CN116071860A - Access control data management method and system - Google Patents
Access control data management method and system Download PDFInfo
- Publication number
- CN116071860A CN116071860A CN202310208863.7A CN202310208863A CN116071860A CN 116071860 A CN116071860 A CN 116071860A CN 202310208863 A CN202310208863 A CN 202310208863A CN 116071860 A CN116071860 A CN 116071860A
- Authority
- CN
- China
- Prior art keywords
- access control
- data
- control information
- real
- time
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07C—TIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
- G07C9/00—Individual registration on entry or exit
- G07C9/20—Individual registration on entry or exit involving the use of a pass
- G07C9/27—Individual registration on entry or exit involving the use of a pass with central registration
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07C—TIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
- G07C9/00—Individual registration on entry or exit
- G07C9/20—Individual registration on entry or exit involving the use of a pass
- G07C9/22—Individual registration on entry or exit involving the use of a pass in combination with an identity check of the pass holder
- G07C9/25—Individual registration on entry or exit involving the use of a pass in combination with an identity check of the pass holder using biometric data, e.g. fingerprints, iris scans or voice recognition
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
Abstract
The invention relates to the field of public interval security, in particular to an access control management method, and specifically relates to an access control data management method and system; by the data management method and the data management system, the access control system is identified after acquiring the data, an identification result with higher identification degree is obtained, the access control data is managed based on the identification result, a communication channel is established between a user and the access control, key data in the process can be displayed and stored at the user side, and secret processing of the data is realized through an encryption method, so that privacy secret related to the user can be protected more.
Description
Technical Field
The invention relates to the field of public area security, in particular to an access control management method, and specifically relates to an access control data management method and system.
Background
With the development and application of new technologies such as the Internet of things, cloud computing, big data and the mobile internet, the access control system is applied in a large scale in the intelligent building field of security protection, integrates the microcomputer automatic identification technology and modern security management measures, and relates to a plurality of new technologies such as electronics, machinery, optics, computers, communication, biotechnology and the like. The entrance guard system is an effective measure for realizing safety precaution management at the entrance and the exit of important departments, and is suitable for various confidential departments, such as intelligent communities, banks, hotels, parking lot management, machine rooms, ordnance libraries, confidential rooms, offices, factories and the like.
Since security events related to the access control system are frequent in recent years, the security of the access control system is more and more popular attention, and how to ensure the security and reliability of the access control system is always a difficult problem. The security of the access control system is ensured to be mainly based on that the data in the access control system is not effectively managed, and the access control system is worry about identification efficiency and data management capability due to an unscientific data management mode and a traditional identification mode along with the increase of the service time. Moreover, because the storage space of the access control system is small, if a large amount of useless data is occupied for a long time and the update degree of the data is low, the use efficiency of the access control system is reduced, and the capability of identifying the user is reduced.
Disclosure of Invention
The embodiment of the application provides an access control system management method, which aims to solve the problem that a storage space cannot support a processing process due to low data processing efficiency caused by increased use time by a reasonable data management mode and an object identification method with high identification degree.
In order to achieve the above purpose, the technical solution adopted in the embodiment of the present application is as follows:
In a first aspect, a method for managing access data is applied to a server, where the server is connected with a user terminal, and the method includes: collecting user information and acquiring the real-time access control information; comparing the real-time access control information with the configured access control data to obtain a comparison result; encrypting the real-time access control information based on the comparison result, and sending the encrypted real-time access control information to the access control information storage module and the user side; the access control information storage module comprises a plurality of access control information storage sub-modules, and the access control information storage sub-modules are correspondingly configured with the user side; encrypting the real-time access control information based on the comparison result, and sending the encrypted real-time access control information into an access control information storage module and the user side, wherein the method specifically comprises the following steps of: determining whether the user is a corresponding user; and when the determined result is the corresponding user, encrypting the real-time access control information, and sending the encrypted real-time access control information to the access control information storage sub-module configured corresponding to the user and the user side corresponding to the user.
In a first possible implementation manner of the first aspect, the real-time access control information includes first data, second data, and third data; the first data is used for representing collected user information, the second data is used for representing collection time, and the third data is used for representing collection equipment codes.
With reference to the first possible implementation manner of the first aspect, in a second possible implementation manner, the sending the encrypted real-time access control information to the access control information storage sub-module configured corresponding to the user includes the following specific method: determining whether historical data are stored in the access information storage submodule, and selectively storing the real-time access information when the historical data are stored as a result of the determination, wherein the method specifically comprises the following steps of: deleting the first data in the real-time access control information, only reserving the second data and the third data, and arranging based on the time sequence of the second data.
With reference to the first aspect, in a third possible implementation manner, comparing the real-time access control information with the configured access control data to obtain a comparison result, which specifically includes the following steps: acquiring a first characteristic of the real-time access control information; acquiring a second characteristic of the real-time access control information; fusing the first feature and the second feature to obtain a target feature; and comparing the target features with the identification features in the access information identification model to obtain a comparison result.
With reference to the third possible implementation manner of the first aspect, in a fourth possible implementation manner, the real-time access control information includes image data, where the image data includes a first image and a second image; the first feature of acquiring the real-time access control information comprises the following steps: the method comprises the steps of obtaining a first characteristic of a first image, wherein the first image is a first image to be identified with structured light coding, and specifically comprises the following steps: searching a first characteristic image from a first image to be identified according to a pre-trained structured light characteristic model; the second feature of acquiring the real-time access control information comprises the following steps: acquiring a second characteristic of the second image, wherein the second image is a second image to be identified without structured light coding, and the method specifically comprises the following steps: searching a second characteristic image from the second face image to be recognized according to the pre-trained unstructured light characteristic model; the first characteristic image and the second characteristic image are fused to obtain a target characteristic image, and the method specifically comprises the following steps: and obtaining a target feature image through cascade feature fusion processing based on the first feature image and the second feature image.
With reference to the fourth possible implementation manner of the first aspect, in a fifth possible implementation manner, the comparing the target feature with the identification feature in the access information identification model to obtain a comparison result specifically includes the following steps: extracting target parameters of the target feature image; extracting a plurality of preset parameters in the preset identification information, wherein the preset parameters are correspondingly set with the preset identification information; and comparing the target parameter with the minimum difference value in the preset parameters, wherein the preset parameter corresponding to the minimum difference value is a comparison parameter, and the identification information corresponding to the comparison parameter is a comparison result.
With reference to the fifth possible implementation manner of the first aspect, in a sixth possible implementation manner, the target parameter and the preset parameter include any one of a width, a height, an inclination angle, and a curvature; the minimum difference is cosine similarity.
In a sixth possible implementation manner of the first aspect, comparing the first action behavior feature data with the action behavior interaction data to obtain a first result further includes: and determining the action behavior interaction data as continuous behavior data, wherein the action behavior interaction data is interaction data generated by continuous actions performed by a user in a preset time period.
With reference to the fourth possible implementation manner of the first aspect, in a seventh possible implementation manner, the real-time access control information includes access control card data, where the access control card data includes first access control card data and second access control card data; the first feature of acquiring the real-time access control information comprises the following steps: the method comprises the steps of obtaining first characteristics in first access card data, wherein the first access card data are key data of an access card, and specifically comprises the following steps: extracting an ID of the key data; the second feature of acquiring the real-time access control information comprises the following steps: the method comprises the steps of obtaining second characteristics in second access card data, wherein the second access card data are authorization time data of an access card, and specifically comprises the following steps: and extracting a time interval in the authorized time data.
With reference to the seventh possible implementation manner of the first aspect, in an eighth possible implementation manner, the comparing the target feature with the identification feature in the access information identification model to obtain a comparison result specifically includes the following method: comparing whether the ID in the secret key data is consistent with the ID of the access control system; and when the results are consistent, comparing the time intervals in the authorized time data.
In a second aspect, an embodiment of the present application further provides an access control data management system, where the access control data management method is applied to a server, where the server is connected to a user side and an access control terminal device, the user side is used to obtain access control information of a user, the access control terminal is used to obtain real-time access control information of the user, an access control information identification model is configured in the server, and is used to compare the obtained real-time access control information to obtain a corresponding user side, a database is used to store a plurality of preset identification information, an access control information storage module is used to store the obtained real-time access control information, an information sending module is used to send the real-time access control information to the user side, and an encryption module is used to encrypt the access control information storage module and the information sending module.
According to the technical scheme, the data management method and the system are arranged, so that identification is performed on the access control system after data are acquired, a high identification result is obtained, management on the access control data is achieved based on the identification result, a communication channel is established between a user and the access control, key data in the process can be displayed and stored at the user side, secret processing on the data is achieved through an encryption method, and privacy secrets related to the user can be protected highly.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings that are needed in the description of the embodiments will be briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present application, and that other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
The methods, systems, and/or programs in the accompanying drawings will be described further in terms of exemplary embodiments. These exemplary embodiments will be described in detail with reference to the drawings. These exemplary embodiments are non-limiting exemplary embodiments, wherein the exemplary numbers represent like mechanisms throughout the various views of the drawings.
Fig. 1 is a schematic system architecture of a communication system according to an embodiment of the present application.
Fig. 2 is a block schematic diagram of a server provided in an embodiment of the present application.
Fig. 3 is a flow chart of a method of gate inhibition data management according to some embodiments of the present application.
Detailed Description
In order to better understand the technical solutions described above, the following detailed description of the technical solutions of the present application is provided through the accompanying drawings and specific embodiments, and it should be understood that the specific features of the embodiments and embodiments of the present application are detailed descriptions of the technical solutions of the present application, and not limit the technical solutions of the present application, and the technical features of the embodiments and embodiments of the present application may be combined with each other without conflict.
In the following detailed description, numerous specific details are set forth by way of examples in order to provide a thorough understanding of the relevant teachings. However, it will be apparent to one skilled in the art that the present application may be practiced without these details. In other instances, well-known methods, procedures, systems, components, and/or circuits have been described at a relatively high-level, without detail, in order to avoid unnecessarily obscuring aspects of the present application.
The flowcharts are used in this application to describe implementations performed by systems according to embodiments of the present application. It should be clearly understood that the execution of the flowcharts may be performed out of order. Rather, these implementations may be performed in reverse order or concurrently. Additionally, at least one other execution may be added to the flowchart. One or more of the executions may be deleted from the flowchart.
Referring to fig. 1, an embodiment of the present application provides an access control data management system 100, which includes a server 110, a user terminal 120 and an access control terminal 130 that are in communication with each other.
In practice, the server may be a single server or a server cluster composed of multiple servers, only a single server being exemplified in fig. 1.
In this embodiment, the user terminal is an intelligent terminal on which an application program configured corresponding to the server is installed, and may be various electronic devices with display screens, including but not limited to a smart phone, a tablet computer, a laptop computer, a desktop computer, etc., and fig. 1 only illustrates a smart phone as an example. Alternatively, the invention is not limited in this regard.
In this embodiment, the user side is configured to collect access control information of a user, where the access control information includes biological information and other hardware information, where the biological information includes but is not limited to a face image and a fingerprint image, and the other hardware information includes but is not limited to embedded access control card information. The user side also stores the above information and communicates with the server. The user terminal is provided with an operation interface, wherein the operation interface can be configured according to a specific use scene and is configured into a plurality of functional modules, and the functional modules can be configured according to the specific use scene. But including at least two functional modules in the user side is not variable. The first is a user center, and identity information corresponding to a user and access control information used in an access control use scene are stored in the user center. Second, the operation center, in which the history of operation can be seen.
In this embodiment, the access terminal includes a door lock and a control center connected to the door lock, where the control center communicates with the server, and controls the door lock through a command issued by the server. And an information acquisition module is also arranged in the access control terminal and is used for acquiring unlocking information of a user and sending the unlocking information to a server in a communication mode for verification of the user.
The server is internally provided with an access control information identification module used for comparing the acquired real-time access control information to the corresponding user side, a database used for storing a plurality of preset identification information is further arranged, the access control information storage module is used for storing the acquired real-time access control information, the information sending module is used for sending the real-time access control information to the user side for the user side to store the real-time access control information and display the real-time access control information in an operation center of the user side, and the encryption module is used for encrypting the access control information storage module and the information sending module, so that information leakage caused by the fact that a communication process and a background server are attacked by the user is reduced. In this embodiment, a plurality of sub-databases are correspondingly provided in the databases, where each database is configured with a corresponding user terminal, that is, preset access control information of each user is stored in the corresponding sub-database; the access control information storage module comprises a plurality of access control information storage sub-modules as well, wherein each access control information storage sub-module is used for storing real-time access control information of each user, encrypting the access control information storage sub-modules through the encryption module, encrypting the real-time access control information through the encryption module and distributing the real-time access control information to corresponding user terminals through the information sending module.
In this embodiment, the above modules are directly or indirectly electrically connected to each other, so as to realize data transmission or interaction. For example, the components may be electrically connected to each other via one or more communication buses or signal lines. And includes at least one software functional module that may be stored in memory in the form of software or firmware (firmware) or cured in an Operating System (OS) of the electronic device. The processor is used for executing executable modules stored in the memory, such as software function modules, computer programs and the like, which are included in the device corresponding to the access control data management method.
Wherein the machine-readable storage medium may store data and/or instructions. In an exemplary design, a machine-readable storage medium may store data acquired from an external terminal. In an exemplary design, a machine-readable storage medium may store data and/or instructions for use by an access data management system to perform or use in accomplishing the exemplary methods described herein. In an exemplary design, the machine-readable storage medium may include mass storage, removable storage, volatile read-write memory, read-only memory (ROM), and the like, or any combination thereof. Exemplary mass storage devices may include magnetic disks, optical disks, solid state disks, and the like. Exemplary removable memory may include flash drives, floppy disks, optical disks, memory cards, compact disks, tape, and the like. Exemplary volatile read-write memory can include Random Access Memory (RAM). Exemplary RAM may include active random access memory (DRAM), double data rate synchronous active random access memory (DDR SDRAM), passive random access memory (SRAM), thyristor random access memory (T-RAM), zero capacitance random access memory (Z-RAM), and the like. Exemplary read-only memory may include mask read-only memory (MROM), programmable read-only memory (PROM), erasable programmable read-only memory (PEROM), electrically erasable programmable read-only memory (EEPROM), compact disc read-only memory (CD-ROM), digital versatile disk read-only memory, and the like. The memory is used for storing a program, and the processor executes the program after receiving an execution instruction. The communication unit is used for establishing communication connection between the server and the terminal through a network and is used for receiving and transmitting data through the network. In an exemplary design concept, a machine-readable storage medium may be implemented on a cloud platform. For example only, the cloud platform may include a private cloud, a public cloud, a hybrid cloud, a community cloud, a distributed cloud, an internal cloud, a multi-layer cloud, etc., or any combination thereof.
In a specific implementation process, at least one processor executes computer-executable instructions stored by a machine-readable storage medium, so that the processor can execute the method for managing access data according to the method embodiment, the processor, the machine-readable storage medium and the communication unit are connected according to a bus, and the processor can be used for controlling the transceiving actions of the communication unit. The processor may be an integrated circuit chip having signal processing capabilities. The processor may be a general-purpose processor, including a central processing unit (Central Processing Unit, CPU), a network processor (Network Processor, NP), etc.; but also Digital Signal Processors (DSPs)), application Specific Integrated Circuits (ASICs), field Programmable Gate Arrays (FPGAs) or other programmable logic devices, discrete gate or transistor logic devices, discrete hardware components. The disclosed methods, steps, and logic blocks in the embodiments of the present invention may be implemented or performed. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like. It will be appreciated that the configuration shown in fig. 2 is merely illustrative, and that in other embodiments the server may include more or fewer components than shown in fig. 2, or have a different configuration than shown in fig. 2. The components shown in fig. 2 may be implemented in hardware, software, or a combination thereof.
Referring to fig. 3, a flowchart of an access control data management method according to some embodiments of the present application is shown, and the main method is to compare real-time access control information of a user to determine whether the user is a corresponding user, send process information to a corresponding client based on a determination result, and save updated data to form historical data through an update mechanism.
The method specifically comprises the following steps:
step S110, acquiring real-time access control information.
In this embodiment, acquisition of the real-time access control information is based on acquisition by the access control terminal. The acquisition modes comprise at least two types, and different acquisition methods are configured based on different door control unlocking modes. The method comprises the steps of face image acquisition and entrance guard card information acquisition. The real-time access control information is real-time face image data and is real-time access control card data according to the access control card acquisition mode.
And step S120, comparing the real-time access control information with the configured access control data to obtain a comparison result.
In this embodiment, the real-time access control information includes first data, second data, and third data. The first data is used for representing collected user information, the second data is used for representing collection time, and the third data is used for representing collection equipment codes. The data for comparison is first data, namely the data used for representing the collected user data, and the second data and the third data are used for storing after determining the comparison result. Specifically, when the comparison between the first data and the access control data is positive, that is, the access control user is matched with the user arranged in the server, the second data and the third data are stored in the corresponding sub-database and the corresponding access control information sub-module; and when the comparison result is negative, namely the access control user is not matched with the user arranged in the server, the second data and the third data are stored into a standby database in the database, and the second data and the third data are deleted within a certain time based on a server management mechanism. In this embodiment, the information for the first data, that is, the information reserved when the user performs registration or information input, includes feature information and other basic information, including but not limited to specific address information, property fee payment information, and other management information, where the first data adopts a user name coding form, for example, a-B-C, where a represents a building number, B represents a specific room number, C is a specific registrant registration name, where under the C label, C1 and C2 may be further set, where C1 may be whether property fee payment information, and C2 is payment time information. The second data is information of real-time access control information acquisition time, the acquisition of the information is based on corresponding hardware equipment arranged in the access control terminal, and the process is not described in detail. The third data is a code configured in the access terminal, namely, the data used for representing personalized information of the access terminal, each access terminal is provided with a corresponding equipment code used for describing parameter information of the access terminal and basic information of equipment, and the data can be the code which is configured in the corresponding access terminal in advance or can be the code which is carried out when the manager manages the access terminal to realize the number which is endowed by the correspondence management.
Wherein the obtaining of the comparison result comprises the following steps:
step S121, a first feature of the real-time access control information is acquired.
Step S122, obtaining a second feature of the real-time access control information.
In this embodiment, the acquisition modes of the first feature and the second feature are described in detail for different types of access control data. The access control data comprise face image data and access control card data, and the acquisition of the first features and the second features in the face image data comprises the following steps:
the face image data are divided into a first image and a second image based on the light information of the images, wherein the first image is a first image to be identified with a structured light code, and first features are found out from the first image to be identified according to a pre-trained structured light feature model. The method comprises the steps of obtaining a first image to be identified with a structured light code, transmitting infrared-modulated one-dimensional bar code structured light to a face to be identified in real-time user data acquisition, receiving infrared codes reflected back by the face to be identified, and generating a first face image to be identified. Based on the implementation method, the hardware module capable of emitting the bar code structured light is arranged for the access control terminal, and the structured light with the bar code is carried out when the face data is acquired through the access control terminal.
The method specifically comprises the following steps of: and searching from the second face image to be recognized according to the pre-trained unstructured light characteristic model to obtain a second characteristic image.
In this embodiment, the first face image to be identified and the second face image to be identified are two-dimensional images, which are acquired by 2 different cameras, for example, the first face image to be identified may be acquired by a structured light CMOS camera, and the second face image to be identified may be acquired by a commonly used color camera. When the infrared light is used for forming the coded structured light in a one-dimensional bar code mode, the farther the distance is, the wider the bright stripes are, so that the distance between each point and a reference point (namely the point where a camera is positioned) is calculated by measuring the width ratio of the bright stripes to the dark stripes.
The method for extracting the first characteristic image and the second characteristic image according to the pre-trained structured light characteristic model and according to the trained unstructured light characteristic model comprises the following steps:
calculating the distance between each point in the first face image to be identified and the second face image to be identified relative to the reference point, and respectively obtaining face depth images according to the calculated distances;
And searching a first characteristic image and a second characteristic image from the face depth image according to the pre-trained structured light face characteristic model and the non-structured light face characteristic model.
In this embodiment, in order to avoid using a photo to realize opening of the entrance guard, a real face recognition mechanism can be added in this embodiment, and two-dimensional non-organisms such as a photo and a picture are identified by the mechanism, so that false opening is avoided. In this embodiment, a corresponding first face calibration frame and second face calibration frame are formed by comparing a real face with the first feature image and the second feature image, and whether the face to be recognized is a three-dimensional face is determined according to the overlapping degree of the first face calibration frame and the second face calibration frame. The method comprises the following steps: and judging whether the overlapping degree of the first face calibration frame and the second face calibration frame is larger than a preset threshold value, if so, judging that the face to be recognized is a three-dimensional face, otherwise, judging that the face to be recognized is not the three-dimensional face.
The first feature of the access card data is key data, and the extraction of the first feature of the access card data is specifically extracting an ID in the key data; the second feature of the access card data is the authorized time data of the access card, and the extraction of the second feature is specifically extracting a time interval in the authorized time data. The first characteristic is used for indicating whether the access card is the access card corresponding to the access terminal or not, and the second characteristic is used for indicating the time effect of the access card.
Step S123, fusing the first characteristic image and the second characteristic image to obtain a target characteristic image.
In this embodiment, the specific fusion method is a cascading feature fusion method, and the target feature image is obtained by fusion of features through the cascading feature fusion method.
And S124, comparing the target features with the identification features in the access information identification model to obtain a comparison result.
The comparison results obtained by comparing face image data and access card data are described in detail below.
The specific process for the face image data comprises the following steps:
and extracting target parameters of the target feature image based on the target feature image.
Extracting a plurality of preset parameters in preset information.
And comparing the target parameter with the minimum difference value in the plurality of preset parameters.
In this embodiment, the preset parameters are set corresponding to preset identification information, the preset parameter corresponding to the minimum difference is a comparison parameter, and the identification result corresponding to the comparison parameter is a comparison result. The target parameters and the preset parameters in the face image data comprise any one of width, height, inclination angle and curvature, wherein the minimum difference value is cosine similarity. In this embodiment, the preset parameter is any one of width, height, inclination angle and curvature of a plurality of saved face images set in the server, and the target feature image is compared with any one corresponding parameter in the saved face images to obtain a minimum difference value, where the minimum difference value is cosine similarity. And comparing based on the cosine similarity to obtain a comparison result, and judging one of the users corresponding to the server when the cosine similarity is in a threshold range, wherein the user information corresponding to the smallest difference value, namely the user information with the smallest cosine similarity, is the comparison result. When the cosine similarity is not in the preset threshold range, judging that the cosine similarity does not belong to one of the users corresponding to the server. For the selection of the threshold range, the training can be performed based on a training model. Since the training model can be determined by means of machine learning in the prior art, a detailed description is omitted in this embodiment.
The method aims at the access card data and comprises the following specific processes:
and matching the ID in the key data with the ID of the access control system to determine whether the IDs are consistent. The ID matching result can determine that the user of the access card has the authority to open the access control system, and the ID contains the information of the user.
And when the result is restrained, comparing the time interval in the authorized time data, specifically, judging whether the real-time is in the time interval, and determining whether the time authority of the access card meets the requirement of opening the access control system through the judgment of the time interval. When the real-time of use is within the time interval, judging that the access card is not expired, and the user manages the user for the access card; and when the real-time is not in the time interval, judging that the access card is out of date. And aiming at the condition that the access card is out of date, under the condition that the IDs are matched consistently, the corresponding user information in the database in the corresponding service period can be searched, the data is stored in the sub-database, and the data is sent to the corresponding user terminal through the information sending module to update the information of the access card.
And step S130, encrypting the real-time access control information based on the comparison result, and sending the encrypted real-time access control information to the access control information storage module and the user side.
In this embodiment, the real-time access control information in the process is sent to the access control information storage module and the user side in an encrypted manner for the forward comparison result. And the forward comparison result is that the collected data is judged to be the data of the corresponding user, and the data is stored in an encrypted mode and sent in an encrypted mode based on the determined corresponding user.
The method specifically comprises the following steps:
encrypting the real-time access control information, and sending the encrypted real-time access control information to an access control information storage sub-module configured corresponding to the user and a user side corresponding to the user.
The encryption method may adopt a general encryption manner, and will not be described in this embodiment.
The access control data comprises first data, second data and third data, wherein the first data are used for representing that collected user information comprises registered user names, the second data are used for representing that collection time comprises clock information, the third data are used for representing collection equipment codes, namely codes of access control terminals, and the codes of the access control terminals are determined unified codes in the embodiment.
The method for transmitting the real-time access control information to the access control information storage sub-module configured corresponding to the user comprises the following steps:
And determining that historical data is stored in the access control information storage submodule, and selectively storing the real-time access control information based on a determination result. Because the data volume processed by the access control terminal is large, in order to ensure the optimal storage of the stored data volume, the stored data needs to be subjected to conditional screening and stored.
The method for selectively storing the real-time access control information aiming at the determination result specifically comprises the following steps of:
when the result of the determination is that the historical data is stored, deleting the first data in the real-time access control information, only retaining the second data and the third data, and arranging based on the time sequence of the second data.
In this embodiment, the processing process includes data processing and data storage, and the data acquired by the access control system is mainly personal information of the user, and the security requirement based on the personal information under special conditions will increase with the requirement of security level. Therefore, in the door control data management method provided in the present embodiment, encryption processing needs to be performed on the data processing process and the storage, and specifically includes the following steps:
determining whether the user is a corresponding user;
and when the determined result is the corresponding user, encrypting the real-time access control information, and sending the encrypted real-time access control information to the access control information storage sub-module configured corresponding to the user and the user side corresponding to the user. In this embodiment, the specific encryption and decryption methods may be performed by mapping encryption, and the mapping relationship is set to convert the acquired real-time access control information into a data structure based on the corresponding mapping relationship, where the converted data is encrypted data, and the decryption process is also performed by the mapping relationship. Because the map encryption is one of the existing encryption techniques, detailed description is not given in this embodiment.
The embodiment of the application also provides a computer readable storage medium, on which a computer program is stored, which when executed on a computer, causes the computer to execute the access control data management method provided by the embodiment of the application.
The embodiment of the application provides an access control system management method and an access control system management system, which aim to solve the problem that a storage space cannot support a processing process due to low data processing efficiency caused by increased service time by a reasonable data management mode and an object identification method with high identification degree. And by arranging the encryption method, the confidentiality of the information of the user is realized, and the risk of disclosure is reduced.
It should be understood that, for the technical terms that do not have noun interpretation in the foregoing, those skilled in the art can clearly determine the meaning of the terms according to the foregoing disclosure, for example, for some terms such as threshold values and coefficients, those skilled in the art can derive and determine the terms according to the logical relationship between the foregoing and the following terms, and the value ranges of these values may be selected according to practical situations, for example, 0.1 to 1, for example, 1 to 10, for example, 50 to 100, which are not limited herein.
The person skilled in the art can undoubtedly determine technical features/terms of some preset, reference, predetermined, set and preference labels, such as threshold values, threshold value intervals, threshold value ranges, etc., from the above disclosure. For some technical feature terms which are not explained, a person skilled in the art can reasonably and unambiguously derive based on the logical relation of the context, so that the technical scheme can be clearly and completely implemented. The prefixes of technical feature terms, such as "first", "second", "example", "target", etc., which are not explained, can be unambiguously deduced and determined from the context. Suffixes of technical feature terms, such as "set", "list", etc., which are not explained, can also be deduced and determined unambiguously from the context.
The foregoing of the disclosure of the embodiments of the present application will be apparent to and complete with respect to those skilled in the art. It should be appreciated that the process of deriving and analyzing technical terms not explained based on the above disclosure by those skilled in the art is based on what is described in the present application, and thus the above is not an inventive judgment of the overall scheme.
While the basic concepts have been described above, it will be apparent to those skilled in the art that the foregoing detailed disclosure is by way of example only and is not intended to be limiting. Although not explicitly described herein, various modifications, improvements, and adaptations may occur to one skilled in the art. Such modifications, improvements, and modifications are intended to be suggested within this application, and are therefore within the spirit and scope of the exemplary embodiments of this application.
Meanwhile, the present application uses specific terminology to describe embodiments of the present application. Reference to "one embodiment," "an embodiment," and/or "some embodiments" means that a particular feature, structure, or characteristic is associated with at least one embodiment of the present application. Thus, it should be emphasized and should be appreciated that two or more references to "an embodiment" or "one embodiment" or "an alternative embodiment" in various portions of this specification are not necessarily all referring to the same embodiment. Furthermore, certain features, structures, or characteristics of at least one embodiment of the present application may be combined as suitable.
In addition, those of ordinary skill in the art will understand that the various aspects of the present application may be illustrated and described in terms of several patentable categories or cases, including any novel and useful processes, machines, products, or combinations of materials, or any novel and useful improvements thereto. Accordingly, aspects of the present application may be performed entirely by hardware, entirely by software (including firmware, resident software, micro-code, etc.) or by a combination of hardware and software. The above hardware or software may be referred to as a "unit," component, "or" system. Furthermore, aspects of the present application may be embodied as a computer product in at least one computer-readable medium, the product comprising computer-readable program code.
The computer readable signal medium may comprise a propagated data signal with computer program code embodied therein, for example, on a baseband or as part of a carrier wave. The propagated signal may take on a variety of forms, including electro-magnetic, optical, etc., or any suitable combination thereof. A computer readable signal medium may be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code located on a computer readable signal medium may be propagated through any suitable medium including radio, electrical, fiber optic, RF, or the like, or any combination of the foregoing.
Computer program code required for execution of aspects of the present application may be written in any combination of one or more programming languages, including an object oriented programming such as Java, scala, smalltalk, eiffel, JADE, emerald, C ++, c#, vb net, python, etc., or similar conventional programming languages such as the "C" programming language, visual Basic, fortran 2003,Perl,COBOL 2002,PHP,ABAP, dynamic programming languages such as Python, ruby and Groovy or other programming languages. The programming code may execute entirely on the user's computer, or as a stand-alone software package, or partly on the user's computer and partly on a remote computer or entirely on the remote computer or server. In the latter scenario, the remote computer may be connected to the user's computer through any form of network, such as a Local Area Network (LAN) or a Wide Area Network (WAN), or the connection may be made to an external computer (for example, through the Internet), or in a cloud computing environment, or as a service, such as software as a service (SaaS).
Furthermore, the order in which the processing elements and sequences are described, the use of numerical letters, or other designations are used is not intended to limit the order in which the processes and methods of the present application are performed, unless specifically indicated in the claims. While in the foregoing disclosure there has been discussed, by way of various examples, some embodiments of the invention which are presently considered to be useful, it is to be understood that this detail is solely for that purpose and that the appended claims are not limited to the disclosed embodiments, but, on the contrary, are intended to cover all modifications and equivalent arrangements that are within the spirit and scope of the embodiments of this application. For example, while the system components described above may be implemented by hardware devices, they may also be implemented solely by software solutions, such as installing the described system on an existing server or mobile device.
It should also be appreciated that in the foregoing description of the embodiments of the present application, various features are sometimes grouped together in a single embodiment, figure, or description thereof for the purpose of streamlining the disclosure aiding in the understanding of at least one of the embodiments of the invention. This method of disclosure, however, is not intended to imply that more features than are presented in the claims are required for the subject application. Indeed, less than all of the features of a single embodiment disclosed above.
Claims (10)
1. The access control data management method is characterized by being applied to a server, wherein the server is connected with a user side, and the method comprises the following steps:
collecting user information and acquiring real-time access control information;
comparing the real-time access control information with the configured access control data to obtain a comparison result;
encrypting the real-time access control information based on the comparison result, and sending the encrypted real-time access control information to an access control information storage module and the user side;
the access control information storage module comprises a plurality of access control information storage sub-modules, and the access control information storage sub-modules are correspondingly configured with the user side;
encrypting the real-time access control information based on the comparison result, and sending the encrypted real-time access control information into an access control information storage module and the user side, wherein the method specifically comprises the following steps of:
determining whether the user is a corresponding user;
and when the determined result is the corresponding user, encrypting the real-time access control information, and sending the encrypted real-time access control information to the access control information storage sub-module configured corresponding to the user and the user side corresponding to the user.
2. The entrance guard data management method of claim 1, wherein the real-time entrance guard information includes first data, second data, and third data; the first data is used for representing collected user information, the second data is used for representing collection time, and the third data is used for representing collection equipment codes.
3. The access control data management method according to claim 2, wherein the sending the encrypted real-time access control information to the access control information storage sub-module configured corresponding to the user comprises the following specific methods:
determining whether historical data is stored in the access control information storage sub-module;
when the determined result is that the historical data is stored, selectively storing the real-time access control information, wherein the method specifically comprises the following steps of:
deleting the first data in the real-time access control information, only reserving the second data and the third data, and arranging based on the time sequence of the second data.
4. The access control data management method according to claim 1, wherein the comparison result is obtained by comparing the real-time access control information with the configured access control data, and specifically comprises the following steps:
acquiring a first characteristic of the real-time access control information;
acquiring a second characteristic of the real-time access control information;
fusing the first feature and the second feature to obtain a target feature;
and comparing the target features with the identification features in the access information identification model to obtain a comparison result.
5. The entrance guard data management method of claim 4, wherein the real-time entrance guard information comprises image data, the image data comprising a first image and a second image; the first feature of acquiring the real-time access control information comprises the following steps:
the method comprises the steps of obtaining a first characteristic of a first image, wherein the first image is a first image to be identified with structured light coding, and specifically comprises the following steps: searching a first characteristic image from a first image to be identified according to a pre-trained structured light characteristic model;
the second feature of acquiring the real-time access control information comprises the following steps:
acquiring a second characteristic of the second image, wherein the second image is a second image to be identified without structured light coding, and the method specifically comprises the following steps: searching a second characteristic image from the second face image to be recognized according to the pre-trained unstructured light characteristic model;
the first characteristic image and the second characteristic image are fused to obtain a target characteristic image, and the method specifically comprises the following steps: and obtaining a target feature image through cascade feature fusion processing based on the first feature image and the second feature image.
6. The access control data management method according to claim 5, wherein the comparison of the target feature with the identification feature in the access control information identification model is performed to obtain a comparison result, and specifically comprises the following steps:
Extracting target parameters of the target feature image;
extracting a plurality of preset parameters in the preset identification information, wherein the preset parameters are correspondingly set with the preset identification information;
and comparing the target parameter with the minimum difference value in the preset parameters, wherein the preset parameter corresponding to the minimum difference value is a comparison parameter, and the identification information corresponding to the comparison parameter is a comparison result.
7. The entrance guard data management method according to claim 6, wherein the target parameter and the preset parameter include any one of width, height, inclination angle, and curvature; the minimum difference is cosine similarity.
8. The access control data management method of claim 4, wherein the real-time access control information comprises access control card data, the access control card data comprising first access control card data and second access control card data; the first feature of acquiring the real-time access control information comprises the following steps:
the method comprises the steps of obtaining first characteristics in first access card data, wherein the first access card data are key data of an access card, and specifically comprises the following steps: extracting an ID of the key data;
the second feature of acquiring the real-time access control information comprises the following steps:
The method comprises the steps of obtaining second characteristics in second access card data, wherein the second access card data are authorization time data of an access card, and specifically comprises the following steps: and extracting a time interval in the authorized time data.
9. The access control data management method according to claim 8, wherein the comparison of the target features with the identification features in the access control information identification model is performed to obtain a comparison result, and specifically comprises the following steps:
comparing whether the ID in the secret key data is consistent with the ID of the access control system;
and when the results are consistent, comparing the time intervals in the authorized time data.
10. The access control data management system is characterized by being applied to a server, wherein the server is connected with a user side and access control terminal equipment, the user side is used for receiving real-time access control information of a user, the access control terminal equipment is used for acquiring the real-time access control information of the user, an access control information identification model is configured in the server and used for comparing the acquired real-time access control information to obtain a corresponding user side, a database is used for storing a plurality of preset identification information, an access control information storage module is used for storing the acquired real-time access control information, an information sending module is used for sending the real-time access control information to the user side, and an encryption module is used for conducting encryption processing on the access control information storage module and the information sending module.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310208863.7A CN116071860B (en) | 2023-03-07 | 2023-03-07 | Access control data management method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310208863.7A CN116071860B (en) | 2023-03-07 | 2023-03-07 | Access control data management method and system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN116071860A true CN116071860A (en) | 2023-05-05 |
| CN116071860B CN116071860B (en) | 2023-06-30 |
Family
ID=86176932
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202310208863.7A Active CN116071860B (en) | 2023-03-07 | 2023-03-07 | Access control data management method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN116071860B (en) |
Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20170364674A1 (en) * | 2014-11-20 | 2017-12-21 | General Electric Company | Methods and systems for accessing a secure system |
| CN109300211A (en) * | 2018-09-21 | 2019-02-01 | 腾讯科技(深圳)有限公司 | A kind of access control method, apparatus and system |
| CN110570558A (en) * | 2019-08-21 | 2019-12-13 | 杭州享钥科技有限公司 | access control management method based on wireless communication network |
| CN110634219A (en) * | 2019-10-22 | 2019-12-31 | 软通动力信息技术有限公司 | Access control identification system, method, equipment and storage medium |
| CN111783641A (en) * | 2020-06-30 | 2020-10-16 | 北京金山云网络技术有限公司 | Face clustering method and device |
| CN112562150A (en) * | 2020-11-23 | 2021-03-26 | 深圳华颐智能系统有限公司 | Student apartment management method, device, system and medium based on face recognition |
| US20210157910A1 (en) * | 2019-11-21 | 2021-05-27 | International Business Machines Corporation | Access card penetration testing |
| CN113052100A (en) * | 2021-03-31 | 2021-06-29 | 浙江商汤科技开发有限公司 | Traffic identification method and related device |
| CN114078269A (en) * | 2020-08-19 | 2022-02-22 | 浙江宇视科技有限公司 | Face image clustering method, device, server and storage medium |
-
2023
- 2023-03-07 CN CN202310208863.7A patent/CN116071860B/en active Active
Patent Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20170364674A1 (en) * | 2014-11-20 | 2017-12-21 | General Electric Company | Methods and systems for accessing a secure system |
| CN109300211A (en) * | 2018-09-21 | 2019-02-01 | 腾讯科技(深圳)有限公司 | A kind of access control method, apparatus and system |
| CN110570558A (en) * | 2019-08-21 | 2019-12-13 | 杭州享钥科技有限公司 | access control management method based on wireless communication network |
| CN110634219A (en) * | 2019-10-22 | 2019-12-31 | 软通动力信息技术有限公司 | Access control identification system, method, equipment and storage medium |
| US20210157910A1 (en) * | 2019-11-21 | 2021-05-27 | International Business Machines Corporation | Access card penetration testing |
| CN111783641A (en) * | 2020-06-30 | 2020-10-16 | 北京金山云网络技术有限公司 | Face clustering method and device |
| CN114078269A (en) * | 2020-08-19 | 2022-02-22 | 浙江宇视科技有限公司 | Face image clustering method, device, server and storage medium |
| CN112562150A (en) * | 2020-11-23 | 2021-03-26 | 深圳华颐智能系统有限公司 | Student apartment management method, device, system and medium based on face recognition |
| CN113052100A (en) * | 2021-03-31 | 2021-06-29 | 浙江商汤科技开发有限公司 | Traffic identification method and related device |
Also Published As
| Publication number | Publication date |
|---|---|
| CN116071860B (en) | 2023-06-30 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109461233A (en) | Caller management method, system, computer equipment and storage medium | |
| CN101657807A (en) | Be used for dynamically control to the method and system of the visit of network | |
| CN109948320B (en) | Block chain-based identity recognition management method, device, medium and electronic equipment | |
| US20100174914A1 (en) | System and method for traceless biometric identification with user selection | |
| CN104240342A (en) | Access control method and device | |
| KR102079952B1 (en) | Method of managing access using face recognition and apparatus using the same | |
| CN111625809A (en) | Data authorization method and device, electronic equipment and storage medium | |
| US20210075779A1 (en) | Information processing method and system | |
| CN110148264B (en) | Management method and equipment of storage cabinet | |
| CN113536261A (en) | Authority management method, device, computer device and storage medium | |
| CN111582693A (en) | Population management method, system, machine readable medium and device | |
| WO2020135079A1 (en) | Method and device for opening electronic gate, and server | |
| CN109409552A (en) | Reserve access method, system, computer equipment and storage medium | |
| US20240127648A1 (en) | Blockchain-controlled and location-validated locking systems and methods | |
| CN111695538A (en) | Illegal invader detection method, device and readable storage medium | |
| CN109377611A (en) | Caller management method, system, computer equipment and storage medium based on bio-identification | |
| CN111260833A (en) | Binding and management method and device for access control card | |
| Wójtowicz et al. | New challenges for user privacy in cyberspace | |
| CN112785766B (en) | Access control permission distribution authorization method based on block chain | |
| CN116071860B (en) | Access control data management method and system | |
| US20220342967A1 (en) | Enhanced biometric authentication | |
| CN109522737B (en) | Method and device for determining resource access rights | |
| CN114882974A (en) | Psychological diagnosis database access artificial intelligence verification system and method | |
| US20220172537A1 (en) | Device and method for user authentication using security card | |
| RU2784327C1 (en) | Authentication method and system for passing through a checkpoint |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |