WO2018095184A1 - Data interaction method and system - Google Patents

Data interaction method and system Download PDF

Info

Publication number
WO2018095184A1
WO2018095184A1 PCT/CN2017/107611 CN2017107611W WO2018095184A1 WO 2018095184 A1 WO2018095184 A1 WO 2018095184A1 CN 2017107611 W CN2017107611 W CN 2017107611W WO 2018095184 A1 WO2018095184 A1 WO 2018095184A1
Authority
WO
WIPO (PCT)
Prior art keywords
information
authentication
control device
server
authenticated
Prior art date
Application number
PCT/CN2017/107611
Other languages
French (fr)
Chinese (zh)
Inventor
李东声
Original Assignee
天地融科技股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 天地融科技股份有限公司 filed Critical 天地融科技股份有限公司
Publication of WO2018095184A1 publication Critical patent/WO2018095184A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0861Network architectures or network communication protocols for network security for authentication of entities using biometrical features, e.g. fingerprint, retina-scan
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0807Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0892Network architectures or network communication protocols for network security for authentication of entities by using authentication-authorization-accounting [AAA] servers or protocols

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • General Health & Medical Sciences (AREA)
  • Biomedical Technology (AREA)
  • Health & Medical Sciences (AREA)
  • Business, Economics & Management (AREA)
  • Accounting & Taxation (AREA)
  • Telephonic Communication Services (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

The present invention provides a data interaction method and a system. The method comprises: a first server receives first information sent by a client terminal; the first server allocates target user for location information, determines identity information of the target user, and sends the second information to a second server; the second server receives the second information and stores the second information; an authority control device detects that a first to-be-verified information carrier enters a detection range and reads the first to-be-verified information from the first to-be-verified information carrier; the authority control device acquires the to be verified location information and sends an authentication request to the second server; the second server receives the authentication request, uses the stored identity information of target users to perform a first authentication on the to-be-verified identity information, uses the stored location information to perform a second authentication on the to-be-verified location information, and sends an authentication pass response to the authority control device after the first authentications and the second authentication are both passed; the authority control device receives the authentication pass response and performs an authorization operation.

Description

一种数据交互方法及系统Data interaction method and system
相关申请的交叉引用Cross-reference to related applications
本申请要求李明于2016年11月25日提交中国专利局、申请号为201611059517.3、发明名称为“一种数据交互方法及系统”的中国专利申请的优先权。This application claims the priority of the Chinese patent application filed by the Chinese Patent Office, the application No. 201611059517.3, entitled "A Data Interaction Method and System" on November 25, 2016.
技术领域Technical field
本发明涉及一种电子技术领域,尤其涉及一种数据通信设备及系统。The present invention relates to the field of electronic technologies, and in particular, to a data communication device and system.
背景技术Background technique
目前,为提高小区的安全性,一些小区大门的入口以及小区内各栋楼的入口通常会设有门禁。住在小区内的业主使用小区签发的门禁卡可以正常出入小区和所在楼,而没有门禁卡的人员则无法进入小区。At present, in order to improve the security of the community, the entrance of some community gates and the entrances of various buildings in the community usually have access control. The owner who lives in the community can use the access card issued by the community to enter and exit the cell and the building, and the person without the access card cannot enter the cell.
随着互联网的快速发展,越来越多的用户选择通过网络购物、网上预订外卖、或网上申请电器维修等,当服务人员例如快递员或者维修工,需要提供服务的位置位于带有门禁的小区内时,服务人员通常无法进入小区。如何使得无进门权限的服务人员在为用户提供服务时可以进入小区同时不影响小区本身管理的安全性是急需解决的问题。With the rapid development of the Internet, more and more users choose to shop online, order online, or apply for electrical repairs online. When service personnel, such as couriers or maintenance workers, need to provide services, the location is located in the community with access control. Service personnel are usually unable to enter the community. How to enable the service personnel without access rights to enter the cell while providing services to the user without affecting the security of the management of the cell itself is an urgent problem to be solved.
发明内容Summary of the invention
本发明旨在解决上述问题。The present invention is directed to solving the above problems.
本发明的主要目的在于提供一种数据交互方法;The main object of the present invention is to provide a data interaction method;
本发明的另一目的在于提供一种数据交互系统。Another object of the present invention is to provide a data interaction system.
为达到上述目的,本发明的技术方案具体是这样实现的:In order to achieve the above object, the technical solution of the present invention is specifically implemented as follows:
方案1、本发明一方面提供了一种数据交互方法,包括:第一服务器接收客户端发送的第一信息,所述第一信息包括位置信息;所述第一服务器为所述位置信息分配目标用户,确定所述目标用户的身份信息,向第二服务器发送第二信息,所述第二信息包括:所述位置信息和所述目标用户的身份信息;所述第二服务器接收所述第二信息,存储所述第二信息;权限控制装置检测到第一待认证信息载体进入检测范围,从第一待认证信息载体读取第一待认证信息,所述第一待认证信息包括:待认证身份信息;所述权限控制装置获取待认证位置信息,向所述第二服务器发送认证请求,所述认证请求包括:所述待认证位置信息和所述待认证身份信息;所述第二服务器接收所述认证请求,使用存储的所述目标用户的身份信息对所述待认证身份信息进行第一认证,并使用存储的所述位置信息对所述待认证位置信息进行第二认证,所述第一认证和第二认证均通过后,向所述权限控制装置发送认证通过响应;所述权限控制装置接收所述认证通过响应,执行授权操作。The first aspect of the present invention provides a data interaction method, including: a first server receives first information sent by a client, the first information includes location information; and the first server allocates a target to the location information. The user determines the identity information of the target user, and sends the second information to the second server, where the second information includes: the location information and identity information of the target user; and the second server receives the second information The information, the second information is stored; the right control device detects that the first to-be-certified information carrier enters the detection range, and reads the first to-be-certified information from the first to-be-certified information carrier, where the first to-be-certified information includes: to be authenticated The identity control device obtains the location information to be authenticated, and sends an authentication request to the second server, where the authentication request includes: the to-be-authenticated location information and the identity to be authenticated; the second server receives Determining, by using the stored identity information of the target user, the first authentication of the identity information to be authenticated, and Performing second authentication on the to-be-authenticated location information by using the stored location information, after the first authentication and the second authentication are both passed, sending an authentication pass response to the rights control device; the rights control device receiving the location The authentication performs a authorization operation by responding.
方案2、根据方案1所述的方法,所述方法还包括:所述权限控制装置在执行授权操作后,向所述第二服务器发送安全处理指令;所述第二服务器接收所述安全处理指令,删除存储的所述第二信息或者设置所述第二信息的状态为失效状态;或者,所述第二服务器在所述第一认证和所述第二认证通过后,删除存储的所述第二信息或者设置所述第二信息的状态为失效状态。The method of claim 1, the method further comprising: after performing the authorization operation, the authority control device sends a security processing instruction to the second server; the second server receives the security processing instruction Deleting the stored second information or setting the state of the second information to a failed state; or, the second server deleting the stored first after the first authentication and the second authentication are passed The second information or the state in which the second information is set is a failure state.
方案3、根据方案1所述的方法,所述权限控制装置获取待认证位置信息,包括:所述权限控制装置获取所述权限控制装置自身的位置信息,所述权限控制装置自身的位置信息即为所述待认证位置信息。The method of claim 1, wherein the rights control device acquires the location information to be authenticated, the method includes: the rights control device acquires location information of the rights control device itself, and the location information of the rights control device itself The location information to be authenticated.
方案4、根据方案1所述的方法,所述权限控制装置获取待认证位置信息,包括:所述权限控制装置检测到第二待认证信息载体进入检测范围,从所述第二待认证信息载体读取第二待认证信息,其中,所述第二待认证信息包括:待认证位置信息。The method according to the first aspect, wherein the rights control device acquires the location information to be authenticated, the method includes: the rights control device detects that the second to-be-certified information carrier enters the detection range, and the second to-be-certified information carrier Reading the second to-be-certified information, where the second to-be-certified information includes: location information to be authenticated.
方案5、根据方案1-4任一项所述的方法,所述权限控制装置接收所述认证通过响应,执行授权操作,包括:所述权限控制装置接收所述认证通过响应后,判断计时到达的时刻是否超出规定时间,如果没有超出规定时间,则执行授权操作,其中,所述计时在所述权限控制装置向所述第二服务器发送认证 请求后开始。The method of any one of the preceding claims, wherein the authorization control device receives the authentication response and performs an authorization operation, the method includes: after the authorization control device receives the authentication response, determining that the timing arrives Whether the time exceeds the prescribed time, if the specified time is not exceeded, the authorization operation is performed, wherein the timing is sent by the authority control device to the second server for authentication Start after the request.
方案6、根据方案1-4任一项所述的方法,所述第一待认证信息载体为身份证、携带有身份信息的图形码、携带有身份信息的条形码或者生物特征。The method of any one of the preceding claims, wherein the first to-be-certified information carrier is an identity card, a graphic code carrying identity information, a barcode carrying identity information, or a biometric.
方案7、根据方案1-4任一项所述的方法,所述方法还包括:所述权限控制装置在收到认证通过响应后,向所述客户端发送所述待认证身份信息。The method of any one of the preceding claims, wherein the method further comprises: after receiving the authentication pass response, the authority control device sends the identity information to be authenticated to the client.
方案8、本发明另一方面提供一种数据交互系统,包括:第一服务器,用于接收客户端发送的第一信息,所述第一信息包括位置信息;为所述位置信息分配目标用户,确定所述目标用户的身份信息,向第二服务器发送第二信息,所述第二信息包括:所述位置信息和所述目标用户的身份信息;所述第二服务器,用于接收所述第二信息,存储所述第二信息;权限控制装置,用于检测到第一待认证信息载体进入检测范围,从第一待认证信息载体读取第一待认证信息,所述第一待认证信息包括:待认证身份信息;获取待认证位置信息,向所述第二服务器发送认证请求,所述认证请求包括:所述待认证位置信息和所述待认证身份信息;所述第二服务器,还用于接收所述认证请求,使用存储的所述目标用户的身份信息对所述待认证身份信息进行第一认证,并使用存储的所述位置信息对所述待认证位置信息进行第二认证,所述第一认证和第二认证均通过后,向所述权限控制装置发送认证通过响应;所述权限控制装置,还用于接收所述认证通过响应,执行授权操作。The eighth aspect of the present invention provides a data interaction system, including: a first server, configured to receive first information sent by a client, where the first information includes location information; and assign a target user to the location information, Determining the identity information of the target user, and sending the second information to the second server, where the second information includes: the location information and identity information of the target user; and the second server is configured to receive the The second information is used to store the second information; the right control device is configured to detect that the first to-be-certified information carrier enters the detection range, and reads the first to-be-certified information from the first to-be-certified information carrier, the first to-be-authenticated information The method includes: information to be authenticated; obtaining location information to be authenticated, and sending an authentication request to the second server, where the authentication request includes: the to-be-authenticated location information and the identity to be authenticated; the second server And receiving, by using the stored identity information of the target user, performing first authentication on the identity information to be authenticated, and using The stored location information performs second authentication on the to-be-authenticated location information, and after the first authentication and the second authentication are both passed, the authentication pass response is sent to the rights control device; the rights control device is further used The authorization operation is performed by receiving the authentication and responding.
方案9、根据方案8所述的系统,所述权限控制装置,还用于在执行授权操作后,向所述第二服务器发送安全处理指令;所述第二服务器,还用于接收所述安全处理指令,删除存储的所述第二信息或者设置所述第二信息的状态为失效状态;或者,所述第二服务器,还用于在所述第一认证和所述第二认证通过后,删除存储的所述第二信息或者设置所述第二信息的状态为失效状态。The system of claim 8, the authority control device is further configured to: after performing the authorization operation, send a security processing instruction to the second server; the second server is further configured to receive the security Processing the instruction, deleting the stored second information or setting the state of the second information to a failure state; or the second server is further configured to: after the first authentication and the second authentication are passed, Deleting the stored second information or setting the state of the second information to a failure state.
方案10、根据方案8所述的系统,所述权限控制装置,具体用于获取所述权限控制装置自身的位置信息,所述权限控制装置自身的位置信息即为所述待认证位置信息。The system of claim 8, wherein the authority control device is configured to acquire location information of the rights control device itself, and the location information of the rights control device itself is the to-be-authenticated location information.
方案11、根据方案8所述的系统,所述权限控制装置,具体用于检测到第二待认证信息载体进入检测范围,从所述第二待认证信息载体读取第二待认证信息,其中,所述第二待认证信息包括:待认证位置信息。The system of claim 8, wherein the authority control device is configured to detect that the second to-be-certified information carrier enters the detection range, and reads the second to-be-certified information from the second to-be-certified information carrier, where The second to-be-certified information includes: location information to be authenticated.
方案12、根据方案8-11任一项所述的系统,所述权限控制装置,具体用于接收所述认证通过响应后,判断计时到达的时刻是否超出规定时间,如果没有超出规定时间,则执行授权操作,其中,所述计时在所述权限控制装置向所述第二服务器发送认证请求后开始。The system of any one of the preceding claims, wherein the authority control device is configured to: after receiving the response, determine whether the time when the timing arrives exceeds a predetermined time, and if the specified time is not exceeded, An authorization operation is performed, wherein the timing begins after the rights control device sends an authentication request to the second server.
方案13、根据方案8-11任一项所述的系统,所述第一待认证信息载体为身份证、携带有身份信息的图形码、携带有身份信息的条形码或者生物特征。The system of any one of the preceding claims, wherein the first to-be-certified information carrier is an identity card, a graphic code carrying identity information, a barcode carrying identity information, or a biometric.
方案14、根据方案8-11任一项所述的系统,所述权限控制装置,还用于在收到认证通过响应后,向所述客户端发送所述待认证身份信息。The system of any one of the preceding claims, wherein the authorization control device is further configured to send the identity information to be authenticated to the client after receiving the authentication response.
由上述本发明提供的技术方案可以看出,第一服务器收到客户端发送的位置信息后,分配目标用户并将该目标用户的身份信息发送给第二服务器,该目标用户是为位于所述位置信息的客户提供服务的人员(例如送货员或送餐员等),当目标用户到达权限控制装置所在位置后,将所持有的第一待认证信息载体放置在权限控制装置的检测区域,权限控制装置检测并读取待认证身份信息,以及获取待认证位置信息,并请求第二服务器对目标用户进行认证,如果认证通过,则进行授权操作。由此可以看出,在设有门禁(该门禁即为权限控制装置)的小区中,即使目标用户(例如送货员或送餐员等)没有该小区的门禁卡,也可以采用本发明中的方案通过第一服务器将目标用户的身份信息发送给第二服务器,并由门禁请求第二服务器对目标用户进行认证,如果认证通过,则目标用户获得授权,从而进入该小区,一方面,享受目标用户所提供服务的客户不需要出门为所述目标用户开启门禁,为客户提供了便捷,另一方面,目标用户在进入小区时是通过第二服务器的认证后才获得授权进入的,保障了安全性。According to the technical solution provided by the present invention, after receiving the location information sent by the client, the first server allocates the target user and sends the identity information of the target user to the second server, where the target user is located in the The person who provides the service of the location information (for example, the delivery person or the food delivery staff, etc.), after the target user arrives at the location of the authority control device, places the first information carrier to be authenticated held in the detection area of the authority control device. The authority control device detects and reads the identity information to be authenticated, and obtains the location information to be authenticated, and requests the second server to authenticate the target user. If the authentication passes, the authorization operation is performed. It can be seen that in the cell with the access control (the access control is the authority control device), even if the target user (such as a delivery person or a food delivery person, etc.) does not have the access card of the cell, the present invention can be used. The solution sends the identity information of the target user to the second server through the first server, and the second server authenticates the target user by the access control. If the authentication is passed, the target user obtains authorization, thereby entering the cell, and enjoying The customer of the service provided by the target user does not need to go out to open the access control for the target user, which provides convenience for the customer. On the other hand, the target user is authorized to enter the second server after entering the cell, and the security is guaranteed. safety.
附图说明DRAWINGS
为了更清楚地说明本发明实施例的技术方案,下面将对实施例描述中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图仅仅是本发明的一些实施例,对于本领域的普通技术人员来讲,在不付出创造性劳动的前提下,还可以根据这些附图获得其他附图。In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings used in the description of the embodiments will be briefly described below. It is obvious that the drawings in the following description are only some embodiments of the present invention, Those of ordinary skill in the art will be able to obtain other figures from these drawings without the inventive effort.
图1为本发明实施例1提供的数据交互方法的流程图;1 is a flowchart of a data interaction method according to Embodiment 1 of the present invention;
图2为本发明实施例2提供的数据交互系统的结构示意图。FIG. 2 is a schematic structural diagram of a data interaction system according to Embodiment 2 of the present invention.
具体实施方式 detailed description
下面结合本发明实施例中的附图,对本发明实施例中的技术方案进行清楚、完整地描述,显然,所描述的实施例仅仅是本发明一部分实施例,而不是全部的实施例。基于本发明的实施例,本领域普通技术人员在没有做出创造性劳动前提下所获得的所有其他实施例,都属于本发明的保护范围。The technical solutions in the embodiments of the present invention are clearly and completely described in the following with reference to the drawings in the embodiments of the present invention. It is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments obtained by a person of ordinary skill in the art based on the embodiments of the present invention without creative efforts are within the scope of the present invention.
在本发明的描述中,需要理解的是,术语“中心”、“纵向”、“横向”、“上”、“下”、“前”、“后”、“左”、“右”、“竖直”、“水平”、“顶”、“底”、“内”、“外”等指示的方位或位置关系为基于附图所示的方位或位置关系,仅是为了便于描述本发明和简化描述,而不是指示或暗示所指的装置或元件必须具有特定的方位、以特定的方位构造和操作,因此不能理解为对本发明的限制。此外,术语“第一”、“第二”仅用于描述目的,而不能理解为指示或暗示相对重要性或数量或位置。In the description of the present invention, it is to be understood that the terms "center", "longitudinal", "lateral", "upper", "lower", "front", "back", "left", "right", " The orientation or positional relationship of the indications of "upright", "horizontal", "top", "bottom", "inside", "outside", etc. is based on the orientation or positional relationship shown in the drawings, only for the convenience of describing the present invention and The simplification of the description is not intended to limit or imply that the device or component that is referred to has a particular orientation, is constructed and operated in a particular orientation, and thus is not to be construed as limiting. Moreover, the terms "first" and "second" are used for descriptive purposes only and are not to be construed as indicating or implying a relative importance or quantity or location.
在本发明的描述中,需要说明的是,除非另有明确的规定和限定,术语“安装”、“相连”、“连接”应做广义理解,例如,可以是固定连接,也可以是可拆卸连接,或一体地连接;可以是机械连接,也可以是电连接;可以是直接相连,也可以通过中间媒介间接相连,可以是两个元件内部的连通。对于本领域的普通技术人员而言,可以具体情况理解上述术语在本发明中的具体含义。In the description of the present invention, it should be noted that the terms "installation", "connected", and "connected" are to be understood broadly, and may be fixed or detachable, for example, unless otherwise explicitly defined and defined. Connected, or integrally connected; can be mechanical or electrical; can be directly connected, or indirectly connected through an intermediate medium, can be the internal communication of the two components. The specific meaning of the above terms in the present invention can be understood in a specific case by those skilled in the art.
下面将结合附图对本发明实施例作进一步地详细描述。The embodiments of the present invention will be further described in detail below with reference to the accompanying drawings.
为便于理解本发明,下面对本实施例中可能的应用场景进行简要介绍:To facilitate the understanding of the present invention, a brief description of possible application scenarios in this embodiment is provided below:
本实施例可适用的场景中包括但不限于:客户端、第一服务器、第二服务器、权限控制装置;客户通过客户端在网上下单购买某种服务(例如,网上购物、网上订餐等),客户端将位置信息(例如送货地址)发送至第一服务器,第一服务器为该位置信息分配目标用户(例如快递员),并将该目标用户的身份信息和位置信息发送至第二服务器,目标用户持有第一待认证信息载体,当目标用户到达权限控制装置所在位置时,权限控制装置向第二服务器发送对目标用户进行身份认证的认证请求,第二服务器利用目标用户的身份信息和位置信息对目标用户进行认证,并将认证通过响应返回给权限控制装置,该权限控制装置对目标用户进行授权(例如开启门锁使得目标用户可以进入)。The applicable scenarios in this embodiment include, but are not limited to, a client, a first server, a second server, and an authority control device; the client purchases a certain service through the client through the online order (for example, online shopping, online ordering, etc.) The client sends location information (such as a shipping address) to the first server, the first server allocates a target user (such as a courier) for the location information, and sends the identity information and location information of the target user to the second server. The target user holds the first information carrier to be authenticated. When the target user arrives at the location of the authority control device, the rights control device sends an authentication request for identity authentication to the target user, and the second server uses the identity information of the target user. And the location information authenticates the target user, and the authentication is returned to the authority control device by the response, and the authority control device authorizes the target user (for example, opening the door lock so that the target user can enter).
实施例1Example 1
本实施例提供一种数据交互方法,如图1所示,该方法包括如下步骤:This embodiment provides a data interaction method. As shown in FIG. 1, the method includes the following steps:
101、第一服务器接收客户端发送的第一信息,所述第一信息包括位置信息;101. The first server receives first information sent by a client, where the first information includes location information.
本实施例中的第一服务器可以与客户端进行通信。第一服务器可以是提供网上超市、网上订餐等网上服务的服务器,客户端可以是实现网上下单进行购物或订餐等服务的应用程序,该客户端可以安装在用户持有的设备(例如PC机、手机、掌上电脑等)上。The first server in this embodiment can communicate with the client. The first server may be a server that provides an online service such as an online supermarket or an online ordering service, and the client may be an application for realizing online shopping or ordering services, and the client may be installed on a device held by the user (for example, a PC). , mobile phones, PDAs, etc.).
本实施例中,第一信息可以为订单信息,位置信息可以为订单地址;例如网上购物时,该位置信息具体为送货地址,网上订餐时,该位置信息具体为送餐地址等等。不同的应用场景,该位置信息可以表示不同含义的地址信息,在此不作限制。In this embodiment, the first information may be order information, and the location information may be an order address; for example, when the online shopping is performed, the location information is specifically a delivery address, and when the online order is ordered, the location information is specifically a delivery address and the like. For different application scenarios, the location information may represent address information of different meanings, and is not limited herein.
此外,该第一信息还可以包括订单号、订单明细、订单金额、订单日期、下单的用户名称等等信息,在此不作限制。In addition, the first information may further include information such as an order number, an order detail, an order amount, an order date, a user name of the order, and the like, and is not limited herein.
102、所述第一服务器为所述位置信息分配目标用户,确定所述目标用户的身份信息,向第二服务器发送第二信息,所述第二信息包括:所述位置信息和所述目标用户的身份信息;102. The first server allocates a target user to the location information, determines identity information of the target user, and sends second information to the second server, where the second information includes: the location information and the target user. Identity information;
本实施例中,目标用户是为位于所述位置信息的客户提供相应服务的人员,例如网上购物时,该目标用户具体为送货员,网上订餐时,该位置信息具体为送餐员等等。不同的应用场景,该目标用户可以表示提供不同服务的人员,在此不作限制。In this embodiment, the target user is a person who provides a corresponding service to the client located in the location information. For example, when the online shopping is performed, the target user is specifically a delivery person. When the online order is ordered, the location information is specifically a food delivery person, etc. . For different application scenarios, the target user can indicate the person providing different services, and there is no limitation here.
本实施例中的目标用户的身份信息,可以为身份证信息或者可以为指纹信息、掌纹信息或虹膜信息等任一种生物特征信息。其中,该身份证信息至少包括身份证号码,该身份证信息可以从身份证中读取,也可以是从携带有身份证信息的订单图形码或者订单条性码中读取。The identity information of the target user in this embodiment may be ID information or may be any biometric information such as fingerprint information, palm print information or iris information. The ID card information includes at least an ID card number, and the ID card information can be read from the ID card, or can be read from an order graphic code or an order barcode code carrying the ID card information.
本实施例中第二服务器可以用于对权限控制装置进行管理,例如在设有门禁的小区中,权限控制装置可以为门禁,第二服务器为可以对门禁实现数据交互以及管理的服务器。In this embodiment, the second server may be used to manage the rights control device. For example, in the cell with the access control, the rights control device may be the access control, and the second server is the server that can implement data interaction and management for the access control.
本实施例中,第一服务器和第二服务器是相互独立的服务器,各自所起的作用也不相同。第一服务器用于提供网上购物、网上订餐等网络服务的服务器,第二服务器用于对权限控制装置进行数据交互以及管理的服务器,第一服务器与第二服务器之间可以通过无线网络或者有线网络进行通信。In this embodiment, the first server and the second server are mutually independent servers, and each of them functions differently. The first server is used for providing a server for online shopping, online ordering, and the like, the second server is used for data interaction and management of the authority control device, and the first server and the second server can communicate with each other through a wireless network or a wired network. Communicate.
103、所述第二服务器接收所述第二信息,存储所述第二信息;103. The second server receives the second information, and stores the second information.
本实施例中,第二服务器存储收到的位置信息和目标用户的身份信息,以便于后续权限控制装置请求对目标用户进行认证时,利用该位置信息和目标用户的身份信息对目标用户进行身份认证。In this embodiment, the second server stores the received location information and the identity information of the target user, so that when the subsequent rights control device requests to authenticate the target user, the location information and the identity information of the target user are used to identify the target user. Certification.
104、权限控制装置检测到第一待认证信息载体进入检测范围,从第一待认证信息载体读取第一待认证信息,所述第一待认证信息包括:待认证身份信息;The permission control device detects that the first to-be-certified information carrier enters the detection range, and reads the first to-be-certified information from the first to-be-certified information carrier, where the first to-be-certified information includes: identity to be authenticated;
本实施例中,权限控制装置可以为门禁。In this embodiment, the authority control device may be an access control.
权限控制装置设有支持信息读取功能的模块,例如,该模块可以是读取身份证信息的身份证读取模 块,相应的,第一待认证信息载体为身份证,读取出的第一待认证信息为身份证信息;比如,该模块为扫码模块,相应的,第一待认证信息载体可以为携带有身份信息的订单图形码或订单条形码等,读取出的第一待认证信息可以是从订单图形码或订单条形码中读取目标用户的身份信息;又如,该模块可以是读取生物特征的生物特征读取模块,相应的,第一待认证信息载体为生物特征,读取出的第一待认证信息为生物特征信息。其中,生物特征可以为手指,对应的生物特征信息可以为指纹;或者,生物特征可以为手掌,对应的生物特征信息可以为掌纹;或者,生物特征可以为眼睛,对应的生物特征信息可以为虹膜等等,在此不作限制。The authority control device is provided with a module for supporting the information reading function, for example, the module may be an ID card reading module for reading the identity card information. Block, correspondingly, the first information carrier to be authenticated is an identity card, and the first information to be authenticated is the identity card information; for example, the module is a scan code module, and correspondingly, the first information carrier to be authenticated may be carried For the order graphic code or order barcode with identity information, the first information to be authenticated can be read from the order graphic code or the order barcode to read the identity information of the target user; for example, the module can read the biometric The biometric reading module, correspondingly, the first to-be-certified information carrier is a biometric feature, and the read first to-be-certified information is biometric information. The biometric feature may be a finger, and the corresponding biometric information may be a fingerprint; or the biometric feature may be a palm, and the corresponding biometric information may be a palm print; or the biometric feature may be an eye, and the corresponding biometric information may be Iris, etc., there is no limit here.
105、所述权限控制装置获取待认证位置信息,向所述第二服务器发送认证请求,所述认证请求包括:所述待认证位置信息和所述待认证身份信息;The access control device obtains the to-be-authenticated location information, and sends an authentication request to the second server, where the authentication request includes: the to-be-authenticated location information and the to-be-authenticated identity information;
本实施例中,权限控制装置获取待认证位置信息的方式有很多种,具体参见下文描述。In this embodiment, there are many ways for the authority control device to obtain location information to be authenticated, as described in detail below.
本实施例中,权限控制装置与第二服务器可以通过有线连接进行通信,例如网线连接,也可以通过无线网络进行通信,例如移动网络,小区内局域网等。In this embodiment, the rights control device and the second server may communicate through a wired connection, such as a network cable connection, or may communicate through a wireless network, such as a mobile network, a local area network in a cell, or the like.
106、所述第二服务器接收所述认证请求,使用存储的所述目标用户的身份信息对所述待认证身份信息进行第一认证,并使用存储的所述位置信息对所述待认证位置信息进行第二认证,所述第一认证和第二认证均通过后,向所述权限控制装置发送认证通过响应;The second server receives the authentication request, performs the first authentication on the to-be-authenticated identity information by using the stored identity information of the target user, and uses the stored location information to the location information to be authenticated. Performing a second authentication, after the first authentication and the second authentication are both passed, sending an authentication pass response to the authority control device;
本实施例中,使用存储的所述目标用户的身份信息对所述待认证身份信息进行第一认证,可以通过如下方式实现:判断存储的所述目标用户的身份信息与所述待认证身份信息是否一致,若一致,则第一认证通过,若不一致,则第一认证不通过。In this embodiment, the first authentication of the identity information to be authenticated is performed by using the stored identity information of the target user, which may be implemented by: determining the stored identity information of the target user and the identity information to be authenticated. Whether they are consistent. If they are consistent, the first authentication is passed. If they are inconsistent, the first authentication fails.
本实施例中,使用存储的所述位置信息对所述待认证位置信息进行第二认证,可以通过如下方式实现:判断存储的所述位置信息对所述待认证位置信息是否一致,若一致,则第二认证通过,若不一致,则第二认证不通过。In this embodiment, the second authentication of the to-be-authenticated location information by using the stored location information may be implemented by: determining whether the stored location information is consistent with the to-be-authenticated location information, if consistent, Then, the second authentication is passed, and if not, the second authentication fails.
107、所述权限控制装置接收所述认证通过响应,执行授权操作。107. The authority control apparatus receives the authentication and performs a authorization operation by responding.
本实施例中,权限控制装置为门禁时,执行授权操作可以为如下操作:开启门锁。In this embodiment, when the authority control device is an access control, performing the authorization operation may be as follows: opening the door lock.
本实施例中,第一服务器收到客户端发送的位置信息后,分配目标用户并将该目标用户的身份信息发送给第二服务器,该目标用户是为位于所述位置信息的客户提供服务的人员(例如送货员或送餐员等),当目标用户到达权限控制装置所在位置后,将所持有的第一待认证信息载体放置在权限控制装置的检测区域,权限控制装置检测并读取待认证身份信息,以及获取待认证位置信息,并请求第二服务器对目标用户进行认证,如果认证通过,则进行授权操作。由此可以看出,在设有门禁(该门禁即为权限控制装置)的小区中,即使目标用户(例如送货员或送餐员等)没有该小区的门禁卡,也可以通过第一服务器将目标用户的身份信息发送给第二服务器,并由门禁请求第二服务器对目标用户进行认证,如果认证通过,则目标用户获得授权,从而进入该小区,一方面,享受目标用户所提供服务的客户不需要出门为所述目标用户开启门禁,为客户提供了便捷,另一方面,目标用户在进入小区时是通过第二服务器的认证后才获得授权进入的,保障了安全性。In this embodiment, after receiving the location information sent by the client, the first server allocates the target user and sends the identity information of the target user to the second server, where the target user provides services for the client located in the location information. A person (such as a delivery person or a food delivery person, etc.), after the target user arrives at the location of the authority control device, places the first information carrier to be authenticated in the detection area of the authority control device, and the authority control device detects and reads The authentication identity information is obtained, and the location information to be authenticated is obtained, and the second server is requested to authenticate the target user. If the authentication is passed, the authorization operation is performed. It can be seen that in the cell with the access control (the access control is the authority control device), even if the target user (such as a delivery person or a food delivery person, etc.) does not have the access card of the cell, the first server can be passed. Sending the identity information of the target user to the second server, and requesting the second server to authenticate the target user by the access control. If the authentication is passed, the target user is authorized to enter the cell, and on the other hand, enjoy the service provided by the target user. The customer does not need to go out to open the access control for the target user, which provides convenience for the customer. On the other hand, the target user is authorized to enter the second server after entering the cell, thereby ensuring security.
作为本实施例的一种可选实施方式,为提高授权操作的安全性,示例性的,所述权限控制装置在执行授权操作后,所述方法还包括如下步骤:向所述第二服务器发送安全处理指令;所述第二服务器接收所述安全处理指令,删除存储的所述第二信息或者设置该第二信息的状态为失效状态;或者,示例性的,所述第二服务器在所述第一认证和所述第二认证通过后,所述方法还包括如下步骤:所述第二服务器删除存储的所述第二信息或者设置该第二信息的状态为失效状态。As an optional implementation manner of this embodiment, in order to improve the security of the authorization operation, the method further includes the following steps: sending the second server to the second server after performing the authorization operation. a security processing instruction; the second server receives the security processing instruction, deletes the stored second information, or sets a state of the second information to a failure state; or, exemplarily, the second server is in the After the first authentication and the second authentication are passed, the method further includes the following steps: the second server deletes the stored second information or sets the state of the second information to a failure state.
本实施例通过在执行本次认证或者本次授权操作后,删除存储的第二信息,使得后续流程中无法再使用该第二信息进行下次的认证或授权,或者设置该第二信息的状态为失效状态,亦即该第二信息用于一次认证和授权的操作后即失效,之后也无法再使用该第二信息进行下次的认证或授权,避免了该第二信息在后续流程中被非法再次用于认证和授权。In this embodiment, after the current authentication or the current authorization operation is performed, the stored second information is deleted, so that the second information cannot be used for the next authentication or authorization in the subsequent process, or the state of the second information is set. The failure status, that is, the second information is invalid after being used for one authentication and authorization operation, and then the second information cannot be used for the next authentication or authorization, thereby avoiding the second information being Illegal reuse for authentication and authorization.
作为本实施例的一种可选实施方式,为进一步保证授权操作的安全性,还可以为授权操作设置时效,所述权限控制装置接收所述认证通过响应,执行授权操作,具体通过如下方式实现:所述权限控制装置接收所述认证通过响应后,判断计时到达的时刻是否超出规定时间,如果没有超出规定时间,则执行授权操作,其中,所述计时在所述权限控制装置向所述第二服务器发送认证请求后开始。As an optional implementation manner of the embodiment, in order to further ensure the security of the authorization operation, the authorization operation may also set the time limit for the authorization operation, and the rights control device receives the authentication response and performs the authorization operation, which is specifically implemented by the following manner. After the authorization control device receives the authentication response, it determines whether the timing of the timing arrival exceeds a predetermined time, and if the predetermined time is not exceeded, performing an authorization operation, wherein the timing is performed by the authority control device The second server starts after sending an authentication request.
例如,权限控制装置向第二服务器发送的认证请求的时刻为上午9点,此时开始计时,规定时间可以设置为上午12点,则若接收到第二服务器发送的认证通过响应时,权限控制装置计时的时刻未超出上午12点时,则允许执行授权操作,若超出上午12点,则即使接收到认证通过响应,也不执行授权操作。For example, the time when the authorization control device sends the authentication request to the second server is 9:00 am, and the time is started. The specified time can be set to 12 am, and if the authentication response sent by the second server is received, the authority control If the timing of the device timing does not exceed 12 o'clock in the morning, the authorization operation is allowed. If the time exceeds 12 o'clock, the authorization operation is not performed even if the authentication response is received.
作为本实施例的一种可选实施方式,所述权限控制装置获取待认证位置信息,可以采用如下方式实现:所述权限控制装置获取所述权限控制装置自身的位置信息,所述权限控制装置自身的位置信息即为所述待认证位置信息。本实施方式中权限控制装置不需要从外部获取待认证位置信息,方案较简洁。由 于权限控制装置读取到身份信息后,说明目标用户已经到达权限控制装置所在位置,因而可以使用权限控制装置自身的位置信息表示目标用户的位置,也就是作为待认证位置信息,并由权限控制装置发送给第二服务器进行第二认证。As an optional implementation manner of the embodiment, the obtaining, by the privilege control device, the location information to be authenticated may be implemented in the following manner: the privilege control device acquires location information of the privilege control device itself, and the privilege control device The location information of the self is the location information to be authenticated. In this embodiment, the authority control device does not need to obtain the location information to be authenticated from the outside, and the solution is relatively simple. By After the identity control device reads the identity information, it indicates that the target user has reached the location of the authority control device, and thus the location information of the authority control device itself can be used to indicate the location of the target user, that is, as the location information to be authenticated, and controlled by the authority. The device sends to the second server for second authentication.
作为本实施例的一种可选实施方式,所述权限控制装置获取待认证位置信息,还可以采用如下方式实现:所述权限控制装置检测到第二待认证信息载体进入检测范围,从所述第二待认证信息载体读取第二待认证信息,其中,所述第二待认证信息包括:待认证位置信息。As an optional implementation manner of this embodiment, the obtaining, by the privilege control device, the location information to be authenticated may be implemented by: the privilege control device detecting that the second to-be-certified information carrier enters the detection range, from the The second to-be-certified information carrier reads the second to-be-certified information, where the second to-be-certified information includes: to-be-authenticated location information.
本实施例中第二待认证信息载体包括携带有位置信息(如送货地址)的订单图形码或订单条形码等,权限控制装置可以从订单图形码或订单条形码中读取送货地址,该送货地址相当于待认证位置信息。本实施方式中,权限控制装置是通过读取外部携带有位置信息的第二待认证信息载体来获得待认证位置信息的。需要说明的是,本实施例中,当第一待认证信息载体和第二待认证信息载体均携带有目标用户的身份信息和位置信息时,该第一待认证信息载体和第二待认证信息载体可以为同一载体,例如,第一待认证信息载体和第二待认证信息载体均为订单图形码或订单条形码,订单图形码或订单条形码中携带有目标用户的身份信息和位置信息时,权限控制装置通过扫码可以获得目标用户的身份信息,也可以获得位置信息。当然,第一待认证信息载体和第二待认证信息载体可以为不同的载体,例如,第一待认证信息载体为目标用户的身份证,第二待认证信息载体为订单图形码或订单条形码,订单图形码或订单条形码中携带有位置信息。In this embodiment, the second to-be-certified information carrier includes an order graphic code or an order barcode carrying the location information (such as a delivery address), and the permission control device can read the delivery address from the order graphic code or the order barcode, and the delivery The cargo address is equivalent to the location information to be authenticated. In this embodiment, the authority control device obtains the location information to be authenticated by reading the second to-be-certified information carrier that carries the location information externally. It should be noted that, in this embodiment, when the first to-be-authenticated information carrier and the second to-be-certified information carrier both carry the identity information and the location information of the target user, the first to-be-authenticated information carrier and the second to-be-certified information The carrier may be the same carrier. For example, the first to-be-certified information carrier and the second to-be-certified information carrier are both an order graphic code or an order barcode, and the order graphic code or the order barcode carries the identity information and location information of the target user. The control device can obtain the identity information of the target user by scanning the code, and can also obtain the location information. Certainly, the first to-be-certified information carrier and the second to-be-certified information carrier may be different carriers. For example, the first to-be-certified information carrier is an identity card of the target user, and the second to-be-certified information carrier is an order graphic code or an order barcode. Location information is carried in the order graphic code or order barcode.
作为本实施例的一种可选实施方式,所述权限控制装置在收到认证通过响应后,所述方法还包括如下步骤:向所述客户端发送所述待认证身份信息。本实施例中权限控制装置接收到认证通过响应说明待认证身份信息与目标用户的身份信息一致,此时,权限控制装置向客户端发送待认证身份信息(也就是目标用户的身份信息)以便于客户端向客户提示该目标用户已通过授权,例如,门禁接收到认证通过响应后,门禁向客户端发送快递员的身份信息,以便客户端可以提示该快递员已经通过认证,即将进行送货。As an optional implementation manner of this embodiment, after receiving the authentication and passing response, the method further includes the following steps: sending the to-be-authenticated identity information to the client. In this embodiment, the authority control device receives the authentication, and the identity information to be authenticated is consistent with the identity information of the target user. At this time, the rights control device sends the identity information to be authenticated (that is, the identity information of the target user) to the client. The client prompts the client that the target user has passed the authorization. For example, after the access control receives the authentication, the access control sends the identity information of the courier to the client, so that the client can prompt the courier to pass the authentication, and the delivery is about to be performed.
实施例2Example 2
本实施例提供一种数据交互系统,可用于执行实施例1中的数据交互方法,如图2所示,该系统包括:第一服务器11、第二服务器12和权限控制装置13;The embodiment provides a data interaction system, which can be used to execute the data interaction method in Embodiment 1, as shown in FIG. 2, the system includes: a first server 11, a second server 12, and an authority control device 13;
其中:第一服务器11,用于接收客户端发送的第一信息,所述第一信息包括位置信息;为所述位置信息分配目标用户,确定所述目标用户的身份信息,向第二服务器发送第二信息,所述第二信息包括:所述位置信息和所述目标用户的身份信息;The first server 11 is configured to receive first information sent by the client, where the first information includes location information, assign a target user to the location information, determine identity information of the target user, and send the identity information to the second server. Second information, the second information includes: the location information and identity information of the target user;
所述第二服务器12,用于接收所述第二信息,存储所述第二信息;The second server 12 is configured to receive the second information, and store the second information.
权限控制装置13,用于检测到第一待认证信息载体进入检测范围,从第一待认证信息载体读取第一待认证信息,所述第一待认证信息包括:待认证身份信息;获取待认证位置信息,向所述第二服务器12发送认证请求,所述认证请求包括:所述待认证位置信息和所述待认证身份信息;The privilege control device 13 is configured to detect that the first to-be-certified information carrier enters the detection range, and reads the first to-be-certified information from the first to-be-certified information carrier, where the first to-be-authenticated information includes: identity information to be authenticated; The authentication location information is sent to the second server 12, where the authentication request includes: the to-be-authenticated location information and the to-be-authenticated identity information;
所述第二服务器12,还用于接收所述认证请求,使用存储的所述目标用户的身份信息对所述待认证身份信息进行第一认证,并使用存储的所述位置信息对所述待认证位置信息进行第二认证,所述第一认证和第二认证均通过后,向所述权限控制装置13发送认证通过响应;The second server 12 is further configured to receive the authentication request, perform first authentication on the to-be-authenticated identity information by using the stored identity information of the target user, and use the stored location information to The authentication location information is subjected to the second authentication, and after the first authentication and the second authentication are both passed, the authentication passing response is sent to the authority control device 13;
所述权限控制装置13,还用于接收所述认证通过响应,执行授权操作。The authority control device 13 is further configured to receive the authentication response and perform an authorization operation.
本实施例中的第一服务器可以与客户端进行通信。第一服务器可以是提供网上超市、网上订餐等网上服务的服务器,客户端可以是实现网上下单进行购物或订餐等服务的应用程序,该客户端可以安装在用户持有的设备(例如PC机、手机、掌上电脑等)上。The first server in this embodiment can communicate with the client. The first server may be a server that provides an online service such as an online supermarket or an online ordering service, and the client may be an application for realizing online shopping or ordering services, and the client may be installed on a device held by the user (for example, a PC). , mobile phones, PDAs, etc.).
本实施例中,第一信息可以为订单信息,位置信息可以为订单地址;例如网上购物时,该位置信息具体为送货地址,网上订餐时,该位置信息具体为送餐地址等等。不同的应用场景,该位置信息可以表示不同含义的地址信息,在此不作限制。In this embodiment, the first information may be order information, and the location information may be an order address; for example, when the online shopping is performed, the location information is specifically a delivery address, and when the online order is ordered, the location information is specifically a delivery address and the like. For different application scenarios, the location information may represent address information of different meanings, and is not limited herein.
此外,该第一信息还可以包括订单号、订单明细、订单金额、订单日期、下单的用户名称等等信息,在此不作限制。In addition, the first information may further include information such as an order number, an order detail, an order amount, an order date, a user name of the order, and the like, and is not limited herein.
本实施例中,目标用户是为位于所述位置信息的客户提供相应服务的人员,例如网上购物时,该目标用户具体为送货员,网上订餐时,该位置信息具体为送餐员等等。不同的应用场景,该目标用户可以表示提供不同服务的人员,在此不作限制。In this embodiment, the target user is a person who provides a corresponding service to the client located in the location information. For example, when the online shopping is performed, the target user is specifically a delivery person. When the online order is ordered, the location information is specifically a food delivery person, etc. . For different application scenarios, the target user can indicate the person providing different services, and there is no limitation here.
本实施例中的目标用户的身份信息,可以为身份证信息或者可以为指纹信息、掌纹信息或虹膜信息等任一种生物特征信息。The identity information of the target user in this embodiment may be ID information or may be any biometric information such as fingerprint information, palm print information or iris information.
本实施例中第二服务器可以用于对权限控制装置进行管理,例如在设有门禁的小区中,权限控制装置可以为门禁,第二服务器为可以对门禁实现数据交互以及管理的服务器。In this embodiment, the second server may be used to manage the rights control device. For example, in the cell with the access control, the rights control device may be the access control, and the second server is the server that can implement data interaction and management for the access control.
本实施例中,第一服务器和第二服务器是相互独立的服务器,各自所起的作用也不相同。第一服务器用于提供网上购物、网上订餐等网络服务的服务器,第二服务器用于对权限控制装置进行数据交互以 及管理的服务器,第一服务器与第二服务器之间可以通过无线网络或者有线网络进行通信。In this embodiment, the first server and the second server are mutually independent servers, and each of them functions differently. The first server is used for providing a server for online shopping, online ordering, and the like, and the second server is used for data interaction with the authority control device. And the managed server, the first server and the second server can communicate through a wireless network or a wired network.
本实施例中,第二服务器存储收到的位置信息和目标用户的身份信息,以便于后续权限控制装置请求对目标用户进行认证时,利用该位置信息和目标用户的身份信息对目标用户进行身份认证。In this embodiment, the second server stores the received location information and the identity information of the target user, so that when the subsequent rights control device requests to authenticate the target user, the location information and the identity information of the target user are used to identify the target user. Certification.
本实施例中,权限控制装置可以为门禁。In this embodiment, the authority control device may be an access control.
权限控制装置设有支持信息读取功能的模块,例如,该模块可以是读取身份证信息的身份证读取模块,相应的,第一待认证信息载体为身份证,读取出的第一待认证信息为身份证信息;比如,该模块为扫码模块,相应的,第一待认证信息载体可以为携带有订单信息的订单图形码或订单条形码等,读取出的第一待认证信息可以是从订单图形码或订单条形码中读取目标用户的身份信息;又如,该模块可以是读取生物特征的生物特征读取模块,相应的,第一待认证信息载体为生物特征,读取出的第一待认证信息为生物特征信息。其中,生物特征可以为手指,对应的生物特征信息可以为指纹;或者,生物特征可以为手掌,对应的生物特征信息可以为掌纹;或者,生物特征可以为眼睛,对应的生物特征信息可以为虹膜等等,在此不作限制。The authority control device is provided with a module for supporting the information reading function. For example, the module may be an identity card reading module for reading the identity card information, and correspondingly, the first information carrier to be authenticated is an identity card, and the first read is performed. The information to be authenticated is the ID card information; for example, the module is a scan code module, and correspondingly, the first to-be-certified information carrier may be the first to-be-certified information read by the order graphic code or the order barcode carrying the order information. The identity information of the target user may be read from the order graphic code or the order barcode; for example, the module may be a biometric reading module that reads the biometric, and correspondingly, the first information carrier to be authenticated is a biometric, read The first to-be-certified information that is taken out is biometric information. The biometric feature may be a finger, and the corresponding biometric information may be a fingerprint; or the biometric feature may be a palm, and the corresponding biometric information may be a palm print; or the biometric feature may be an eye, and the corresponding biometric information may be Iris, etc., there is no limit here.
本实施例中,权限控制装置获取待认证位置信息的方式有很多种,具体参见下文描述。In this embodiment, there are many ways for the authority control device to obtain location information to be authenticated, as described in detail below.
本实施例中,权限控制装置与第二服务器可以通过有线连接进行通信,例如网线连接,也可以通过无线网络进行通信,例如移动网络,小区内局域网等。In this embodiment, the rights control device and the second server may communicate through a wired connection, such as a network cable connection, or may communicate through a wireless network, such as a mobile network, a local area network in a cell, or the like.
本实施例中,使用存储的所述目标用户的身份信息对所述待认证身份信息进行第一认证,可以通过如下方式实现:判断存储的所述目标用户的身份信息与所述待认证身份信息是否一致,若一致,则第一认证通过,若不一致,则第一认证不通过。In this embodiment, the first authentication of the identity information to be authenticated is performed by using the stored identity information of the target user, which may be implemented by: determining the stored identity information of the target user and the identity information to be authenticated. Whether they are consistent. If they are consistent, the first authentication is passed. If they are inconsistent, the first authentication fails.
本实施例中,使用存储的所述位置信息对所述待认证位置信息进行第二认证,可以通过如下方式实现:判断存储的所述位置信息对所述待认证位置信息是否一致,若一致,则第二认证通过,若不一致,则第二认证不通过。In this embodiment, the second authentication of the to-be-authenticated location information by using the stored location information may be implemented by: determining whether the stored location information is consistent with the to-be-authenticated location information, if consistent, Then, the second authentication is passed, and if not, the second authentication fails.
本实施例中,权限控制装置为门禁时,执行授权操作可以为如下操作:开启门锁。In this embodiment, when the authority control device is an access control, performing the authorization operation may be as follows: opening the door lock.
本实施例中,第一服务器收到客户端发送的位置信息后,分配目标用户并将该目标用户的身份信息发送给第二服务器,该目标用户是为位于所述位置信息的客户提供服务的人员(例如送货员或送餐员等),当目标用户到达权限控制装置所在位置后,将所持有的第一待认证信息载体放置在权限控制装置的检测区域,权限控制装置检测并读取待认证身份信息,以及获取待认证位置信息,并请求第二服务器对目标用户进行认证,如果认证通过,则进行授权操作。由此可以看出,在设有门禁(该门禁即为权限控制装置)的小区中,即使目标用户(例如送货员或送餐员等)没有该小区的门禁卡,也可以采用本发明中的方案通过第一服务器将目标用户的身份信息发送给第二服务器,并由门禁请求第二服务器对目标用户进行认证,如果认证通过,则目标用户获得授权,从而进入该小区,一方面,享受目标用户所提供服务的客户不需要出门为所述目标用户开启门禁,为客户提供了便捷,另一方面,目标用户在进入小区时是通过第二服务器的认证后才获得授权进入的,保障了安全性。In this embodiment, after receiving the location information sent by the client, the first server allocates the target user and sends the identity information of the target user to the second server, where the target user provides services for the client located in the location information. A person (such as a delivery person or a food delivery person, etc.), after the target user arrives at the location of the authority control device, places the first information carrier to be authenticated in the detection area of the authority control device, and the authority control device detects and reads The authentication identity information is obtained, and the location information to be authenticated is obtained, and the second server is requested to authenticate the target user. If the authentication is passed, the authorization operation is performed. It can be seen that in the cell with the access control (the access control is the authority control device), even if the target user (such as a delivery person or a food delivery person, etc.) does not have the access card of the cell, the present invention can be used. The solution sends the identity information of the target user to the second server through the first server, and the second server authenticates the target user by the access control. If the authentication is passed, the target user obtains authorization, thereby entering the cell, and enjoying The customer of the service provided by the target user does not need to go out to open the access control for the target user, which provides convenience for the customer. On the other hand, the target user is authorized to enter the second server after entering the cell, and the security is guaranteed. safety.
作为本实施例的一种可选实施方式,为提高授权操作的安全性,示例性的,所述权限控制装置,还用于在执行授权操作后,向所述第二服务器发送安全处理指令;所述第二服务器,还用于接收所述安全处理指令,删除存储的所述第二信息或者设置所述第二信息的状态为失效状态;As an optional implementation manner of this embodiment, in order to improve the security of the authorization operation, the permission control apparatus is further configured to send a security processing instruction to the second server after performing the authorization operation; The second server is further configured to receive the security processing instruction, delete the stored second information, or set a state of the second information to a failure state;
或者,示例性的,所述第二服务器,还用于在所述第一认证和所述第二认证通过后,删除存储的所述第二信息或者设置所述第二信息的状态为失效状态。Or, exemplarily, the second server is further configured to delete the stored second information or set the state of the second information to a failure state after the first authentication and the second authentication are passed .
本实施例通过在执行本次认证或者本次授权操作后,删除存储的第二信息,使得后续流程中无法再使用该第二信息进行下次的认证或授权,或者设置该第二信息的状态为失效状态,亦即该第二信息用于一次认证和授权的操作后即失效,之后也无法再使用该第二信息进行下次的认证或授权,避免了该第二信息在后续流程中被非法再次用于认证和授权。In this embodiment, after the current authentication or the current authorization operation is performed, the stored second information is deleted, so that the second information cannot be used for the next authentication or authorization in the subsequent process, or the state of the second information is set. The failure status, that is, the second information is invalid after being used for one authentication and authorization operation, and then the second information cannot be used for the next authentication or authorization, thereby avoiding the second information being Illegal reuse for authentication and authorization.
作为本实施例的一种可选实施方式,为进一步保证授权操作的安全性,还可以为授权操作设置时效,示例性的,所述权限控制装置,具体用于接收所述认证通过响应后,判断计时到达的时刻是否超出规定时间,如果没有超出规定时间,则执行授权操作,其中,所述计时在所述权限控制装置向所述第二服务器发送认证请求后开始。例如,权限控制装置向第二服务器发送的认证请求的时刻为上午9点,此时开始计时,规定时间可以设置为上午12点,则若接收到第二服务器发送的认证通过响应时,权限控制装置计时的时刻未超出上午12点时,则允许执行授权操作,若超出上午12点,则即使接收到认证通过响应,也不执行授权操作。As an optional implementation manner of the embodiment, in order to further ensure the security of the authorization operation, the authorization operation may also be set to be effective. For example, the authority control device is specifically configured to receive the authentication response, It is judged whether the time when the timing arrives exceeds the prescribed time, and if the predetermined time is not exceeded, the authorization operation is performed, wherein the timing starts after the authority control device transmits the authentication request to the second server. For example, the time when the authorization control device sends the authentication request to the second server is 9:00 am, and the time is started. The specified time can be set to 12 am, and if the authentication response sent by the second server is received, the authority control If the timing of the device timing does not exceed 12 o'clock in the morning, the authorization operation is allowed. If the time exceeds 12 o'clock, the authorization operation is not performed even if the authentication response is received.
作为本实施例的一种可选实施方式,所述权限控制装置,具体用于获取所述权限控制装置自身的位置信息,所述权限控制装置自身的位置信息即为所述待认证位置信息。本实施方式中权限控制装置不需要从外部获取待认证位置信息,方案较简洁。由于权限控制装置读取到身份信息后,说明目标用户已经到达权限控制装置所在位置,因而可以使用权限控制装置自身的位置信息表示目标用户的位置,也就是作为待认证位置信息,并由权限控制装置发送给第二服务器进行第二认证。 As an optional implementation manner of this embodiment, the rights control device is specifically configured to acquire location information of the rights control device itself, and the location information of the rights control device itself is the to-be-authenticated location information. In this embodiment, the authority control device does not need to obtain the location information to be authenticated from the outside, and the solution is relatively simple. After the authorization control device reads the identity information, it indicates that the target user has reached the location of the authority control device, and thus the location information of the authority control device itself can be used to indicate the location of the target user, that is, as the location information to be authenticated, and controlled by the authority. The device sends to the second server for second authentication.
作为本实施例的一种可选实施方式,所述权限控制装置,具体用于检测到第二待认证信息载体进入检测范围,从所述第二待认证信息载体读取第二待认证信息,其中,所述第二待认证信息包括:待认证位置信息。本实施方式中,权限控制装置是通过读取外部携带有位置信息的第二待认证信息载体来获得待认证位置信息的。需要说明的是,本实施例中,当第一待认证信息载体和第二待认证信息载体均携带有目标用户的身份信息和位置信息时,该第一待认证信息载体和第二待认证信息载体可以为同一载体,例如,第一待认证信息载体和第二待认证信息载体均为订单图形码或订单条形码,订单图形码或订单条形码中携带有目标用户的身份信息和位置信息时,权限控制装置通过扫码可以获得目标用户的身份信息,也可以获得位置信息。当然,第一待认证信息载体和第二待认证信息载体可以为不同的载体,例如,第一待认证信息载体为目标用户的身份证,第二待认证信息载体为订单图形码或订单条形码,订单图形码或订单条形码中携带有位置信息。As an optional implementation manner of this embodiment, the rights control device is specifically configured to detect that the second to-be-certified information carrier enters the detection range, and reads the second to-be-certified information from the second to-be-certified information carrier. The second to-be-certified information includes: location information to be authenticated. In this embodiment, the authority control device obtains the location information to be authenticated by reading the second to-be-certified information carrier that carries the location information externally. It should be noted that, in this embodiment, when the first to-be-authenticated information carrier and the second to-be-certified information carrier both carry the identity information and the location information of the target user, the first to-be-authenticated information carrier and the second to-be-certified information The carrier may be the same carrier. For example, the first to-be-certified information carrier and the second to-be-certified information carrier are both an order graphic code or an order barcode, and the order graphic code or the order barcode carries the identity information and location information of the target user. The control device can obtain the identity information of the target user by scanning the code, and can also obtain the location information. Certainly, the first to-be-certified information carrier and the second to-be-certified information carrier may be different carriers. For example, the first to-be-certified information carrier is an identity card of the target user, and the second to-be-certified information carrier is an order graphic code or an order barcode. Location information is carried in the order graphic code or order barcode.
作为本实施例的一种可选实施方式,所述权限控制装置,还用于在收到认证通过响应后,向所述客户端发送所述待认证身份信息。本实施例中权限控制装置接收到认证通过响应说明待认证身份信息与目标用户的身份信息一致,此时,权限控制装置向客户端发送待认证身份信息(也就是目标用户的身份信息)以便于客户端向客户提示该目标用户已通过授权,例如,门禁接收到认证通过响应后,门禁向客户端发送快递员的身份信息,以便客户端可以提示该快递员已经通过认证,即将进行送货。As an optional implementation manner of this embodiment, the rights control apparatus is further configured to: after receiving the authentication pass response, send the to-be-authenticated identity information to the client. In this embodiment, the authority control device receives the authentication, and the identity information to be authenticated is consistent with the identity information of the target user. At this time, the rights control device sends the identity information to be authenticated (that is, the identity information of the target user) to the client. The client prompts the client that the target user has passed the authorization. For example, after the access control receives the authentication, the access control sends the identity information of the courier to the client, so that the client can prompt the courier to pass the authentication, and the delivery is about to be performed.
在本说明书的描述中,参考术语“一个实施例”、“一些实施例”、“示例”、“具体示例”、或“一些示例”等的描述意指结合该实施例或示例描述的具体特征、结构、材料或者特点包含于本发明的至少一个实施例或示例中。在本说明书中,对上述术语的示意性表述不一定指的是相同的实施例或示例。而且,描述的具体特征、结构、材料或者特点可以在任何的一个或多个实施例或示例中以合适的方式结合。In the description of the present specification, the description with reference to the terms "one embodiment", "some embodiments", "example", "specific example", or "some examples" and the like means a specific feature described in connection with the embodiment or example. A structure, material or feature is included in at least one embodiment or example of the invention. In the present specification, the schematic representation of the above terms does not necessarily mean the same embodiment or example. Furthermore, the particular features, structures, materials, or characteristics described may be combined in a suitable manner in any one or more embodiments or examples.
尽管上面已经示出和描述了本发明的实施例,可以理解的是,上述实施例是示例性的,不能理解为对本发明的限制,本领域的普通技术人员在不脱离本发明的原理和宗旨的情况下在本发明的范围内可以对上述实施例进行变化、修改、替换和变型。本发明的范围由所附权利要求及其等同限定。 Although the embodiments of the present invention have been shown and described, it is understood that the foregoing embodiments are illustrative and not restrictive Variations, modifications, alterations and variations of the above-described embodiments are possible within the scope of the invention. The scope of the invention is defined by the appended claims and their equivalents.

Claims (14)

  1. 一种数据交互方法,其特征在于,包括:A data interaction method, comprising:
    第一服务器接收客户端发送的第一信息,所述第一信息包括位置信息;The first server receives the first information sent by the client, where the first information includes location information;
    所述第一服务器为所述位置信息分配目标用户,确定所述目标用户的身份信息,向第二服务器发送第二信息,所述第二信息包括:所述位置信息和所述目标用户的身份信息;The first server allocates a target user to the location information, determines identity information of the target user, and sends second information to the second server, where the second information includes: the location information and the identity of the target user. information;
    所述第二服务器接收所述第二信息,存储所述第二信息;The second server receives the second information, and stores the second information;
    权限控制装置检测到第一待认证信息载体进入检测范围,从第一待认证信息载体读取第一待认证信息,所述第一待认证信息包括:待认证身份信息;The right control device detects that the first to-be-certified information carrier enters the detection range, and reads the first to-be-certified information from the first to-be-certified information carrier, where the first to-be-certified information includes: identity information to be authenticated;
    所述权限控制装置获取待认证位置信息,向所述第二服务器发送认证请求,所述认证请求包括:所述待认证位置信息和所述待认证身份信息;The rights control device obtains the to-be-authenticated location information, and sends an authentication request to the second server, where the authentication request includes: the to-be-authenticated location information and the to-be-authenticated identity information;
    所述第二服务器接收所述认证请求,使用存储的所述目标用户的身份信息对所述待认证身份信息进行第一认证,并使用存储的所述位置信息对所述待认证位置信息进行第二认证,所述第一认证和第二认证均通过后,向所述权限控制装置发送认证通过响应;Receiving, by the second server, the authentication request, performing the first authentication on the to-be-authenticated identity information by using the stored identity information of the target user, and performing the first to be authenticated location information by using the stored location information. After the first authentication and the second authentication are both passed, the authentication pass response is sent to the authority control device;
    所述权限控制装置接收所述认证通过响应,执行授权操作。The authority control device receives the authentication response and performs an authorization operation.
  2. 根据权利要求1所述的方法,其特征在于,所述方法还包括:所述权限控制装置在执行授权操作后,向所述第二服务器发送安全处理指令;所述第二服务器接收所述安全处理指令,删除存储的所述第二信息或者设置所述第二信息的状态为失效状态;The method according to claim 1, wherein the method further comprises: the authority control means transmitting a security processing instruction to the second server after performing the authorization operation; the second server receiving the security Processing the instruction, deleting the stored second information or setting the state of the second information to a failure state;
    或者,所述第二服务器在所述第一认证和所述第二认证通过后,删除存储的所述第二信息或者设置所述第二信息的状态为失效状态。Alternatively, after the first authentication and the second authentication are passed, the second server deletes the stored second information or sets the state of the second information to a failure state.
  3. 根据权利要求1所述的方法,其特征在于,所述权限控制装置获取待认证位置信息,包括:The method according to claim 1, wherein the obtaining, by the rights control device, location information to be authenticated comprises:
    所述权限控制装置获取所述权限控制装置自身的位置信息,所述权限控制装置自身的位置信息即为所述待认证位置信息。The right control device acquires the location information of the rights control device itself, and the location information of the rights control device itself is the to-be-authenticated location information.
  4. 根据权利要求1所述的方法,其特征在于,所述权限控制装置获取待认证位置信息,包括:The method according to claim 1, wherein the obtaining, by the rights control device, location information to be authenticated comprises:
    所述权限控制装置检测到第二待认证信息载体进入检测范围,从所述第二待认证信息载体读取第二待认证信息,其中,所述第二待认证信息包括:待认证位置信息。The right control device detects that the second to-be-certified information carrier enters the detection range, and reads the second to-be-certified information from the second to-be-certified information carrier, wherein the second to-be-certified information includes: to-be-authenticated location information.
  5. 根据权利要求1-4任一项所述的方法,其特征在于,所述权限控制装置接收所述认证通过响应,执行授权操作,包括:所述权限控制装置接收所述认证通过响应后,判断计时到达的时刻是否超出规定时间,如果没有超出规定时间,则执行授权操作,其中,所述计时在所述权限控制装置向所述第二服务器发送认证请求后开始。The method according to any one of claims 1 to 4, wherein the authorization control device receives the authentication response and performs an authorization operation, and the method includes: after the authorization control device receives the authentication response, determining Whether the time of arrival of the timing exceeds the prescribed time, and if the prescribed time is not exceeded, the authorization operation is performed, wherein the timing starts after the authority control apparatus transmits an authentication request to the second server.
  6. 根据权利要求1-4任一项所述的方法,其特征在于,所述第一待认证信息载体为身份证、携带有身份信息的图形码、携带有身份信息的条形码或者生物特征。The method according to any one of claims 1-4, wherein the first information carrier to be authenticated is an identity card, a graphic code carrying identity information, a barcode carrying identity information or a biometric.
  7. 根据权利要求1-4任一项所述的方法,其特征在于,所述方法还包括:所述权限控制装置在收到认证通过响应后,向所述客户端发送所述待认证身份信息。The method according to any one of claims 1 to 4, wherein the method further comprises: after receiving the authentication pass response, the authority control device sends the identity to be authenticated information to the client.
  8. 一种数据交互系统,其特征在于,包括:A data interaction system, comprising:
    第一服务器,用于接收客户端发送的第一信息,所述第一信息包括位置信息;为所述位置信息分配目标用户,确定所述目标用户的身份信息,向第二服务器发送第二信息,所述第二信息包括:所述位置信息和所述目标用户的身份信息;a first server, configured to receive first information sent by the client, where the first information includes location information, assign a target user to the location information, determine identity information of the target user, and send second information to the second server. The second information includes: the location information and identity information of the target user;
    所述第二服务器,用于接收所述第二信息,存储所述第二信息;The second server is configured to receive the second information, and store the second information.
    权限控制装置,用于检测到第一待认证信息载体进入检测范围,从第一待认证信息载体读取第一待认证信息,所述第一待认证信息包括:待认证身份信息;获取待认证位置信息,向所述第二服务器发送认证请求,所述认证请求包括:所述待认证位置信息和所述待认证身份信息;The privilege control device is configured to detect that the first to-be-certified information carrier enters the detection range, and reads the first to-be-certified information from the first to-be-certified information carrier, where the first to-be-certified information includes: to be authenticated identity information; The location information is sent to the second server, where the authentication request includes: the to-be-authenticated location information and the to-be-authenticated identity information;
    所述第二服务器,还用于接收所述认证请求,使用存储的所述目标用户的身份信息对所述待认证身份信息进行第一认证,并使用存储的所述位置信息对所述待认证位置信息进行第二认证,所述第一认证和第二认证均通过后,向所述权限控制装置发送认证通过响应;The second server is further configured to receive the authentication request, perform first authentication on the to-be-authenticated identity information by using the stored identity information of the target user, and use the stored location information to authenticate the to-be-authenticated The location information is subjected to the second authentication, and after the first authentication and the second authentication are both passed, the authentication passing response is sent to the authority control device;
    所述权限控制装置,还用于接收所述认证通过响应,执行授权操作。The authority control device is further configured to receive the authentication response and perform an authorization operation.
  9. 根据权利要求8所述的系统,其特征在于,所述权限控制装置,还用于在执行授权操作后,向所述第二服务器发送安全处理指令;所述第二服务器,还用于接收所述安全处理指令,删除存储的所述第二信息或者设置所述第二信息的状态为失效状态;The system according to claim 8, wherein the authority control device is further configured to: after performing the authorization operation, send a security processing instruction to the second server; the second server is further configured to receive the Determining, by the security processing instruction, deleting the stored second information or setting the state of the second information to a failure state;
    或者,所述第二服务器,还用于在所述第一认证和所述第二认证通过后,删除存储的所述第二信息或者设置所述第二信息的状态为失效状态。Alternatively, the second server is further configured to: after the first authentication and the second authentication are passed, delete the stored second information or set the state of the second information to a failure state.
  10. 根据权利要求8所述的系统,其特征在于,The system of claim 8 wherein:
    所述权限控制装置,具体用于获取所述权限控制装置自身的位置信息,所述权限控制装置自 身的位置信息即为所述待认证位置信息。The authority control device is specifically configured to acquire location information of the rights control device itself, and the rights control device The location information of the body is the location information to be authenticated.
  11. 根据权利要求8所述的系统,其特征在于,The system of claim 8 wherein:
    所述权限控制装置,具体用于检测到第二待认证信息载体进入检测范围,从所述第二待认证信息载体读取第二待认证信息,其中,所述第二待认证信息包括:待认证位置信息。The privilege control device is configured to: detect that the second to-be-certified information carrier enters the detection range, and read the second to-be-certified information from the second to-be-certified information carrier, where the second to-be-certified information includes: Certified location information.
  12. 根据权利要求8-11任一项所述的系统,其特征在于,所述权限控制装置,具体用于接收所述认证通过响应后,判断计时到达的时刻是否超出规定时间,如果没有超出规定时间,则执行授权操作,其中,所述计时在所述权限控制装置向所述第二服务器发送认证请求后开始。The system according to any one of claims 8 to 11, wherein the authority control means is configured to: after receiving the response by the authentication, determine whether the time when the timing arrives exceeds a prescribed time, if the specified time is not exceeded And performing an authorization operation, wherein the timing starts after the authority control device sends an authentication request to the second server.
  13. 根据权利要求8-11任一项所述的系统,其特征在于,所述第一待认证信息载体为身份证、携带有身份信息的图形码、携带有身份信息的条形码或者生物特征。The system according to any one of claims 8-11, wherein the first to-be-certified information carrier is an identity card, a graphic code carrying identity information, a barcode carrying identity information, or a biometric.
  14. 根据权利要求8-11任一项所述的系统,其特征在于,所述权限控制装置,还用于在收到认证通过响应后,向所述客户端发送所述待认证身份信息。 The system according to any one of claims 8 to 11, wherein the authority control device is further configured to: after receiving the authentication response, send the identity information to be authenticated to the client.
PCT/CN2017/107611 2016-11-25 2017-10-25 Data interaction method and system WO2018095184A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201611059517.3 2016-11-25
CN201611059517.3A CN107231340B (en) 2016-11-25 2016-11-25 Data interaction method and system

Publications (1)

Publication Number Publication Date
WO2018095184A1 true WO2018095184A1 (en) 2018-05-31

Family

ID=59932925

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2017/107611 WO2018095184A1 (en) 2016-11-25 2017-10-25 Data interaction method and system

Country Status (2)

Country Link
CN (1) CN107231340B (en)
WO (1) WO2018095184A1 (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107231340B (en) * 2016-11-25 2020-05-15 天地融科技股份有限公司 Data interaction method and system
CN111859324B (en) * 2020-07-16 2024-03-15 北京百度网讯科技有限公司 Authorization method, device, equipment and storage medium

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104732626A (en) * 2015-01-22 2015-06-24 西安酷派软件科技有限公司 Entrance guard authorization management method and entrance guard authorization management system
CN104732668A (en) * 2015-04-14 2015-06-24 胥达 Delivering-collecting device and delivering-collecting method for express
CN105095978A (en) * 2015-09-30 2015-11-25 张华� Ordering method and device based on two-dimension code and door control system
CN105427409A (en) * 2015-10-29 2016-03-23 东莞酷派软件技术有限公司 Entrance guard unlocking method and mobile terminals
CN107231340A (en) * 2016-11-25 2017-10-03 天地融科技股份有限公司 A kind of data interactive method and system

Family Cites Families (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102137077A (en) * 2010-01-26 2011-07-27 凹凸电子(武汉)有限公司 Access control system and method for controlling access right by using computer system
CN103810552A (en) * 2012-11-09 2014-05-21 西安景行数创信息科技有限公司 Snack industry meal serving scheduling system
CN103281223B (en) * 2013-05-15 2016-05-25 五邑大学 A kind of modern intelligent household security system
CN104637131B (en) * 2013-11-15 2019-02-26 腾讯科技(深圳)有限公司 A kind of access control system authorization method, device and access control system
CN103886666A (en) * 2014-04-17 2014-06-25 深圳智慧物业科技开发有限公司 Property management system
CN104217478B (en) * 2014-08-13 2016-06-08 重庆特斯联智慧科技股份有限公司 Hotel's control of bluetooth access intelligent management
CN105516060A (en) * 2014-09-25 2016-04-20 宇龙计算机通信科技(深圳)有限公司 Entrance guard system, terminal, cloud server and safety strategy setting method
CN105528816A (en) * 2014-09-28 2016-04-27 中国移动通信集团辽宁有限公司 Intelligent gate inhibition realization method, terminal, gate inhibition identification apparatus and user authorization service center
CN105225319A (en) * 2015-10-13 2016-01-06 贵州朗盛科技股份有限公司 A kind of gate control system with information collection function
CN105741395A (en) * 2016-02-03 2016-07-06 慧锐通智能科技股份有限公司 Entrance guard access method and system based on two-dimension code and face identification

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104732626A (en) * 2015-01-22 2015-06-24 西安酷派软件科技有限公司 Entrance guard authorization management method and entrance guard authorization management system
CN104732668A (en) * 2015-04-14 2015-06-24 胥达 Delivering-collecting device and delivering-collecting method for express
CN105095978A (en) * 2015-09-30 2015-11-25 张华� Ordering method and device based on two-dimension code and door control system
CN105427409A (en) * 2015-10-29 2016-03-23 东莞酷派软件技术有限公司 Entrance guard unlocking method and mobile terminals
CN107231340A (en) * 2016-11-25 2017-10-03 天地融科技股份有限公司 A kind of data interactive method and system

Also Published As

Publication number Publication date
CN107231340A (en) 2017-10-03
CN107231340B (en) 2020-05-15

Similar Documents

Publication Publication Date Title
US20180146374A1 (en) System, methods and software for user authentication
AU2016273888B2 (en) Controlling physical access to secure areas via client devices in a networked environment
EP2816532B1 (en) Systems and methods for enabling access control via mobile devices
US10492066B2 (en) Access and automation control systems with mobile computing device
EP3492414B1 (en) Elevator request authorization system for a third party
CN109076070A (en) For assisting the method and apparatus without friction two-factor authentication
KR101033337B1 (en) The security authentication method to reinforce verification of the user using the terminal unit
US9740846B2 (en) Controlling user access to electronic resources without password
JP5127429B2 (en) Admission restriction system and relay device
US10275957B2 (en) Methods, systems and devices for access control
MX2013011116A (en) Distribution of premises access information.
US10629012B1 (en) Multi-factor authentication for vehicles
US11871226B2 (en) Method and system for providing location-aware multi-factor mobile authentication
CN112330855A (en) Electronic lock safety management method, equipment and system
CN107230265B (en) Data interaction method and system
CN103516514A (en) Account access right setting method and manipulator
WO2018095184A1 (en) Data interaction method and system
CN107231404B (en) Data interaction method and system
WO2018095182A1 (en) Method and system for data exchange
US11599872B2 (en) System and network for access control to real property using mobile identification credential
JP5937276B1 (en) Visitor authentication system and visitor authentication method
KR102544213B1 (en) User approval system and method thereof
JP2022118914A (en) Facility rental system and facility rental method

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 17872937

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 17872937

Country of ref document: EP

Kind code of ref document: A1