WO2019204954A1 - Système de verrou intelligent - Google Patents

Système de verrou intelligent Download PDF

Info

Publication number
WO2019204954A1
WO2019204954A1 PCT/CN2018/084014 CN2018084014W WO2019204954A1 WO 2019204954 A1 WO2019204954 A1 WO 2019204954A1 CN 2018084014 W CN2018084014 W CN 2018084014W WO 2019204954 A1 WO2019204954 A1 WO 2019204954A1
Authority
WO
WIPO (PCT)
Prior art keywords
information
terminal
verification
server
change
Prior art date
Application number
PCT/CN2018/084014
Other languages
English (en)
Chinese (zh)
Inventor
裘炅
裘晃
Original Assignee
杭州全视软件有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 杭州全视软件有限公司 filed Critical 杭州全视软件有限公司
Priority to PCT/CN2018/084014 priority Critical patent/WO2019204954A1/fr
Publication of WO2019204954A1 publication Critical patent/WO2019204954A1/fr

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/40Network security protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials

Definitions

  • the invention relates to a smart lock system.
  • the existing electronic code locks only use the generation of a password or a carrier (such as an electronic key such as an IC card).
  • the electronic key can also use a dynamic password.
  • the password in the non-volatile memory and the electronic key is dynamically updated by an algorithm or a random code during data exchange between the electronic key and the combination lock. It's not easy to copy or crack others.
  • encryption technology it has been widely used in hotels, office buildings and homes. However, the following problems exist:
  • the electronic lock basically adopts a chip with weak computing power such as single-chip microcomputer, and it is difficult to implement it by asymmetric encryption.
  • the process information auditing ability is not strong: it is impossible to verify the information of the relevant personnel who unlocked, and it is more difficult to use it as sufficient evidence to audit the process information. In addition, each time the opening and closing time needs to be registered.
  • a smart lock system including a smart lock terminal and a terminal processing system
  • the terminal processing system includes a first input module, a first login module, and a terminal server and a plurality of sub-servers, wherein the terminal server is configured to store identity information of a super user corresponding to each smart lock and super for all smart lock terminals.
  • the user manages; a sub-server corresponds to a smart lock terminal, which is used for information management of the user of the smart lock terminal (superuser information and authorized user information and update of the smart lock), unlock verification, and recording of unlocking events. .
  • the smart lock terminal includes a second input module, a second login module, and a lock core control module;
  • the second input module is configured to input a change request to change the authorized user; the change request includes the identification information and the change instruction, where the change instruction is to add an authorized user, delete the authorized user; and the change request is logged into the sub-server by the second login module.
  • the identification information is verified. If the verification condition is met, the verification is passed, and the authorized user is added or deleted according to the change instruction; and the child server generates a change log, including the time and the change request.
  • the verification condition is: including identification information of one or more super users;
  • the second input module is further configured to input the unlocking verification information, and include the identification information; the unlocking verification information is verified by the second login module to log in to the sub-server for unlocking, and if the verification condition is met, the verification is passed, and the sub-server sends a control information to control
  • the lock cylinder control module unlocks; at the same time, the sub-server generates an unlock log, including time and unlock verification information.
  • the verification condition is: including identification information of one or more unlocked users, and the unlocked user is an authorized user or a super user.
  • the first input module is configured to input a change request of the super user, including the identification information, the change instruction, and the change object (using the id of the smart lock terminal as an input), and the change request is performed by the first login module to log in to the terminal server to perform the identification information.
  • Verification if the verification condition is met, the verification is passed, and the super user information in the private chain corresponding to the designated smart lock terminal is changed according to the change instruction; and the terminal server generates the change log, including the time and the change request.
  • the verification condition is: including one or more identification information of the super user corresponding to the change object.
  • the terminal server further stores the identity information of the administrator.
  • the terminal server When the super user changes, if the change request originates from the administrator, the verification is passed, and according to the change instruction, the designated smart lock terminal corresponds to the super in the private chain. User information is changed; the terminal server generates a change log, including time and change requests.
  • the identification information is one or more of biometric information, an identity ID (eg, an ID number, etc.).
  • the information input of the first input module and the second input module is implemented by remote input, and the remote input mode is specifically: generating the summary (plain text) by using the SHA256 method, and using the key for the summary information. Encrypting generates a digest signature, and sends the input information + abstract (plaintext) + digest signature + public key to the first input module or the second input module together; the first input module or the second input module decrypts the digest signature with the public key to obtain the original Summary, compared with the abstract (plain text), consistently upload the input information to the terminal server or sub-server through the login module.
  • terminal server and the plurality of sub-servers are located in a blockchain system, and the terminal server is located on a public chain of the blockchain system, and the sub-servers are respectively located on a private chain of the blockchain system.
  • the public and private chains package the generated logs out of blocks.
  • the change instruction of the change authorized user further includes a clock instruction, where the clock instruction corresponds to a valid time for the newly authorized user.
  • the child server also stores a fund account of each authorized user, and the child server deducts the fee from the fund account according to the effective time of the user.
  • the sub-server queries the fund account balance, and when the balance is greater than the threshold, the unlocking verification step is entered.
  • the invention has the beneficial effects that the invention can realize the secondary encryption management combined with the intelligent terminal, realizes the transparent security management mechanism, can ensure the security of the lock under the autonomous management, and can realize the convenience of the lock security management: support for the transfer authorization , temporary users, paying users, and multi-coordination mechanisms to achieve multiple business models.
  • FIG. 1 is a schematic structural view of a smart lock system of the present invention.
  • the present invention relates to a smart lock system including a smart lock terminal and a terminal processing system;
  • the terminal processing system includes a first input module, a first login module, and a terminal server and a plurality of sub-servers, the terminal
  • the server is configured to store the identity information of the super user corresponding to each smart lock and manage the super users of all the smart lock terminals; one sub server corresponds to one smart lock terminal, and is used for information management of the user of the smart lock terminal ( Records the superuser information and authorized user information and updates of the smart lock), unlock verification, and unlocking events.
  • the smart lock terminal includes a second input module, a second login module, and a lock core control module.
  • a smart lock according to the present invention as a residence of a family of three, a family of three males as super users has advanced authority, and the hostess and the child are authorized users; the identity information of the male owner is stored in the terminal server.
  • a family of three identification information is stored in a sub-server; super users and authorized users are collectively referred to as legitimate users.
  • the manufacturer of the lock or the corresponding authority as an administrator is also stored in the terminal service.
  • the management of the smart lock system of the present invention includes the following aspects;
  • Unlocking verification a touch screen that can be set on the smart lock, or a face recognition device, a fingerprint recognition device, etc. (second input module) inputs the unlock verification information, including the identification information; the unlock verification information is passed through the second login module ( The wireless module built into the smart lock is used to log in to the sub-server for unlock verification. If the verification condition is met, the verification is passed, the sub-server sends a control message, and the lock core control module is controlled to unlock; and the sub-server generates an unlock log, including time and time. Unlock the verification information.
  • the verification condition is that the input verification information includes legal identification information, that is, the unlocking can be implemented only when the legal identification information is input.
  • the authentication information needs to include the identification information of multiple legitimate users before the unlocking can be implemented.
  • the above-mentioned unlocking verification information can be input through a touch screen disposed on the smart lock, or through a mobile phone wirelessly connected to the built-in processor of the smart lock.
  • This kind of remote input method can improve security by: inputting the information into the digest (clear text) by means of SHA256, and encrypting the digest information with the key to generate the digest signature, and input the information + abstract (clear text) + Abstract signature + public key is sent to the first input module or the second input module together; the first input module or the second input module decrypts the digest signature with the public key to obtain the original digest, compares with the abstract (plain text), and consistently logs in.
  • the module uploads the entered information to a terminal server or subserver.
  • the change request is input through the second input module, and the change request includes the identification information and the change instruction, where the change instruction is to add an authorized user, delete the authorized user; and the change request is submitted to the sub-server by the second login module to submit the change.
  • the requested user performs verification. If the user submitting the change request is a legitimate user, if the verification condition is met, the verification is passed, and the authorized user is added or deleted according to the change instruction; and the child server generates a change log, including the time and the change request. Changes to legitimate users in the child server can be achieved through simple form processing, which is common knowledge in the art.
  • a zero-time permission that is, add a user with a time command through the change request.
  • the user satisfies the legal user condition within a valid time frame and can be unlocked by entering an unlock request. Otherwise, it is an illegal user.
  • the smart lock according to the present invention can also be used to implement security protection and automatic charging, specifically: storing the legal user's fund account in the child server, and the child server is based on the effective time of the user. , deduct the fee from the fund account.
  • the sub-server usually needs to query the fund account balance, and when the balance is greater than the threshold, the unlock verification step is entered. The input of information such as the fund account can be completed at the time of user registration.
  • Super user changes super users as the main responsibility of smart locks, has an important position. Superuser changes can be changed from the application, or they can be changed by an administrator, such as the manufacturer of the lock or the appropriate authority.
  • the change verification occurs on the terminal server, and the change request is input through the first input module, and the terminal server verifies the change request. If the verification condition is met, the verification is passed, and the designated smart lock terminal corresponds to the private chain according to the change instruction.
  • the superuser information is changed; the terminal server generates a change log, including time and change requests.
  • the verification condition is: including one or more identification information of the super user corresponding to the change object, or the verification information of the administrator, and the verification information of the administrator may be pre-stored in the terminal server.
  • the information input of the first input module can also be realized by remote input.
  • the terminal server and the plurality of sub-servers are located in a blockchain system, and the terminal server is located on a public chain of the blockchain system, and the sub-servers are respectively located on a private chain of the blockchain system.
  • the public and private chains package the generated logs out of blocks.
  • the identification information of the present invention is one or more of biometric information (such as fingerprint, facial features, retina, etc.), identity ID (eg, ID number, etc.).
  • a terminal (software) having identification of biological information such as fingerprints or face recognition, a lock having a wireless connection function, a lock, a microprocessor, a memory, a wireless connection unit, and an unlocking device.
  • the biometric identification information can be stored in the lock, registered at the time of initialization, or newly registered by the super user registered at the time of initialization.
  • the manufacturer of the lock or the corresponding authoritative department has a special blockchain that can register the superuser's authority. When purchasing, it registers multiple superusers, and registers the registration information, biometric information and public key in the blockchain. Register as a super user when locking the network (such as via a mobile phone).
  • the blockchain can be checked for example, such as the number of super users who are currently locked, and related registration information.
  • the terminal will collect biometric information, generate a digest (plain text) by means of SHA256, etc., and encrypt the digest information with a key to generate a digest signature, and send the biometric information + abstract (plain text) + digest signature + public key to the lock, lock
  • the public key is used to decrypt the digest signature to obtain the original digest, which is consistent with the abstract (plain text), and then the biometric information is compared with the biometric information registered in the lock and unlocked, and the lock is unanimous.
  • the relevant unlock record is sent to the terminal.
  • the super user can authorize the biometric identification of the relevant authority, collect the newly registered biometric information, and then generate the digest 1 (plain text) by means of SHA256 according to the unlocking method, and simultaneously encrypt the digest 1 with the key to generate the digest signature 1; At the same time, the biometric information is used again, and the digest 2 (plain text) is generated by the digest method such as SHA256, and the digest 2 is encrypted by the key to generate the digest signature 2.
  • the two pieces of information are respectively sent to the lock, and after the lock is received and verified, the biometric identification information is confirmed to be an administrative user, and then the registration may be performed, otherwise the rejection may be made; when the transmission is set, the management user may be set, that is, the newly registered creature may be The identification information is marked as an administrative user.
  • the registration information is sent to the terminal.
  • the registered personnel can be obtained remotely, and the deletion can be performed by the person who has verified the relevant authority, and the administrator is not allowed to delete.
  • the deletion operation process is also registered.
  • the key with biometric identification such as fingerprint (with no chip inside)
  • the relevant fingerprint information is sent to the lock after short-distance wireless method, the lock is received, and the comparison is made inside, and the registration can be started after confirming registration.
  • the person who needs administrator rights can authorize to open, that is, the administrator + administrator agrees that the authorized person can open, and the authorized person can be allowed to register or not.
  • the authorized person opens the biometric information of the person, generates the digest 1 (plain text) by means of SHA256, etc., and encrypts the digest 1 with the key to generate the digest signature 1; at the same time, adds the biometric information of the authorizer, and summarizes with SHA256, etc.
  • the mode generates summary 2 (plaintext), and the digest 2 is encrypted with a key to generate a digest signature 2. Send the above information to the lock separately:
  • the lock verifies the biometric information of the authorized person, and if the verification passes, the lock is opened, and the biometric information of the authorized person and the authorized person is registered.
  • the lock After the lock verifies the biometric information of the authorized person, it also needs to verify the current time. If the time is not within the allowable range, the prompt cannot be opened.
  • the public security or manufacturer remote maintenance interface can also be set, and the trusted blockchain remote unlocking and remote maintenance can be realized through the interface.

Abstract

L'invention concerne un système de verrou intelligent, comprenant un terminal de verrou intelligent et un système de traitement de terminal. Le système de traitement de terminal comprend un module d'entrée, un serveur de terminal et une pluralité de sous-serveurs, le serveur de terminal étant utilisé pour stocker des informations d'identité de super-utilisateurs correspondant à chaque verrou intelligent et pour gérer les super-utilisateurs de tous les terminaux de verrou intelligent. Un sous-serveur correspond à un terminal intelligent et est utilisé pour gérer les informations de l'utilisateur de chaque terminal de verrou intelligent, déverrouiller la vérification et enregistrer des événements de déverrouillage.
PCT/CN2018/084014 2018-04-23 2018-04-23 Système de verrou intelligent WO2019204954A1 (fr)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/CN2018/084014 WO2019204954A1 (fr) 2018-04-23 2018-04-23 Système de verrou intelligent

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2018/084014 WO2019204954A1 (fr) 2018-04-23 2018-04-23 Système de verrou intelligent

Publications (1)

Publication Number Publication Date
WO2019204954A1 true WO2019204954A1 (fr) 2019-10-31

Family

ID=68294337

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2018/084014 WO2019204954A1 (fr) 2018-04-23 2018-04-23 Système de verrou intelligent

Country Status (1)

Country Link
WO (1) WO2019204954A1 (fr)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111431965A (zh) * 2020-02-21 2020-07-17 浙江吉利控股集团有限公司 一种车辆操作权限管理方法、终端及系统
CN112702413A (zh) * 2020-12-21 2021-04-23 梓昆(杭州)押运安保服务有限公司 智能押运款箱系统、控制方法、计算机设备、存储介质
CN112702412A (zh) * 2020-12-21 2021-04-23 梓昆(杭州)押运安保服务有限公司 批量多维度开关款箱控制系统、控制方法、设备及介质
CN112910886A (zh) * 2021-01-29 2021-06-04 中国电力科学研究院有限公司 一种对锁具的身份进行校验的方法及系统
CN113963464A (zh) * 2021-10-11 2022-01-21 安徽中科晶格技术有限公司 基于区块链的银行保管箱开锁系统及方法
CN114758433A (zh) * 2022-02-23 2022-07-15 珠海汇金科技股份有限公司 一种基于云端的动态密码生成方法、系统和智能锁

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0744843B1 (fr) * 1995-05-26 2005-05-04 SimonsVoss Technologies AG Système de communication de données
US20150199863A1 (en) * 2014-01-15 2015-07-16 HLT Domestic IP, LLC Systems and methods for use in acquiring credentials from a portable user device in unlocking door lock systems
CN105205898A (zh) * 2015-10-22 2015-12-30 深圳优方网络技术有限公司 一种智能锁的电子密码权限管理系统
CN105261096A (zh) * 2015-10-26 2016-01-20 东莞市点开网络科技有限公司 一种网络智能锁系统
CN205899637U (zh) * 2016-07-22 2017-01-18 深圳市凯迪仕智能科技有限公司 一种基于智能终端的无线锁具控制系统
CN107578519A (zh) * 2017-10-24 2018-01-12 北京樱桃智心科技有限公司 一种智能门禁系统及智能门禁开锁方法
CN108712389A (zh) * 2018-04-23 2018-10-26 杭州全视软件有限公司 一种智能锁系统

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0744843B1 (fr) * 1995-05-26 2005-05-04 SimonsVoss Technologies AG Système de communication de données
US20150199863A1 (en) * 2014-01-15 2015-07-16 HLT Domestic IP, LLC Systems and methods for use in acquiring credentials from a portable user device in unlocking door lock systems
CN105205898A (zh) * 2015-10-22 2015-12-30 深圳优方网络技术有限公司 一种智能锁的电子密码权限管理系统
CN105261096A (zh) * 2015-10-26 2016-01-20 东莞市点开网络科技有限公司 一种网络智能锁系统
CN205899637U (zh) * 2016-07-22 2017-01-18 深圳市凯迪仕智能科技有限公司 一种基于智能终端的无线锁具控制系统
CN107578519A (zh) * 2017-10-24 2018-01-12 北京樱桃智心科技有限公司 一种智能门禁系统及智能门禁开锁方法
CN108712389A (zh) * 2018-04-23 2018-10-26 杭州全视软件有限公司 一种智能锁系统

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111431965A (zh) * 2020-02-21 2020-07-17 浙江吉利控股集团有限公司 一种车辆操作权限管理方法、终端及系统
CN112702413A (zh) * 2020-12-21 2021-04-23 梓昆(杭州)押运安保服务有限公司 智能押运款箱系统、控制方法、计算机设备、存储介质
CN112702412A (zh) * 2020-12-21 2021-04-23 梓昆(杭州)押运安保服务有限公司 批量多维度开关款箱控制系统、控制方法、设备及介质
CN112702413B (zh) * 2020-12-21 2023-04-07 梓昆(杭州)押运安保服务有限公司 智能押运款箱系统、控制方法、计算机设备、存储介质
CN112702412B (zh) * 2020-12-21 2023-05-09 梓昆(杭州)押运安保服务有限公司 批量多维度开关款箱控制系统、控制方法、设备及介质
CN112910886A (zh) * 2021-01-29 2021-06-04 中国电力科学研究院有限公司 一种对锁具的身份进行校验的方法及系统
CN113963464A (zh) * 2021-10-11 2022-01-21 安徽中科晶格技术有限公司 基于区块链的银行保管箱开锁系统及方法
CN114758433A (zh) * 2022-02-23 2022-07-15 珠海汇金科技股份有限公司 一种基于云端的动态密码生成方法、系统和智能锁

Similar Documents

Publication Publication Date Title
WO2019204954A1 (fr) Système de verrou intelligent
CN108712389B (zh) 一种智能锁系统
US11947649B2 (en) Locking device biometric access
US8947200B2 (en) Method of distributing stand-alone locks
US7979716B2 (en) Method of generating access keys
CN103561034B (zh) 一种安全文件共享系统
CN101375259B (zh) 数据保全系统
CN109448197A (zh) 一种基于多重加密模式的云智能锁系统及密钥管理方法
US7716489B1 (en) Access control method for disconnected automation systems
US7694330B2 (en) Personal authentication device and system and method thereof
US8499147B2 (en) Account management system, root-account management apparatus, derived-account management apparatus, and program
CN105122265B (zh) 数据安全服务系统
US9300639B1 (en) Device coordination
JP5710439B2 (ja) テンプレート配信型キャンセラブル生体認証システムおよびその方法
US20110274273A1 (en) Generation of registration codes, keys and passcodes using non-determinism
CN111478918A (zh) 一种具有访问控制功能的装置
TWI569230B (zh) 配合行動裝置的管制系統
JP2011012511A (ja) 電気錠制御システム
US20230412400A1 (en) Method for suspending protection of an object achieved by a protection device
US10148433B1 (en) Private key/public key resource protection scheme
CN207123882U (zh) 一种多重智能防盗云服务门锁系统
CN112530053B (zh) 智能锁的控制方法、系统、锁设备、服务器及存储介质
CN108345801B (zh) 一种面向密文数据库的中间件动态用户认证方法及系统
CN110335373A (zh) 智能门锁及智能门禁系统
CN111292444A (zh) 经由区块链集成而作为可交易数字资产的房产

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 18915973

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 18915973

Country of ref document: EP

Kind code of ref document: A1

122 Ep: pct application non-entry in european phase

Ref document number: 18915973

Country of ref document: EP

Kind code of ref document: A1

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205A DATED 07.04.2021)