door lock information to the control module of the mobile terminal;
s5, the mobile terminal acquires face information of a person;
s6, carrying out safety certification and verification on the mobile terminal and the background door lock management system; after the safety certification verification is passed, the mobile terminal encrypts the opened and downloaded network authentication information, the face information and the intelligent door lock information and then sends the encrypted information to a background door lock management system; the background door lock management system receives the encrypted network certificate information, the face information and the intelligent door lock information sent by the mobile terminal and then decrypts the information; the background door lock management system inquires whether corresponding network card information and face information comparison record data exist in a cache region of the background door lock management system; if yes, the background door lock management system directly utilizes the network certificate information and the face information comparison record data of the cache area to carry out real-name authentication comparison of the network certificate information and the face information, and then step S9 is executed; if not, executing step S7;
s7, the background door lock management system realizes real-name authentication comparison of the network certificate information and the face information by calling a network certificate information and face information real-name authentication interface of the CTID platform;
s8, the CTID platform returns the real-name authentication comparison result to the background door lock management system;
s9, if the comparison result shows that the real-name authentication fails, the background door lock management system returns a dynamically encrypted authentication failure unlocking rejection instruction to the mobile terminal; if the real-name authentication is successful, judging whether the personnel has the right of passage according to the preset service requirement, if so, dynamically encrypting the unlocking instruction and then sending the encrypted unlocking instruction to the mobile terminal, otherwise, returning the dynamically encrypted unauthorized unlocking instruction to the mobile terminal;
s10, the mobile terminal is connected with an intelligent door lock in a short-range communication mode;
s11, mutual safety authentication is carried out between the mobile terminal and the intelligent door lock;
s12, the mobile terminal sends a dynamic encryption instruction from the background door lock management system to the intelligent door lock; the main control module of the intelligent door lock calls the security module to decrypt and verify the validity of the instruction; and after the validity verification is passed, if the instruction is an unlocking instruction, controlling the door lock module to unlock the door lock.
Further, in step S3, the mobile terminal acquires the intelligent door lock information, including but not limited to the intelligent door lock two-dimensional code displayed by the scanning interaction module, the intelligent door lock connected by bluetooth, the intelligent door lock connected by WIFI, and the intelligent door lock information manually inputted to the mobile terminal by personnel.
Further, in step S5, when the mobile terminal acquires the face information, it needs to perform living body detection on the face of the person; and acquiring face information through a camera of the mobile terminal after the living body detection is passed.
Further, in step S10, the short-range communication mode includes, but is not limited to, bluetooth, WIFI, infrared, acoustic, and short wave.
The invention also provides an intelligent door lock for realizing the method, wherein the intelligent door lock comprises an interaction module, an operation area, a code scanning module, a door lock module, a shooting module, a communication module, a safety module and a main control module;
the interaction module is used for displaying the two-dimensional code of the intelligent door lock, operation prompt, voice prompt operation and voice playing audio;
the operation area is used for activating the intelligent door lock and allowing managers and operation and maintenance personnel to operate and maintain after passing safety verification;
the code scanning module is used for scanning two-dimensional code information displayed by personnel;
the door lock module is used for managing and controlling the opening and closing of the door lock;
and the shooting module is used for acquiring photos and videos of personnel in front of the door lock.
And the communication module is used for communicating with the background door lock management system and communicating with the mobile terminal.
The security module is used for security storage, digital identity authentication, security encryption and decryption, and generation and verification of a dynamic digital key;
the main control module controls other modules of the intelligent door lock and has programmable capability.
The invention also provides a background door lock management system for realizing the method, and the background door lock management system has a safety authentication function, a safety communication function, a service management function, an access device management function, a history log function, a CTID (computer telephony integration) docking function and a comparison check cache function;
the safety authentication function is used for providing safety authentication capability for all intelligent door locks and mobile terminals which are accessed to the background door lock management system;
the safety communication function is used for providing a safety encrypted communication capability for network communication among the intelligent door lock, the mobile terminal and the background door lock management system;
the service management function provides docking capability for various service scenes using the intelligent door lock, and can manage the door opening authority and control logic of the door lock according to corresponding service requirements.
Accessing a device management function, and managing all accessed intelligent door locks and mobile terminals;
the history log function is used for recording the history states of all the access devices and comparing the history logs with the testimony verification;
the CTID docking function is used for docking a CTID platform so as to provide real-name authentication comparison service of the network authentication information and the face information;
the comparison verification caching function is used for caching real-name authentication comparison data of the network authentication information and the face information, and can directly provide real-name authentication comparison service of the network authentication information and the face information.
The invention has the beneficial effects that:
1. by using the invention, all operations of personnel can be completed on the mobile phone without additional entity certificates and materials.
2. By using the invention, the identity information of the personnel is safely encrypted and transmitted, and cannot be obtained by other people except a public security gateway.
3. The invention can record and store the real-name system traffic records of all personnel.
4. The intelligent door lock has safety protection capability, and can prevent malicious cracking and attack by hackers.
5. The intelligent door lock has various application modes such as online and offline, can be controlled offline through a mobile phone under the condition that the intelligent door lock is disconnected, and simultaneously compatibly supports real-name authentication unlocking of various media.
6. The cost is cheap, and is less to traditional intelligent lock transformation, and the cost can effective control.
According to the invention, through deploying the intelligent door lock which is based on the CTID platform and can be authenticated by real name, an online and offline system can be effectively opened, a user can complete application operation through a mobile phone, and related social security prevention and control management services can be conveniently completed by public security organs and operation management parties of various scenes.
Drawings
FIG. 1 is a schematic flow chart of the method of example 1 of the present invention;
FIG. 2 is a schematic flow chart of a method according to embodiment 2 of the present invention;
FIG. 3 is a schematic structural diagram of an apparatus according to embodiment 3 of the present invention;
fig. 4 is a schematic structural diagram of a security module according to embodiment 3 of the present invention.
Detailed Description
The present invention will be further described with reference to the accompanying drawings, and it should be noted that the present embodiment is based on the technical solution, and the detailed implementation and the specific operation process are provided, but the protection scope of the present invention is not limited to the present embodiment.
Example 1
The embodiment provides a CTID-based intelligent door lock real-name authentication method, which is used for unlocking and passing through personnel after real-name authentication through a network card and a human face under the condition that an intelligent door lock is on line.
In a general situation, the intelligent door lock can be connected to the background intelligent door lock management system through various communication modes such as 2G/3G/4G/5G/WiFi/optical fiber/cable. As shown in fig. 1, the method of this embodiment includes the following steps:
s1, the intelligent door lock acquires the network license information of personnel.
In an optional mode, the intelligent door lock scans the network card information in the two-dimensional code form shown by the person through the code scanning module.
In an optional mode, the intelligent door lock is connected with the personnel's mobile terminal through bluetooth to obtain the personnel's network card information of opening and downloading on the mobile terminal.
In an optional mode, the intelligent door lock acquires the network license information of the personnel through a WiFi connection personnel mobile terminal.
In an optional mode, the intelligent door lock is connected with the mobile terminal of the personnel through a mobile wireless network such as 2G/3G/4G/5G and the like to acquire the network license information of the personnel.
S2, the intelligent door lock acquires face information of people, and living body detection is performed before the acquired face information, so that malicious attack is prevented.
As an optional mode, the intelligent door lock acquires face information through the shooting module.
As another optional mode, the intelligent door lock acquires a face video through the shooting module, and then extracts face information from the video.
S3, the intelligent door lock binds the acquired network card information and the acquired face information into information of the same person, and starts real-name authentication;
s4, the main control module of the intelligent door lock calls a local security module to perform security encryption on the acquired network certificate information and the acquired face information; the main control module of the intelligent door lock acquires intelligent door lock information from a local safety module, and then performs mutual safety authentication with a background door lock management system through a communication module; the intelligent door lock information comprises an intelligent door lock equipment number and safety certification information;
and S5, after the safety certification and verification are passed, the main control module of the intelligent door lock establishes a safety communication link with the background intelligent door lock system through the communication module.
S6, the communication module sends the network card information and the face information which are encrypted safely to a background door lock management system; the background door lock management system decrypts the received information and inquires whether corresponding network card information and face information comparison record data exist in a buffer area of the background door lock management system; if yes, the background door lock management system directly performs real-name authentication comparison of the network certificate information and the face information by using the network certificate information and the face information comparison record data in the cache region, and then executes the step S9; if not, step S7 is performed.
And S7, the background door lock management system carries out real-name authentication comparison on the decrypted network certificate information and the decrypted face information by calling the network certificate information and face information real-name authentication interface of the CTID platform.
And S8, the CTID platform returns the real-name authentication comparison result to the background door lock management system.
S9, if the real-name authentication comparison result shows that the authentication fails, the background door lock management system returns a dynamically encrypted authentication failure unlocking refusing instruction to the intelligent door lock; if the real-name authentication is successful, judging whether the personnel has the right of passage according to the preset service requirement, if so, dynamically encrypting the unlocking instruction and then sending the unlocking instruction to the intelligent door lock, otherwise, returning the dynamically encrypted unauthorized unlocking instruction.
And S10, the communication module of the intelligent door lock returns the received instruction to the main control module of the intelligent door lock.
S11, the main control module of the intelligent door lock calls the safety module to decrypt and verify the validity of the instruction, and after the validity is verified, if the instruction is an unlocking instruction, the door lock is opened.
Example 2
The embodiment provides a CTID-based intelligent door lock real-name authentication method, which is used for unlocking and passing through personnel after real-name authentication through a network card and a human face under the condition that an intelligent door lock is offline (communication fault occurs or remote communication capability is not available).
As shown in fig. 2, the method of the embodiment includes the following specific steps:
s1, a main control module of the intelligent door lock reads dynamically encrypted intelligent door lock information from a security module, wherein the intelligent door lock information comprises an intelligent door lock equipment number and security authentication information.
And S2, the main control module of the intelligent door lock sends the intelligent door lock information to the interaction module of the intelligent door lock.
And S3, the personnel acquire the intelligent door lock information through the door lock information acquisition module on the mobile terminal.
As an optional mode, the mobile terminal includes but is not limited to various mobile terminal devices such as a mobile phone APP, a WeChat applet, a Paibao applet, a Baidu applet, an intelligent NFC card, intelligent glasses, and other wearable devices;
as an optional mode, the above-mentioned mode that the mobile terminal obtained intelligent lock information includes but is not limited to through scanning intelligent lock two-dimensional code, bluetooth connection intelligent lock, WIFI connection intelligent lock, manual input intelligent lock information on the interactive module multiple mode.
In the process that the mobile terminal acquires the intelligent door lock information, mutual safety authentication is required between the mobile terminal and the intelligent door lock.
And S4, the module for acquiring the door lock information of the mobile terminal sends the acquired intelligent door lock information to the control module of the mobile terminal.
And S5, the mobile terminal acquires the face information of the person.
As an optional mode, when the mobile terminal acquires face information, living body detection needs to be performed on the face of a person; and acquiring face information through a camera of the mobile terminal after the living body detection is passed.
S6, the mobile terminal sends the opened and downloaded network certificate information, the face information and the intelligent door lock information to a background door lock management system; and the background door lock management system performs real-name authentication comparison on the network certificate information and the face information.
The mobile terminal and the background door lock management system perform safety certification and verification; after the safety certification verification is passed, the mobile terminal encrypts the network card information, the face information and the intelligent door lock information and then sends the encrypted information to a background door lock management system; the background door lock management system receives the encrypted network certificate information, the face information and the intelligent door lock information sent by the mobile terminal and then decrypts the information; the background door lock management system inquires whether corresponding network card information and face information comparison record data exist in a cache region of the background door lock management system; if yes, the background door lock management system directly utilizes the network certificate information and the face information comparison record data of the cache area to carry out real-name authentication comparison of the network certificate information and the face information, and then step S9 is executed; if not, step S7 is performed.
It should be noted that the network authentication information to be sent by the mobile terminal needs to be opened and downloaded on the mobile terminal in advance.
And S7, the background door lock management system realizes real-name authentication comparison of the network certificate information and the face information by calling the network certificate information and the face information real-name authentication interface of the CTID platform.
And S8, the CTID platform returns the real-name authentication comparison result to the background door lock management system.
S9, if the comparison result shows that the real-name authentication fails, the background door lock management system returns a dynamically encrypted authentication failure unlocking rejection instruction to the mobile terminal; if the real-name authentication is successful, judging whether the personnel has the right of passage according to the preset service requirement, if so, dynamically encrypting the unlocking instruction and then sending the encrypted unlocking instruction to the mobile terminal, otherwise, returning the dynamically encrypted unauthorized unlocking instruction to the mobile terminal.
S10, the mobile terminal is connected with an intelligent door lock in a short-range communication mode;
it should be noted that, the usable short-range communication mode includes but is not limited to bluetooth, WIFI, infrared, sound wave, short wave and so on multiple means connection intelligent lock.
S11, mutual safety certification is carried out on the mobile terminal and the intelligent door lock.
It should be noted that, the step S10 is connected by short-range communication, and the step S11 performs bidirectional security authentication, in order to ensure that the person who passes real-name authentication on the mobile terminal is the person who unlocks the intelligent door lock before, so that the intelligent door lock is ensured not to be attacked by remote malicious attacks, and not to be replaced by remote impersonation.
S12, the mobile terminal sends a dynamic encryption instruction from the background door lock management system to the intelligent door lock; the main control module of the intelligent door lock calls the security module to decrypt and verify the validity of the instruction; and after the validity verification is passed, if the instruction is an unlocking instruction, unlocking the door lock.
Example 3
The present embodiment provides an apparatus for implementing the methods of embodiments 1 and 2, and as shown in fig. 3, the apparatus includes a background door lock management system and an intelligent door lock.
The intelligent door lock comprises an interaction module, an operation area, a code scanning module, a door lock module, a shooting module, a communication module, a safety module and a main control module.
The interaction module is used for displaying the two-dimension code of the intelligent door lock, operation prompt, voice prompt operation, voice playing audio and the like. The interaction module may employ a touch screen.
The operation area is used for activating the intelligent door lock, and other equipment such as fingerprints, NFC cards, passwords and identity cards can be operated by managers and operation and maintenance personnel.
And the code scanning module is used for scanning the two-dimensional code information displayed by the personnel.
And the door lock module is used for managing and controlling the opening and closing of the door lock.
And the shooting module is used for acquiring photos and videos of personnel in front of the door lock.
And the communication module is used for communicating with the background door lock management system and communicating with the mobile terminal.
And the security module is used for security storage, digital identity authentication, security encryption and decryption, generation and verification of dynamic digital keys and the like.
The main control module controls other modules of the intelligent door lock and has programmable capability.
Fig. 4 is a schematic diagram of an alternative security module, which is used for security authentication, security storage, security encryption/decryption, dynamic digital key generation and verification, and the like, of the smart door lock, and the security module, as shown in fig. 4, includes: safety authentication, safety storage, safety encryption and decryption, dynamic keys and physical anti-cracking.
The safety certification is used for performing two-way safety certification between the intelligent door lock and a background door lock management system and between the intelligent door lock and the mobile terminal through a PKI/CA system of the intelligent door lock, and the intelligent door lock can access the background door lock management system for certification only after the two-way safety certification;
the method comprises the steps of safe storage, namely storing related equipment information of the intelligent door lock in an encrypted form, wherein the related equipment information comprises the serial number, authorization, module information and the like of the intelligent door lock;
the security module device has the encryption and decryption operation capability and supports common symmetric, asymmetric, hash, signature and signature verification algorithms, including AES, RAS, DSA, ECC, DH, national encryption series algorithms and the like;
the chip is provided with dynamic password generation algorithms such as OTP, HOTP, TOTP and the like;
and the physical anti-cracking function is realized, and the physical anti-cracking function has the capability of preventing physical attack of physical disassembly and brute force cracking.
In the above embodiments, the physical form of the security module device may adopt chips including, but not limited to, various types of IC cards, SD cards, TF cards, SIM cards, and the like.
As an optional embodiment, the operation area may be used for operations of various managers, and after the managers register real-name information in the background door lock management system in advance, real-name authentication is required during the operations, or a shooting module is used for shooting records, so that supervision and reverse checking are facilitated, wherein the managers include homeowners, cybership room operators, garbage cleaning personnel, property management personnel, and the like.
The background door lock management system has a safety authentication function, a safety communication function, a service management function, an access device management function, a history log function, a CTID (computer telephony integration) docking function and a comparison check cache function.
The safety authentication function provides safety authentication capability for all intelligent door locks and mobile terminals which are connected to the background door lock management system.
And the safety communication function is used for providing a safety encrypted communication capability for network communication among the intelligent door lock, the mobile terminal and the background door lock management system.
The service management function provides docking capability for various service scenes using the intelligent door lock, and can manage the door opening authority and control logic of the door lock according to corresponding service requirements.
And accessing a device management function, and managing all accessed intelligent door locks and mobile terminals.
And the historical log function is used for recording the historical states of all the access devices and comparing the historical logs by human evidence verification.
And the CTID docking function is used for docking a CTID platform so as to provide real-name authentication comparison service of the network authentication information and the face information.
The function of comparison, verification and caching can directly provide real-name authentication comparison service for the network authentication information and the face information aiming at certain data.
It should be noted that, after the comparison verification caching function implements real-name authentication comparison between the network authentication information and the face information, the comparison may not be performed through the CTID docking function.
Various changes and modifications can be made by those skilled in the art based on the above technical solutions and concepts, and all such changes and modifications should be included in the protection scope of the present invention.
Claims (10)
1. A CTID-based intelligent door lock real-name authentication method is characterized by comprising the following steps:
s1, an intelligent door lock acquires network license information of personnel;
s2, the intelligent door lock acquires face information of a person;
s3, the intelligent door lock binds the acquired network card information and the acquired face information into information of the same person, and starts real-name authentication;
s4, the main control module of the intelligent door lock calls a local security module to perform security encryption on the acquired network certificate information and the acquired face information; the main control module of the intelligent door lock acquires the intelligent door lock information from the local safety module, and then performs mutual safety authentication with the background door lock management system through the communication module; the intelligent door lock information comprises an intelligent door lock equipment number and safety certification information;
s5, after the safety certification and verification are passed, a main control module of the intelligent door lock establishes a safety communication link with a background door lock management system through a communication module;
s6, the communication module sends the network card information and the face information which are encrypted safely to a background door lock management system; the background door lock management system decrypts the received information and inquires whether corresponding network card information and face information comparison record data exist in a buffer area of the background door lock management system; if yes, the background door lock management system directly performs real-name authentication comparison of the network certificate information and the face information by using the network certificate information and the face information comparison record data in the cache region, and then executes the step S9; if not, executing step S7;
s7, the background door lock management system carries out real-name authentication comparison on the decrypted network certificate information and the decrypted face information by calling a network certificate information and face information real-name authentication interface of the CTID platform;
s8, the CTID platform returns a real-name authentication comparison result to the background door lock management system;
s9, if the real-name authentication comparison result shows that the authentication fails, the background door lock management system returns a dynamically encrypted authentication failure unlocking refusing instruction to the intelligent door lock; if the real-name authentication is successful, judging whether the personnel has the right of passage according to the preset service requirement, if the personnel has the right of passage, dynamically encrypting the unlocking instruction and then sending the unlocking instruction to the intelligent door lock, otherwise, returning the dynamically encrypted no-right unlocking instruction;
s10, the communication module of the intelligent door lock returns the received instruction to the main control module of the intelligent door lock;
s11, the main control module of the intelligent door lock calls the safety module to decrypt and verify the validity of the instruction, and after the validity is verified, if the instruction is an unlocking instruction, the door lock module is controlled to unlock the door lock.
2. The method according to claim 1, wherein in step S1, the intelligent door lock obtains the network certificate information of the person by any one of the following methods:
(1) Scanning the network certificate information in a two-dimensional code form shown by a person through a code scanning module;
(2) The method comprises the steps that a mobile terminal connected with personnel through Bluetooth acquires personnel network license information which is opened and downloaded on the mobile terminal;
(3) The method comprises the steps that the mobile terminal of a WiFi connection person obtains the network license information of the person;
(4) And the mobile terminal connected with the personnel through the mobile wireless network acquires the network license information of the personnel.
3. The method according to claim 1, wherein in step S2, the intelligent door lock obtains the face information of the person by any one of the following methods:
(1) Acquiring a face information image through a shooting module;
(2) The method comprises the steps of obtaining a face video through a shooting module, and then extracting a face information image from the video.
4. The method according to claim 1, wherein in step S2, the face information is acquired after live detection is performed before the face information is acquired, and the face information is acquired after the live detection is passed.
5. A CTID-based intelligent door lock real-name authentication method is characterized by comprising the following specific processes:
s1, a main control module of the intelligent door lock reads dynamically encrypted intelligent door lock information from a security module, wherein the intelligent door lock information comprises an intelligent door lock equipment number and security authentication information;
s2, the main control module of the intelligent door lock sends the intelligent door lock information to an interaction module of the intelligent door lock, and the interaction module displays the intelligent door lock information;
s3, obtaining intelligent door lock information by a person through a door lock information obtaining module on the mobile terminal;
s4, the door lock information acquisition module of the mobile terminal sends the acquired intelligent door lock information to the control module of the mobile terminal;
s5, the mobile terminal acquires face information of the person;
s6, the mobile terminal and the background door lock management system perform safety certification and verification; after the safety certification is passed, the mobile terminal encrypts opened and downloaded network authentication information, face information and intelligent door lock information and then sends the encrypted information to a background door lock management system; the background door lock management system receives the encrypted network certificate information, the face information and the intelligent door lock information sent by the mobile terminal and then decrypts the information; the background door lock management system inquires whether corresponding network card information and face information comparison record data exist in a cache region of the background door lock management system; if yes, the background door lock management system directly utilizes the comparison record data of the network certificate information and the face information in the cache region to carry out real-name authentication comparison of the network certificate information and the face information, and then step S9 is executed; if not, executing step S7;
s7, the background door lock management system realizes real-name authentication comparison of the network certificate information and the face information by calling the network certificate information and the face information real-name authentication interface of the CTID platform;
s8, the CTID platform returns a real-name authentication comparison result to the background door lock management system;
s9, if the comparison result shows that the real-name authentication fails, the background door lock management system returns a dynamically encrypted authentication failure unlocking refusal instruction to the mobile terminal; if the real-name authentication is successful, judging whether the personnel has the right of passage according to the preset service requirement, if so, dynamically encrypting the unlocking instruction and then sending the encrypted unlocking instruction to the mobile terminal, otherwise, returning the dynamically encrypted unauthorized unlocking instruction to the mobile terminal;
s10, the mobile terminal is connected with the intelligent door lock in a short-range communication mode;
s11, mutual safety authentication is carried out between the mobile terminal and the intelligent door lock;
s12, the mobile terminal sends a dynamic encryption instruction from the background door lock management system to the intelligent door lock; the main control module of the intelligent door lock calls the security module to decrypt and verify the validity of the instruction; and after the validity check is passed, if the command is an unlocking command, controlling the door lock module to open the door lock.
6. The method according to claim 5, wherein in step S3, the manner of acquiring the intelligent door lock information by the mobile terminal includes scanning the intelligent door lock two-dimensional code displayed by the interaction module, connecting the intelligent door lock with Bluetooth, connecting the intelligent door lock with WIFI, and manually inputting the intelligent door lock information to the mobile terminal by a person.
7. The method according to claim 5, wherein in step S5, when the mobile terminal obtains the face information, the living body detection is required to be performed on the face of the person; and acquiring face information through a camera of the mobile terminal after the living body detection is passed.
8. The method of claim 5, wherein in step S10, the short-range communication mode comprises Bluetooth, WIFI, infrared, sound wave, and short wave.
9. An intelligent door lock for implementing the method of claim 1 or claim 2, wherein the intelligent door lock comprises an interaction module, an operation area, a code scanning module, a door lock module, a shooting module, a communication module, a security module and a main control module;
the interaction module is used for displaying the two-dimensional code of the intelligent door lock, operation prompt, voice prompt operation and voice playing audio;
the operation area is used for activating the intelligent door lock and allowing managers and operation and maintenance personnel to operate and maintain after passing safety verification;
the code scanning module is used for scanning two-dimensional code information displayed by personnel;
the door lock module is used for managing and controlling the opening and closing of the door lock;
the shooting module is used for collecting photos and videos of personnel in front of the door lock;
the communication module is used for communicating with the background door lock management system and communicating with the mobile terminal;
the security module is used for security storage, digital identity authentication, security encryption and decryption, and generation and verification of a dynamic digital key;
the main control module controls other modules of the intelligent door lock and has programmable capability.
10. A background door lock management system for implementing the method of claim 1 or claim 2, wherein the background door lock management system has a security authentication function, a security communication function, a service management function, an access device management function, a history log function, a CTID docking function, and a comparison check cache function;
the safety authentication function is used for providing safety authentication capability for all intelligent door locks and mobile terminals which are accessed to the background door lock management system;
the safety communication function is used for providing a safety encrypted communication capability for network communication among the intelligent door lock, the mobile terminal and the background door lock management system;
the service management function provides docking capability for various service scenes using the intelligent door lock, and can manage the door opening authority and control logic of the door lock according to corresponding service requirements;
accessing a device management function, and managing all accessed intelligent door locks and mobile terminals;
the history log function is used for recording the history states of all the access devices and comparing the history logs with the testimony verification;
the CTID docking function is used for docking a CTID platform so as to provide real-name authentication comparison service of the network authentication information and the face information;
the comparison verification caching function is used for caching real-name authentication comparison data of the network authentication information and the face information, and can directly provide real-name authentication comparison service of the network authentication information and the face information.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110691446.3A CN113421362B (en) | 2021-06-22 | 2021-06-22 | CTID-based intelligent door lock real-name authentication method, device and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110691446.3A CN113421362B (en) | 2021-06-22 | 2021-06-22 | CTID-based intelligent door lock real-name authentication method, device and system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN113421362A CN113421362A (en) | 2021-09-21 |
| CN113421362B true CN113421362B (en) | 2023-03-14 |
Family
ID=77789742
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110691446.3A Active CN113421362B (en) | 2021-06-22 | 2021-06-22 | CTID-based intelligent door lock real-name authentication method, device and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113421362B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114360129A (en) * | 2022-01-17 | 2022-04-15 | 四川启睿克科技有限公司 | Access control management method, system and equipment, and storage medium |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2010140191A1 (en) * | 2009-06-02 | 2010-12-09 | 株式会社新興機材 | Information communication network |
| CN109636955A (en) * | 2018-10-26 | 2019-04-16 | 杭州云时智创科技有限公司 | The intelligent lock system and method for unlocking unlocked using CTID electronic ID card |
| CN110533806A (en) * | 2019-08-13 | 2019-12-03 | 中电智能技术南京有限公司 | A kind of method and system based on NB-Iot and CTID technology setting intelligent door lock |
| CN111768522A (en) * | 2020-06-10 | 2020-10-13 | 福建新大陆通信科技股份有限公司 | CTID-based intelligent door lock unlocking method and system |
| CN112907800A (en) * | 2021-01-20 | 2021-06-04 | 福建新大陆通信科技股份有限公司 | CTID intelligent access control unlocking method and system |
-
2021
- 2021-06-22 CN CN202110691446.3A patent/CN113421362B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2010140191A1 (en) * | 2009-06-02 | 2010-12-09 | 株式会社新興機材 | Information communication network |
| CN109636955A (en) * | 2018-10-26 | 2019-04-16 | 杭州云时智创科技有限公司 | The intelligent lock system and method for unlocking unlocked using CTID electronic ID card |
| CN110533806A (en) * | 2019-08-13 | 2019-12-03 | 中电智能技术南京有限公司 | A kind of method and system based on NB-Iot and CTID technology setting intelligent door lock |
| CN111768522A (en) * | 2020-06-10 | 2020-10-13 | 福建新大陆通信科技股份有限公司 | CTID-based intelligent door lock unlocking method and system |
| CN112907800A (en) * | 2021-01-20 | 2021-06-04 | 福建新大陆通信科技股份有限公司 | CTID intelligent access control unlocking method and system |
Non-Patent Citations (1)
| Title |
|---|
| 可信数字身份码在城市治理服务体系中的应用;林龙;《警察技术》;20200507(第3期);第26-29页 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN113421362A (en) | 2021-09-21 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109410406B (en) | Authorization method, device and system | |
| US10219154B1 (en) | Frictionless or near-frictionless 3 factor user authentication method and system by use of triad network | |
| US10965468B2 (en) | Authenticated external biometric reader and verification device | |
| KR101542517B1 (en) | Biometric key | |
| CN103544746A (en) | Electronic access control system of dynamic bar code | |
| EP3257194A1 (en) | Systems and methods for securely managing biometric data | |
| CN110334503A (en) | The method for unlocking another equipment using an equipment | |
| CN107172041A (en) | One kind exempts from registration gate inhibition and smart lock registration, unlocking method, device, system | |
| CN108712389B (en) | Intelligent lock system | |
| CN101958892A (en) | Electronic data protection method, device and system based on face recognition | |
| JPH1075489A (en) | Secrecy access system | |
| CN106789024B (en) | A kind of remote de-locking method, device and system | |
| CN108900296B (en) | Secret key storage method based on biological feature identification | |
| CN106936775A (en) | A kind of authentication method and system based on fingerprint recognition | |
| CN114495343B (en) | Entrance guard safety control management system and entrance guard safety control management method | |
| CN104639528A (en) | DBA (database administrator) mobile client counterattack method and DBA mobile client counterattack device | |
| CN113421362B (en) | CTID-based intelligent door lock real-name authentication method, device and system | |
| CN105787319B (en) | Portable terminal based on iris recognition and method thereof | |
| CN110738764A (en) | Security control system and method based on intelligent lock | |
| CN103152326A (en) | Distributed authentication method and authentication system | |
| CN106855924A (en) | Embedded intelligent chip equipment and background application system | |
| CN108206832B (en) | Access control system and management method | |
| CN106600767A (en) | Verification method and system based on identification card | |
| KR101837063B1 (en) | Apparatus for generating one time password, apparatus and method for electric closing and opening | |
| CN106815907A (en) | A kind of method and intelligent access control system based on picture password management intelligent entrance guard |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |