WO2015117507A1 - Authentication method, collection device, authentication device and system, and cabinet and unlocking method therefor - Google Patents

Authentication method, collection device, authentication device and system, and cabinet and unlocking method therefor Download PDF

Info

Publication number
WO2015117507A1
WO2015117507A1 PCT/CN2014/094000 CN2014094000W WO2015117507A1 WO 2015117507 A1 WO2015117507 A1 WO 2015117507A1 CN 2014094000 W CN2014094000 W CN 2014094000W WO 2015117507 A1 WO2015117507 A1 WO 2015117507A1
Authority
WO
WIPO (PCT)
Prior art keywords
identification information
feature identification
physiological feature
authentication
user
Prior art date
Application number
PCT/CN2014/094000
Other languages
French (fr)
Chinese (zh)
Inventor
李西
叶斐
Original Assignee
中兴通讯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中兴通讯股份有限公司 filed Critical 中兴通讯股份有限公司
Publication of WO2015117507A1 publication Critical patent/WO2015117507A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/82Protecting input, output or interconnection devices
    • G06F21/83Protecting input, output or interconnection devices input devices, e.g. keyboards, mice or controllers thereof

Definitions

  • the present invention relates to the field of communications, and in particular, to an authentication method, a collecting device, an authentication device and system, and a cabinet and an unlocking method thereof.
  • a pattern recognition system that utilizes physiological characteristic information such as fingerprint information and face information of a user is increasingly used, for example, in an advanced access control system.
  • the fingerprint information or the face information of the authorized user are stored locally in the collection terminal (for example, the fingerprint collection terminal and the face information collection terminal); and such collection terminals are generally arranged in a relatively prominent manner.
  • the place is convenient for the user to input relevant information, for example, when the application is an access control system, such collection terminals are generally installed in a public place outside the door. Therefore, the fingerprint information or the facial information of the authorized user stored in the collection terminal may be damaged, stolen or falsified, which is a potential safety hazard.
  • Embodiments of the present invention provide an authentication method, a collection device, an authentication device and system, and a cabinet and an unlocking method thereof, which solve the problem of low security of the existing identification system.
  • an embodiment of the present invention provides an authentication method, including:
  • the authentication device receives the physiological feature identification information sent by the collecting device by remote communication;
  • the authentication device matches the physiological feature identification information with a preset authorized physiological feature identification information list, and determines whether the user corresponding to the physiological feature identification information is an authorized user.
  • the method before the authenticating device receives the physiological feature identification information, the method further includes:
  • the authentication device receives the physiological feature identification information of the designated authorized user that is sent by the collecting device by remote communication;
  • the authentication device stores the physiological feature identification information of the designated authorized user in the authorized user physiological feature identification information list.
  • the method further includes storing the physiological feature identification information in the illegal user physiological feature identification information list.
  • the authentication device when the authenticating device determines that the user corresponding to the physiological feature identification information is an authorized user, the authentication device further includes issuing a remote unlocking instruction to the electronic lock device connected to the communication device.
  • the physiological feature identification information includes at least one of fingerprint information, face information, eye information, and palm shape information.
  • an embodiment of the present invention further provides an authentication method, including:
  • the collecting device collects physiological feature identification information for identifying the current user identity
  • the collecting device sends the physiological feature identification information to the authentication device through remote communication to authenticate the identity of the user.
  • the method further includes:
  • the collecting device collects physiological feature identification information of the designated authorized user
  • the collecting device transmits the collected physiological characteristic identification information of the designated authorized user to the authentication device by remote communication.
  • the physiological feature identification information includes at least one of fingerprint information, face information, eye information, and palm shape information.
  • an embodiment of the present invention further provides an authentication method, including:
  • the collecting device collects physiological feature identification information for identifying the current user identity
  • the collecting device sends the physiological feature identification information to the authentication device by remote communication;
  • the authentication device receives the physiological feature identification information sent by the collecting device by remote communication;
  • the authentication device matches the physiological feature identification information with a preset authorized physiological feature identification information list, and determines whether the user corresponding to the physiological feature identification information is an authorized user.
  • an embodiment of the present invention further provides a cabinet unlocking method, where the cabinet is provided with a collecting device and an electronic lock device for locking the cabinet door; the collecting device and the electronic lock device Remotely communicating with the authentication device;
  • the collecting device collects physiological feature identification information for identifying the current user identity, and sends the physiological feature identification information to the authentication device through remote communication to authenticate the identity of the user;
  • the electronic lock device receives a remote unlocking command sent by the authentication device when the user is an authorized user according to the physiological feature identification information, and performs unlocking according to the remote unlocking instruction.
  • the embodiment of the present invention further provides an authentication device, including an information receiving module and an authentication module;
  • the information receiving module is configured to receive physiological feature identification information that is sent by the collecting device by remote communication;
  • the authentication module is configured to match the physiological feature identification information with a preset authorized user physiological feature identification information list, and determine whether the user corresponding to the physiological feature identification information is an authorized user.
  • an illegal user list maintenance module is further included;
  • the illegal user list maintenance module is configured to store the physiological feature identification information in the illegal user physiological feature identification information list when the authentication module determines that the user corresponding to the physiological feature identification information is not an authorized user.
  • the embodiment of the present invention further provides a collection device, including an information collection module and an information transmission module;
  • the information collection module is configured to collect physiological feature identification information for identifying a current user identity
  • the information sending module is configured to send the physiological feature identification information to the authentication device by remote communication to authenticate the identity of the user.
  • an embodiment of the present invention further provides an authentication system, including an acquisition device and an authentication device;
  • the collecting device is configured to collect physiological feature identification information for identifying a current user identity, and send the physiological feature identification information to the authentication device by using remote communication;
  • the authentication device is configured to receive physiological feature identification information that is sent by the collecting device by remote communication; and perform the physiological feature identification information and the preset authorized user physiological feature identification information list. Matching, determining whether the user corresponding to the physiological feature identification information is an authorized user.
  • the authenticating device is further configured to: when the user corresponding to the physiological feature identification information is not an authorized user, store the physiological feature identification information in the illegal user physiological feature identification information list.
  • the electronic lock device is further configured to: when determining that the user corresponding to the physiological feature identification information is an authorized user, sending a remote unlocking instruction to the electronic lock device; the electronic lock device is configured to: The unlocking is performed according to the remote unlocking instruction.
  • an embodiment of the present invention further provides a cabinet, including a cabinet body, a cabinet door disposed on the cabinet body, an electronic lock device adapted to lock the cabinet door, and the cabinet body or the a collecting device on the cabinet door, wherein the collecting device and the electronic lock device are respectively remotely connected to the authentication device;
  • the collecting device is configured to collect physiological feature identification information for identifying a current user identity, and send the physiological feature identification information to the authentication device by remote communication to authenticate the identity of the user;
  • the electronic lock device is configured to receive a remote unlocking instruction sent by the authentication device when determining that the user is an authorized user according to the physiological feature identification information, and unlocking according to the remote unlocking instruction.
  • the embodiment of the invention further provides a computer program and a carrier thereof, the computer program comprising program instructions, when the program instruction is executed by the authentication device, enabling the device to implement the method for authenticating.
  • the authentication method, the collecting device, the authentication device and the system, the cabinet and the unlocking method thereof are provided separately, and the collecting device and the authentication device are separately set; and then the collecting device collects the physiological feature identification information identifying the current user identity. And transmitting to the authentication device by remote communication; the authentication device receives the physiological feature identification information sent by the collection device, and matches the physiological feature identification information with the preset authorized user physiological feature identification information list to complete the authentication.
  • the physiological characteristic identification information of the authorized user is not stored on the collecting device, but the physiological characteristic identification information of the authorized user is stored on the side of the remote authentication device; therefore, other users may be prevented from being exposed to the external collecting device.
  • the physiological characteristic identification information of the authorized user stored in the store is destroyed, stolen or tampered with, and improved The security of authentication management.
  • FIG. 1 is a schematic structural diagram 1 of an authentication system according to Embodiment 1 of the present invention.
  • FIG. 2 is a schematic structural diagram 2 of an authentication system according to Embodiment 1 of the present invention.
  • FIG. 3 is a schematic structural diagram of a collection device according to Embodiment 1 of the present invention.
  • FIG. 4 is a schematic structural diagram of an authentication apparatus according to Embodiment 1 of the present invention.
  • FIG. 5 is a schematic structural diagram of a cabinet management system according to Embodiment 2 of the present invention.
  • FIG. 6 is a schematic diagram of a fingerprint information input process of an authorized user according to Embodiment 3 of the present invention.
  • FIG. 7 is a schematic diagram of a process for an authorized person to open a cabinet door according to Embodiment 3 of the present invention.
  • FIG. 8 is a schematic diagram of a process for an unauthorized person to open a cabinet door according to Embodiment 3 of the present invention.
  • FIG. 9 is a schematic diagram of an event query process according to Embodiment 3 of the present invention.
  • FIG. 10 is a schematic diagram of event recording according to Embodiment 3 of the present invention.
  • Embodiment 1 is a diagrammatic representation of Embodiment 1:
  • FIG. 1 is a schematic structural diagram 1 of an authentication system according to Embodiment 1 of the present invention.
  • the authentication system provided in this embodiment includes an acquisition device and an authentication device.
  • the collection device and the authentication device are respectively disposed on different hardware terminals, and the two are remotely connected through a remote communication interface.
  • the remote communication connection in this embodiment refers to a communication connection between different hardware devices; it is to distinguish communication between different functional modules in the same hardware device.
  • the remote communication in this embodiment may be implemented through various networks or through various data lines. I will not repeat them here.
  • the collecting device mainly collects physiological feature identification information for identifying the user identity, and sends the information to the authentication device through remote communication to perform identity authentication processing on the user;
  • the authentication device receives the physiological feature identification information sent by the collecting device by remote communication, and matches the physiological feature identification information with a preset authorized physiological feature identification information list, and determines whether the user corresponding to the physiological feature identification information is authorized. user.
  • the physiological characteristic identification information of the authorized user is not stored on the side of the collecting device, and the collecting device is mainly used for collecting and forwarding the physiological characteristic identification information of the user.
  • the physiological characteristic identification information of the authorized user is stored in the back end. On the authentication device, this can avoid the user's physiological feature identification information acquired by other users from the front-end collection device, thereby causing various security risks.
  • the authorized user physiological feature identification information in this embodiment may be stored directly on the authentication device locally, or may be stored in other remote databases or servers, and the authentication device needs to be used again.
  • the physiological feature identification information in the embodiment includes at least one of fingerprint information, face information, eye information, and palm shape information. That is, the present embodiment can perform authentication by fingerprint recognition, face recognition, eye recognition, and/or palm shape recognition. Specifically, the information may be selected according to a specific application scenario. For example, the fingerprint identification and the face recognition technology may be used for authentication. The physiological feature identification information acquired at this time may include the user's fingerprint information and facial information.
  • the physiological characteristic information and the user identity information (including name, gender, etc.) of the corresponding user may be directly imported from other devices;
  • the collecting device collects the physiological characteristic information of the designated authorized user, and then stores the physiological characteristic information and the corresponding user identity information in the authorized user physiological characteristic identification information list.
  • the collection device is further configured to collect the physiological feature identification information of the designated authorized user, and send the collected physiological characteristic identification information of the designated authorized user to the identification through remote communication.
  • Right device for archival purposes.
  • the collecting device may further encrypt the physiological feature identification information before sending the collected physiological feature identification information to the authentication device; correspondingly, the authentication device is receiving After the physiological feature identification information, it can be decrypted first.
  • the authentication device in the embodiment determines that the user corresponding to the physiological feature identification information is not an authorized user, the authentication device stores the physiological feature identification information in the illegal user physiological feature identification information list for subsequent calling. For example, after a security incident occurs, the illegal user can be checked by calling the physiological characteristic information of the user that has been accessed in the illegal user physiological characteristic identification information list.
  • FIG. 2 is a schematic structural diagram 2 of an authentication system according to Embodiment 1 of the present invention.
  • the authentication system provided in this embodiment may further include an electronic lock device, and the electronic lock device also implements a remote communication connection with the authentication device through the remote communication interface.
  • the electronic lock device can be used in a variety of access control systems, including in a variety of cabinets.
  • the remote unlocking instruction may be issued to the electronic lock device; and the electronic lock device completes the unlocking according to the remote unlocking command.
  • the authentication device when the authentication device determines that the user corresponding to the physiological feature identification information is not an authorized user, the authentication device may perform alarms in various manners, such as issuing an alarm sound and/or lighting a warning light.
  • the authentication device may also generate a corresponding event record for each authentication process and store it for subsequent maintenance and management.
  • the event record can specifically record user identity information and event related time information.
  • FIG. 3 is a schematic structural diagram of a collection apparatus according to Embodiment 1 of the present invention; the collection apparatus in this embodiment includes a processor, a data storage, and a program memory, and the collection apparatus includes information collection. Module, information sending module;
  • the information collection module is adapted to collect physiological feature identification information for identifying the current user identity
  • the information sending module is adapted to send the obtained physiological feature identification information to the authentication device by remote communication to authenticate the identity of the user.
  • the information collection module is further adapted to collect physiological characteristic information for the first use of the authorized user, and send the information to the authentication device for archiving by remote communication.
  • the authentication device in this embodiment includes:
  • the information receiving module is adapted to receive physiological feature identification information that is sent by the collecting device by remote communication, and the physiological feature identification information may be physiological characteristic information used for archiving when the user is used for the first time; or may be physiological for authentication Characteristic information
  • the authentication module is adapted to match the physiological feature identification information with the preset authorized user physiological feature identification information list, and determine whether the user corresponding to the physiological feature identification information is an authorized user; if yes, send an unlock to the electronic lock control module An instruction; if not, storing the physiological feature identification information in the list of illegal user physiological characteristic identification information for subsequent invocation; and performing an alarm through the alarm module;
  • An alarm module configured to trigger an alarm to perform an alarm, such as an audible alarm
  • the event recording module is adapted to record the user identity information of each authentication and the related time information of the event, etc., to be called by a total subsequent query;
  • the event query module is adapted to invoke the corresponding event record by inputting the query condition; or query the user physiological feature identification information in the list of illegal user physiological characteristic identification information, and return the query result;
  • the fingerprint information database is applicable to the storage maintenance authorized user physiological characteristic identification information list and the illegal user physiological characteristic identification information list;
  • the authorized user list maintenance module is configured to store the identity information of the authorized user and the corresponding physiological feature identification information in the authorized user physiological feature identification information list.
  • the illegal user list maintenance module is configured to store the physiological feature identification information in the illegal user physiological feature identification information list when the authentication module determines that the user corresponding to the physiological feature identification information is not an authorized user.
  • Embodiment 2 is a diagrammatic representation of Embodiment 1:
  • FIG. 5 is a schematic structural diagram of a cabinet management system according to Embodiment 2 of the present invention.
  • the cabinet and the remote authentication device 5 the cabinet includes a cabinet body 1, a cabinet door disposed on the cabinet body, an electronic lock device 3 for locking the cabinet door, and a cabinet
  • the collecting device 4 on the main body or the cabinet door, the collecting device 4 and the electronic lock device 3 are respectively connected in a remote communication with the authentication device 5.
  • the collecting device 4, the authenticating device 5 and the electronic lock device 3 in this embodiment can specifically adopt the collecting device, the authentication device and the electronic lock device described in the first embodiment; wherein:
  • the collecting device 4 collects physiological feature identification information for identifying the current user identity, and transmits the physiological feature identification information to the authentication device 5 through remote communication;
  • the authentication device 5 receives the physiological feature identification information sent by the collecting device 4 through the remote communication, and matches the physiological feature identification information with the preset authorized user physiological feature identification information list, and determines whether the user corresponding to the physiological feature identification information is authorized. a user; if yes, sending a remote unlocking command to the electronic lock device 3;
  • the electronic lock device 3 receives the remote unlocking command sent by the authentication device according to the physiological feature identification information when the corresponding user is an authorized user, and unlocks according to the remote unlocking command; so that the user opens the cabinet door 2.
  • the security cabinet based on the pattern recognition system provides the identification and identification of the physiological characteristic identification information, effectively preventing the damage and operation of the cabinet by unauthorized personnel, and improving the safety of the cabinet. .
  • the manual maintenance information of the cabinet equipment is recorded, the maintenance efficiency of the equipment is improved, and the backtracking means after the occurrence of the safety quality accident is provided.
  • Embodiment 3 is a diagrammatic representation of Embodiment 3
  • the specific application of the present invention is illustrated by taking fingerprint recognition as an example on the basis of the second embodiment.
  • the collection device at this time may be fingerprint information collection.
  • the terminal is mainly used for collecting fingerprint information of the user.
  • the specific application process is as follows:
  • FIG. 6 is a schematic diagram of a fingerprint information input process of an authorized user according to Embodiment 3 of the present invention.
  • the fingerprint information input process of the authorized user includes:
  • Step 601 The authorized personnel input fingerprint information by using a fingerprint information collecting terminal installed on the cabinet door.
  • Step 602 The fingerprint information collecting terminal encrypts the fingerprint information and transmits the fingerprint information to the remote authentication device through the remote communication interface.
  • Step 603 The authorized user list maintenance module in the authentication device stores the fingerprint information of the authorized person and the identity information such as the name into the authorized user physiological characteristic identification information list in the fingerprint information database, and completes the fingerprint information input.
  • FIG. 7 is a schematic diagram of a process for an authorized person to open a cabinet door according to Embodiment 3 of the present invention.
  • the process of authorizing personnel to open the cabinet door includes:
  • Step 701 The authorized personnel input fingerprint information by using a fingerprint information collecting terminal installed on the cabinet door.
  • Step 702 The fingerprint information collecting terminal encrypts the fingerprint information and transmits the fingerprint information to the authentication device through the remote communication interface.
  • Step 703 The authentication module in the authentication device decrypts the fingerprint information collected by the fingerprint information collecting terminal and matches the information of the authorized user's physiological feature identification information list, and determines that the user corresponding to the fingerprint is an authorized person; notifying the electronic lock control The module issues a remote unlocking command and notifies the event recording module;
  • Step 704 The event recording module records information such as the identity of the operator and the time associated with the event;
  • Step 705 After receiving the notification, the electronic lock control module sends a remote unlocking instruction to the electronic lock device through the remote communication interface.
  • Step 706 The electronic lock device installed on the cabinet door receives the remote unlocking command through the remote communication interface, and opens the door lock according to the instruction.
  • FIG. 8 is a schematic diagram of a process for an unauthorized person to open a cabinet door according to Embodiment 3 of the present invention.
  • the process of opening an enclosure door by an unauthorized person includes:
  • Step 801 The authorized personnel input fingerprint information by using a fingerprint information collecting terminal installed on the cabinet door.
  • Step 802 The fingerprint information collecting terminal encrypts the fingerprint information and transmits the fingerprint information to the authentication device through the remote communication interface.
  • Step 803 The authentication module in the authentication device decrypts the fingerprint information collected by the fingerprint information collecting terminal and matches the information of the authorized user's physiological feature identification information list, and determines that the user corresponding to the fingerprint is an unauthorized person; the notification alarm module And an event recording module, and recording the unauthorized fingerprint information into the list of illegal user physiological characteristic identification information;
  • Step 804 The event recording module records information such as an operator identity (unauthorized personnel) and an event-related time;
  • Step 805 The alarm module triggers an alarm and issues an alarm sound.
  • FIG. 9 is a schematic diagram of an event query process according to Embodiment 3 of the present invention.
  • the process of event query includes:
  • Step 901 Log in on the authentication device
  • Step 902 query conditions input through the event query module
  • Step 903 The event query module queries the operator of the event recording module, the operation time, and the like, and returns the query result.
  • Step 904 further query the unauthorized personnel information through the event query module; as shown in FIG. 10, the queried information includes the user name, the operation start time, the operation end time, the operation duration, and whether the alarm is reported (when an unauthorized person is found) When you want to open the cabinet);
  • Step 905 The event query module queries the fingerprint information of the unauthorized person in the list of the physiological feature identification information of the illegal user in the fingerprint information database and returns the query result.
  • all or part of the steps of the foregoing embodiments may also be implemented by using an integrated circuit, and the steps may be separately fabricated into integrated circuit modules, or multiple modules thereof or The steps are made into a single integrated circuit module.
  • the invention is not limited to any specific combination of hardware and software.
  • the devices/function modules/functional units in the above embodiments may be implemented by a general-purpose computing device, which may be centralized on a single computing device or distributed over a network of multiple computing devices.
  • each device/function module/functional unit in the above embodiment When each device/function module/functional unit in the above embodiment is implemented in the form of a software function module and sold or used as a stand-alone product, it can be stored in a computer readable storage medium.
  • the above mentioned computer readable storage medium may be a read only memory, a magnetic disk or an optical disk or the like.
  • the embodiment of the invention discloses an authentication method, a collecting device, an authentication device and a system, a cabinet and an unlocking method thereof, and the collecting device and the authentication device are separately set, and the physiological feature identification information of the authorized user is not stored on the collecting device. Rather, the authorized user's physiological feature identification information is stored on the remote authentication device side, which can prevent other users from destroying, stealing or tampering the authorized user's physiological feature identification information stored in the exposed collection device, thereby improving the authentication management. Security.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Measurement Of The Respiration, Hearing Ability, Form, And Blood Characteristics Of Living Organisms (AREA)
  • Lock And Its Accessories (AREA)

Abstract

An authentication method, a collection device, an authentication device and system, and a cabinet and an unlocking method therefor. The method comprises: collecting, by a collection device, physiological feature identification information about a current user identity and then sending same to an authentication device through a remote communication; receiving, by the authentication device, the physiological feature identification information sent by the collection device, and matching the physiological feature identification information with a pre-set list of physiological feature identification information about authorized users to complete authentication; not storing the physiological feature identification information about the authorized users in the collection device; storing the physiological feature identification information about the authorized users in a remote authentication device; and arranging the collection device and the authentication device separately. The solution can prevent other users from damaging, stealing or tampering with physiological feature identification information about authorized users in a collection device, and improve the security of authentication management.

Description

鉴权方法、采集装置、鉴权装置及系统、机柜及解锁方法Authentication method, collecting device, authentication device and system, cabinet and unlocking method 技术领域Technical field
本发明涉及通信领域,具体涉及一种鉴权方法、采集装置、鉴权装置及系统以及一种机柜及其解锁方法。The present invention relates to the field of communications, and in particular, to an authentication method, a collecting device, an authentication device and system, and a cabinet and an unlocking method thereof.
背景技术Background technique
目前,利用用户的指纹信息、脸部信息等生理特征信息的模式识别系统的应用日益广泛,例如应用于高级的门禁系统中。但是,当前的这些模式系统中,授权用户的指纹信息或脸部信息都是存储在采集终端(例如指纹采集终端、脸部信息采集终端)本地;而这类采集终端一般都设置在比较凸显的地方以便于用户输入相关信息,例如应用为门禁系统时,这类采集终端一般设置于门外的公共场所。因此采集终端中保存的授权用户的指纹信息或脸部信息等存在被人破坏、盗取或者篡改的风险,在较大的安全隐患。At present, a pattern recognition system that utilizes physiological characteristic information such as fingerprint information and face information of a user is increasingly used, for example, in an advanced access control system. However, in the current mode system, the fingerprint information or the face information of the authorized user are stored locally in the collection terminal (for example, the fingerprint collection terminal and the face information collection terminal); and such collection terminals are generally arranged in a relatively prominent manner. The place is convenient for the user to input relevant information, for example, when the application is an access control system, such collection terminals are generally installed in a public place outside the door. Therefore, the fingerprint information or the facial information of the authorized user stored in the collection terminal may be damaged, stolen or falsified, which is a potential safety hazard.
发明内容Summary of the invention
本发明实施例提供一种鉴权方法、采集装置、鉴权装置及系统以及机柜及其解锁方法,解决现有识别系统安全性低的问题。Embodiments of the present invention provide an authentication method, a collection device, an authentication device and system, and a cabinet and an unlocking method thereof, which solve the problem of low security of the existing identification system.
为解决上述技术问题,本发明实施例提供一种鉴权方法,包括:To solve the above technical problem, an embodiment of the present invention provides an authentication method, including:
鉴权装置接收采集装置通过远程通信发送的生理特征识别信息;The authentication device receives the physiological feature identification information sent by the collecting device by remote communication;
鉴权装置将所述生理特征识别信息与预设的授权用户生理特征识别信息列表进行匹配,判断该生理特征识别信息对应的用户是否是授权用户。The authentication device matches the physiological feature identification information with a preset authorized physiological feature identification information list, and determines whether the user corresponding to the physiological feature identification information is an authorized user.
可选地,在所述鉴权装置接收所述生理特征识别信息之前,还包括:Optionally, before the authenticating device receives the physiological feature identification information, the method further includes:
鉴权装置接收采集装置通过远程通信发送的指定授权用户的生理特征识别信息;The authentication device receives the physiological feature identification information of the designated authorized user that is sent by the collecting device by remote communication;
鉴权装置将所述指定授权用户的生理特征识别信息存入所述授权用户生理特征识别信息列表中。 The authentication device stores the physiological feature identification information of the designated authorized user in the authorized user physiological feature identification information list.
可选地,在所述鉴权装置判断所述生理特征识别信息对应的用户不是授权用户时,还包括将该生理特征识别信息存储到非法用户生理特征识别信息列表中。Optionally, when the authenticating device determines that the user corresponding to the physiological feature identification information is not an authorized user, the method further includes storing the physiological feature identification information in the illegal user physiological feature identification information list.
可选地,所述鉴权装置判断生理特征识别信息对应的用户是授权用户时,还包括向与之通信连接的电子锁装置下发远程解锁指令。Optionally, when the authenticating device determines that the user corresponding to the physiological feature identification information is an authorized user, the authentication device further includes issuing a remote unlocking instruction to the electronic lock device connected to the communication device.
可选地,所述生理特征识别信息包括指纹信息、脸部信息、眼睛信息和掌形信息中的至少一种。Optionally, the physiological feature identification information includes at least one of fingerprint information, face information, eye information, and palm shape information.
为了解决上述问题,本发明实施例还提供了一种鉴权方法,包括:In order to solve the above problem, an embodiment of the present invention further provides an authentication method, including:
采集装置采集用于识别当前用户身份的生理特征识别信息;The collecting device collects physiological feature identification information for identifying the current user identity;
采集装置将所述生理特征识别信息通过远程通信发送给鉴权装置,以对所述用户的身份进行鉴权。The collecting device sends the physiological feature identification information to the authentication device through remote communication to authenticate the identity of the user.
可选地,在采集装置采集用于识别当前用户身份的生理特征识别信息之前,还包括:Optionally, before the collecting device collects the physiological feature identification information for identifying the current user identity, the method further includes:
采集装置采集指定授权用户的生理特征识别信息;The collecting device collects physiological feature identification information of the designated authorized user;
采集装置将采集的指定授权用户的生理特征识别信息通过远程通信发送给所述鉴权装置。The collecting device transmits the collected physiological characteristic identification information of the designated authorized user to the authentication device by remote communication.
可选地,所述生理特征识别信息包括指纹信息、脸部信息、眼睛信息和掌形信息中的至少一种。Optionally, the physiological feature identification information includes at least one of fingerprint information, face information, eye information, and palm shape information.
为了解决上述问题,本发明实施例还提供了一种鉴权方法,包括:In order to solve the above problem, an embodiment of the present invention further provides an authentication method, including:
采集装置采集用于识别当前用户身份的生理特征识别信息;The collecting device collects physiological feature identification information for identifying the current user identity;
采集装置将所述生理特征识别信息通过远程通信发送给鉴权装置;The collecting device sends the physiological feature identification information to the authentication device by remote communication;
鉴权装置接收采集装置通过远程通信发送的生理特征识别信息;The authentication device receives the physiological feature identification information sent by the collecting device by remote communication;
鉴权装置将所述生理特征识别信息与预设的授权用户生理特征识别信息列表进行匹配,判断该生理特征识别信息对应的用户是否是授权用户。The authentication device matches the physiological feature identification information with a preset authorized physiological feature identification information list, and determines whether the user corresponding to the physiological feature identification information is an authorized user.
为了解决上述问题,本发明实施例还提供了一种机柜解锁方法,所述机柜设有采集装置和用于锁住所述机柜柜门的电子锁装置;所述采集装置和所述电子锁装置分别与所述鉴权装置远程通信连接; In order to solve the above problem, an embodiment of the present invention further provides a cabinet unlocking method, where the cabinet is provided with a collecting device and an electronic lock device for locking the cabinet door; the collecting device and the electronic lock device Remotely communicating with the authentication device;
所述采集装置采集用于识别当前用户身份的生理特征识别信息,将所述生理特征识别信息通过远程通信发送给鉴权装置,以对所述用户的身份进行鉴权;The collecting device collects physiological feature identification information for identifying the current user identity, and sends the physiological feature identification information to the authentication device through remote communication to authenticate the identity of the user;
所述电子锁装置接收所述鉴权装置根据所述生理特征识别信息判断所述用户是授权用户时发送的远程解锁指令,并根据该远程解锁指令进行解锁。The electronic lock device receives a remote unlocking command sent by the authentication device when the user is an authorized user according to the physiological feature identification information, and performs unlocking according to the remote unlocking instruction.
为了解决上述问题,本发明实施例还提供了一种鉴权装置,包括信息接收模块、鉴权模块;In order to solve the above problem, the embodiment of the present invention further provides an authentication device, including an information receiving module and an authentication module;
所述信息接收模块设置为接收采集装置通过远程通信发送的生理特征识别信息;The information receiving module is configured to receive physiological feature identification information that is sent by the collecting device by remote communication;
所述鉴权模块设置为将所述生理特征识别信息与预设的授权用户生理特征识别信息列表进行匹配,判断该生理特征识别信息对应的用户是否是授权用户。The authentication module is configured to match the physiological feature identification information with a preset authorized user physiological feature identification information list, and determine whether the user corresponding to the physiological feature identification information is an authorized user.
可选地,还包括非法用户列表维护模块;Optionally, an illegal user list maintenance module is further included;
所述非法用户列表维护模块设置为在所述鉴权模块判断所述生理特征识别信息对应的用户不是授权用户时,将所述生理特征识别信息存储到非法用户生理特征识别信息列表中。The illegal user list maintenance module is configured to store the physiological feature identification information in the illegal user physiological feature identification information list when the authentication module determines that the user corresponding to the physiological feature identification information is not an authorized user.
为了解决上述问题,本发明实施例还提供了采集装置,包括信息采集模块、信息发送模块;In order to solve the above problem, the embodiment of the present invention further provides a collection device, including an information collection module and an information transmission module;
所述信息采集模块设置为采集用于识别当前用户身份的生理特征识别信息;The information collection module is configured to collect physiological feature identification information for identifying a current user identity;
所述信息发送模块设置为将所述生理特征识别信息通过远程通信发送给鉴权装置,以对所述用户的身份进行鉴权。The information sending module is configured to send the physiological feature identification information to the authentication device by remote communication to authenticate the identity of the user.
为了解决上述问题,本发明实施例还提供了一种鉴权系统,包括采集装置和鉴权装置;In order to solve the above problem, an embodiment of the present invention further provides an authentication system, including an acquisition device and an authentication device;
所述采集装置设置为采集用于识别当前用户身份的生理特征识别信息,将所述生理特征识别信息通过远程通信发送给鉴权装置;The collecting device is configured to collect physiological feature identification information for identifying a current user identity, and send the physiological feature identification information to the authentication device by using remote communication;
所述鉴权装置设置为接收采集装置通过远程通信发送的生理特征识别信息;将所述生理特征识别信息与预设的授权用户生理特征识别信息列表进行 匹配,判断该生理特征识别信息对应的用户是否是授权用户。The authentication device is configured to receive physiological feature identification information that is sent by the collecting device by remote communication; and perform the physiological feature identification information and the preset authorized user physiological feature identification information list. Matching, determining whether the user corresponding to the physiological feature identification information is an authorized user.
可选地,所述鉴权装置还设置为判断所述生理特征识别信息对应的用户不是授权用户时,将该生理特征识别信息存储到非法用户生理特征识别信息列表中。Optionally, the authenticating device is further configured to: when the user corresponding to the physiological feature identification information is not an authorized user, store the physiological feature identification information in the illegal user physiological feature identification information list.
可选地,还包括电子锁装置;所述鉴权装置还设置为判断生理特征识别信息对应的用户是授权用户时,向所述电子锁装置下发远程解锁指令;所述电子锁装置用于根据所述远程解锁指令进行解锁。Optionally, the electronic lock device is further configured to: when determining that the user corresponding to the physiological feature identification information is an authorized user, sending a remote unlocking instruction to the electronic lock device; the electronic lock device is configured to: The unlocking is performed according to the remote unlocking instruction.
为了解决上述问题,本发明实施例还提供了一种机柜,包括机柜主体、设置于机柜主体上的机柜门、适用于锁定所述机柜门的电子锁装置以及设置于所述机柜主体或所述机柜门上的采集装置,所述采集装置和所述电子锁装置分别与所述鉴权装置远程通信连接;In order to solve the above problems, an embodiment of the present invention further provides a cabinet, including a cabinet body, a cabinet door disposed on the cabinet body, an electronic lock device adapted to lock the cabinet door, and the cabinet body or the a collecting device on the cabinet door, wherein the collecting device and the electronic lock device are respectively remotely connected to the authentication device;
所述采集装置设置为采集用于识别当前用户身份的生理特征识别信息,将所述生理特征识别信息通过远程通信发送给鉴权装置,以对所述用户的身份进行鉴权;The collecting device is configured to collect physiological feature identification information for identifying a current user identity, and send the physiological feature identification information to the authentication device by remote communication to authenticate the identity of the user;
所述电子锁装置设置为接收所述鉴权装置根据所述生理特征识别信息判断所述用户是授权用户时发送的远程解锁指令,并根据该远程解锁指令进行解锁。The electronic lock device is configured to receive a remote unlocking instruction sent by the authentication device when determining that the user is an authorized user according to the physiological feature identification information, and unlocking according to the remote unlocking instruction.
本发明实施例还提供一种计算机程序及其载体,该计算机程序包括程序指令,当该程序指令被鉴权设备执行时,使得该设备可实施上述鉴权的方法。The embodiment of the invention further provides a computer program and a carrier thereof, the computer program comprising program instructions, when the program instruction is executed by the authentication device, enabling the device to implement the method for authenticating.
本发明实施例的有益效果是:The beneficial effects of the embodiments of the present invention are:
本发明实施例提供的鉴权方法、采集装置、鉴权装置及系统以及机柜及其解锁方法,将采集装置和鉴权装置分离设置;然后采集装置采集到识别当前用户身份的生理特征识别信息后,通过远程通信发送给鉴权装置;鉴权装置接收采集装置发送的生理特征识别信息,将该生理特征识别信息与预设的授权用户生理特征识别信息列表进行匹配完成鉴权。可见,本发明实施例中采集装置上并不存储授权用户生理特征识别信息,而是将授权用户生理特征识别信息存储在远程的鉴权装置一侧;因此可避免其他用户对暴露在外的采集装置中存储的授权用户生理特征识别信息进行破坏、盗取或者篡改,提升 了鉴权管理的安全性。The authentication method, the collecting device, the authentication device and the system, the cabinet and the unlocking method thereof are provided separately, and the collecting device and the authentication device are separately set; and then the collecting device collects the physiological feature identification information identifying the current user identity. And transmitting to the authentication device by remote communication; the authentication device receives the physiological feature identification information sent by the collection device, and matches the physiological feature identification information with the preset authorized user physiological feature identification information list to complete the authentication. It can be seen that, in the embodiment of the present invention, the physiological characteristic identification information of the authorized user is not stored on the collecting device, but the physiological characteristic identification information of the authorized user is stored on the side of the remote authentication device; therefore, other users may be prevented from being exposed to the external collecting device. The physiological characteristic identification information of the authorized user stored in the store is destroyed, stolen or tampered with, and improved The security of authentication management.
附图概述BRIEF abstract
图1为本发明实施例一提供的鉴权系统结构示意图一;1 is a schematic structural diagram 1 of an authentication system according to Embodiment 1 of the present invention;
图2为本发明实施例一提供的鉴权系统结构示意图二;2 is a schematic structural diagram 2 of an authentication system according to Embodiment 1 of the present invention;
图3为本发明实施例一提供的采集装置的结构示意图;3 is a schematic structural diagram of a collection device according to Embodiment 1 of the present invention;
图4为本发明实施例一提供的鉴权装置的结构示意图;4 is a schematic structural diagram of an authentication apparatus according to Embodiment 1 of the present invention;
图5为本发明实施例二提供的机柜管理系统结构示意图;FIG. 5 is a schematic structural diagram of a cabinet management system according to Embodiment 2 of the present invention; FIG.
图6为本发明实施例三提供的授权用户的指纹信息录入过程的示意图;6 is a schematic diagram of a fingerprint information input process of an authorized user according to Embodiment 3 of the present invention;
图7为本发明实施例三提供的授权人员打开机柜柜门过程的示意图;7 is a schematic diagram of a process for an authorized person to open a cabinet door according to Embodiment 3 of the present invention;
图8为本发明实施例三提供的未授权人员打开机柜柜门过程的示意图;8 is a schematic diagram of a process for an unauthorized person to open a cabinet door according to Embodiment 3 of the present invention;
图9为本发明实施例三提供的事件查询过程的示意图;FIG. 9 is a schematic diagram of an event query process according to Embodiment 3 of the present invention; FIG.
图10为本发明实施例三提供的事件记录示意图。FIG. 10 is a schematic diagram of event recording according to Embodiment 3 of the present invention.
本发明的较佳实施方式Preferred embodiment of the invention
下文中将结合附图对本发明的实施例进行详细说明。需要说明的是,在不冲突的情况下,本申请中的实施例及实施例中的特征可以相互任意组合。另外,虽然在流程图中示出了逻辑顺序,但是在某些情况下,可以以不同于此处的顺序执行所示出或描述的步骤。Embodiments of the present invention will be described in detail below with reference to the accompanying drawings. It should be noted that, in the case of no conflict, the features in the embodiments and the embodiments in the present application may be arbitrarily combined with each other. Additionally, although logical sequences are shown in the flowcharts, in some cases the steps shown or described may be performed in a different order than the ones described herein.
实施例一:Embodiment 1:
图1为本发明实施例一提供的鉴权系统结构示意图一。参考图1,本实施例提供的鉴权系统包括采集装置和鉴权装置,其中采集装置和鉴权装置分设于不同的硬件终端上,二者之间通过远程通信接口远程通信连接。应当理解的是,本实施例中的远程通信连接是指不同硬件设备之间的通信连接;其是为了区分于同一硬件设备内不同功能模块之间的通信。本实施例中的远程通信既可以是通过各种网络实现,也可以是通过各种数据线传输。在此不再进行赘述。 FIG. 1 is a schematic structural diagram 1 of an authentication system according to Embodiment 1 of the present invention. Referring to FIG. 1, the authentication system provided in this embodiment includes an acquisition device and an authentication device. The collection device and the authentication device are respectively disposed on different hardware terminals, and the two are remotely connected through a remote communication interface. It should be understood that the remote communication connection in this embodiment refers to a communication connection between different hardware devices; it is to distinguish communication between different functional modules in the same hardware device. The remote communication in this embodiment may be implemented through various networks or through various data lines. I will not repeat them here.
在本实施例中,采集装置主要采集用于识别用户身份的生理特征识别信息,并通过远程通信发送给鉴权装置,以对用户进行身份鉴权处理;In this embodiment, the collecting device mainly collects physiological feature identification information for identifying the user identity, and sends the information to the authentication device through remote communication to perform identity authentication processing on the user;
鉴权装置接收所述采集装置通过远程通信发送的生理特征识别信息,将该生理特征识别信息与预设的授权用户生理特征识别信息列表进行匹配,判断该生理特征识别信息对应的用户是否是授权用户。The authentication device receives the physiological feature identification information sent by the collecting device by remote communication, and matches the physiological feature identification information with a preset authorized physiological feature identification information list, and determines whether the user corresponding to the physiological feature identification information is authorized. user.
本实施例在采集装置这一侧并不存储授权用户生理特征识别信息,采集装置主要用于实现用户的生理特征识别信息的采集和转发;本实施例中授权用户生理特征识别信息存储在后端的鉴权装置上,这样可以避免其他用户从前端的采集装置中获取的用户的生理特征识别信息从而造成各种安全隐患。应当理解的是,本实施例中的授权用户生理特征识别信息既可以直接存储在鉴权装置本地上,也可以存储在远程的其他数据库或服务器上,鉴权装置需要使用时再进行获取。In this embodiment, the physiological characteristic identification information of the authorized user is not stored on the side of the collecting device, and the collecting device is mainly used for collecting and forwarding the physiological characteristic identification information of the user. In this embodiment, the physiological characteristic identification information of the authorized user is stored in the back end. On the authentication device, this can avoid the user's physiological feature identification information acquired by other users from the front-end collection device, thereby causing various security risks. It should be understood that the authorized user physiological feature identification information in this embodiment may be stored directly on the authentication device locally, or may be stored in other remote databases or servers, and the authentication device needs to be used again.
应当理解的是,本实施例中的生理特征识别信息包括指纹信息、脸部信息、眼睛信息和掌形信息等的至少一种。也即,本实施例可以通过指纹识别、脸部识别、眼睛识别和/或手掌掌形识别完成鉴权。具体包含哪些信息可根据具体的应用场景进行选定,例如可以通过指纹识别和脸部识别技术完成鉴权,此时获取的生理特征识别信息就可包含用户的指纹信息和脸部信息。It should be understood that the physiological feature identification information in the embodiment includes at least one of fingerprint information, face information, eye information, and palm shape information. That is, the present embodiment can perform authentication by fingerprint recognition, face recognition, eye recognition, and/or palm shape recognition. Specifically, the information may be selected according to a specific application scenario. For example, the fingerprint identification and the face recognition technology may be used for authentication. The physiological feature identification information acquired at this time may include the user's fingerprint information and facial information.
本实施例中,在鉴权装置上预设授权用户生理特征识别信息列表时,可以直接从其他设备中导入相应用户的生理特征信息、用户身份信息(包括姓名、性别等);也可通过前端的采集装置对指定的授权用户的生理特征信息进行采集,然后将该生理特征信息与对应的用户身份信息存储在授权用户生理特征识别信息列表中。此时采集装置在采集用于识别当前用户身份的生理特征识别信息之前,还用于采集指定授权用户的生理特征识别信息,并将采集的指定授权用户的生理特征识别信息通过远程通信发送给鉴权装置,以供存档。In this embodiment, when the authorized user physiological characteristic identification information list is preset on the authentication device, the physiological characteristic information and the user identity information (including name, gender, etc.) of the corresponding user may be directly imported from other devices; The collecting device collects the physiological characteristic information of the designated authorized user, and then stores the physiological characteristic information and the corresponding user identity information in the authorized user physiological characteristic identification information list. At this time, before the collection device collects the physiological feature identification information for identifying the current user identity, the collection device is further configured to collect the physiological feature identification information of the designated authorized user, and send the collected physiological characteristic identification information of the designated authorized user to the identification through remote communication. Right device for archival purposes.
本实施例中,为了提升鉴权的安全性,采集装置在将采集的生理特征识别信息发给鉴权装置之前,还可对该生理特征识别信息进行加密处理;对应的,鉴权装置在收到该生理特征识别信息后,可先对其进行解密处理。In this embodiment, in order to improve the security of the authentication, the collecting device may further encrypt the physiological feature identification information before sending the collected physiological feature identification information to the authentication device; correspondingly, the authentication device is receiving After the physiological feature identification information, it can be decrypted first.
在现有通过指纹识别或脸部识别等对未授权的用户进行验证的过程中, 当验证出该用户不是授权用户时,仅仅提示验证错误,验证不通过,不会进行任何其他措施。这容易导致在出现安全事故后缺乏后期提取证据的功能,也容易造成安全隐患。因此,本实施例中的鉴权装置在判断出该生理特征识别信息对应的用户不是授权用户时,还将该生理特征识别信息存储到非法用户生理特征识别信息列表中以供后续调用。例如,一旦发生安全事故后,可以通过调用非法用户生理特征识别信息列表中存储的来访问过的用户的生理特征信息从而实现对非法用户的排查。In the process of verifying unauthorized users by fingerprint recognition or face recognition, When it is verified that the user is not an authorized user, only the verification error is prompted, the verification fails, and no other measures are taken. This easily leads to the lack of post-extraction evidence in the event of a security incident, and is also prone to security risks. Therefore, when the authentication device in the embodiment determines that the user corresponding to the physiological feature identification information is not an authorized user, the authentication device stores the physiological feature identification information in the illegal user physiological feature identification information list for subsequent calling. For example, after a security incident occurs, the illegal user can be checked by calling the physiological characteristic information of the user that has been accessed in the illegal user physiological characteristic identification information list.
图2为本发明实施例一提供的鉴权系统结构示意图二。参见图2所示,本实施例中提供的鉴权系统还可包括电子锁装置,电子锁装置也通过远程通信接口与鉴权装置实现远程通信连接。电子锁装置可应用于各种门禁系统中,包括应用于各种机柜上。本实施例中,当鉴权装置在判断出该生理特征识别信息对应的用户是授权用户时,则可向该电子锁装置下发远程解锁指令;电子锁装置则根据该远程解锁指令完成解锁。FIG. 2 is a schematic structural diagram 2 of an authentication system according to Embodiment 1 of the present invention. Referring to FIG. 2, the authentication system provided in this embodiment may further include an electronic lock device, and the electronic lock device also implements a remote communication connection with the authentication device through the remote communication interface. The electronic lock device can be used in a variety of access control systems, including in a variety of cabinets. In this embodiment, when the authentication device determines that the user corresponding to the physiological feature identification information is an authorized user, the remote unlocking instruction may be issued to the electronic lock device; and the electronic lock device completes the unlocking according to the remote unlocking command.
在本实施例中,鉴权装置在判断出该生理特征识别信息对应的用户不是授权用户时,还可通过各种方式进行告警,例如发出告警声音和/或点亮告警灯等。In this embodiment, when the authentication device determines that the user corresponding to the physiological feature identification information is not an authorized user, the authentication device may perform alarms in various manners, such as issuing an alarm sound and/or lighting a warning light.
本实施例中,鉴权装置还可对每次鉴权处理生成对应的事件记录并进行存储,以供后续维护、管理过程中进行查看。事件记录具体可记录用户身份信息以及事件相关的时间信息等。In this embodiment, the authentication device may also generate a corresponding event record for each authentication process and store it for subsequent maintenance and management. The event record can specifically record user identity information and event related time information.
具体地,参见图3所示,图3为本发明实施例一提供的采集装置的结构示意图;本实施例中的采集装置,包括处理器、数据存储器和程序存储器,所述采集装置包括信息采集模块、信息发送模块;Specifically, referring to FIG. 3, FIG. 3 is a schematic structural diagram of a collection apparatus according to Embodiment 1 of the present invention; the collection apparatus in this embodiment includes a processor, a data storage, and a program memory, and the collection apparatus includes information collection. Module, information sending module;
信息采集模块适用于采集用于识别当前用户身份的生理特征识别信息;The information collection module is adapted to collect physiological feature identification information for identifying the current user identity;
信息发送模块适用于将得到的生理特征识别信息通过远程通信发送给鉴权装置,以对所述用户的身份进行鉴权。The information sending module is adapted to send the obtained physiological feature identification information to the authentication device by remote communication to authenticate the identity of the user.
信息采集模块还适用于对授权用户第一次使用进行生理特征信息的采集,并通过远程通信发给鉴权装置以进行存档用。The information collection module is further adapted to collect physiological characteristic information for the first use of the authorized user, and send the information to the authentication device for archiving by remote communication.
图4为本发明实施例一提供的鉴权装置的结构示意图;参见图4所示, 本实施例中的鉴权装置包括:4 is a schematic structural diagram of an authentication apparatus according to Embodiment 1 of the present invention; The authentication device in this embodiment includes:
信息接收模块,适用于接收采集装置通过远程通信发送的生理特征识别信息,该生理特征识别信息可以是授权用户第一次使用时用于存档的生理特征信息;也可以是用于鉴权的生理特征信息;The information receiving module is adapted to receive physiological feature identification information that is sent by the collecting device by remote communication, and the physiological feature identification information may be physiological characteristic information used for archiving when the user is used for the first time; or may be physiological for authentication Characteristic information
鉴权模块,适用于将生理特征识别信息与预设的授权用户生理特征识别信息列表进行匹配,判断该生理特征识别信息对应的用户是否是授权用户;如果是,则向电子锁控制模块发送解锁指令;如果不是,将该生理特征识别信息存储到非法用户生理特征识别信息列表中以供后续调用;以及通过告警模块进行告警;The authentication module is adapted to match the physiological feature identification information with the preset authorized user physiological feature identification information list, and determine whether the user corresponding to the physiological feature identification information is an authorized user; if yes, send an unlock to the electronic lock control module An instruction; if not, storing the physiological feature identification information in the list of illegal user physiological characteristic identification information for subsequent invocation; and performing an alarm through the alarm module;
告警模块,适用于触发警报进行告警,例如发出声音告警;An alarm module, configured to trigger an alarm to perform an alarm, such as an audible alarm;
事件记录模块,适用于记录每次鉴权的用户身份信息以及事件的相关时间信息等以共后续查询调用;The event recording module is adapted to record the user identity information of each authentication and the related time information of the event, etc., to be called by a total subsequent query;
事件查询模块,适用于通过输入查询条件调用相应的事件记录;或者查询非法用户生理特征识别信息列表中的用户生理特征识别信息,并返回查询结果;The event query module is adapted to invoke the corresponding event record by inputting the query condition; or query the user physiological feature identification information in the list of illegal user physiological characteristic identification information, and return the query result;
指纹信息数据库,适用于存储维护授权用户生理特征识别信息列表和非法用户生理特征识别信息列表;The fingerprint information database is applicable to the storage maintenance authorized user physiological characteristic identification information list and the illegal user physiological characteristic identification information list;
授权用户列表维护模块,适用于将授权用户的身份信息以及对应的生理特征识别信息存入授权用户生理特征识别信息列表。The authorized user list maintenance module is configured to store the identity information of the authorized user and the corresponding physiological feature identification information in the authorized user physiological feature identification information list.
非法用户列表维护模块,适用于在鉴权模块判断生理特征识别信息对应的用户不是授权用户时,将该生理特征识别信息存储到非法用户生理特征识别信息列表中。The illegal user list maintenance module is configured to store the physiological feature identification information in the illegal user physiological feature identification information list when the authentication module determines that the user corresponding to the physiological feature identification information is not an authorized user.
实施例二:Embodiment 2:
目前,传统的机柜采用的安全措施是使用钥匙或密码电子锁,但是其中存在很多问题与漏洞,如钥匙被复制使用,密码泄漏等等都会导致安全防范失效,机柜中设备被破坏,设备丢失时有发生,缺少一种安全有效的保护手段。另外机柜的日常维护也必不可少。以前人工维护主要通过现场操作人员 将姓名、操作时间记录到记录册。但这种方式存在如:设备人员记录的不可靠、不完整和记录册难以保存等缺陷,使得一旦出现人为操作失误带来的安全质量事故无法问责。因此需要一种记录全面、可靠的人工维护信息的记录装置。而将本申请提供鉴权系统应用于机柜上,则可提升机柜管理的安全性,并可提供记录全面、可靠的人工维护信息的记录。At present, the security measures adopted by traditional cabinets are the use of key or password electronic locks, but there are many problems and loopholes, such as the use of keys to be copied, password leakage, etc., which will lead to security failures, equipment in the cabinet is destroyed, and equipment is lost. There is a lack of a safe and effective means of protection. In addition, routine maintenance of the cabinet is also essential. Previous manual maintenance mainly through field operators Record the name and operation time to the log book. However, such methods exist as defects such as unreliable, incomplete records and difficult to keep records of the equipment personnel, so that safety quality accidents caused by human error can not be held accountable. There is therefore a need for a recording device that records comprehensive and reliable manual maintenance information. The application of the authentication system provided in the present application to the cabinet can improve the security of the cabinet management and provide a record of comprehensive and reliable manual maintenance information.
图5为本发明实施例二提供的机柜管理系统结构示意图。参见图5所示的机柜管理系统,机柜和远程的鉴权装置5,该机柜包括机柜主体1、设置于机柜主体上的机柜门2、适用于锁定机柜门的电子锁装置3以及设置于机柜主体或机柜门上的采集装置4,采集装置4和电子锁装置3分别与鉴权装置5远程通信连接。在本实施例中的采集装置4、鉴权装置5以及电子锁装置3具体可采用实施例一中所述的采集装置、鉴权装置和电子锁装置;其中:FIG. 5 is a schematic structural diagram of a cabinet management system according to Embodiment 2 of the present invention. Referring to the cabinet management system shown in FIG. 5, the cabinet and the remote authentication device 5, the cabinet includes a cabinet body 1, a cabinet door disposed on the cabinet body, an electronic lock device 3 for locking the cabinet door, and a cabinet The collecting device 4 on the main body or the cabinet door, the collecting device 4 and the electronic lock device 3 are respectively connected in a remote communication with the authentication device 5. The collecting device 4, the authenticating device 5 and the electronic lock device 3 in this embodiment can specifically adopt the collecting device, the authentication device and the electronic lock device described in the first embodiment; wherein:
采集装置4采集用于识别当前用户身份的生理特征识别信息,将生理特征识别信息通过远程通信发送给鉴权装置5;The collecting device 4 collects physiological feature identification information for identifying the current user identity, and transmits the physiological feature identification information to the authentication device 5 through remote communication;
鉴权装置5接收采集装置4通过远程通信发送的生理特征识别信息,将该生理特征识别信息与预设的授权用户生理特征识别信息列表进行匹配,判断该生理特征识别信息对应的用户是否是授权用户;如是,向电子锁装置3发送远程解锁指令;The authentication device 5 receives the physiological feature identification information sent by the collecting device 4 through the remote communication, and matches the physiological feature identification information with the preset authorized user physiological feature identification information list, and determines whether the user corresponding to the physiological feature identification information is authorized. a user; if yes, sending a remote unlocking command to the electronic lock device 3;
电子锁装置3接收鉴权装置根据生理特征识别信息判断对应用户是授权用户时发送的远程解锁指令,并根据该远程解锁指令进行解锁;以便用户打开机柜门2。The electronic lock device 3 receives the remote unlocking command sent by the authentication device according to the physiological feature identification information when the corresponding user is an authorized user, and unlocks according to the remote unlocking command; so that the user opens the cabinet door 2.
本实施例提供的基于纹识别系统的安全机柜,与现有的机柜相比,通过生理特征识别信息鉴权识别,有效的防止了未授权人员对机柜的破坏和操作,提高了机柜的安全性。同时实现了机柜设备人工维护信息的记录,提高设备的维护效率并且提供安全质量事故发生后回溯手段。Compared with the existing cabinet, the security cabinet based on the pattern recognition system provides the identification and identification of the physiological characteristic identification information, effectively preventing the damage and operation of the cabinet by unauthorized personnel, and improving the safety of the cabinet. . At the same time, the manual maintenance information of the cabinet equipment is recorded, the maintenance efficiency of the equipment is improved, and the backtracking means after the occurrence of the safety quality accident is provided.
实施例三:Embodiment 3:
为了更好的理解本发明,本实施例在实施例二的基础上,以指纹识别为例对本发明的具体应用进行示例说明。此时的采集装置可以是指纹信息采集 终端,其主要用于采集用户的指纹信息。具体的应用过程分别如下:For a better understanding of the present invention, the specific application of the present invention is illustrated by taking fingerprint recognition as an example on the basis of the second embodiment. The collection device at this time may be fingerprint information collection. The terminal is mainly used for collecting fingerprint information of the user. The specific application process is as follows:
图6为本发明实施例三提供的授权用户的指纹信息录入过程的示意图。参见图6所示,授权用户的指纹信息录入过程包括:FIG. 6 is a schematic diagram of a fingerprint information input process of an authorized user according to Embodiment 3 of the present invention. Referring to FIG. 6, the fingerprint information input process of the authorized user includes:
步骤601:授权人员通过安装在机柜门上的指纹信息采集终端输入指纹信息;Step 601: The authorized personnel input fingerprint information by using a fingerprint information collecting terminal installed on the cabinet door.
步骤602:指纹信息采集终端将指纹信息加密通过远程通信接口传给远程的鉴权装置;Step 602: The fingerprint information collecting terminal encrypts the fingerprint information and transmits the fingerprint information to the remote authentication device through the remote communication interface.
步骤603:鉴权装置中的授权用户列表维护模块将授权人员的指纹信息和姓名等身份信息存入指纹信息数据库中的授权用户生理特征识别信息列表,完成指纹信息录入。Step 603: The authorized user list maintenance module in the authentication device stores the fingerprint information of the authorized person and the identity information such as the name into the authorized user physiological characteristic identification information list in the fingerprint information database, and completes the fingerprint information input.
图7为本发明实施例三提供的授权人员打开机柜柜门过程的示意图。参见图7所示,授权人员打开机柜柜门的过程包括:FIG. 7 is a schematic diagram of a process for an authorized person to open a cabinet door according to Embodiment 3 of the present invention. Referring to Figure 7, the process of authorizing personnel to open the cabinet door includes:
步骤701:授权人员通过安装在机柜门上的指纹信息采集终端输入指纹信息;Step 701: The authorized personnel input fingerprint information by using a fingerprint information collecting terminal installed on the cabinet door.
步骤702:指纹信息采集终端将指纹信息加密通过远程通信接口传给鉴权装置;Step 702: The fingerprint information collecting terminal encrypts the fingerprint information and transmits the fingerprint information to the authentication device through the remote communication interface.
步骤703:鉴权装置中鉴权模块将指纹信息采集终端采集的指纹信息解密并与授权用户生理特征识别信息列表的信息进行匹配识别,判断出该指纹对应的用户是授权人员;通知电子锁控制模块下发远程解锁指令,并通知事件记录模块;Step 703: The authentication module in the authentication device decrypts the fingerprint information collected by the fingerprint information collecting terminal and matches the information of the authorized user's physiological feature identification information list, and determines that the user corresponding to the fingerprint is an authorized person; notifying the electronic lock control The module issues a remote unlocking command and notifies the event recording module;
步骤704:事件记录模块记录操作人员身份、以及事件相关的时间等信息;Step 704: The event recording module records information such as the identity of the operator and the time associated with the event;
步骤705:电子锁控制模块收到通知后,通过远程通信接口向电子锁装置发送远程解锁指令;Step 705: After receiving the notification, the electronic lock control module sends a remote unlocking instruction to the electronic lock device through the remote communication interface.
步骤706:安装在机柜门上的电子锁装置通过远程通信接口接收远程解锁指令,并根据该指令开启门锁。Step 706: The electronic lock device installed on the cabinet door receives the remote unlocking command through the remote communication interface, and opens the door lock according to the instruction.
图8为本发明实施例三提供的未授权人员打开机柜柜门过程的示意图。参见图8所示,未授权人员打开机柜柜门的过程包括: FIG. 8 is a schematic diagram of a process for an unauthorized person to open a cabinet door according to Embodiment 3 of the present invention. Referring to Figure 8, the process of opening an enclosure door by an unauthorized person includes:
步骤801:授权人员通过安装在机柜门上的指纹信息采集终端输入指纹信息;Step 801: The authorized personnel input fingerprint information by using a fingerprint information collecting terminal installed on the cabinet door.
步骤802:指纹信息采集终端将指纹信息加密通过远程通信接口传给鉴权装置;Step 802: The fingerprint information collecting terminal encrypts the fingerprint information and transmits the fingerprint information to the authentication device through the remote communication interface.
步骤803:鉴权装置中鉴权模块将指纹信息采集终端采集的指纹信息解密并与授权用户生理特征识别信息列表的信息进行匹配识别,判断出该指纹对应的用户是未授权人员;通知告警模块和事件记录模块,并将该未授权指纹信息记录到非法用户生理特征识别信息列表中;Step 803: The authentication module in the authentication device decrypts the fingerprint information collected by the fingerprint information collecting terminal and matches the information of the authorized user's physiological feature identification information list, and determines that the user corresponding to the fingerprint is an unauthorized person; the notification alarm module And an event recording module, and recording the unauthorized fingerprint information into the list of illegal user physiological characteristic identification information;
步骤804:事件记录模块记录操作人员身份(未授权人员)、以及事件相关的时间等信息;Step 804: The event recording module records information such as an operator identity (unauthorized personnel) and an event-related time;
步骤805:告警模块触发警报,发出告警声。Step 805: The alarm module triggers an alarm and issues an alarm sound.
图9为本发明实施例三提供的事件查询过程的示意图。参见图9所示,事件查询的过程包括:FIG. 9 is a schematic diagram of an event query process according to Embodiment 3 of the present invention. Referring to Figure 9, the process of event query includes:
步骤901:在鉴权装置上登陆;Step 901: Log in on the authentication device;
步骤902:通过事件查询模块输入的查询条件Step 902: query conditions input through the event query module
步骤903:事件查询模块查询事件记录模块的操作人员、操作时间等信息并返回查询结果;Step 903: The event query module queries the operator of the event recording module, the operation time, and the like, and returns the query result.
步骤904:通过事件查询模块进一步查询未授权人员信息;如图10所示,查询出的信息包括用户名,操作开始时间,操作结束时间,操作持续时间以及是否上报了告警(当发现非授权人员想打开机柜时);Step 904: further query the unauthorized personnel information through the event query module; as shown in FIG. 10, the queried information includes the user name, the operation start time, the operation end time, the operation duration, and whether the alarm is reported (when an unauthorized person is found) When you want to open the cabinet);
步骤905:事件查询模块查询指纹信息数据库中非法用户生理特征识别信息列表中的未授权人员指纹信息并返回查询结果。Step 905: The event query module queries the fingerprint information of the unauthorized person in the list of the physiological feature identification information of the illegal user in the fingerprint information database and returns the query result.
本领域普通技术人员可以理解上述实施例的全部或部分步骤可以使用计算机程序流程来实现,所述计算机程序可以存储于一计算机可读存储介质中,所述计算机程序在相应的硬件平台上(如系统、设备、装置、器件等)执行,在执行时,包括方法实施例的步骤之一或其组合。One of ordinary skill in the art will appreciate that all or a portion of the steps of the above-described embodiments can be implemented using a computer program flow, which can be stored in a computer readable storage medium, such as on a corresponding hardware platform (eg, The system, device, device, device, etc. are executed, and when executed, include one or a combination of the steps of the method embodiments.
可选地,上述实施例的全部或部分步骤也可以使用集成电路来实现,这些步骤可以被分别制作成一个个集成电路模块,或者将它们中的多个模块或 步骤制作成单个集成电路模块来实现。这样,本发明不限制于任何特定的硬件和软件结合。Optionally, all or part of the steps of the foregoing embodiments may also be implemented by using an integrated circuit, and the steps may be separately fabricated into integrated circuit modules, or multiple modules thereof or The steps are made into a single integrated circuit module. Thus, the invention is not limited to any specific combination of hardware and software.
上述实施例中的各装置/功能模块/功能单元可以采用通用的计算装置来实现,它们可以集中在单个的计算装置上,也可以分布在多个计算装置所组成的网络上。The devices/function modules/functional units in the above embodiments may be implemented by a general-purpose computing device, which may be centralized on a single computing device or distributed over a network of multiple computing devices.
上述实施例中的各装置/功能模块/功能单元以软件功能模块的形式实现并作为独立的产品销售或使用时,可以存储在一个计算机可读取存储介质中。上述提到的计算机可读取存储介质可以是只读存储器,磁盘或光盘等。When each device/function module/functional unit in the above embodiment is implemented in the form of a software function module and sold or used as a stand-alone product, it can be stored in a computer readable storage medium. The above mentioned computer readable storage medium may be a read only memory, a magnetic disk or an optical disk or the like.
任何熟悉本技术领域的技术人员在本发明揭露的技术范围内,可轻易想到变化或替换,都应涵盖在本发明的保护范围之内。因此,本发明的保护范围应以权利要求所述的保护范围为准。Variations or substitutions are readily conceivable within the scope of the present invention by those skilled in the art and are within the scope of the present invention. Therefore, the scope of the invention should be determined by the scope of the claims.
工业实用性Industrial applicability
本发明实施例公开了一种鉴权方法、采集装置、鉴权装置及系统以及机柜及其解锁方法,将采集装置和鉴权装置分离设置,采集装置上并不存储授权用户生理特征识别信息,而是将授权用户生理特征识别信息存储在远程的鉴权装置一侧,可避免其他用户对暴露在外的采集装置中存储的授权用户生理特征识别信息进行破坏、盗取或者篡改,提升鉴权管理的安全性。 The embodiment of the invention discloses an authentication method, a collecting device, an authentication device and a system, a cabinet and an unlocking method thereof, and the collecting device and the authentication device are separately set, and the physiological feature identification information of the authorized user is not stored on the collecting device. Rather, the authorized user's physiological feature identification information is stored on the remote authentication device side, which can prevent other users from destroying, stealing or tampering the authorized user's physiological feature identification information stored in the exposed collection device, thereby improving the authentication management. Security.

Claims (19)

  1. 一种鉴权方法,包括:An authentication method includes:
    鉴权装置接收采集装置通过远程通信发送的生理特征识别信息;The authentication device receives the physiological feature identification information sent by the collecting device by remote communication;
    鉴权装置将所述生理特征识别信息与预设的授权用户生理特征识别信息列表进行匹配,判断该生理特征识别信息对应的用户是否是授权用户。The authentication device matches the physiological feature identification information with a preset authorized physiological feature identification information list, and determines whether the user corresponding to the physiological feature identification information is an authorized user.
  2. 如权利要求1所述的鉴权方法,其中,在鉴权装置接收所述生理特征识别信息之前,还包括:The authentication method of claim 1, wherein before the authenticating device receives the physiological feature identification information, the method further comprises:
    鉴权装置接收采集装置通过远程通信发送的指定授权用户的生理特征识别信息;The authentication device receives the physiological feature identification information of the designated authorized user that is sent by the collecting device by remote communication;
    鉴权装置将所述指定授权用户的生理特征识别信息存入所述授权用户生理特征识别信息列表中。The authentication device stores the physiological feature identification information of the designated authorized user in the authorized user physiological feature identification information list.
  3. 如权利要求1或2所述的鉴权方法,其中,所述鉴权装置判断所述生理特征识别信息对应的用户不是授权用户时,还包括将该生理特征识别信息存储到非法用户生理特征识别信息列表中。The authentication method according to claim 1 or 2, wherein, when the authentication device determines that the user corresponding to the physiological feature identification information is not an authorized user, the method further includes storing the physiological feature identification information to an illegal user physiological feature recognition In the information list.
  4. 如权利要求1或2所述的鉴权方法,其中,所述鉴权装置判断生理特征识别信息对应的用户是授权用户时,还包括向与之通信连接的电子锁装置下发远程解锁指令。The authentication method according to claim 1 or 2, wherein the authenticating means determines that the user corresponding to the physiological feature identification information is an authorized user, and further comprises issuing a remote unlocking instruction to the electronic lock device communicably connected thereto.
  5. 如权利要求1或2所述的鉴权方法,其中,所述生理特征识别信息包括指纹信息、脸部信息、眼睛信息和掌形信息中的至少一种。The authentication method according to claim 1 or 2, wherein the physiological feature identification information includes at least one of fingerprint information, face information, eye information, and palm shape information.
  6. 一种鉴权方法,包括:An authentication method includes:
    采集装置采集用于识别当前用户身份的生理特征识别信息;The collecting device collects physiological feature identification information for identifying the current user identity;
    采集装置将所述生理特征识别信息通过远程通信发送给鉴权装置,以对所述用户的身份进行鉴权。The collecting device sends the physiological feature identification information to the authentication device through remote communication to authenticate the identity of the user.
  7. 如权利要求6所述的鉴权方法,在采集装置采集用于识别当前用户身份的生理特征识别信息之前,还包括:The authentication method of claim 6, before the collecting device collects the physiological feature identification information for identifying the current user identity, the method further includes:
    采集装置采集指定授权用户的生理特征识别信息;The collecting device collects physiological feature identification information of the designated authorized user;
    采集装置将采集的指定授权用户的生理特征识别信息通过远程通信发送给所述鉴权装置。 The collecting device transmits the collected physiological characteristic identification information of the designated authorized user to the authentication device by remote communication.
  8. 如权利要求6或7所述的鉴权方法,其中,所述生理特征识别信息包括指纹信息、脸部信息、眼睛信息和掌形信息中的至少一种。The authentication method according to claim 6 or 7, wherein the physiological feature identification information includes at least one of fingerprint information, face information, eye information, and palm shape information.
  9. 一种鉴权方法,包括:An authentication method includes:
    采集装置采集用于识别当前用户身份的生理特征识别信息;The collecting device collects physiological feature identification information for identifying the current user identity;
    采集装置将所述生理特征识别信息通过远程通信发送给鉴权装置;The collecting device sends the physiological feature identification information to the authentication device by remote communication;
    鉴权装置接收采集装置通过远程通信发送的生理特征识别信息;The authentication device receives the physiological feature identification information sent by the collecting device by remote communication;
    鉴权装置将所述生理特征识别信息与预设的授权用户生理特征识别信息列表进行匹配,判断该生理特征识别信息对应的用户是否是授权用户。The authentication device matches the physiological feature identification information with a preset authorized physiological feature identification information list, and determines whether the user corresponding to the physiological feature identification information is an authorized user.
  10. 一种机柜解锁方法,所述机柜设有采集装置和适用于锁住所述机柜柜门的电子锁装置;所述采集装置和所述电子锁装置分别与所述鉴权装置远程通信连接;A cabinet unlocking method, the cabinet is provided with a collecting device and an electronic lock device adapted to lock the cabinet door; the collecting device and the electronic lock device are respectively remotely connected with the authentication device;
    所述采集装置采集适用于识别当前用户身份的生理特征识别信息,将所述生理特征识别信息通过远程通信发送给鉴权装置,以对所述用户的身份进行鉴权;The collecting device collects physiological feature identification information suitable for identifying the current user identity, and sends the physiological feature identification information to the authentication device through remote communication to authenticate the identity of the user;
    所述电子锁装置接收所述鉴权装置根据所述生理特征识别信息判断所述用户是授权用户时发送的远程解锁指令,并根据该远程解锁指令进行解锁。The electronic lock device receives a remote unlocking command sent by the authentication device when the user is an authorized user according to the physiological feature identification information, and performs unlocking according to the remote unlocking instruction.
  11. 一种鉴权装置,包括信息接收模块、鉴权模块;An authentication device includes an information receiving module and an authentication module;
    所述信息接收模块设置为接收采集装置通过远程通信发送的生理特征识别信息;The information receiving module is configured to receive physiological feature identification information that is sent by the collecting device by remote communication;
    所述鉴权模块设置为将所述生理特征识别信息与预设的授权用户生理特征识别信息列表进行匹配,判断该生理特征识别信息对应的用户是否是授权用户。The authentication module is configured to match the physiological feature identification information with a preset authorized user physiological feature identification information list, and determine whether the user corresponding to the physiological feature identification information is an authorized user.
  12. 如权利要求11所述的鉴权装置,还包括非法用户列表维护模块;The authentication device according to claim 11, further comprising an illegal user list maintenance module;
    所述非法用户列表维护模块设置为在所述鉴权模块判断所述生理特征识别信息对应的用户不是授权用户时,将所述生理特征识别信息存储到非法用户生理特征识别信息列表中。The illegal user list maintenance module is configured to store the physiological feature identification information in the illegal user physiological feature identification information list when the authentication module determines that the user corresponding to the physiological feature identification information is not an authorized user.
  13. 一种采集装置,包括:信息采集模块、信息发送模块;A collecting device includes: an information collecting module and an information sending module;
    所述信息采集模块设置为采集用于识别当前用户身份的生理特征识别信 息;The information collection module is configured to collect a physiological feature identification letter for identifying a current user identity interest;
    所述信息发送模块设置为将所述生理特征识别信息通过远程通信发送给鉴权装置,以对所述用户的身份进行鉴权。The information sending module is configured to send the physiological feature identification information to the authentication device by remote communication to authenticate the identity of the user.
  14. 一种鉴权系统,包括:采集装置和鉴权装置;An authentication system includes: an acquisition device and an authentication device;
    所述采集装置设置为采集用于识别当前用户身份的生理特征识别信息,将所述生理特征识别信息通过远程通信发送给鉴权装置;The collecting device is configured to collect physiological feature identification information for identifying a current user identity, and send the physiological feature identification information to the authentication device by using remote communication;
    所述鉴权装置接收采集装置通过远程通信发送的生理特征识别信息;将所述生理特征识别信息与预设的授权用户生理特征识别信息列表进行匹配,判断该生理特征识别信息对应的用户是否是授权用户。The authentication device receives the physiological feature identification information sent by the collecting device by remote communication; matching the physiological feature identification information with a preset authorized physiological feature identification information list, and determining whether the user corresponding to the physiological feature identification information is Authorized user.
  15. 如权利要求14所述的鉴权系统,其中,所述鉴权装置还设置为判断所述生理特征识别信息对应的用户不是授权用户时,将该生理特征识别信息存储到非法用户生理特征识别信息列表中。The authentication system according to claim 14, wherein the authentication device is further configured to store the physiological feature identification information to the illegal user physiological feature identification information when the user corresponding to the physiological feature identification information is not authorized user List.
  16. 如权利要求14或15所述的鉴权系统,还包括电子锁装置;所述鉴权装置还设置为判断生理特征识别信息对应的用户是授权用户时,向所述电子锁装置下发远程解锁指令;所述电子锁装置设置为根据所述远程解锁指令进行解锁。The authentication system according to claim 14 or 15, further comprising an electronic lock device; wherein the authentication device is further configured to: when determining that the user corresponding to the physiological feature identification information is an authorized user, issue a remote unlock to the electronic lock device An instruction; the electronic lock device is configured to unlock according to the remote unlock command.
  17. 一种机柜,包括机柜主体、设置于机柜主体上的机柜门、适用于锁定所述机柜门的电子锁装置以及设置于所述机柜主体或所述机柜门上的采集装置,所述采集装置和所述电子锁装置分别与所述鉴权装置远程通信连接;A cabinet includes a cabinet body, a cabinet door disposed on the cabinet body, an electronic lock device adapted to lock the cabinet door, and a collecting device disposed on the cabinet body or the cabinet door, the collecting device and The electronic lock device is respectively remotely connected to the authentication device;
    所述采集装置采集设置为识别当前用户身份的生理特征识别信息,将所述生理特征识别信息通过远程通信发送给鉴权装置,以对所述用户的身份进行鉴权;The collecting device collects physiological feature identification information that is set to identify the current user identity, and sends the physiological feature identification information to the authentication device through remote communication to authenticate the identity of the user;
    所述电子锁装置设置为接收所述鉴权装置根据所述生理特征识别信息判断所述用户是授权用户时发送的远程解锁指令,并根据该远程解锁指令进行解锁。The electronic lock device is configured to receive a remote unlocking instruction sent by the authentication device when determining that the user is an authorized user according to the physiological feature identification information, and unlocking according to the remote unlocking instruction.
  18. 一种计算机程序,包括程序指令,当该程序指令被鉴权设备执行时,使得该设备可实施权利要求1-9任一项的方法。A computer program comprising program instructions that, when executed by an authentication device, cause the device to perform the method of any of claims 1-9.
  19. 一种载有权利要求18所述计算机程序的载体。 A carrier carrying the computer program of claim 18.
PCT/CN2014/094000 2014-07-23 2014-12-16 Authentication method, collection device, authentication device and system, and cabinet and unlocking method therefor WO2015117507A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201410353811.X 2014-07-23
CN201410353811.XA CN105320865A (en) 2014-07-23 2014-07-23 Authentication method, collection device, authentication device and system, equipment cabinet and unlocking method

Publications (1)

Publication Number Publication Date
WO2015117507A1 true WO2015117507A1 (en) 2015-08-13

Family

ID=53777312

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2014/094000 WO2015117507A1 (en) 2014-07-23 2014-12-16 Authentication method, collection device, authentication device and system, and cabinet and unlocking method therefor

Country Status (2)

Country Link
CN (1) CN105320865A (en)
WO (1) WO2015117507A1 (en)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2017041458A1 (en) * 2015-09-08 2017-03-16 京东方科技集团股份有限公司 Identity recognition method, transmitting terminal, receiving terminal, wearable device and identity recognition system
CN109522696A (en) * 2018-12-20 2019-03-26 金航数码科技有限责任公司 A kind of safe cabinet and its management-control method based on double factor bio-identification mode
CN111061579A (en) * 2019-12-31 2020-04-24 安徽智恒信科技股份有限公司 Method and system for transferring information of intelligent cabinet driven by multi-state machine events
CN112819670A (en) * 2021-01-08 2021-05-18 北京嘀嘀无限科技发展有限公司 Information processing method and device, readable storage medium and electronic equipment
CN116049790A (en) * 2022-06-28 2023-05-02 荣耀终端有限公司 Unlocking method and device and electronic equipment

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20190114858A1 (en) * 2017-10-16 2019-04-18 Raritan Americas, Inc. System for controlling access to an equipment rack and intelligent power distribution unit and control unit used therein
CN111734221B (en) * 2020-06-23 2022-02-11 上海市信息管线有限公司 Well lid unlocking method, device, equipment, storage medium and system
CN113970895A (en) * 2021-10-25 2022-01-25 国网天津市电力公司电力科学研究院 Intelligent cabinet system for information machine room
CN114500107B (en) * 2022-04-02 2022-06-17 公安部信息通信中心 Cross-platform service cooperation and authentication system

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1492375A (en) * 2003-09-04 2004-04-28 杰 陈 Method for using finger print identification technology in bank teller management
CN101748939A (en) * 2009-12-17 2010-06-23 上海电机学院 Fingerprint remote lock and the control method thereof
CN103106736A (en) * 2012-12-28 2013-05-15 华为软件技术有限公司 Identity authentication method, terminal and server
CN203573385U (en) * 2013-11-16 2014-04-30 福州广发电气设备有限公司 Switch cabinet based on fingerprint security identification

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1492375A (en) * 2003-09-04 2004-04-28 杰 陈 Method for using finger print identification technology in bank teller management
CN101748939A (en) * 2009-12-17 2010-06-23 上海电机学院 Fingerprint remote lock and the control method thereof
CN103106736A (en) * 2012-12-28 2013-05-15 华为软件技术有限公司 Identity authentication method, terminal and server
CN203573385U (en) * 2013-11-16 2014-04-30 福州广发电气设备有限公司 Switch cabinet based on fingerprint security identification

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2017041458A1 (en) * 2015-09-08 2017-03-16 京东方科技集团股份有限公司 Identity recognition method, transmitting terminal, receiving terminal, wearable device and identity recognition system
CN109522696A (en) * 2018-12-20 2019-03-26 金航数码科技有限责任公司 A kind of safe cabinet and its management-control method based on double factor bio-identification mode
CN111061579A (en) * 2019-12-31 2020-04-24 安徽智恒信科技股份有限公司 Method and system for transferring information of intelligent cabinet driven by multi-state machine events
CN111061579B (en) * 2019-12-31 2024-02-02 安徽智恒信科技股份有限公司 Method and system for multi-state machine event driven intelligent cabinet circulation information
CN112819670A (en) * 2021-01-08 2021-05-18 北京嘀嘀无限科技发展有限公司 Information processing method and device, readable storage medium and electronic equipment
CN116049790A (en) * 2022-06-28 2023-05-02 荣耀终端有限公司 Unlocking method and device and electronic equipment

Also Published As

Publication number Publication date
CN105320865A (en) 2016-02-10

Similar Documents

Publication Publication Date Title
WO2015117507A1 (en) Authentication method, collection device, authentication device and system, and cabinet and unlocking method therefor
CN107038777B (en) Safety communication method based on intelligent door lock system and intelligent door lock system thereof
CN105261096A (en) Network smart lock system
CN103473844A (en) Intelligent control method and intelligent control system for public rental housing
CN202003425U (en) Central management system for monitoring intelligent lock
CN209103378U (en) A kind of access control system with speech recognition
CN109711126A (en) A kind of computer information safe management system and method
US20200098208A1 (en) Security control device, security control method, security system and storage medium
CN103580872A (en) System and method for generating and managing secret key
CN101406350A (en) Fingerprint file cabinet system and control method thereof
CN111767583A (en) Block chain-based enterprise internal information security guarantee method and system
CN110310406A (en) Unlocking method of intelligent door lock and intelligent door lock
CN106292646B (en) A kind of power grid control end data port monitoring system and method
CN109684804A (en) A kind of method for security protection and system of BMC serial ports
US20150186677A1 (en) Server chassis physical security enforcement
CN104680670A (en) Re-encryption/encryption technique solution for key control points during bank card operation on ATM (automatic teller machine)
CN112699987B (en) Method and system for monitoring work task by using lock
CN110298196A (en) A kind of electronic information security storage system and storage method
CN201343952Y (en) Integrative cabinet
CN109285256A (en) Computer room based on block chain authentication enter permission give method
CN106982204A (en) Credible and secure platform
CN112100662A (en) Regional data safety monitoring system
CN109584421A (en) A kind of intelligent door lock authentication administrative system based on domestic safety chip
CN112637172A (en) Novel data security and confidentiality method
CN110288727A (en) The intelligent system on duty in unmanned laboratory

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 14881477

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 14881477

Country of ref document: EP

Kind code of ref document: A1