CN105991649B - A kind of scheduling system of reading identity card - Google Patents
A kind of scheduling system of reading identity card Download PDFInfo
- Publication number
- CN105991649B CN105991649B CN201610041590.1A CN201610041590A CN105991649B CN 105991649 B CN105991649 B CN 105991649B CN 201610041590 A CN201610041590 A CN 201610041590A CN 105991649 B CN105991649 B CN 105991649B
- Authority
- CN
- China
- Prior art keywords
- card
- identity card
- reading terminal
- reading
- identity
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0823—Network architectures or network communication protocols for network security for authentication of entities using certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/107—Network architectures or network communication protocols for network security for controlling access to devices or network resources wherein the security policies are location-dependent, e.g. entities privileges depend on current location or allowing specific operations only from locally connected terminals
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/108—Network architectures or network communication protocols for network security for controlling access to devices or network resources when the policy decisions are valid for a limited amount of time
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1458—Denial of Service
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1466—Active attacks involving interception, injection, modification, spoofing of data unit addresses, e.g. hijacking, packet injection or TCP sequence number attacks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3297—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving time stamps, e.g. generation of time stamps
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The invention discloses a kind of scheduling systems of reading identity card.The scheduling system of the reading identity card includes: authentication database, the ciphertext of the encryption key of the identity card card-reading terminal of the working condition and system for all certification safety control modules in storage system;Dispatch server is used for: being obtained the identification information of identity card card-reading terminal, whether is allowed identity card card-reading terminal reading identity card according to the identification information judgment of identity card card-reading terminal;In the case where allowing reading identity card, after receiving the card seeking request of identity card card-reading terminal transmission, the working condition of scheduling certification safety control module;According to the principle of task equilibrium, a certification safety control module is selected, the identification information of the certification safety control module of selection is sent to identity card card-reading terminal;Obtain the ciphertext of the encryption key of identity card card-reading terminal;Data information is sent to the certification safety control module of selection;The certification safety control module of selection, for obtaining the encryption key of identity card card-reading terminal.
Description
Technical field
The present invention relates to a kind of Internet technical field more particularly to a kind of scheduling systems of reading identity card.
Background technique
Existing front end identity card card-reading terminal has at least two modules, including read through model and residence card verifying
Safety control module.Since each front end identity card card-reading terminal is respectively provided with residence card verifying safety control module,
The manufacturing cost of existing front end identity card card-reading terminal is high;Also, residence card verifying safety control module can only be to one
The resident identification card information that a read through model is read carries out authentication, therefore, existing front end identity card card-reading terminal utilization rate
It is lower.
The solution provided in the related art is: by residence card verifying safety control module from front end identity card
It is removed in card-reading terminal, front end identity card card-reading terminal only makees the function of identity information reading, and authentication is by backstage resident's body
Part results card safety control module is completed, so as to reduce the cost of front end identity card card-reading terminal, also, multiple front end bodies
Part card card-reading terminal can be verified by the same backstage residence card verifying safety control module, to improve backstage
The utilization rate of residence card verifying safety control module.Using this scheme, due to the identity of front end identity card card-reading terminal
It is uncertain, unsafe factor may be brought to backstage residence card verifying safety control module, and then lead to resident's body
Part card is illegally used.
Summary of the invention
Present invention seek to address that one of above problem.
The main purpose of the present invention is to provide a kind of scheduling systems of reading identity card.
The scheduling system of reading identity card provided by the invention includes: authentication database, dispatch server and n certification
Safety control module, wherein n is the integer more than or equal to 1, in which: authentication database, for all certifications in storage system
The ciphertext of the encryption key of the working condition of safety control module and each identity card card-reading terminal in system, wherein each
The ciphertext of the encryption key of a identity card card-reading terminal is to be read respectively each identity card using the protection key of authentication database
What the encryption key of card terminal was encrypted;Dispatch server is used for: the identification information of identity card card-reading terminal is obtained,
Whether allow identity card card-reading terminal reading identity card according to the identification information judgment of identity card card-reading terminal;Allow body in judgement
In the case where part card card-reading terminal reading identity card, after receiving the card seeking request of identity card card-reading terminal transmission, from certification
Database obtains the working condition of the certification safety control module in the compass of competency of dispatch server;According to dispatch server
The working condition of each certification safety control module in compass of competency selects a certification safety control module, by selection
The identification information of certification safety control module is sent to identity card card-reading terminal;According to the identification information of identity card card-reading terminal,
The ciphertext of the encryption key of identity card card-reading terminal is obtained from authentication database, wherein ciphertext is to use authentication database
What the encryption key of protection key pair identity card card-reading terminal was encrypted;It is sent to the certification safety control module of selection
Data information, wherein data information includes: the ciphertext of the encryption key of identity card card-reading terminal;The certification security control of selection
Module, information for receiving data, using the protection key pair identity card card-reading terminal of authentication database encryption key it is close
Text is decrypted, and obtains the encryption key of identity card card-reading terminal.
Optionally, dispatch server obtains the identification information of identity card card-reading terminal: dispatch server in the following manner
The access request that identity card card-reading terminal is sent is received, the identification information of identity card card-reading terminal is obtained from access request;Or
Person, dispatch server receive the identity card request that identity card card-reading terminal is sent, obtain identity card card reading from identity card request
The identification information of terminal, wherein the identification information of card seeking request and identity card card-reading terminal is carried in identity card request.
Optionally, the identification information of identity card card-reading terminal includes: the digital certificate of identity card card-reading terminal;Dispatch service
Whether device is judged by the following manner allows identity card card-reading terminal reading identity card: judging the number card of identity card card-reading terminal
Whether book is abnormal, if it is, determination does not allow identity card card-reading terminal reading identity card, otherwise judges identity card card-reading terminal
Digital certificate whether blacklist or control list in, wherein the identity for allowing reading identity card is had recorded not in blacklist
The digital certificate of card-reading terminal is demonstrate,proved, manages and has recorded needs in list according to preset control strategy to the progress of its reading identity card
The digital certificate of the identity card card-reading terminal of control;Judging situation of the digital certificate of identity card card-reading terminal in blacklist
Under, do not allow identity card card-reading terminal reading identity card, refuses the request of identity card card-reading terminal;Judging that identity card card reading is whole
The digital certificate at end determines whether identity card card-reading terminal according to preset control strategy in the case where managing in list
Reading identity card.
Optionally, the identification information of identity card card-reading terminal includes: the sequence number and identity card of identity card card-reading terminal
The digital certificate of card-reading terminal;Whether dispatch server is judged by the following manner allows identity card card-reading terminal to read identity
Card: judge whether the digital certificate of identity card card-reading terminal is abnormal, if it is, determining does not allow identity card card-reading terminal to read
Identity card, otherwise, whether the sequence number of the digital certificate or identity card card-reading terminal that judge identity card card-reading terminal is in blacklist
Or in control list, wherein have recorded not the identification information for allowing the identity card card-reading terminal of reading identity card in blacklist, manage
It is had recorded in control list and needs to operate reading identity card the identity card card-reading terminal controlled according to preset control strategy
Identification information;The digital certificate or identity card card-reading terminal that judge identity card card-reading terminal sequence number in blacklist
In the case of, do not allow identity card card-reading terminal reading identity card, refuses the request of identity card card-reading terminal;Judging identity card reading
The digital certificate of card terminal or the sequence number of identity card card-reading terminal are in the case where managing in list, according to preset control plan
Slightly determine whether identity card card-reading terminal reading identity card.
Optionally, judge the identification information of identity card card-reading terminal in the case where managing in list, at least according to
One of under type determines whether identity card card-reading terminal reading identity card: according to preset control strategy, judging identity card
Whether card-reading terminal is currently in the position range allowed, if it is, allow identity card card-reading terminal reading identity card, it is no
Then, do not allow identity card card-reading terminal reading identity card, refuse the request of identity card card-reading terminal, wherein preset control plan
The position range of identity card card-reading terminal permission is had recorded in slightly;According to preset control strategy, judge current time whether
In the time range for allowing identity card card-reading terminal card reading, if it is, allow identity card card-reading terminal reading identity card, it is no
Then, do not allow identity card card-reading terminal reading identity card, refuse the request of identity card card-reading terminal, wherein preset control plan
It is had recorded in slightly in the time range for allowing identity card card-reading terminal card reading;According to preset control strategy, judge when default
Between in section, whether the history card reading number of identity card card-reading terminal is more than preset times threshold value, if it is, not allowing identity card
Card-reading terminal reading identity card refuses the request of identity card card-reading terminal, otherwise, identity card card-reading terminal is allowed to read identity
Card, wherein the duration and preset times threshold value of preset time period are had recorded in preset control strategy;According to preset control
Strategy, within a preset period of time, whether the distance between position of card reading is more than pre- to identity card card-reading terminal twice in succession for judgement
If distance, if it is, not allowing identity card card-reading terminal reading identity card, refuse the request of identity card card-reading terminal, otherwise,
Allow identity card card-reading terminal reading identity card, wherein it is preset control strategy in have recorded preset time period duration and
Pre-determined distance;According to preset control strategy, judge identity card card-reading terminal twice in succession card reading time interval whether be more than
Preset value refuses the request of identity card card-reading terminal if it is, not allowing identity card card-reading terminal reading identity card, otherwise,
Allow identity card card-reading terminal reading identity card, wherein it is preset control strategy in have recorded preset time period duration and
Pre-determined distance.
Optionally, the certification safety control module of selection is also used to receive encryption identity card identification information, to crypto identity
Card identification information is decrypted, and the identity card identification information that decryption obtains is returned to dispatch server;Dispatch server is also used
In identification information and preset strategy according at least to identity card identification information, identity card card-reading terminal, judge whether
Blacklist or control list is added in the identification information of identity card card-reading terminal.
Optionally, dispatch server be also used to judge identity card identification information whether in identity card blacklist, if so,
Instruction information then is sent to the certification safety control module of selection, the identity card that instruction identity card card-reading terminal is currently read is non-
Method.
Optionally, system further include: n certification safety control module, wherein a certification safety control module is corresponding
A verifying safety control module is connected, and the verifying safety control module of different certification security control connections is not identical;Choosing
The certification safety control module selected is also used to obtain card seeking request, wherein card seeking request is adding using identity card card-reading terminal
The ciphertext data that key is encrypted;Card seeking request is decrypted using the encryption key of identity card card-reading terminal,
The card seeking request that decryption obtains is sent to the verifying safety control module being correspondingly connected with;The verifying security control mould being correspondingly connected with
Block, for receive card seeking request confirm, will confirm that information is sent to the certification safety control module of selection;Selection
Certification safety control module is also used to obtain session key, is encrypted using session key to confirmation message, will be encrypted
Confirmation message is sent to identity card card-reading terminal.
Optionally, dispatch server is also used to after selecting a certification safety control module, is generated authentication code, will be reflected
Weighted code is sent respectively to identity card card-reading terminal and authentication database.
Optionally, which further includes authorization server, wherein dispatch server is also used to control safely in the certification of selection
When molding block powers on, data to be signed are sent to the certification safety control module of selection;The certification safety control module of selection is also
Signed data for using signature private key to sign data to be signed will include signed data, signature private key pair
The authentication data of the encrypted public key certificate of the certification safety control module of the public signature key certificate and selection answered returns to scheduling
Server;Dispatch server is also used to receive the authentication data that the certification safety control module of selection returns, and judges public signature key
Whether certificate and encrypted public key certificate handle abnormality;It is place judging public signature key certificate and encrypted public key certificate not
In the case where managing abnormality, data to be signed and authentication data are sent to authorization server;Authorization server, for leading to
Whether the authorization electronic signature equipment verification public signature key certificate and encrypted public key certificate for crossing connection distribute to same identity card
Card-reading terminal, if it is, whether verifying signed data is correct, if it is, the body of the certification safety control module of selection
Part certification passes through, and otherwise, the authentication of the certification security module of selection does not pass through;Authorization server is also used to recognizing in selection
It is close by protection of the authorization electronic signature equipment to authentication database in the case that the authentication of card safety control module passes through
Key is sent to dispatch server after being encrypted;And the unacceptable feelings of authentication of the certification safety control module in selection
It is sent a warning message under condition;Dispatch server is also used to for the protection key of the authentication database of encryption being sent to the certification of selection
Safety control module;The certification safety control module of selection is also used to solve the protection key of the authentication database of encryption
It is close, obtain the protection key of authentication database.
Optionally, the protection key storage for the authentication database that the certification safety control module of selection is also used to obtain exists
In RAM, and forbid for the protection key of authentication database being stored in flash.
Optionally, dispatch server is also used to after selecting a certificate server, updates authentication database storage
The working condition of the certification safety control module of selection.
Optionally, dispatch server is also used to the working condition according to certification safety control modules all in current system,
Order opens or closes partial authentication safety control module.
Optionally, dispatch server is also used to monitor the working condition of each certification security control in real time, is supervising
When having controlled certification safety control module appearance exception, then warning message is exported.
As seen from the above technical solution provided by the invention, the scheduling system of reading identity card provided by the invention
In, dispatch server for the selection of identity card card-reading terminal authenticate safety control module before, first to identity card card-reading terminal into
Row judgement determines whether identity card card-reading terminal reading identity card, only permission identity card card-reading terminal reading identity card
In the case where, a certification safety control module just is selected for identity card card-reading terminal, to avoid illegal identity card card reading whole
Certification safety control module is attacked at end, guarantees the safety of resident identification card.Also, in the present invention, dispatch server
The encryption key that identity card card-reading terminal is obtained from authentication database, the ciphertext of the encryption key of identity card card-reading terminal is sent out
The certification safety control module of selection is given, so that the certification safety control module of selection can energy identity card card-reading terminal
The encryption data of transmission is decrypted, and improves the safety of identity card data transmission procedure.
Detailed description of the invention
In order to illustrate the technical solution of the embodiments of the present invention more clearly, required use in being described below to embodiment
Attached drawing be briefly described, it should be apparent that, drawings in the following description are only some embodiments of the invention, for this
For the those of ordinary skill in field, without creative efforts, it can also be obtained according to these attached drawings other
Attached drawing.
Fig. 1 is the configuration diagram of the scheduling system for the reading identity card that the embodiment of the present invention 1 provides;
Fig. 2 is the configuration diagram of the scheduling system for the optional reading identity card that the embodiment of the present invention 1 provides;
Fig. 3 is the flow chart of the dispatching method for the reading identity card that the embodiment of the present invention 2 provides;
Fig. 4 is the structural schematic diagram for being applied to the dispatch server that identity card is read that the embodiment of the present invention 3 provides;
Fig. 5 is the flow chart for the key acquisition method that the embodiment of the present invention 4 provides;
Fig. 6 is the flow chart for the key acquisition method that the embodiment of the present invention 5 provides.
Specific embodiment
With reference to the attached drawing in the embodiment of the present invention, technical solution in the embodiment of the present invention carries out clear, complete
Ground description, it is clear that described embodiments are only a part of the embodiments of the present invention, instead of all the embodiments.Based on this
The embodiment of invention, every other implementation obtained by those of ordinary skill in the art without making creative efforts
Example, belongs to protection scope of the present invention.
In the description of the present invention, it should be noted that unless otherwise clearly defined and limited, term " installation ", " phase
Even ", " connection " shall be understood in a broad sense, for example, it may be being fixedly connected, may be a detachable connection, or be integrally connected;It can
To be mechanical connection, it is also possible to be electrically connected;It can be directly connected, can also can be indirectly connected through an intermediary
Connection inside two elements.For the ordinary skill in the art, above-mentioned term can be understood at this with concrete condition
Concrete meaning in invention.
The embodiment of the present invention is described in further detail below in conjunction with attached drawing.
Embodiment 1
Present embodiments provide a kind of scheduling system of reading identity card.
Fig. 1 is the configuration diagram of the scheduling system of reading identity card provided in this embodiment, as shown in Figure 1, the system
Specifically include that authentication database 101, dispatch server 102 and n certification safety control module (103-1,103-2 ...,
103-n), n is the integer more than or equal to 1.
In the present embodiment, authentication database 101, for all certification safety control module (103- in storage system
1,103-2 ..., 103-n) working condition and system in each identity card card-reading terminal encryption key ciphertext,
Wherein, the ciphertext of the encryption key of each identity card card-reading terminal is the protection key using authentication database 101 respectively to each
What the encryption key of a identity card card-reading terminal was encrypted.In an optional embodiment of the embodiment of the present invention,
A working condition table can be safeguarded in authentication database 101, which at least has recorded each certification security control
Module (103-1,103-2 ..., 103-n) is presently at idle state or busy condition.Dispatch server 102 can be with
Judge that some certification safety control module is currently idle or busy according to the working condition table.Further, if some
Authenticating the current state of safety control module is busy condition, then the certification can also be further safeguarded in authentication database 101
The number of the currently processed identity card card-reading terminal of safety control module, to facilitate dispatch server 101 according to load balancing
Principle is allocated.
Dispatch server 102, for obtaining the identification information of identity card card-reading terminal, according to the mark of identity card card-reading terminal
Know information and determines whether identity card card-reading terminal reading identity card;Allow identity card card-reading terminal reading identity card in judgement
In the case where, after receiving the card seeking request of identity card card-reading terminal transmission, dispatch server is obtained from authentication database 101
The working condition of each certification safety control module (103-1,103-2 ..., 103-n) in 102 compass of competency;According to
The work of each certification safety control module (103-1,103-2 ..., 103-n) in the compass of competency of dispatch server 102
State selects a certification safety control module (in the present embodiment, for convenience of description, it is assumed that dispatch server 102 selected
Authenticating safety control module is certification safety control module 103-1), by the mark of the certification safety control module 103-1 of selection
Information (for example, sequence number of certification safety control module 103-1) is sent to identity card card-reading terminal;It is whole according to identity card card reading
The identification information at end obtains the ciphertext of the encryption key of identity card card-reading terminal from authentication database 101, wherein encryption is close
The ciphertext of key is to be encrypted to obtain using the encryption key of the protection key pair identity card card-reading terminal of authentication database 101
's;Data information is sent to the certification safety control module 103-1 of selection, wherein data information includes: identity card card-reading terminal
Encryption key ciphertext.
In the present embodiment, the encryption key of identity card card-reading terminal, which can be, applies for identity card card-reading terminal in user
When, when encryption key is written into identity card card-reading terminal, by encryption key storage into authentication database 101, in order to protect
The storage safety of encryption key is demonstrate,proved, authentication database 101 can further encrypt encryption key, for example, can use
The protection key pair encryption key of authentication database 101 is encrypted, and authentication database 101 stores encrypted encryption key.
In a particular application, the encryption key of identity card card-reading terminal can be stored in authentication database 101 by the way of key assignments, i.e.,
Use the identification information of identity card card-reading terminal as keyword, the encryption key ciphertext of identity card card-reading terminal is the data
Value, certainly, however it is not limited to which this, in practical applications, authentication database 101 can also store identity card in other manners
The encryption key of card-reading terminal.
In an optional embodiment of the embodiment of the present invention, the encryption key of identity card card-reading terminal can be symmetrical
Key may be unsymmetrical key, if encryption key is unsymmetrical key, being stored in authentication database 101 to be
The public key of identity card card-reading terminal.
The certification safety control module 103-1 of selection, information, uses the protection of authentication database 101 for receiving data
The ciphertext of the encryption key of key pair identity card card-reading terminal is decrypted, and obtains the encryption key of identity card card-reading terminal.?
In the present embodiment, certification safety control module is the external interface for verifying safety control module, and verifying safety control module is responsible for
The ciphertext stored in decryption identity card, and authenticate safety control module and be responsible for encryption and decryption and certification work, to ensure to be sent to
Verify the safety of the data of safety control module.In the present embodiment, verifying safety control module can use existing resident
ID card verification safety control module (i.e. the residence card verifying safety control module of Ministry of Public Security's certification) is realized.Certification safety
After control module 103-1 obtains the encryption key of identity card card-reading terminal, encryption key can be used to identity card card-reading terminal
The data encrypted are decrypted, and therefore, in the present embodiment, identity card card-reading terminal sends number to network side in first time
According to when, it can encrypted using encryption key to sent data, certification safety control module 103-1 use the identity
The encryption key of card card-reading terminal is decrypted, and so as to obtain the data of identity card card-reading terminal transmission, guarantees that data pass
Defeated safety.
The scheduling system of the reading identity card provided through this embodiment seeks identity card in identity card card-reading terminal, to
When network side sends card seeking request, dispatch server 102 is after receiving card seeking request, it is first determined whether allowing the identity
Demonstrate,proving card-reading terminal reading identity card is just the identity only in the case where allowing the identity card card-reading terminal reading identity card
Card-reading terminal distribution certification safety control module is demonstrate,proved, so as to avoid illegal identity card card-reading terminal to certification safety control module
Attack, improve identity card reading safety.
In an optional embodiment of the embodiment of the present invention, dispatch server 102 at least can be in the following manner
One of obtain identity card card-reading terminal identification information:
(1) dispatch server 102 receives the access request that identity card card-reading terminal is sent, and identity is obtained from access request
Demonstrate,prove the identification information of card-reading terminal.That is identity card card-reading terminal sends access request when accessing network, to network side, and request connects
Enter, dispatch server 102 obtains identity card card reading end according to the identification information of the identity card card-reading terminal carried in access request
The identification information at end after the judgement of dispatch server 102 allows the identity card card-reading terminal reading identity card, is permitted in this approach
Perhaps the identity card card-reading terminal accesses, and after the access of identity card card-reading terminal, can protect long connection, after seeking identity card,
Card seeking request is sent to dispatch server 102;In an optional embodiment of the present embodiment, in order to guarantee data transmission peace
Entirely, dispatch server 102 can establish exit passageway with identity card card-reading terminal after allowing identity card card-reading terminal to access,
For example, negotiating transmission key with identity card card-reading terminal, identity card card-reading terminal can pass through the peace after seeking identity card
Full tunnel sends card seeking request to dispatch server 102, i.e., is encrypted using transmission key to card seeking request, dispatch server
It after 102 receive encryption card seeking request, is decrypted using transmission key, obtains card seeking request, be identity card card-reading terminal
Distribution certification safety control module.By this way, can identity card card-reading terminal access when to identity card card-reading terminal into
Row verifying, for comparatively safe identity card card-reading terminal (for example, identity card card-reading terminal that bank is arranged in), can use
This mode, it is possible to reduce to the verifying number of identity card card-reading terminal, improve efficiency.
(2) dispatch server 102 receives the identity card request that identity card card-reading terminal is sent, and obtains from identity card request
The identification information of identity card card-reading terminal, wherein card seeking request and identity card card-reading terminal are carried in identity card request
Identification information.I.e. in this approach, identity card of the every reading of identity card card-reading terminal, dispatch server 102 are verified once, body
Part card card-reading terminal sends card seeking request after seeking identity card, to network side, and dispatch server 102 receives the card seeking and asks
After asking, the identification information of identity card card-reading terminal is obtained.It by this way, can be in the every reading one of identity card card-reading terminal
Identity card card-reading terminal is verified when identity card, for relatively less safe identity card card-reading terminal (for example, setting exists
The identity card card-reading terminal of personal trade company), it can in this way, to guarantee safety.
In an optional embodiment of the embodiment of the present invention, the identification information of identity card card-reading terminal may include:
The digital certificate of identity card card-reading terminal;Whether then dispatch server 102 is judged by the following manner allows identity card card reading whole
End reading identity card: judge whether the digital certificate of identity card card-reading terminal is abnormal, if it is, determination does not allow identity card to read
Card terminal reading identity card, otherwise judge identity card card-reading terminal digital certificate whether blacklist or control list in,
In, the digital certificate for allowing the identity card card-reading terminal of reading identity card is had recorded not in blacklist, is managed and is had recorded in list
The digital certificate for the identity card card-reading terminal for needing to control its reading identity card according to preset control strategy;Judging
In the case that the digital certificate of identity card card-reading terminal is in blacklist, does not allow identity card card-reading terminal reading identity card, refuse
The request of exhausted identity card card-reading terminal;In the digital certificate for judging identity card card-reading terminal in the case where managing in list, press
Identity card card-reading terminal reading identity card is determined whether according to preset control strategy.
Alternatively, the identification information of identity card card-reading terminal can in another optional embodiment of the embodiment of the present invention
To include: the sequence number of identity card card-reading terminal and the digital certificate of identity card card-reading terminal;Dispatch server 102 can lead to
Cross following manner and determine whether identity card card-reading terminal reading identity card: judging the digital certificate of identity card card-reading terminal is
No exception, if it is, determination does not allow identity card card-reading terminal reading identity card, otherwise, judge identity card card-reading terminal
Whether digital certificate or the sequence number of identity card card-reading terminal are in blacklist or control list, wherein have recorded in blacklist
Do not allow the identification information of the identity card card-reading terminal of reading identity card, manages and have recorded needs in list according to preset control
The identification information for the identity card card-reading terminal that strategy controls reading identity card operation;Judging identity card card-reading terminal
In the case that digital certificate or the sequence number of identity card card-reading terminal are in blacklist, identity card card-reading terminal is not allowed to read body
Part card, refuses the request of identity card card-reading terminal;In the digital certificate or identity card card-reading terminal for judging identity card card-reading terminal
Sequence number manage list in the case where, according to preset control strategy determine whether identity card card-reading terminal reading
Identity card.
In above two optional embodiment, dispatch server 102 is in the digital certificate for judging identity card card-reading terminal
Whether it is abnormal when, the digital certificate for being used for sign test and described can inquire on digital certificate status online query server
The survival condition of digital certificate for encryption, the survival condition include: normal existence state and improper survival condition, institute
Improper survival condition is stated including at least following one: Certificate Revocation, certificate expired, certificate freeze to be put into black name with certificate
It is single.
In above two optional embodiment, blacklist and control list can be according to preset rules according to each
The card reading behavior of a identity card card-reading terminal is configured.
By above two optional embodiment, whether identity card card reading can be allowed by blacklist and control name single pair
Terminal reading identity card is judged, attack of the card-reading terminal to network side can be demonstrate,proved to avoid illegal identity, identity card is improved and reads
The safety taken.
In an optional embodiment of the embodiment of the present invention, there is illegal identity card card-reading terminal in blacklist
Identification information, for example, the identity card card-reading terminal that is reported the loss identification information, continuous there is abnormal identity card card-reading terminal
Identification information, the identity card card readings occurred more than the sequence number of the identity card card-reading terminal of service life or in short-term in multiple areas
The identification information etc. of terminal, the processing requested it can bring greater risk, if dispatch server 102 judges that identity card card reading is whole
The identification information at end is included in blacklist, illustrates that the identification information of the identity card card-reading terminal is that illegal identity demonstrate,proves card-reading terminal
Identification information, dispatch server 102 not in processing, termination process.Optionally, dispatch server 102 can return
For prompt information to prompt user, which has been added into blacklist, carries out subsequent operation and problem convenient for user
It solves.
In an optional embodiment of the embodiment of the present invention, manages and can recorde specific control strategy in list,
Judging the identification information of identity card card-reading terminal in the case where managing in list, one of includes, but are not limited to, the following ways and to sentence
It is disconnected whether to allow identity card card-reading terminal reading identity card:
(1) according to preset control strategy, judge whether identity card card-reading terminal is currently in the position range allowed,
If it is, identity card card-reading terminal reading identity card is allowed otherwise not allow identity card card-reading terminal reading identity card, refuse
The request of exhausted identity card card-reading terminal, wherein the position model of identity card card-reading terminal permission is had recorded in preset control strategy
It encloses;I.e. for certain identity card card-reading terminals, these identity card card-reading terminals is only allowed to read identity in certain position ranges
Card, and exceed these ranges, then do not allow its reading identity card.For example, in a particular application, bank client application can be set
Identity card card-reading terminal can only carry out identity card reading in bank outlets, not allow then identity card card reading whole beyond bank outlets
Hold reading identity card.In this case, in this way, identity card card-reading terminal can be positioned, to determine body
The current position of part card card-reading terminal.It in this way, can be to avoid being specific to the identity card card-reading terminal quilt that somewhere uses
It usurps.
(2) according to preset control strategy, judge current time whether in the time for allowing identity card card-reading terminal card reading
In range, if it is, allowing identity card card-reading terminal reading identity card, otherwise, identity card card-reading terminal is not allowed to read body
Part card, refuses the request of identity card card-reading terminal, wherein having recorded in preset control strategy allows the reading of identity card card-reading terminal
The time range of card.I.e. for certain identity card card-reading terminals, only allow these identity card card-reading terminals within certain periods
Reading identity card does not allow for identity card card-reading terminal reading identity card beyond these periods.For example, the railway system only exists
7:00-22:00 ticketing, therefore, the identity card card-reading terminal that the railway system is arranged in only allow to read body within these periods
Part card, is illegally used to avoid these identity card card-reading terminals.
(3) according to preset control strategy, within a preset period of time, the history card reading of identity card card-reading terminal is secondary for judgement
Whether number is more than preset times threshold value, if it is, not allowing identity card card-reading terminal reading identity card, refuses identity card card reading
Otherwise the request of terminal allows identity card card-reading terminal reading identity card, wherein have recorded in preset control strategy default
The duration and preset times threshold value of period.That is the card reading number of limitation identity card card-reading terminal within a preset period of time, keeps away
Exempting from same identity card card-reading terminal, frequent card reading causes certification safety control module over-burden in a short time, and causes to recognize
The problem of card safety control module can not work normally.
(4) according to preset control strategy, judgement within a preset period of time, identity card card-reading terminal card reading twice in succession
The distance between position whether be more than pre-determined distance, if it is, not allowing identity card card-reading terminal reading identity card, refuse
Otherwise the request of identity card card-reading terminal allows identity card card-reading terminal reading identity card, wherein in preset control strategy
Have recorded the duration and pre-determined distance of preset time period;I.e. for certain identity card card-reading terminals, do not allow its span from making
With not allowing the identity card card-reading terminal at two apart from farther away for example, being distributed to the identity card card-reading terminal of some trade company
Place uses, stolen to avoid the identity card card-reading terminal of user.
(5) according to preset control strategy, judge whether the time interval of identity card card-reading terminal card reading twice in succession surpasses
Preset value is crossed, if it is, not allowing identity card card-reading terminal reading identity card, refuses the request of identity card card-reading terminal, it is no
Then, allow identity card card-reading terminal reading identity card, wherein had recorded during preset control is tactful the duration of preset time period with
And pre-determined distance.The card reading frequency for controlling identity card card-reading terminal, avoids the same frequent card reading of identity card card-reading terminal to recognizing
Demonstrate,prove the attack of safety control module bring.
It should be noted that, although above-mentioned five kinds of modes are separately discussed, but carry out those skilled in the art, for same
Identity card card-reading terminal, it is clear that two or more control strategy can be set simultaneously, for example, reading for same identity card
Card terminal only allows identity card card-reading terminal reading identity card in certain a period of time in certain position ranges, then only has
When meeting position and the requirement of time at the same time, just allow identity card card-reading terminal reading identity card.
In an optional embodiment of the embodiment of the present invention, as shown in Fig. 2, the system can also include n verifying
Safety control module (105-1,105-2 ..., 105-n), wherein a certification safety control module is correspondingly connected with one and tests
Safety control module is demonstrate,proved, and the verifying safety control module of different certification security control connections is not identical.In the optional implementation
In mode, dispatch server 102 is by the identification information of the certification safety control module 103-1 selected (for example, can be selection
Authenticate safety control module 103-1 the network port) return to identity card card-reading terminal after, dispatch server 102 can will connect
The card seeking request received is sent to the certification safety control module 103-1 of selection, in this case, each certification security control
Module (103-1,103-2 ..., 103-n) can be connected directly between on each port of dispatch server 102;Alternatively, can also
To be that the identification information of the certification safety control module 103-1 of selection is returned to identity card card-reading terminal by dispatch server 102
Afterwards, identity card card-reading terminal is controlled according to the identification information of the certification safety control module 103-1 of selection to the certification safety of selection
The transmission card seeking of molding block 103-1 is requested, and in this case, certification safety control module is the mould with network communication function
Block can be communicated directly with identity card card-reading terminal.In the optional embodiment, the certification safety control module of selection
103-1 is also used to obtain card seeking request, and card seeking request can be identity card card-reading terminal using the encryption key of itself to seeking
The ciphertext data that card request data is encrypted, the certification safety control module 103-1 of selection are asked receiving the card seeking
After asking, card seeking request is decrypted in the encryption key that the identity card card-reading terminal got can be used, and decryption is obtained
Card seeking request is sent to the verifying safety control module 105-1 being correspondingly connected with the certification safety control module 103-1 of selection.It is right
The verifying safety control module 105-1 that should be connected, for receive card seeking request confirm, will confirm that information is sent to choosing
The certification safety control module 103-1 selected;The certification safety control module 103-1 of selection is also used to obtain session key, uses
Session key encrypts confirmation message, and encrypted confirmation message is sent to identity card card-reading terminal.It needs to illustrate
It is, in the optional embodiment, in order to guarantee that data transmission security identity card card-reading terminal carries out encryption hair to card seeking request
It sending, the certification safety control module 103-1 of selection also carries out encryption transmission to confirmation message, but if transmission environment is safe,
Can be without encryption, it is specific that this embodiment is not limited.
In above-mentioned optional embodiment, session key can be the certification safety control module 103-1 and identity of selection
Card card-reading terminal is held consultation, and the random number that the certification safety control module 103-1 of selection is directly generated is also possible to,
If it is the random number that the certification safety control module 103-1 of selection is generated, then the certification safety control module 103-1 selected can
To use the encryption key of identity card card-reading terminal to encrypt random number, the public key of identity card card-reading terminal also can be used
Random number is encrypted, the confirmation message of the random number of encryption and encryption is sent jointly into identity card card-reading terminal, thus
It can guarantee the transmission safety of session key.
In an optional embodiment of the embodiment of the present invention, according to normal identity card card reading process, identity card is read
Card terminal executes card selection process, after choosing identity card, identity card card reading after the confirmation message for receiving card seeking request
Terminal sends the card selection request of encryption, the certification safety control module of selection to the certification safety control module 103-1 of selection
103-1 is sent to corresponding verifying safety control module 105-1 after the card selection request of encryption is decrypted, and verifies security control
Module 105-1 to card selection request respond, send response message to selection certification safety control module 103-1, selection
Certification safety control module 103-1 carries out encryption to response message and is sent to identity card card-reading terminal, and identity card card-reading terminal exists
After receiving response message, the identification information of the identity card of selection is sent to the certification safety control module 103-1 of selection.?
In the optional embodiment, the certification safety control module 103-1 of selection is also used to receive encryption identity card identification information, to adding
Close identity card identification information is decrypted, and the identity card identification information that decryption obtains is returned to dispatch server 102;Scheduling clothes
Business device 102 is also used to according at least to identity card identification information, the identification information of identity card card-reading terminal and preset plan
Slightly, judge whether that blacklist or control list for the identification information of identity card card-reading terminal is added, for example, judging that the identity card is read
Whether the card reading frequency of card terminal is more than that predetermined value, identity card card-reading terminal continually read different identity card etc., so that it is determined that
Whether blacklist is added in the identification information of identity card card-reading terminal or manages list.By dispatching in the optional embodiment
Server 102 can be managed identity card card-reading terminal according to preset strategy, so as to dynamically update black name
Single and control list is further ensured that certification safety control module will not be by rogue attacks.
In an optional embodiment of the embodiment of the present invention, dispatch server 102 is also used to judge that identity card identifies
Whether information is in identity card blacklist, if it is, instruction information is sent to the certification safety control module 103-1 of selection,
The identity card for indicating that identity card card-reading terminal is currently read is illegal, and the certification safety control module 103-1 of selection receives instruction
After information, can stop handling current identity card and read process, it is also an option that certification safety control module 103-1 may be used also
To send prompt information to identity card card-reading terminal, the identity card for prompting user current is illegal.Wherein, it is deposited in identity card blacklist
Have the identification information of illegal identity card, for example, the identity card being reported the loss identification information, continuous there is abnormal identity card
Identification information, identification information of expired identity card etc..Optionally, the identification information of identity card can be the sequence of identity card
Number, i.e. the birth certificate of identity card.It by the optional embodiment, can identify that illegal identity is demonstrate,proved, avoid reading illegal identity
Card.
In an optional embodiment of the embodiment of the present invention, dispatch server 102 is also used in one certification of selection
After safety control module 103-1, authentication code is generated, authentication code is sent respectively to identity card card-reading terminal and authentication database
101 (for example, it is whole to send jointly to identity card card reading with the identification information of the certification safety control module 103-1 of selection
End), authentication code is stored in authentication database 101, and authentication code has a validity period, when reaching validity period, authentication data
Delete the authentication code in library 101.After identity card card-reading terminal receives authentication code, carried in the subsequent request for being sent to network side
The authentication code.For example, if identity card card-reading terminal is in the identification information for authenticating safety control module 103-1 for receiving selection
Later, it needs to send card seeking request to the certification safety control module 103-1 of selection, then can carry the mirror in card seeking request
Weighted code is that authentication code can be encrypted to the certification safety control module for being sent to selection together if card seeking request is encryption
Whether 103-1 can inquire in authentication database and wrap after the certification safety control module 103-1 of selection receives the authentication code
Containing the authentication code, illustrate that authentication code is no longer valid if do not included if it is, continuing subsequent processing, refusal identity card is read
The request of card terminal.By the optional embodiment, dispatch server 102 can control body by the effective time of authentication code
The access time of part card card-reading terminal avoids after selecting certification safety control module for identity card card-reading terminal, and identity card is read
Card terminal do not initiate card reading request for a long time and cause to authenticate safety control module it is idle for a long time cannot be assigned to it is other
The problem of identity card card-reading terminal.
It, can also be to certification safety in order to guarantee data security in an optional embodiment of the embodiment of the present invention
Control module is authenticated.In the optional embodiment, as shown in Fig. 2, the system further includes can be with authorization server 104.
In above-mentioned optional embodiment, dispatch server 102 is also used to the certification safety control module 103-1 in selection
When powering on, data to be signed are sent to the certification safety control module 103-1 of selection;The certification safety control module 103- of selection
1 is also used for the signed data that signature private key signs to data to be signed, will include signed data, signature private key
The authentication data of the encrypted public key certificate of corresponding public signature key certificate and the certification safety control module 103-1 of selection is returned
Back to dispatch server 102;What the certification safety control module 103-1 that dispatch server 102 is also used to receive selection was returned recognizes
Data are demonstrate,proved, judge whether public signature key certificate and encrypted public key certificate handle abnormality;Judge public signature key certificate with
And in the case that encrypted public key certificate is not processing abnormality, data to be signed and authentication data are sent to authorization service
Device 104;Authorization server 104, for the authorization electronic signature equipment verification public signature key certificate and encryption public affairs by connection
Whether key certificate distributes to same identity card card-reading terminal, if it is, whether verifying signed data is correct, if it is,
The authentication of the certification safety control module 103-1 of selection passes through, and otherwise, the authentication of the certification security module of selection is not
Pass through;Authorization server 104 is also used in the case where the authentication of the certification safety control module 103-1 of selection passes through,
Dispatch server 102 is sent to after encrypting by protection key of the authorization electronic signature equipment to authentication database 101;With
And it is sent a warning message in the unacceptable situation of authentication of the certification safety control module 103-1 of selection;Dispatch service
Device 102 is also used to for the protection key of the authentication database 101 of encryption being sent to the certification safety control module 103-1 of selection;
The certification safety control module 103-1 of selection is also used to that the protection key of the authentication database 101 of encryption is decrypted, and obtains
The protection key of authentication database 101.
In the above-described embodiment, dispatch server 102 passes through the certification security control mould of 104 pairs of authorization server selections
Block 103-1 is authenticated, but not limited to this, if the certification safety control module 103-1 of selection has communication function, authorization clothes
Business device 104 can directly authenticate the certification safety control module 103-1 of selection.Authenticate the certification tool of safety control module
Body may refer to the description of embodiment 4 and embodiment 5.
In an optional embodiment of the embodiment of the present invention, the certification safety control module 103-1 of selection is also used to
By the protection key storage of obtained authentication database 101 in RAM, and forbid protecting the protection key of authentication database 101
There are in flash.By the optional embodiment, the certification safety control module 103-1 of selection is after lower electricity, authentication database
101 protection key is automatically deleted, and ensure that the safety of the protection key of authentication database 101.
In an optional embodiment of the embodiment of the present invention, dispatch server 102 is also used in one certification of selection
After server, the working condition of the certification safety control module 103-1 for the selection that authentication database 101 stores is updated, thus
Subsequent dispatch server 102 is selected according to the working condition of update.
In an optional embodiment of the embodiment of the present invention, dispatch server 102 is also used to according in current system
The working condition of all certification safety control modules, order open or close partial authentication safety control module.It is optional by this
Embodiment, dispatch server 102 can be opened or be closed according to the working condition of the certification safety control module in current system
Partial authentication safety control module is closed, reaches resource and makes full use of and energy-efficient purpose.
In an optional embodiment of the embodiment of the present invention, dispatch server 102 is also used to each certification safety
The working condition of control is monitored in real time, when having monitored certification safety control module appearance exception, then exports alarm signal
Breath, so as to notify system maintenance personnel to handle in time when authenticating safety control module and occurring abnormal.
Embodiment 2
Present embodiments provide a kind of dispatching method of reading identity card.
Fig. 3 is the flow chart of the dispatching method of reading identity card provided in this embodiment, as shown in figure 3, this method is main
The following steps are included:
Step S301, dispatch server obtains the identification information of identity card card-reading terminal, according to identity card card-reading terminal
Whether identification information judgment allows identity card card-reading terminal reading identity card;
Step S302 is read in the case where judgement allows identity card card-reading terminal reading identity card receiving identity card
After the card seeking request that card terminal is sent, the certification security control mould out of authentication database obtains dispatch server compass of competency
The working condition of block;
Step S303, according to the principle of task equilibrium, according to the certification safety in the compass of competency of dispatch server
The working condition table of control module selects a certification safety control module, by the mark of the certification safety control module of selection
Information is sent to identity card card-reading terminal;
It is whole to obtain identity card card reading according to the identification information of identity card card-reading terminal from authentication database by step S304
The ciphertext of the encryption key at end, wherein ciphertext is the encryption using the protection key pair identity card card-reading terminal of authentication database
What key was encrypted;
Step S305 sends data information to the certification safety control module of selection, wherein data information includes: identity
Demonstrate,prove the ciphertext of the encryption key of card-reading terminal.
In the present embodiment, the working condition of all certification safety control modules in authentication database in storage system,
And the ciphertext of the encryption key of each identity card card-reading terminal in system, wherein the encryption of each identity card card-reading terminal
The ciphertext of key is to be added respectively to the encryption key of each identity card card-reading terminal using the protection key of authentication database
It is close to obtain.In an optional embodiment of the embodiment of the present invention, a working condition can be safeguarded in authentication database
Table, the working condition table at least have recorded each certification safety control module and are presently at idle state or busy condition.
Dispatch server can judge that some certification safety control module is currently idle or busy according to the working condition table.Into one
It step ground can also be further in authentication database if it is busy condition that some, which authenticates the current state of safety control module,
The number of the currently processed identity card card-reading terminal of the certification safety control module is safeguarded, to facilitate dispatch server according to load
Balanced principle is allocated.
In the present embodiment, the encryption key of identity card card-reading terminal, which can be, applies for identity card card-reading terminal in user
When, when encryption key is written into identity card card-reading terminal, by encryption key storage into authentication database, in order to guarantee to add
The storage safety of key, authentication database can further encrypt encryption key, for example, authentication data can be used
The protection key pair encryption key in library is encrypted, and authentication database stores encrypted encryption key.In a particular application, recognize
The encryption key that identity card card-reading terminal can be stored in card database by the way of key assignments, that is, use identity card card-reading terminal
Identification information as keyword, the encryption key ciphertext of identity card card-reading terminal is the value of the data, certainly, however it is not limited to
This, in practical applications, authentication database can also store the encryption key of identity card card-reading terminal in other manners.
In an optional embodiment of the embodiment of the present invention, the encryption key of identity card card-reading terminal can be symmetrical
Key may be unsymmetrical key, if encryption key is unsymmetrical key, being stored in authentication database can be body
The public key of part card card-reading terminal.
In the present embodiment, the encryption key of identity card card-reading terminal is sent to choosing in step S305 by dispatch server
The certification safety control module selected can be with after selection certification safety control module obtains the encryption key of identity card card-reading terminal
Identity card card-reading terminal is decrypted using the data that encryption key is encrypted, therefore, in the present embodiment, identity card is read
Card terminal is when sending data to network side first time, it can is encrypted, is recognized to sent data using encryption key
Card safety control module is decrypted using the encryption key of the identity card card-reading terminal, whole so as to obtain identity card card reading
The data sent are held, guarantee the safety of data transmission.
The dispatching method provided through this embodiment seeks identity card in identity card card-reading terminal, seeks to network side transmission
When card request, dispatch server is after receiving card seeking request, it is first determined whether the identity card card-reading terminal is allowed to read
Identity card is just identity card card-reading terminal distribution only in the case where allowing the identity card card-reading terminal reading identity card
Safety control module is authenticated, the attack so as to avoid illegal identity card card-reading terminal to certification safety control module improves
The safety that identity card is read.
In an optional embodiment of the embodiment of the present invention, dispatch server obtains the mark of identity card card-reading terminal
Information includes following one:
(1) dispatch server receives the access request that identity card card-reading terminal is sent, and identity card is obtained from access request
The identification information of card-reading terminal.That is identity card card-reading terminal sends access request when accessing network, to network side, and request connects
Enter, dispatch server obtains identity card card-reading terminal according to the identification information of the identity card card-reading terminal carried in access request
Identification information after dispatch server judgement allows the identity card card-reading terminal reading identity card, allows the identity in this approach
Demonstrate,proving card-reading terminal access can protect long connection after the access of identity card card-reading terminal, after seeking identity card, take to scheduling
Device transmission card seeking of being engaged in is requested;In an optional embodiment of the present embodiment, in order to guarantee data transmission security, dispatch service
Device can establish exit passageway with identity card card-reading terminal after allowing identity card card-reading terminal to access, for example, reading with identity card
Card terminal negotiates transmission key, and identity card card-reading terminal can be taken by the exit passageway to scheduling after seeking identity card
Device transmission card seeking of being engaged in is requested, i.e., is encrypted using transmission key to card seeking request, dispatch server receives the encryption card seeking
It after request, is decrypted using transmission key, obtains card seeking request, for identity card card-reading terminal distribution certification security control mould
Block.By this way, identity card card-reading terminal can be verified when identity card card-reading terminal accesses, for comparatively safe
Identity card card-reading terminal (for example, identity card card-reading terminal that bank is set), can be in this way, it is possible to reduce right
The verifying number of identity card card-reading terminal, improves efficiency.
(2) dispatch server receives the identity card request that identity card card-reading terminal is sent, and obtains body from identity card request
The identification information of part card card-reading terminal, wherein the mark of card seeking request and identity card card-reading terminal is carried in identity card request
Know information.I.e. in this approach, identity card of the every reading of identity card card-reading terminal, dispatch server verifying is primary, identity card
Card-reading terminal sends card seeking request after seeking identity card, to network side, after dispatch server receives card seeking request,
Obtain the identification information of identity card card-reading terminal.It by this way, can be in identity card card-reading terminal one identity card of every reading
When identity card card-reading terminal is verified, for relatively less safe identity card card-reading terminal (for example, being arranged in personal quotient
The identity card card-reading terminal at family), it can in this way, to guarantee safety.
In an optional embodiment of the embodiment of the present invention, the identification information of identity card card-reading terminal may include:
The digital certificate of identity card card-reading terminal;Then dispatch server determines whether that identity card card-reading terminal reading identity card can be with
It include: to judge whether the digital certificate of identity card card-reading terminal is abnormal, if it is, determining does not allow identity card card-reading terminal to read
Identity card is taken, otherwise judges the digital certificate of identity card card-reading terminal whether in blacklist or control list, wherein blacklist
In have recorded the digital certificate for not allowing the identity card card-reading terminal of reading identity card, manage and have recorded needs in list according to pre-
If the control strategy digital certificate of identity card card-reading terminal that its reading identity card is controlled;Judging identity card card reading
In the case that the digital certificate of terminal is in blacklist, identity card card-reading terminal reading identity card is not allowed, refusal identity card is read
The request of card terminal;In the case where judging that the digital certificate of identity card card-reading terminal is in control list, according to preset pipe
Control strategy determines whether identity card card-reading terminal reading identity card.
Alternatively, the identification information of identity card card-reading terminal can in another optional embodiment of the embodiment of the present invention
To include: the sequence number of identity card card-reading terminal and the digital certificate of identity card card-reading terminal;Dispatch server can pass through
Following manner determines whether identity card card-reading terminal reading identity card: judge identity card card-reading terminal digital certificate whether
It is abnormal, if it is, determination does not allow identity card card-reading terminal reading identity card, otherwise, judge the number of identity card card-reading terminal
Whether word certificate or the sequence number of identity card card-reading terminal are in blacklist or control list, wherein have recorded not in blacklist
Allow the identification information of the identity card card-reading terminal of reading identity card, manages and have recorded needs in list according to preset control plan
The identification information for the identity card card-reading terminal that slightly reading identity card operation is controlled;In the number for judging identity card card-reading terminal
In the case that word certificate or the sequence number of identity card card-reading terminal are in blacklist, identity card card-reading terminal is not allowed to read identity
Card refuses the request of identity card card-reading terminal;In the digital certificate or identity card card-reading terminal for judging identity card card-reading terminal
Sequence number determines whether that identity card card-reading terminal reads body in the case where managing in list, according to preset control strategy
Part card.
In above two optional embodiment, dispatch server the digital certificate for judging identity card card-reading terminal whether
When abnormal, the digital certificate for sign test can be inquired on digital certificate status online query server and described is used for
The survival condition of the digital certificate of encryption, the survival condition include: normal existence state and improper survival condition, described non-
Normal existence state includes at least following one: Certificate Revocation, certificate expired, certificate freeze to be put on the blacklist with certificate.
In above two optional embodiment, blacklist and control list can be according to preset rules according to each
The card reading behavior of a identity card card-reading terminal is configured.
By above two optional embodiment, whether identity card card reading can be allowed by blacklist and control name single pair
Terminal reading identity card is judged, attack of the card-reading terminal to network side can be demonstrate,proved to avoid illegal identity, identity card is improved and reads
The safety taken.
In an optional embodiment of the embodiment of the present invention, there is illegal identity card card-reading terminal in blacklist
Identification information, for example, the identity card card-reading terminal that is reported the loss identification information, continuous there is abnormal identity card card-reading terminal
Identification information, the identity card card readings occurred more than the sequence number of the identity card card-reading terminal of service life or in short-term in multiple areas
The identification information etc. of terminal, the processing requested it can bring greater risk, if dispatch server judges identity card card-reading terminal
Identification information be included in blacklist, illustrate that the identification information of the identity card card-reading terminal is that illegal identity demonstrate,proves card-reading terminal
Identification information, dispatch server is not in processing, termination process.Optionally, dispatch server can return to prompt information
To prompt user, which has been added into blacklist, carries out subsequent operation and Resolving probiems convenient for user.
In an optional embodiment of the embodiment of the present invention, manages and can recorde specific control strategy in list,
Judging the identification information of identity card card-reading terminal in the case where managing in list, one of includes, but are not limited to, the following ways and to sentence
It is disconnected whether to allow identity card card-reading terminal reading identity card:
(1) according to preset control strategy, judge whether identity card card-reading terminal is currently in the position range allowed,
If it is, identity card card-reading terminal reading identity card is allowed otherwise not allow identity card card-reading terminal reading identity card, refuse
The request of exhausted identity card card-reading terminal, wherein the position model of identity card card-reading terminal permission is had recorded in preset control strategy
It encloses;I.e. for certain identity card card-reading terminals, these identity card card-reading terminals is only allowed to read identity in certain position ranges
Card, and exceed these ranges, then do not allow its reading identity card.For example, in a particular application, bank client application can be set
Identity card card-reading terminal can only carry out identity card reading in bank outlets, not allow then identity card card reading whole beyond bank outlets
Hold reading identity card.In this case, in this way, identity card card-reading terminal can be positioned, to determine body
The current position of part card card-reading terminal.It in this way, can be to avoid being specific to the identity card card-reading terminal quilt that somewhere uses
It usurps.
(2) according to preset control strategy, judge current time whether in the time for allowing identity card card-reading terminal card reading
In range, if it is, allowing identity card card-reading terminal reading identity card, otherwise, identity card card-reading terminal is not allowed to read body
Part card, refuses the request of identity card card-reading terminal, wherein having recorded in preset control strategy allows the reading of identity card card-reading terminal
The time range of card.I.e. for certain identity card card-reading terminals, only allow these identity card card-reading terminals within certain periods
Reading identity card does not allow for identity card card-reading terminal reading identity card beyond these periods.For example, the railway system only exists
7:00-22:00 ticketing, therefore, the identity card card-reading terminal that the railway system is arranged in only allow to read body within these periods
Part card, is illegally used to avoid these identity card card-reading terminals.
(3) according to preset control strategy, within a preset period of time, the history card reading of identity card card-reading terminal is secondary for judgement
Whether number is more than preset times threshold value, if it is, not allowing identity card card-reading terminal reading identity card, refuses identity card card reading
Otherwise the request of terminal allows identity card card-reading terminal reading identity card, wherein have recorded in preset control strategy default
The duration and preset times threshold value of period.That is the card reading number of limitation identity card card-reading terminal within a preset period of time, keeps away
Exempting from same identity card card-reading terminal, frequent card reading causes certification safety control module over-burden in a short time, and causes to recognize
The problem of card safety control module can not work normally.
(4) according to preset control strategy, judgement within a preset period of time, identity card card-reading terminal card reading twice in succession
The distance between position whether be more than pre-determined distance, if it is, not allowing identity card card-reading terminal reading identity card, refuse
Otherwise the request of identity card card-reading terminal allows identity card card-reading terminal reading identity card, wherein in preset control strategy
Have recorded the duration and pre-determined distance of preset time period;I.e. for certain identity card card-reading terminals, do not allow its span from making
With not allowing the identity card card-reading terminal at two apart from farther away for example, being distributed to the identity card card-reading terminal of some trade company
Place uses, stolen to avoid the identity card card-reading terminal of user.
(5) according to preset control strategy, judge whether the time interval of identity card card-reading terminal card reading twice in succession surpasses
Preset value is crossed, if it is, not allowing identity card card-reading terminal reading identity card, refuses the request of identity card card-reading terminal, it is no
Then, allow identity card card-reading terminal reading identity card, wherein had recorded during preset control is tactful the duration of preset time period with
And pre-determined distance.The card reading frequency for controlling identity card card-reading terminal, avoids the same frequent card reading of identity card card-reading terminal to recognizing
Demonstrate,prove the attack of safety control module bring.
It should be noted that, although above-mentioned five kinds of modes are separately discussed, but carry out those skilled in the art, for same
Identity card card-reading terminal, it is clear that two or more control strategy can be set simultaneously, for example, reading for same identity card
Card terminal only allows identity card card-reading terminal reading identity card in certain a period of time in certain position ranges, then only has
When meeting position and the requirement of time at the same time, just allow identity card card-reading terminal reading identity card.
In an optional embodiment of the embodiment of the present invention, dispatch server is by the certification safety control module of selection
Identification information (for example, can for selection certification safety control module the network port) return to identity card card-reading terminal
Afterwards, the card seeking received can be requested the certification safety control module for being sent to selection by dispatch server.In this case,
Each certification safety control module can be connected directly between on each port of dispatch server;Alternatively, being also possible to scheduling clothes
After the identification information of the certification safety control module of selection is returned to identity card card-reading terminal by business device, identity card card-reading terminal root
According to the identification information of the certification safety control module of selection, requested to the transmission card seeking of the certification safety control module of selection,
In this case, certification safety control module be the module with network communication function, can directly with identity card card-reading terminal
It is communicated.In the optional embodiment, the available card seeking request of the certification safety control module of selection, card seeking request
It can be the ciphertext data that identity card card-reading terminal encrypts card seeking request data using the encryption key of itself, choosing
The encryption of the identity card card-reading terminal got can be used after receiving card seeking request in the certification safety control module selected
The request of key pair card seeking is decrypted, and the card seeking request that decryption obtains is sent to corresponding with the certification safety control module of selection
The verifying safety control module of connection.The verifying safety control module being correspondingly connected with confirms to card seeking request is received, and incites somebody to action
Confirmation message is sent to the certification safety control module of selection;The certification safety control module of selection obtains session key, uses
Session key encrypts confirmation message, and encrypted confirmation message is sent to identity card card-reading terminal.It needs to illustrate
It is, in the optional embodiment, in order to guarantee that data transmission security identity card card-reading terminal carries out encryption hair to card seeking request
It send, the certification safety control module of selection also carries out encryption transmission to confirmation message, can also not but if transmission environment is safe
It is encrypted, specific this embodiment is not limited.
In above-mentioned optional embodiment, session key can be the certification safety control module and identity card card reading of selection
What terminal was held consultation, it is also possible to the random number that the certification safety control module of selection directly generates, if it is selection
The random number that generates of certification safety control module, then identity card card-reading terminal can be used in the certification safety control module selected
Encryption key random number is encrypted, the confirmation message of the random number of encryption and encryption is sent jointly into identity card card reading
Terminal thereby may be ensured that the transmission safety of session key.
In an optional embodiment of the embodiment of the present invention, according to normal identity card card reading process, identity card is read
Card terminal executes card selection process, after choosing identity card, identity card card reading after the confirmation message for receiving card seeking request
Terminal sends the card selection request of encryption to the certification safety control module of selection, and the certification safety control module of selection is to encryption
Card selection request is sent to corresponding verifying safety control module after being decrypted, verifying safety control module requests to carry out to card selection
Response, sends response message to the certification safety control module of selection, the certification safety control module of selection to response message into
Row encryption is sent to identity card card-reading terminal, and identity card card-reading terminal is after receiving response message, by the identity card of selection
Identification information is sent to the certification safety control module of selection.In the optional embodiment, the certification security control mould of selection
Block receives encryption identity card identification information, and encryption identity card identification information is decrypted, and the identity card that decryption is obtained identifies
Information returns to dispatch server.Therefore, this method can also include: the certification security control mould that dispatch server receives selection
The identity card identification information that block returns, according at least to identity card identification information, the identification information of identity card card-reading terminal and pre-
The strategy first set judges whether that blacklist or control list for the identification information of identity card card-reading terminal is added, for example, judgement
Whether the card reading frequency of the identity card card-reading terminal is more than that predetermined value, identity card card-reading terminal continually read different identity card
Deng determining whether that blacklist or control list for the identification information of identity card card-reading terminal is added.Pass through the optional implementation
In mode, dispatch server can be managed identity card card-reading terminal according to preset strategy, so as to dynamic
Blacklist and control list are updated, is further ensured that certification safety control module will not be by rogue attacks.
In an optional embodiment of the embodiment of the present invention, after receiving identity card identification information, this method
It can also include: that dispatch server judges identity card identification information whether in identity card blacklist, if it is, to selection
It authenticates safety control module and sends instruction information, the identity card that instruction identity card card-reading terminal is currently read is illegal, and selection is recognized
After card safety control module receives instruction information, it can stop handling current identity card reading process, it is also an option that
Prompt information can also be sent to identity card card-reading terminal by authenticating safety control module, and the identity card for prompting user current is illegal.
Wherein, there is the identification information of illegal identity card in identity card blacklist, such as identification information, the company of the identity card being reported the loss
It is continuous abnormal identification information, the identification information of expired identity card of identity card etc. occur.Optionally, the identification information of identity card
It can be the sequence number of identity card, the i.e. birth certificate of identity card.By the optional embodiment, illegal identity can be identified
Card avoids reading illegal identity card.
In an optional embodiment of the embodiment of the present invention, dispatch server is selecting a certification security control mould
After block, this method can also include: generation authentication code, and authentication code is sent respectively to identity card card-reading terminal and authentication data
Library (for example, identity card card-reading terminal can be sent jointly to the identification information of the certification safety control module of selection).Authentication
Code is stored in authentication database, and authentication code has a validity period, and when reaching validity period, authentication database deletes the authentication
Code.After identity card card-reading terminal receives authentication code, the authentication code is carried in the subsequent request for being sent to network side.For example,
If identity card card-reading terminal needs recognizing to selection after receiving the identification information of certification safety control module of selection
It demonstrate,proves safety control module and sends card seeking request, then can carry the authentication code in card seeking request, if card seeking request is encryption
, it is that authentication code can be encrypted to the certification safety control module for being sent to selection, the certification safety control module of selection together
After receiving the authentication code, it can inquire whether comprising the authentication code in authentication database, if it is, continue subsequent processing,
If do not included, illustrate that authentication code is no longer valid, refuses the request of identity card card-reading terminal.By the optional embodiment,
Dispatch server can control the access time of identity card card-reading terminal by the effective time of authentication code, avoid as identity card
After card-reading terminal selection certification safety control module, identity card card-reading terminal does not initiate card reading request for a long time and causes to authenticate
The problem of safety control module long-time free time cannot be assigned to other identity card card-reading terminals again.
It, can also be to certification safety in order to guarantee data security in an optional embodiment of the embodiment of the present invention
Control module is authenticated.Therefore, this method further include: when the certification safety control module of selection powers on, dispatch server
Data to be signed are sent to the certification safety control module of selection;The certification safety control module that dispatch server receives selection returns
The authentication data returned, wherein authentication data includes: treating number of signature using the signature private key of the certification safety control module of selection
According to signed signed data, selection certification safety control module the corresponding public signature key certificate of signature private key,
And the encrypted public key certificate of the certification safety control module of selection;Dispatch server judges that public signature key certificate and encryption are public
Whether key certificate handles abnormality;It is the feelings for handling abnormality judging public signature key certificate and encrypted public key certificate not
Under condition, whether signature verification public key certificate and encrypted public key certificate distribute to same identity card card-reading terminal, if it is,
Verify whether signed data is correct, if it is, the authentication of the certification safety control module of selection passes through, to authentication data
The protection key in library is sent to the certification safety control module of selection after being encrypted;If signed data is incorrect, selection
The authentication of certification security module does not pass through, and sends a warning message.
In a particular application, dispatch server can be completed to recognize certification safety control module in conjunction with authorization server
Card.Therefore, in another optional implementation method, this method can also include: certification security control of the dispatch server in selection
When module powers on, data to be signed are sent to the certification safety control module of selection;The certification safety control module of selection uses
The signed data that signature private key signs to data to be signed will include signed data, the corresponding signature of signature private key
The authentication data of the encrypted public key certificate of public key certificate and the certification safety control module of selection returns to dispatch server;
Dispatch server receives the authentication data that the certification safety control module of selection returns, and judges that public signature key certificate and encryption are public
Whether key certificate handles abnormality;It is the feelings for handling abnormality judging public signature key certificate and encrypted public key certificate not
Under condition, data to be signed and authentication data are sent to authorization server;The authorization electronics label that authorization server passes through connection
Whether name equipment verification public signature key certificate and encrypted public key certificate distribute to same identity card card-reading terminal, if so,
Then verify whether signed data is correct, if it is, the authentication of the certification safety control module of selection passes through, otherwise, choosing
The authentication for the certification security module selected does not pass through;Authentication of the authorization server in the certification safety control module of selection
In the case where, scheduling clothes are sent to after encrypting by protection key of the authorization electronic signature equipment to authentication database
Business device;And it is sent a warning message in the unacceptable situation of authentication of the certification safety control module of selection;Scheduling clothes
The protection key of the authentication database of encryption is sent to the certification safety control module of selection by business device;The certification of selection is controlled safely
The protection key of the authentication database of encryption is decrypted in molding block, obtains the protection key of authentication database.
In the above-described embodiment, dispatch server is carried out by certification safety control module of the authorization server to selection
Certification, but not limited to this, if the certification safety control module of selection has communication function, authorization server can be directly to choosing
The certification safety control module selected is authenticated.The certification of certification safety control module specifically may refer to embodiment 4 and implement
The description of example 5.
In an optional embodiment of the embodiment of the present invention, this method further include: dispatch server is in selection one
After certificate server, the working condition of the certification safety control module of the selection of authentication database storage is updated, so that
Subsequent dispatch server can be selected according to the working condition of update.
Embodiment 3
A kind of dispatch server read applied to identity card is present embodiments provided, which can be used for making
For dispatch server 102 in embodiment 1, can be used for realizing method described in embodiment 2.
Fig. 4 is the structural schematic diagram of the dispatch server provided in this embodiment read applied to identity card, such as Fig. 4 institute
Show, which specifically includes that the first acquisition module 401, for obtaining the identification information of identity card card-reading terminal;First
Whether judgment module 402 allows identity card card-reading terminal to read body for the identification information judgment according to identity card card-reading terminal
Part card;Second obtains module 403, for receiving in the case where judgement allows identity card card-reading terminal reading identity card
After the card seeking request that identity card card-reading terminal is sent, from the certification peace in the compass of competency that authentication database obtains dispatch server
The working condition of full control module;Scheduler module 404, for the principle according to task equilibrium, according to dispatch server
The working condition table of certification safety control module in compass of competency, selects a certification safety control module, by recognizing for selection
The identification information of card safety control module is sent to identity card card-reading terminal;Third obtains module 405, for being read according to identity card
The identification information of card terminal obtains the ciphertext of the encryption key of identity card card-reading terminal, wherein ciphertext is from authentication database
It is encrypted using the encryption key of the protection key pair identity card card-reading terminal of authentication database;First sending module
406, for sending data information to the certification safety control module of selection, wherein data information includes: identity card card-reading terminal
Encryption key ciphertext.
The dispatching method provided through this embodiment seeks identity card in identity card card-reading terminal, seeks to network side transmission
When card request, dispatch server is after receiving card seeking request, it is first determined whether the identity card card-reading terminal is allowed to read
Identity card is just identity card card-reading terminal distribution only in the case where allowing the identity card card-reading terminal reading identity card
Safety control module is authenticated, the attack so as to avoid illegal identity card card-reading terminal to certification safety control module improves
The safety that identity card is read.
Optionally, the first acquisition module 401 can obtain the identification information of identity card card-reading terminal in the following manner:
(1), the access request that identity card card-reading terminal is sent is received, identity card card-reading terminal is obtained from access request
Identification information;Alternatively, i.e. identity card card-reading terminal sends access request, request access, scheduling when accessing network, to network side
Server is believed according to the mark that the identification information of the identity card card-reading terminal carried in access request obtains identity card card-reading terminal
Breath after dispatch server judgement allows the identity card card-reading terminal reading identity card, allows the identity card card reading in this approach
Terminal access can protect long connection after the access of identity card card-reading terminal, after seeking identity card, send out to dispatch server
Card seeking is sent to request;In an optional embodiment of the present embodiment, in order to guarantee that data transmission security, dispatch server are being permitted
Perhaps after the access of identity card card-reading terminal, exit passageway can be established with identity card card-reading terminal, for example, with identity card card-reading terminal
Negotiate transmission key, identity card card-reading terminal can be sent out by the exit passageway to dispatch server after seeking identity card
It send card seeking to request, i.e., card seeking request is encrypted using transmission key, after dispatch server receives encryption card seeking request,
It is decrypted using transmission key, obtains card seeking request, for identity card card-reading terminal distribution certification safety control module.By this
Mode can verify identity card card-reading terminal when identity card card-reading terminal accesses, for comparatively safe identity card
Card-reading terminal (for example, identity card card-reading terminal that bank is arranged in), can be in this way, it is possible to reduce reads identity card
The verifying number of card terminal, improves efficiency.
(2), the identity card request that identity card card-reading terminal is sent is received, it is whole to obtain identity card card reading from identity card request
The identification information at end, wherein the identification information of card seeking request and identity card card-reading terminal is carried in identity card request.Exist
In which, an identity card card-reading terminal identity card of every reading, dispatch server verifying is primary, and identity card card-reading terminal is being sought
To after identity card, card seeking request is sent to network side, after dispatch server receives card seeking request, identity card is obtained and reads
The identification information of card terminal.By this way, identity card can be read in identity card card-reading terminal one identity card of every reading
Card terminal is verified, for relatively less safe identity card card-reading terminal (for example, the identity card that personal trade company is arranged in is read
Card terminal), it can in this way, to guarantee safety.
Optionally, the identification information of identity card card-reading terminal includes: the digital certificate of identity card card-reading terminal;First judgement
Whether module 402 is judged by the following manner allows identity card card-reading terminal reading identity card: judging identity card card-reading terminal
Whether digital certificate is abnormal, if it is, determination does not allow identity card card-reading terminal reading identity card otherwise to judge identity card
Whether the digital certificate of card-reading terminal is in blacklist or control list, wherein having recorded in blacklist not allows to read identity
The digital certificate of the identity card card-reading terminal of card is managed and has recorded needs in list according to preset control strategy to reading identity
The digital certificate for the identity card card-reading terminal that card operation is controlled;In the digital certificate for judging identity card card-reading terminal in black name
In the case where in list, do not allow identity card card-reading terminal reading identity card, refuses the request of identity card card-reading terminal;Judging body
The digital certificate of part card card-reading terminal determines whether identity according to preset control strategy in the case where managing in list
Demonstrate,prove card-reading terminal reading identity card.
Optionally, the identification information of identity card card-reading terminal includes: that the sequence number of identity card card-reading terminal and identity card are read
The digital certificate of card terminal;Whether first judgment module 402 is judged by the following manner allows identity card card-reading terminal to read body
Part card: judge whether the digital certificate of identity card card-reading terminal is abnormal, if it is, determining does not allow identity card card-reading terminal to read
Identity card is taken, otherwise, whether the sequence number of the digital certificate or identity card card-reading terminal that judge identity card card-reading terminal is in black name
In single or control list, wherein the identification information for allowing the identity card card-reading terminal of reading identity card is had recorded not in blacklist,
It is whole to have recorded the identity card card reading for needing reading identity card operation to be controlled according to preset control strategy in control list
The identification information at end;The digital certificate or identity card card-reading terminal that judge identity card card-reading terminal sequence number in blacklist
In the case where, do not allow identity card card-reading terminal reading identity card, refuses the request of identity card card-reading terminal;Judging identity card
The digital certificate of card-reading terminal or the sequence number of identity card card-reading terminal are in the case where managing in list, according to preset control
Strategy determines whether identity card card-reading terminal reading identity card.
In above two optional embodiment, dispatch server the digital certificate for judging identity card card-reading terminal whether
When abnormal, the digital certificate for sign test can be inquired on digital certificate status online query server and described is used for
The survival condition of the digital certificate of encryption, the survival condition include: normal existence state and improper survival condition, described non-
Normal existence state includes at least following one: Certificate Revocation, certificate expired, certificate freeze to be put on the blacklist with certificate.
In above two optional embodiment, blacklist and control list can be according to preset rules according to each
The card reading behavior of a identity card card-reading terminal is configured.
By above two optional embodiment, whether identity card card reading can be allowed by blacklist and control name single pair
Terminal reading identity card is judged, attack of the card-reading terminal to network side can be demonstrate,proved to avoid illegal identity, identity card is improved and reads
The safety taken.
In an optional embodiment of the embodiment of the present invention, there is illegal identity card card-reading terminal in blacklist
Identification information, for example, the identity card card-reading terminal that is reported the loss identification information, continuous there is abnormal identity card card-reading terminal
Identification information, the identity card card readings occurred more than the sequence number of the identity card card-reading terminal of service life or in short-term in multiple areas
The identification information etc. of terminal, the processing requested it can bring greater risk, if dispatch server judges identity card card-reading terminal
Identification information be included in blacklist, illustrate that the identification information of the identity card card-reading terminal is that illegal identity demonstrate,proves card-reading terminal
Identification information, dispatch server is not in processing, termination process.Optionally, dispatch server can return to prompt information
To prompt user, which has been added into blacklist, carries out subsequent operation and Resolving probiems convenient for user.
Optionally, first judgment module 402 is according to preset control strategy by judging at least through one of following manner
Whether identity card card-reading terminal reading identity card is allowed:
(1) according to preset control strategy, judge identity card card-reading terminal currently whether in the on-position model allowed
It encloses, if it is, identity card card-reading terminal reading identity card is allowed otherwise not allow identity card card-reading terminal reading identity card,
Refuse the request of identity card card-reading terminal, wherein the access of identity card card-reading terminal permission is had recorded in preset control strategy
Position range;I.e. for certain identity card card-reading terminals, these identity card card-reading terminals is only allowed to read in certain position ranges
Identity card is taken, and exceeds these ranges, then does not allow its reading identity card.For example, in a particular application, bank visitor can be set
The identity card card-reading terminal of family application can only carry out identity card reading in bank outlets, not allow identity card then beyond bank outlets
Card-reading terminal reading identity card.In this case, in this way, identity card card-reading terminal can be positioned, with
Determine the current position of identity card card-reading terminal.It in this way, can be to avoid being specific to the identity card card reading that somewhere uses
Terminal is stolen.
(2) according to preset control strategy, judge current time whether in the time for allowing identity card card-reading terminal to access
In range, if it is, allowing identity card card-reading terminal reading identity card, otherwise, identity card card-reading terminal is not allowed to read body
Part card, refuses the request of identity card card-reading terminal, wherein having recorded in preset control strategy allows identity card card-reading terminal to connect
The time range entered;I.e. for certain identity card card-reading terminals, only allow these identity card card-reading terminals within certain periods
Reading identity card does not allow for identity card card-reading terminal reading identity card beyond these periods.For example, the railway system only exists
7:00-22:00 ticketing, therefore, the identity card card-reading terminal that the railway system is arranged in only allow to read body within these periods
Part card, is illegally used to avoid these identity card card-reading terminals.
(3) according to preset control strategy, within a preset period of time, the history access of identity card card-reading terminal is secondary for judgement
Whether number is more than preset times threshold value, if it is, not allowing identity card card-reading terminal reading identity card, refuses identity card card reading
Otherwise the request of terminal allows identity card card-reading terminal reading identity card, wherein have recorded in preset control strategy default
The duration and preset times threshold value of period;That is the card reading number of limitation identity card card-reading terminal within a preset period of time, keeps away
Exempting from same identity card card-reading terminal, frequent card reading causes certification safety control module over-burden in a short time, and causes to recognize
The problem of card safety control module can not work normally.
(4) according to preset control strategy, within a preset period of time, identity card card-reading terminal accesses twice in succession for judgement
The distance between on-position whether be more than pre-determined distance, if it is, do not allow identity card card-reading terminal reading identity card,
Refuse the request of identity card card-reading terminal, otherwise, allows identity card card-reading terminal reading identity card, wherein preset control plan
The duration and pre-determined distance of preset time period are had recorded in slightly;I.e. for certain identity card card-reading terminals, its span is not allowed
From using, for example, be distributed to the identity card card-reading terminal of some trade company, do not allow the identity card card-reading terminal two distances compared with
Remote place uses, stolen to avoid the identity card card-reading terminal of user.
(5) according to preset control strategy, judge whether the time interval that identity card card-reading terminal accesses twice in succession surpasses
Preset value is crossed, if it is, not allowing identity card card-reading terminal reading identity card, refuses the request of identity card card-reading terminal, it is no
Then, allow identity card card-reading terminal reading identity card, wherein had recorded during preset control is tactful the duration of preset time period with
And pre-determined distance.The card reading frequency for controlling identity card card-reading terminal, avoids the same frequent card reading of identity card card-reading terminal to recognizing
Demonstrate,prove the attack of safety control module bring.
It should be noted that, although above-mentioned five kinds of modes are separately discussed, but carry out those skilled in the art, for same
Identity card card-reading terminal, it is clear that two or more control strategy can be set simultaneously, for example, reading for same identity card
Card terminal only allows identity card card-reading terminal reading identity card in certain a period of time in certain position ranges, then only has
When first judgment module 402 judges while meeting the requirement of position and time, just identity card card-reading terminal is allowed to read identity
Card.
Optionally, which can also include: the first receiving module, return for receiving certification safety control module
The identity card identification information returned;Second judgment module, for the mark according at least to identity card identification information, identity card card-reading terminal
Know information and preset strategy, judges whether that blacklist or control list for identity card card-reading terminal is added.For example,
Whether the card reading frequency for judging the identity card card-reading terminal is more than that predetermined value, identity card card-reading terminal continually read different identity
Card etc. determines whether that blacklist or control list for the identification information of identity card card-reading terminal is added.Pass through the optional reality
It applies in mode, dispatch server can be managed identity card card-reading terminal according to preset strategy, so as to dynamic
State updates blacklist and control list, is further ensured that certification safety control module will not be by rogue attacks.
Optionally, dispatch server can also include: third judgment module, for judge identity card identification information whether
In identity card blacklist;Second sending module, for judge identity card identification information in the case where identity card blacklist, to
The certification safety control module of selection sends instruction information, and the identity card that instruction identity card card-reading terminal is currently read is illegal.Choosing
After the certification safety control module selected receives instruction information, it can stop handling current identity card and read process, it can be with
The certification safety control module of selection can also send prompt information to identity card card-reading terminal, the identity card for prompting user current
Illegally.Wherein, there is the identification information of illegal identity card in identity card blacklist, such as the mark letter for the identity card being reported the loss
Breath, continuous identification information, identification information of expired identity card of identity card for exception occur etc..Optionally, the mark of identity card
Know the sequence number that information can be identity card, the i.e. birth certificate of identity card.By the optional embodiment, can identify illegal
Identity card avoids reading illegal identity card.
Optionally, data information further include: card seeking request.That is dispatch server is by the certification safety control module of selection
After identification information (for example, can be the network port of the certification safety control module of selection) returns to identity card card-reading terminal,
The card seeking received can be requested the certification safety control module for being sent to selection by dispatch server.In this case, respectively
A certification safety control module can be connected directly between on each port of dispatch server
Optionally, dispatch server can also include: third sending module, and for generating authentication code, authentication code is distinguished
Identity card card-reading terminal and authentication database are sent to (for example, can be with the identification information of the certification safety control module of selection
Send jointly to identity card card-reading terminal).Authentication code is stored in authentication database, and authentication code has a validity period, is being had
When the effect phase reaches, authentication database deletes the authentication code.After identity card card-reading terminal receives authentication code, net is sent to subsequent
The authentication code is carried in the request of network side.For example, if identity card card-reading terminal is in the certification security control mould for receiving selection
After the identification information of block, need to send card seeking request to the certification safety control module of selection, then it can be in card seeking request
The authentication code is carried, is that authentication code can be encrypted to the certification safety for being sent to selection together if card seeking request is encryption
Control module, after the certification safety control module of selection receives the authentication code, can inquire in authentication database whether include
The authentication code illustrates that authentication code is no longer valid if do not included if it is, continuing subsequent processing, refuses identity card card reading
The request of terminal.By the optional embodiment, dispatch server can control identity card by the effective time of authentication code
The access time of card-reading terminal avoids after selecting certification safety control module for identity card card-reading terminal, and identity card card reading is whole
It does not initiate card reading request for a long time and causes certification safety control module is idle for a long time cannot be assigned to other identity in end
The problem of demonstrate,proving card-reading terminal.
Optionally, in order to guarantee data security, certification safety control module can also be authenticated.Therefore, scheduling clothes
Business device can also include: the 4th sending module, for pacifying to the certification of selection when the certification safety control module of selection powers on
Full control module sends data to be signed;Second receiving module, what the certification safety control module for receiving selection returned recognizes
It demonstrate,proves data, wherein authentication data includes: data to be signed being carried out using the signature private key of the certification safety control module of selection
The corresponding public signature key certificate of signature private key, the Yi Jixuan of the certification safety control module of signed data, selection that signature obtains
The encrypted public key certificate for the certification safety control module selected;First authentication module, for judging public signature key certificate and encryption
Whether public key certificate handles abnormality;Second authentication module, for judging public signature key certificate and encrypted public key certificate
In the case where not being processing abnormality, whether signature verification public key certificate and encrypted public key certificate distribute to same identity card
Card-reading terminal, if it is, whether verifying signed data is correct;4th sending module, in public signature key certificate and
Encrypted public key certificate distribution to same identity card card-reading terminal and in the correct situation of signed data, determine selection certification peace
The authentication of full control module passes through, and the certification safety of selection is sent to after encrypting to the protection key of authentication database
Control module;Alert module, for not being allocated to same identity card card reading in public signature key certificate and encrypted public key certificate
Terminal and/or in the incorrect situation of signed data, determine that the authentication of the certification security module of selection does not pass through, issue
Warning message.
Embodiment 4
A kind of key acquisition method is present embodiments provided, in this embodiment, dispatch server cooperates authorization server
Certification is carried out to certification safety control module and sends the guarantor of authentication database to certification safety control module after certification passes through
Protect key.As shown in figure 5, this approach includes the following steps S501~S505:
S501: certification safety control module sends authentication data to dispatch server, and authentication data includes at least: certification peace
Signed data that full control module signs to data to be signed and for the digital certificate of sign test and for encrypting
Digital certificate;
In the present embodiment, as one of the present embodiment optional embodiment, authenticating safety control module can be
Safety chip, safety chip (Z8D64U (the close lot number SSX43 of state), Z32 (the close lot number of state of such as Guoming Technology Co., Ltd
SSX20)) internal to possess independent processor and storage unit, can store PKI digital certificate and corresponding private key and other
Characteristic carries out encryption and decryption operation to data, provides data encryption and identification safety authentication service for user, protection business is hidden
Therefore private and data safety authenticates in the present embodiment and is stored with the digital certificate for sign test in safety control module and is used for
The digital certificate of encryption and corresponding private key, wherein for the former, authenticating safety control module can be used and use
Data to be signed are signed to obtain signed data in the digital certificate of sign test corresponding private key, authorization server can use
This is used for the public key of the digital certificate of sign test to signed data sign test, to realize authorization server to certification safety control module
Authentication guarantees the legitimacy of certification safety control module;For the latter, authorization server can use the number for encryption
The public key of word certificate generates the protection key ciphertext of authentication database to the protection key encryption of authentication database, to realize ciphertext
Transmission to guarantee the safety of transmission mode, and is only stored with private key corresponding with the digital certificate for encryption
The protection key ciphertext of certification safety control module ability decrypted authentication database obtains the protection key of authentication database, to protect
Card obtains the safety of the protection key of authentication database, can prevent the protection key of authentication database from illegally being usurped.
In the present embodiment, data to be signed can be generated by certification safety control module, can also be by authorization server
It generates.Therefore, is authenticated by safety control module and is sent to tune as one of the present embodiment optional embodiment for the former
It spends in the authentication data of server further include: data to be signed;The data to be signed include at least: certification safety control module is raw
At single authentication data, the digital certificate for sign test, the digital certificate for encryption and authenticate safety control module body
Part mark.Wherein, single authentication data are random factor, including random number and/or chance event, to prevent repeat attack, and
And the reliability of authorization server sign test is increased by the combination of above-mentioned a variety of data to be signed;Alternatively, for the latter, as
Another optional embodiment in the present embodiment, data to be signed, comprising: the single authentication data that authorization server generates
And/or the identity of authorization server, wherein single authentication data are random factor, including random number and/or Random event
Part to prevent repeat attack, and increases the reliable of authorization server sign test by the combination of above-mentioned a variety of data to be signed
Property;The single authentication data that the authorization server generates can be forwarded to certification safety control module by dispatch server, recognize
Card safety control module can use is signed to obtain for the corresponding private key of digital certificate of sign test to the data to be signed
Signed data carries out sign test so as to authorization server.
S502: dispatch server receives the authentication data that certification safety control module is sent, and inquires the number for being used for sign test
The survival condition of word certificate and the digital certificate for encryption sends out authentication data if survival condition is normal survival condition
It send to authorization server;
In the present embodiment, certification safety control module only passes through dispatch server and the dual of authorization server is recognized
Card, could obtain the protection key of authentication database.Dispatch server is to pass through inquiry to the certification of certification safety control module
Whether normal survival condition is realized for the survival condition of digital certificate for sign test and the digital certificate for encryption.Make
For a kind of optional embodiment of the present embodiment, number of the dispatch server inquiry for the digital certificate of sign test and for encryption
The state of certificate, comprising: dispatch server inquires the number card for sign test on digital certificate status online query server
The survival condition of book and the digital certificate for encryption, survival condition include: normal existence state and improper survival condition, non-
Normal existence state includes at least following one: Certificate Revocation, certificate expired, certificate freeze to be put on the blacklist with certificate.
If the failure of above-mentioned digital certificate, it is expired, freeze or be put on the blacklist, just illustrate to authenticate safety control module has very much can
It can be illegality equipment, then authentication data will not be sent to authorization server by dispatch server, so, authenticate safety control module
Also the protection key of authentication database can not be just received, the ciphertext received from identity card card-reading terminal cannot be decrypted, thus
Attack of the illegal safety control module to verifying safety control module has been prevented, has passed through the certification of dispatch server as a result,
It ensure that the legitimacy of certification safety control module.
S503: it is same whether authorization server judges belong to for the digital certificate of sign test and the digital certificate for encryption
User, after judging to belong to same user for the digital certificate of sign test and digital certificate for encryption, to signed data into
Row sign test after sign test passes through, obtains the protection key of authentication database;And the encryption of the protection key of authentication database is generated and is recognized
The protection key ciphertext of database is demonstrate,proved, and the protection key ciphertext of authentication database is sent to dispatch server;
In the present embodiment, authorization server is by judging the number for sign test to the certification of certification safety control module
Whether word certificate and digital certificate for encryption belong to same user and utilize the digital certificate for sign test to number of signature
It is realized according to sign test is carried out.Wherein, as one of the present embodiment optional embodiment, authorization server judges are for testing
Whether the digital certificate of label and digital certificate for encryption belong to same user, comprising: authorization server is according to being used for sign test
Digital certificate and the user attaching information judgement that respectively carries of digital certificate for encryption for sign test digital certificate and
Whether the digital certificate for encryption belongs to same user.
User attaching information refers to can be with the information of identity user identity, for example (User Identification is used UID
Family unique identification) etc., if the user attaching information that two digital certificates carry is identical, illustrate that the two belongs to same user.
When practical application, the digital certificate for sign test and the digital certificate for encryption should be the same users in Third Party Authentication
Platform application, once because the user can use after authorization server is used to the signed data sign test of this user
The digital certificate for being used for encryption, which decrypts the protection key ciphertext of the authentication database received from authorization server, to be recognized
Demonstrate,prove the protection key of database, in order to prevent invalid user stealing other people for sign test digital certificate or usurp other people use
Authorization server 50 needs before to signed data sign test in the digital certificate of encryption, the present embodiment, first judges two numbers
Whether word certificate belongs to same user, if belonging to same user, can at least guarantee to exclude and illegally usurp digital certificate
Situation.
In addition, the signed data that authorization server receives is to authenticate safety control module to utilize and the number card for sign test
The signed data that the corresponding private key of book signs to data to be signed, authorization server can use this and be used for sign test as a result,
Digital certificate public key to signed data carry out sign test.
As a result, only by the double authentication of dispatch server and authorization server, certification safety control module can just be obtained
The protection key for obtaining authentication database ensure that certification safety control module obtains the safety of the protection key of authentication database
Property.
As a kind of optional embodiment of the present embodiment, authorization server can use the digital certificate for encryption
Public key generates the protection key ciphertext of authentication database to the protection key encryption of authentication database, certainly, as the present embodiment
Another optional embodiment, random key also can be generated in authorization server, using random key to authentication database
Key encryption is protected, and the public key for the digital certificate of encryption is utilized to encrypt random key, by encrypted random key
It is sent to dispatch server together with the protection key ciphertext of authentication database;In the present embodiment, due to authenticating security control mould
The digital certificate for oneself being used to encrypt is sent to authorization server by block, and authorization server is used using the public key of the digital certificate
Mode mentioned above realizes that ciphertext passes to certification safety control module is transmitted further to after the protection key encryption of authentication database
It is defeated, it ensure that the safety of transmission data, and only possess the certification safety control module of the corresponding private key of the digital certificate
Can to authentication database protection key ciphertext decryption, even if being trapped, due to do not have save private key can not also decode the certification
Therefore the protection key ciphertext of database further ensures the safety of the protection key of authentication database.
S504: the protection key ciphertext of authentication database is sent to certification safety control module by dispatch server;
When it is implemented, certification safety control module is safety chip when not having communication interface, need dispatch server into
Row forwarding data.Moreover, certification safety control module only with dispatch server connection communication, without being connect with other external equipments
Communication only receives the data that dispatch server is sent, further keeps off unsafe data by dispatch server and pacifying in certification
Except full control module, the safety of certification safety control module has been ensured.
S505: certification safety control module is decrypted to obtain the guarantor of authentication database to the protection key ciphertext of authentication database
Key is protected, and the protection key of authentication database is stored in the random access memory of certification safety control module.
The mode of the protection key ciphertext of authentication database is generated correspondingly, certification is pacified with authorization server in step S503
The protection key that full control module decrypts to obtain authentication database to the protection key ciphertext of authentication database illustratively provides
Following implementations: close to the protection of authentication database using the private key corresponding with the digital certificate for encryption being locally stored
Key ciphertext decrypts to obtain the protection key of authentication database, alternatively, using being locally stored and the digital certificate pair for encryption
Random key after the private key pair encryption answered is decrypted to obtain random key, and close to the protection of authentication database using random key
Key ciphertext decrypts to obtain the protection key of authentication database.In the present embodiment, since oneself is used for by certification safety control module
The digital certificate of encryption is sent to authorization server, and authorization server uses the public key of the digital certificate to the guarantor of authentication database
It is transmitted further to certification safety control module after shield key encryption, ciphertext transmission is realized, ensure that the safety of transmission data, and only
There is the certification safety control module for possessing the corresponding private key of the digital certificate could protection key ciphertext solution to authentication database
It is close, even if being trapped, due to there is no preservation private key that can not decode the protection key ciphertext of the authentication database yet, into one
Step ensure that the safety of the protection key of authentication database.
Moreover, being stored in random access memory after the protection key of certification safety control module decryption acquisition authentication database
It in device RAM, rather than is stored in FLASH, is deleted once the protection key of the power down authentication database in this way, works as certification
When safety control module powers on again, it is necessary to the step of re-executing the protection key for obtaining authentication database, as a result, from hard
It ensure that the protection key of authentication database will not persistently be occupied by a certification safety control module on part, be more not easy to be cut
It obtains.
The key acquisition method provided through this embodiment, authenticate safety control module in order to by the event of rogue attacks all
Gear is being verified except safety control module, could be from authorization after needing to pass through via dispatch server and authorization server certification
Server gets the protection key of authentication database, so that the certification security control in the Transmission system of ID card information
The transmission key ciphertext that module can use the protection key pair identity card card-reading terminal of the authentication database, which is decrypted, to be transmitted
Key, certification safety control module only get the ciphertext solution that the transmission key can send identity card card-reading terminal
It is close, it is possible thereby to guarantee that authenticating safety control module is sent to the safety for verifying the data of safety control module.
Embodiment 5
A kind of key acquisition method is present embodiments provided, in this embodiment, authorization server is directly to certification safety
Control module carries out certification and sends the protection key of authentication database to certification safety control module after certification passes through.Such as figure
Shown in 6, this approach includes the following steps S601~S604:
S601: certification safety control module sends authentication data to authorization server, and authentication data includes at least: certification peace
Signed data that full control module signs to data to be signed and for the digital certificate of sign test and for encrypting
Digital certificate;
In the present embodiment, as one of the present embodiment optional embodiment, authenticating safety control module can be
Safety chip, safety chip (Z8D64U (the close lot number SSX43 of state), Z32 (the close lot number of state of such as Guoming Technology Co., Ltd
SSX20)) internal to possess independent processor and storage unit, can store PKI digital certificate and corresponding private key and other
Characteristic carries out encryption and decryption operation to data, provides data encryption and identification safety authentication service for user, protection business is hidden
Therefore private and data safety authenticates in the present embodiment and is stored with the digital certificate for sign test in safety control module and is used for
The digital certificate of encryption and corresponding private key, wherein for the former, authenticating safety control module can be used and use
Data to be signed are signed to obtain signed data in the digital certificate of sign test corresponding private key, authorization server can use
This is used for the public key of the digital certificate of sign test to signed data sign test, to realize authorization server to certification safety control module
Authentication guarantees the legitimacy of certification safety control module;For the latter, authorization server can use the number for encryption
The public key of word certificate generates the protection key ciphertext of authentication database to the protection key encryption of authentication database, to realize ciphertext
Transmission to guarantee the safety of transmission mode, and is only stored with private key corresponding with the digital certificate for encryption
The protection key ciphertext of certification safety control module ability decrypted authentication database obtains the protection key of authentication database, to protect
Card obtains the safety of the protection key of authentication database, can prevent the protection key of authentication database from illegally being usurped.
In the present embodiment, data to be signed can be generated by certification safety control module, can also be by authorization server
It generates.Therefore, for the former, as one of the present embodiment optional embodiment, certification safety control module, which is sent to, to be awarded
In the authentication data for weighing server further include: data to be signed;The data to be signed include at least: certification safety control module is raw
At single authentication data, the digital certificate for sign test, the digital certificate for encryption and authenticate safety control module body
Part mark.Wherein, single authentication data are random factor, including random number and/or chance event, to prevent repeat attack, and
And the reliability of authorization server sign test is increased by the combination of above-mentioned a variety of data to be signed;Alternatively, for the latter, as
Another optional embodiment in the present embodiment, data to be signed, comprising: the single authentication data that authorization server generates
And/or the identity of authorization server, wherein single authentication data are random factor, including random number and/or Random event
Part to prevent repeat attack, and increases the reliable of authorization server sign test by the combination of above-mentioned a variety of data to be signed
Property;The single authentication data that the authorization server generates can be forwarded to certification safety control module by authorization server, recognize
Card safety control module can use is signed to obtain for the corresponding private key of digital certificate of sign test to the data to be signed
Signed data carries out sign test so as to authorization server.
S602: authorization server receives the authentication data that certification safety control module is sent, and inquires the number for being used for sign test
The survival condition of word certificate and the digital certificate for encryption thens follow the steps S603 if survival condition is normal survival condition;
In the present embodiment, certification safety control module only passes through the certification of authorization server, could obtain certification number
According to the protection key in library.Authorization server is to the number that the certification of certification safety control module includes: to certification safety control module
The certification of the validity of word certificate and the certification of the legitimacy to the digital certificate for authenticating safety control module.
Wherein, authorization server to certification safety control module certification be by inquire for sign test digital certificate and
The survival condition of digital certificate for encryption whether normal survival condition is realized.One kind as the present embodiment is optional
Embodiment, queries are for the digital certificate of sign test and the state of the digital certificate for encryption, comprising: authorization
Server inquires the digital certificate for sign test and the number card for encryption on digital certificate status online query server
The survival condition of book, survival condition include: normal existence state and improper survival condition, and improper survival condition includes at least
Following one: Certificate Revocation, certificate expired, certificate freeze to be put on the blacklist with certificate.If above-mentioned digital certificate failure,
It is expired, freeze or be put on the blacklist, just illustrate authenticate safety control module be likely to be illegality equipment, then authorize clothes
Authentication data will not be sent to authorization server by business device, so, certification safety control module also can not just receive authentication data
The protection key in library cannot decrypt the ciphertext received from identity card card-reading terminal, to prevent the illegal safety control
Attack of the molding block to verifying safety control module ensure that certification security control mould by the certification of authorization server as a result,
The legitimacy of block.
S603: it is same whether authorization server judges belong to for the digital certificate of sign test and the digital certificate for encryption
User, after judging to belong to same user for the digital certificate of sign test and digital certificate for encryption, to signed data into
Row sign test after sign test passes through, obtains the protection key of authentication database;And the encryption of the protection key of authentication database is generated and is recognized
The protection key ciphertext of database is demonstrate,proved, and the protection key ciphertext of authentication database is sent to certification safety control module;
In the present embodiment, authorization server is logical to the certification of the legitimacy of the digital certificate of certification safety control module
Cross whether judgement belongs to same user for the digital certificate of sign test and the digital certificate for encryption and utilize for sign test
Digital certificate sign test is carried out to signed data to realize.Wherein, it as one of the present embodiment optional embodiment, awards
Whether power server judgement belongs to same user for the digital certificate of sign test and the digital certificate for encryption, comprising: authorization
The user attaching information judgement that server is respectively carried according to the digital certificate for sign test and the digital certificate for encryption is used
Whether the digital certificate in sign test and the digital certificate for encryption belong to same user, if it is, determining for sign test
Digital certificate and digital certificate for encryption belong to same user.
User attaching information refers to can be with the information of identity user identity, for example (User Identification is used UID
Family unique identification) etc., if the user attaching information that two digital certificates carry is identical, illustrate that the two belongs to same user.
When practical application, the digital certificate for sign test and the digital certificate for encryption should be the same users in Third Party Authentication
Platform application, once because the user can benefit after authorization server passes through the signed data sign test of this user
With private key corresponding with the digital certificate for being used for encryption to the protection key of the authentication database received from authorization server
Ciphertext decrypts to obtain the protection key of authentication database, in order to prevent other people digital certificate for sign test of invalid user stealing
Or other people digital certificate for encryption is usurped, in the present embodiment, authorization server needs before to signed data sign test,
First judge whether two digital certificates belong to same user, if belonging to same user, can at least guarantee the two number cards
Book belongs to the same user, has excluded the case where illegally usurping digital certificate.
In addition, the signed data that authorization server receives is to authenticate safety control module to utilize and the number card for sign test
The signed data that the corresponding private key of book signs to data to be signed, authorization server can use this and be used for sign test as a result,
Digital certificate public key to signed data carry out sign test.
As a result, only by authorization server to the validity of digital certificate and the double authentication of legitimacy, certification safety
Control module could obtain the protection key of authentication database, ensure that certification safety control module obtains the guarantor of authentication database
Protect the safety of key.
As a kind of optional embodiment of the present embodiment, authorization server can use the digital certificate for encryption
Public key generates the protection key ciphertext of authentication database to the protection key encryption of authentication database, certainly, as the present embodiment
Another optional embodiment, random key also can be generated in authorization server 50, using random key to authentication database
Protection key encryption, and utilize for encryption digital certificate public key to random key encryption, by encrypted with secret
The protection key ciphertext of key and authentication database is sent to authorization server together;In the present embodiment, due to authenticating security control
The digital certificate for oneself being used to encrypt is sent to authorization server by module 30, and authorization server uses the public key of the digital certificate
To certification safety control module is transmitted further to after the protection key encryption of authentication database by the way of mentioned above, realize close
Text transmission, ensure that the safety of transmission data, and only possess the certification security control mould of the corresponding private key of the digital certificate
Block could to authentication database protection key ciphertext decryption, even if being trapped, due to do not have save private key can not also decode this
Therefore the protection key ciphertext of authentication database further ensures the safety of the protection key of authentication database.
S604: certification safety control module is decrypted to obtain the guarantor of authentication database to the protection key ciphertext of authentication database
Key is protected, and the protection key of authentication database is stored in the random access memory of certification safety control module.
The mode of the protection key ciphertext of authentication database is generated correspondingly, certification is pacified with authorization server in step S603
The protection key that full control module decrypts to obtain authentication database to the protection key ciphertext of authentication database illustratively provides
Following implementations: close to the protection of authentication database using the private key corresponding with the digital certificate for encryption being locally stored
Key ciphertext decrypts to obtain the protection key of authentication database, alternatively, using being locally stored and the digital certificate pair for encryption
Random key after the private key pair encryption answered is decrypted to obtain random key, and close to the protection of authentication database using random key
Key ciphertext decrypts to obtain the protection key of authentication database.In the present embodiment, since oneself is used for by certification safety control module
The digital certificate of encryption is sent to authorization server, and authorization server uses the public key of the digital certificate to the guarantor of authentication database
It is transmitted further to certification safety control module after shield key encryption, ciphertext transmission is realized, ensure that the safety of transmission data, and only
There is the certification safety control module for possessing the corresponding private key of the digital certificate could protection key ciphertext solution to authentication database
It is close, even if being trapped, due to there is no preservation private key that can not decode the protection key ciphertext of the authentication database yet, into one
Step ensure that the safety of the protection key of authentication database.
Moreover, being stored in random access memory after the protection key of certification safety control module decryption acquisition authentication database
It in device RAM, rather than is stored in FLASH, is deleted once the protection key of the power down authentication database in this way, works as certification
When safety control module powers on again, it is necessary to the step of re-executing the protection key for obtaining authentication database, as a result, from hard
It ensure that the protection key of authentication database will not persistently be occupied by a certification safety control module on part, be more not easy to be cut
It obtains.
The key acquisition method provided through this embodiment, authenticate safety control module in order to by the event of rogue attacks all
Gear is being verified except safety control module, could be from authorization after needing to pass through via authorization server and authorization server certification
Server gets the protection key of authentication database, so that the certification security control in the Transmission system of ID card information
The transmission key ciphertext that module can use the protection key pair identity card card-reading terminal of the authentication database, which is decrypted, to be transmitted
Key, certification safety control module only get the ciphertext solution that the transmission key can send identity card card-reading terminal
It is close, it is possible thereby to guarantee that authenticating safety control module is sent to the safety for verifying the data of safety control module.
Although the embodiments of the present invention has been shown and described above, it is to be understood that above-described embodiment is example
Property, it is not considered as limiting the invention, those skilled in the art are not departing from the principle of the present invention and objective
In the case where can make changes, modifications, alterations, and variations to the above described embodiments within the scope of the invention.The scope of the present invention
By appended claims and its equivalent limit.
Claims (14)
1. a kind of scheduling system of reading identity card characterized by comprising authentication database, dispatch server and n recognize
Demonstrate,prove safety control module, wherein n is the integer more than or equal to 1, in which:
The authentication database and is for the working conditions of all certification safety control modules in storage system
The ciphertext of the encryption key of each identity card card-reading terminal in system, wherein the encryption key of each identity card card-reading terminal
Ciphertext is to be encrypted respectively to the encryption key of each identity card card-reading terminal using the protection key of the authentication database
It obtains;
The dispatch server, is used for:
Whether the identification information for obtaining identity card card-reading terminal, allow according to the identification information judgment of the identity card card-reading terminal
The identity card card-reading terminal reading identity card;
In the case where judgement allows the identity card card-reading terminal reading identity card, the identity card card-reading terminal is being received
After the card seeking request of transmission, from the certification security control in the compass of competency that the authentication database obtains the dispatch server
The working condition of module;
According to the working condition of each certification safety control module in the compass of competency of the dispatch server, selects one and recognize
Safety control module is demonstrate,proved, it is whole that the identification information of the certification safety control module of selection is sent to the identity card card reading
End;
According to the identification information of the identity card card-reading terminal, the identity card card-reading terminal is obtained from the authentication database
Encryption key ciphertext, wherein the ciphertext be using the authentication database protection key pair described in identity card card reading
What the encryption key of terminal was encrypted;
Data information is sent to the certification safety control module of selection, wherein the data information includes: the identity card
The ciphertext of the encryption key of card-reading terminal;
The selected certification safety control module, information, uses the protection key of the authentication database for receiving data
The ciphertext of the encryption key of the identity card card-reading terminal is decrypted, the encryption for obtaining the identity card card-reading terminal is close
Key.
2. system according to claim 1, which is characterized in that the dispatch server obtains identity card in the following manner
The identification information of card-reading terminal:
The dispatch server receives the access request that the identity card card-reading terminal is sent, and institute is obtained from the access request
State the identification information of identity card card-reading terminal;Alternatively,
The dispatch server receives the identity card request that the identity card card-reading terminal is sent, and obtains from identity card request
Take the identification information of the identity card card-reading terminal, wherein the card seeking request and institute are carried in the identity card request
State the identification information of identity card card-reading terminal.
3. system according to claim 1, which is characterized in that the identification information of the identity card card-reading terminal includes: institute
State the digital certificate of identity card card-reading terminal;Whether the dispatch server is judged by the following manner allows the identity card to read
Card terminal reading identity card:
Judge whether the digital certificate of the identity card card-reading terminal is abnormal, if it is, determining does not allow the identity card to read
Otherwise whether card terminal reading identity card judges the digital certificate of the identity card card-reading terminal in blacklist or control list
In, wherein the digital certificate for allowing the identity card card-reading terminal of reading identity card, the control are had recorded not in the blacklist
The number for needing the identity card card-reading terminal controlled according to preset control strategy its reading identity card is had recorded in list
Word certificate;
In the case where judging that the digital certificate of the identity card card-reading terminal is in the blacklist, the identity card is not allowed
Card-reading terminal reading identity card refuses the request of the identity card card-reading terminal;
In the case where judging that the digital certificate of the identity card card-reading terminal is in the control list, according to described preset
Control strategy determines whether the identity card card-reading terminal reading identity card.
4. system according to claim 1, which is characterized in that the identification information of the identity card card-reading terminal includes: institute
State the sequence number of identity card card-reading terminal and the digital certificate of the identity card card-reading terminal;The dispatch server by with
Under type determines whether the identity card card-reading terminal reading identity card:
Judge whether the digital certificate of the identity card card-reading terminal is abnormal, if it is, determining does not allow the identity card to read
Card terminal reading identity card, otherwise, judge the identity card card-reading terminal digital certificate or the identity card card-reading terminal
Whether sequence number is in blacklist or control list, wherein the identity for allowing reading identity card is had recorded not in the blacklist
The identification information of card-reading terminal is demonstrate,proved, needs is had recorded in the control list, reading identity card is grasped according to preset control strategy
The identification information of the identity card card-reading terminal controlled;
The digital certificate or the identity card card-reading terminal that judge the identity card card-reading terminal sequence number in the black name
In the case where in list, do not allow the identity card card-reading terminal reading identity card, refuses the request of the identity card card-reading terminal;
The digital certificate or the identity card card-reading terminal that judge the identity card card-reading terminal sequence number in the control
In the case where in list, determine whether that the identity card card-reading terminal reads identity according to the preset control strategy
Card.
5. system according to claim 3 or 4, which is characterized in that in the mark letter for judging the identity card card-reading terminal
In the case that breath is in the control list, at least the identity card card-reading terminal is determined whether one of in the following way
Reading identity card:
According to the preset control strategy, judge whether the identity card card-reading terminal is currently in the position range allowed,
If it is, allowing the identity card card-reading terminal reading identity card, otherwise, the identity card card-reading terminal is not allowed to read body
Part card, refuses the request of the identity card card-reading terminal, wherein has recorded the identity card in the preset control strategy and reads
The position range that card terminal allows;
According to the preset control strategy, judge current time whether in the time for allowing the identity card card-reading terminal card reading
In range, if it is, allowing the identity card card-reading terminal reading identity card, otherwise, do not allow the identity card card reading whole
Reading identity card is held, the request of the identity card card-reading terminal is refused, wherein has recorded permission in the preset control strategy
In the time range of the identity card card-reading terminal card reading;
According to the preset control strategy, within a preset period of time, the history card reading of the identity card card-reading terminal is secondary for judgement
Whether number is more than that preset times threshold value if it is, not allowing the identity card card-reading terminal reading identity card refuses the body
Otherwise the request of part card card-reading terminal allows the identity card card-reading terminal reading identity card, wherein the preset control
The duration and the preset times threshold value of preset time period are had recorded in strategy;
According to the preset control strategy, judgement within a preset period of time, identity card card-reading terminal card reading twice in succession
The distance between position whether be more than pre-determined distance, if it is, do not allow the identity card card-reading terminal reading identity card,
Refuse the request of the identity card card-reading terminal, otherwise, allows the identity card card-reading terminal reading identity card, wherein described
It is preset to manage the duration that preset time period is had recorded in strategy and the pre-determined distance;
According to the preset control strategy, judge whether the time interval of identity card card-reading terminal card reading twice in succession surpasses
Preset value is crossed, if it is, not allowing the identity card card-reading terminal reading identity card, refuses the identity card card-reading terminal
Request, otherwise, allows the identity card card-reading terminal reading identity card, wherein has recorded in the preset control strategy pre-
If the duration of period and the pre-determined distance.
6. system according to claim 3 or 4, which is characterized in that
The selected certification safety control module is also used to receive the encryption identity card identification information, to the crypto identity
Card identification information is decrypted, and the identity card identification information that decryption obtains is returned to the dispatch server;
The dispatch server is also used to the mark letter according at least to the identity card identification information, the identity card card-reading terminal
Breath and preset strategy, judge whether for the identification information of the identity card card-reading terminal to be added the blacklist or
The control list.
7. system according to claim 6, which is characterized in that the dispatch server is also used to judge the identity card mark
Information is known whether in identity card blacklist, if it is, instruction information is sent to the selected certification safety control module,
The identity card for indicating that the identity card card-reading terminal is currently read is illegal.
8. system according to any one of claims 1 to 4, which is characterized in that the system also includes: n certification safety
Control module, wherein a certification safety control module is correspondingly connected with a verifying safety control module, and different institutes
The verifying safety control module for stating certification security control connection is not identical;
The selected certification safety control module is also used to obtain the card seeking request, wherein the card seeking request is use
The ciphertext data that the encryption key of the identity card card-reading terminal is encrypted;Use adding for the identity card card-reading terminal
The request of card seeking described in close key pair is decrypted, and the card seeking request that decryption obtains is sent to the verifying security control being correspondingly connected with
Module;
The verifying safety control module being correspondingly connected with, for receive card seeking request confirm, will confirm that information send out
Give the selected certification safety control module;
The selected certification safety control module is also used to obtain session key, using the session key to the confirmation letter
Breath is encrypted, and encrypted confirmation message is sent to the identity card card-reading terminal.
9. system according to any one of claims 1 to 4, which is characterized in that the dispatch server is also used to selecting
After one certification safety control module, authentication code is generated, the authentication code is sent respectively to the identity card card-reading terminal
With the authentication database.
10. system according to any one of claims 1 to 4, which is characterized in that the system also includes authorization server,
Wherein,
The dispatch server is also used to when the certification safety control module of selection powers on, and is pacified to the selected certification
Full control module sends data to be signed;
The selected certification safety control module is also used for signature private key and is signed to obtain to the data to be signed
Signed data, will include the signed data, the corresponding public signature key certificate of the signature private key and selected recognize
The authentication data for demonstrate,proving the encrypted public key certificate of safety control module returns to the dispatch server;
The dispatch server is also used to receive the authentication data that the selected certification safety control module returns, judgement
Whether the public signature key certificate and the encrypted public key certificate handle abnormality;
It, will be described in the case where judging the public signature key certificate and the encrypted public key certificate not is processing abnormality
Data to be signed and the authentication data are sent to the authorization server;
The authorization server, for public signature key certificate and described described in the authorization electronic signature equipment verification by connection
Whether encrypted public key certificate distributes to same identity card card-reading terminal, if it is, whether verify the signed data correct,
If it is, the authentication of the selected certification safety control module passes through, and otherwise, the selected certification security module
Authentication do not pass through;
The authorization server is also used to lead in the case where the authentication of the selected certification safety control module passes through
It crosses after the authorization electronic signature equipment encrypts the protection key of the authentication database and is sent to the dispatch service
Device;And it is sent a warning message in the unacceptable situation of authentication of the selected certification safety control module;
The dispatch server is also used to the protection key of the authentication database of encryption being sent to the selected certification
Safety control module;
The selected certification safety control module is also used to that the protection key of the authentication database of encryption is decrypted,
Obtain the protection key of the authentication database.
11. system according to claim 10, which is characterized in that the selected certification safety control module be also used to by
The protection key storage of the obtained authentication database is forbidden protecting the protection key of the authentication database in RAM
There are in flash.
12. system according to any one of claims 1 to 4, which is characterized in that the dispatch server is also used to selecting
After one certificate server, the work shape of the selected certification safety control module of the authentication database storage is updated
State.
13. system according to any one of claims 1 to 4, which is characterized in that the dispatch server is also used to basis and works as
The working condition of all certification safety control modules, order open or close the part certification security control in preceding system
Module.
14. system according to any one of claims 1 to 4, which is characterized in that the dispatch server is also used to each
The working condition of the certification security control is monitored in real time, when having monitored certification safety control module appearance exception,
Then export warning message.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610041590.1A CN105991649B (en) | 2016-01-21 | 2016-01-21 | A kind of scheduling system of reading identity card |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610041590.1A CN105991649B (en) | 2016-01-21 | 2016-01-21 | A kind of scheduling system of reading identity card |
Publications (2)
Publication Number | Publication Date |
---|---|
CN105991649A CN105991649A (en) | 2016-10-05 |
CN105991649B true CN105991649B (en) | 2019-10-01 |
Family
ID=57039916
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201610041590.1A Active CN105991649B (en) | 2016-01-21 | 2016-01-21 | A kind of scheduling system of reading identity card |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN105991649B (en) |
Families Citing this family (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108462681B (en) * | 2017-02-22 | 2020-12-29 | ***通信集团公司 | Communication method, device and system of heterogeneous network |
CN112560008A (en) * | 2020-12-22 | 2021-03-26 | 中国农业银行股份有限公司 | External device authentication method, external device and device management system |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN201657022U (en) * | 2010-04-23 | 2010-11-24 | 朱杰 | Network type identity document check system |
CN103593634A (en) * | 2013-11-08 | 2014-02-19 | 国家电网公司 | Network centralized decoding system and method of identity card identifier |
CN103914913A (en) * | 2012-12-28 | 2014-07-09 | 北京握奇数据***有限公司 | Intelligent card application scene recognition method and system |
CN104639538A (en) * | 2015-01-15 | 2015-05-20 | 李明 | Identity card information obtaining method and system |
-
2016
- 2016-01-21 CN CN201610041590.1A patent/CN105991649B/en active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN201657022U (en) * | 2010-04-23 | 2010-11-24 | 朱杰 | Network type identity document check system |
CN103914913A (en) * | 2012-12-28 | 2014-07-09 | 北京握奇数据***有限公司 | Intelligent card application scene recognition method and system |
CN103593634A (en) * | 2013-11-08 | 2014-02-19 | 国家电网公司 | Network centralized decoding system and method of identity card identifier |
CN104639538A (en) * | 2015-01-15 | 2015-05-20 | 李明 | Identity card information obtaining method and system |
Also Published As
Publication number | Publication date |
---|---|
CN105991649A (en) | 2016-10-05 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US8971537B2 (en) | Access control protocol for embedded devices | |
CN106027467B (en) | A kind of identity card reading response system | |
CN105654580B (en) | Access control method and system, electronic lock, management and visitor's terminal | |
CN106559408B (en) | SDN authentication method based on trust management | |
CN106027475B (en) | The transmission method and system of a kind of key acquisition method, ID card information | |
US20100186075A1 (en) | Method and system for accessing devices in a secure manner | |
CN106027251B (en) | A kind of identity card card-reading terminal and cloud authentication platform data transmission method and system | |
KR101753859B1 (en) | Server and method for managing smart home environment thereby, method for joining smart home environment and method for connecting communication session with smart device | |
CN106027473B (en) | Identity card card-reading terminal and cloud authentication platform data transmission method and system | |
CN105191207A (en) | Federated key management | |
CN103430183A (en) | Physically secured authorization for utility applications | |
WO1999024895A1 (en) | Tamper resistant method and apparatus | |
CN105991650B (en) | A kind of transmission method and system of ID card information | |
KR20040101085A (en) | Personal authentication device and system and method thereof | |
CN106506491B (en) | Network safety system | |
CN110505055A (en) | Based on unsymmetrical key pond to and key card outer net access identity authentication method and system | |
CN103391194B (en) | The method and system that the safety equipment of user are unlocked | |
CN106027477B (en) | A kind of identity card reading response method | |
CN105991649B (en) | A kind of scheduling system of reading identity card | |
CN110519222A (en) | Outer net access identity authentication method and system based on disposable asymmetric key pair and key card | |
CN105991648B (en) | A kind of dispatching method of reading identity card | |
CN108055124A (en) | Lock administration system and lock management method | |
CN106027256B (en) | A kind of identity card card reading response system | |
CN106027471B (en) | Scheduling server applied to identity card reading | |
CN103780600B (en) | RSA public key cryptography based off-line electric power transaction information system authorization method |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |