CN115051802A - Five-prevention lock management system and method - Google Patents
Five-prevention lock management system and method Download PDFInfo
- Publication number
- CN115051802A CN115051802A CN202210788924.7A CN202210788924A CN115051802A CN 115051802 A CN115051802 A CN 115051802A CN 202210788924 A CN202210788924 A CN 202210788924A CN 115051802 A CN115051802 A CN 115051802A
- Authority
- CN
- China
- Prior art keywords
- prevention
- key
- operated
- dynamic
- task
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title abstract description 13
- 238000012795 verification Methods 0.000 claims description 54
- 238000007726 management method Methods 0.000 claims description 29
- 238000003062 neural network model Methods 0.000 claims description 9
- 238000004891 communication Methods 0.000 claims description 8
- 239000011159 matrix material Substances 0.000 description 3
- 239000013598 vector Substances 0.000 description 3
- 125000004122 cyclic group Chemical group 0.000 description 2
- 230000003993 interaction Effects 0.000 description 2
- 230000008569 process Effects 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000009795 derivation Methods 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 230000005611 electricity Effects 0.000 description 1
- 238000013507 mapping Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
- 230000004044 response Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/088—Usage controlling of secret information, e.g. techniques for restricting cryptographic keys to pre-authorized uses, different access levels, validity of crypto-period, different key- or password length, or different strong and weak cryptographic algorithms
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Lock And Its Accessories (AREA)
- Mobile Radio Communication Systems (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a five-prevention lock management system and a method, wherein equipment-based encryption is carried out through a key server, and a password is generated only at each task, so that the leakage of a digital password in the server is effectively avoided, key mobile terminals are verified, and each key mobile terminal corresponds to a worker one by one, so that the opening record of the five-prevention lock is associated with the worker, and the tracing of an event is facilitated.
Description
Technical Field
The invention relates to the field of five-prevention lock management, in particular to a five-prevention lock management system and a five-prevention lock management method.
Background
The five-prevention of the electrical equipment mainly refers to: 1. the method comprises the steps of preventing a switch from being pulled and closed by mistake, 2 preventing an isolating switch from being pulled and closed by load, 3 preventing the switch from entering an electrified interval by mistake, 4 preventing an electrified earth wire from being hung, and 5 preventing the switch from being closed by the electrified earth wire (grounding knife switch). Therefore, the five-prevention lock is added to the electrical equipment, and the occurrence of five-prevention accidents is prevented.
In the prior art, the digital key with five-prevention lock is often stored on a server, when a worker uses the digital key, the worker logs in an account through a mobile terminal, directly pulls the digital key on the server, and then remotely opens the five-prevention lock. However, in the prior art, because the key is not dynamic and can directly acquire the digital key on the server, the digital key may be leaked and attacked and stolen by workers, so that illegal people open the five-prevention lock to steal the equipment. Meanwhile, as the digital key is known by the staff, the staff may directly request the five-prevention host to open the five-prevention lock without going through the server, so that the time record cannot be formed, and accidents (for example, forgetting to close a cabinet door) cannot be traced.
Disclosure of Invention
The invention aims to solve the technical problems that a digital key of a five-prevention lock in the prior art is easy to intercept and cannot be traced, and aims to provide a five-prevention lock management system and a five-prevention lock management method to solve the problems in the prior art.
The invention is realized by the following technical scheme:
in a first aspect, the invention provides a five-prevention lock management system, which comprises a key server, a plurality of key mobile terminals, an electroscope, a five-prevention host, a five-prevention lock and a device to be operated;
every key mobile terminal and staff one-to-one, key server respectively with five prevent host computer and a plurality of key mobile terminal communication connection, key terminal still with electroscope communication connection, electroscope with treat operating device electric connection, five prevent host computer and five prevent locking electric connection, five prevent that the lock is established on treating operating device, be provided with the camera on the key mobile terminal.
In a second aspect, the present invention provides a five-prevention lock management method based on a five-prevention lock management system, including:
generating a task to be operated through a five-prevention host, and transmitting the task to be operated to the key server and the corresponding key mobile terminal respectively;
acquiring the voltage of the equipment to be operated through an electroscope to obtain the acquired voltage of the equipment to be operated, and waiting for the key mobile terminal to acquire the acquired voltage;
receiving a task to be operated through a key server, generating a first dynamic five-prevention key based on the attribute of a five-prevention host and a second dynamic five-prevention key based on the attribute of a key mobile terminal according to the task to be operated, transmitting the first dynamic five-prevention key to the five-prevention host, and transmitting the second dynamic five-prevention key to the key mobile terminal, wherein the task to be operated comprises the attribute of the five-prevention host and the attribute of the key mobile terminal corresponding to the task to be operated;
acquiring a task to be operated, a collected voltage and a real-time portrait on an electroscope through a key mobile terminal, verifying a worker according to the collected voltage and the real-time portrait, receiving a second dynamic five-prevention key if the verification is passed, decrypting the second dynamic five-prevention key to obtain a first decryption key, and transmitting the first decryption key to a five-prevention host;
and the five-prevention host receives the first dynamic five-prevention key and the first decryption key, decrypts the first dynamic five-prevention key to obtain a second decryption key, and verifies whether the first decryption key and the second decryption key exist, if yes, the five-prevention lock corresponding to the equipment to be operated is unlocked, the record of unlocking the five-prevention lock by the staff is stored, and if not, the five-prevention lock corresponding to the equipment to be operated is refused to be unlocked.
Further, the task to be operated comprises a unique task code, staff information, a key mobile terminal attribute corresponding to the staff, a five-prevention host attribute and a five-prevention lock corresponding to the equipment to be operated.
Further, according to the task to be operated, a first dynamic five-prevention key based on the attribute of the five-prevention host and a second dynamic five-prevention key based on the attribute of the key mobile terminal are generated, and the method comprises the following steps:
generating a first dynamic five-prevention key and a second dynamic five-prevention key according to a unique task code in a task to be operated, wherein the first dynamic five-prevention key is the same as the second dynamic five-prevention key;
generating a first dynamic five-prevention key based on the five-prevention host attribute according to the five-prevention host attribute in the task to be operated;
and generating a second dynamic five-prevention key based on the attribute of the key mobile terminal according to the attribute of the key mobile terminal in the task to be operated.
Further, according to the unique task code in the task to be operated, a first dynamic five-prevention key and a second dynamic five-prevention key are generated, and the method comprises the following steps:
randomly taking out a two-digit number q and a number p from a unique task code in a task to be operated, wherein the number of the digits in the unique task code is greater than or equal to K;
multiplying the number q with the number p to obtain a number N;
obtaining the minimum common multiple of the number q-1 and the number p-1 to obtain a number L, wherein L is lcm (p-1, q-1), and lcm represents the minimum common multiple;
according to the number L, the number E is obtained as:
1<E<L
gcd(E,L)=1
wherein, gcd is to obtain the greatest common divisor;
according to the number E and the number L, obtaining a number D as:
1<D<L
E*D mod L=1
wherein mod represents the remainder symbol;
the first dynamic five-prevention key and the second dynamic five-prevention key are formed by randomly combining a number q, a number p, a number N, a number E and a number D.
Further, according to the five-prevention host attribute in the task to be operated, a first dynamic five-prevention key based on the five-prevention host attribute is generated, and the method comprises the following steps:
and generating a first dynamic five-prevention key based on the five-prevention host attribute by adopting an attribute-based encryption algorithm according to the five-prevention host attribute in the task to be operated.
Further, according to the attribute of the key mobile terminal in the task to be operated, a second dynamic five-prevention key based on the attribute of the key mobile terminal is generated, and the method comprises the following steps:
and generating a second dynamic five-prevention key based on the attribute of the key mobile terminal by adopting an attribute-based encryption algorithm according to the attribute of the key mobile terminal in the task to be operated.
Further, verifying the staff according to the collected voltage and the real-time human image, comprising:
carrying out primary verification on the acquired voltage to obtain a primary verification result, wherein the primary verification result is qualified or unqualified;
performing secondary verification on the real-time portrait according to the information of workers in the task to be operated to obtain a secondary verification result, wherein the secondary verification result is qualified or unqualified;
and if the primary verification result and the secondary verification result are qualified, the verification of the staff is passed, otherwise, the verification of the staff is not passed.
Further, once verifying the collected voltage to obtain a verification result, including:
and judging whether the acquired voltage is less than or equal to a set voltage threshold, if so, determining that the primary verification result is qualified, and otherwise, determining that the primary verification result is unqualified.
Further, according to the staff information in the task to be operated, the real-time portrait is subjected to secondary verification, and the method comprises the following steps:
identifying the real-time portrait by adopting a neural network model to obtain an identification result, wherein the identification result comprises information corresponding to the real-time portrait, and the neural network model is a pre-trained face identification model;
and judging whether the information corresponding to the real-time portrait is the same as the information of the staff, if so, determining that the secondary verification result is qualified, and otherwise, determining that the secondary verification result is unqualified.
Compared with the prior art, the invention has the following advantages and beneficial effects:
the invention provides a five-prevention lock management system and a five-prevention lock management method, wherein encryption based on equipment is carried out through a key server, and a password is generated only at each task, so that the leakage of a digital password in the server is effectively avoided, and key mobile terminals are verified, and each key mobile terminal corresponds to a worker one by one, so that the opening record of the five-prevention lock is associated with the worker, and the tracing of events is facilitated.
Drawings
In order to more clearly illustrate the technical solutions of the exemplary embodiments of the present invention, the drawings that are required to be used in the embodiments will be briefly described below, it should be understood that the following drawings only illustrate some embodiments of the present invention and therefore should not be considered as limiting the scope, and that for those skilled in the art, other related drawings can be obtained from these drawings without inventive effort. On the attachment
In the figure:
fig. 1 is a schematic structural diagram of a five-prevention lock management system according to an embodiment of the present invention;
fig. 2 is a flowchart of a five-prevention lock management method according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is further described in detail below with reference to examples and accompanying drawings, and the exemplary embodiments and descriptions thereof are only used for explaining the present invention and are not meant to limit the present invention.
Example 1
As shown in fig. 1, an embodiment of the present invention provides a five-prevention lock management system, which includes a key server, a plurality of key mobile terminals, an electroscope, a five-prevention host, a five-prevention lock, and a device to be operated.
Every key mobile terminal and staff one-to-one, key server respectively with five prevent host computer and a plurality of key mobile terminal communication connection, key terminal still with electroscope communication connection, electroscope and treat operating device electric connection, five prevent host computer and five prevent locking electric connection, five prevent that the lock sets up on treating operating device, is provided with the camera on the key mobile terminal.
The key mobile terminal can be mobile equipment such as a mobile phone, a tablet or a notebook computer, and can realize face recognition while having data processing and data communication energy supply. The five-prevention lock in the embodiment mainly refers to a five-prevention lock which can be opened through a remote instruction.
This embodiment can make the staff acquire the voltage of treating the operating equipment before the operation through setting up the electroscope, and this electroscope can set up to hand-held type or fixed, and when setting up to fixed, it should be fixed in on treating the operating equipment, and its execution end sets up on treating the electrical pressure plate of operating equipment to the realization treats the electroscope of operating equipment. It should be noted that the electroscope should have a communication function to transmit the collected voltage generated by the electroscope to the key mobile terminal.
The embodiment sets up solitary key server and carries out the generation of key and the encryption based on equipment, has guaranteed the safety of five prevent lock keys promptly, can authenticate key mobile terminal again, has guaranteed that the staff is relevant with treating the operation task, avoids other staff illegally to obtain five prevent lock keys. The key mobile terminal is further provided with a camera, images can be collected in real time, face recognition is achieved, the fact that the key mobile terminal is used by a worker is guaranteed, and relevance between the worker and a task to be operated is further strengthened.
Example 2
As shown in fig. 2, an embodiment of the present invention provides a five-prevention lock management method based on a five-prevention lock management system, including:
and generating a task to be operated through the five-prevention host, and respectively transmitting the task to be operated to the key server and the corresponding key mobile terminal.
The voltage of the equipment to be operated is collected through the electroscope, the collected voltage of the equipment to be operated is obtained, and the key mobile terminal is waited to obtain the collected voltage.
The method comprises the steps that a task to be operated is received through a key server, a first dynamic five-prevention key based on the five-prevention host attribute and a second dynamic five-prevention key based on the key mobile terminal attribute are generated according to the task to be operated, the first dynamic five-prevention key is transmitted to a five-prevention host, the second dynamic five-prevention key is transmitted to a key mobile terminal, and the task to be operated comprises the five-prevention host attribute and the key mobile terminal attribute corresponding to the task to be operated.
The key mobile terminal is used for acquiring acquisition voltage and real-time portrait on a task to be operated and an electroscope, verifying workers according to the acquisition voltage and the real-time portrait, receiving a second dynamic five-prevention key if the verification is passed, decrypting the second dynamic five-prevention key to obtain a first decryption key, and transmitting the first decryption key to a five-prevention host.
And the five-prevention host machine receives the first dynamic five-prevention key and the first decryption key, decrypts the first dynamic five-prevention key to obtain a second decryption key, and verifies whether the first decryption key and the second decryption key exist, if yes, the five-prevention lock corresponding to the equipment to be operated is unlocked, the record of unlocking the five-prevention lock by a worker is stored, and if not, the five-prevention lock corresponding to the equipment to be operated is refused to be unlocked.
The embodiment can be operated next only after the electricity is tested, so that the personal safety of workers is ensured. And then, the face authentication is carried out through the key mobile terminal, so that the task to be operated is ensured to be executed by the worker himself, and the association between the task and the worker is realized. And then, equipment authentication is realized through a second dynamic five-prevention key based on the attribute of the key mobile terminal, the key mobile terminal corresponds to workers one by one, even if face authentication is not carried out, tasks can be associated with the workers, and meanwhile, the loss of digital keys on a key server is avoided.
It should be noted that the five-prevention host can also receive a loss report request of the key mobile terminal generated by human-computer interaction, after the loss report, the five-prevention host sends the lost information of the key mobile terminal to the key server, and the five-prevention host can not accept the unlocking request of the key mobile terminal any more. The key mobile terminal does not generate a dynamic five-prevention key based on the attribute of the key mobile terminal any more, eliminates the existing dynamic five-prevention key, and avoids the five-prevention lock from being opened by illegal personnel.
In one possible implementation manner, the task to be operated includes a unique task code, worker information, a key mobile terminal attribute corresponding to a worker, a five-prevention host attribute, and a five-prevention lock corresponding to the device to be operated.
Optionally, the unique task code may be generated according to a preset rule, or may be generated in response to human-computer interaction.
In one possible implementation, generating a first dynamic five-prevention key based on the five-prevention host attribute and a second dynamic five-prevention key based on the key mobile terminal attribute according to a task to be operated includes:
and generating a first dynamic five-prevention key and a second dynamic five-prevention key according to the unique task code in the task to be operated, wherein the first dynamic five-prevention key is the same as the second dynamic five-prevention key.
And generating a first dynamic five-prevention key based on the five-prevention host attribute according to the five-prevention host attribute in the task to be operated.
And generating a second dynamic five-prevention key based on the attribute of the key mobile terminal according to the attribute of the key mobile terminal in the task to be operated.
In one possible embodiment, generating a first dynamic five-prevention key and a second dynamic five-prevention key according to a unique task code in a task to be operated includes:
randomly taking out two digits q and p from a unique task code in a task to be operated, wherein the number of digits in the unique task code is greater than or equal to K, K can be 2, 3, 4, 5, 6, 7 or other larger digits, and at least two different digits exist in the unique task code. The number q and the number p may be different (e.g., the number q and the number p are relatively prime).
The number q is multiplied by the number p to obtain the number N.
The least common multiple of the number q-1 and the number p-1 is obtained, and the number L is obtained, wherein L is lcm (p-1, q-1), and lcm represents the least common multiple.
According to the number L, the obtained number E is:
1<E<L
gcd(E,L)=1
here, gcd represents the greatest common divisor.
According to the number E and the number L, obtaining a number D as:
1<D<L
E*D mod L=1
where mod represents the remainder symbol.
The first dynamic five-prevention key and the second dynamic five-prevention key are formed by randomly combining a number q, a number p, a number N, a number E and a number D.
The random first dynamic five-prevention key and the random second dynamic five-prevention key are generated through the steps, and the lengths of the first dynamic five-prevention key and the second dynamic five-prevention key generated each time can be different, so that the randomness is increased.
In one possible implementation, generating a first dynamic five-prevention key based on the five-prevention host attribute according to the five-prevention host attribute in the task to be operated includes:
and generating a first dynamic five-prevention key based on the five-prevention host attribute by adopting an attribute-based encryption algorithm according to the five-prevention host attribute in the task to be operated.
In one possible implementation, generating a second dynamic five-prevention key based on the key mobile terminal attribute according to the key mobile terminal attribute in the task to be operated includes:
and generating a second dynamic five-prevention key based on the attribute of the key mobile terminal by adopting an attribute-based encryption algorithm according to the attribute of the key mobile terminal in the task to be operated.
In this embodiment, a method for attribute-based encryption is provided:
generating a cyclic group G of order q 1 Circulation group G 1 Is G, bilinear mapping (e: G) 1 ×G 1 →G 2 ). Randomly selecting parameter values sigma and delta, cyclic group G 1 Wherein the element is gamma 1 ,γ 2 ,...,γ u If the public key PK is { g, g ═ g σ ,e(g,g) δ ,γ 1 ,γ 2 ,...,γ u Get the secret key MSK ═ g δ 。
Encryption (PK, m, Γ): Γ is (M, ρ), Γ is related by key mobile terminal attributes (or five-prevention host attributes) through a logical relation symbol, M represents a matrix of l × n, and any behavior M in the matrix M is i I denotes the row number of the matrix M, ρ denotes the monogram function, ρ:{1, ·, l } - > {1, ·, u }. Selecting a random vector v ═ s, t 2 ,t 3 ,...,t n ) S denotes a secret shared key, t 2 ,t 3 ,...,t n Are all random values, λ i =V(M i ),λ i Representing secret shared key shares, adding information D to the ciphertext i,h And providing function conditions for the decryption process. The ciphertext is obtained as:
where h ∈ Γ/ρ (i) denotes removing the ρ (i) attribute from the associated attributes of the access structure Γ.
Obtain user attribute private key (MSK, B): inputting a private key MSK and a key mobile terminal attribute set B, selecting a random parameter t, and obtaining an attribute private key as follows:
SK={k=g δ g -σt ,L=g t }
It should be noted that the attribute in the access structure Γ is an attribute in the task to be operated (i.e., a key mobile terminal standard attribute stored by the five-prevention host), and the key mobile terminal attribute set B is an attribute sent when the key mobile terminal requests encryption.
After the key mobile terminal receives the ciphertext CT, the private key SK and the access structure gamma, if the key mobile terminal attribute set B of the key mobile terminal does not meet the access structure gamma, decryption cannot be performed, otherwise, decryption is performed.
The decryption process may be:
the set P ═ i ≦ B and 1 ≦ i ≦ l is defined, and P ∈ {1, 2.
Setting the target vector as V ═ (1, 0., 0), according to the linear secret sharing scheme, if the key mobile terminal attribute set B satisfies the access structure Γ, and a set of vectors W ═ (W ═ can be found 1 ,w 2 ,...,w n ) Make itIs established, thenn represents the number of user attributes.
Define the set of intersections o ═ x, { i ∈ P, x ∈ ρ (i), and x ∈ B ≠ Γ }.
Self-defining function:wherein γ (x) represents G 1 Attribute value gamma corresponding to middle element x And β (o) represents the multiplication of elements in the attribute set.
Wherein, C i ' denotes a share of a shared key λ i Distribution over attribute set o, shared key share λ in ciphertext i The value of i of (a) is assigned by ρ (i) in x ∈ o/ρ (i).
Wherein, K o ' represents a concatenated product for decrypting a user private key share K x The multiplication is performed and the β (o) function is substituted into it for derivation.
In summary, the ciphertext CT may be decrypted to obtain the plaintext m, which specifically includes:
in one possible embodiment, the verification of the staff member according to the collected voltage and the real-time human image comprises the following steps:
carrying out primary verification on the acquired voltage to obtain a primary verification result, wherein the primary verification result is qualified or unqualified;
performing secondary verification on the real-time portrait according to the information of the workers in the task to be operated to obtain a secondary verification result, wherein the secondary verification result is qualified or unqualified;
and if the primary verification result and the secondary verification result are qualified, the verification of the staff is passed, otherwise, the verification of the staff is not passed.
In a possible implementation, performing a verification on the collected voltage to obtain a verification result includes:
and judging whether the acquired voltage is less than or equal to a set voltage threshold, if so, determining that the primary verification result is qualified, and otherwise, determining that the primary verification result is unqualified.
Alternatively, the voltage threshold may be set to 0.
In one possible implementation mode, the secondary verification of the real-time portrait according to the staff information in the task to be operated comprises the following steps:
identifying the real-time portrait by adopting a neural network model to obtain an identification result, wherein the identification result comprises information corresponding to the real-time portrait, and the neural network model is a pre-trained face identification model;
and judging whether the information corresponding to the real-time portrait is the same as the information of the staff, if so, determining that the secondary verification result is qualified, and otherwise, determining that the secondary verification result is unqualified.
The key mobile terminal can be provided with a pre-trained neural network model, the neural network model is trained through face images of all workers, and the trained neural network model can identify real-time faces to obtain an identification result. And each recognition result corresponds to the information of a worker, and after the face recognition result is obtained, the information of the worker is obtained.
The invention provides a five-prevention lock management system and a five-prevention lock management method, wherein encryption based on equipment is carried out through a key server, and a password is generated only at each task, so that the leakage of a digital password in the server is effectively avoided, and key mobile terminals are verified, and each key mobile terminal corresponds to a worker one by one, so that the opening record of the five-prevention lock is associated with the worker, and the tracing of events is facilitated.
The above embodiments are provided to further explain the objects, technical solutions and advantages of the present invention in detail, it should be understood that the above embodiments are merely exemplary embodiments of the present invention and are not intended to limit the scope of the present invention, and any modifications, equivalents, improvements and the like made within the spirit and principle of the present invention should be included in the scope of the present invention.
Claims (10)
1. A five-prevention lock management system is characterized by comprising a key server, a plurality of key mobile terminals, an electroscope, a five-prevention host, a five-prevention lock and a device to be operated;
every key mobile terminal and staff one-to-one, key server respectively with five prevent host computer and a plurality of key mobile terminal communication connection, key terminal still with electroscope communication connection, electroscope with treat operating device electric connection, five prevent host computer and five prevent locking electric connection, five prevent that the lock is established on treating operating device, be provided with the camera on the key mobile terminal.
2. A five-prevention lock management method based on the five-prevention lock management system of claim 1, comprising:
generating a task to be operated through a five-prevention host, and respectively transmitting the task to be operated to the key server and the corresponding key mobile terminal;
acquiring the voltage of the equipment to be operated through an electroscope to obtain the acquired voltage of the equipment to be operated, and waiting for the key mobile terminal to acquire the acquired voltage;
receiving a task to be operated through a key server, generating a first dynamic five-prevention key based on the attribute of a five-prevention host and a second dynamic five-prevention key based on the attribute of a key mobile terminal according to the task to be operated, transmitting the first dynamic five-prevention key to the five-prevention host, and transmitting the second dynamic five-prevention key to the key mobile terminal, wherein the task to be operated comprises the attribute of the five-prevention host and the attribute of the key mobile terminal corresponding to the task to be operated;
acquiring a task to be operated, a collected voltage and a real-time portrait on an electroscope through a key mobile terminal, verifying a worker according to the collected voltage and the real-time portrait, receiving a second dynamic five-prevention key if the verification is passed, decrypting the second dynamic five-prevention key to obtain a first decryption key, and transmitting the first decryption key to a five-prevention host;
and the five-prevention host machine receives the first dynamic five-prevention key and the first decryption key, decrypts the first dynamic five-prevention key to obtain a second decryption key, and verifies whether the first decryption key and the second decryption key exist, if yes, the five-prevention lock corresponding to the equipment to be operated is unlocked, the record of unlocking the five-prevention lock by a worker is stored, and if not, the five-prevention lock corresponding to the equipment to be operated is refused to be unlocked.
3. The five-prevention lock management method according to claim 2, wherein the task to be operated includes a unique task code, worker information, a key mobile terminal attribute corresponding to a worker, a five-prevention host attribute, and a five-prevention lock corresponding to the device to be operated.
4. The five-prevention lock management method according to claim 3, wherein generating a first dynamic five-prevention key based on the attribute of the five-prevention host and a second dynamic five-prevention key based on the attribute of the key mobile terminal according to the task to be operated comprises:
generating a first dynamic five-prevention key and a second dynamic five-prevention key according to a unique task code in a task to be operated, wherein the first dynamic five-prevention key is the same as the second dynamic five-prevention key;
generating a first dynamic five-prevention key based on the five-prevention host attribute according to the five-prevention host attribute in the task to be operated;
and generating a second dynamic five-prevention key based on the attribute of the key mobile terminal according to the attribute of the key mobile terminal in the task to be operated.
5. The five-prevention lock management method according to claim 4, wherein generating a first dynamic five-prevention key and a second dynamic five-prevention key according to a unique task code in a task to be operated comprises:
randomly taking out a two-digit number q and a number p from a unique task code in a task to be operated, wherein the number of the digits in the unique task code is greater than or equal to K;
multiplying the number q with the number p to obtain a number N;
obtaining the minimum common multiple of the number q-1 and the number p-1 to obtain a number L, wherein L is lcm (p-1, q-1), and lcm represents the minimum common multiple;
according to the number L, the number E is obtained as:
1<E<L
gcd(E,L)=1
wherein, gcd is to obtain the greatest common divisor;
according to the number E and the number L, obtaining a number D as:
1<D<L
E*D mod L=1
wherein mod represents the remainder symbol;
the first dynamic five-prevention key and the second dynamic five-prevention key are formed by randomly combining a number q, a number p, a number N, a number E and a number D.
6. The five-prevention lock management method according to claim 4, wherein generating a first dynamic five-prevention key based on the five-prevention host attribute according to the five-prevention host attribute in the task to be operated comprises:
and generating a first dynamic five-prevention key based on the five-prevention host attribute by adopting an attribute-based encryption algorithm according to the five-prevention host attribute in the task to be operated.
7. The five-prevention lock management method according to claim 6, wherein generating a second dynamic five-prevention key based on the key mobile terminal attribute according to the key mobile terminal attribute in the task to be operated comprises:
and generating a second dynamic five-prevention key based on the attribute of the key mobile terminal by adopting an attribute-based encryption algorithm according to the attribute of the key mobile terminal in the task to be operated.
8. The five-prevention lock management method according to claim 6, wherein the verification of the staff according to the collected voltage and the real-time human image comprises the following steps:
carrying out primary verification on the acquired voltage to obtain a primary verification result, wherein the primary verification result is qualified or unqualified;
performing secondary verification on the real-time portrait according to the information of workers in the task to be operated to obtain a secondary verification result, wherein the secondary verification result is qualified or unqualified;
and if the primary verification result and the secondary verification result are qualified, the verification of the staff is passed, otherwise, the verification of the staff is not passed.
9. The five-prevention lock management method according to claim 8, wherein the verifying the collected voltage once to obtain a verification result comprises:
and judging whether the acquired voltage is less than or equal to a set voltage threshold, if so, determining that the primary verification result is qualified, and otherwise, determining that the primary verification result is unqualified.
10. The five-prevention lock management method according to claim 8, wherein the secondary verification of the real-time portrait according to the staff information in the task to be operated comprises:
identifying the real-time portrait by adopting a neural network model to obtain an identification result, wherein the identification result comprises information corresponding to the real-time portrait, and the neural network model is a pre-trained face identification model;
and judging whether the information corresponding to the real-time portrait is the same as the information of the staff, if so, determining that the secondary verification result is qualified, and otherwise, determining that the secondary verification result is unqualified.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202210788924.7A CN115051802B (en) | 2022-07-06 | 2022-07-06 | Five-prevention lock management system and method |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202210788924.7A CN115051802B (en) | 2022-07-06 | 2022-07-06 | Five-prevention lock management system and method |
Publications (2)
Publication Number | Publication Date |
---|---|
CN115051802A true CN115051802A (en) | 2022-09-13 |
CN115051802B CN115051802B (en) | 2024-07-02 |
Family
ID=83164937
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202210788924.7A Active CN115051802B (en) | 2022-07-06 | 2022-07-06 | Five-prevention lock management system and method |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN115051802B (en) |
Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1132429A (en) * | 1994-07-29 | 1996-10-02 | 佳能株式会社 | Method for sharing secret information, generating digital signature, and performing certification in communication system that has plurality of information processing apparatus and communication...... |
CN105323061A (en) * | 2015-12-02 | 2016-02-10 | 河海大学 | Outsourced key generation and decryption property-based system capable of realizing keyword search and decryption method |
CN105915344A (en) * | 2016-04-15 | 2016-08-31 | 重庆金瓯科技发展有限责任公司 | Electronic key sharing service system for house renting |
CN109461236A (en) * | 2018-10-26 | 2019-03-12 | 海南电网有限责任公司三亚供电局 | A kind of intelligent lock security control method and system |
CN110148233A (en) * | 2019-04-19 | 2019-08-20 | 国网上海市电力公司 | It is a kind of for unlocking the system and method for substation's error-proof device |
US20200127821A1 (en) * | 2018-10-18 | 2020-04-23 | Secret Double Octopus Ltd | System and method for validating an entity |
CN112351063A (en) * | 2020-09-15 | 2021-02-09 | 国网浙江省电力有限公司湖州供电公司 | Power equipment operation monitoring system and method based on operation ticket |
WO2022036866A1 (en) * | 2020-08-21 | 2022-02-24 | 广东电网有限责任公司清远供电局 | Error-prevention and early-warning system for transformer substation operation |
-
2022
- 2022-07-06 CN CN202210788924.7A patent/CN115051802B/en active Active
Patent Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1132429A (en) * | 1994-07-29 | 1996-10-02 | 佳能株式会社 | Method for sharing secret information, generating digital signature, and performing certification in communication system that has plurality of information processing apparatus and communication...... |
CN105323061A (en) * | 2015-12-02 | 2016-02-10 | 河海大学 | Outsourced key generation and decryption property-based system capable of realizing keyword search and decryption method |
CN105915344A (en) * | 2016-04-15 | 2016-08-31 | 重庆金瓯科技发展有限责任公司 | Electronic key sharing service system for house renting |
US20200127821A1 (en) * | 2018-10-18 | 2020-04-23 | Secret Double Octopus Ltd | System and method for validating an entity |
CN109461236A (en) * | 2018-10-26 | 2019-03-12 | 海南电网有限责任公司三亚供电局 | A kind of intelligent lock security control method and system |
CN110148233A (en) * | 2019-04-19 | 2019-08-20 | 国网上海市电力公司 | It is a kind of for unlocking the system and method for substation's error-proof device |
WO2022036866A1 (en) * | 2020-08-21 | 2022-02-24 | 广东电网有限责任公司清远供电局 | Error-prevention and early-warning system for transformer substation operation |
CN112351063A (en) * | 2020-09-15 | 2021-02-09 | 国网浙江省电力有限公司湖州供电公司 | Power equipment operation monitoring system and method based on operation ticket |
Non-Patent Citations (1)
Title |
---|
杨成钢等: "可视化操作过程监控防误系统技术方案研究", 《电工技术》, 25 February 2018 (2018-02-25), pages 42 - 43 * |
Also Published As
Publication number | Publication date |
---|---|
CN115051802B (en) | 2024-07-02 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US6985583B1 (en) | System and method for authentication seed distribution | |
CN1939028B (en) | Accessing protected data on network storage from multiple devices | |
JP2883243B2 (en) | Remote party authentication / encryption key distribution method | |
CN111385306B (en) | Anonymous authentication method and system based on anti-tampering device in smart power grid | |
CN105610837B (en) | For identity authentication method and system between SCADA system main website and slave station | |
CN110519046A (en) | Quantum communications service station cryptographic key negotiation method and system based on disposable asymmetric key pair and QKD | |
JPH07325785A (en) | Network user identifying method, ciphering communication method, application client and server | |
CN109684129B (en) | Data backup recovery method, storage medium, encryption machine, client and server | |
CN113297619A (en) | Mysql sensitive data protection system based on extensible precision double-chaos hash and RSA | |
CN111404952B (en) | Transformer substation data encryption transmission method and device, computer equipment and storage medium | |
CN111739200B (en) | Fingerprint electronic lock and encryption and decryption authentication method thereof | |
CN1953366B (en) | Password management method and system for intelligent secret key device | |
CN112260820A (en) | Mobile payment password keyboard based on key splitting protection in Android system and implementation method thereof | |
CN111404693A (en) | Reverse password firewall method suitable for digital signature | |
CN107342862B (en) | Method and system for realizing key generation and protection by cloud plus-end triple-authority separation | |
CN114866317B (en) | Multi-party data security calculation method and device, electronic equipment and storage medium | |
CN115776413A (en) | Data transmission method and system based on iris encryption | |
CN115051802A (en) | Five-prevention lock management system and method | |
CN112507355B (en) | Personal health data storage system based on block chain | |
CN103780600A (en) | RSA public key cryptography based off-line electric power transaction information system authorization method | |
CN109120589B (en) | Terminal information protection method and device based on encryption password | |
Alli et al. | Three Tier Framework Iris Authentication for Secure Image Storage and Communication | |
KR102341801B1 (en) | Quantum security communication device integrated visual observation system and method | |
CN110176997A (en) | Based on unsymmetrical key pond to and digital signature quantum communications service station AKA cryptographic key negotiation method and system, computer equipment | |
Yoon et al. | An efficient password authentication schemes without using the server public key for grid computing |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant |