WO2018095182A1 - Procédé et système d'échange de données - Google Patents

Procédé et système d'échange de données Download PDF

Info

Publication number
WO2018095182A1
WO2018095182A1 PCT/CN2017/107602 CN2017107602W WO2018095182A1 WO 2018095182 A1 WO2018095182 A1 WO 2018095182A1 CN 2017107602 W CN2017107602 W CN 2017107602W WO 2018095182 A1 WO2018095182 A1 WO 2018095182A1
Authority
WO
WIPO (PCT)
Prior art keywords
information
control device
authentication
server
certified
Prior art date
Application number
PCT/CN2017/107602
Other languages
English (en)
Chinese (zh)
Inventor
李东声
Original Assignee
天地融科技股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from CN201611059494.6A external-priority patent/CN107231404B/zh
Priority claimed from CN201611060585.1A external-priority patent/CN107230265B/zh
Application filed by 天地融科技股份有限公司 filed Critical 天地融科技股份有限公司
Publication of WO2018095182A1 publication Critical patent/WO2018095182A1/fr

Links

Images

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit

Definitions

  • the present invention relates to the field of electronic technologies, and in particular, to a data interaction method and system.
  • the entrance of some community gates and the entrances of various buildings in the community usually have access control.
  • the owner who lives in the community can use the access card issued by the community to enter and exit the cell and the building, and the person without the access card cannot enter the cell.
  • the present invention is directed to solving the above problems.
  • the main object of the present invention is to provide a data interaction method
  • Another object of the present invention is to provide a data interaction system
  • Another object of the present invention is to provide a data interaction method
  • Another object of the present invention is to provide a data interaction system.
  • An aspect of the present invention provides a data interaction method, including: a first server receives first information sent by a client, where the first information includes location information; and the first server allocates a target user to the location information, and determines The identity information of the target user; the first server sends second information to the second server, the second information includes at least identity information of the target user; the second server receives the second information, and Transmitting the second information to the authority control device; the rights control device receiving the second information, and storing the second information; the rights control device detecting that the first to-be-certified information carrier enters a detection range, The first to-be-certified information carrier reads the first to-be-authenticated information, and the first to-be-authenticated information includes identity information to be authenticated; the rights control device uses the stored identity information of the target user to the identity information to be authenticated. Performing the first authentication; the authority control device performs an authorization operation after the first authentication is passed.
  • a data interaction system including: a first server, configured to receive first information sent by a client, where the first information includes location information; assign a target user to the location information, determine a location Determining identity information of the target user; transmitting second information to the second server, the second information including at least identity information of the target user; the second server, configured to receive the second information, and control the rights
  • the device sends the second information; the rights control device is configured to receive the second information, and store the second information; and detect that the first to-be-authenticated information carrier enters a detection range, from the first to be authenticated
  • the information carrier reads the first to-be-authenticated information, the first to-be-authenticated information includes the identity information to be authenticated, and performs the first authentication on the to-be-authenticated identity information by using the stored identity information of the target user; After the first authentication is passed, the authorization operation is performed.
  • An aspect of the present invention provides a data interaction method, including: a first server receives first information sent by a client, the first information includes location information; and the first server allocates a target user to the location information, Determining identity information of the target user; the first server sends second information to the second server, the second information includes at least identity information of the target user; and the second server receives the second information, Storing the second information; the right control device detects that the first to-be-certified information carrier enters the detection range, and reads the first to-be-certified information from the first to-be-authenticated information carrier, where the first to-be-certified information includes the identity to be authenticated Information; and, The rights control device sends an identity information acquisition request to the second server; the second server receives the identity information acquisition request, and sends the second information to the rights control device; the rights control device receives the The second information is used to perform the first authentication on the identity information to be authenticated by using the received identity information of the target user; after the first authentication is passed, the rights control device perform
  • a data interaction system including: a first server, configured to receive first information sent by a client, where the first information includes location information; assign a target user to the location information, determine The second user information is sent to the second server, the second information includes at least the identity information of the target user, and the second server is configured to receive the second information, and store the The second information; the authority control device is configured to detect that the first to-be-certified information carrier enters the detection range, and reads the first to-be-certified information from the first to-be-certified information carrier, where the first to-be-certified information includes the identity to be authenticated And sending the identity information acquisition request to the second server; the second server is further configured to receive the identity information acquisition request, and send the second information to the rights control device; the rights control device, The method is further configured to receive the second information, and perform first authentication on the to-be-authenticated identity information by using the received identity information of the target user. And after the first authentication, performs authorization operations.
  • the first server after receiving the location information sent by the client, allocates the target user and sends the identity information of the target user to the second server, where the target user is located in the The location information of the customer providing the service (such as a delivery person or a food delivery staff, etc.), the second server sends the identity information of the target user to the authority control device, and when the target user arrives at the location of the authority control device,
  • the first to-be-certified information carrier is placed in the detection area of the authority control device, the authority control device detects and reads the identity information to be authenticated, and performs the first authentication, and if the authentication passes, performs the authorization operation.
  • the access control is the authority control device
  • the target user such as a delivery person or a food delivery person, etc.
  • the solution sends the identity information of the target user to the second server through the first server, and is sent to the access control by the second server.
  • the access control uses the identity information of the target user to authenticate and pass the target user, the target user can obtain the authorization. Therefore, the user enters the cell.
  • the client who enjoys the service provided by the target user does not need to go out to open the access control for the target user, and provides convenience for the client.
  • the target user is authenticated by the authority control device when entering the cell. After being authorized to enter, security is guaranteed.
  • FIG. 1 is a flowchart of a data interaction method according to Embodiment 1 of the present invention.
  • FIG. 2 is a schematic structural diagram of a data interaction system according to Embodiment 2 of the present invention.
  • Embodiment 3 is a flowchart of a data interaction method according to Embodiment 3 of the present invention.
  • FIG. 4 is a schematic structural diagram of a data interaction system according to Embodiment 4 of the present invention.
  • connection In the description of the present invention, it should be noted that the terms “installation”, “connected”, and “connected” are to be understood broadly, and may be fixed or detachable, for example, unless otherwise explicitly defined and defined. Connected, or integrally connected; can be mechanical or electrical; can be directly connected, or indirectly connected through an intermediate medium, can be the internal communication of the two components.
  • Connected, or integrally connected can be mechanical or electrical; can be directly connected, or indirectly connected through an intermediate medium, can be the internal communication of the two components.
  • the specific meaning of the above terms in the present invention can be understood in a specific case by those skilled in the art.
  • the applicable scenarios in this embodiment include, but are not limited to, a client, a first server, a second server, and an authority control device; the client purchases a certain service through the client through the online order (for example, online shopping, online ordering, etc.) , the client will location information (such as shipping The address is sent to the first server, the first server allocates a target user (such as a courier) for the location information, and sends the identity information of the target user to the second server, where the second server sends the identity information of the target user to The authority control device (for example, the access control set by the location of the delivery address identifier), the target user holds the first information carrier to be authenticated, and when the target user arrives at the location of the authority control device, the authority control device uses the identity information of the target user to target The user performs the first authentication and authorization.
  • the client purchases a certain service through the client through the online order (for example, online shopping, online ordering, etc.) , the client will location information (such as shipping The address is sent to the first server
  • This embodiment provides a data interaction method. As shown in FIG. 1, the method includes the following steps:
  • the first server receives first information sent by a client, where the first information includes location information.
  • the first server in this embodiment can communicate with the client.
  • the first server may be a server that provides an online service such as an online supermarket or an online ordering service
  • the client may be an application for realizing online shopping or ordering services, and the client may be installed on a device held by the user (for example, a PC). , mobile phones, PDAs, etc.).
  • the first information may be order information
  • the location information may be an order address; for example, when the online shopping is performed, the location information is specifically a delivery address, and when the online order is ordered, the location information is specifically a delivery address and the like.
  • the location information may represent address information of different meanings, and is not limited herein.
  • the first information may further include information such as an order number, an order detail, an order amount, an order date, a user name of the order, and the like, and is not limited herein.
  • the first server allocates a target user to the location information, and determines identity information of the target user.
  • the target user is a person who provides a corresponding service to the client located in the location information.
  • the target user is specifically a delivery person.
  • the location information is specifically a food delivery person, etc. .
  • the target user can indicate the person providing different services, and there is no limitation here.
  • the identity information of the target user in this embodiment may be ID information or may be any biometric information such as fingerprint information, palm print information or iris information.
  • the ID card information includes at least an ID card number, and the ID card information can be read from the ID card, or can be read from an order graphic code or an order barcode code carrying the ID card information.
  • the first server sends second information to the second server, where the second information includes at least identity information of the target user.
  • the second server may be used to manage the rights control device.
  • the rights control device may be the access control
  • the second server is the server that can implement data interaction and management for the access control.
  • the first server and the second server are mutually independent servers, and each of them functions differently.
  • the first server is used for providing a server for online shopping, online ordering, and the like
  • the second server is used for data interaction and management of the authority control device, and the first server and the second server can communicate with each other through a wireless network or a wired network. Communicate.
  • the second server receives the second information, and sends the second information to the rights control device.
  • the second server and the authority control device can communicate through a wired connection, such as a network cable connection, or can communicate through a wireless network, such as a mobile network, a local area network in a cell, and the like.
  • the permission control device can be an access control.
  • This step can also be implemented as follows:
  • the second server receives the second information, and stores the second information; the rights control device sends an identity information acquisition request to the second server; the second server receives the identity information acquisition request, and The authority control device transmits the second information.
  • the permission control apparatus receives the second information, and stores the second information.
  • the second information includes at least the identity information of the target user
  • the rights control device stores the identity information of the received target user, so as to subsequently perform identity authentication on the target user by using the identity information of the target user.
  • the permission control device detects that the first to-be-certified information carrier enters the detection range, and reads the first to-be-certified information from the first to-be-certified information carrier, where the first to-be-authenticated information includes identity information to be authenticated;
  • the authority control device is provided with a module for supporting the information reading function.
  • the module may be an identity card reading module for reading the identity card information, and correspondingly, the first information carrier to be authenticated is an identity card, and the reading is performed.
  • the first information to be authenticated is the ID information; for example, the module is a scan code module, and correspondingly, the first information carrier to be authenticated may be an order graphic code or an order barcode carrying the identity information, and the like.
  • the first to-be-certified information may be that the identity information of the target user is read from the order graphic code or the order barcode (the identity information may be, for example, an identity card number such as an ID number); for example, the module may be a biometric feature.
  • the biometric reading module correspondingly, the first to-be-certified information carrier is a biometric feature, and the read first to-be-certified information is biometric information.
  • the biometric feature may be a finger, and the corresponding biometric information may be a fingerprint; or the biometric feature may be a palm, and the corresponding biometric information may be a palm print; or the biometric feature may be an eye, and the corresponding biometric information may be Iris, etc., there is no limit here.
  • the rights control device performs first authentication on the to-be-authenticated identity information by using the stored identity information of the target user.
  • the authority control device performs an authorization operation after the first authentication is passed.
  • the first authentication of the identity information to be authenticated is performed by using the stored identity information of the target user, which may be implemented by: determining the stored identity information of the target user and the identity information to be authenticated. Whether they are consistent. If they are consistent, the first authentication is passed. If they are inconsistent, the first authentication fails.
  • performing the authorization operation may be as follows: opening the door lock.
  • the first server after receiving the location information sent by the client, allocates the target user and sends the identity information of the target user to the second server, where the target user provides services for the client located in the location information.
  • a person such as a delivery person or a food delivery person, etc.
  • the second server sends the identity information of the target user to the authority control device, and when the target user arrives at the location of the authority control device, the first information carrier to be authenticated is held Placed in the detection area of the authority control device, the authority control device detects and reads the identity information to be authenticated, and performs the first authentication, and if the authentication passes, performs the authorization operation.
  • the present invention can be used.
  • the solution sends the identity information of the target user to the second server through the first server, and is sent to the access control by the second server.
  • the access control authenticates the target user by using the identity information of the target user
  • the target user can also obtain the authorization. Therefore, the user enters the cell.
  • the client who enjoys the service provided by the target user does not need to go out to open the access control for the target user, and provides convenience for the client.
  • the target user is authenticated by the authority control device when entering the cell. After being authorized to enter, security is guaranteed.
  • the rights control device deletes the stored second information or sets the state of the second information to a failure state.
  • the embodiment deletes the stored second information after performing the current authentication or the current authorization operation, so that the second information cannot be used for the next authentication or authorization in the subsequent process.
  • setting the state of the second information to a failure state that is, the second information is invalid after being used for one authentication and authorization operation, and then the second information cannot be used for the next authentication or authorization, thereby avoiding the The second information is illegally used again for authentication and authorization in subsequent processes.
  • the authorization operation may also be set, and the authority control device performs the authorization operation, including: the authority control device passes the first authentication. After that, it is judged whether the time when the timing arrives exceeds the prescribed time, and if the specified time is not exceeded, the authorization operation is performed, wherein the timing starts when the authority control device receives the second information, or the timing is in the authority The control device begins when it receives an instruction sent by the second server.
  • the time when the right control device receives the second information or receives the timing start command sent by the second server is 9:00 am, and the time starts, and the predetermined time can be set to 12 am, if the first authentication is passed.
  • the authorization operation is allowed. If the time exceeds 12 o'clock, the authorization operation is not performed even if the first authentication is passed.
  • the second information further includes: the location information.
  • the location information can be used to perform second authentication on the target user to further ensure the security of the authorization operation.
  • the sending, by the second server, the second information to the rights control device includes: when the location of the rights control device is consistent with the location information, the second server Sending the second information to the authority control device.
  • the second server can manage multiple rights control devices, and different rights control devices have different locations.
  • the second server sends the second information
  • the location information in the second information indicates the address of the service provided by the target user (for example, the target user may be a courier, the location information may be a delivery address, and the permission control device is an access control)
  • First determining whether the location information in the second information is consistent with the location information of the rights control device eg, determining whether the shipping address is consistent with the location of the access control
  • sending the second information to the rights control device if not, Then the second message is not sent.
  • the authority control device that matches the location information and the location information in the second information receives the second information, and the rights control device that does not match the location information in the second information does not receive the second information. Therefore, the authority control device can authorize the target user when the location information of the target user is consistent with the location of the authority control device in the subsequent process; otherwise, the target user is not authorized.
  • the second server when the second server sends the second information to the authority control device, the second server determines that the location information in the second information is consistent with the location of the authority control device, and of course, the second server is transmitting.
  • the second information may also not care whether the location information in the second information is consistent with the location of the rights control device, but directly sends the second information to each rights control device, and the rights control device determines the second information. Whether the location information is consistent with the location information of the self, and then corresponding processing:
  • the rights control device may perform the following operations: the location information and the rights control in the second information by the rights control device When the location information of the device is consistent, the second information is stored.
  • the second information sent by the second server to the authority control device may occur, and the location information carried by the second information is inconsistent with the location of the rights control device, and the rights control device is in the second information.
  • the second information is stored, and if not, the second information is not stored, so that the subsequent rights control device uses the location information to perform the second
  • authorization of the authority control device may be obtained; otherwise, authorization may not be obtained, further ensuring authorization operation Safety.
  • the second location may be performed on the target user by using the stored location information.
  • the method further includes: the authority control device detects that the second to-be-certified information carrier enters the detection range, and reads the second to-be-certified information, wherein the second to-be-certified information includes: location information to be authenticated;
  • the rights control device performs the second authentication on the to-be-authenticated location information by using the stored location information; at this time, the rights control device performs an authorization operation, specifically: after the first authentication and the second authentication are both passed, the authorization is performed. operating.
  • the second to-be-certified information carrier includes an order graphic code or an order barcode carrying the location information, and when the target user carries the goods (the order graphic code or the order barcode indicating the order information is attached to the goods), the access control device is located.
  • the authority control device can read the delivery address from the order graphic code or the order barcode, the delivery address is equivalent to the location information to be authenticated, and since the permission control device has previously stored the location information, if the read location to be authenticated If the information is consistent with the previously stored location information, the second authentication passes, otherwise the second authentication fails.
  • the target user is the courier and the location information is the delivery address as an example: for example, there are 8 buildings in a community, each building has an access control, and the access control in the 8th building receives the second information. If the delivery address in the second information is the 8th floor, the access control of the 8th building stores the second information (the second information includes the courier's identity information and the shipping address), otherwise the second is not stored. Information, follow-up If the courier arrives at Building 8, if the delivery address of the goods that the courier needs to deliver is the No. 8 building, the access control of Building No. 8 reads the shipping address through the scanning order information, and passes the location information.
  • the result of the comparison is that the delivery address is the same as the previously stored delivery address, then the access control of the 8th building is authorized by the courier, so the courier enters the 8th building; and if the courier needs to deliver the goods
  • the access control of the 8th building reads the delivery address by scanning the order information. If the result of the position information comparison is that the delivery address is inconsistent with the previously stored delivery address, then the Courier can't get 8 Floor access authorization, they can not enter the Building 8.
  • the location information of the permission control device may be used to perform the first
  • the privilege control device does not need to store the location information in the second information, and directly performs the second authentication by using the location information of the privilege control device.
  • the method further includes: the privilege control device Detecting that the second to-be-certified information carrier enters the detection range, and reading the second to-be-certified information from the second to-be-certified information carrier, wherein the second to-be-certified information includes: to-be-authenticated location information; The second authentication is performed on the to-be-authenticated location information by using the location information of the permission control device.
  • the authorization control device performs an authorization operation, including: after the first authentication and the second authentication are both passed, performing an authorization operation.
  • the second to-be-certified information carrier includes an order graphic code or an order barcode carrying the order information, and the permission control device can read the delivery address from the order graphic code or the order barcode, which is equivalent to the authentication to be authenticated.
  • the location information because the rights control device itself also has location information, if the read location information to be authenticated is consistent with the location information of the rights control device, the second authentication passes, otherwise the second authentication fails.
  • the authority control device performs the second authentication by using the location information
  • the location for example, the delivery address
  • the authorization of the authority control device can be obtained. Otherwise, authorization cannot be obtained, further ensuring the security of the authorization operation.
  • the first to-be-authenticated information carrier and the second to-be-certified information carrier both carry the identity information and the location information of the target user
  • the first to-be-authenticated information carrier and the second to-be-certified information carrier may be the same carrier.
  • the first to-be-certified information carrier and the second to-be-certified information carrier are both an order graphic code or an order barcode
  • the order graphic code or the order barcode carries the identity information and location information of the target user.
  • the control device can obtain the identity information of the target user by scanning the code, and can also obtain the location information.
  • the first to-be-certified information carrier and the second to-be-certified information carrier may be different carriers.
  • the first to-be-certified information carrier is an identity card of the target user
  • the second to-be-certified information carrier is an order graphic code or an order barcode. Location information is carried in the order graphic code or order barcode.
  • the method further includes: after the first authentication is passed, the rights control device sends the identity information of the target user to the client.
  • the permission control device sends the identity information of the target user to the client, so that the client prompts the client that the target user has passed the authorization.
  • the access control sends the identity information of the courier to the client, so that The client can prompt the courier to be certified for access control and will be delivered soon.
  • the embodiment provides a data interaction system, which can be used to execute the data interaction method in Embodiment 1, as shown in FIG. 2, the system includes: a first server 11, a second server 12, and an authority control device 13;
  • the first server 11 is configured to receive first information sent by the client, where the first information includes location information, assign a target user to the location information, determine identity information of the target user, and send the second information to the second server.
  • the server sends the second information, where the second information includes at least the identity information of the target user;
  • the second server 12 is configured to receive the second information, and send the second information to the rights control device;
  • the right control device 13 is configured to receive the second information, and store the second information; detecting that the first to-be-certified information carrier enters the detection range, and reading the first to-be-processed information from the first to-be-certified information carrier Authentication information, the first to-be-certified information includes a body to be authenticated And performing the first authentication on the identity information to be authenticated by using the stored identity information of the target user; and performing an authorization operation after the first authentication is passed.
  • the rights control apparatus is further configured to delete the stored second information or set the second information after the first authentication is passed or after the authorization operation is performed.
  • the status is a failed state.
  • the aging control may be set for the authorization operation, and the privilege control device is specifically configured to determine the timing of the arrival of the timing after the first authentication is passed. Whether the specified time is exceeded, and if the specified time is not exceeded, the authorization operation is performed, wherein the timing starts when the authority control device receives the second information, or the timing receives the second server at the authority control device Start when the command is sent.
  • the second information further includes: the location information; the location information may be used to perform second authentication on the target user, further ensuring security of the authorization operation.
  • the second server is specifically configured to send, by the second server, the first control device to the rights control device when the location of the rights control device is consistent with the location information. Two information.
  • the authority control device is configured to: when the location information in the second information is consistent with the location information of the rights control device, storing the Two information.
  • the rights control apparatus is further configured to: before detecting the authorization operation, detecting that the second to-be-certified information carrier enters the detection range, and reading the second to-be-certified information, where
  • the second to-be-certified information includes: location information to be authenticated;
  • the rights control device is further configured to perform second authentication on the to-be-authenticated location information by using the stored location information; the rights control device performs an authorization operation, Specifically, after the first authentication and the second authentication are both passed, the authorization operation is performed.
  • the rights control device is further configured to: before detecting the authorization operation, detecting that the second to-be-certified information carrier enters the detection range, and reading from the second to-be-certified information carrier The second to-be-certified information, wherein the second to-be-certified information includes: location information to be authenticated; and second authentication of the to-be-authenticated location information by using the location information of the rights control device; Specifically, after the first authentication and the second authentication are both passed, the authorization operation is performed.
  • the rights control apparatus is further configured to: after the first authentication is passed, send the identity information of the target user to the client.
  • the second server is configured to receive the second information, and send the second information to the rights control device: receiving the second information, storing the And receiving the identity information acquisition request, and transmitting the second information to the rights control device.
  • the permission control device does not store the second information, but the second server stores the second information, and after the permission control device requests the second information from the second server, The first authentication is performed using the identity information of the received target user.
  • the method includes:
  • the first server receives first information sent by a client, where the first information includes location information.
  • the first server allocates a target user to the location information, and determines identity information of the target user.
  • the first server sends second information to the second server, where the second information includes at least identity information of the target user.
  • the second server receives the second information, and stores the second information.
  • the second information includes at least the identity information of the target user, and the second server stores the identity information of the target user, so that the second information is provided to the authority control device when the subsequent rights control device requests to obtain the identity information.
  • the permission control device detects that the first to-be-certified information carrier enters the detection range, and reads the first to-be-certified information from the first to-be-authenticated information carrier, where the first to-be-authenticated information includes identity information to be authenticated.
  • the permission control device sends an identity information acquisition request to the second server; the second server receives the identity information acquisition request, and sends the second information to the rights control device;
  • the second server may be used to manage the rights control device.
  • the rights control device may be the access control
  • the second server is the server that can implement data interaction and management for the access control.
  • step 205 and step 206 may be performed at the same time, and step 206 may be performed first and then step 206 is performed, which is not limited herein.
  • the rights control device receives the second information, and performs first authentication on the to-be-authenticated identity information by using the received identity information of the target user.
  • the authority control device performs an authorization operation after the first authentication is passed.
  • the rights control device performs the first authentication on the to-be-authenticated identity information by using the received identity information of the target user, which may be implemented by: determining the identity information and the received target information of the target user. Whether the authentication identity information is consistent. If the identity is consistent, the first authentication is passed. If not, the first authentication fails.
  • the method further includes: after the first authentication is passed or after performing the authorization operation, the rights control device sends a security processing instruction to the second server;
  • the second server receives the security processing instruction, deletes the stored second information, or sets the state of the second information to a failure state.
  • the embodiment notifies the second server to delete the stored second information after the authorization control device performs the current authentication or the current authorization operation by using the second information, so that the second information cannot be used subsequently.
  • the information is used for the next authentication or authorization, or the second server is notified to set the state of the second information to a failure state, that is, the second information is invalid after being used for one authentication and authorization operation, and the second information cannot be used again.
  • the second information is used for the next authentication or authorization, and the second information is illegally used for authentication and authorization again in the subsequent process.
  • the second information further includes: location information
  • the sending, by the second server, the second information to the rights control device includes: when the location of the rights control device is consistent with the location information, the second server Sending the second information to the authority control device.
  • the location in the second information may be requested by using the second server.
  • the information is used to perform the second authentication on the target user.
  • the method further includes: the permission control device detects that the second to-be-certified information carrier enters the detection range, and reads the second to-be-certified information, where the The second to-be-certified information includes: location information to be authenticated; the rights control device performs second authentication on the to-be-authenticated location information by using the received location information; the rights control device performs an authorization operation, specifically: the first After the authentication and the second authentication are passed, the authorization operation is performed.
  • the location information of the permission control device may be used to perform the first
  • the authority control device does not need to request the second server to obtain the location information in the second information, and directly uses the location information of the rights control device to perform the authentication.
  • the rights control device performs the authorization operation.
  • the method further includes: the authority control device detects that the second to-be-certified information carrier enters the detection range, and reads the second to-be-certified information from the second to-be-certified information carrier, wherein the second to-be-certified
  • the information includes: location information to be authenticated; the rights control device performs second authentication on the location information to be authenticated by using location information of the rights control device; and the authorization control device performs an authorization operation, including: the first After the authentication and the second authentication are passed, the authorization operation is performed.
  • the method further includes: after the first authentication is passed, the rights control device sends the identity information of the target user to the client.
  • the embodiment provides a data interaction system, which can perform the data interaction method in the above embodiment 4.
  • the system includes: a first server 21, a second server 22, and an authority control device 23;
  • the first server 21 is configured to receive first information sent by the client, where the first information includes location information, assign a target user to the location information, determine identity information of the target user, and send the second information to the second server.
  • the server sends the second information, where the second information includes at least the identity information of the target user;
  • the second server 22 is configured to receive the second information, and store the second information.
  • the right control device 23 is configured to detect that the first to-be-certified information carrier enters the detection range, and reads the first to-be-certified information from the first to-be-certified information carrier, where the first to-be-authenticated information includes identity information to be authenticated; Sending 22 an identity information acquisition request to the second server;
  • the second server 22 is further configured to receive the identity information acquisition request, and send the second information to the rights control device 23;
  • the rights control device 23 is further configured to receive the second information, perform first authentication on the to-be-authenticated identity information by using the received identity information of the target user, and after the first authentication is passed, Perform an authorization operation.
  • the rights control apparatus is further configured to send a security processing instruction to the second server after the first authentication is passed or after performing the authorization operation;
  • the server is further configured to receive the security processing instruction, delete the stored second information, or set the state of the second information to a failure state.
  • the second information further includes: location information; using the location information, performing second authentication on the target user, further ensuring security of the authorization operation.
  • the second server is specifically configured to send, by the second server, the first control device to the rights control device when the location of the rights control device is consistent with the location information. Two information.
  • the privilege control device is further configured to: before detecting the authorization operation, detecting that the second to-be-certified information carrier enters the detection range, and reading the second to-be-certified information, where The second to-be-certified information includes: location information to be authenticated; and second authentication of the to-be-authenticated location information by using the received location information; After the first authentication and the second authentication are both passed, the authorization operation is performed.
  • the rights control device is further configured to: before detecting the authorization operation, detecting that the second to-be-certified information carrier enters the detection range, and reading from the second to-be-certified information carrier The second to-be-certified information, wherein the second to-be-certified information includes: location information to be authenticated; and second authentication of the to-be-authenticated location information by using the location information of the rights control device; Specifically, after the first authentication and the second authentication are both passed, the authorization operation is performed.
  • the rights control apparatus is further configured to: after the first authentication is passed, send the identity information of the target user to the client.

Landscapes

  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Telephonic Communication Services (AREA)

Abstract

La présente invention concerne un procédé et un système d'échange de données. Le procédé comprend les étapes suivantes : un premier serveur reçoit des premières informations transmises par un client ; le premier serveur attribue un utilisateur cible aux informations d'emplacement et détermine des informations d'identité de l'utilisateur cible ; le premier serveur transmet des secondes informations au second serveur ; le second serveur reçoit les secondes informations et transmet les secondes informations à un dispositif de commande d'autorisation ; le dispositif de commande d'autorisation reçoit les secondes informations et stocke les secondes informations ; le dispositif de commande d'autorisation détecte qu'une porteuse des premières informations à authentifier est entrée dans une plage de détection et lit les premières informations à authentifier dans la porteuse des premières informations à authentifier, les premières informations à authentifier comprenant des informations d'identité à authentifier ; le dispositif de commande d'autorisation utilise les informations d'identité stockées de l'utilisateur cible pour effectuer une première authentification par rapport aux informations d'identité à authentifier ; et le dispositif de commande d'autorisation exécute une opération d'authentification lorsque la première authentification est réussie.
PCT/CN2017/107602 2016-11-25 2017-10-25 Procédé et système d'échange de données WO2018095182A1 (fr)

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
CN201611059494.6 2016-11-25
CN201611059494.6A CN107231404B (zh) 2016-11-25 2016-11-25 一种数据交互方法及系统
CN201611060585.1A CN107230265B (zh) 2016-11-25 2016-11-25 一种数据交互方法及系统
CN201611060585.1 2016-11-25

Publications (1)

Publication Number Publication Date
WO2018095182A1 true WO2018095182A1 (fr) 2018-05-31

Family

ID=62195391

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2017/107602 WO2018095182A1 (fr) 2016-11-25 2017-10-25 Procédé et système d'échange de données

Country Status (1)

Country Link
WO (1) WO2018095182A1 (fr)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111881163A (zh) * 2020-07-07 2020-11-03 上海中通吉网络技术有限公司 基于门禁系统的快递取件提醒方法及系统、门禁系统
US12020525B2 (en) 2019-07-31 2024-06-25 Dominus Systems, Limited Property management systems

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20130117815A1 (en) * 2010-06-04 2013-05-09 Ubiqu B.V. Method of Authorizing a Person, an Authorizing Architecture and a Computer Program Product
CN105427414A (zh) * 2015-11-03 2016-03-23 徐承柬 一种访客管理方法和系统
CN105741395A (zh) * 2016-02-03 2016-07-06 慧锐通智能科技股份有限公司 基于二维码和人脸识别的门禁访问方法和系统
CN107231404A (zh) * 2016-11-25 2017-10-03 天地融科技股份有限公司 一种数据交互方法及系统
CN107230265A (zh) * 2016-11-25 2017-10-03 天地融科技股份有限公司 一种数据交互方法及系统

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20130117815A1 (en) * 2010-06-04 2013-05-09 Ubiqu B.V. Method of Authorizing a Person, an Authorizing Architecture and a Computer Program Product
CN105427414A (zh) * 2015-11-03 2016-03-23 徐承柬 一种访客管理方法和系统
CN105741395A (zh) * 2016-02-03 2016-07-06 慧锐通智能科技股份有限公司 基于二维码和人脸识别的门禁访问方法和系统
CN107231404A (zh) * 2016-11-25 2017-10-03 天地融科技股份有限公司 一种数据交互方法及系统
CN107230265A (zh) * 2016-11-25 2017-10-03 天地融科技股份有限公司 一种数据交互方法及系统

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US12020525B2 (en) 2019-07-31 2024-06-25 Dominus Systems, Limited Property management systems
CN111881163A (zh) * 2020-07-07 2020-11-03 上海中通吉网络技术有限公司 基于门禁系统的快递取件提醒方法及系统、门禁系统

Similar Documents

Publication Publication Date Title
EP3200161B1 (fr) Application à distance de commande d'accès
US9589398B2 (en) Distribution of premises access information
US20180146374A1 (en) System, methods and software for user authentication
EP2888855B1 (fr) Systèmes et procédés de gestion d'accès à un dispositif de verrouillage à l'aide de signaux sans fil
EP3492414B1 (fr) Système d'autorisation de requête d'ascenseur pour un tiers
US11206544B2 (en) Checkpoint identity verification on validation using mobile identification credential
CN109076070A (zh) 用于辅助无摩擦双因素认证的方法和装置
JP6081859B2 (ja) 入退域管理システム及び入退域管理方法
EP3653454A1 (fr) Authentification à facteurs multiples pour véhicules
US11871226B2 (en) Method and system for providing location-aware multi-factor mobile authentication
KR101855494B1 (ko) 모바일 장치를 이용한 도어 시스템 및 방법
CN107230265B (zh) 一种数据交互方法及系统
WO2018095182A1 (fr) Procédé et système d'échange de données
US20190084794A1 (en) Elevator request authorization system
WO2018095184A1 (fr) Procédé et système d'interactions de données
CN107231404B (zh) 一种数据交互方法及系统
JP5937276B1 (ja) 来訪者認証システム、及び来訪者認証方法
KR102344137B1 (ko) 시설물 사용자 인증 시스템 및 그 제어방법
WO2023243046A1 (fr) Dispositif serveur, système, procédé de commande de dispositif serveur et support de stockage
WO2022168426A1 (fr) Système de location d'installation et procédé de location d'installation
JP2024122319A (ja) ユーザ認証システム、認証端末、管理サーバ、事業者装置、及びユーザ端末ならびにユーザ認証システムによるユーザ認証方法

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 17874569

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 17874569

Country of ref document: EP

Kind code of ref document: A1