WO2017219759A1 - User check-in method and system - Google Patents

User check-in method and system Download PDF

Info

Publication number
WO2017219759A1
WO2017219759A1 PCT/CN2017/082364 CN2017082364W WO2017219759A1 WO 2017219759 A1 WO2017219759 A1 WO 2017219759A1 CN 2017082364 W CN2017082364 W CN 2017082364W WO 2017219759 A1 WO2017219759 A1 WO 2017219759A1
Authority
WO
WIPO (PCT)
Prior art keywords
dynamic
electronic signature
terminal device
dynamic electronic
user
Prior art date
Application number
PCT/CN2017/082364
Other languages
French (fr)
Chinese (zh)
Inventor
李培冀
Original Assignee
深圳市海月通信技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from CN201610463702.2A external-priority patent/CN106130732A/en
Priority claimed from CN201610642255.7A external-priority patent/CN106254066A/en
Application filed by 深圳市海月通信技术有限公司 filed Critical 深圳市海月通信技术有限公司
Publication of WO2017219759A1 publication Critical patent/WO2017219759A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/02Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/03Protecting confidentiality, e.g. by encryption
    • H04W12/033Protecting confidentiality, e.g. by encryption of the user plane, e.g. user's traffic

Definitions

  • the present application relates to the field of personnel management, and in particular, to a method and system for user sign-in.
  • the present application provides a method and system for user sign-in, which can improve the authenticity of the user's sign-in.
  • An embodiment of the present invention provides a method for a user to check in, including:
  • a terminal device having a self-dynamic signature and a wireless communication capability is allocated to a location that the user needs to check in. After the user terminal device generates the authentication information, the terminal device sends the authentication information to the client carried by the user by using a wireless manner, and the client passes the Sending the authentication information to the server in a wireless manner, where the authentication information includes the first dynamic electronic signature and the identification information of the terminal device;
  • the server obtains a second key corresponding to the terminal device that is stored in advance according to the identifier information, and obtains a second dynamic electronic signature by using the preset encryption algorithm according to the second key and the second dynamic parameter;
  • the server further authenticates the first dynamic electronic signature according to the second dynamic electronic signature, and after the authentication is passed, determines that the user is successfully checked in.
  • the terminal device of the user generates the authentication information, where the terminal device performs a self-signature operation on the first dynamic parameter as the signature parameter and the preset first key according to the cryptographic algorithm to obtain a group of authentications.
  • Information wirelessly sending signature information and device information.
  • the first dynamic electronic signature is obtained by the terminal device of the user, where the first dynamic electronic signature is obtained by the terminal device according to the first dynamic parameter and the first key by using a preset encryption algorithm; Or the first dynamic electronic signature is obtained by using a preset encryption algorithm according to the first dynamic parameter and the first key acquired from the client; or the first dynamic electronic signature is obtained according to the obtained from the client.
  • the first dynamic parameter and the locally obtained first key are obtained by a preset encryption algorithm.
  • the authentication information further includes the first dynamic parameter and the second dynamic parameter; the first dynamic parameter and the second dynamic parameter include one or more of a time, a challenge code, or an event,
  • the value of the second dynamic parameter is equal to the value of the first dynamic parameter or the value calculated according to the first dynamic parameter.
  • the obtaining, by using the second key and the second dynamic parameter, the second dynamic electronic signature by using the preset encryption algorithm includes: :
  • the dynamic electronic signature group is obtained by using the preset encryption algorithm according to the second dynamic parameter and the second key according to the preset time interval, where the dynamic electronic signature group includes multiple Second dynamic electronic signature;
  • the server authenticates the first dynamic electronic signature according to the second dynamic electronic signature. After the authentication is passed, determining that the user successfully signs in the check includes:
  • the authentication information when the first dynamic parameter and the second dynamic parameter are time, the authentication information further includes a local time of the terminal device or a local time of the client;
  • the obtaining, by the preset encryption algorithm, the second dynamic electronic signature according to the second key and the second dynamic parameter includes: the server receiving the The local time of the terminal device sent by the client, and obtaining the second dynamic electronic signature by using the preset encryption algorithm according to the second key and the local time of the terminal device;
  • the obtaining the second dynamic electronic signature by using the preset encryption algorithm according to the second key and the second dynamic parameter includes: the server receiving the client sending The local time of the client, and obtaining a second dynamic electronic signature by using the preset encryption algorithm according to the second key and the local time of the client and the second dynamic parameter;
  • the server authenticates the first dynamic electronic signature according to the second dynamic electronic signature. After the authentication is passed, determining that the user successfully signs in the check includes:
  • the method further includes performing a self-signature operation on the first dynamic parameter, the first key, and the terminal device identification information, which are signature parameters, according to a cryptographic algorithm, to obtain a set of authentication information.
  • the client sends the authentication information in a wireless manner, where the client periodically broadcasts the terminal device identification information and the authentication information by using a wireless manner, or sends the query when the client receives the query command.
  • the terminal device identification information and the authentication information are used to authenticate the client's authentication information.
  • An embodiment of the present invention further provides a system for a user to check in, including:
  • the terminal device obtains the authentication information and sends the information to the client by using a wireless method, where the authentication information includes the first dynamic electronic signature and the identifier information of the terminal device; the authentication information is based on the first key and the first Dynamic parameters, obtaining a first dynamic electronic signature by an encryption algorithm;
  • a client configured to receive, by using a wireless manner, authentication information sent by the terminal device, and send the information to the server;
  • a server configured to acquire a pre-stored second key corresponding to the terminal device according to the identifier information, and obtain a second dynamic electronic signature by using the preset encryption algorithm according to the second key and the second dynamic parameter And for using the second dynamic electronic signature to enter the first dynamic electronic signature Line authentication, after the certification is passed, it is determined that the user sign-in is successful.
  • the terminal device is specifically configured to perform a self-signature operation on the first dynamic parameter as the signature parameter and the preset first key according to the cryptographic algorithm, to obtain a set of authentication information.
  • the first dynamic electronic signature is obtained by the terminal device according to the first dynamic parameter and the first key by using a preset encryption algorithm.
  • the dynamic electronic signature is obtained by using a preset encryption algorithm according to the first dynamic parameter and the first key acquired from the client; or the dynamic electronic signature is based on the first obtained from the client.
  • a dynamic parameter and a locally acquired first key are obtained by a preset encryption algorithm.
  • the authentication information further includes the first dynamic parameter and the second dynamic parameter; the first dynamic parameter and the second dynamic parameter include a time or an event, and the value of the second dynamic parameter is Equivalent to the value of the first dynamic parameter or the value calculated according to the first dynamic parameter.
  • the server when the first dynamic parameter and the second dynamic parameter are time, the server is specifically configured to determine a preset time period based on the local time of the server, and at the preset time.
  • the dynamic electronic signature group is obtained by the preset encryption algorithm according to the second dynamic parameter and the second key according to the preset time interval, wherein the dynamic electronic signature group includes multiple second dynamic electronic signatures. ;
  • the method is further specifically configured to determine whether a second dynamic electronic signature that is the same as the first dynamic electronic signature exists in the dynamic electronic signature group, and when there is a second dynamic electronic signature that is the same as the first dynamic electronic signature, determining The user checked in successfully.
  • the authentication information when the first dynamic parameter and the second dynamic parameter are time, the authentication information further includes a local time of the terminal device or a local time of the client;
  • the server is configured to: when the authentication information includes the local time of the terminal device, receive a local time of the terminal device sent by the client, and according to the second key and the terminal device The local time is obtained by the preset encryption algorithm to obtain a second dynamic electronic signature; when the authentication information includes the local time of the client, receiving the local time of the client sent by the client, and according to the second secret And a second dynamic electronic signature obtained by the key and the local time of the client and the second dynamic parameter by using the preset encryption algorithm;
  • the method is further specifically configured to determine whether the first dynamic electronic signature is the same as the second dynamic electronic signature, and when the first dynamic electronic signature is the same as the second dynamic electronic signature, determining that the user is successfully checked in.
  • the terminal device is further configured to perform self-signature calculation on the first dynamic parameter, the first key, and the terminal device identification information, which are signature parameters, according to a cryptographic algorithm, to obtain a set of authentication information.
  • the client is specifically configured to periodically receive the terminal device identification information and the authentication information by using a wireless manner, or receive the terminal device identification information and the authentication information after sending the query instruction.
  • the method and system for user sign-in provided by the application method include: assigning a terminal device having a self-dynamic signature and a wireless propagation capability to a location that the user needs to check in, and after the user terminal device generates the authentication information, the terminal device passes the wireless device.
  • the method sends the authentication information to the client carried by the user, and the client sends the authentication information to the server by using a wireless method, where the authentication information includes the first dynamic electronic signature and the identifier information of the terminal device;
  • the server obtains a second key corresponding to the terminal device that is pre-stored according to the identifier information, and obtains a second dynamic electronic signature by using the preset encryption algorithm according to the second key and the second dynamic parameter;
  • the server further authenticates the first dynamic electronic signature according to the second dynamic electronic signature, and after the authentication is passed, determines that the user is successfully checked in. In this way, authentication by dynamic electronic signature can improve the authenticity of the user's check-in.
  • FIG. 1 is a schematic flowchart diagram of a method for a user to check in according to an exemplary embodiment of the present application
  • FIG. 2 is a schematic flowchart diagram of another method for a user to check in according to an exemplary embodiment of the present application
  • FIG. 3 is a schematic flowchart diagram of another method for a user to check in according to an exemplary embodiment of the present application
  • FIG. 4 is a schematic flowchart diagram of still another method for a user to check in according to an exemplary embodiment of the present application.
  • FIG. 5 is a schematic structural diagram of a system that is checked in by a user according to an exemplary embodiment of the present application.
  • first, second, third, etc. may be used to describe various information in this application, such information should not be limited to these terms. These terms are only used to distinguish the same type of information from each other.
  • first information may also be referred to as the second information without departing from the scope of the present application.
  • second information may also be referred to as the first information.
  • word "if” as used herein may be interpreted as "when” or “when” or “in response to a determination.”
  • FIG. 1 is a method for a user to check in according to an embodiment of the present invention. As shown in FIG. 1 , the method includes:
  • S101 Allocating a terminal device with a self-dynamic signature and a wireless communication capability to a location that the user needs to check in. After the user terminal device generates the authentication information, the terminal device sends the authentication information to the client carried by the user by using a wireless manner, where the client The terminal sends the authentication information to the server by using a wireless method, where the authentication information includes the first dynamic electronic signature and the identification information of the terminal device.
  • the authentication information includes the first dynamic electronic signature and the identifier information of the terminal device, where the first dynamic electronic signature is obtained by the terminal device according to the first dynamic parameter and the first key by using a preset encryption algorithm; or The dynamic electronic signature is based on the first dynamic parameter obtained from the client and the first The key is obtained by using a preset encryption algorithm; or the dynamic electronic signature is obtained by using a preset encryption algorithm according to the first dynamic parameter acquired from the client and the first key obtained locally.
  • the preset encryption algorithm includes However, it is not limited to the following algorithms: SM1 algorithm, SM3 algorithm, MD5 algorithm, SHA algorithm, AES algorithm, and RSA algorithm.
  • the first dynamic parameter, the first key, and the terminal device identification information which are the signature parameters, may be self-signed by the cryptographic algorithm to obtain a set of authentication information.
  • the terminal device periodically broadcasts the terminal device identification information and the authentication information by using a wireless manner, or sends the terminal device identification information and the authentication information when the terminal device receives the query instruction.
  • the identification information of the terminal device includes, but is not limited to, a device serial number (SN), a Bluetooth address, a Mac address, a Wifi address, a device name, and the like, and any one or more pieces of information capable of uniquely identifying the device.
  • the authentication information further includes the first dynamic parameter and the second dynamic parameter; the first dynamic parameter and the second dynamic parameter include one or more of a time, a challenge code, or an event, where the second dynamic parameter The value is equal to the value of the first dynamic parameter or the value calculated according to the first dynamic parameter.
  • the event may be a patrol task or a security check task of the patrol personnel, which is not limited in this embodiment.
  • the first dynamic electronic signature can be obtained in the following three manners.
  • the terminal device obtains the first dynamic electronic signature by using a preset encryption algorithm. Specifically, the terminal device acquires the first stored locally dense identifier. Key and local time, and obtaining the first dynamic electronic signature by using a preset encryption algorithm according to the first key and the local time, and sending the obtained first dynamic electronic signature and terminal device identification information to the client, and the second type
  • the first dynamic electronic signature is obtained by using a preset encryption algorithm according to the local time of the terminal device. Specifically, the terminal device acquires the first key stored locally and the local time of the client, according to the first key and the local time.
  • the first dynamic electronic signature is obtained by using a preset encryption algorithm.
  • the third implementation manner is that the terminal device obtains the first dynamic electronic signature by using a preset encryption algorithm according to the local time of the client. Specifically, the terminal device receives the local time of the client. And according to the first key of the terminal device and the local time of the client Default encryption algorithm over the first dynamic electronic signature.
  • the identifier information of the terminal device may be other information that can uniquely identify the terminal device, such as a serial number or a device name, which is not limited in this embodiment, and the terminal device according to the first dynamic parameter and its own first secret.
  • the key obtains the first dynamic electronic signature by using a preset encryption algorithm, and after obtaining the first dynamic electronic signature, the terminal device may display the obtained first dynamic electronic signature to the user, for example, the first dynamic electronic signature and the identifier may be The information is printed or attached to the terminal device, or the terminal device displays the first dynamic electronic signature and the identification information to the user through a display (such as a liquid crystal display LCD), and of course, can also be displayed to the user by sound or image.
  • a display such as a liquid crystal display LCD
  • the embodiment of the present invention does not limit this. In this way, after the user knows the first dynamic electronic signature and the identification information through the eyes or the ear, the user can transmit through the wireless signal or Bluetooth or WIFI through the client (mobile phone or tablet computer, etc.). Give the
  • the user can obtain the first dynamic electronic signature and the identification information directly from the terminal device through the client.
  • the terminal device transmits the first dynamic electronic signature and the identification information to the client by using a wireless signal or a Bluetooth or WIFI.
  • the first dynamic electronic signature is obtained by the client, the first dynamic electronic signature is directly presented to the user by the client.
  • the server obtains the stored second key of the terminal device according to the identifier information, and obtains a second dynamic electronic signature by using the preset encryption algorithm according to the second key and the second dynamic parameter.
  • the step includes the following three implementation manners.
  • the server does not include the authentication information sent by the server.
  • the local time of the terminal device or the client At this time, in this step, the server determines a preset time period based on the local time of the server (for example, 5 minutes before and after the current time), and according to the preset time period, according to The second dynamic parameter obtains a dynamic electronic signature group by using the preset encryption algorithm according to a preset time interval (for example, 1 minute), wherein the dynamic electronic signature group includes multiple second dynamic electronic signatures; for example, the server can be preset
  • the encryption algorithm calculates a second dynamic electronic signature corresponding to each minute within 10 minutes centered on the local time of the server, and forms a dynamic electronic signature group according to the obtained second dynamic electronic signature; the second implementation manner is in step S101.
  • the authentication information sent to the server includes the local time of the terminal device, and the server receives the local time of the terminal device sent by the client, and passes the local key according to the second key and the local time of the terminal device.
  • the preset encryption algorithm obtains the second dynamic electronic signature.
  • the third implementation manner is: if the client sends the first dynamic electronic signature obtained according to the local time in the step S101, the authentication information sent to the server includes the The local time of the client, the server receives the local time of the client sent by the client, and obtains the second dynamic electronic signature by using the preset encryption algorithm according to the second key and the local time of the client.
  • the server authenticates the first dynamic electronic signature according to the second dynamic electronic signature, and after the authentication is passed, determines that the user is successfully checked in.
  • the server receives the local time of the client or the terminal device in the authentication information sent by the client, in this step, Determining, by the server, whether the second dynamic electronic signature is the same as the first dynamic electronic signature in the dynamic electronic signature group, and determining that the user is successfully checked when the second dynamic electronic signature is the same as the first dynamic electronic signature; otherwise ,unsuccessful.
  • the server determines whether the first dynamic electronic signature is the same as the second dynamic electronic signature in this step.
  • the user is determined to be successful in sign-in, otherwise, the user is unsuccessful.
  • the location of the stored terminal device is obtained, and the location of the client is determined to be the location of the terminal device, so that the client can be accurately located to obtain the location of the user.
  • the server stores the location of the terminal device in advance.
  • first dynamic electronic signature and the second dynamic electronic signature may be an electronic signature based on a digital certificate or an electronic signature based on a dynamic password, which is not limited in this embodiment.
  • the check-in by dynamic electronic signature can improve the authenticity of the user's sign-in.
  • the first dynamic parameter or the second dynamic parameter is time
  • the authentication information sent by the client to the server does not include the local time of the client or the terminal device, and the method includes:
  • the client acquires a first dynamic electronic signature obtained by the terminal device according to the local time of the terminal device and the first key by using a preset encryption algorithm, and identifier information of the terminal device.
  • the preset encryption algorithm includes but is not limited to the following algorithms: SM1 algorithm, SM3 algorithm, MD5 algorithm, SHA algorithm, AES algorithm, and RSA algorithm.
  • the client sends the authentication information of the terminal device to the server.
  • the authentication information includes the identifier information of the terminal device and the first dynamic electronic signature, and the identifier information of the terminal device may be other information that can uniquely identify the terminal device, such as a serial number or a device name, which is not limited in this embodiment.
  • the terminal device obtains the first dynamic electronic signature by using a preset encryption algorithm according to the local time and the first key of the user, and after obtaining the first dynamic electronic signature, the terminal device may display the first dynamic electronic signature obtained by the terminal device.
  • the first dynamic electronic signature and the identification information may be printed or attached to the terminal device, or the terminal device displays the first dynamic electronic signature and the identification information to the user through the liquid crystal display, and of course,
  • the method of the present invention is not limited to the embodiment of the present invention. After the user knows the first dynamic electronic signature and the identification information through the eyes or the ear, the user can use the client (mobile phone or tablet computer, etc.). Wireless signal or Bluetooth or WIFI transmission to the service .
  • the user can obtain the first dynamic electronic signature and the identification information directly from the terminal device through the client.
  • the terminal device is labeled with a two-dimensional code label, and the user scans the two-dimensional code label through the client to obtain the first dynamic.
  • the electronic signature and the identification information; or, the terminal device transmits the first dynamic electronic signature and the identification information to the client by using a wireless signal or a Bluetooth or WIFI.
  • the server acquires a pre-stored second key corresponding to the terminal device according to the identifier information in the authentication information.
  • the server determines a preset time period based on the local time of the server, and obtains a dynamic electronic signature by using the preset encryption algorithm according to the local time of the server and the second key according to the preset time interval. group.
  • the dynamic electronic signature group includes a plurality of second dynamic electronic signatures, and the preset time period can be It is 5 minutes before and after the current time, and the preset time interval can be one minute.
  • the server determines whether a second dynamic electronic signature that is the same as the first dynamic electronic signature exists in the dynamic electronic signature group.
  • the server determines that the user is successfully checked in.
  • the authentication by the dynamic electronic signature can improve the authenticity of the user's sign-in.
  • FIG. 3 is a method for a user to check in according to an embodiment of the present invention.
  • the first dynamic parameter or the second dynamic parameter is time
  • the client sends the authentication information to the server.
  • the method includes:
  • the client of the user acquires its local time and acquires the identification information of the terminal device and the first key from the terminal device.
  • the client obtains the first dynamic electronic signature by using a preset encryption algorithm according to the local time and the first key.
  • the preset encryption algorithm includes but is not limited to the following algorithms: SM1 algorithm, SM3 algorithm, MD5 algorithm, SHA algorithm, AES algorithm, and RSA algorithm.
  • the client sends the authentication information of the terminal device to the server.
  • the authentication information includes the identifier information of the terminal device, the first dynamic electronic signature, and the local time of the client.
  • the identifier information of the terminal device may be other information that can uniquely identify the terminal device, such as a serial number or a device name.
  • the first dynamic electronic signature is obtained by the client according to the first key of the client and the first key, and the first dynamic electronic signature is displayed to the user after the first dynamic electronic signature is obtained. .
  • the server acquires a pre-stored second key corresponding to the terminal device according to the identifier information in the authentication information.
  • the server obtains the second dynamic electronic signature by using the preset encryption algorithm according to the second key and the local time of the client.
  • the server determines whether the first dynamic electronic signature is the same as the second dynamic electronic signature.
  • the server determines that the user is successfully checked in.
  • the authentication by the dynamic electronic signature can improve the authenticity of the user's check-in.
  • FIG. 4 is a method for a user to check in according to an embodiment of the present invention.
  • the first dynamic parameter or the second dynamic parameter is time
  • the client sends the authentication information to the server.
  • the method includes:
  • the client of the user acquires the identification information of the terminal device, the local time of the terminal device, and the first key from the terminal device.
  • the client obtains the first dynamic electronic signature by using a preset encryption algorithm according to the local time of the terminal device and the first key.
  • the preset encryption algorithm includes but is not limited to the following algorithms: SM1 algorithm, SM3 algorithm, MD5 algorithm, SHA algorithm, AES algorithm, and RSA algorithm.
  • the client sends the authentication information of the terminal device to the server.
  • the authentication information includes the identifier information of the terminal device, the first dynamic electronic signature, and the local time of the terminal device.
  • the identifier information of the terminal device may be other information such as a serial number or a device name that can uniquely identify the terminal device.
  • the client is based on the client's And obtaining a first dynamic electronic signature by using a preset encryption algorithm, and displaying the first dynamic electronic signature to the user after obtaining the first dynamic electronic signature.
  • the server acquires a pre-stored second key corresponding to the terminal device according to the identifier information in the authentication information.
  • the server obtains the second dynamic electronic signature by using the preset encryption algorithm according to the second key and the local time of the terminal device.
  • the server determines whether the first dynamic electronic signature is the same as the second dynamic electronic signature.
  • the server determines that the user is successfully checked in.
  • the authentication by the dynamic electronic signature can improve the authenticity of the user's check-in.
  • FIG. 5 is a system for a user to check in according to an embodiment of the present invention. As shown in FIG. 5, the system includes:
  • the terminal device 1 is configured to acquire the first dynamic electronic signature and the identification information of the terminal device, and perform self-signature operation on the first dynamic parameter as the signature parameter and the preset first key according to the cryptographic algorithm, and obtain a set of authentication information.
  • the dynamic electronic signature is obtained by using a preset encryption algorithm according to the first dynamic parameter and the first key acquired from the client; or the dynamic electronic signature is the first dynamic parameter acquired according to the client. And obtaining, by the preset encryption algorithm, the first key obtained from the terminal device;
  • the client 2 is specifically configured to periodically receive the terminal device identifier by using a wireless manner.
  • the information and the authentication information, or the terminal device identification information and the authentication information are received after the query command is sent.
  • the server 3 is configured to obtain a second key corresponding to the terminal device that is pre-stored according to the identifier information, and obtain a second dynamic electronic signature by using the preset encryption algorithm according to the second key and the second dynamic parameter;
  • the method is further configured to authenticate the first dynamic electronic signature according to the second dynamic electronic signature, and after the authentication is passed, determine that the user is successfully checked in.
  • the authentication information further includes the first dynamic parameter and the second dynamic parameter; the first dynamic parameter and the second dynamic parameter include a time or an event, and the second dynamic parameter has a value equal to the first The value of the dynamic parameter or the value calculated from the first dynamic parameter.
  • the processing unit 502 is specifically configured to determine a preset time period based on the local time of the server, and according to the preset time period, according to the preset time period.
  • the second dynamic parameter and the second key are obtained by the preset encryption algorithm according to the preset time interval, wherein the dynamic electronic signature group includes a plurality of second dynamic electronic signatures;
  • the server 3 is specifically configured to determine whether a second dynamic electronic signature that is the same as the first dynamic electronic signature exists in the dynamic electronic signature group, and when there is a second dynamic electronic signature that is the same as the first dynamic electronic signature, Make sure the user is checked in successfully.
  • the authentication information further includes a local time of the terminal device or a local time of the client;
  • the terminal device is configured to: when the authentication information includes the local time of the terminal device, receive the local time of the terminal device sent by the client, and pass the second key according to the second key and the local time of the terminal device.
  • the preset encryption algorithm obtains a second dynamic electronic signature; when the authentication information includes the local time of the client, receiving the local time of the client sent by the client, and according to the second key and the local time of the client and the first
  • the second dynamic parameter obtains the second dynamic electronic signature by using the preset encryption algorithm
  • the server 3 is specifically configured to determine whether the first dynamic electronic signature is the same as the second dynamic electronic signature, and when the first dynamic electronic signature is the same as the second dynamic electronic signature, determining the user signature To success.
  • the terminal device is further configured to perform a self-signature operation on the first dynamic parameter, the first key, and the terminal device identification information, which are signature parameters, according to a cryptographic algorithm, to obtain a set of authentication information.
  • the server 3 is further configured to obtain a location of the stored terminal device, and determine that the location of the client is a location of the terminal device.
  • the system is authenticated by dynamic electronic signature, which can improve the authenticity of the user's sign-in.
  • the system embodiment since it basically corresponds to the method embodiment, it can be referred to the partial description of the method embodiment.
  • the system embodiments described above are merely illustrative, wherein the units described as separate components may or may not be physically separate, and the components displayed as units may or may not be physical units, ie may be located A location, or it can be distributed to multiple network elements. Some or all of the modules may be selected according to actual needs to achieve the objectives of the present application. Those of ordinary skill in the art can understand and implement without any creative effort.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

Disclosed in the present invention are a user check-in method and system. The method comprises: allocate a terminal device capable of signing an electronic signature by oneself and performing wireless transmission, to a location into which a user needs to checks, and after the terminal device generates authentication information, the terminal device wirelessly sends the authentication information to a client carried by the user, and the client sends the authentication information to a sever, the authentication information comprising a first dynamic electronic signature and identifier information of the terminal device; the server obtains a pre-stored second key corresponding to the terminal device according to the authentication information, and obtains, by means of a preset encryption algorithm, a second dynamic electronic signature according to the second key and a second dynamic parameter; and the server also authenticates the first dynamic electronic signature according to the second dynamic electronic signature, and after the authentication is passed, the server determines the user successfully checks in. Also disclosed is a user check-in system. By means of the present invention, the authenticity of check-ins of users can be improved.

Description

一种用户签到的方法和系统Method and system for user sign-in 技术领域Technical field
本申请涉及人员管理领域,尤其涉及一种用户签到的方法和系统。The present application relates to the field of personnel management, and in particular, to a method and system for user sign-in.
背景技术Background technique
现在,当巡逻人员到达巡逻目的地时,为了证明到达目的地并完成任务,一般通过在目的地放置的本子或纸张上签名的方式来证明到达并完成任务,但是这种方式容易造成管理的疏漏,管理人员无法完全确认用户签名和签到时间的真实性。Now, when the patrolman arrives at the patrol destination, in order to prove the arrival of the destination and complete the task, the arrival and completion of the task is generally proved by signing the book placed on the destination, but this method is easy to cause management omission. The administrator cannot fully confirm the authenticity of the user's signature and check-in time.
发明内容Summary of the invention
有鉴于此,本申请提供一种用户签到的方法和系统,能够提高用户签到的真实性高。In view of this, the present application provides a method and system for user sign-in, which can improve the authenticity of the user's sign-in.
具体地,本申请是通过如下技术方案实现的:Specifically, the present application is implemented by the following technical solutions:
本发明实施例提供一种用户签到的方法,包括:An embodiment of the present invention provides a method for a user to check in, including:
向用户需要签到的位置分配一个具有自我动态签名与无线传播能力的终端设备,在用户的终端设备生成认证信息后,终端设备通过无线方式发送认证信息到用户携带的客户端,所述客户端通过无线方式把认证信息发送到服务器,其中,所述认证信息包括所述第一动态电子签名和所述终端设备的标识信息;A terminal device having a self-dynamic signature and a wireless communication capability is allocated to a location that the user needs to check in. After the user terminal device generates the authentication information, the terminal device sends the authentication information to the client carried by the user by using a wireless manner, and the client passes the Sending the authentication information to the server in a wireless manner, where the authentication information includes the first dynamic electronic signature and the identification information of the terminal device;
所述服务器根据所述标识信息获取预先存储的对应所述终端设备的第二密钥,并根据所述第二密钥以及第二动态参数通过所述预设加密算法得到第二动态电子签名;And the server obtains a second key corresponding to the terminal device that is stored in advance according to the identifier information, and obtains a second dynamic electronic signature by using the preset encryption algorithm according to the second key and the second dynamic parameter;
所述服务器还根据所述第二动态电子签名对所述第一动态电子签名进行认证,在认证通过后,确定所述用户签到成功。 The server further authenticates the first dynamic electronic signature according to the second dynamic electronic signature, and after the authentication is passed, determines that the user is successfully checked in.
上述方案中,所述用户的终端设备生成认证信息,具体为:所述终端设备根据密码算法对作为签名参数的第一动态参数和预设的第一密钥进行自我签名运算,获得一组认证信息,通过无线方式发送签名信息和设备信息。In the foregoing solution, the terminal device of the user generates the authentication information, where the terminal device performs a self-signature operation on the first dynamic parameter as the signature parameter and the preset first key according to the cryptographic algorithm to obtain a group of authentications. Information, wirelessly sending signature information and device information.
上述方案中,所述在用户的终端设备获取第一动态电子签名,具体为所述第一动态电子签名为所述终端设备根据第一动态参数和第一密钥通过预设加密算法得到的;或者,所述第一动态电子签名为根据从所述客户端获取的第一动态参数和第一密钥通过预设加密算法得到的;或者,所述第一动态电子签名为根据从客户端获取的第一动态参数和本地获取的第一密钥通过预设加密算法得到的。In the above solution, the first dynamic electronic signature is obtained by the terminal device of the user, where the first dynamic electronic signature is obtained by the terminal device according to the first dynamic parameter and the first key by using a preset encryption algorithm; Or the first dynamic electronic signature is obtained by using a preset encryption algorithm according to the first dynamic parameter and the first key acquired from the client; or the first dynamic electronic signature is obtained according to the obtained from the client. The first dynamic parameter and the locally obtained first key are obtained by a preset encryption algorithm.
上述方案中,所述认证信息还包括所述第一动态参数和第二动态参数;所述第一动态参数和所述第二动态参数包括时间、挑战码或者事件中的一种或者多种,所述第二动态参数的取值为等同于所述第一动态参数的值或者根据所述第一动态参数计算出来的值。In the above solution, the authentication information further includes the first dynamic parameter and the second dynamic parameter; the first dynamic parameter and the second dynamic parameter include one or more of a time, a challenge code, or an event, The value of the second dynamic parameter is equal to the value of the first dynamic parameter or the value calculated according to the first dynamic parameter.
上述方案中,在所述第一动态参数和所述第二动态参数为时间时,所述根据所述第二密钥以及第二动态参数通过所述预设加密算法得到第二动态电子签名包括:In the above solution, when the first dynamic parameter and the second dynamic parameter are time, the obtaining, by using the second key and the second dynamic parameter, the second dynamic electronic signature by using the preset encryption algorithm includes: :
确定基于所述服务器的本地时间的预设时间段;Determining a preset time period based on the local time of the server;
在所述预设时间段内根据所述第二动态参数和所述第二密钥按照预设时间间隔通过所述预设加密算法得到动态电子签名组,其中,所述动态电子签名组包括多个第二动态电子签名;And the dynamic electronic signature group is obtained by using the preset encryption algorithm according to the second dynamic parameter and the second key according to the preset time interval, where the dynamic electronic signature group includes multiple Second dynamic electronic signature;
所述服务器根据所述第二动态电子签名对所述第一动态电子签名进行认证,在认证通过后,确定所述用户签到成功包括:The server authenticates the first dynamic electronic signature according to the second dynamic electronic signature. After the authentication is passed, determining that the user successfully signs in the check includes:
确定所述动态电子签名组内是否存在与所述第一动态电子签名相同的第二动态电子签名,在存在与所述第一动态电子签名相同的第二动态电子签名时,确定所述用户签到成功。Determining whether there is a second dynamic electronic signature identical to the first dynamic electronic signature in the dynamic electronic signature group, and determining that the user is checked in when there is a second dynamic electronic signature identical to the first dynamic electronic signature success.
上述方案中,在所述第一动态参数和所述第二动态参数为时间时,所述认证信息还包括所述终端设备的本地时间或者客户端的本地时间; In the above solution, when the first dynamic parameter and the second dynamic parameter are time, the authentication information further includes a local time of the terminal device or a local time of the client;
在所述认证信息包括所述终端设备的本地时间时,所述根据所述第二密钥以及第二动态参数通过所述预设加密算法得到第二动态电子签名包括:所述服务器接收所述客户端发送的所述终端设备的本地时间,并根据所述第二密钥以及所述终端设备的本地时间通过所述预设加密算法得到第二动态电子签名;When the authentication information includes the local time of the terminal device, the obtaining, by the preset encryption algorithm, the second dynamic electronic signature according to the second key and the second dynamic parameter includes: the server receiving the The local time of the terminal device sent by the client, and obtaining the second dynamic electronic signature by using the preset encryption algorithm according to the second key and the local time of the terminal device;
在所述认证信息包括客户端的本地时间时,所述根据所述第二密钥以及第二动态参数通过所述预设加密算法得到第二动态电子签名包括:所述服务器接收所述客户端发送的所述客户端的本地时间,并根据所述第二密钥和所述客户端的本地时间以及所述第二动态参数通过所述预设加密算法得到第二动态电子签名;When the authentication information includes the local time of the client, the obtaining the second dynamic electronic signature by using the preset encryption algorithm according to the second key and the second dynamic parameter includes: the server receiving the client sending The local time of the client, and obtaining a second dynamic electronic signature by using the preset encryption algorithm according to the second key and the local time of the client and the second dynamic parameter;
所述服务器根据所述第二动态电子签名对所述第一动态电子签名进行认证,在认证通过后,确定所述用户签到成功包括:The server authenticates the first dynamic electronic signature according to the second dynamic electronic signature. After the authentication is passed, determining that the user successfully signs in the check includes:
确定所述第一动态电子签名与所述第二动态电子签名是否相同,在所述第一动态电子签名与所述第二动态电子签名相同时,确定所述用户签到成功。Determining whether the first dynamic electronic signature is the same as the second dynamic electronic signature, and determining that the user sign-in is successful when the first dynamic electronic signature is the same as the second dynamic electronic signature.
上述方案中,该方法还包括根据密码算法对作为签名参数的第一动态参数、第一密钥、终端设备标识信息进行自我签名运算,获得一组认证信息。In the above solution, the method further includes performing a self-signature operation on the first dynamic parameter, the first key, and the terminal device identification information, which are signature parameters, according to a cryptographic algorithm, to obtain a set of authentication information.
上述方案中,所述客户端通过无线方式发送认证信息,具体为:所述客户端通过无线方式定期广播所述终端设备标识信息和认证信息,或者,当所述客户端收到查询指令时发送所述终端设备标识信息和认证信息。In the foregoing solution, the client sends the authentication information in a wireless manner, where the client periodically broadcasts the terminal device identification information and the authentication information by using a wireless manner, or sends the query when the client receives the query command. The terminal device identification information and the authentication information.
本发明实施例还提供一种用户签到的系统,包括:An embodiment of the present invention further provides a system for a user to check in, including:
终端设备,获取认证信息并通过无线方式发送到客户端,其中,所述认证信息包括所述第一动态电子签名和所述终端设备的标识信息;所述认证信息根据第一密钥和第一动态参数,通过加密算法获得第一动态电子签名;The terminal device obtains the authentication information and sends the information to the client by using a wireless method, where the authentication information includes the first dynamic electronic signature and the identifier information of the terminal device; the authentication information is based on the first key and the first Dynamic parameters, obtaining a first dynamic electronic signature by an encryption algorithm;
客户端,用于通过无线方式接收所述终端设备发送的认证信息,并且发送到服务器;a client, configured to receive, by using a wireless manner, authentication information sent by the terminal device, and send the information to the server;
服务器,用于根据所述标识信息获取预先存储的对应所述终端设备的第二密钥,并根据所述第二密钥以及第二动态参数通过所述预设加密算法得到第二动态电子签名;还用于根据所述第二动态电子签名对所述第一动态电子签名进 行认证,在认证通过后,确定所述用户签到成功。a server, configured to acquire a pre-stored second key corresponding to the terminal device according to the identifier information, and obtain a second dynamic electronic signature by using the preset encryption algorithm according to the second key and the second dynamic parameter And for using the second dynamic electronic signature to enter the first dynamic electronic signature Line authentication, after the certification is passed, it is determined that the user sign-in is successful.
上述方案中,所述终端设备,具体用于根据密码算法对作为签名参数的第一动态参数和预设的第一密钥进行自我签名运算,获得一组认证信息。In the above solution, the terminal device is specifically configured to perform a self-signature operation on the first dynamic parameter as the signature parameter and the preset first key according to the cryptographic algorithm, to obtain a set of authentication information.
上述方案中,所述终端设备,用于在获取第一动态电子签名后,具体为所述第一动态电子签名为所述终端设备根据第一动态参数和第一密钥通过预设加密算法得到的;或者,所述动态电子签名为根据从所述客户端获取的第一动态参数和第一密钥通过预设加密算法得到的;或者,所述动态电子签名为根据从客户端获取的第一动态参数和本地获取的第一密钥通过预设加密算法得到的。In the foregoing solution, after the acquiring the first dynamic electronic signature, the first dynamic electronic signature is obtained by the terminal device according to the first dynamic parameter and the first key by using a preset encryption algorithm. Or the dynamic electronic signature is obtained by using a preset encryption algorithm according to the first dynamic parameter and the first key acquired from the client; or the dynamic electronic signature is based on the first obtained from the client. A dynamic parameter and a locally acquired first key are obtained by a preset encryption algorithm.
上述方案中,所述认证信息还包括所述第一动态参数和第二动态参数;所述第一动态参数和所述第二动态参数包括时间或者事件,所述第二动态参数的取值为等同于所述第一动态参数的值或者根据所述第一动态参数计算出来的值。In the above solution, the authentication information further includes the first dynamic parameter and the second dynamic parameter; the first dynamic parameter and the second dynamic parameter include a time or an event, and the value of the second dynamic parameter is Equivalent to the value of the first dynamic parameter or the value calculated according to the first dynamic parameter.
上述方案中,在所述第一动态参数和所述第二动态参数为时间时,所述服务器,具体用于确定基于所述服务器的本地时间的预设时间段,并在所述预设时间段内根据所述第二动态参数和所述第二密钥按照预设时间间隔通过所述预设加密算法得到动态电子签名组,其中,所述动态电子签名组包括多个第二动态电子签名;In the above solution, when the first dynamic parameter and the second dynamic parameter are time, the server is specifically configured to determine a preset time period based on the local time of the server, and at the preset time. The dynamic electronic signature group is obtained by the preset encryption algorithm according to the second dynamic parameter and the second key according to the preset time interval, wherein the dynamic electronic signature group includes multiple second dynamic electronic signatures. ;
还具体用于确定所述动态电子签名组内是否存在与所述第一动态电子签名相同的第二动态电子签名,在存在与所述第一动态电子签名相同的第二动态电子签名时,确定所述用户签到成功。The method is further specifically configured to determine whether a second dynamic electronic signature that is the same as the first dynamic electronic signature exists in the dynamic electronic signature group, and when there is a second dynamic electronic signature that is the same as the first dynamic electronic signature, determining The user checked in successfully.
上述方案中,在所述第一动态参数和所述第二动态参数为时间时,所述认证信息还包括所述终端设备的本地时间或者客户端的本地时间;In the above solution, when the first dynamic parameter and the second dynamic parameter are time, the authentication information further includes a local time of the terminal device or a local time of the client;
所述服务器,具体用于在所述认证信息包括所述终端设备的本地时间时,接收所述客户端发送的所述终端设备的本地时间,并根据所述第二密钥以及所述终端设备的本地时间通过所述预设加密算法得到第二动态电子签名;在所述认证信息包括客户端的本地时间时,接收所述客户端发送的所述客户端的本地时间,并根据所述第二密钥和所述客户端的本地时间以及所述第二动态参数通过所述预设加密算法得到第二动态电子签名; The server is configured to: when the authentication information includes the local time of the terminal device, receive a local time of the terminal device sent by the client, and according to the second key and the terminal device The local time is obtained by the preset encryption algorithm to obtain a second dynamic electronic signature; when the authentication information includes the local time of the client, receiving the local time of the client sent by the client, and according to the second secret And a second dynamic electronic signature obtained by the key and the local time of the client and the second dynamic parameter by using the preset encryption algorithm;
还具体用于确定所述第一动态电子签名与所述第二动态电子签名是否相同,在所述第一动态电子签名与所述第二动态电子签名相同时,确定所述用户签到成功。The method is further specifically configured to determine whether the first dynamic electronic signature is the same as the second dynamic electronic signature, and when the first dynamic electronic signature is the same as the second dynamic electronic signature, determining that the user is successfully checked in.
上述方案中,所述终端设备,还用于根据密码算法对作为签名参数的第一动态参数、第一密钥、终端设备标识信息进行自我签名运算,获得一组认证信息。In the above solution, the terminal device is further configured to perform self-signature calculation on the first dynamic parameter, the first key, and the terminal device identification information, which are signature parameters, according to a cryptographic algorithm, to obtain a set of authentication information.
上述方案中,所述客户端,具体用于通过无线方式定期接收所述终端设备标识信息和认证信息,或者,当发送查询指令后接收所述终端设备标识信息和认证信息。In the foregoing solution, the client is specifically configured to periodically receive the terminal device identification information and the authentication information by using a wireless manner, or receive the terminal device identification information and the authentication information after sending the query instruction.
采用本申请提供的用户签到的方法和系统,该方法包括:向用户需要签到的位置分配一个具有自我动态签名与无线传播能力的终端设备,在用户的终端设备生成认证信息后,终端设备通过无线方式发送认证信息到用户携带的客户端,所述客户端通过无线方式把认证信息发送到服务器,其中,所述认证信息包括所述第一动态电子签名和所述终端设备的标识信息;所述服务器根据所述标识信息获取预先存储的对应所述终端设备的第二密钥,并根据所述第二密钥以及第二动态参数通过所述预设加密算法得到第二动态电子签名;所述服务器还根据所述第二动态电子签名对所述第一动态电子签名进行认证,在认证通过后,确定所述用户签到成功。这样,通过动态电子签名进行认证,能够提高用户签到的真实性。The method and system for user sign-in provided by the application method include: assigning a terminal device having a self-dynamic signature and a wireless propagation capability to a location that the user needs to check in, and after the user terminal device generates the authentication information, the terminal device passes the wireless device. The method sends the authentication information to the client carried by the user, and the client sends the authentication information to the server by using a wireless method, where the authentication information includes the first dynamic electronic signature and the identifier information of the terminal device; The server obtains a second key corresponding to the terminal device that is pre-stored according to the identifier information, and obtains a second dynamic electronic signature by using the preset encryption algorithm according to the second key and the second dynamic parameter; The server further authenticates the first dynamic electronic signature according to the second dynamic electronic signature, and after the authentication is passed, determines that the user is successfully checked in. In this way, authentication by dynamic electronic signature can improve the authenticity of the user's check-in.
附图说明DRAWINGS
图1是本申请一示例性实施例示出的一种用户签到的方法的流程示意图;FIG. 1 is a schematic flowchart diagram of a method for a user to check in according to an exemplary embodiment of the present application;
图2是本申请一示例性实施例示出的另一种用户签到的方法的流程示意图;FIG. 2 is a schematic flowchart diagram of another method for a user to check in according to an exemplary embodiment of the present application; FIG.
图3是本申请一示例性实施例示出的另一种用户签到的方法的流程示意图;FIG. 3 is a schematic flowchart diagram of another method for a user to check in according to an exemplary embodiment of the present application; FIG.
图4是本申请一示例性实施例示出的又一种用户签到的方法的流程示意图;FIG. 4 is a schematic flowchart diagram of still another method for a user to check in according to an exemplary embodiment of the present application; FIG.
图5是本申请一示例性实施例示出的一种用户签到的系统的结构示意图。 FIG. 5 is a schematic structural diagram of a system that is checked in by a user according to an exemplary embodiment of the present application.
具体实施方式detailed description
这里将详细地对示例性实施例进行说明,其示例表示在附图中。下面的描述涉及附图时,除非另有表示,不同附图中的相同数字表示相同或相似的要素。以下示例性实施例中所描述的实施方式并不代表与本申请相一致的所有实施方式。相反,它们仅是与如所附权利要求书中所详述的、本申请的一些方面相一致的系统和方法的例子。Exemplary embodiments will be described in detail herein, examples of which are illustrated in the accompanying drawings. The following description refers to the same or similar elements in the different figures unless otherwise indicated. The embodiments described in the following exemplary embodiments do not represent all embodiments consistent with the present application. Instead, they are merely examples of systems and methods consistent with aspects of the present application as detailed in the appended claims.
在本申请使用的术语是仅仅出于描述特定实施例的目的,而非旨在限制本申请。在本申请和所附权利要求书中所使用的单数形式的“一种”、“所述”和“该”也旨在包括多数形式,除非上下文清楚地表示其他含义。还应当理解,本文中使用的术语“和/或”是指并包含一个或多个相关联的列出项目的任何或所有可能组合。The terminology used in the present application is for the purpose of describing particular embodiments, and is not intended to be limiting. The singular forms "a", "the" and "the" It should also be understood that the term "and/or" as used herein refers to and encompasses any and all possible combinations of one or more of the associated listed items.
应当理解,尽管在本申请可能采用术语第一、第二、第三等来描述各种信息,但这些信息不应限于这些术语。这些术语仅用来将同一类型的信息彼此区分开。例如,在不脱离本申请范围的情况下,第一信息也可以被称为第二信息,类似地,第二信息也可以被称为第一信息。取决于语境,如在此所使用的词语“如果”可以被解释成为“在……时”或“当……时”或“响应于确定”。It should be understood that although the terms first, second, third, etc. may be used to describe various information in this application, such information should not be limited to these terms. These terms are only used to distinguish the same type of information from each other. For example, the first information may also be referred to as the second information without departing from the scope of the present application. Similarly, the second information may also be referred to as the first information. Depending on the context, the word "if" as used herein may be interpreted as "when" or "when" or "in response to a determination."
图1为本发明实施例提供的一种用户签到的方法,如图1所示,该方法包括:FIG. 1 is a method for a user to check in according to an embodiment of the present invention. As shown in FIG. 1 , the method includes:
S101、向用户需要签到的位置分配一个具有自我动态签名与无线传播能力的终端设备,在用户的终端设备生成认证信息后,终端设备通过无线方式发送认证信息到用户携带的客户端,所述客户端通过无线方式把认证信息发送到服务器,其中,所述认证信息包括所述第一动态电子签名和所述终端设备的标识信息。S101. Allocating a terminal device with a self-dynamic signature and a wireless communication capability to a location that the user needs to check in. After the user terminal device generates the authentication information, the terminal device sends the authentication information to the client carried by the user by using a wireless manner, where the client The terminal sends the authentication information to the server by using a wireless method, where the authentication information includes the first dynamic electronic signature and the identification information of the terminal device.
其中,该认证信息包括该第一动态电子签名和该终端设备的标识信息,该第一动态电子签名为该终端设备根据第一动态参数和第一密钥通过预设加密算法得到的;或者,该动态电子签名为根据从客户端获取的第一动态参数和第一 密钥通过预设加密算法得到的;或者,该动态电子签名为根据从客户端获取的第一动态参数和从本地获取的第一密钥通过预设加密算法得到的,该预设加密算法包括但不限于以下算法:SM1算法、SM3算法、MD5算法、SHA算法、AES算法、RSA算法。The authentication information includes the first dynamic electronic signature and the identifier information of the terminal device, where the first dynamic electronic signature is obtained by the terminal device according to the first dynamic parameter and the first key by using a preset encryption algorithm; or The dynamic electronic signature is based on the first dynamic parameter obtained from the client and the first The key is obtained by using a preset encryption algorithm; or the dynamic electronic signature is obtained by using a preset encryption algorithm according to the first dynamic parameter acquired from the client and the first key obtained locally. The preset encryption algorithm includes However, it is not limited to the following algorithms: SM1 algorithm, SM3 algorithm, MD5 algorithm, SHA algorithm, AES algorithm, and RSA algorithm.
进一步地,也可以根据密码算法对作为签名参数的第一动态参数、第一密钥、终端设备标识信息进行自我签名运算,获得一组认证信息。Further, the first dynamic parameter, the first key, and the terminal device identification information, which are the signature parameters, may be self-signed by the cryptographic algorithm to obtain a set of authentication information.
所述终端设备通过无线方式定期广播所述终端设备标识信息和认证信息,或者,当所述终端设备收到查询指令时发送所述终端设备标识信息和认证信息。The terminal device periodically broadcasts the terminal device identification information and the authentication information by using a wireless manner, or sends the terminal device identification information and the authentication information when the terminal device receives the query instruction.
所述终端设备的标识信息包括但不限于设备序列号(SN)、蓝牙地址、Mac地址、Wifi地址、设备名称等任何能够唯一标识该设备的一种或多种信息。The identification information of the terminal device includes, but is not limited to, a device serial number (SN), a Bluetooth address, a Mac address, a Wifi address, a device name, and the like, and any one or more pieces of information capable of uniquely identifying the device.
另外,该认证信息还包括该第一动态参数和第二动态参数;该第一动态参数和该第二动态参数包括时间、挑战码或者事件中的一种或者多种,该第二动态参数的取值为等同于该第一动态参数的值或者根据该第一动态参数计算出来的值,示例地,该事件可以是巡逻人员的巡逻任务或者安全检查任务等,本实施例对此不作限定。In addition, the authentication information further includes the first dynamic parameter and the second dynamic parameter; the first dynamic parameter and the second dynamic parameter include one or more of a time, a challenge code, or an event, where the second dynamic parameter The value is equal to the value of the first dynamic parameter or the value calculated according to the first dynamic parameter. For example, the event may be a patrol task or a security check task of the patrol personnel, which is not limited in this embodiment.
在本步骤中,第一动态电子签名可以通过以下三种方式获得,一种方式是由终端设备通过预设加密算法得到该第一动态电子签名,具体地,终端设备获取本地存储的第一密钥以及本地时间,并根据该第一密钥以及本地时间通过预设加密算法得到该第一动态电子签名,并将得到的第一动态电子签名和终端设备标识信息发送至客户端,第二种实现方式是根据终端设备的本地时间利用预设加密算法得到该第一动态电子签名,具体地,终端设备获取客户端的本地存储的第一密钥以及本地时间,根据该第一密钥以及本地时间通过预设加密算法得到该第一动态电子签名;第三种实现方式是终端设备根据客户端的本地时间利用预设加密算法得到该第一动态电子签名,具体地,终端设备接收客户端的本地时间,并根据所述终端设备的第一密钥以及客户端的本地时间通过预设加密算法得到该第一动态电子签名。 In this step, the first dynamic electronic signature can be obtained in the following three manners. In one manner, the terminal device obtains the first dynamic electronic signature by using a preset encryption algorithm. Specifically, the terminal device acquires the first stored locally dense identifier. Key and local time, and obtaining the first dynamic electronic signature by using a preset encryption algorithm according to the first key and the local time, and sending the obtained first dynamic electronic signature and terminal device identification information to the client, and the second type The first dynamic electronic signature is obtained by using a preset encryption algorithm according to the local time of the terminal device. Specifically, the terminal device acquires the first key stored locally and the local time of the client, according to the first key and the local time. The first dynamic electronic signature is obtained by using a preset encryption algorithm. The third implementation manner is that the terminal device obtains the first dynamic electronic signature by using a preset encryption algorithm according to the local time of the client. Specifically, the terminal device receives the local time of the client. And according to the first key of the terminal device and the local time of the client Default encryption algorithm over the first dynamic electronic signature.
需要说明的是,该终端设备的标识信息可以是序列号或者设备名称等其他能够唯一标示该终端设备的信息,本实施例对此不作限定,终端设备根据第一动态参数和自身的第一密钥通过预设加密算法得到第一动态电子签名,并在得到该第一动态电子签名后,终端设备可以将得到的第一动态电子签名展示给用户,例如,可以将第一动态电子签名和标识信息印刷或者贴在该终端设备上,或者,终端设备将第一动态电子签名和标识信息通过显示器(如液晶显示器LCD等)显示给用户,当然,还可以通过声音或者图像的方式展示给用户,本发明实施例对此不作限定,这样,用户在通过眼睛或者耳朵获知该第一动态电子签名和标识信息后,可以通过客户端(手机或者平板电脑等)利用无线信号或者蓝牙或者WIFI的形式传输给服务器。It should be noted that the identifier information of the terminal device may be other information that can uniquely identify the terminal device, such as a serial number or a device name, which is not limited in this embodiment, and the terminal device according to the first dynamic parameter and its own first secret. The key obtains the first dynamic electronic signature by using a preset encryption algorithm, and after obtaining the first dynamic electronic signature, the terminal device may display the obtained first dynamic electronic signature to the user, for example, the first dynamic electronic signature and the identifier may be The information is printed or attached to the terminal device, or the terminal device displays the first dynamic electronic signature and the identification information to the user through a display (such as a liquid crystal display LCD), and of course, can also be displayed to the user by sound or image. The embodiment of the present invention does not limit this. In this way, after the user knows the first dynamic electronic signature and the identification information through the eyes or the ear, the user can transmit through the wireless signal or Bluetooth or WIFI through the client (mobile phone or tablet computer, etc.). Give the server.
另外,用户也可以通过客户端直接从终端设备获取第一动态电子签名和标识信息,例如,终端设备将该第一动态电子签名和标识信息通过无线信号或者蓝牙或者WIFI的形式传输给客户端。In addition, the user can obtain the first dynamic electronic signature and the identification information directly from the terminal device through the client. For example, the terminal device transmits the first dynamic electronic signature and the identification information to the client by using a wireless signal or a Bluetooth or WIFI.
进一步地,若该第一动态电子签名是由客户端得到的,则直接通过该客户端将该第一动态电子签名展示给用户。Further, if the first dynamic electronic signature is obtained by the client, the first dynamic electronic signature is directly presented to the user by the client.
S102、服务器根据该标识信息获取存储的该终端设备的第二密钥,并根据该第二密钥以及第二动态参数通过该预设加密算法得到第二动态电子签名。S102. The server obtains the stored second key of the terminal device according to the identifier information, and obtains a second dynamic electronic signature by using the preset encryption algorithm according to the second key and the second dynamic parameter.
需要说明的是,在第一动态参数和第二动态参数为时间时,本步骤包括以下三种实现方式,一种实现方式是在步骤S101中,服务器接收到客户端发送的认证信息中不包括终端设备或者客户端的本地时间,此时,在本步骤中,服务器确定基于该服务器的本地时间的预设时间段(如以当前时间为中心前后5分钟),并在该预设时间段内根据该第二动态参数按照预设时间间隔(如1分钟)通过该预设加密算法得到动态电子签名组,其中,该动态电子签名组包括多个第二动态电子签名;例如,服务器可以通过预设加密算法计算以服务器的本地时间为中心的10分钟内的每一分钟对应的第二动态电子签名,并根据得到的第二动态电子签名组成动态电子签名组;第二种实现方式在步骤S101中,客户端在获取到终端设备的本地时间或者客户端根据终端设备的本地时间得到的第一 动态电子签名后,向服务器发送的认证信息中包括该终端设备的本地时间,则服务器接收该客户端发送的该终端设备的本地时间,并根据该第二密钥以及该终端设备的本地时间通过该预设加密算法得到第二动态电子签名;第三种实现方式是若在步骤S101中,客户端在根据自身的本地时间得到的第一动态电子签名后,向服务器发送的认证信息中包括该客户端的本地时间,则服务器接收该客户端发送的该客户端的本地时间,并根据该第二密钥以及该客户端的本地时间通过该预设加密算法得到第二动态电子签名。It should be noted that, when the first dynamic parameter and the second dynamic parameter are time, the step includes the following three implementation manners. In an implementation manner, in step S101, the server does not include the authentication information sent by the server. The local time of the terminal device or the client. At this time, in this step, the server determines a preset time period based on the local time of the server (for example, 5 minutes before and after the current time), and according to the preset time period, according to The second dynamic parameter obtains a dynamic electronic signature group by using the preset encryption algorithm according to a preset time interval (for example, 1 minute), wherein the dynamic electronic signature group includes multiple second dynamic electronic signatures; for example, the server can be preset The encryption algorithm calculates a second dynamic electronic signature corresponding to each minute within 10 minutes centered on the local time of the server, and forms a dynamic electronic signature group according to the obtained second dynamic electronic signature; the second implementation manner is in step S101. The first time the client obtains the local time of the terminal device or the client obtains the local time according to the terminal device. After the dynamic electronic signature, the authentication information sent to the server includes the local time of the terminal device, and the server receives the local time of the terminal device sent by the client, and passes the local key according to the second key and the local time of the terminal device. The preset encryption algorithm obtains the second dynamic electronic signature. The third implementation manner is: if the client sends the first dynamic electronic signature obtained according to the local time in the step S101, the authentication information sent to the server includes the The local time of the client, the server receives the local time of the client sent by the client, and obtains the second dynamic electronic signature by using the preset encryption algorithm according to the second key and the local time of the client.
S103、所述服务器根据该第二动态电子签名对该第一动态电子签名进行认证,在认证通过后,确定该用户签到成功。S103. The server authenticates the first dynamic electronic signature according to the second dynamic electronic signature, and after the authentication is passed, determines that the user is successfully checked in.
其中,在该第一动态参数和第二动态参数为时间时,若在步骤S101中,服务器接收到客户端发送的认证信息中不包括客户端或者终端设备的本地时间,则在本步骤中,服务器确定该动态电子签名组内是否存在与该第一动态电子签名相同的第二动态电子签名,在存在与该第一动态电子签名相同的第二动态电子签名时,确定该用户签到成功,否则,不成功。If the first dynamic parameter and the second dynamic parameter are time, if the server receives the local time of the client or the terminal device in the authentication information sent by the client, in this step, Determining, by the server, whether the second dynamic electronic signature is the same as the first dynamic electronic signature in the dynamic electronic signature group, and determining that the user is successfully checked when the second dynamic electronic signature is the same as the first dynamic electronic signature; otherwise ,unsuccessful.
若在步骤S101中,服务器接收到客户端发送的认证信息中还包括客户端或者终端设备的本地时间,则在本步骤中,服务器确定该第一动态电子签名与该第二动态电子签名是否相同,在该第一动态电子签名与该第二动态电子签名相同时,确定该用户签到成功,否则,不成功。If the server receives the local time of the client or the terminal device in the authentication information sent by the client, the server determines whether the first dynamic electronic signature is the same as the second dynamic electronic signature in this step. When the first dynamic electronic signature is the same as the second dynamic electronic signature, the user is determined to be successful in sign-in, otherwise, the user is unsuccessful.
可选地,在确定该用户签到成功后,获取存储的终端设备的位置,并确定该客户端所在位置为该终端设备的位置,从而能够对客户端进行准确的定位,以获知用户的位置。Optionally, after determining that the user is successfully checked in, the location of the stored terminal device is obtained, and the location of the client is determined to be the location of the terminal device, so that the client can be accurately located to obtain the location of the user.
其中,服务器预先存储有终端设备的位置。The server stores the location of the terminal device in advance.
需要说明的是,上述第一动态电子签名和第二动态电子签名可以是基于数字证书的电子签名或者是基于动态口令的电子签名,本实施例对此不作限定。It should be noted that the first dynamic electronic signature and the second dynamic electronic signature may be an electronic signature based on a digital certificate or an electronic signature based on a dynamic password, which is not limited in this embodiment.
采用上述实施例,通过动态电子签名进行签到,能够提高用户签到的真实性。With the above embodiment, the check-in by dynamic electronic signature can improve the authenticity of the user's sign-in.
图2为本发明实施例提供的一种用户签到的方法,如图2所示,在本实施 例中,该第一动态参数或者第二动态参数是时间,客户端向服务器发送的认证信息中不包括客户端或者终端设备的本地时间,该方法包括:2 is a method for a user to check in according to an embodiment of the present invention, as shown in FIG. 2, in this implementation. In the example, the first dynamic parameter or the second dynamic parameter is time, and the authentication information sent by the client to the server does not include the local time of the client or the terminal device, and the method includes:
S201、用户的客户端获取终端设备根据终端设备的本地时间和第一密钥通过预设加密算法得到的第一动态电子签名以及该终端设备的标识信息。S201: The client acquires a first dynamic electronic signature obtained by the terminal device according to the local time of the terminal device and the first key by using a preset encryption algorithm, and identifier information of the terminal device.
其中,该预设加密算法包括但不限于以下算法:SM1算法、SM3算法、MD5算法、SHA算法、AES算法、RSA算法。The preset encryption algorithm includes but is not limited to the following algorithms: SM1 algorithm, SM3 algorithm, MD5 algorithm, SHA algorithm, AES algorithm, and RSA algorithm.
S202、客户端向服务器发送终端设备的认证信息。S202. The client sends the authentication information of the terminal device to the server.
其中,该认证信息包括终端设备的标识信息和第一动态电子签名,该终端设备的标识信息可以是序列号或者设备名称等其他能够唯一标示该终端设备的信息,本实施例对此不作限定,终端设备根据自身的本地时间和自身的第一密钥通过预设加密算法得到第一动态电子签名,并在得到该第一动态电子签名后,终端设备可以将自身得到的第一动态电子签名展示给用户,例如,可以将第一动态电子签名和标识信息印刷或者贴在该终端设备上,或者,终端设备将第一动态电子签名和标识信息通过液晶显示屏显示给用户,当然,还可以通过声音或者图像的方式展示给用户,本发明实施例对此不作限定,这样,用户在通过眼睛或者耳朵获知该第一动态电子签名和标识信息后,可以通过客户端(手机或者平板电脑等)利用无线信号或者蓝牙或者WIFI的形式传输给服务器。The authentication information includes the identifier information of the terminal device and the first dynamic electronic signature, and the identifier information of the terminal device may be other information that can uniquely identify the terminal device, such as a serial number or a device name, which is not limited in this embodiment. The terminal device obtains the first dynamic electronic signature by using a preset encryption algorithm according to the local time and the first key of the user, and after obtaining the first dynamic electronic signature, the terminal device may display the first dynamic electronic signature obtained by the terminal device. To the user, for example, the first dynamic electronic signature and the identification information may be printed or attached to the terminal device, or the terminal device displays the first dynamic electronic signature and the identification information to the user through the liquid crystal display, and of course, The method of the present invention is not limited to the embodiment of the present invention. After the user knows the first dynamic electronic signature and the identification information through the eyes or the ear, the user can use the client (mobile phone or tablet computer, etc.). Wireless signal or Bluetooth or WIFI transmission to the service .
另外,用户也可以通过客户端直接从终端设备获取第一动态电子签名和标识信息,例如,该终端设备上贴有二维码标签,用户通过客户端扫描该二维码标签得到该第一动态电子签名和标识信息;或者,终端设备将该第一动态电子签名和标识信息通过无线信号或者蓝牙或者WIFI的形式传输给客户端。In addition, the user can obtain the first dynamic electronic signature and the identification information directly from the terminal device through the client. For example, the terminal device is labeled with a two-dimensional code label, and the user scans the two-dimensional code label through the client to obtain the first dynamic. The electronic signature and the identification information; or, the terminal device transmits the first dynamic electronic signature and the identification information to the client by using a wireless signal or a Bluetooth or WIFI.
S203、服务器根据该认证信息中的标识信息获取预先存储的对应该终端设备的第二密钥。S203. The server acquires a pre-stored second key corresponding to the terminal device according to the identifier information in the authentication information.
S204、服务器确定基于该服务器的本地时间的预设时间段,并在该预设时间段内根据服务器的本地时间和该第二密钥按照预设时间间隔通过该预设加密算法得到动态电子签名组。S204. The server determines a preset time period based on the local time of the server, and obtains a dynamic electronic signature by using the preset encryption algorithm according to the local time of the server and the second key according to the preset time interval. group.
其中,该动态电子签名组包括多个第二动态电子签名,该预设时间段可以 是以当前时间为中心前后5分钟,该预设时间间隔可以是一分钟。The dynamic electronic signature group includes a plurality of second dynamic electronic signatures, and the preset time period can be It is 5 minutes before and after the current time, and the preset time interval can be one minute.
S205、服务器确定该动态电子签名组内是否存在与该第一动态电子签名相同的第二动态电子签名。S205. The server determines whether a second dynamic electronic signature that is the same as the first dynamic electronic signature exists in the dynamic electronic signature group.
S206、在存在与该第一动态电子签名相同的第二动态电子签名时,服务器确定该用户签到成功。S206. When there is a second dynamic electronic signature that is the same as the first dynamic electronic signature, the server determines that the user is successfully checked in.
采用上述实施例,通过动态电子签名进行认证,能够提高用户签到的真实性。With the above embodiment, the authentication by the dynamic electronic signature can improve the authenticity of the user's sign-in.
需要说明的是,对于上述方法实施例,为了简单描述,故将其都表述为一系列的动作组合,但是本领域技术人员应该知悉,本发明并不受所描述的动作顺序的限制,因为依据本发明,某些步骤可以采用其他顺序或者同时进行。其次,本领域技术人员也应该知悉,说明书中所描述的实施例均属于优选实施例,所涉及的动作和模块并不一定是本发明所必须的。It should be noted that, for the foregoing method embodiments, for the sake of simple description, they are all expressed as a series of action combinations, but those skilled in the art should understand that the present invention is not limited by the described action sequence, because In the present invention, certain steps may be performed in other orders or simultaneously. In addition, those skilled in the art should also understand that the embodiments described in the specification are all preferred embodiments, and the actions and modules involved are not necessarily required by the present invention.
图3为本发明实施例提供的一种用户签到的方法,如图3所示,在本实施例中,该第一动态参数或者第二动态参数是时间,客户端向服务器发送的认证信息中包括客户端的本地时间,该方法包括:FIG. 3 is a method for a user to check in according to an embodiment of the present invention. As shown in FIG. 3, in the embodiment, the first dynamic parameter or the second dynamic parameter is time, and the client sends the authentication information to the server. Including the local time of the client, the method includes:
S301、用户的客户端获取自身的本地时间和从终端设备获取终端设备的标识信息以及第一密钥。S301. The client of the user acquires its local time and acquires the identification information of the terminal device and the first key from the terminal device.
S302、客户端根据自身的本地时间和第一密钥通过预设加密算法得到第一动态电子签名。S302. The client obtains the first dynamic electronic signature by using a preset encryption algorithm according to the local time and the first key.
其中,该预设加密算法包括但不限于以下算法:SM1算法、SM3算法、MD5算法、SHA算法、AES算法、RSA算法。The preset encryption algorithm includes but is not limited to the following algorithms: SM1 algorithm, SM3 algorithm, MD5 algorithm, SHA algorithm, AES algorithm, and RSA algorithm.
S303、客户端向服务器发送终端设备的认证信息。S303. The client sends the authentication information of the terminal device to the server.
其中,该认证信息包括终端设备的标识信息和第一动态电子签名以及客户端的本地时间,该终端设备的标识信息可以是序列号或者设备名称等其他能够唯一标示该终端设备的信息,本实施例对此不作限定,客户端根据客户端的和自身的第一密钥通过预设加密算法得到第一动态电子签名,并在得到该第一动态电子签名后,将该第一动态电子签名展示给用户。 The authentication information includes the identifier information of the terminal device, the first dynamic electronic signature, and the local time of the client. The identifier information of the terminal device may be other information that can uniquely identify the terminal device, such as a serial number or a device name. The first dynamic electronic signature is obtained by the client according to the first key of the client and the first key, and the first dynamic electronic signature is displayed to the user after the first dynamic electronic signature is obtained. .
S304、服务器根据认证信息中的标识信息获取预先存储的对应该终端设备的第二密钥。S304. The server acquires a pre-stored second key corresponding to the terminal device according to the identifier information in the authentication information.
S305、服务器根据该第二密钥和该客户端的本地时间通过该预设加密算法得到第二动态电子签名。S305. The server obtains the second dynamic electronic signature by using the preset encryption algorithm according to the second key and the local time of the client.
S306、服务器确定该第一动态电子签名与该第二动态电子签名是否相同。S306. The server determines whether the first dynamic electronic signature is the same as the second dynamic electronic signature.
S307、在该第一动态电子签名与该第二动态电子签名相同时,服务器确定该用户签到成功。S307. When the first dynamic electronic signature is the same as the second dynamic electronic signature, the server determines that the user is successfully checked in.
采用上述实施例,通过动态电子签名进行认证,能够提高对用户签到的真实性。With the above embodiment, the authentication by the dynamic electronic signature can improve the authenticity of the user's check-in.
需要说明的是,对于上述方法实施例,为了简单描述,故将其都表述为一系列的动作组合,但是本领域技术人员应该知悉,本发明并不受所描述的动作顺序的限制,因为依据本发明,某些步骤可以采用其他顺序或者同时进行。其次,本领域技术人员也应该知悉,说明书中所描述的实施例均属于优选实施例,所涉及的动作和模块并不一定是本发明所必须的。It should be noted that, for the foregoing method embodiments, for the sake of simple description, they are all expressed as a series of action combinations, but those skilled in the art should understand that the present invention is not limited by the described action sequence, because In the present invention, certain steps may be performed in other orders or simultaneously. In addition, those skilled in the art should also understand that the embodiments described in the specification are all preferred embodiments, and the actions and modules involved are not necessarily required by the present invention.
图4为本发明实施例提供的一种用户签到的方法,如图4所示,在本实施例中,该第一动态参数或者第二动态参数是时间,客户端向服务器发送的认证信息中包括终端设备的本地时间,该方法包括:FIG. 4 is a method for a user to check in according to an embodiment of the present invention. As shown in FIG. 4, in the embodiment, the first dynamic parameter or the second dynamic parameter is time, and the client sends the authentication information to the server. Including the local time of the terminal device, the method includes:
S401、用户的客户端从终端设备获取终端设备的标识信息和终端设备的本地时间以及第一密钥。S401. The client of the user acquires the identification information of the terminal device, the local time of the terminal device, and the first key from the terminal device.
S402、客户端根据终端设备的本地时间和第一密钥通过预设加密算法得到第一动态电子签名。S402. The client obtains the first dynamic electronic signature by using a preset encryption algorithm according to the local time of the terminal device and the first key.
其中,该预设加密算法包括但不限于以下算法:SM1算法、SM3算法、MD5算法、SHA算法、AES算法、RSA算法。The preset encryption algorithm includes but is not limited to the following algorithms: SM1 algorithm, SM3 algorithm, MD5 algorithm, SHA algorithm, AES algorithm, and RSA algorithm.
S403、客户端向服务器发送终端设备的认证信息。S403. The client sends the authentication information of the terminal device to the server.
其中,该认证信息包括终端设备的标识信息和第一动态电子签名以及终端设备的本地时间,该终端设备的标识信息可以是序列号或者设备名称等其他能够唯一标示该终端设备的信息,本实施例对此不作限定,客户端根据客户端的 和自身的第一密钥通过预设加密算法得到第一动态电子签名,并在得到该第一动态电子签名后,将该第一动态电子签名展示给用户。The authentication information includes the identifier information of the terminal device, the first dynamic electronic signature, and the local time of the terminal device. The identifier information of the terminal device may be other information such as a serial number or a device name that can uniquely identify the terminal device. This example is not limited, the client is based on the client's And obtaining a first dynamic electronic signature by using a preset encryption algorithm, and displaying the first dynamic electronic signature to the user after obtaining the first dynamic electronic signature.
S404、服务器根据认证信息中的标识信息获取预先存储的对应该终端设备的第二密钥。S404. The server acquires a pre-stored second key corresponding to the terminal device according to the identifier information in the authentication information.
S405、服务器根据该第二密钥和该终端设备的本地时间通过该预设加密算法得到第二动态电子签名。S405. The server obtains the second dynamic electronic signature by using the preset encryption algorithm according to the second key and the local time of the terminal device.
S406、服务器确定该第一动态电子签名与该第二动态电子签名是否相同。S406. The server determines whether the first dynamic electronic signature is the same as the second dynamic electronic signature.
S407、在该第一动态电子签名与该第二动态电子签名相同时,服务器确定该用户签到成功。S407. When the first dynamic electronic signature is the same as the second dynamic electronic signature, the server determines that the user is successfully checked in.
采用上述实施例,通过动态电子签名进行认证,能够提高对用户签到的真实性。With the above embodiment, the authentication by the dynamic electronic signature can improve the authenticity of the user's check-in.
需要说明的是,对于上述方法实施例,为了简单描述,故将其都表述为一系列的动作组合,但是本领域技术人员应该知悉,本发明并不受所描述的动作顺序的限制,因为依据本发明,某些步骤可以采用其他顺序或者同时进行。其次,本领域技术人员也应该知悉,说明书中所描述的实施例均属于优选实施例,所涉及的动作和模块并不一定是本发明所必须的。It should be noted that, for the foregoing method embodiments, for the sake of simple description, they are all expressed as a series of action combinations, but those skilled in the art should understand that the present invention is not limited by the described action sequence, because In the present invention, certain steps may be performed in other orders or simultaneously. In addition, those skilled in the art should also understand that the embodiments described in the specification are all preferred embodiments, and the actions and modules involved are not necessarily required by the present invention.
图5为本发明实施例提供的一种用户签到的系统,如图5所示,该系统包括:FIG. 5 is a system for a user to check in according to an embodiment of the present invention. As shown in FIG. 5, the system includes:
终端设备1,用于获取第一动态电子签名和终端设备的标识信息并且根据密码算法对作为签名参数的第一动态参数和预设的第一密钥进行自我签名运算,获得一组认证信息后,通过无线方式发送到客户端2,其中,该认证信息包括该第一动态电子签名和该终端设备的标识信息;该第一动态电子签名为该终端设备根据第一动态参数和第一密钥通过预设加密算法得到的;The terminal device 1 is configured to acquire the first dynamic electronic signature and the identification information of the terminal device, and perform self-signature operation on the first dynamic parameter as the signature parameter and the preset first key according to the cryptographic algorithm, and obtain a set of authentication information. Sending to the client 2 by using a wireless method, where the authentication information includes the first dynamic electronic signature and the identification information of the terminal device; the first dynamic electronic signature is the first dynamic parameter and the first key of the terminal device Obtained by a preset encryption algorithm;
或者,该动态电子签名为根据从所述客户端获取的第一动态参数和第一密钥通过预设加密算法得到的;或者,该动态电子签名为根据所述客户端获取的第一动态参数和从该终端设备获取的第一密钥通过预设加密算法得到的;Or the dynamic electronic signature is obtained by using a preset encryption algorithm according to the first dynamic parameter and the first key acquired from the client; or the dynamic electronic signature is the first dynamic parameter acquired according to the client. And obtaining, by the preset encryption algorithm, the first key obtained from the terminal device;
可选地,所述客户端2,具体用于通过无线方式定期接收所述终端设备标识 信息和认证信息,或者,当发送查询指令后接收所述终端设备标识信息和认证信息。Optionally, the client 2 is specifically configured to periodically receive the terminal device identifier by using a wireless manner. The information and the authentication information, or the terminal device identification information and the authentication information are received after the query command is sent.
服务器3,用于根据该标识信息获取预先存储的对应该终端设备的第二密钥,并根据该第二密钥以及第二动态参数通过该预设加密算法得到第二动态电子签名;The server 3 is configured to obtain a second key corresponding to the terminal device that is pre-stored according to the identifier information, and obtain a second dynamic electronic signature by using the preset encryption algorithm according to the second key and the second dynamic parameter;
还用于根据该第二动态电子签名对该第一动态电子签名进行认证,在认证通过后,确定该用户签到成功。The method is further configured to authenticate the first dynamic electronic signature according to the second dynamic electronic signature, and after the authentication is passed, determine that the user is successfully checked in.
可选地,该认证信息还包括该第一动态参数和第二动态参数;该第一动态参数和该第二动态参数包括时间或者事件,该第二动态参数的取值为等同于该第一动态参数的值或者根据该第一动态参数计算出来的值。Optionally, the authentication information further includes the first dynamic parameter and the second dynamic parameter; the first dynamic parameter and the second dynamic parameter include a time or an event, and the second dynamic parameter has a value equal to the first The value of the dynamic parameter or the value calculated from the first dynamic parameter.
可选地,在该第一动态参数和该第二动态参数为时间时,该处理单元502,具体用于确定基于该服务器的本地时间的预设时间段,并在该预设时间段内根据该第二动态参数和该第二密钥按照预设时间间隔通过该预设加密算法得到动态电子签名组,其中,该动态电子签名组包括多个第二动态电子签名;Optionally, when the first dynamic parameter and the second dynamic parameter are time, the processing unit 502 is specifically configured to determine a preset time period based on the local time of the server, and according to the preset time period, according to the preset time period. The second dynamic parameter and the second key are obtained by the preset encryption algorithm according to the preset time interval, wherein the dynamic electronic signature group includes a plurality of second dynamic electronic signatures;
所述服务器3,具体用于确定该动态电子签名组内是否存在与该第一动态电子签名相同的第二动态电子签名,在存在与该第一动态电子签名相同的第二动态电子签名时,确定该用户签到成功。The server 3 is specifically configured to determine whether a second dynamic electronic signature that is the same as the first dynamic electronic signature exists in the dynamic electronic signature group, and when there is a second dynamic electronic signature that is the same as the first dynamic electronic signature, Make sure the user is checked in successfully.
可选地,在该第一动态参数和该第二动态参数为时间时,该认证信息还包括该终端设备的本地时间或者客户端的本地时间;Optionally, when the first dynamic parameter and the second dynamic parameter are time, the authentication information further includes a local time of the terminal device or a local time of the client;
所述终端设备,具体用于在该认证信息包括该终端设备的本地时间时,接收该客户端发送的该终端设备的本地时间,并根据该第二密钥以及该终端设备的本地时间通过该预设加密算法得到第二动态电子签名;在该认证信息包括客户端的本地时间时,接收该客户端发送的该客户端的本地时间,并根据该第二密钥和该客户端的本地时间以及该第二动态参数通过该预设加密算法得到第二动态电子签名;The terminal device is configured to: when the authentication information includes the local time of the terminal device, receive the local time of the terminal device sent by the client, and pass the second key according to the second key and the local time of the terminal device. The preset encryption algorithm obtains a second dynamic electronic signature; when the authentication information includes the local time of the client, receiving the local time of the client sent by the client, and according to the second key and the local time of the client and the first The second dynamic parameter obtains the second dynamic electronic signature by using the preset encryption algorithm;
所述服务器3,具体用于确定该第一动态电子签名与该第二动态电子签名是否相同,在该第一动态电子签名与该第二动态电子签名相同时,确定该用户签 到成功。The server 3 is specifically configured to determine whether the first dynamic electronic signature is the same as the second dynamic electronic signature, and when the first dynamic electronic signature is the same as the second dynamic electronic signature, determining the user signature To success.
所述终端设备,还用于根据密码算法对作为签名参数的第一动态参数、第一密钥、终端设备标识信息进行自我签名运算,获得一组认证信息。The terminal device is further configured to perform a self-signature operation on the first dynamic parameter, the first key, and the terminal device identification information, which are signature parameters, according to a cryptographic algorithm, to obtain a set of authentication information.
可选地,所述服务器3,还用于获取存储的终端设备的位置,并确定该客户端所在位置为该终端设备的位置。Optionally, the server 3 is further configured to obtain a location of the stored terminal device, and determine that the location of the client is a location of the terminal device.
采用上述系统,该系统通过动态电子签名进行认证,能够提高用户签到的真实性。With the above system, the system is authenticated by dynamic electronic signature, which can improve the authenticity of the user's sign-in.
上述系统中各个设备的实现过程具体详见上述方法中对应步骤的实现过程,在此不再赘述。For details of the implementation process of each device in the foregoing system, refer to the implementation process of the corresponding steps in the foregoing method, and details are not described herein again.
对于系统实施例而言,由于其基本对应于方法实施例,所以相关之处参见方法实施例的部分说明即可。以上所描述的系统实施例仅仅是示意性的,其中所述作为分离部件说明的单元可以是或者也可以不是物理上分开的,作为单元显示的部件可以是或者也可以不是物理单元,即可以位于一个位置,或者也可以分布到多个网络单元上。可以根据实际的需要选择其中的部分或者全部模块来实现本申请方案的目的。本领域普通技术人员在不付出创造性劳动的情况下,即可以理解并实施。For the system embodiment, since it basically corresponds to the method embodiment, it can be referred to the partial description of the method embodiment. The system embodiments described above are merely illustrative, wherein the units described as separate components may or may not be physically separate, and the components displayed as units may or may not be physical units, ie may be located A location, or it can be distributed to multiple network elements. Some or all of the modules may be selected according to actual needs to achieve the objectives of the present application. Those of ordinary skill in the art can understand and implement without any creative effort.
以上所述仅为本申请的较佳实施例而已,并不用以限制本申请,凡在本申请的精神和原则之内,所做的任何修改、等同替换、改进等,均应包含在本申请保护的范围之内。 The above is only the preferred embodiment of the present application, and is not intended to limit the present application. Any modifications, equivalent substitutions, improvements, etc., which are made within the spirit and principles of the present application, should be included in the present application. Within the scope of protection.

Claims (16)

  1. 一种用户签到的方法,其特征在于,包括:A method for user sign-in, characterized in that it comprises:
    向用户需要签到的位置分配一个具有自我动态签名与无线传播能力的终端设备,在用户的终端设备生成认证信息后,终端设备通过无线方式发送认证信息到用户携带的客户端,客户端通过无线方式把认证信息发送到服务器,其中,所述认证信息包括所述第一动态电子签名和所述终端设备的标识信息;A terminal device having a self-dynamic signature and a wireless communication capability is allocated to a location that the user needs to check in. After the user terminal device generates the authentication information, the terminal device sends the authentication information to the client carried by the user through the wireless manner, and the client wirelessly Sending the authentication information to the server, where the authentication information includes the first dynamic electronic signature and the identification information of the terminal device;
    所述服务器根据所述标识信息获取预先存储的对应所述终端设备的第二密钥,并根据所述第二密钥以及第二动态参数通过所述预设加密算法得到第二动态电子签名;And the server obtains a second key corresponding to the terminal device that is stored in advance according to the identifier information, and obtains a second dynamic electronic signature by using the preset encryption algorithm according to the second key and the second dynamic parameter;
    所述服务器还根据所述第二动态电子签名对所述第一动态电子签名进行认证,在认证通过后,确定所述用户签到成功。The server further authenticates the first dynamic electronic signature according to the second dynamic electronic signature, and after the authentication is passed, determines that the user is successfully checked in.
  2. 根据权利要求1所述的一种用户签到的方法,其特征在于,所述用户的终端设备生成认证信息,具体为:所述终端设备根据密码算法对作为签名参数的第一动态参数和预设的第一密钥进行自我签名运算,获得一组认证信息,通过无线方式发送签名信息和设备信息。The user sign-in method according to claim 1, wherein the terminal device of the user generates the authentication information, specifically: the terminal device uses the first dynamic parameter and the preset as the signature parameter according to the cryptographic algorithm. The first key performs a self-signature operation, obtains a set of authentication information, and transmits the signature information and the device information by wireless.
  3. 根据权利要求2所述的一种用户签到的方法,其特征在于,所述在用户的终端设备获取第一动态电子签名,具体为所述第一动态电子签名为所述终端设备根据第一动态参数和第一密钥通过预设加密算法得到的;或者,所述第一动态电子签名为根据从所述客户端获取的第一动态参数和第一密钥通过预设加密算法得到的;或者,所述第一动态电子签名为根据从客户端获取的第一动态参数和本地获取的第一密钥通过预设加密算法得到的。The method for the user to check in according to claim 2, wherein the user terminal device acquires a first dynamic electronic signature, specifically, the first dynamic electronic signature is that the terminal device is according to the first dynamic The parameter and the first key are obtained by using a preset encryption algorithm; or the first dynamic electronic signature is obtained by using a preset encryption algorithm according to the first dynamic parameter and the first key acquired from the client; or The first dynamic electronic signature is obtained by using a preset encryption algorithm according to the first dynamic parameter acquired from the client and the locally acquired first key.
  4. 根据权利要求2或3所述的一种用户签到的方法,其特征在于,所述认证信息还包括所述第一动态参数和第二动态参数;所述第一动态参数和所述第二动态参数包括时间、挑战码或者事件中的一种或者多种,所述第二动态参数的取值为等同于所述第一动态参数的值或者根据所述第一动态参数计算出来的值。 The method for signing in a user according to claim 2 or 3, wherein the authentication information further includes the first dynamic parameter and the second dynamic parameter; the first dynamic parameter and the second dynamic The parameter includes one or more of a time, a challenge code, or an event, and the value of the second dynamic parameter is equivalent to a value of the first dynamic parameter or a value calculated according to the first dynamic parameter.
  5. 根据权利要求4所述的一种用户签到的方法,其特征在于,在所述第一动态参数和所述第二动态参数为时间时,所述根据所述第二密钥以及第二动态参数通过所述预设加密算法得到第二动态电子签名包括:The method for signing in a user according to claim 4, wherein when the first dynamic parameter and the second dynamic parameter are time, the second key and the second dynamic parameter are Obtaining the second dynamic electronic signature by using the preset encryption algorithm includes:
    确定基于所述服务器的本地时间的预设时间段;Determining a preset time period based on the local time of the server;
    在所述预设时间段内根据所述第二动态参数和所述第二密钥按照预设时间间隔通过所述预设加密算法得到动态电子签名组,其中,所述动态电子签名组包括多个第二动态电子签名;And the dynamic electronic signature group is obtained by using the preset encryption algorithm according to the second dynamic parameter and the second key according to the preset time interval, where the dynamic electronic signature group includes multiple Second dynamic electronic signature;
    所述服务器根据所述第二动态电子签名对所述第一动态电子签名进行认证,在认证通过后,确定所述用户签到成功包括:The server authenticates the first dynamic electronic signature according to the second dynamic electronic signature. After the authentication is passed, determining that the user successfully signs in the check includes:
    确定所述动态电子签名组内是否存在与所述第一动态电子签名相同的第二动态电子签名,在存在与所述第一动态电子签名相同的第二动态电子签名时,确定所述用户签到成功。Determining whether there is a second dynamic electronic signature identical to the first dynamic electronic signature in the dynamic electronic signature group, and determining that the user is checked in when there is a second dynamic electronic signature identical to the first dynamic electronic signature success.
  6. 根据权利要求4所述的一种用户签到的方法,其特征在于,在所述第一动态参数和所述第二动态参数为时间时,所述认证信息还包括所述终端设备的本地时间或者客户端的本地时间;The method for signing in a user according to claim 4, wherein when the first dynamic parameter and the second dynamic parameter are time, the authentication information further includes a local time of the terminal device or The local time of the client;
    在所述认证信息包括所述终端设备的本地时间时,所述根据所述第二密钥以及第二动态参数通过所述预设加密算法得到第二动态电子签名包括:所述服务器接收所述客户端发送的所述终端设备的本地时间,并根据所述第二密钥以及所述终端设备的本地时间通过所述预设加密算法得到第二动态电子签名;When the authentication information includes the local time of the terminal device, the obtaining, by the preset encryption algorithm, the second dynamic electronic signature according to the second key and the second dynamic parameter includes: the server receiving the The local time of the terminal device sent by the client, and obtaining the second dynamic electronic signature by using the preset encryption algorithm according to the second key and the local time of the terminal device;
    在所述认证信息包括客户端的本地时间时,所述根据所述第二密钥以及第二动态参数通过所述预设加密算法得到第二动态电子签名包括:所述服务器接收所述客户端发送的所述客户端的本地时间,并根据所述第二密钥和所述客户端的本地时间以及所述第二动态参数通过所述预设加密算法得到第二动态电子签名;When the authentication information includes the local time of the client, the obtaining the second dynamic electronic signature by using the preset encryption algorithm according to the second key and the second dynamic parameter includes: the server receiving the client sending The local time of the client, and obtaining a second dynamic electronic signature by using the preset encryption algorithm according to the second key and the local time of the client and the second dynamic parameter;
    所述服务器根据所述第二动态电子签名对所述第一动态电子签名进行认证,在认证通过后,确定所述用户签到成功包括:The server authenticates the first dynamic electronic signature according to the second dynamic electronic signature. After the authentication is passed, determining that the user successfully signs in the check includes:
    确定所述第一动态电子签名与所述第二动态电子签名是否相同,在所述第 一动态电子签名与所述第二动态电子签名相同时,确定所述用户签到成功。Determining whether the first dynamic electronic signature is the same as the second dynamic electronic signature, in the When a dynamic electronic signature is the same as the second dynamic electronic signature, the user is determined to be successful.
  7. 根据权利要求1所述的一种用户签到的方法,该方法还包括根据密码算法对作为签名参数的第一动态参数、第一密钥、终端设备标识信息进行自我签名运算,获得一组认证信息。The method for signing in a user according to claim 1, further comprising performing a self-signature operation on the first dynamic parameter, the first key, and the terminal device identification information as the signature parameter according to the cryptographic algorithm, to obtain a set of authentication information. .
  8. 根据权利要求1所述的一种用户签到的方法,其特征在于,所述客户端通过无线方式发送认证信息,具体为:所述客户端通过无线方式定期广播所述终端设备标识信息和认证信息,或者,当所述客户端收到查询指令时发送所述终端设备标识信息和认证信息。The user sign-in method according to claim 1, wherein the client sends the authentication information in a wireless manner, specifically: the client periodically broadcasts the terminal device identification information and the authentication information by using a wireless manner. Or, when the client receives the query instruction, the terminal device identification information and the authentication information are sent.
  9. 一种用户签到的系统,其特征在于,包括:A system for user sign-in, characterized in that it comprises:
    终端设备,用于获取认证信息并通过无线方式发送到客户端,其中,所述认证信息包括所述第一动态电子签名和所述终端设备的标识信息;所述认证信息根据第一密钥和第一动态参数,通过加密算法获得第一动态电子签名;The terminal device is configured to obtain the authentication information and send the information to the client by using a wireless method, where the authentication information includes the first dynamic electronic signature and the identifier information of the terminal device, where the authentication information is based on the first key and a first dynamic parameter, the first dynamic electronic signature obtained by the encryption algorithm;
    客户端,用于通过无线方式接收所述终端设备发送的认证信息,并且发送到服务器;a client, configured to receive, by using a wireless manner, authentication information sent by the terminal device, and send the information to the server;
    服务器,用于根据所述标识信息获取预先存储的对应所述终端设备的第二密钥,并根据所述第二密钥以及第二动态参数通过所述预设加密算法得到第二动态电子签名;还用于根据所述第二动态电子签名对所述第一动态电子签名进行认证,在认证通过后,确定所述用户签到成功。a server, configured to acquire a pre-stored second key corresponding to the terminal device according to the identifier information, and obtain a second dynamic electronic signature by using the preset encryption algorithm according to the second key and the second dynamic parameter And the method is further configured to authenticate the first dynamic electronic signature according to the second dynamic electronic signature, and after the authentication is passed, determine that the user is successfully checked in.
  10. 根据权利要求9所述的一种用户签到的系统,其特征在于,所述终端设备,具体用于根据密码算法对作为签名参数的第一动态参数和预设的第一密钥进行自我签名运算,获得一组认证信息。The system for signing in a user according to claim 9, wherein the terminal device is specifically configured to perform self-signing operation on the first dynamic parameter as the signature parameter and the preset first key according to the cryptographic algorithm. , get a set of authentication information.
  11. 根据权利要求10所述的一种用户签到的系统,其特征在于,所述终端设备,用于在获取第一动态电子签名后,具体为所述第一动态电子签名为所述终端设备根据第一动态参数和第一密钥通过预设加密算法得到的;或者,所述动态电子签名为根据从所述客户端获取的第一动态参数和第一密钥通过预设加密算法得到的;或者,所述动态电子签名为根据从客户端获取的第一动态参数和本地获取的第一密钥通过预设加密算法得到的。 The system for signing in a user according to claim 10, wherein the terminal device is configured to: after acquiring the first dynamic electronic signature, specifically, the first dynamic electronic signature is the terminal device according to the first The dynamic parameter and the first key are obtained by using a preset encryption algorithm; or the dynamic electronic signature is obtained by using a preset encryption algorithm according to the first dynamic parameter and the first key acquired from the client; or The dynamic electronic signature is obtained by using a preset encryption algorithm according to the first dynamic parameter acquired from the client and the locally acquired first key.
  12. 根据权利要求10或11所述的一种用户签到的系统,其特征在于,所述认证信息还包括所述第一动态参数和第二动态参数;所述第一动态参数和所述第二动态参数包括时间或者事件,所述第二动态参数的取值为等同于所述第一动态参数的值或者根据所述第一动态参数计算出来的值。A system for user sign-in according to claim 10 or 11, wherein the authentication information further includes the first dynamic parameter and the second dynamic parameter; the first dynamic parameter and the second dynamic The parameter includes a time or an event, and the value of the second dynamic parameter is equivalent to a value of the first dynamic parameter or a value calculated according to the first dynamic parameter.
  13. 根据权利要求12所述的一种用户签到的系统,其特征在于,在所述第一动态参数和所述第二动态参数为时间时,所述服务器,具体用于确定基于所述服务器的本地时间的预设时间段,并在所述预设时间段内根据所述第二动态参数和所述第二密钥按照预设时间间隔通过所述预设加密算法得到动态电子签名组,其中,所述动态电子签名组包括多个第二动态电子签名;A system for a user to check in according to claim 12, wherein the server is specifically configured to determine a locality based on the server when the first dynamic parameter and the second dynamic parameter are time a preset time period of the time, and the dynamic electronic signature group is obtained by the preset encryption algorithm according to the second dynamic parameter and the second key according to the preset time interval, where The dynamic electronic signature set includes a plurality of second dynamic electronic signatures;
    还具体用于确定所述动态电子签名组内是否存在与所述第一动态电子签名相同的第二动态电子签名,在存在与所述第一动态电子签名相同的第二动态电子签名时,确定所述用户签到成功。The method is further specifically configured to determine whether a second dynamic electronic signature that is the same as the first dynamic electronic signature exists in the dynamic electronic signature group, and when there is a second dynamic electronic signature that is the same as the first dynamic electronic signature, determining The user checked in successfully.
  14. 根据权利要求12所述的一种用户签到的系统,其特征在于,在所述第一动态参数和所述第二动态参数为时间时,所述认证信息还包括所述终端设备的本地时间或者客户端的本地时间;The user-check-in system according to claim 12, wherein when the first dynamic parameter and the second dynamic parameter are time, the authentication information further includes a local time of the terminal device or The local time of the client;
    所述服务器,具体用于在所述认证信息包括所述终端设备的本地时间时,接收所述客户端发送的所述终端设备的本地时间,并根据所述第二密钥以及所述终端设备的本地时间通过所述预设加密算法得到第二动态电子签名;在所述认证信息包括客户端的本地时间时,接收所述客户端发送的所述客户端的本地时间,并根据所述第二密钥和所述客户端的本地时间以及所述第二动态参数通过所述预设加密算法得到第二动态电子签名;The server is configured to: when the authentication information includes the local time of the terminal device, receive a local time of the terminal device sent by the client, and according to the second key and the terminal device The local time is obtained by the preset encryption algorithm to obtain a second dynamic electronic signature; when the authentication information includes the local time of the client, receiving the local time of the client sent by the client, and according to the second secret And a second dynamic electronic signature obtained by the key and the local time of the client and the second dynamic parameter by using the preset encryption algorithm;
    还具体用于确定所述第一动态电子签名与所述第二动态电子签名是否相同,在所述第一动态电子签名与所述第二动态电子签名相同时,确定所述用户签到成功。The method is further specifically configured to determine whether the first dynamic electronic signature is the same as the second dynamic electronic signature, and when the first dynamic electronic signature is the same as the second dynamic electronic signature, determining that the user is successfully checked in.
  15. 根据权利要求9所述的一种用户签到的系统,其特征在于,所述终端设备,还用于根据密码算法对作为签名参数的第一动态参数、第一密钥、终端设备标识信息进行自我签名运算,获得一组认证信息。 The user-check-in system according to claim 9, wherein the terminal device is further configured to perform self-identification on the first dynamic parameter, the first key, and the terminal device identification information as the signature parameter according to the cryptographic algorithm. Signature operation to obtain a set of authentication information.
  16. 根据权利要求9所述的一种用户签到的系统,其特征在于,所述客户端,具体用于通过无线方式定期接收所述终端设备标识信息和认证信息,或者,当发送查询指令后接收所述终端设备标识信息和认证信息。 The system of the user sign-in according to claim 9, wherein the client is specifically configured to periodically receive the terminal device identification information and the authentication information by using a wireless manner, or receive the query after sending the query instruction. Terminal device identification information and authentication information.
PCT/CN2017/082364 2016-06-23 2017-04-28 User check-in method and system WO2017219759A1 (en)

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
CN201610463702.2 2016-06-23
CN201610463702.2A CN106130732A (en) 2016-06-23 2016-06-23 User sign-in method and device
CN201610642255.7A CN106254066A (en) 2016-08-08 2016-08-08 Self dynamic signature and wireless transmission method and equipment thereof
CN201610642255.7 2016-08-08

Publications (1)

Publication Number Publication Date
WO2017219759A1 true WO2017219759A1 (en) 2017-12-28

Family

ID=60784188

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2017/082364 WO2017219759A1 (en) 2016-06-23 2017-04-28 User check-in method and system

Country Status (1)

Country Link
WO (1) WO2017219759A1 (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20130318247A1 (en) * 2011-10-11 2013-11-28 Microsoft Corporation Device Linking
CN103686589A (en) * 2012-09-04 2014-03-26 邬国锐 Safe check-in method and system facing mobile terminal
CN205039896U (en) * 2014-12-31 2016-02-17 天地融科技股份有限公司 Terminal and phone system
CN106130732A (en) * 2016-06-23 2016-11-16 深圳市海月通信技术有限公司 User sign-in method and device
CN106254066A (en) * 2016-08-08 2016-12-21 深圳市海月通信技术有限公司 Self dynamic signature and wireless transmission method and equipment thereof

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20130318247A1 (en) * 2011-10-11 2013-11-28 Microsoft Corporation Device Linking
CN103686589A (en) * 2012-09-04 2014-03-26 邬国锐 Safe check-in method and system facing mobile terminal
CN205039896U (en) * 2014-12-31 2016-02-17 天地融科技股份有限公司 Terminal and phone system
CN106130732A (en) * 2016-06-23 2016-11-16 深圳市海月通信技术有限公司 User sign-in method and device
CN106254066A (en) * 2016-08-08 2016-12-21 深圳市海月通信技术有限公司 Self dynamic signature and wireless transmission method and equipment thereof

Similar Documents

Publication Publication Date Title
US10785647B1 (en) Trusted beacon based location determination system and method
CN110086608B (en) User authentication method, device, computer equipment and computer readable storage medium
CN107113173B (en) Method and apparatus for providing service based on identifier of user equipment
US10298398B2 (en) Peer discovery, connection, and data transfer
EP3105904B1 (en) Assisted device provisioning in a network
CN107070909A (en) Method for sending information, message receiving method, apparatus and system
TW201706900A (en) Method and device for authentication using dynamic passwords
JP2018502471A5 (en)
EP3217624B1 (en) Information processing method, program, information processing apparatus, and system
CN105634737B (en) Data transmission method, terminal and system
JP6012888B2 (en) Device certificate providing apparatus, device certificate providing system, and device certificate providing program
US10805091B2 (en) Certificate tracking
CN112788042B (en) Method for determining device identifier of Internet of things and device of Internet of things
JP5380583B1 (en) Device authentication method and system
CN104661219A (en) Communication method of wireless equipment, wireless equipment and server
US20160191482A1 (en) System and method for providing authenticated communications from a remote device to a local device
TW201820196A (en) Presence identification
US9280645B1 (en) Local and remote verification
US20160050184A1 (en) Method for secure e-mail exchange
KR20140137005A (en) System for deployment of communication terminals in a cloud computing system
WO2014194818A1 (en) Method for discovering user of equipment, and user equipment
JP6447949B1 (en) Authentication system, authentication server, authentication method, and authentication program
CN110166460A (en) Register method and device, storage medium, the electronic device of service account
US20200015081A1 (en) Method for secure transmission of cryptographic data
JP2012015712A (en) Data backup system, server, wireless master unit, and program

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 17814497

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205 DATED 22/05/2019)

122 Ep: pct application non-entry in european phase

Ref document number: 17814497

Country of ref document: EP

Kind code of ref document: A1