TWI848504B - Access management system and method - Google Patents

Access management system and method Download PDF

Info

Publication number
TWI848504B
TWI848504B TW112100448A TW112100448A TWI848504B TW I848504 B TWI848504 B TW I848504B TW 112100448 A TW112100448 A TW 112100448A TW 112100448 A TW112100448 A TW 112100448A TW I848504 B TWI848504 B TW I848504B
Authority
TW
Taiwan
Prior art keywords
certificate
server
access
visitor
access control
Prior art date
Application number
TW112100448A
Other languages
Chinese (zh)
Other versions
TW202429396A (en
Inventor
張育豪
劉宥辰
汪筠捷
翁菁美
黃仲維
Original Assignee
中興保全科技股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中興保全科技股份有限公司 filed Critical 中興保全科技股份有限公司
Priority to TW112100448A priority Critical patent/TWI848504B/en
Application granted granted Critical
Publication of TWI848504B publication Critical patent/TWI848504B/en
Publication of TW202429396A publication Critical patent/TW202429396A/en

Links

Landscapes

  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)
  • Lock And Its Accessories (AREA)

Abstract

An access management system and method are provided. The access management system comprises a local device, a server, a client device, and a gate control device. The local device generates a certificate request according to a visiting information. The local device sends the visiting information to the server. The sever generates a visiting certificate and a certificate message and sends the certificate message to the local device. The local device sends the certificate message to client device. The client device acquires corresponded the visiting certificate from the server according to the certificate message. The gate control device connects to the server. The gate control device comprises an electric lock unit. The gate control device generates a verify request according to the certificate message of the client device. The gate control device sends the verify request to the server. The server generates a gate control order according to the verify request, and sends the gate control order to the gate control device.

Description

門禁排程的處理系統與方法Access control scheduling processing system and method

關於一種遠端控制的處理系統與方法,特別有關一種門禁排程的處理系統與方法。 A remote control processing system and method, in particular, a access control scheduling processing system and method.

傳統的門禁管理是以保全人員作為訪客確認的首要方式。由於保全人力的各種限制,所以保全人員並無法全天候的管控。並且不同的環境場域對於保全人員的人力要求也有所不同。最常見的情況為外部訪客欲拜訪本地住戶。一般而言,保全人員在確認外部訪客與本地住戶兩邊後,就由外部訪客自行移動至本地住戶的樓層。在外部訪客移動的過程中,保全人員僅能通過監控系統觀看。所以外部訪客的移動過程中會產生安全的疑慮。雖然可以通過感應磁扣或門禁卡等方式,限制外部訪客的移動路徑。但前述的門禁控制方式均有可能被複製,所以也會產生其他的安全問題。 Traditional access control management uses security personnel as the primary method of visitor confirmation. Due to various restrictions on security personnel, security personnel cannot provide all-weather control. In addition, different environments have different requirements for security personnel. The most common situation is that external visitors want to visit local residents. Generally speaking, after the security personnel confirm both the external visitor and the local resident, the external visitor moves to the local resident's floor by himself. During the movement of external visitors, security personnel can only watch through the monitoring system. Therefore, security concerns will arise during the movement of external visitors. Although the movement path of external visitors can be restricted by inductive magnetic buckles or access control cards. However, the aforementioned access control methods may be copied, so other security issues may arise.

有鑑於此,在一些實施例中,所述的門禁排程的處理系統提供遠端控制門禁的排程內容,以供接獲訪問權限的使用者可以於所指定的時段中通行。門禁排程的處理系統包括本地裝置、伺服器與門控裝置。伺服器根據所接收的憑證生成要求產生訪客憑證與憑證通知;本地裝置根據 外訪裝置與所屬的訪問資訊產生憑證生成要求,本地裝置傳送憑證生成要求給伺服器,本地裝置傳送憑證通知至外訪裝置,外訪裝置根據憑證通知向伺服器獲取相應的訪客憑證;門控裝置網路連接於伺服器,門控裝置包括電子鎖元件,門控裝置根據外訪裝置的訪客憑證產生驗證要求,門控裝置傳送驗證要求至伺服器;其中,伺服器根據驗證要求產生門禁控制命令,並將門禁控制命令發送至門控裝置。門禁排程的處理系統可以根據不同的訪客賦予相應的通行權限,並且指派相應的通行時段。本地用戶也可以隨時向伺服器發出通行權限或時段的修改要求,增加門禁管控的操作彈性。 In view of this, in some embodiments, the access control scheduling processing system provides remote control access control scheduling content so that users who have obtained access rights can pass through during the specified time period. The access control scheduling processing system includes a local device, a server and a door control device. The server generates a visitor certificate and a certificate notification according to the received certificate generation request; the local device generates a certificate generation request according to the external visiting device and the access information thereof, the local device transmits the certificate generation request to the server, the local device transmits the certificate notification to the external visiting device, and the external visiting device obtains the corresponding visitor certificate from the server according to the certificate notification; the door control device is network-connected to the server, the door control device includes an electronic lock element, the door control device generates a verification request according to the visitor certificate of the external visiting device, and the door control device transmits the verification request to the server; wherein the server generates an access control command according to the verification request, and sends the access control command to the door control device. The access control scheduling processing system can grant corresponding access rights to different visitors and assign corresponding access time periods. Local users can also send access rights or time period modification requests to the server at any time to increase the operational flexibility of access control.

在一些實施例中,訪問資訊包括外訪裝置的通行日期、通行時段、通行次數、有效期限、身份資訊或其組合。 In some embodiments, the access information includes the access date, access time period, access times, validity period, identity information, or a combination thereof of the access device.

在一些實施例中,伺服器生成用戶驗證頁面與相應用戶驗證頁面的連結資訊,用戶驗證頁面包括識別條碼,識別條碼適配於訪客憑證,伺服器將連結資訊加入憑證通知。 In some embodiments, the server generates a user verification page and link information of the corresponding user verification page, the user verification page includes an identification barcode, the identification barcode is suitable for the visitor's certificate, and the server adds the link information to the certificate notification.

在一些實施例中,外訪裝置根據連結資訊向伺服器獲取識別條碼。 In some embodiments, the access device obtains an identification barcode from the server based on the link information.

在一些實施例中,伺服器判斷訪客憑證為合法的外訪裝置,伺服器發送門禁控制命令並解鎖門控裝置;伺服器判斷訪客憑證為非法的外訪裝置,伺服器發送門禁控制命令至門控裝置並由門控裝置產生警示通知。 In some embodiments, if the server determines that the visitor's credentials are from a legitimate external visitor device, the server sends an access control command and unlocks the access control device; if the server determines that the visitor's credentials are from an illegal external visitor device, the server sends an access control command to the access control device and the access control device generates a warning notification.

在一些實施例中,門控裝置進行解鎖時,伺服器向本地裝置 發送來訪通知。 In some embodiments, when the door control device is unlocked, the server sends an incoming access notification to the local device.

在一些實施例中,伺服器對訪問資訊進行加密處理並產生訪客憑證。 In some embodiments, the server encrypts the access information and generates a visitor certificate.

在一些實施例中,更包括管理裝置,網路連接於伺服器,管理裝置根據外訪裝置的訪客憑證產生另一驗證要求,管理裝置傳送另一驗證要求至伺服器。 In some embodiments, a management device is further included, which is connected to the server via a network. The management device generates another authentication request based on the visitor certificate of the external device, and the management device sends another authentication request to the server.

在一些實施例中,一種門禁排程的處理方法,其係包括伺服器根據憑證生成要求產生訪客憑證與憑證通知;外訪裝置根據憑證通知獲取相應的訪客憑證;由門控裝置讀取外訪裝置的訪客憑證並產生驗證要求;門控裝置傳送驗證要求至伺服器;伺服器根據驗證要求產生門禁控制命令,並將門禁控制命令發送至門控裝置。 In some embodiments, a method for processing access control scheduling includes a server generating a visitor certificate and a certificate notification according to a certificate generation request; an external access device obtaining a corresponding visitor certificate according to the certificate notification; a door control device reading the visitor certificate of the external access device and generating a verification request; the door control device transmitting the verification request to the server; the server generating an access control command according to the verification request and sending the access control command to the door control device.

在一些實施例中,在伺服器根據憑證生成要求產生訪客憑證的步驟包括:伺服器對憑證生成要求的訪問資訊進行加密處理並產生訪客憑證。 In some embodiments, the step of generating a visitor certificate in accordance with a certificate generation request at the server includes: the server encrypts the access information of the certificate generation request and generates a visitor certificate.

在一些實施例中,外訪裝置根據憑證通知獲取相應的訪客憑證的步驟包括:伺服器根據訪客憑證生成用戶驗證頁面與相應用戶驗證頁面的連結資訊,用戶驗證頁面包括識別條碼,識別條碼適配於訪客憑證;伺服器將連結資訊加入憑證通知。 In some embodiments, the step of the external access device obtaining the corresponding visitor certificate according to the certificate notification includes: the server generates the link information of the user verification page and the corresponding user verification page according to the visitor certificate, the user verification page includes an identification barcode, and the identification barcode is suitable for the visitor certificate; the server adds the link information to the certificate notification.

在一些實施例中,在外訪裝置根據憑證通知獲取相應的訪客憑證的步驟包括:伺服器傳送憑證通知至本地裝置;本地裝置將憑證通知發送至外訪裝置。 In some embodiments, the step of obtaining the corresponding visitor credential based on the credential notification at the external device includes: the server sends the credential notification to the local device; the local device sends the credential notification to the external device.

在一些實施例中,在伺服器根據驗證要求產生門禁控制命令,並將門禁控制命令發送至門控裝置的步驟包括:伺服器判斷驗證要求的訪客憑證是否合法;若訪客憑證為合法,伺服器令門控裝置解鎖;若訪客憑證為非法,伺服器發送警示通知至本地裝置。 In some embodiments, the server generates an access control command according to the verification request and sends the access control command to the door control device, including: the server determines whether the visitor's credential in the verification request is legal; if the visitor's credential is legal, the server unlocks the door control device; if the visitor's credential is illegal, the server sends a warning notification to the local device.

在一些實施例中,外訪裝置根據憑證通知獲取相應的訪客憑證的步驟後包括由管理裝置讀取外訪裝置的訪客憑證並產生另一驗證要求;伺服器判斷另一驗證要求的訪客憑證是否合法;若訪客憑證為合法,伺服器令門控裝置解鎖;若訪客憑證為非法,伺服器發送警示通知至本地裝置。 In some embodiments, the step of the visiting device obtaining the corresponding visitor credential according to the credential notification includes the management device reading the visitor credential of the visiting device and generating another authentication request; the server determines whether the visitor credential of the other authentication request is legal; if the visitor credential is legal, the server instructs the door control device to unlock; if the visitor credential is illegal, the server sends a warning notification to the local device.

所述的門禁排程的處理系統與方法可以指定訪客的通行時段、訪問次數或可通行區域。本地裝置也可以隨時向伺服器發出通行權限或時段的修改要求,增加門禁管控的操作彈性。並且外訪裝置不需逐次向本地裝置獲取訪客憑證,也降低雙方通訊的時間成本。此外,伺服器可以每經過預設時間定時更新識別條碼,藉以防止識別條碼的截圖被第三方所使用。 The access control scheduling processing system and method can specify the visitor's access time period, number of visits or accessible area. The local device can also send a request to the server to modify the access permission or time period at any time, increasing the operational flexibility of access control. And the external visiting device does not need to obtain the visitor certificate from the local device one by one, which also reduces the time cost of communication between the two parties. In addition, the server can regularly update the identification barcode every preset time to prevent the screenshot of the identification barcode from being used by a third party.

10:處理系統 10: Processing system

100:伺服器 100: Server

110:第一處理元件 110: First processing element

120:第一通訊元件 120: First communication element

130:第一儲存元件 130: First storage element

200:本地裝置 200: Local device

210:第二處理元件 210: Second processing element

220:第二通訊元件 220: Second communication element

230:輸入元件 230: Input component

300:門控裝置 300: Door control device

310:第三處理元件 310: Third processing element

320:第三通訊元件 320: Third communication element

330:讀取元件 330: Read components

340:電子鎖元件 340: Electronic locking element

400:外訪裝置 400: External access device

410:第四處理元件 410: Fourth processing element

420:第四通訊元件 420: Fourth communication element

430:第四儲存元件 430: Fourth storage element

440:顯示元件 440: Display component

500:管理裝置 500: Management device

510:第五處理元件 510: Fifth processing element

520:第五通訊元件 520: Fifth communication element

530:攝像元件 530: Imaging device

611:訪問資訊 611: Access information

612:憑證生成要求 612: Certificate generation request

621:訪客憑證 621: Visitor's pass

622:憑證通知 622: Certificate Notice

623:用戶驗證頁面 623: User verification page

624:識別條碼 624: Identify barcode

631:驗證要求 631: Verification Request

641:門禁控制命令 641: Access control command

S1:門禁範圍 S1: Access control range

S2:其餘範圍 S2: The rest of the range

S310~S380:步驟 S310~S380: Steps

T1~T3:時間點 T1~T3: Time point

圖1為此實施例的門禁排程的處理系統示意圖。 Figure 1 is a schematic diagram of the access control scheduling processing system of this embodiment.

圖2為此實施例的處理系統的元件示意圖。 Figure 2 is a schematic diagram of the components of the processing system of this embodiment.

圖3為此實施例的門禁排程的處理流程圖。 Figure 3 is a processing flow chart of the access control scheduling of this embodiment.

圖4為此實施例的門禁排程的處理系統示意圖。 Figure 4 is a schematic diagram of the access control scheduling processing system of this embodiment.

圖5為此實施例的門控裝置拍攝識別條碼的示意圖。 Figure 5 is a schematic diagram of the door control device of this embodiment photographing the identification barcode.

圖6為此實施例的不同時間點的生成用戶驗證頁面的示意圖。 Figure 6 is a schematic diagram of generating a user verification page at different time points in this embodiment.

圖7為此實施例的處理系統的元件示意圖。 FIG7 is a schematic diagram of the components of the processing system of this embodiment.

圖8為此實施例的門控裝置的元件示意圖。 Figure 8 is a schematic diagram of the components of the gate control device of this embodiment.

請配合參考圖1與圖2,門禁排程的處理系統(以下簡稱為處理系統10)包括伺服器100、本地裝置200與門控裝置300。伺服器100網路連接於本地裝置200、門控裝置300與至少一外訪裝置400。伺服器100包括第一處理元件110、第一通訊元件120與第一儲存元件130。第一處理元件110連接於第一通訊元件120與第一儲存元件130。 Please refer to Figures 1 and 2. The access control scheduling processing system (hereinafter referred to as the processing system 10) includes a server 100, a local device 200 and a door control device 300. The server 100 is network-connected to the local device 200, the door control device 300 and at least one external access device 400. The server 100 includes a first processing element 110, a first communication element 120 and a first storage element 130. The first processing element 110 is connected to the first communication element 120 and the first storage element 130.

第一通訊元件120接收憑證生成要求612或驗證要求631,第一通訊元件120傳送憑證通知622或門禁控制命令641。第一處理元件110根據憑證生成要求612產生訪客憑證621與相應的憑證通知622。憑證通知622的傳輸方式可以但不限定為推播、電子郵件、即時通訊、電信簡訊或語音通知。第一儲存元件130儲存訪客憑證621與相應訪客憑證621的用戶驗證頁面623。每一訪客憑證621各自對應於不同的外訪裝置400。第一處理元件110根據訪客憑證621生成相應的用戶驗證頁面623。第一處理元件110根據驗證要求631產生門禁控制命令641,並發送門禁控制命令641至門控裝置300,其運作將於後文詳述。 The first communication component 120 receives the credential generation request 612 or the verification request 631, and the first communication component 120 transmits a credential notification 622 or an access control command 641. The first processing component 110 generates a visitor credential 621 and a corresponding credential notification 622 according to the credential generation request 612. The transmission method of the credential notification 622 can be but is not limited to push, e-mail, instant messaging, text message or voice notification. The first storage component 130 stores the visitor credential 621 and the user verification page 623 of the corresponding visitor credential 621. Each visitor credential 621 corresponds to a different external access device 400. The first processing element 110 generates a corresponding user authentication page 623 according to the visitor certificate 621. The first processing element 110 generates an access control command 641 according to the authentication request 631, and sends the access control command 641 to the door control device 300, and its operation will be described in detail later.

前述的伺服器100、本地裝置200與門控裝置300均屬於同一門禁範圍S1之內的電子裝置,而外訪裝置400可以是門禁範圍S1外的電子 裝置,也可以是同一門禁範圍S1但不同的區域。例如:同一大樓中的不同樓層可以被視為不同的門禁範圍。圖1中係以粗黑虛線分隔成兩個範圍,分別為門禁範圍S1與其餘範圍S2。每一個門禁範圍具有至少一個門控裝置300,例如在門禁範圍S1中設置一個門控裝置300,在其餘範圍S2中設置三個門控裝置300。在一些實施例中,伺服器100或/及本地裝置200可不位於門控裝置300所屬的門禁範圍S1內。 The aforementioned server 100, local device 200 and door control device 300 are all electronic devices within the same access control range S1, while the external device 400 can be an electronic device outside the access control range S1, or it can be the same access control range S1 but a different area. For example: different floors in the same building can be regarded as different access control ranges. In Figure 1, two ranges are separated by a thick black dotted line, namely the access control range S1 and the remaining range S2. Each access control range has at least one door control device 300, for example, one door control device 300 is set in the access control range S1, and three door control devices 300 are set in the remaining range S2. In some embodiments, the server 100 and/or the local device 200 may not be located within the access control range S1 to which the door control device 300 belongs.

本地裝置200包括第二處理元件210、第二通訊元件220與輸入元件230。第二處理元件210連接於第二通訊元件220與輸入元件230。輸入元件230接收使用者所輸入的訪問資訊611。輸入元件230可以是但不限定為鍵盤、滑鼠或觸控螢幕等。訪問資訊611包括外訪裝置400的可通行日期、通行時段、通行次數、有效期限、通行區域、訪客的身份資訊或前述的組合。本地裝置200可以是個人電腦、筆記型電腦、平板電腦或行動電話。第二通訊元件220網路連接於伺服器100。第二處理元件210根據訪問資訊611產生憑證生成要求612,並驅動第二通訊元件220將憑證生成要求612發送至伺服器100。第二通訊元件220另接收伺服器100所傳送的憑證通知622。第二處理元件210根據訪問資訊611將憑證通知622發送至對應的外訪裝置400。 The local device 200 includes a second processing component 210 , a second communication component 220 and an input component 230 . The second processing component 210 is connected to the second communication component 220 and the input component 230 . The input component 230 receives the access information 611 input by the user. The input element 230 may be, but is not limited to, a keyboard, a mouse, a touch screen, etc. The access information 611 includes the accessible date, access period, number of accesses, validity period, access area, visitor's identity information, or a combination of the above of the external access device 400 . The local device 200 may be a personal computer, laptop, tablet or mobile phone. The second communication component 220 is connected to the server 100 via a network. The second processing component 210 generates a certificate generation request 612 according to the access information 611, and drives the second communication component 220 to send the certificate generation request 612 to the server 100. The second communication component 220 also receives a certificate notification 622 sent by the server 100. The second processing element 210 sends a certificate notification 622 to the corresponding external access device 400 according to the access information 611.

門控裝置300包括第三處理元件310、第三通訊元件320、讀取元件330與電子鎖元件340。第三處理元件310連接於第三通訊元件320、讀取元件330與電子鎖元件340。讀取元件330用於讀取外訪裝置400的訪客憑證621。在圖1與圖2中外訪裝置400係以虛線表示由門控裝置300 讀取識別條碼624。讀取元件330可以是攝像鏡頭、鍵盤、觸控螢幕或近場通信協議(Near Field Communication,NFC)。第三處理元件310根據訪客憑證621產生驗證要求631,並驅動第三通訊元件320將驗證要求631發送至伺服器100。第三通訊元件320接收伺服器100的門禁控制命令641。第三處理元件310根據門禁控制命令641控制電子鎖元件340進行解鎖、上鎖或播放警示通知。 The door control device 300 includes a third processing element 310, a third communication element 320, a reading element 330 and an electronic lock element 340. The third processing element 310 is connected to the third communication element 320, the reading element 330 and the electronic lock element 340. The reading element 330 is used to read the visitor certificate 621 of the external access device 400. In FIG. 1 and FIG. 2, the external access device 400 is represented by a dotted line to read the identification barcode 624 read by the door control device 300. The reading element 330 can be a camera, a keyboard, a touch screen or a Near Field Communication (NFC) protocol. The third processing element 310 generates a verification request 631 according to the visitor certificate 621, and drives the third communication element 320 to send the verification request 631 to the server 100. The third communication element 320 receives the access control command 641 from the server 100. The third processing element 310 controls the electronic lock element 340 to unlock, lock or play an alarm notification according to the access control command 641.

外訪裝置400包括第四處理元件410、第四通訊元件420、第四儲存元件430與顯示元件440。第四處理元件410連接於第四通訊元件420、第四儲存元件430與顯示元件440。第四通訊元件420網路連接於本地裝置200或伺服器100。外訪裝置400可以是平板電腦或行動電話等移動設備。第四通訊元件420接收本地裝置200的憑證通知622。第四處理元件410根據憑證通知622向伺服器100獲取相應的訪客憑證621。第四處理元件410驅動顯示元件440並於顯示元件440上播放訪客憑證621,以使門控裝置300的讀取元件330可以讀取訪客憑證621。 The visiting device 400 includes a fourth processing element 410, a fourth communication element 420, a fourth storage element 430 and a display element 440. The fourth processing element 410 is connected to the fourth communication element 420, the fourth storage element 430 and the display element 440. The fourth communication element 420 is connected to the local device 200 or the server 100 via a network. The visiting device 400 can be a mobile device such as a tablet computer or a mobile phone. The fourth communication element 420 receives a certificate notification 622 from the local device 200. The fourth processing element 410 obtains a corresponding visitor certificate 621 from the server 100 according to the certificate notification 622. The fourth processing element 410 drives the display element 440 and plays the visitor credential 621 on the display element 440, so that the reading element 330 of the door control device 300 can read the visitor credential 621.

為能完整說明門禁排程的處理系統10的整體運作,以下將處理系統10的運作逐步說明,並請參考圖3所示,門禁排程的處理系統10執行下述步驟:步驟S310:本地裝置根據訪問資訊產生憑證生成要求,並將憑證生成要求發送至伺服器;步驟S320:伺服器根據憑證生成要求產生訪客憑證與憑證通知;步驟S330:伺服器傳送憑證通知至本地裝置; 步驟S340:本地裝置根據訪問資訊將憑證通知傳送至外訪裝置;步驟S350:外訪裝置根據憑證通知獲取相應的訪客憑證;步驟S360:由門控裝置讀取外訪裝置的訪客憑證並產生驗證要求;步驟S370:門控裝置傳送驗證要求至伺服器;以及步驟S380:伺服器根據驗證要求產生門禁控制命令,並將門禁控制命令發送至門控裝置。 In order to fully explain the overall operation of the access control scheduling processing system 10, the operation of the processing system 10 is described step by step below. Please refer to FIG. 3. The access control scheduling processing system 10 performs the following steps: Step S310: The local device generates a certificate generation request according to the access information and sends the certificate generation request to the server; Step S320: The server generates a visitor certificate and a certificate notification according to the certificate generation request; Step S330: The server sends the certificate notification to the local device. device; Step S340: the local device transmits the credential notification to the external device according to the access information; Step S350: the external device obtains the corresponding visitor credential according to the credential notification; Step S360: the door control device reads the visitor credential of the external device and generates a verification request; Step S370: the door control device transmits the verification request to the server; and Step S380: the server generates an access control command according to the verification request and sends the access control command to the door control device.

首先,使用者透過輸入元件230將外訪裝置400的訪問資訊611輸入至本地裝置200。本地裝置200接收訪問資訊611並根據訪問資訊611產生憑證生成要求612(對應於步驟S310)。本地裝置200將憑證生成要求612發送至伺服器100。憑證生成要求612可以通過本地裝置200的應用程式,或者是透過伺服器100的網站與網頁進行登錄所產生。簡而言之,本地裝置200將外訪裝置400的身份資訊與門禁排程的時段、進出次數或區域封裝為憑證生成要求612。伺服器100接獲憑證生成要求612後,伺服器100根據憑證生成要求612與所屬的訪問資訊611產生對應的訪客憑證621。所述的訪客憑證621對應於訪問資訊611的外訪裝置400。於此同時,伺服器100產生訪客憑證621的憑證通知622(對應於步驟S320)。 First, the user inputs the access information 611 of the visiting device 400 to the local device 200 through the input component 230. The local device 200 receives the access information 611 and generates a certificate generation request 612 according to the access information 611 (corresponding to step S310). The local device 200 sends the certificate generation request 612 to the server 100. The certificate generation request 612 can be generated by the application of the local device 200, or by logging in through the website and webpage of the server 100. In short, the local device 200 encapsulates the identity information of the visiting device 400 and the time period, entry and exit times or area of the access control schedule into the certificate generation request 612. After receiving the certificate generation request 612, the server 100 generates a corresponding visitor certificate 621 according to the certificate generation request 612 and the corresponding access information 611. The visitor certificate 621 corresponds to the external access device 400 of the access information 611. At the same time, the server 100 generates a certificate notification 622 of the visitor certificate 621 (corresponding to step S320).

伺服器100傳送憑證通知622至本地裝置200(對應於步驟S330)。在一些實施例中,憑證通知622包含連結資訊,連結資訊適配於一用戶驗證頁面623。用戶驗證頁面623包括識別條碼624與外訪裝置400的相關資訊。外訪裝置400的相關資訊可以是外訪裝置400的使用者名字、電話、可通行日期、通行時段、通行次數、有效期限、通行區域等。 伺服器100根據當前時間資訊與訪客憑證621交互產生識別條碼624。識別條碼624的種類可以是一維條碼或二維條碼(例如:快速響應矩陣碼-QR Code,Quick Response Code)等。伺服器100建立用戶驗證頁面623後,伺服器100獲取用戶驗證頁面623的連結資訊。伺服器100除了可以將連結資訊直接視為憑證通知622外,也可以同時加入時間戳記或其他用於驗證外訪裝置400身分的資訊。 The server 100 transmits the certificate notification 622 to the local device 200 (corresponding to step S330). In some embodiments, the certificate notification 622 includes link information, and the link information is adapted to a user verification page 623. The user verification page 623 includes an identification barcode 624 and relevant information of the visiting device 400. The relevant information of the visiting device 400 can be the user name, phone number, passable date, pass time, pass number, validity period, pass area, etc. of the visiting device 400. The server 100 generates an identification barcode 624 based on the current time information and the visitor certificate 621. The type of identification barcode 624 can be a one-dimensional barcode or a two-dimensional barcode (e.g., Quick Response Matrix Code-QR Code, Quick Response Code), etc. After the server 100 creates the user verification page 623, the server 100 obtains the link information of the user verification page 623. In addition to directly treating the link information as the certificate notification 622, the server 100 can also add a timestamp or other information used to verify the identity of the external access device 400.

伺服器100每經過預設時間後,伺服器100再根據新的流水編號資訊與訪客憑證621產生新的識別條碼624。例如:預設時間若為10分鐘,則伺服器100每經過10分鐘後,伺服器100可以獲取當前的時間將其視為新的流水編號資訊並產生新的識別條碼624。由於憑證通知622不會與識別條碼624或用戶驗證頁面623相關連,因此憑證通知622與連結資訊不會隨著新的識別條碼624而重新產生。伺服器100產生新的識別條碼624後,伺服器100會更新用戶驗證頁面623中的識別條碼624。伺服器100可以將舊的識別條碼624儲存至第一儲存元件130中。 After each preset time, the server 100 generates a new identification barcode 624 based on the new serial number information and the visitor certificate 621. For example, if the preset time is 10 minutes, then after each 10 minutes, the server 100 can obtain the current time and regard it as new serial number information and generate a new identification barcode 624. Since the certificate notification 622 is not associated with the identification barcode 624 or the user verification page 623, the certificate notification 622 and the link information will not be regenerated with the new identification barcode 624. After the server 100 generates a new identification barcode 624, the server 100 will update the identification barcode 624 in the user verification page 623. The server 100 can store the old identification barcode 624 in the first storage component 130.

此外,本地裝置200也可以登入至伺服器100並查閱(或修改)用戶驗證頁面623。本地裝置200可以向用戶驗證頁面623進行訪問資訊611的調整。例如,本地裝置200可以修改(或者新增、刪除)外訪裝置400的訪問日期、時間、出入次數或可出入的區域。在本地裝置200異動訪問資訊611後,伺服器100也會更新訪客憑證621的內容。而憑證通知622不會與識別條碼624或用戶驗證頁面623相關連,所以異動訪問資訊611後伺服器100也是沿用既有的憑證通知622與連結資訊。 In addition, the local device 200 can also log in to the server 100 and view (or modify) the user verification page 623. The local device 200 can adjust the access information 611 to the user verification page 623. For example, the local device 200 can modify (or add or delete) the access date, time, number of entries or accessible areas of the external device 400. After the local device 200 changes the access information 611, the server 100 will also update the content of the visitor certificate 621. The certificate notification 622 is not associated with the identification barcode 624 or the user verification page 623, so after changing the access information 611, the server 100 also uses the existing certificate notification 622 and link information.

本地裝置200根據訪問資訊611將憑證通知622傳送至對應的外訪裝置400(對應步驟S340)。訪問資訊611除了具有外訪裝置400被授權通過的時間、時段、日期或區域外,訪問資訊611還具有身份資訊。身份資訊包括國際移動設備識別碼(International Mobile Equipment Identity,IMEI)、移動設備識別碼(Mobile Equipment Identifier,MEID)、媒體存取控制位址(Media Access Control,MAC)、通用唯一識別碼(Universally Unique Identifier,UUID)、設備序列號碼(Serial Number)、門號號碼、身份證號或用戶姓名等。 The local device 200 transmits the certificate notification 622 to the corresponding external device 400 according to the access information 611 (corresponding to step S340). In addition to the time, time period, date or area that the external device 400 is authorized to pass through, the access information 611 also has identity information. The identity information includes the International Mobile Equipment Identity (IMEI), the Mobile Equipment Identifier (MEID), the Media Access Control (MAC), the Universally Unique Identifier (UUID), the device serial number (Serial Number), the door number, the identity card number or the user name, etc.

外訪裝置400獲得憑證通知622後,外訪裝置400根據憑證通知622獲得訪客憑證621(對應步驟S350),請配合圖4所示。若訪客憑證621具有連結資訊,則外訪裝置400根據連結資訊登錄伺服器100並獲取相應的用戶驗證頁面623。外訪裝置400從用戶驗證頁面623中獲取識別條碼624,並且從用戶驗證頁面623中獲知可以進出的門禁時段、時間或可通行的區域的相關資訊。 After the visiting device 400 obtains the certificate notification 622, the visiting device 400 obtains the visitor certificate 621 according to the certificate notification 622 (corresponding to step S350), as shown in FIG4. If the visitor certificate 621 has link information, the visiting device 400 logs in to the server 100 according to the link information and obtains the corresponding user verification page 623. The visiting device 400 obtains the identification barcode 624 from the user verification page 623, and obtains the relevant information of the access control time period, time or passable area from the user verification page 623.

在一些實施例中,伺服器100根據訪客憑證621生成相應的識別條碼624後,直接將識別條碼624加入憑證通知622。伺服器100另將部分的訪問資訊611加入憑證通知622之中,例如:將外訪裝置400的訪問日期、時間、出入次數或可出入的區域等資訊加入憑證通知622。本地裝置200將具有識別條碼624的憑證通知622發送至外訪裝置400(亦對應步驟S340)。外訪裝置400可以直接獲得識別條碼624,並儲存識別條碼624(亦對應步驟S350)。 In some embodiments, after the server 100 generates the corresponding identification barcode 624 according to the visitor credential 621, the identification barcode 624 is directly added to the credential notification 622. The server 100 also adds part of the access information 611 to the credential notification 622, for example, the access date, time, number of entries and exits, or the accessible area of the visiting device 400 are added to the credential notification 622. The local device 200 sends the credential notification 622 with the identification barcode 624 to the visiting device 400 (also corresponding to step S340). The visiting device 400 can directly obtain the identification barcode 624 and store the identification barcode 624 (also corresponding to step S350).

當外訪裝置400欲進入門禁範圍,外訪裝置400可以根據憑證通知622獲取識別條碼624。外訪裝置400獲得識別條碼624後,外訪裝置400可以透過顯示元件440播放識別條碼624。外訪裝置400出示識別條碼624給門控裝置300讀取。門控裝置300的讀取元件330可以讀取識別條碼624、或者以鍵盤鍵入識別條碼624的內容、又或者是以NFC讀取識別條碼624,如圖5所示。在圖5中的門控裝置300將所拍攝(意即前述讀取處理)的識別條碼624顯示於螢幕之中。門控裝置300根據所讀取的識別條碼624獲得訪客憑證621,並以訪客憑證621產生相應的驗證要求631(對應步驟S360)。驗證要求631的內容除了包括訪客憑證621外,也可以包括讀取識別條碼624的時間。 When the visiting device 400 wants to enter the access control area, the visiting device 400 can obtain the identification barcode 624 according to the credential notification 622. After the visiting device 400 obtains the identification barcode 624, the visiting device 400 can play the identification barcode 624 through the display element 440. The visiting device 400 presents the identification barcode 624 to the door control device 300 for reading. The reading element 330 of the door control device 300 can read the identification barcode 624, or type the content of the identification barcode 624 with a keyboard, or read the identification barcode 624 with NFC, as shown in FIG5. The door control device 300 in FIG5 displays the photographed (i.e., the aforementioned reading process) identification barcode 624 on the screen. The door control device 300 obtains the visitor certificate 621 according to the read identification barcode 624, and generates a corresponding verification request 631 with the visitor certificate 621 (corresponding to step S360). In addition to the visitor certificate 621, the content of the verification request 631 may also include the time when the identification barcode 624 was read.

接著,門控裝置300將驗證要求631傳送至伺服器100(對應步驟S370)。伺服器100判斷驗證要求631的訪客憑證621與所儲存的訪客憑證621是否一致。若伺服器100的訪客憑證621與驗證要求631的訪客憑證621一致時,則伺服器100視驗證要求631的訪客憑證621為合法,並且向門控裝置300發送解鎖的門禁控制命令641。反之,伺服器100向門控裝置300發送警示通知的門禁控制命令641(對應步驟S380)。伺服器100發送門禁控制命令641的同時,伺服器100也可以向本地裝置200發送相應的通知訊息。在一些實施例中,當伺服器100發送解鎖的門禁控制命令641時,伺服器100可以向本地裝置200發送來訪通知。伺服器100向門控裝置300發送警示通知的門禁控制命令641外,也可以向本地裝置200發送警示通知。 Next, the door control device 300 transmits the verification request 631 to the server 100 (corresponding to step S370). The server 100 determines whether the visitor certificate 621 of the verification request 631 is consistent with the stored visitor certificate 621. If the visitor certificate 621 of the server 100 is consistent with the visitor certificate 621 of the verification request 631, the server 100 regards the visitor certificate 621 of the verification request 631 as legal, and sends an unlocking access control command 641 to the door control device 300. Otherwise, the server 100 sends an access control command 641 of a warning notification to the door control device 300 (corresponding to step S380). When the server 100 sends the access control command 641, the server 100 may also send a corresponding notification message to the local device 200. In some embodiments, when the server 100 sends the unlock access control command 641, the server 100 may send a visitor notification to the local device 200. In addition to sending the access control command 641 of the warning notification to the door control device 300, the server 100 may also send a warning notification to the local device 200.

伺服器100的訪客憑證621與驗證要求631的訪客憑證621一致的情況包括:於已登錄時間區段中訪問門禁範圍、訪問門禁範圍的次數未達設定上限、或外訪裝置400已經被登錄。舉例來說,外訪裝置400的可訪問時間區段可以是每週的週一、三、五,或者是2023年01月01日~30日。更進一步而言,本地裝置200還可以指定特定時段,如每週的週一(AM8:00~AM11:30)、週三(AM8:00~AM11:30)、週五(整天)。進一步而言,前述的指定時段可以為週、月、季或年。例如可應用於長租或短租之租客。此外,外訪裝置400的可訪問的門禁範圍為大樓(或園區等)中的特定樓層,例如大樓的大廳~4樓等。 The situations where the visitor certificate 621 of the server 100 is consistent with the visitor certificate 621 of the verification request 631 include: accessing the access control range in the logged-in time period, the number of visits to the access control range does not reach the set upper limit, or the external device 400 has been logged in. For example, the accessible time period of the external device 400 can be Monday, Wednesday, and Friday every week, or January 01 to 30, 2023. Furthermore, the local device 200 can also specify a specific time period, such as Monday (AM8:00~AM11:30), Wednesday (AM8:00~AM11:30), and Friday (all day) every week. Furthermore, the aforementioned specified time period can be a week, month, quarter, or year. For example, it can be applied to long-term or short-term tenants. In addition, the accessible access range of the external access device 400 is a specific floor in the building (or campus, etc.), such as the lobby to the 4th floor of the building, etc.

更進一步而言,本地裝置200也可以設定門禁範圍的進出次數。若外訪裝置400以舊的識別條碼624給門控裝置300讀取,則伺服器100也會將此情況視為非法。請參考圖6所示,圖6中伺服器100在經過預設時間後將會廢止現有的識別條碼624並建立新的識別條碼624。在圖6中係以T1、T2、T3分別表示伺服器100在不同的時間點,並於對應的時間點建立新的識別條碼624。因此外訪裝置400在任一時間點時會通過相同的連結資訊連上對應時間點的用戶驗證頁面623。 Furthermore, the local device 200 can also set the number of times of entering and exiting the access control range. If the external device 400 uses the old identification barcode 624 for the access control device 300 to read, the server 100 will also regard this as illegal. Please refer to Figure 6, in which the server 100 will cancel the existing identification barcode 624 and create a new identification barcode 624 after a preset time. In Figure 6, T1, T2, and T3 respectively represent the server 100 at different time points, and a new identification barcode 624 is created at the corresponding time point. Therefore, the external device 400 will connect to the user verification page 623 of the corresponding time point through the same link information at any time point.

以上雖以單一個外訪裝置400為例說明,實際上處理系統10可以對於不同的外訪裝置400分別設定相應的訪問資訊611,用以獲得各外訪裝置400的憑證通知622。在一些實施例中,若外訪裝置400為複數個時,本地裝置200可以將相關的外訪裝置400設定為同一群組。本地裝置200可以批次輸入各外訪裝置400的身份資訊後,本地裝置200將相同的內 容的通行日期、通行時段、通行次數等資訊輸入至訪問資訊611。伺服器100根據前述訪問資訊611產生相應的訪客憑證621與憑證通知622。伺服器100可以根據各身份資訊產生相應數量的訪客憑證621與憑證通知622。或者是,伺服器100產生同一組的訪客憑證621與憑證通知622。伺服器100將憑證通知622傳送至本地裝置200。本地裝置200根據各身份資訊將憑證通知622傳送至各外訪裝置400。 Although a single visiting device 400 is used as an example in the above description, in practice, the processing system 10 can set corresponding access information 611 for different visiting devices 400 to obtain the credential notification 622 of each visiting device 400. In some embodiments, if there are multiple visiting devices 400, the local device 200 can set the related visiting devices 400 as the same group. After the local device 200 inputs the identity information of each visiting device 400 in batches, the local device 200 inputs the same content of the access date, access time period, access times, etc. into the access information 611. The server 100 generates a corresponding visitor certificate 621 and a certificate notification 622 according to the aforementioned access information 611. The server 100 can generate a corresponding number of visitor certificates 621 and certificate notifications 622 according to each identity information. Alternatively, the server 100 generates the same set of visitor certificates 621 and certificate notifications 622. The server 100 transmits the certificate notification 622 to the local device 200. The local device 200 transmits the certificate notification 622 to each external device 400 according to each identity information.

在一些實施例中,伺服器100產生訪客憑證621的過程中可以對訪問資訊611進行加密處理,並將已加密的輸出結果視為訪客憑證621。接著,伺服器100根據已加密的訪客憑證621產生相應的用戶驗證頁面623與識別條碼624。 In some embodiments, the server 100 may encrypt the access information 611 during the process of generating the visitor certificate 621, and regard the encrypted output result as the visitor certificate 621. Then, the server 100 generates a corresponding user verification page 623 and an identification barcode 624 based on the encrypted visitor certificate 621.

在一些實施例中,伺服器100可以將訪客憑證621生成對應的連結資訊,並將連結資訊寫入憑證通知622。外訪裝置400獲得憑證通知622後,外訪裝置400將憑證通知622記錄於第四儲存元件430中。舉例來說,若第四儲存元件430係為NFC記憶體。外訪裝置400欲進入門禁範圍時,由門控裝置300讀取外訪裝置400的NFC記憶體中的訪客憑證621。 In some embodiments, the server 100 can generate corresponding link information from the visitor certificate 621 and write the link information into the certificate notification 622. After the visiting device 400 obtains the certificate notification 622, the visiting device 400 records the certificate notification 622 in the fourth storage element 430. For example, if the fourth storage element 430 is an NFC memory. When the visiting device 400 wants to enter the access control range, the door control device 300 reads the visitor certificate 621 in the NFC memory of the visiting device 400.

在一些實施例中,處理系統10包括伺服器100、本地裝置200、門控裝置300、管理裝置500與外訪裝置400,請參考圖7與圖8所示。伺服器100連結於本地裝置200、門控裝置300、管理裝置500與外訪裝置400。伺服器100、本地裝置200、門控裝置300與管理裝置500屬於同一門禁範圍。外訪裝置400對伺服器100、本地裝置200、門控裝置300與管理裝置500的連接與各式訊息的傳輸可以參考前文。 In some embodiments, the processing system 10 includes a server 100, a local device 200, a door control device 300, a management device 500, and an external device 400, as shown in FIG7 and FIG8. The server 100 is connected to the local device 200, the door control device 300, the management device 500, and the external device 400. The server 100, the local device 200, the door control device 300, and the management device 500 belong to the same access control range. The connection of the external device 400 to the server 100, the local device 200, the door control device 300, and the management device 500 and the transmission of various messages can refer to the previous text.

管理裝置500包括第五處理元件510、第五通訊元件520與攝像元件530。第五處理元件510連接於第五通訊元件520與攝像元件530。攝像元件530用於拍攝外訪裝置400的識別條碼624。第五處理元件510根據識別條碼624產生驗證要求631。第五通訊元件520傳送驗證要求631至伺服器100。伺服器100根據驗證要求631產生相應的門禁控制命令641,並將門禁控制命令641傳送至門控裝置300。若外訪裝置400欲訪問門禁範圍,外訪裝置400可以出示識別條碼624以供管理裝置500讀取。管理裝置500根據識別條碼624向伺服器100發送相應的驗證要求631。伺服器100判斷驗證要求631是否為合法。若驗證要求631為合法時,伺服器100向門控裝置300發送解鎖的門禁控制命令641。反之,伺服器100向門控裝置300傳送產生警示通知的門禁控制命令641。 The management device 500 includes a fifth processing element 510, a fifth communication element 520, and an imaging element 530. The fifth processing element 510 is connected to the fifth communication element 520 and the imaging element 530. The imaging element 530 is used to photograph the identification barcode 624 of the visiting device 400. The fifth processing element 510 generates a verification request 631 according to the identification barcode 624. The fifth communication element 520 transmits the verification request 631 to the server 100. The server 100 generates a corresponding access control command 641 according to the verification request 631, and transmits the access control command 641 to the door control device 300. If the external access device 400 wants to access the access control area, the external access device 400 can present the identification barcode 624 for the management device 500 to read. The management device 500 sends a corresponding verification request 631 to the server 100 according to the identification barcode 624. The server 100 determines whether the verification request 631 is legal. If the verification request 631 is legal, the server 100 sends an unlocking access control command 641 to the door control device 300. Otherwise, the server 100 sends an access control command 641 to generate an alert notification to the door control device 300.

所述的門禁排程的處理系統10與方法可以指定訪客的通行時段、訪問次數或可通行區域。本地裝置200也可以隨時向伺服器100發出通行權限或時段的修改要求,增加門禁管控的操作彈性。並且外訪裝置400不需逐次向本地裝置200獲取訪客憑證621,也降低雙方通訊的時間成本。為了提供訪客憑證621的安全性,伺服器100每經過預設時間定時更新識別條碼624,進而有效防止識別條碼624的截圖被第三方所使用。對於合法的外訪裝置400而言,外訪裝置400可以通過用戶驗證頁面623獲取有效的識別條碼624,所以合法的外訪裝置400還是可以正常的使用訪客憑證621。 The access control scheduling processing system 10 and method can specify the visitor's access time period, number of visits or accessible area. The local device 200 can also send a request to modify the access permission or time period to the server 100 at any time, increasing the operational flexibility of access control. In addition, the external visiting device 400 does not need to obtain the visitor certificate 621 from the local device 200 one by one, which also reduces the time cost of communication between the two parties. In order to provide the security of the visitor certificate 621, the server 100 regularly updates the identification barcode 624 every preset time, thereby effectively preventing the screenshot of the identification barcode 624 from being used by a third party. For a legitimate external visitor device 400, the external visitor device 400 can obtain a valid identification barcode 624 through the user verification page 623, so the legitimate external visitor device 400 can still use the visitor certificate 621 normally.

10:處理系統 10: Processing system

100:伺服器 100: Server

200:本地裝置 200: Local device

300:門控裝置 300: Door control device

400:外訪裝置 400: External access device

611:訪問資訊 611: Access information

612:憑證生成要求 612: Certificate generation request

622:憑證通知 622: Certificate Notice

624:識別條碼 624: Identify barcode

631:驗證要求 631: Verification Request

641:門禁控制命令 641: Access control command

S1:門禁範圍 S1: Access control range

S2:其餘範圍 S2: The rest of the range

Claims (14)

一種門禁排程的處理系統,派發一訪客憑證給一外訪裝置,該門禁排程的處理系統包括:一伺服器,根據所接收的一憑證生成要求產生該訪客憑證與一憑證通知;一本地裝置,根據該外訪裝置與所屬的一訪問資訊產生該憑證生成要求,該本地裝置傳送該憑證生成要求給該伺服器,該伺服器傳送該憑證通知至該本地裝置,該本地裝置傳送該憑證通知至該外訪裝置,該外訪裝置根據該憑證通知向該伺服器獲取相應的該訪客憑證;以及一門控裝置,網路連接於該伺服器,該門控裝置包括一電子鎖元件,該門控裝置根據該外訪裝置的該訪客憑證產生一驗證要求,該門控裝置傳送該驗證要求至該伺服器;其中,該伺服器根據該驗證要求產生一門禁控制命令,並將該門禁控制命令發送至該門控裝置。 A processing system for access control scheduling distributes a visitor certificate to an external access device. The processing system for access control scheduling includes: a server, generating the visitor certificate and a certificate notification according to a received certificate generation request; a local device, generating the certificate generation request according to the external access device and access information belonging to the local device, the local device transmitting the certificate generation request to the server, the server transmitting the certificate notification to the local device, and the local device transmitting the certificate notification to the external access device, the external access device obtains the corresponding visitor credential from the server according to the credential notification; and a door control device, which is network-connected to the server, and the door control device includes an electronic lock element, the door control device generates a verification request according to the visitor credential of the external access device, and the door control device transmits the verification request to the server; wherein the server generates an access control command according to the verification request, and sends the access control command to the door control device. 如請求項1所述的門禁排程的處理系統,其中該訪問資訊包括該外訪裝置的通行日期、通行時段、通行次數、有效期限、通行區域或身份資訊與前述的組合。 The access control scheduling processing system as described in claim 1, wherein the access information includes the access date, access time period, access times, validity period, access area or identity information of the external access device and a combination of the foregoing. 如請求項1或2所述的門禁排程的處理系統,其中該伺服器生成一用戶驗證頁面與相應該用戶驗證頁面的一連結資訊,該用戶驗證頁面包括一識別條碼,該伺服器根據一流水編號資訊與該訪客憑證產生該識別條碼,該伺服器將該連結資訊加入該憑證通知。 A processing system for access control scheduling as described in claim 1 or 2, wherein the server generates a user verification page and a link information corresponding to the user verification page, the user verification page includes an identification barcode, the server generates the identification barcode based on a serial number information and the visitor certificate, and the server adds the link information to the certificate notification. 如請求項3所述的門禁排程的處理系統,其中該外訪裝置根據該連結資訊向該伺服器獲取該識別條碼。 The access control scheduling processing system as described in claim 3, wherein the external access device obtains the identification barcode from the server according to the link information. 如請求項1所述的門禁排程的處理系統,其中該伺服器判斷該訪客憑證為合法的該外訪裝置,該伺服器發送該門禁控制命令並解鎖該電子鎖元件;該伺服器判斷該訪客憑證為非法的該外訪裝置,該伺服器發送該門禁控制命令至該門控裝置並由該門控裝置產生一警示通知。 The access control scheduling processing system as described in claim 1, wherein the server determines that the visitor's credential is a legitimate external access device, the server sends the access control command and unlocks the electronic lock element; the server determines that the visitor's credential is an illegal external access device, the server sends the access control command to the door control device and the door control device generates a warning notification. 如請求項5所述的門禁排程的處理系統,其中該門控裝置進行解鎖時,該伺服器向該本地裝置發送一來訪通知。 The access control scheduling processing system as described in claim 5, wherein when the access control device is unlocked, the server sends a visit notification to the local device. 如請求項5所述的門禁排程的處理系統,其中包括一管理裝置,網路連接於該伺服器,該管理裝置根據該外訪裝置的該訪客憑證產生另一驗證要求,該管理裝置傳送該另一驗證要求至該伺服器。 The access control scheduling processing system as described in claim 5 includes a management device connected to the server via a network, the management device generates another verification request based on the visitor certificate of the external access device, and the management device transmits the other verification request to the server. 如請求項1所述的門禁排程的處理系統,其中該伺服器對該訪問資訊進行一加密處理並產生該訪客憑證。 The access control scheduling processing system as described in claim 1, wherein the server performs an encryption process on the access information and generates the visitor certificate. 一種門禁排程的處理方法,包括:一伺服器根據一本地裝置的一憑證生成要求產生一訪客憑證與一憑證通知;該伺服器傳送該憑證通知至一本地裝置,由該本地裝置傳送至一外訪裝置;該外訪裝置根據該憑證通知獲取相應的該訪客憑證;由一門控裝置讀取該外訪裝置的該訪客憑證並產生一驗證要求;該門控裝置傳送該驗證要求至該伺服器;以及 該伺服器根據該驗證要求產生一門禁控制命令,並將該門禁控制命令發送至該門控裝置。 A method for processing access control scheduling includes: a server generates a visitor certificate and a certificate notification according to a certificate generation request of a local device; the server transmits the certificate notification to a local device, which is then transmitted to an external device; the external device obtains the corresponding visitor certificate according to the certificate notification; a door control device reads the visitor certificate of the external device and generates a verification request; the door control device transmits the verification request to the server; and the server generates an access control command according to the verification request and sends the access control command to the door control device. 如請求項9所述的門禁排程的處理方法,其中在該伺服器根據該憑證生成要求產生該訪客憑證的步驟包括:該本地裝置根據一訪問資訊產生該憑證生成要求,該本地裝置發送該憑證生成要求至該伺服器;以及該伺服器對該憑證生成要求的該訪問資訊進行一加密處理並產生該訪客憑證。 The processing method of access control scheduling as described in claim 9, wherein the step of generating the visitor certificate according to the certificate generation request at the server includes: the local device generates the certificate generation request according to access information, the local device sends the certificate generation request to the server; and the server performs an encryption process on the access information of the certificate generation request and generates the visitor certificate. 如請求項9或10所述的門禁排程的處理方法,其中在該外訪裝置根據該憑證通知獲取相應的該訪客憑證的步驟包括:該伺服器根據該訪客憑證生成一用戶驗證頁面與相應該用戶驗證頁面的一連結資訊,該用戶驗證頁面包括一識別條碼;該伺服器根據一流水編號資訊與該訪客憑證產生該識別條碼;以及該伺服器將該連結資訊加入該憑證通知。 The processing method of access control scheduling as described in claim 9 or 10, wherein the step of obtaining the corresponding visitor certificate according to the certificate notification at the external access device includes: the server generates a user verification page and a link information corresponding to the user verification page according to the visitor certificate, and the user verification page includes an identification barcode; the server generates the identification barcode according to a serial number information and the visitor certificate; and the server adds the link information to the certificate notification. 如請求項11所述的門禁排程的處理方法,其中在該外訪裝置根據該憑證通知獲取相應的該訪客憑證的步驟包括:該伺服器傳送該憑證通知至該本地裝置;以及該本地裝置將該憑證通知發送至該外訪裝置。 The processing method of access control scheduling as described in claim 11, wherein the step of obtaining the corresponding visitor certificate according to the certificate notification at the external access device includes: the server transmits the certificate notification to the local device; and the local device sends the certificate notification to the external access device. 如請求項9所述的門禁排程的處理方法,其中在該伺服器根據該驗證要求產生該門禁控制命令,並將該門禁控制命令發送至該門控裝置的步驟包括: 該伺服器判斷該驗證要求的訪客憑證是否合法;若該訪客憑證為合法,該伺服器令該門控裝置解鎖;以及若該訪客憑證為非法,該伺服器發送一警示通知至該本地裝置。 The processing method of access control scheduling as described in claim 9, wherein the server generates the access control command according to the verification request and sends the access control command to the access control device comprises: The server determines whether the visitor certificate of the verification request is legal; if the visitor certificate is legal, the server unlocks the access control device; and if the visitor certificate is illegal, the server sends a warning notification to the local device. 如請求項9所述的門禁排程的處理方法,其中在該外訪裝置根據該憑證通知獲取相應的該訪客憑證的步驟後包括:由一管理裝置讀取該外訪裝置的該訪客憑證並產生另一該驗證要求;該伺服器判斷該另一驗證要求的訪客憑證是否合法;若該訪客憑證為合法,該伺服器令該門控裝置解鎖;以及若該訪客憑證為非法,該伺服器發送一警示通知至該本地裝置。 The processing method of access control scheduling as described in claim 9, wherein after the step of the external access device obtaining the corresponding visitor certificate according to the certificate notification, the method includes: a management device reading the visitor certificate of the external access device and generating another verification request; the server determining whether the visitor certificate of the other verification request is legal; if the visitor certificate is legal, the server unlocks the access control device; and if the visitor certificate is illegal, the server sends a warning notification to the local device.
TW112100448A 2023-01-05 2023-01-05 Access management system and method TWI848504B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
TW112100448A TWI848504B (en) 2023-01-05 2023-01-05 Access management system and method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
TW112100448A TWI848504B (en) 2023-01-05 2023-01-05 Access management system and method

Publications (2)

Publication Number Publication Date
TWI848504B true TWI848504B (en) 2024-07-11
TW202429396A TW202429396A (en) 2024-07-16

Family

ID=92928791

Family Applications (1)

Application Number Title Priority Date Filing Date
TW112100448A TWI848504B (en) 2023-01-05 2023-01-05 Access management system and method

Country Status (1)

Country Link
TW (1) TWI848504B (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20150109104A1 (en) * 2012-09-21 2015-04-23 Google Inc. Smart invitation handling at a smart-home
CN110517387A (en) * 2019-08-29 2019-11-29 宝钜(中国)儿童用品有限公司 Access control system, method, equipment and readable storage medium storing program for executing
CN112200949A (en) * 2020-12-02 2021-01-08 北京紫光青藤微系统有限公司 Entrance guard starting method and device and identity verification system
TWM610550U (en) * 2020-12-29 2021-04-11 今網智慧科技股份有限公司 Community visitor management system

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20150109104A1 (en) * 2012-09-21 2015-04-23 Google Inc. Smart invitation handling at a smart-home
CN110517387A (en) * 2019-08-29 2019-11-29 宝钜(中国)儿童用品有限公司 Access control system, method, equipment and readable storage medium storing program for executing
CN112200949A (en) * 2020-12-02 2021-01-08 北京紫光青藤微系统有限公司 Entrance guard starting method and device and identity verification system
TWM610550U (en) * 2020-12-29 2021-04-11 今網智慧科技股份有限公司 Community visitor management system

Also Published As

Publication number Publication date
TW202429396A (en) 2024-07-16

Similar Documents

Publication Publication Date Title
US7437755B2 (en) Unified network and physical premises access control server
US9437063B2 (en) Methods and systems for multi-unit real estate management
US8941465B2 (en) System and method for secure entry using door tokens
JP4668551B2 (en) Personal authentication device and system and method thereof
US8907763B2 (en) System, station and method for mustering
WO2016169424A1 (en) Networked community area access control system and community area access method based thereon
US20140002236A1 (en) Door Lock, System and Method for Remotely Controlled Access
US20220224727A1 (en) Applying device policies using a management token
JP6009783B2 (en) Access control system
CN109923592B (en) Method and system for access control and awareness management
US7827407B2 (en) Scoped federations
US20180114384A1 (en) Cloud-based keyless access control system for housing facilities
US11348392B2 (en) Method for access control
US11275858B2 (en) Document signing system for mobile devices
US20220014388A1 (en) Virtual security guard
JP2019173523A (en) Electric lock system and lock control terminal
US11038924B2 (en) Determining a device posture using a device posture token
US20190311303A1 (en) System and method for credentialing access to restricted rooms
US20220070014A1 (en) System and method for a control system for managing smart devices in a multiple unit property environment
JP2008003879A (en) Group participation management method, system, and program
WO2018060038A1 (en) An access delegation system for an owner user to delegate to a delegate an authorization for accessing to a resource
US20220327875A1 (en) Providing access to a lock for a service provider using a grant token and credential
WO2018207174A1 (en) Method and system for sharing a network enabled entity
TWI848504B (en) Access management system and method
Patil et al. SecSmartLock: An architecture and protocol for designing secure smart locks