TWI519114B - Bluetooth safety system - Google Patents
Bluetooth safety system Download PDFInfo
- Publication number
- TWI519114B TWI519114B TW103126472A TW103126472A TWI519114B TW I519114 B TWI519114 B TW I519114B TW 103126472 A TW103126472 A TW 103126472A TW 103126472 A TW103126472 A TW 103126472A TW I519114 B TWI519114 B TW I519114B
- Authority
- TW
- Taiwan
- Prior art keywords
- data
- bluetooth
- identification data
- time
- mobile
- Prior art date
Links
Description
本發明係與藍牙系統有關,特別是有關於一種藍牙安全系統。 The present invention relates to Bluetooth systems, and more particularly to a Bluetooth security system.
按,門戶進出是居家安全性的首要重點,一般大門或各式門體大多設有防盜門鎖及對應使用之安全鑰匙,門鎖係一種設於門板與門框之間,藉分別設於門板與門框上之一鎖片與一扣合部相互配合,以達到鎖固門板與門框間之相對位置的目的,以防止宵小之輕易開門入內,造成居家安全之疏漏。 According to the portal, the entrance and exit of the portal is the primary focus of home security. Generally, most of the doors or doors are equipped with anti-theft door locks and corresponding security keys. The door locks are arranged between the door panel and the door frame, respectively. One of the locking pieces on the door frame cooperates with a fastening portion to achieve the purpose of locking the relative position between the door panel and the door frame, so as to prevent the small door from opening easily, thereby causing omission of home safety.
習用門鎖主要係於其內部設有一鎖片,該鎖片可受一鑰匙或一旋鈕的驅動而朝門鎖外側突伸,此外還可進一步利用彈簧的推頂以協助鎖片定位於上鎖或開鎖之位置處。然而,此類門鎖即為笨重且防盜效果亦不甚理想,且需隨身攜帶笨重的鑰匙。 The conventional door lock is mainly provided with a locking piece inside thereof, and the locking piece can be driven by a key or a knob to protrude toward the outside of the door lock, and further, the spring can be further used to assist the locking piece to be positioned and locked. Or at the location where the lock is unlocked. However, such door locks are cumbersome and the anti-theft effect is not ideal, and you need to carry a heavy key with you.
目前,已有具電子感應功能的門鎖,可利用無線射頻卡片感應以進行門鎖的開啟,因此不需隨身攜帶笨重的鑰匙,大幅改善門鎖使用的方便性。然,此類門鎖需預先儲存有各預設可通行感應卡片之預設身份碼及加密金鑰,並且需一併儲存有各預設可通行感應卡片之所有通行權限資料(例如:可通行接收裝置名稱及可通行接收裝置群組名稱、啟用期間 資料、其他輔助確認資料、有效期間資料、可通行時段資料、及可使用次數資料等),而在相同之儲存空間下,該門鎖可儲存之預設可通行感應卡片之資料組數較少,除此之外,該門鎖對感應卡片之通行權限資料每一項目皆需一一比對驗證,驗證較為費時緩慢,並且,此類之門鎖及感應卡片之用途、驗證安全性、或其他驗證項目並無法既安全又簡易進行變更,此外,若需通過多道門鎖,則需要攜帶多個對應之感應卡片,因此極為不便。 At present, there is a door lock with electronic sensing function, which can be used to open the door lock by using the wireless radio frequency card, so that it is not necessary to carry a heavy key with it, and the convenience of the door lock is greatly improved. However, such a door lock needs to pre-store the preset identity code and the encryption key of each preset passable card, and all the permission data of each preset passable card must be stored together (for example: passable) Receiving device name and passable receiving device group name, enabling period Data, other auxiliary confirmation data, valid period data, transit time data, and available data, etc., and in the same storage space, the door lock can store a preset number of data packets that can pass the sensor card. In addition, the door locks need to be verified one by one for each item of the permission information of the inductive card, the verification is relatively time consuming, and the use of such door locks and sensing cards, verification security, or Other verification items cannot be changed safely and easily. In addition, if multiple door locks are required, it is necessary to carry a plurality of corresponding sensing cards, which is extremely inconvenient.
因此,有必要提供一種新穎且具有進步性之藍牙安全系統,以解決上述之問題。 Therefore, it is necessary to provide a novel and progressive Bluetooth security system to solve the above problems.
本發明之主要目的在於提供一種藍牙安全系統,僅需於行動藍牙裝置儲存有預設之身份碼及加密金鑰,而不需於各待驗證裝置另儲存有所有通行權限資料,因此單一接收裝置可儲存更多組之可通行使用者資料;此外,所有通行權限資料係直接整合於該電子卡之識別資料中,僅需透過該行動藍牙裝置依據該識別資料中之通行權限資料進行比對判斷,即可完成高度安全性之驗證,並進行開門、開鎖、防盜等程序。 The main purpose of the present invention is to provide a Bluetooth security system that only needs to store a preset identity code and an encryption key in the mobile Bluetooth device, and does not need to store all the access rights data in each device to be verified, so the single receiving device More groups of passable user data can be stored; in addition, all pass permission data is directly integrated into the identification data of the electronic card, and only the mobile device of the mobile device is required to perform comparison and comparison according to the permission data in the identification data. , to complete the verification of high security, and to open the door, unlock, anti-theft and other procedures.
本發明之另一目的係可選擇性建立識別資料之通行權限資料之項目,以適用於不同用途、安全性或驗證速度設定之需求;同一電子卡為下次開門第一優先選用,可簡單快速地完成一電子卡之驗證。 Another object of the present invention is to selectively establish a project for identifying the access authority data of the data, so as to be suitable for different purposes, security or verification speed setting requirements; the same electronic card is the first priority for the next door opening, which can be simple and fast. Complete the verification of an electronic card.
為達成上述目的,本發明提供一種藍牙安全系統,其包括一識別資料發給單元、一行動藍牙裝置及一接收裝置。該識別資料發給單元,供產生及傳送一電子卡,該電子卡包括以一加密密碼進行加密之一識別資料,該加密密碼包括多數位元組,該等位元組之一部分可由使用者自行定 義之使用者定義位元組,該識別資料至少包括一組身份碼(Card ID code)、加密金鑰及通行權限資料。該行動藍牙裝置透過一傳輸通路接收經該加密密碼加密之該識別資料,且可選擇是否輸入部分解密密碼,當該解密密碼與該加密密碼相符時允許將解密後之該電子卡建入該行動藍牙裝置中,該行動藍牙裝置並具有一第一藍牙模組。該接收裝置具有一第二藍牙模組且設有一儲存單元,該儲存單元儲存有一接收裝置個資。其中,該接收裝置與該行動藍牙裝置之間選擇性地透過該第一及第二藍牙模組建立一通信連結,該行動藍牙裝置透過該通信連結進行一指令發送程序,該指令發送程序係至少傳送經該加密金鑰加密之該身份碼至該接收裝置。 To achieve the above object, the present invention provides a Bluetooth security system including an identification data sending unit, a mobile Bluetooth device, and a receiving device. The identification data is sent to the unit for generating and transmitting an electronic card, the electronic card includes one of the encrypted data encrypted by an encrypted password, the encrypted password includes a plurality of bytes, and one of the bits can be self-user set The user defines a byte, and the identification data includes at least a set of identity code (Card ID code), encryption key and access authority data. The mobile Bluetooth device receives the identification data encrypted by the encrypted password through a transmission path, and can select whether to input a partial decryption password, and allows the decrypted electronic card to be built into the action when the decrypted password matches the encrypted password. In the Bluetooth device, the mobile Bluetooth device has a first Bluetooth module. The receiving device has a second Bluetooth module and is provided with a storage unit, and the storage unit stores a receiving device. The receiving device and the mobile Bluetooth device selectively establish a communication link between the first and second Bluetooth modules, and the mobile Bluetooth device performs an instruction sending program through the communication link, where the command sending program is at least Transmitting the identity code encrypted by the encryption key to the receiving device.
10‧‧‧識別資料發給單元 10‧‧‧ Identification data is sent to the unit
11‧‧‧加密啟用模組 11‧‧‧Encryption Enablement Module
12‧‧‧輸入模組 12‧‧‧ Input Module
20‧‧‧行動藍牙裝置 20‧‧‧Mobile Bluetooth device
21‧‧‧第一藍牙模組 21‧‧‧First Bluetooth Module
30‧‧‧接收裝置 30‧‧‧ Receiving device
31‧‧‧第二藍牙模組 31‧‧‧Second Bluetooth Module
32‧‧‧儲存單元 32‧‧‧ storage unit
33‧‧‧資料處理單元 33‧‧‧Data Processing Unit
圖1及圖2為本發明一較佳實施例之電子卡發卡示意圖。 1 and 2 are schematic diagrams of electronic card issuance according to a preferred embodiment of the present invention.
圖3及圖4為本發明一較佳實施之藍牙安全系統應用示意圖。 3 and FIG. 4 are schematic diagrams showing the application of a Bluetooth security system according to a preferred embodiment of the present invention.
圖5為本發明一較佳實施例之藍牙安全系統運作流程圖。 FIG. 5 is a flowchart of operation of a Bluetooth security system according to a preferred embodiment of the present invention.
以下僅以實施例說明本發明可能之實施態樣,然並非用以限制本發明所欲保護之範疇,合先敘明。 The following is a description of the possible embodiments of the present invention, and is not intended to limit the scope of the invention as claimed.
請參考圖1至圖5,其顯示本發明之一較佳實施例,本發明之藍牙安全系統包括一識別資料發給單元10、一行動藍牙裝置20及一接收裝置30。其中,該藍牙安全系統例如可應用於一般門禁、巡邏、鐵捲門、保全、加減值等領域,然任何其他可透過藍牙系統控制之系統亦可適用。 Referring to FIG. 1 to FIG. 5, a preferred embodiment of the present invention is shown. The Bluetooth security system of the present invention includes an identification data sending unit 10, a mobile Bluetooth device 20, and a receiving device 30. Among them, the Bluetooth security system can be applied to, for example, general access control, patrol, iron roll door, security, addition and subtraction, etc., but any other system that can be controlled by the Bluetooth system can also be applied.
該識別資料發給單元10供產生及傳送一電子卡,該電子卡 包括以一加密密碼進行加密之一識別資料,該加密密碼包括多數位元組(例如:16位元組(byte)),該等位元組之一部分(例如:4位元組)可由使用者自行定義之使用者定義位元組,該識別資料至少包括一組身份碼(Card ID code)、加密金鑰及通行權限資料。該識別資料發給單元10例如係為一管理者電腦、人資電腦系統、雲端管理系統、智能手機或任何類似管理裝置,該身份碼可依需要而設定為16位或其他位數密碼,該加密金鑰例如係為高階加密標準(Advanced Encryption Standard,AES KEY)或其他加密標準,該通行權限資料例如包括可通行之裝置名稱、裝置群組、時段、有效起訖期限、可通行次數、是否有對該接收裝置30進行校時權限、加減值等,但不以此為限。該識別資料發給單元10可透過任何途徑(如有線/無線網路、藍牙、e-mail、即時通軟體或其他方式),將該識別資料傳送至該行動藍牙裝置20。 The identification data is sent to the unit 10 for generating and transmitting an electronic card, the electronic card Including encrypting one of the encrypted passwords, the encrypted password includes a plurality of bytes (for example, 16 bytes), and one of the bytes (for example, 4 bytes) can be used by the user. A self-defining user-defined byte, the identification data including at least one set of identity code (Card ID code), encryption key, and access authority data. The identification data sending unit 10 is, for example, a manager computer, a human computer system, a cloud management system, a smart phone or any similar management device, and the identity code can be set to 16 bits or other digit passwords as needed. The encryption key is, for example, an Advanced Encryption Standard (AES KEY) or other encryption standard, and the traffic authority information includes, for example, a passable device name, a device group, a time period, an effective start time, a passable number, and whether there is The receiving device 30 performs the timing authority, the addition and subtraction, and the like, but is not limited thereto. The identification data sending unit 10 can transmit the identification data to the mobile Bluetooth device 20 by any means such as wired/wireless network, Bluetooth, e-mail, instant messaging software or the like.
該行動藍牙裝置20透過一傳輸通路接收經該加密密碼加密 之該識別資料,該行動藍牙裝置20可選擇是否輸入部分解密密碼(例如:16位元組加密密碼之前12位元組為預先輸入,後4位元組之密碼可由使用者自行輸入或採用系統預設值),當該解密密碼與該加密密碼相符時允許將解密後之該電子卡建入該行動藍牙裝置20中,該行動藍牙裝置20並具有一第一藍牙模組21。該行動藍牙裝置20例如是一具有藍牙功能之手機、電腦或其他行動裝置。該行動藍牙裝置20與該接收裝置30較佳係利用藍牙4.0進行通訊,可自動與該接收裝置30完成連線,但亦可利用其他藍牙版本。 The mobile Bluetooth device 20 receives the encrypted password through a transmission path. For the identification data, the mobile Bluetooth device 20 can select whether to input a partial decryption password (for example, the 12-bit tuple before the 16-bit encrypted password is pre-entered, and the password of the last 4-byte can be input by the user or adopt the system. The preset value) allows the decrypted electronic card to be built into the mobile Bluetooth device 20 when the decrypted password matches the encrypted password. The mobile Bluetooth device 20 has a first Bluetooth module 21. The mobile Bluetooth device 20 is, for example, a Bluetooth enabled mobile phone, computer or other mobile device. The mobile Bluetooth device 20 and the receiving device 30 preferably communicate with the Bluetooth 4.0, and can automatically connect to the receiving device 30, but other Bluetooth versions can also be utilized.
該接收裝置30例如是一藍牙開關,該藍牙開關可同時具有 讀取頭及控制器功能,該接收裝置30具有一第二藍牙模組31且設有一儲存 單元32,該接收裝置30並具有一供處理、比對及判斷資料的資料處理單元33,該儲存單元32儲存有一接收裝置個資。該儲存單元32可存有至少一組身份碼的白名單及黑名單、以及加密金鑰,該接收裝置30個資(裝置本身之資料)例如裝置名稱、裝置群組、裝置本身之時間等。其中,該接收裝置30與該行動藍牙裝置20之間係選擇性地透過該第一藍牙模組21及該第二藍牙模組31建立一通信連結,該行動藍牙裝置20透過該通信連結進行一指令發送程序,該指令發送程序係至少傳送經該加密金鑰加密之該身份碼至該接收裝置30。 The receiving device 30 is, for example, a Bluetooth switch, and the Bluetooth switch can have both The read head and the controller function, the receiving device 30 has a second Bluetooth module 31 and is provided with a storage The unit 32, the receiving device 30 has a data processing unit 33 for processing, comparing and judging data, and the storage unit 32 stores a receiving device. The storage unit 32 may store a white list and a blacklist of at least one set of identity codes, and an encryption key, and the receiving device 30 resources (data of the device itself) such as a device name, a device group, a time of the device itself, and the like. The communication device 30 and the mobile Bluetooth device 20 selectively establish a communication link between the first Bluetooth module 21 and the second Bluetooth module 31. The mobile Bluetooth device 20 performs a communication connection. An instruction transmitting program that transmits at least the identity code encrypted by the encryption key to the receiving device 30.
較佳地,該識別資料發給單元10另包括一加密啟用模組11 及一與該加密啟用模組11連接之輸入模組12,該輸入模組12例如為鍵盤或觸控螢幕,該加密啟用模組11設有一預設啟用碼,當該加密啟用模組11接收來自由該輸入模組12輸入之輸入碼與該預設啟用碼相符時,該識別資料發給單元10允許進行該識別資料之建立。換言之,當欲使用該識別資料發給單元10建立該電子卡之前,需先經由該輸入模組12輸入與該預設啟用碼相符之資料,始可啟用建立該電子卡之功能,可防止非具有權限之人員隨意建立電子卡而增加安全性。 Preferably, the identification data sending unit 10 further includes an encryption enabling module 11 And an input module 12 connected to the encryption enabling module 11, the input module 12 is, for example, a keyboard or a touch screen, and the encryption enabling module 11 is provided with a preset enabler code. When the encryption enabling module 11 receives When the input code input from the input module 12 matches the preset enabler code, the identification data issuance unit 10 allows the establishment of the identification data. In other words, before the identification data is sent to the unit 10 to establish the electronic card, the data corresponding to the preset activation code needs to be input through the input module 12, and the function of establishing the electronic card can be enabled to prevent non- A person with authority can create an electronic card at will to increase security.
較佳地,該識別資料另包括一啟用期間資料,該行動藍牙裝 置20具有一第一裝置時間資料(該行動藍牙裝置20上之顯示時間),當該第一裝置時間資料係落於該啟用期間資料所界定之時間區間內時,則該行動藍牙裝置20始可建入該電子卡,若該第一裝置時間資料未落於該啟用期間資料所界定之時間區間內時,則該行動藍牙裝置20即不可建入該電子卡、或該電子卡隨即失效而無法使用。要說明的是,當於該行動藍牙裝置 20輸入之解密密碼不正確或未於啟用期間匯入該電子卡,則此後該電子卡即無法匯入該行動藍牙裝置20且被廢棄不用。 Preferably, the identification data further includes an enabling period data, the mobile Bluetooth device The device 20 has a first device time data (display time on the mobile Bluetooth device 20), and when the first device time data falls within a time interval defined by the enabled period data, the mobile Bluetooth device 20 starts The electronic card can be built in, and if the first device time data does not fall within the time interval defined by the data during the activation period, the mobile Bluetooth device 20 cannot be built into the electronic card, or the electronic card is invalidated. Not available. It should be noted that when the Bluetooth device is in the action If the 20-entered decryption password is incorrect or the electronic card is not imported during the activation period, the electronic card cannot be imported into the mobile Bluetooth device 20 and is discarded.
在本實施例中,該識別資料另包括一第一輔助確認資料,該 行動藍牙裝置20具有一設備辨識資料,當該行動藍牙裝置20判斷該第一輔助確認資料與該設備辨識資料相符時,始可透過該行動藍牙裝置20進行該指令發送程序。該第一輔助確認資料及該設備辨識資料例如是國際移動設備辨識碼(International Mobile Equipment Identity number,IMEI)或電話號碼,其中該行動藍牙裝置20若為手機,則其具有獨一無二之IMEI碼及電話號碼,因此若該第一輔助確認資料與該設備辨識資料不相符時,則無法透過該行動藍牙裝置20進行該指令發送程序,如此可增加驗證之安全性。 In this embodiment, the identification data further includes a first auxiliary confirmation data, and the The mobile Bluetooth device 20 has a device identification data, and when the mobile Bluetooth device 20 determines that the first auxiliary confirmation data matches the device identification data, the instruction transmitting program can be performed through the mobile Bluetooth device 20. The first auxiliary confirmation data and the device identification data are, for example, an International Mobile Equipment Identity Number (IMEI) or a telephone number, wherein if the mobile Bluetooth device 20 is a mobile phone, it has a unique IMEI code and a telephone. The number, therefore, if the first auxiliary confirmation data does not match the device identification data, the instruction transmitting program cannot be performed through the mobile Bluetooth device 20, so that the security of the verification can be increased.
其中,當該接收裝置30接收該組加密金鑰及身份碼後,若 該接收裝置30具有與該加密金鑰及身份碼相符之加密金鑰及身份碼,該接收裝置30即可進行一相應於該指令發送程序所發出之指令的允許動作程序(例如:開/關門;巡邏確認;鐵捲門之上、下、停動作;防盜設定、防盜解除、開門;或再傳送CARD ID及相關資料至其它裝置(如門禁控制器))。 Wherein, after the receiving device 30 receives the set of encryption keys and the identity code, The receiving device 30 has an encryption key and an identity code corresponding to the encryption key and the identity code, and the receiving device 30 can perform an allowable action program corresponding to the instruction issued by the instruction sending program (for example, opening/closing the door Patrol confirmation; iron roll door above, down, stop action; anti-theft settings, anti-theft release, open the door; or re-transmit CARD ID and related information to other devices (such as access controller).
依不同需求可選擇性地加強安全性,例如,該識別資料發給 單元10可包括一供對該識別資料進行加密之加密模組,對發給該行動藍牙裝置20之識別資料進行加密(例如AES KEY),該識別資料另包括一第二輔助確認資料,該第二輔助確認資料與該加密模組對該識別資料進行加密之加密密碼綁定成組,該識別資料發給單元10能判斷來自該行動藍牙裝置20之一輸入輔助確認資料是否與該第二輔助確認資料相符,若相符,則該行動藍牙裝置20始可解密經加密後之該識別資料。該第二輔助確認資料例 如為一電子郵件地址,該識別資料發給單元10可進一步透過與該加密之加密密碼綁定成組的該電子郵件地址,來確認使用者是否為該電子卡之真正持有人。 Selectively enhance security according to different needs, for example, the identification data is sent to The unit 10 may include an encryption module for encrypting the identification data, and encrypting the identification data sent to the mobile Bluetooth device 20 (for example, AES KEY), the identification data further including a second auxiliary confirmation data, the first The second auxiliary confirmation data is bound to the encrypted password encrypted by the encryption module for the identification data, and the identification data sending unit 10 can determine whether the input auxiliary confirmation data from the mobile Bluetooth device 20 is related to the second auxiliary. The confirmation data matches, and if they match, the mobile Bluetooth device 20 can decrypt the encrypted identification data. Example of the second auxiliary confirmation data If it is an e-mail address, the identification data issuing unit 10 can further confirm whether the user is the real holder of the electronic card by binding the e-mail address grouped with the encrypted encrypted password.
為方便說明,在本實施例中,該電子卡定義為一BCard (BluetoothCard),該識別資料另包括電子卡版本(BCard版本,A至Z)、電子卡名稱(BCard預設名稱)、電子卡類型(1:新增;2:置換AES KEY;3:置換全部BCard)、電子卡用途(1:一般門禁;2:巡邏;3:鐵捲門;4:保全;5:加減值)、藍牙登入密碼(login密碼);該識別資料另包括一接收裝置30前導碼(例如:門區編碼之前二碼),該接收裝置30具有一供與該接收裝置前導碼進行比對之預設裝置前導碼;該識別資料另包括至少一可通行接收裝置名稱及至少一可通行接收裝置群組名稱,該接收裝置30具有供與該可通行接收裝置名稱及該至少一可通行接收裝置群組名稱進行比對之一預設裝置名稱及一預設裝置群組名稱;該識別資料包括該啟用期間資料(Bcard匯入到例如手機上之應用軟體(App)的有效起始時間,年月日小時分;BCard匯入到App的有效結束時間,年月日小時分),該行動藍牙裝置20具有供與該啟用期間資料進行比對之第一裝置時間資料;該識別資料包括該第一輔助確認資料,該行動藍牙裝置20具有供與該第一輔助確認資料進行比對之設備辨識資料;該識別資料包括該第二輔助確認資料,該第二輔助確認資料與該加密模組對該識別資料進行加密之加密密碼綁定成組,該第二輔助確認資料供與該密碼進行比對;該識別資料另包括一有效期間資料(BCard資料有效起始日期,年月日小時分;BCard資料有效結束日期,年月日小時分),該行動藍牙裝置20具有一供與該有效期間資料進 行比對之第一裝置時間資料;該識別資料另包括一可通行時段資料(開始時間+結束時間+強制輸入個人密碼),該可通行時段資料供與該第一裝置時間資料之時間進行比對;該識別資料另包括一可使用次數資料;該識別資料另包括一校時權限資料,該接收裝置30具有一第二裝置時間資料,該時間差標準供以該第一裝置時間資料對該第二裝置時間資料進行校時,該接收裝置30接收該行動藍牙裝置20之發送指令後將該第二裝置時間資料變更為與該第一裝置時間資料相同。 For convenience of description, in the embodiment, the electronic card is defined as a BCard. (BluetoothCard), the identification data includes electronic card version (BCard version, A to Z), electronic card name (BCard preset name), electronic card type (1: new; 2: replacement AES KEY; 3: replacement all BCard), electronic card use (1: general access control; 2: patrol; 3: iron roll door; 4: security; 5: plus or minus value), Bluetooth login password (login password); the identification data further includes a receiving device 30 preamble a code (for example, two codes before the gate area code), the receiving device 30 has a preset device preamble for comparing with the receiving device preamble; the identification data further includes at least one passable receiving device name and at least one Receiving a device group name, the receiving device 30 having a preset device name and a preset device group name for comparing with the passable device name and the at least one passable device group name; The identification data includes the data during the activation period (the effective start time of the Bcard importing into the application software (App) on the mobile phone, the year, month, day and hour; the effective end time of the BCard import to the App, the year, month, day and hour) , the action blue The device 20 has first device time data for comparison with the data during the activation period; the identification data includes the first auxiliary confirmation data, and the mobile Bluetooth device 20 has device identification for comparison with the first auxiliary confirmation data. The identification data includes the second auxiliary confirmation data, and the second auxiliary confirmation data is combined with the encryption password encrypted by the encryption module for the identification data, and the second auxiliary confirmation data is compared with the password. The identification data further includes a valid period data (the effective start date of the BCard data, the year, month, and day hours; the BCard data effective end date, the year, month, and day hours), and the mobile Bluetooth device 20 has a valid period Data entry Comparing the first device time data; the identification data further includes a passable time data (start time + end time + mandatory input personal password), and the passable time period data is compared with the time of the first device time data The identification data further includes a usable number of times data; the identification data further includes a school time authority data, the receiving device 30 has a second device time data, the time difference standard is provided by the first device time data When the second device time data is being calibrated, the receiving device 30 receives the transmission command of the mobile Bluetooth device 20 and changes the second device time data to be the same as the first device time data.
以上所述之電子卡之識別資料可整理表列如以下表一,其中「是否可空」之欄位中之「N」代表「否」、「Y」代表「是」:
在一包括如上(表一)所示之識別資料的實施例中,其中當以下所有條件更進一步同時滿足時,該行動藍牙裝置20始可進行該指令發 送程序:該接收裝置前導碼與該預設裝置前導碼相符;該可通行接收裝置名稱及該至少一可通行接收裝置群組名稱與該預設裝置名稱及該預設裝置群組名稱相符;該第一裝置時間資料係落於該啟用期間資料所界定之時間區間內;該行動藍牙裝置20判斷該第一輔助確認資料與該設備辨識資料相符;該識別資料發給單元10能判斷來自該行動藍牙裝置20之一輸入輔助確認資料與該第二輔助確認資料相符;該第一裝置時間資料係落於該有效期間資料所界定之時間區間內;該第一裝置時間資料係落於該可通行時段資料所界定之時段內;以及,透過該行動藍牙裝置20以該識別資料與該接收裝置30進行驗證之次數未超過該可使用次數資料界定之可使用次數。其中,若該接收裝置30之個資(例如裝置名稱、裝置群組等)與該行動藍牙裝置20之識別資料中之通行權限資料中可通行之裝置名稱、裝置群組不相符而未顯示於該行動藍牙裝置20上時,該行動藍牙裝置20則不能發出指令;然而,若該行動藍牙裝置20之識別資料中的可通行之裝置名稱、裝置群組為「空」,即未設定任何裝置名稱、裝置群組,則該行動藍牙裝置20不過濾該接收裝置30之裝置名稱、裝置群組,可直接與該接收裝置30通訊連接,但還是必需再進一步判斷通行權限資料中其他資料是否相符,才可發出指令。 In an embodiment including the identification data as shown in (Table 1), wherein the mobile Bluetooth device 20 can perform the command when all of the following conditions are further satisfied at the same time. Sending a program: the receiving device preamble is matched with the preset device preamble; the passable receiving device name and the at least one passable receiving device group name are consistent with the preset device name and the preset device group name; The first device time data is within a time interval defined by the activation period data; the mobile Bluetooth device 20 determines that the first auxiliary confirmation data is consistent with the device identification data; the identification data sending unit 10 can determine from the One of the mobile Bluetooth devices 20 inputs an auxiliary confirmation data that matches the second auxiliary confirmation data; the first device time data falls within a time interval defined by the valid period data; the first device time data falls on the The time period defined by the travel time data; and the number of times the Bluetooth device 20 authenticates the identification data with the receiving device 30 through the mobile device 20 does not exceed the usable number of times defined by the usable data. If the personal information of the receiving device 30 (for example, the device name, the device group, and the like) does not match the device name and the device group in the traffic authorization data in the identification data of the mobile Bluetooth device 20, it is not displayed. When the mobile device 20 is on the mobile device 20, the mobile Bluetooth device 20 cannot issue an instruction; however, if the device name and the device group in the identification data of the mobile Bluetooth device 20 are "empty", no device is set. Name, device group, the mobile Bluetooth device 20 does not filter the device name and device group of the receiving device 30, and can directly communicate with the receiving device 30, but it is necessary to further determine whether other materials in the traffic authority data are consistent. , can only issue instructions.
另外,本發明之藍牙安全系統亦可增設有加減值服務相關功 能,例如:該識別資料可另包括加減值服務資料,該接收裝置30為一加減值服務系統(例如一與銀行可進行金額匯入或/及匯出等服務之自動機械、或雲端伺服器等)並設有至少一供與該加減值服務資料比對之預設加減值服務資料,以應用於包括儲值或/及扣款程序。 In addition, the Bluetooth security system of the present invention may also add and subtract service related work. For example, the identification data may further include an added or subtracted service data, and the receiving device 30 is an add-on and drop service system (for example, an automatic machine or a cloud server that can perform services such as importing and/or exporting money to the bank) And at least one of the preset plus or minus service data for comparison with the added or subtracted service data for use in a stored value or/and debit procedure.
要說明的是,基於本發明之精神,該藍牙安全系統之架構可 加以變化設計,該識別資料之通行權限資料可依不同需求或安全性而不同,例如:該接收裝置前導碼、該可通行接收裝置名稱及該至少一可通行接收裝置群組名稱、該啟用期間資料匯入到該行動藍牙裝置20上之應用軟體(App)的有效起始時間、該第一輔助確認資料、該第二輔助確認資料、該有效期間資料、該可通行時段資料、或該可使用次數資料,皆可為選擇性資料(可有可無),如此可定義出具有不同安全性的電子卡。 It should be noted that, based on the spirit of the present invention, the architecture of the Bluetooth security system can be According to the change design, the traffic authorization data of the identification data may be different according to different needs or security, for example, the receiving device preamble, the passable receiving device name, and the at least one passable receiving device group name, the enabling period The effective start time of the application software (App) that is imported into the mobile Bluetooth device 20, the first auxiliary confirmation data, the second auxiliary confirmation data, the valid period data, the passable period data, or the The usage data can be optional (optional), so that electronic cards with different security can be defined.
本發明至少可實現以下功能: The present invention can at least achieve the following functions:
1. 一個行動藍牙裝置(如藍牙手機)上可存32組或更多組的電子卡(BCard)。 1. A mobile Bluetooth device (such as a Bluetooth mobile phone) can store 32 or more sets of electronic cards (BCard).
2. 接收裝置前導碼:行動藍牙裝置的主畫面只顯示有符合行動藍牙裝置中所有電子卡的接收裝置前導碼名稱的接收裝置(如門區裝置),若有電子卡的前導碼為空,則不過濾接收裝置名稱。 2. Receiving device preamble: The main screen of the mobile Bluetooth device only displays the receiving device (such as the door device) that matches the receiving device preamble name of all the electronic cards in the mobile Bluetooth device. If the preamble of the electronic card is empty, The receiving device name is not filtered.
3. 依照電子卡之用途於行動藍牙裝置顯示不同對應按鈕,如下表所列:
4. 電話號碼,驗證時取最後8碼進行判斷。 4. Telephone number, the last 8 codes are taken for verification.
5. EMAIL驗證寄送信中的驗證碼為6碼。 5. The verification code in the EMAIL verification mailing letter is 6 yards.
(1)可通行時段限制:發行BCard時可設定可通行時段,可一至多個時段,起始加結束共8碼24小時制;送出開門指令時,夾帶手機本機時間,若接收裝置與行動藍牙裝置之間的時間相差10分鐘以上(可於工具程式中設定),則提示”時間誤差過大,請校時”; (1) Passable time limit: When the BCard is issued, the passable time can be set. It can be one or more time periods, starting and ending with a total of 8 codes and 24 hours; when sending the door opening command, the mobile phone is equipped with the local time, if the receiving device and the action The time difference between Bluetooth devices is more than 10 minutes (can be set in the utility program), then the message "Time error is too large, please check the time";
(2)強制輸入個人密碼:承上,可依時段設定是否需輸入個人密碼才可通行,”0”為不需輸入,”1”為需輸入;儲存於App中,6至12位數;預設密碼為000000。 (2) Forcibly input personal password: On the basis of the time limit, you can enter the personal password to pass, “0” is no input, “1” is required input; stored in App, 6 to 12 digits; The default password is 000000.
(3)可通行次數:可限定此BCard可通行的總次數。 (3) Passable times: The total number of times this BCard can pass can be limited.
(4)限定可通行門區:以裝置名為限制條件,可多門區限制,空白為無限制。 (4) Restricted passable door area: The device name is restricted, and the multi-door area can be restricted. The blank is unlimited.
(1)可在App中設置相當前綴字串之裝置名稱為同一門區群組,例如:有四個門區裝置,名稱分別為:SY1-DOOR1,SY1-DOOR2,SY2-FRONT,SY3-BACK,其中,設定SY1為群組前綴詞,則SY1-DOOR1及SY1-DOOR2,視為同一門區群組,以此類推。 (1) The device name that can set the equivalent prefix string in the App is the same gate group group. For example, there are four gate area devices with the names: SY1-DOOR1, SY1-DOOR2, SY2-FRONT, SY3-BACK Where SY1 is the group prefix word, then SY1-DOOR1 and SY1-DOOR2 are regarded as the same gate group, and so on.
(2)門區群組可設置別名。 (2) The door group can be set to an alias.
(3)最多可設定16組。 (3) Up to 16 groups can be set.
(1)選擇門區後,點選開門,App可自動判斷行動藍牙裝置(如藍牙手機)中是否有任何對應之BCard,若有相對應之BCard,且在當下是有權限開門,才送出識別資料給接收裝置。 (1) After selecting the door area, click to open the door. The App can automatically determine whether there is any corresponding BCard in the mobile Bluetooth device (such as Bluetooth mobile phone). If there is a corresponding BCard, and the current door has permission to open the door, the identification is sent. Information is given to the receiving device.
(2)判斷條件:可通行門區群組、可通行門區、可通行時區,判斷依據可參
考下表:
(3)開門成功後,將記錄開門成功的BCard ID,為下次開門第一優先選用的BCard。 (3) After the door is opened successfully, the successful BCard ID will be recorded, which is the first preferred BCard for the next door opening.
(1)反脅迫密碼不得與個人密碼相同(例如:反脅迫密碼預設為888888,較佳為6位以上)。 (1) The anti-duress password must not be the same as the personal password (for example, the anti-duress password is preset to 888888, preferably 6 or more).
(2)當使用者輸入反脅迫密碼時,即傳送反脅迫指令給門區裝置。 (2) When the user inputs the anti-duress password, the anti-stress command is transmitted to the gate device.
(1)行動藍牙裝置之App主畫面可顯示1024個或更多個門區裝置。 (1) The App main screen of the mobile Bluetooth device can display 1024 or more door zone devices.
(2)行動藍牙裝置僅顯示符合前導碼的門區裝置。 (2) The mobile Bluetooth device only displays the door zone device that matches the preamble.
傳送電子卡之要求:Requirements for transferring electronic cards:
電子卡指令發送格式(在本例中:固定32Byte) Electronic card command transmission format (in this example: fixed 32Byte)
用途(Type):(1:門禁/2:巡邏/3:鐵捲門/4:保全/5:加減值) Use (Type): (1: access control/2: patrol / 3: iron roll door / 4: security /5: plus or minus)
指令(Cmd):(1:一般/鐵捲門(1:開/2:停/3:關)/保全(1:設定/2:解除) Command (Cmd): (1: General / Iron Roll Door (1: On / 2: Stop / 3: Off) / Security (1: Set / 2: Release)
狀態(Status):(1:一般/2:密碼OK/3:反脅迫OK) Status: (1: General/2: Password OK/3: Anti-Duress OK)
藍芽通訊配對密碼(BT-PIN):例如:"8888" Bluetooth Communication Pairing Password (BT-PIN): For example: "8888"
模擬卡號(UID):例如:0x00 0x80 0x20 0xB6 0xEA 0x8A 0x57 0x04 Analog card number (UID): For example: 0x00 0x80 0x20 0xB6 0xEA 0x8A 0x57 0x04
模擬密碼(PIN):例如:0x12 0x34 0xFF 0xFF 0xFF 0xFF 0xFF 0xFF Analog Password (PIN): For example: 0x12 0x34 0xFF 0xFF 0xFF 0xFF 0xFF 0xFF
校時權限(Admin):(0:無校時權限/1:有校時權限);例如:0x01 Admin time (Admin): (0: no school time permission / 1: there is a school time permission); for example: 0x01
校時時間(DateTime):Y(2)MDHNS;例如:0x07 0xDE 0x06 0x 1E 0xB 0x00 0x00;其中,YMDHNS分別代表「年月日小時分秒」 DateTime: Y(2)MDHNS; for example: 0x07 0xDE 0x06 0x 1E 0xB 0x00 0x00; where YMDHNS stands for "year, month, day, hour, minute and second"
傳送電子卡之回應:Response to the transfer of the electronic card:
電子卡指令回應格式(在本例中:固定24Byte) Electronic card command response format (in this example: fixed 24Byte)
用途(Type):(1:讀卡機模式/2:控制器模式/3:鐵捲門模式) Type: (1: Card Reader Mode/2: Controller Mode / 3: Iron Roll Gate Mode)
功能(Func):(1:一般/2:需要密碼) Function (Func): (1: General/2: password required)
狀態(Status):(0:無/1:正確/2:需要密碼) Status: (0: no /1: correct/2: password required)
裝置型號(Mode):例如:0x0604 Device model: For example: 0x0604
裝置序號(S/N):例如:0x14170001 Device serial number (S/N): For example: 0x14170001
裝置時間(DateTime):Y(2)MDHNSW;例如:0x07 0xDE 0x06 0x1E 0xB 0x00 0x00 0x01;其中,YMDHNS分別代表「年月日小時分秒星期」 Device time (DateTime): Y (2) MDHNSW; for example: 0x07 0xDE 0x06 0x1E 0xB 0x00 0x00 0x01; where YMDHNS stands for "year, month, day, hour, minute and week"
其中,上述傳送電子卡之要求/回應之內容僅為舉例說明,實際上係可依據不同需求變更設計。 The content of the request/response of the above-mentioned transmission electronic card is merely an example, and in fact, the design can be changed according to different needs.
透過本發明之藍牙安全系統,該行動藍牙裝置僅需儲存有預設之身份碼、加密金鑰及通行權限資料,而不需於各待驗證裝置另儲存有所有通行權限資料(例如:可通行接收裝置名稱及可通行接收裝置群組名稱、啟用期間資料、其他輔助確認資料、有效期間資料、可通行時段資料、及可使用次數資料),因此單一接收裝置可儲存更多組之可通行使用者資料;此外,所有通行權限資料係直接整合於該電子卡之識別資料中,僅需透過該行動藍牙裝置依據該識別資料中之通行權限資料進行比對判斷,即可完成高度安全性之驗證,並進行開門、開鎖、防盜加減值等程序。 Through the Bluetooth security system of the present invention, the mobile Bluetooth device only needs to store the preset identity code, the encryption key and the traffic authority data, and does not need to store all the permission rights data in each device to be verified (for example: passable) Receiving device name and accessible receiving device group name, enabling period data, other auxiliary confirmation data, valid period data, passable time data, and usable data), so a single receiving device can store more groups for universal use. In addition, all the access rights data are directly integrated into the identification data of the electronic card, and the high-security verification can be completed only by comparing the traffic authority data in the identification data through the mobile Bluetooth device. And carry out procedures such as opening the door, unlocking, and adding and subtracting theft.
並且,該識別資料之通行權限資料之項目可依不同需求或安全性而選擇性建立,可依據不同應用領域或系統選擇適用之電子卡安全性或驗證速度設定。 Moreover, the item of the access authority data of the identification data can be selectively established according to different needs or security, and the applicable electronic card security or verification speed setting can be selected according to different application fields or systems.
此外,該識別資料即包含有可通行接收裝置名稱及可通行接收裝置群組名稱、啟用期間資料、其他輔助確認資料、有效期間資料、可通行時段資料、及可使用次數資料,因此可簡單快速地完成一電子卡之驗證。更甚者,該行動藍牙裝置可於一電子卡通過驗證後紀錄該電子卡之身份碼,於下次進行驗證時即為第一優先選用的電子卡,並直接進行其他資 料之辨認,更可加速驗證速度。 In addition, the identification data includes the name of the passable receiving device and the name of the group of the passable receiving device, the data of the enabling period, other auxiliary confirmation data, the data of the valid period, the data of the passage time, and the data of the number of times of use, so that it can be simple and fast Complete the verification of an electronic card. Moreover, the mobile Bluetooth device can record the identity code of the electronic card after the verification of an electronic card, and is the first preferred electronic card when the next verification is performed, and directly carry out other resources. The identification of the material can speed up the verification.
綜上所述,本發明之整體結構設計、實用性及效益上,確實是完全符合產業上發展所需,且所揭露之結構發明亦是具有前所未有的創新構造,所以其具有「新穎性」應無疑慮,又本發明可較之習知結構更具功效之增進,因此亦具有「進步性」,其完全符合我國專利法有關發明專利之申請要件的規定,乃依法提起專利申請,並敬請 鈞局早日審查,並給予肯定。 In summary, the overall structural design, practicability and efficiency of the present invention are indeed fully in line with the needs of industrial development, and the disclosed structural invention is also an unprecedented innovative structure, so it has "novelty" should Undoubtedly, the invention can be more effective than the conventional structure, and therefore has "progressiveness", which fully complies with the requirements of the application requirements of the invention patents of the Chinese Patent Law, and is filed according to law, and please The bureau will review it early and give it affirmation.
21‧‧‧第一藍牙模組 21‧‧‧First Bluetooth Module
30‧‧‧接收裝置 30‧‧‧ Receiving device
31‧‧‧第二藍牙模組 31‧‧‧Second Bluetooth Module
32‧‧‧儲存單元 32‧‧‧ storage unit
33‧‧‧資料處理單元 33‧‧‧Data Processing Unit
Claims (12)
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| TW103126472A TWI519114B (en) | 2014-08-01 | 2014-08-01 | Bluetooth safety system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| TW103126472A TWI519114B (en) | 2014-08-01 | 2014-08-01 | Bluetooth safety system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| TW201444309A TW201444309A (en) | 2014-11-16 |
| TWI519114B true TWI519114B (en) | 2016-01-21 |
Family
ID=52423470
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| TW103126472A TWI519114B (en) | 2014-08-01 | 2014-08-01 | Bluetooth safety system |
Country Status (1)
| Country | Link |
|---|---|
| TW (1) | TWI519114B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| TWI761385B (en) * | 2017-01-19 | 2022-04-21 | 開曼群島商釘釘控股(開曼)有限公司 | Device configuration method, device, and system |
-
2014
- 2014-08-01 TW TW103126472A patent/TWI519114B/en not_active IP Right Cessation
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| TWI761385B (en) * | 2017-01-19 | 2022-04-21 | 開曼群島商釘釘控股(開曼)有限公司 | Device configuration method, device, and system |
Also Published As
| Publication number | Publication date |
|---|---|
| TW201444309A (en) | 2014-11-16 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10560444B2 (en) | Methods, apparatuses and systems for providing user authentication | |
| US10431029B2 (en) | Access control system | |
| KR102056722B1 (en) | Authentication system, and transmit terminal, receive terminal, and right authentication method of same | |
| US10740481B2 (en) | Security systems and methods with identity management for access to restricted access locations | |
| EP3228107B1 (en) | Access control system with virtual card data | |
| EP2747361B1 (en) | Method using a single authentication device to authenticate a user to a service provider among a plurality of service providers and device for performing such a method | |
| US8947200B2 (en) | Method of distributing stand-alone locks | |
| JP3198191U (en) | Access control system that integrates Bluetooth (registered trademark) and NFC and has video transmission | |
| KR101259546B1 (en) | Method for smart-key service | |
| WO2014083335A4 (en) | A method and system of providing authentication of user access to a computer resource via a mobile device using multiple separate security factors | |
| KR20160048203A (en) | System for accessing data from multiple devices | |
| CN106603484A (en) | Virtual key method and apparatus using the same, background system, and user terminal | |
| CN202230487U (en) | Mobile paying code processor and system | |
| US20090250513A1 (en) | Close-contact-confirm-then-communicate data exchange methods and apparatus | |
| US11094152B2 (en) | System and method for applying over-locks without requiring unlock codes | |
| US8990887B2 (en) | Secure mechanisms to enable mobile device communication with a security panel | |
| WO2013123453A1 (en) | Data storage devices, systems, and methods | |
| TWI519114B (en) | Bluetooth safety system | |
| CN102904720A (en) | Method and system for mobile payment password processing | |
| JP2016136352A (en) | Gate control system | |
| US20190325427A1 (en) | Contactless device and method for generating a unique temporary code | |
| KR20190092023A (en) | Virtual key authentication method using Internet of Things | |
| JP6633401B2 (en) | Electronic lock system | |
| JP6763681B2 (en) | Key data distribution system | |
| US20220086631A1 (en) | Verfahren zur Nutzungsfreigabe sowie Funktionsfreigabeeinrichtung hierzu |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| MM4A | Annulment or lapse of patent due to non-payment of fees |