TWI553595B - Access control system and its method - Google Patents

Description

Access control management system and method thereof

The present invention relates to an access control management system and method thereof, and more particularly to an access control management system and method thereof that can mutually authenticate each other through a mobile device between a resident and a visitor.

With the advancement of digital life technology, in recent years, more and more new buildings or second-generation technology houses have adopted video doorbells (also called video walkie-talkies) to replace the traditional audio building intercom. The advantage of the video doorbell is that the homeowner can confirm the identity of the visitor through the video in the video. However, the video doorbell on the market is more expensive than the traditional audio building intercom, regardless of the price of the equipment or the additional wiring construction cost. Expensive cost is the biggest resistance to the promotion of video doorbells.

In addition, if the video doorbell is to be installed in a completed building, the wiring construction is more difficult. If the communication signal of the video doorbell can be transmitted through the existing regional network in the building, the construction cost can be greatly reduced.

On the other hand, smart phones made by mainland manufacturers (such as Xiaomi) or Taiwanese manufacturers (such as ASUS and Hon Hai) are not only cheap but also fully functional. For example, the Hon Hai Infocus M210 4.7 吋 four-core smart phone sold on the market only needs 3,288 yuan, the Turbo quad-core 1.5GHz red rice mobile phone is only 3,999 yuan, and the MT6577 dual-core 4.3-inch Yangtze River mobile phone is only 2990. yuan. It is expected that in the fierce market competition, the price of smart phones will be further reduced in the future and the popularity in the world will also increase year by year. According to market research agency Nielsen According to the report, by the end of June 2012, 54.9% of mobile phone users in the United States had switched to smart phones. In addition, according to the survey conducted by FIND in 2012, there are about 7.07 million people holding smart phones or tablets in Taiwan. It is estimated that by 2015, Taiwan's smart phone penetration rate will reach 56.8%. Due to the low cost, high popularity of smart phones and the functions of performing videoconferencing, Wi-Fi wireless area network communication and password input, smart phones are suitable as walkie-talkie hardware devices for video doorbells.

In view of this, in order to solve the above problems, how to reduce the construction cost of the access control management system, and combine with today's convenient wireless communication network and popular mobile devices, and even more highly secure peer-to-peer communication verification mechanism to achieve wisdom The goal of a healthy life is an issue that the industry needs to solve.

Specifically, in view of the high popularity and future growth trend of smart phones in Taiwan, the applicants have developed a set of video doorbell access control systems that are low-cost, practical, and easy to manufacture and install. The "Bell View" software can be installed on any commercially available Android smartphone. It is characterized by P2P video dialogue and gate electronic lock switch control through the existing local area network of the building to save the walkie-talkie. The wiring cost of the line and the troubles in avoiding construction. Visitors can open the "Bell View" software for the outdoor unit at the gate, and then enter the floor and room number of the homeowner through the software interface to initiate a video conversation. Next, the "Bell View" software will use the P2P interactive video live application platform provided by the Technical Department of the Ministry of Economic Affairs to connect with the home unit's indoor unit and initiate a P2P video conversation. Once the homeowner answers the video conversation and presses the "open the door" button on the indoor unit software interface to open the door electronic lock. Visitors can also open the door by entering a password directly on the outdoor unit interface. In addition to the general video access control function, "Bell View" adds security monitoring. Just match the general database system, The "Bell View" can also record the visitor's image during the visitor's video or when the visitor enters the password for future reference.

In order to improve the security of this software, we have added RSA encryption and decryption and authentication mechanism. When the owner presses the "open the door" button, the indoor unit encrypts the password stored in advance and the time of opening the door, and sends the encrypted message for opening the door to the outdoor unit, so that the outdoor unit verifies whether the opening message is in the building. The indoor unit is issued. Because each encryption takes less time, this can make the encrypted messages generated at different times unique, making it more difficult for third parties to crack encrypted messages. "Bell View" uses the above mechanism to prevent people who are interested in cracking the open message format by listening to the message, thereby preventing unauthorised outsiders from forging the door opening message to open the door. In the process of using the password to open the door, we applied the OpenCV image processing library for face detection. The library is sponsored and developed by Intel Corporation and is available to the public for free in the commercial and research fields. With OpenCV's face detection function, the outdoor unit can determine whether the visitor's face image is clearly captured during the visitor's password entry and record the current lens image. In the case where the face feature cannot be recognized, the software will not allow the visitor to enter the password to open the door. This feature ensures that managers can query the building's entry and exit records in the future and can access a sufficiently visible visitor's face video.

An object of the present invention is to provide an access control management system that can reduce the cost of establishing an access control management system.

To achieve the above objective, the present invention provides an access control management system for providing a resident to verify the identity of a visitor through a regional network to decide to release the access control to the visitor. The access control system includes a point-to-point interactive platform, a first mobile device, and a second mobile device. The point-to-point audio-visual interactive platform is coupled to the regional network, wherein the point-to-point audio-visual interactive platform Storing a location information of the household; the first mobile device allows the visitor to access the peer-to-peer interactive platform through the local area network to retrieve the address information, and send a notification message according to the address information; and the second mobile device After receiving the notification message, the encrypted message is transmitted to the first mobile device through the local area network, so that the first mobile device sends an unlock message to the electronic lock of the resident to release the access control, wherein the encrypted message is combined with the release of the access control at the time. Time, an encryption algorithm and a predetermined set of passwords preset in the second mobile device. In this way, the present invention can achieve the access control management through the wireless area network, which can greatly reduce the construction cost of the access control.

Another object of the present invention is to provide an access control management method capable of performing a highly secure peer-to-peer communication verification mechanism access control through a regional network.

To achieve the above objective, the present invention provides an access control management method for providing a resident to verify the identity of a visitor through a regional network to decide to release the access control to the visitor. The access control management method includes the following steps: providing a point-to-point ( Peer to peer, P2P) audio and video interactive platform in the regional network; access to the point-to-point audio-visual interactive platform; capture the point-to-point audio-visual interactive platform to store the address information of the household where the household is located; send a notification message according to the address information Receiving the notification message, transmitting an encrypted message; and transmitting an unlock message to the household electronic lock according to the encrypted message to release the access control, wherein the encrypted message is combined with an unlocking time, an encryption algorithm at the time And a set of preset passwords preset in the second mobile device. In this way, the encrypted message generated by the present invention at different times is unique, and the difficulty of cracking the password by the third party is increased, so as to improve the security of the peer-to-peer communication verification mechanism.

Furthermore, the present invention utilizes the P2P interactive video live broadcast application platform provided by the technical department of the Ministry of Economic Affairs, a generally low-priced smart mobile phone that is commercially available, an electronic lock drive circuit that costs no more than five hundred yuan, and is common to each floor. A wireless AP (wireless network access point) can produce a video walkie-talkie system that is comparable in performance to the market. In addition to supporting video intercom, wireless transmission, password resolution With the lock and other functions, our "Bell View" system is better than eliminating the wiring costs of the walkie-talkie line. In addition, the "Bell View" system is extremely expandable and easy to install. Simply download the "Bell View" software on your smartphone and complete the easy setup procedure. The software can automatically operate the mobile phone to connect to the building's regional network via wireless AP, and add the existing "Bell View" video. Doorbell access control system.

Other objects of the present invention, as well as the technical means and implementations of the present invention, will be apparent to those skilled in the art in view of the appended claims.

1‧‧‧Access Control System

10‧‧‧ Households

102‧‧‧Electronic lock

111‧‧‧ Location Information

12‧‧‧Regional Network

14‧‧‧ Point-to-point audio-visual interactive platform

16‧‧‧First mobile device (visitor)

161‧‧‧Notice message

163‧‧‧Unlock message

18‧‧‧Second mobile device

181‧‧‧Encrypted messages

Steps S301 to S325‧‧‧ are flowcharts of the access control method between the first and second mobile devices

Step S327, step S329‧‧‧ is a flow chart for transmitting an encrypted message

1 is a schematic diagram of an access control management system according to an embodiment of the present invention.

FIG. 2 is a schematic diagram of a module of the first and second mobile devices according to an embodiment of the present invention.

3A is a flowchart of a method for managing an access control between first and second mobile devices according to an embodiment of the present invention; and FIG. 3B is a flowchart of transmitting an encrypted message according to an embodiment of the present invention; and FIG. Another schematic diagram of an access control management system according to an embodiment of the present invention.

The present invention will be explained by way of several embodiments and several drawings. However, the embodiments and the shapes and sizes of the embodiments shown in the drawings are only for explaining the present invention, and are not intended to limit the present invention. It can be implemented in any particular environment, application or special manner as described in the embodiments.

Please refer to FIG. 1 , which is a schematic diagram of an access control management system according to an embodiment of the present invention. The access control system 1 is used to provide a resident 10 to verify the identity of a visitor through a regional network 12 to determine the release of the access control to the visitor. The access control management system 1 includes a point-to-point audio-visual interactive platform 14, a first mobile device 16, and a second mobile device 18.

The point-to-point audio-visual interactive platform 14 is used to couple the local area network 12, wherein the point-to-point audio-visual interactive platform 14 stores the address information 111 where the tenant 10 is located. The peer-to-peer interactive platform 14 here can provide the P2P interactive video live application platform provided by the Taiwan Ministry of Economic Affairs.

The first mobile device 16 may be a smart phone equipped with an Android system, but does not limit the present invention by the Android system and the smart phone. In the implementation, the use of the iOS system does not depart from the spirit of the present invention; or, if a mobile device such as a tablet or a notebook computer is used, the spirit of the present invention is not deviated. The first mobile device 16 can be accessed by the visitor through the local area network 12 where the tenant 10 is located to access the peer-to-peer interactive platform 14 to retrieve the address information 111. When the first mobile device 16 receives the address information 111, it sends a notification message 161 based on the address information 111. The aforementioned address information 111 contains related information such as the floor, room number and/or door number of the tenant 10.

The second mobile device 19 may also be a smart phone equipped with an Android system, but the present invention is not limited by the Android system and the smart phone. In the implementation, the use of the iOS system does not depart from the spirit of the present invention; or, if a mobile device such as a tablet or a notebook computer is used, the spirit of the present invention is not deviated. After receiving the notification message 161, the second mobile device 18 transmits an encrypted message 181 to the first mobile device 16 through the area network 12, so that the first mobile device 16 sends an unlock message 163 to an electronic lock 102 of the household 10. The access control is released, wherein the unlocking message 163 is transmitted to the electronic lock 102 of the household 10 through an earphone hole (not shown) of the first mobile device 16 to release the access control. The technical feature of the present invention is that the encrypted message 181 is combined with an unlocking time at that time. That is to say, the encrypted message 181 generated by the present invention at different times is unique, and the difficulty of cracking the password by the third party is increased to improve the security of the peer-to-peer communication verification mechanism. The aforementioned encrypted message can be an RSA encryption algorithm.

Please refer to FIG. 2, which is a schematic diagram of a module of the first and second mobile devices according to an embodiment of the present invention. In the implementation of the present invention, the first mobile device 16 needs to include an outdoor unit module 201, a first operation interface module 203, a face detection module 205, and an identity verification decryption module 207. The second mobile device 18 includes an indoor unit module 209, an identity verification encryption module 211, and a second operation interface module 213.

The outdoor unit module 201 of the first mobile device 16 is configured to access the peer-to-peer interactive platform 14 to retrieve the address information 111 and then send the notification message 161 to the indoor unit module 209 of the second mobile device 18 to enable the indoor unit module 209 receives the notification message 161 from the first mobile device 16. The purpose of the notification message 161 is primarily to allow the first mobile device 16 and the second mobile device 18 to clearly confirm that they are connected to each other.

Next, the first mobile device 16 directs the visitor to the first operational interface module 203. Specifically, at this time, the user interface of the first mobile device 16 displays a menu of "password open" and "video intercom" included in the first operation interface module 203 for the visitor to select. Get in touch with the residents you want to visit.

For example, when the visitor selects "Password Open", the lens on the first mobile device 16 is turned on and the face detection module 205 is activated to detect the facial features of the visitor. During the detection of facial features, the face detection module 205 may return the facial features of the visitor to the second mobile device 18 from time to time. If the facial feature of the visitor is not detected, the visitor of the first mobile device 16 is prompted to face the lens and re-detect; if the face is not detected continuously within five seconds, the main screen is returned. If the facial feature is successfully detected, a virtual numeric keypad is displayed on the screen of the first mobile device 16 for the visitor to enter the password. How the visitor obtains the input password will be described in detail later when the second mobile device 18 is explained.

When the visitor selects "video intercom", the first mobile device 16 displays a virtual numeric keypad on the screen and asks the visitor to enter the address information 111, such as the floor, room number and/or door number, thereby opening the P2P video session. Then, the resident selects "answer" or "hang up" through the second mobile device 18. If you select "Hang Up", the communication between them will end; if you select "Receive", the next action will be entered. That is, if the resident who wants to visit agrees to the visitor, the encrypted message 181 is sent to the first mobile device 16 via the second mobile device 18, and the authentication decryption module 207 of the first mobile device 16 decrypts the encrypted message 181. The first mobile device 16 then sends an unlock message 163 to the household's electronic lock 102 to release the access control.

It should be further explained that after the indoor unit module 209 receives and verifies the "password opening" or "video intercom" command from the first mobile device 16, the authentication and encryption module 211 starts performing the first action. The data to be transmitted by device 16 is encrypted to form encrypted message 181. The encrypted message 181 of the present invention is combined with a current unlocking time, an RSA encryption algorithm and a predetermined set of passwords preset in the second mobile device. In this way, the encrypted message 181 is unique and increases the difficulty of the third party to crack the password to improve the security of the peer-to-peer communication verification mechanism.

Finally, the second operation interface module 213 is executed, that is, the user interface of the second mobile device 18 at this time appears for the user to decide whether to send the encrypted message 181 to the first mobile device 16. If the decision of the resident is "Yes", the second mobile device 18 sends an encrypted message 181 to the first mobile device 16, and then causes the authentication decryption module 207 to decrypt the encrypted message 181 and then sends the electronic lock 102 to the resident. Unlock message 163 to unlock the door. If the household's decision is "NO", the second mobile device 18 waits to receive the next notification message.

Please refer to FIG. 3A, which is a flowchart of a method for managing access control between first and second mobile devices according to an embodiment of the present invention. The first and second mobile devices can be equipped with an Android system. The smart phone, but does not limit the invention by Android system and smart phone. The access control management method of the present invention is for providing a resident to verify the identity of a visitor through a regional network to decide to release the access control to the visitor. The access control management method comprises the following steps.

First, in step S301, a point-to-point audio-visual interactive platform is provided in the regional network, where the point-to-point audio-visual interactive platform is a P2P interactive video live application platform provided by the Ministry of Economic Affairs. However, the implementation of the present invention is limited to this platform. Next, proceeding to step S303, the first mobile device is provided for the visitor to access the peer-to-peer interactive platform through the local area network of the resident. Then, in step S305, the first mobile device captures the address information of the peer-to-peer interactive platform. After the first mobile device receives the address information, proceeding to step S307, sending a notification message according to the address information, wherein the purpose of the notification message is mainly to make the first mobile device and the second mobile device clearly confirm that they are connected to each other. Line, and the aforementioned address information includes information such as the floor, room number and/or door number of the resident.

Before the notification message is sent by the first mobile device, step S309 is performed first, and a menu including a password opening and a video intercom is provided. In other words, the first mobile device will guide the visitor to the user interface to select one of the options of "password open" and "video intercom".

When the visitor selects the "Password Open" option, the process proceeds to step S311, where the first mobile device opens the lens to the visitor and returns the facial features of the visitor to the second mobile device. Then, in step S313, the second mobile device outputs a determination result according to the facial features of the visitor. If the determination result is "successful", step S315 is performed to transmit an encrypted message to the visitor (or the first mobile device of the visitor). ). If the result of the determination is "failure", step S321 is performed to wait for the next notification message.

After step S315 is completed, step S317 is performed, and the first mobile device receives the encrypted message and decrypts it. Finally, in step S319, the first mobile device sends an unlock message. An electronic lock to the household to unlock the door. It should be particularly noted that the technical feature of the present invention is that the encrypted message is combined with a release time, an encryption algorithm, and a preset set of preset passwords in the second mobile device. Encrypted messages are not only unique, but also increase the difficulty of third-party password cracking to improve the security of the peer-to-peer communication verification mechanism.

Please refer to FIG. 3B, which is a flowchart of sending an encrypted message according to an embodiment of the present invention. If the result of the determination in step S313 is "success", the process proceeds to step S327, where an encrypted message is formed in the second mobile device. Then, step S329 is performed, and the resident of the second mobile device is provided to decide whether to send the encrypted message. If the determination is YES, the process proceeds to step S315. If the determination is "NO", the process returns to step S321.

As described above, when the present invention is implemented, the order of step S327 and step S329 can be reversed, and the effect of the adjusted execution does not affect the performance of the access control management method.

Returning to FIG. 3A and referring to FIG. 4, it is another schematic diagram of the access control management system according to an embodiment of the present invention. When the visitor selects "video intercom", the process proceeds to step S323, where the virtual number keypad is displayed on the screen of the first mobile device and the visitor is required to input address information such as floor, room number and/or door number. Then, proceeding to step S325, the second mobile device receives the address information of the visitor and establishes a P2P video conversation with the first mobile device. Then, the process proceeds to step S327 and step S329. The subsequent execution steps are the same as the aforementioned "password opening", and will not be described here.

In summary, the access control management system and the method thereof in the wireless area of the present invention can not only greatly reduce the construction cost of the access control management, but also have the uniqueness of the encrypted information generated at different times and increase the difficulty of the third party to crack the password. To improve the security of the peer-to-peer communication verification mechanism.

1‧‧‧Access Control System

10‧‧‧ Households

102‧‧‧Electronic lock

111‧‧‧ Location Information

12‧‧‧Regional Network

14‧‧‧ Point-to-point audio-visual interactive platform

16‧‧‧First mobile device (visitor)

161‧‧‧Notice message

163‧‧‧Unlock message

18‧‧‧Second mobile device

181‧‧‧Encrypted messages

Claims (10)

An access control management system for providing a resident to verify the identity of a visitor through a regional network to decide to release the access control to the visitor. The access control management system includes: a peer-to-peer (P2P) audio-visual interactive platform, The point-to-point audio-visual interactive platform stores the address information of the household where the household is located; and a first mobile device for the visitor to access the point-to-point interactive platform through the regional network to capture the location Address information, and sending a notification message according to the address information; and a second mobile device, after receiving the notification message, transmitting an encrypted message to the first mobile device through the local area network, so that the first The mobile device sends an unlock message to the electronic lock of the resident to cancel the access control, wherein the encrypted message is combined with a release time at the time, an encryption algorithm and a preset set in the second mobile device. password. The access control management system of claim 1, wherein the first mobile device further comprises: an outdoor unit module, configured to access the point-to-point audio-visual interactive platform to retrieve the address information and send the notification message; The operation interface module includes a password opening and a video intercom menu, and when the notification message is sent, is used to guide the visitor to select the password to open the door and the video intercom; and a face detection module And when the visitor selects the password to open the door, the facial feature of the visitor is returned to the second mobile device; and an authentication and decryption module is used to confirm the facial feature of the visitor, and the decryption comes from The encrypted message transmitted by the second mobile device, and then the first mobile device sends the unlock message to the electronic lock of the resident to release the access control. The access control management system of claim 2, wherein the first operation interface module further comprises: when the visitor selects the video intercom option, the visitor is required to input the address information. The access control management system of claim 2, wherein the second mobile device further comprises: An indoor unit module for receiving the notification message from the first mobile device; an identity verification encryption module forming the encrypted message according to the notification message; and a second operation interface module for the household to decide Whether the encrypted message is sent to the first mobile device. The access control management system of claim 1, wherein the unlocking message is transmitted to the electronic lock of the household through an earphone hole of the first mobile device to release the access control. An access control management method for providing a resident to verify the identity of a visitor through a regional network to decide to release the access control to the visitor. The access control management method comprises the following steps: providing peer-to-peer (P2P) video and audio interaction The platform is in the regional network; accessing the point-to-point audio-visual interactive platform; capturing the point-to-point audio-visual interactive platform to store the address information of the household where the household is located; sending a notification message according to the address information; receiving the notification message, transmitting one Encrypting the message to the visitor; and, according to the encrypted message, sending an unlock message to the electronic lock of the resident to cancel the access control, wherein the encrypted message is combined with an unlocking time, an encryption algorithm and a predetermined set of passwords at the time . The access control management method of claim 6, wherein the performing the "sending a notification message according to the address information" further comprises the steps of: providing a menu including a password opening and a video intercom; and the notification message After being sent, the visitor is guided to select the password to open the door and one of the video intercom; when the visitor selects the option to open the password, the facial feature of the visitor is returned; and a facial feature is output according to the facial feature of the visitor. If the result of the determination is "success", the encrypted message is transmitted; and the encrypted message is received and decrypted. The access control management method of claim 7, further comprising the step of: when the visitor selects the video intercom option, the visitor is required to input the address information. The access control management method described in claim 7 further includes the following steps: Forming the encrypted message according to the result of the determination as "success"; and providing the household to decide whether to send the encrypted message. The access control management method of claim 7, wherein if the determination result is "failed", the next notification message is awaited.