CN211979737U - Access control system based on two-dimensional code - Google Patents
Access control system based on two-dimensional code Download PDFInfo
- Publication number
- CN211979737U CN211979737U CN202020688549.5U CN202020688549U CN211979737U CN 211979737 U CN211979737 U CN 211979737U CN 202020688549 U CN202020688549 U CN 202020688549U CN 211979737 U CN211979737 U CN 211979737U
- Authority
- CN
- China
- Prior art keywords
- unit
- key
- dimensional code
- access control
- decryption
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Landscapes
- Lock And Its Accessories (AREA)
Abstract
The utility model provides an access control system based on two-dimensional code, including the server, access control device and removal end, through transmission two-dimensional code information between access control device and the removal end, the secret key before the two-dimensional code is encrypted through first encryption unit, remove and pass through first decryption unit deciphering behind the end receipt information again, with the security of verifying the two-dimensional code, encrypt through secret key encryption unit before the server secret key transmission, the secret key in the character string that the server received the removal end carries out the check-up again after decryption unit deciphering, through twice encryption and deciphering improvement the utility model discloses a security, through the time difference between secret key generation and the check-up and access control device's UUID check-up, improve the utility model discloses a security.
Description
Technical Field
The utility model relates to an entrance guard's security protection technical field especially relates to an entrance guard control system based on two-dimensional code.
Background
Entrance guard's automatic control system has extensively been applied to each security protection fields such as office building, district, unit door and gate, and entrance guard's control system mainly authorizes the form at present to have: the mode of swiping IC card, fingerprint, password and cell-phone authorization, through the mode of swiping IC card, fingerprint, password or swiping cell-phone carry out the judgement of entrance guard's authority, and the form of swiping cell-phone, at present mainly rely on the two-dimensional Code to verify, because the two-dimensional Code is easily duplicated with the form of image, the two-dimensional Code can be propagated through multiple ways, and the security is lower, the two-dimensional Code is also known as two-dimensional bar Code, use QR Code as the coding rule usually, the public coding rule does benefit to standard two-dimensional Code market, the threshold of revising the two-dimensional Code has also been reduced simultaneously, make the two-dimensional Code in entrance guard's security protection in-process, easily be tampered, and influence the.
Disclosure of Invention
In order to solve the technical problem, the door access control system based on the two-dimensional code is high in safety, and a secret key of the two-dimensional code is encrypted in the transmission process to prevent the secret key from being tampered.
An access control system based on two-dimensional codes comprises a server, an access control device and a mobile terminal, wherein the access control device comprises a shell, a display screen and a mainboard, the mainboard is installed in the shell, the display screen is installed at the front end of the shell, the mainboard is provided with a control unit, a first encryption unit, a two-dimensional code generation unit, a first communication unit, a timer and an equipment information storage unit, the control unit is respectively connected with the timer, the first communication unit, the equipment information storage unit and the first encryption unit, and the two-dimensional code generation unit is respectively connected with the first encryption unit and the display screen; the mobile terminal comprises a controller, a two-dimension code identification unit, a first decryption unit, a user operation unit, a storage unit and a second communication unit, wherein the two-dimension code identification unit is connected with the first decryption unit, the first decryption unit is connected with the controller, and the controller is respectively connected with the user operation unit, the storage unit and the second communication unit; the server comprises a control module, a key decryption unit, a key encryption unit, a key generation unit, a storage module, a third communication unit and a fourth communication unit, wherein the control module is respectively connected with the storage module, the key encryption unit and the key decryption unit, the key encryption unit is connected with the third communication unit, and the third communication unit is connected with the first communication unit; the second communication unit is connected with the fourth communication unit, and the fourth communication unit is connected with the key decryption unit.
Preferably, an infrared induction switch is arranged at the front end of the shell and connected with the control unit.
Preferably, a light supplement lamp is arranged at the rear end of the display screen and connected with the control unit.
Preferably, the entrance guard control device further comprises a lock control unit, and the lock control unit is connected with the control unit.
Preferably, the server further comprises an access control device management unit, the mobile terminal further comprises a positioning unit, the positioning unit is connected with the controller, and the access control device management unit is connected with the control module.
Preferably, the key decryption unit includes an RC4 decryption unit, an MD5 decryption unit, or an RSA decryption unit, and the key encryption unit includes an RC4 encryption unit, an MD5 encryption unit, or an RSA encryption unit.
Preferably, the server further comprises a character string analysis unit and a verification unit, the fourth communication unit is connected with the character string analysis unit, the character string analysis unit is connected with the key decryption unit, and the key decryption unit is connected with the control module through the verification unit.
Preferably, the authentication unit includes a time authentication unit, a key authentication unit, and an access control device authentication unit.
Preferably, the first decryption unit comprises a first RC4 decryption unit, a first MD5 decryption unit or a first RSA decryption unit, and the first encryption unit comprises a first RC4 encryption unit, a first MD5 encryption unit or a first RSA encryption unit.
Preferably, the server further includes a key generation unit, and the key generation unit is connected to the control module and the key encryption unit respectively.
Compared with the prior art, the beneficial effects of the utility model are that: 1. the information is transmitted between the access control device and the mobile terminal through the two-dimensional code, the key before the two-dimensional code is coded is encrypted through the first encryption unit, the mobile terminal receives the information and then decrypts through the first decryption unit to verify the safety of the two-dimensional code, the server key is encrypted through the key encryption unit before transmission, the key in the character string of the mobile terminal received by the server is decrypted through the decryption unit and then verified, and the safety is improved through double encryption and decryption; 2. the time difference between the generation and the verification of the secret key and the UUID of the access control device are used for verifying, so that the safety of the two-dimensional code is improved; 3. the safety is improved and the two-dimensional code is prevented from being spread by verifying the mobile terminal positioning and the installation address of the access control device; 4. remove end and entrance guard's control device and be connected with the different communication unit of server respectively, improve the utility model discloses a security, entrance guard's control device and server can be connected through the intranet, and remove the end and be connected with the server through the extranet.
Drawings
Fig. 1 is a schematic structural diagram of the access control device of the present invention;
fig. 2 is a logic block diagram of the present invention;
fig. 3 is a logical block diagram of the server of embodiment 1.
In the drawings, the reference numbers: 1-an access control device, 101-a display screen, 102-a shell, 103-a control unit, 104-a first communication unit, 105-a timer, 106-a first encryption unit, 107-a two-dimensional code generation unit, 108-a lock control unit, 109-an equipment information storage unit and 110-an infrared induction switch; 2-mobile terminal, 201-controller, 202-first decryption unit, 203-two-dimensional code identification unit, 204-second communication unit, 205-positioning unit, 206-user operation unit, 207-memory, 3-server, 301-control module, 302-third communication unit, 303-key generation unit, 304-key encryption unit, 305-storage module, 306-entrance guard device management unit, 307-verification unit, 308-key decryption unit, 309-character string analysis unit and 310-fourth communication unit.
Detailed Description
The following detailed description of the embodiments of the present invention is provided with reference to the accompanying drawings and examples. The following examples are intended to illustrate the invention, but are not intended to limit the scope of the invention.
An access control system based on two-dimensional codes comprises a server 3, an access control device 1 and a mobile terminal 2, as shown in fig. 1 and fig. 2, the access control device 1 comprises a shell 102, a display screen 101 and a mainboard, the mainboard is installed in the shell 102, the display screen 101 is installed at the front end of the shell 102, the mainboard is provided with a control unit 103, a first encryption unit 106, a two-dimensional code generation unit 107, a first communication unit 104, a timer 105 and an equipment information storage unit 109, the control unit 103 is respectively connected with the timer 105, the first communication unit 104, the equipment information storage unit 109 and the first encryption unit 106, and the two-dimensional code generation unit 107 is respectively connected with the first encryption unit 106 and the display screen 101; the control unit 103 obtains the current time of the timer 105 as key application time and a device UUID in the device information storage unit, sends a key application time, the UUID and a key request instruction of the access control device to the server 3 through the first communication unit 104, generates a character string according to the key application time, the UUID and the key after obtaining the key, encrypts the character string through the first encryption unit, generates a two-dimensional code through the two-dimensional code generation unit, and displays the two-dimensional code on the display screen; the mobile terminal 2 comprises a controller 201, a two-dimensional code identification unit 203, a first decryption unit 202, a user operation unit 206, a storage unit 207 and a second communication unit 204, wherein the two-dimensional code identification unit 203 is connected with the first decryption unit 202, the first decryption unit 202 is connected with the controller 201, and the controller 201 is respectively connected with the user operation unit 206, the storage unit 207 and the second communication unit 204; the mobile terminal 2 reads the two-dimensional code in the display screen through the two-dimensional code recognition unit 203 and converts the two-dimensional code into an encrypted character string, the encrypted character string is decrypted through the first decryption unit 202 and then transmitted to the controller 201, the first decryption unit 202 is used for decrypting the character string on one hand and verifying whether the character string is tampered on the other hand so as to improve the safety of information transmission, and the controller 201 submits the information submitted by the user in the user operation unit 206 and the decrypted character string to the server 3 through the second communication unit 204; the server 3 comprises a control module 301, a key decryption unit 308, a key encryption unit 304, a third communication unit 302, a storage module 305 and a fourth communication unit 310, wherein the control module 301 is respectively connected with the storage module 305 and the key decryption unit 308, the key encryption unit 304 is connected with the third communication unit 302, and the third communication unit 302 is connected with the first communication unit 104 of the entrance guard control device 1; the second communication unit 204 of the mobile terminal 2 is connected to the fourth communication unit 310, the fourth communication unit 310 is connected to the key decryption unit 308, and the key decryption unit 308 is connected to the control module 301.
After acquiring a key request instruction of the access control device 1, the control module 301 stores the UUID and the key application time in the storage module 305, and generates a key through the key generation unit 303, where the key is encrypted by the key encryption unit 304 and then sends the encrypted key to the access control device 1 through the third communication unit 302 and the first communication unit 104; the character string uploaded by the mobile terminal 2 to the server 3 contains the encrypted key, the encrypted key is decrypted by the key decryption unit 308 to obtain the key, and the control module verifies the obtained key, the UUID, the time difference and the user authority, wherein the time difference is as follows: verifying the time difference between the key application time of the access control device stored in the storage module and the current time of the server, and normally setting the legal time difference within 90 seconds; the mobile terminal 2 and the access control device 1 are respectively connected with different communication units of the server 3, so that the safety of the access control device is improved, the access control device and the server can be connected through an internal network, the mobile terminal is connected with the server through an external network, the secret key is encrypted before being sent to the access control device, and after the mobile terminal uploads a character string, the obtained secret key is decrypted and then verified, so that the safety is improved, and the secret key is prevented from being tampered; integrate entrance guard's UUID and secret key application time in the two-dimensional code, improve the degree of difficulty of falsifying information, carry out the check-up through UUID and time difference simultaneously, improve the utility model discloses a security prevents that the two-dimensional code from propagating through the form of image.
The front end of the housing 102 is provided with an infrared inductive switch 110, and the infrared inductive switch 110 is connected with the control unit 103. The infrared sensor switch 110 is used to detect a person approaching, and when there is no user nearby, the control unit 103 controls the entrance guard control device 1 to sleep in a delayed manner, so as to save energy.
Meanwhile, the infrared inductive switch 110 can be used for controlling the brightness of the display screen 101, in a specific embodiment, a light supplement lamp connected with the control unit 103 is arranged at the rear end of the display screen 101, when the infrared inductive switch 110 senses that someone is close to the display screen, information is sent to the control unit 103, and the control unit 103 controls the brightness of the light supplement lamp according to the received information, so that the brightness of the display screen 101 is improved, and the code scanning success rate is favorably improved.
The access control device generally further comprises a lock control unit 108, the lock control unit 108 is connected with the control unit 103, and after the access control device 1 receives an unlocking instruction sent by the server 3, the control unit 103 controls the lock control unit 108 to open the door lock. In a specific embodiment, the control unit adopts an MCU of which the chip model is STM32F103VET 6.
The server 3 may further include an access control device management unit 306, the mobile terminal 2 further includes a positioning unit 205, the positioning unit 205 is connected to the controller 201, and the access control device management unit 306 is connected to the control module 305. The positioning unit 205 is used for acquireing and removes the current position of end 2, and entrance guard's device administrative unit is used for managing entrance guard's control device's UUID, connection address and installation address, and control module 305 prevents the two-dimensional code propagation through entrance guard's control device's installation address and the legal authority of removing the current position check-up user of end, in order to improve the utility model discloses a security.
The key decryption unit may adopt an RC4 decryption unit, an MD5 decryption unit or an RSA decryption unit, and the key encryption unit adopts an RC4 encryption unit, an MD5 encryption unit or an RSA encryption unit corresponding to the key decryption unit. The RSA decryption unit and the RSA encryption unit may use an LKT4201 chip.
Example 1
The server may further include a character string parsing unit 309 and a verification unit 307, as shown in fig. 3, the fourth communication unit 310 is connected to the character string parsing unit 309, the character string parsing unit 309 is connected to the key decryption unit 308, and the key decryption unit 308 is connected to the control module 301 through the verification unit 307. The character string uploaded by the mobile terminal 2 includes UUID, key application time and a key, the UUID, the key application time and the encrypted key are obtained from the character string through the character string parsing unit 309, the encrypted key is decrypted by the key decryption unit 308 to obtain the key, and the verification unit 307 is used for verifying the key, the UUID and the key application time.
The verification unit 307 may include a time verification unit, a key verification unit, and an access control device verification unit, which are respectively used to verify the time difference, the key, and the UUID value of the access control device.
The first decryption unit 202 may adopt a first RC4 decryption unit, a first MD5 decryption unit or a first RSA decryption unit, and the first encryption unit 106 adopts a decryption unit corresponding to the first decryption unit: a first RC4 encryption unit, a first MD5 encryption unit, or a first RSA encryption unit.
The server 3 may further include a key generation unit 303, and the key generation unit 303 is connected to the control module 301 and the key encryption unit 304, respectively. After receiving a key request of the access control device, the control module 301 generates a key through the key generation unit 303, the control module 301 stores the key request, the key request time, and the user information in a memory, and the key generation unit 303 sends the key to the key encryption unit 304 for encryption and then sends the encrypted key to the access control device through the third communication unit 302.
The foregoing is only a preferred embodiment of the present invention, and it should be noted that, for those skilled in the art, a plurality of modifications and variations can be made without departing from the technical principle of the present invention, and these modifications and variations should also be regarded as the protection scope of the present invention.
Claims (10)
1. An entrance guard control system based on two-dimension codes comprises a server, an entrance guard control device and a mobile terminal, and is characterized in that the entrance guard control device comprises a shell, a display screen and a mainboard, the mainboard is arranged in the shell, the display screen is arranged at the front end of the shell,
the main board is provided with a control unit, a first encryption unit, a two-dimension code generation unit, a first communication unit, a timer and an equipment information storage unit,
the control unit is respectively connected with the timer, the first communication unit, the equipment information storage unit and the first encryption unit, and the two-dimensional code generation unit is respectively connected with the first encryption unit and the display screen;
the mobile terminal comprises a controller, a two-dimension code identification unit, a first decryption unit, a user operation unit, a storage unit and a second communication unit, wherein the two-dimension code identification unit is connected with the first decryption unit, the first decryption unit is connected with the controller, and the controller is respectively connected with the user operation unit, the storage unit and the second communication unit;
the server comprises a control module, a key decryption unit, a key encryption unit, a storage module, a third communication unit and a fourth communication unit,
the control module is respectively connected with the storage module, the key encryption unit and the key decryption unit, the key encryption unit is connected with the third communication unit, and the third communication unit is connected with the first communication unit of the access control device; the second communication unit is connected with the fourth communication unit, and the fourth communication unit is connected with the key decryption unit.
2. The door access control system based on the two-dimensional code as claimed in claim 1, wherein an infrared inductive switch is arranged at the front end of the shell, and the infrared inductive switch is connected with the control unit.
3. The entrance guard control system based on the two-dimensional code of claim 2, characterized in that, a light filling lamp is arranged at the rear end of the display screen, and the light filling lamp is connected with the control unit.
4. The door access control system based on the two-dimensional code of claim 1, wherein the door access control device further comprises a lock control unit, and the lock control unit is connected with the control unit.
5. The door access control system based on the two-dimensional code of claim 1, wherein the server further comprises a door access device management unit, the mobile terminal further comprises a positioning unit, the positioning unit is connected with the controller, and the door access device management unit is connected with the control module.
6. The door access control system based on the two-dimensional code as claimed in claim 1, wherein the key decryption unit comprises an RC4 decryption unit, an MD5 decryption unit or an RSA decryption unit, and the key encryption unit comprises an RC4 encryption unit, an MD5 encryption unit or an RSA encryption unit.
7. The two-dimensional code based access control system according to claim 1, wherein the server further comprises a character string analysis unit and a verification unit, the fourth communication unit is connected with the character string analysis unit, the character string analysis unit is connected with the key decryption unit, and the key decryption unit is connected with the control module through the verification unit.
8. The two-dimensional code based access control system of claim 7, wherein the verification unit comprises a time verification unit, a key verification unit and an access control device verification unit.
9. The two-dimensional code based access control system of claim 1, wherein the first decryption unit comprises a first RC4 decryption unit, a first MD5 decryption unit or a first RSA decryption unit, and the first encryption unit comprises a first RC4 encryption unit, a first MD5 encryption unit or a first RSA encryption unit.
10. The door access control system based on the two-dimensional code of claim 1, wherein the server further comprises a key generation unit, and the key generation unit is respectively connected with the control module and the key encryption unit.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202020688549.5U CN211979737U (en) | 2020-04-29 | 2020-04-29 | Access control system based on two-dimensional code |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202020688549.5U CN211979737U (en) | 2020-04-29 | 2020-04-29 | Access control system based on two-dimensional code |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN211979737U true CN211979737U (en) | 2020-11-20 |
Family
ID=73344849
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202020688549.5U Active CN211979737U (en) | 2020-04-29 | 2020-04-29 | Access control system based on two-dimensional code |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN211979737U (en) |
-
2020
- 2020-04-29 CN CN202020688549.5U patent/CN211979737U/en active Active
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9836906B2 (en) | Time synchronization | |
| JP3222110B2 (en) | Personal identification fob | |
| US8495382B2 (en) | In-circuit security system and methods for controlling access to and use of sensitive data | |
| JP3222111B2 (en) | Remote identity verification method and apparatus using personal identification device | |
| CN104167029B (en) | A kind of intelligent lock and its operating method | |
| CN106971441B (en) | Unlocking method, door lock, key and lockset | |
| EP0888677B1 (en) | An authentication method and system based on periodic challenge/response protocol | |
| US8307207B2 (en) | Biometric key | |
| US20110084799A1 (en) | Lock system including an electronic key and a passive lock | |
| CN108712389B (en) | Intelligent lock system | |
| US20080059806A1 (en) | Vehicle information rewriting system | |
| US9111084B2 (en) | Authentication platform and related method of operation | |
| CN110322600B (en) | Control method of electronic lock and electronic lock | |
| CN111540093A (en) | Access control system and control method thereof | |
| CN102609656A (en) | USB (universal serial bus) key safety enhancing method and USB key safety enhancing system based on image identification | |
| CN111583482A (en) | Access control system based on two-dimensional code and control method thereof | |
| CN113971849A (en) | Dynamic coded lock with management system | |
| JP2011128770A (en) | Ic card authentication system and ic card authentication method | |
| CN104135480A (en) | Entrance guard authorization system and entrance guard authorization method | |
| CN110298947B (en) | Unlocking method and electronic lock | |
| US20050127172A1 (en) | Access system | |
| CN110738764A (en) | Security control system and method based on intelligent lock | |
| CN207123882U (en) | A kind of antitheft cloud service door-locking system of multiple intelligent | |
| US20030014642A1 (en) | Security arrangement | |
| CN211979737U (en) | Access control system based on two-dimensional code |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20221008 Address after: Room 1505, Building 5, European and American Financial City, Cangqian Street, Yuhang District, Hangzhou City, Zhejiang Province, 311100 Patentee after: Green Living Cloud (Hangzhou) Information Technology Co.,Ltd. Address before: Room 1301, Building 1, Haichuang Technology Center, Cangqian Street, Yuhang District, Hangzhou City, Zhejiang Province, 311100 Patentee before: Three thousand (Hangzhou) Digital Technology Co.,Ltd. |