CN105991649B - A kind of scheduling system of reading identity card - Google Patents

A kind of scheduling system of reading identity card Download PDF

Info

Publication number
CN105991649B
CN105991649B CN201610041590.1A CN201610041590A CN105991649B CN 105991649 B CN105991649 B CN 105991649B CN 201610041590 A CN201610041590 A CN 201610041590A CN 105991649 B CN105991649 B CN 105991649B
Authority
CN
China
Prior art keywords
card
identity card
reading terminal
reading
identity
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201610041590.1A
Other languages
Chinese (zh)
Other versions
CN105991649A (en
Inventor
李明
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Individual
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Priority to CN201610041590.1A priority Critical patent/CN105991649B/en
Publication of CN105991649A publication Critical patent/CN105991649A/en
Application granted granted Critical
Publication of CN105991649B publication Critical patent/CN105991649B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/107Network architectures or network communication protocols for network security for controlling access to devices or network resources wherein the security policies are location-dependent, e.g. entities privileges depend on current location or allowing specific operations only from locally connected terminals
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/108Network architectures or network communication protocols for network security for controlling access to devices or network resources when the policy decisions are valid for a limited amount of time
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/1458Denial of Service
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/1466Active attacks involving interception, injection, modification, spoofing of data unit addresses, e.g. hijacking, packet injection or TCP sequence number attacks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3297Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving time stamps, e.g. generation of time stamps

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

The invention discloses a kind of scheduling systems of reading identity card.The scheduling system of the reading identity card includes: authentication database, the ciphertext of the encryption key of the identity card card-reading terminal of the working condition and system for all certification safety control modules in storage system;Dispatch server is used for: being obtained the identification information of identity card card-reading terminal, whether is allowed identity card card-reading terminal reading identity card according to the identification information judgment of identity card card-reading terminal;In the case where allowing reading identity card, after receiving the card seeking request of identity card card-reading terminal transmission, the working condition of scheduling certification safety control module;According to the principle of task equilibrium, a certification safety control module is selected, the identification information of the certification safety control module of selection is sent to identity card card-reading terminal;Obtain the ciphertext of the encryption key of identity card card-reading terminal;Data information is sent to the certification safety control module of selection;The certification safety control module of selection, for obtaining the encryption key of identity card card-reading terminal.

Description

A kind of scheduling system of reading identity card
Technical field
The present invention relates to a kind of Internet technical field more particularly to a kind of scheduling systems of reading identity card.
Background technique
Existing front end identity card card-reading terminal has at least two modules, including read through model and residence card verifying Safety control module.Since each front end identity card card-reading terminal is respectively provided with residence card verifying safety control module, The manufacturing cost of existing front end identity card card-reading terminal is high;Also, residence card verifying safety control module can only be to one The resident identification card information that a read through model is read carries out authentication, therefore, existing front end identity card card-reading terminal utilization rate It is lower.
The solution provided in the related art is: by residence card verifying safety control module from front end identity card It is removed in card-reading terminal, front end identity card card-reading terminal only makees the function of identity information reading, and authentication is by backstage resident's body Part results card safety control module is completed, so as to reduce the cost of front end identity card card-reading terminal, also, multiple front end bodies Part card card-reading terminal can be verified by the same backstage residence card verifying safety control module, to improve backstage The utilization rate of residence card verifying safety control module.Using this scheme, due to the identity of front end identity card card-reading terminal It is uncertain, unsafe factor may be brought to backstage residence card verifying safety control module, and then lead to resident's body Part card is illegally used.
Summary of the invention
Present invention seek to address that one of above problem.
The main purpose of the present invention is to provide a kind of scheduling systems of reading identity card.
The scheduling system of reading identity card provided by the invention includes: authentication database, dispatch server and n certification Safety control module, wherein n is the integer more than or equal to 1, in which: authentication database, for all certifications in storage system The ciphertext of the encryption key of the working condition of safety control module and each identity card card-reading terminal in system, wherein each The ciphertext of the encryption key of a identity card card-reading terminal is to be read respectively each identity card using the protection key of authentication database What the encryption key of card terminal was encrypted;Dispatch server is used for: the identification information of identity card card-reading terminal is obtained, Whether allow identity card card-reading terminal reading identity card according to the identification information judgment of identity card card-reading terminal;Allow body in judgement In the case where part card card-reading terminal reading identity card, after receiving the card seeking request of identity card card-reading terminal transmission, from certification Database obtains the working condition of the certification safety control module in the compass of competency of dispatch server;According to dispatch server The working condition of each certification safety control module in compass of competency selects a certification safety control module, by selection The identification information of certification safety control module is sent to identity card card-reading terminal;According to the identification information of identity card card-reading terminal, The ciphertext of the encryption key of identity card card-reading terminal is obtained from authentication database, wherein ciphertext is to use authentication database What the encryption key of protection key pair identity card card-reading terminal was encrypted;It is sent to the certification safety control module of selection Data information, wherein data information includes: the ciphertext of the encryption key of identity card card-reading terminal;The certification security control of selection Module, information for receiving data, using the protection key pair identity card card-reading terminal of authentication database encryption key it is close Text is decrypted, and obtains the encryption key of identity card card-reading terminal.
Optionally, dispatch server obtains the identification information of identity card card-reading terminal: dispatch server in the following manner The access request that identity card card-reading terminal is sent is received, the identification information of identity card card-reading terminal is obtained from access request;Or Person, dispatch server receive the identity card request that identity card card-reading terminal is sent, obtain identity card card reading from identity card request The identification information of terminal, wherein the identification information of card seeking request and identity card card-reading terminal is carried in identity card request.
Optionally, the identification information of identity card card-reading terminal includes: the digital certificate of identity card card-reading terminal;Dispatch service Whether device is judged by the following manner allows identity card card-reading terminal reading identity card: judging the number card of identity card card-reading terminal Whether book is abnormal, if it is, determination does not allow identity card card-reading terminal reading identity card, otherwise judges identity card card-reading terminal Digital certificate whether blacklist or control list in, wherein the identity for allowing reading identity card is had recorded not in blacklist The digital certificate of card-reading terminal is demonstrate,proved, manages and has recorded needs in list according to preset control strategy to the progress of its reading identity card The digital certificate of the identity card card-reading terminal of control;Judging situation of the digital certificate of identity card card-reading terminal in blacklist Under, do not allow identity card card-reading terminal reading identity card, refuses the request of identity card card-reading terminal;Judging that identity card card reading is whole The digital certificate at end determines whether identity card card-reading terminal according to preset control strategy in the case where managing in list Reading identity card.
Optionally, the identification information of identity card card-reading terminal includes: the sequence number and identity card of identity card card-reading terminal The digital certificate of card-reading terminal;Whether dispatch server is judged by the following manner allows identity card card-reading terminal to read identity Card: judge whether the digital certificate of identity card card-reading terminal is abnormal, if it is, determining does not allow identity card card-reading terminal to read Identity card, otherwise, whether the sequence number of the digital certificate or identity card card-reading terminal that judge identity card card-reading terminal is in blacklist Or in control list, wherein have recorded not the identification information for allowing the identity card card-reading terminal of reading identity card in blacklist, manage It is had recorded in control list and needs to operate reading identity card the identity card card-reading terminal controlled according to preset control strategy Identification information;The digital certificate or identity card card-reading terminal that judge identity card card-reading terminal sequence number in blacklist In the case of, do not allow identity card card-reading terminal reading identity card, refuses the request of identity card card-reading terminal;Judging identity card reading The digital certificate of card terminal or the sequence number of identity card card-reading terminal are in the case where managing in list, according to preset control plan Slightly determine whether identity card card-reading terminal reading identity card.
Optionally, judge the identification information of identity card card-reading terminal in the case where managing in list, at least according to One of under type determines whether identity card card-reading terminal reading identity card: according to preset control strategy, judging identity card Whether card-reading terminal is currently in the position range allowed, if it is, allow identity card card-reading terminal reading identity card, it is no Then, do not allow identity card card-reading terminal reading identity card, refuse the request of identity card card-reading terminal, wherein preset control plan The position range of identity card card-reading terminal permission is had recorded in slightly;According to preset control strategy, judge current time whether In the time range for allowing identity card card-reading terminal card reading, if it is, allow identity card card-reading terminal reading identity card, it is no Then, do not allow identity card card-reading terminal reading identity card, refuse the request of identity card card-reading terminal, wherein preset control plan It is had recorded in slightly in the time range for allowing identity card card-reading terminal card reading;According to preset control strategy, judge when default Between in section, whether the history card reading number of identity card card-reading terminal is more than preset times threshold value, if it is, not allowing identity card Card-reading terminal reading identity card refuses the request of identity card card-reading terminal, otherwise, identity card card-reading terminal is allowed to read identity Card, wherein the duration and preset times threshold value of preset time period are had recorded in preset control strategy;According to preset control Strategy, within a preset period of time, whether the distance between position of card reading is more than pre- to identity card card-reading terminal twice in succession for judgement If distance, if it is, not allowing identity card card-reading terminal reading identity card, refuse the request of identity card card-reading terminal, otherwise, Allow identity card card-reading terminal reading identity card, wherein it is preset control strategy in have recorded preset time period duration and Pre-determined distance;According to preset control strategy, judge identity card card-reading terminal twice in succession card reading time interval whether be more than Preset value refuses the request of identity card card-reading terminal if it is, not allowing identity card card-reading terminal reading identity card, otherwise, Allow identity card card-reading terminal reading identity card, wherein it is preset control strategy in have recorded preset time period duration and Pre-determined distance.
Optionally, the certification safety control module of selection is also used to receive encryption identity card identification information, to crypto identity Card identification information is decrypted, and the identity card identification information that decryption obtains is returned to dispatch server;Dispatch server is also used In identification information and preset strategy according at least to identity card identification information, identity card card-reading terminal, judge whether Blacklist or control list is added in the identification information of identity card card-reading terminal.
Optionally, dispatch server be also used to judge identity card identification information whether in identity card blacklist, if so, Instruction information then is sent to the certification safety control module of selection, the identity card that instruction identity card card-reading terminal is currently read is non- Method.
Optionally, system further include: n certification safety control module, wherein a certification safety control module is corresponding A verifying safety control module is connected, and the verifying safety control module of different certification security control connections is not identical;Choosing The certification safety control module selected is also used to obtain card seeking request, wherein card seeking request is adding using identity card card-reading terminal The ciphertext data that key is encrypted;Card seeking request is decrypted using the encryption key of identity card card-reading terminal, The card seeking request that decryption obtains is sent to the verifying safety control module being correspondingly connected with;The verifying security control mould being correspondingly connected with Block, for receive card seeking request confirm, will confirm that information is sent to the certification safety control module of selection;Selection Certification safety control module is also used to obtain session key, is encrypted using session key to confirmation message, will be encrypted Confirmation message is sent to identity card card-reading terminal.
Optionally, dispatch server is also used to after selecting a certification safety control module, is generated authentication code, will be reflected Weighted code is sent respectively to identity card card-reading terminal and authentication database.
Optionally, which further includes authorization server, wherein dispatch server is also used to control safely in the certification of selection When molding block powers on, data to be signed are sent to the certification safety control module of selection;The certification safety control module of selection is also Signed data for using signature private key to sign data to be signed will include signed data, signature private key pair The authentication data of the encrypted public key certificate of the certification safety control module of the public signature key certificate and selection answered returns to scheduling Server;Dispatch server is also used to receive the authentication data that the certification safety control module of selection returns, and judges public signature key Whether certificate and encrypted public key certificate handle abnormality;It is place judging public signature key certificate and encrypted public key certificate not In the case where managing abnormality, data to be signed and authentication data are sent to authorization server;Authorization server, for leading to Whether the authorization electronic signature equipment verification public signature key certificate and encrypted public key certificate for crossing connection distribute to same identity card Card-reading terminal, if it is, whether verifying signed data is correct, if it is, the body of the certification safety control module of selection Part certification passes through, and otherwise, the authentication of the certification security module of selection does not pass through;Authorization server is also used to recognizing in selection It is close by protection of the authorization electronic signature equipment to authentication database in the case that the authentication of card safety control module passes through Key is sent to dispatch server after being encrypted;And the unacceptable feelings of authentication of the certification safety control module in selection It is sent a warning message under condition;Dispatch server is also used to for the protection key of the authentication database of encryption being sent to the certification of selection Safety control module;The certification safety control module of selection is also used to solve the protection key of the authentication database of encryption It is close, obtain the protection key of authentication database.
Optionally, the protection key storage for the authentication database that the certification safety control module of selection is also used to obtain exists In RAM, and forbid for the protection key of authentication database being stored in flash.
Optionally, dispatch server is also used to after selecting a certificate server, updates authentication database storage The working condition of the certification safety control module of selection.
Optionally, dispatch server is also used to the working condition according to certification safety control modules all in current system, Order opens or closes partial authentication safety control module.
Optionally, dispatch server is also used to monitor the working condition of each certification security control in real time, is supervising When having controlled certification safety control module appearance exception, then warning message is exported.
As seen from the above technical solution provided by the invention, the scheduling system of reading identity card provided by the invention In, dispatch server for the selection of identity card card-reading terminal authenticate safety control module before, first to identity card card-reading terminal into Row judgement determines whether identity card card-reading terminal reading identity card, only permission identity card card-reading terminal reading identity card In the case where, a certification safety control module just is selected for identity card card-reading terminal, to avoid illegal identity card card reading whole Certification safety control module is attacked at end, guarantees the safety of resident identification card.Also, in the present invention, dispatch server The encryption key that identity card card-reading terminal is obtained from authentication database, the ciphertext of the encryption key of identity card card-reading terminal is sent out The certification safety control module of selection is given, so that the certification safety control module of selection can energy identity card card-reading terminal The encryption data of transmission is decrypted, and improves the safety of identity card data transmission procedure.
Detailed description of the invention
In order to illustrate the technical solution of the embodiments of the present invention more clearly, required use in being described below to embodiment Attached drawing be briefly described, it should be apparent that, drawings in the following description are only some embodiments of the invention, for this For the those of ordinary skill in field, without creative efforts, it can also be obtained according to these attached drawings other Attached drawing.
Fig. 1 is the configuration diagram of the scheduling system for the reading identity card that the embodiment of the present invention 1 provides;
Fig. 2 is the configuration diagram of the scheduling system for the optional reading identity card that the embodiment of the present invention 1 provides;
Fig. 3 is the flow chart of the dispatching method for the reading identity card that the embodiment of the present invention 2 provides;
Fig. 4 is the structural schematic diagram for being applied to the dispatch server that identity card is read that the embodiment of the present invention 3 provides;
Fig. 5 is the flow chart for the key acquisition method that the embodiment of the present invention 4 provides;
Fig. 6 is the flow chart for the key acquisition method that the embodiment of the present invention 5 provides.
Specific embodiment
With reference to the attached drawing in the embodiment of the present invention, technical solution in the embodiment of the present invention carries out clear, complete Ground description, it is clear that described embodiments are only a part of the embodiments of the present invention, instead of all the embodiments.Based on this The embodiment of invention, every other implementation obtained by those of ordinary skill in the art without making creative efforts Example, belongs to protection scope of the present invention.
In the description of the present invention, it should be noted that unless otherwise clearly defined and limited, term " installation ", " phase Even ", " connection " shall be understood in a broad sense, for example, it may be being fixedly connected, may be a detachable connection, or be integrally connected;It can To be mechanical connection, it is also possible to be electrically connected;It can be directly connected, can also can be indirectly connected through an intermediary Connection inside two elements.For the ordinary skill in the art, above-mentioned term can be understood at this with concrete condition Concrete meaning in invention.
The embodiment of the present invention is described in further detail below in conjunction with attached drawing.
Embodiment 1
Present embodiments provide a kind of scheduling system of reading identity card.
Fig. 1 is the configuration diagram of the scheduling system of reading identity card provided in this embodiment, as shown in Figure 1, the system Specifically include that authentication database 101, dispatch server 102 and n certification safety control module (103-1,103-2 ..., 103-n), n is the integer more than or equal to 1.
In the present embodiment, authentication database 101, for all certification safety control module (103- in storage system 1,103-2 ..., 103-n) working condition and system in each identity card card-reading terminal encryption key ciphertext, Wherein, the ciphertext of the encryption key of each identity card card-reading terminal is the protection key using authentication database 101 respectively to each What the encryption key of a identity card card-reading terminal was encrypted.In an optional embodiment of the embodiment of the present invention, A working condition table can be safeguarded in authentication database 101, which at least has recorded each certification security control Module (103-1,103-2 ..., 103-n) is presently at idle state or busy condition.Dispatch server 102 can be with Judge that some certification safety control module is currently idle or busy according to the working condition table.Further, if some Authenticating the current state of safety control module is busy condition, then the certification can also be further safeguarded in authentication database 101 The number of the currently processed identity card card-reading terminal of safety control module, to facilitate dispatch server 101 according to load balancing Principle is allocated.
Dispatch server 102, for obtaining the identification information of identity card card-reading terminal, according to the mark of identity card card-reading terminal Know information and determines whether identity card card-reading terminal reading identity card;Allow identity card card-reading terminal reading identity card in judgement In the case where, after receiving the card seeking request of identity card card-reading terminal transmission, dispatch server is obtained from authentication database 101 The working condition of each certification safety control module (103-1,103-2 ..., 103-n) in 102 compass of competency;According to The work of each certification safety control module (103-1,103-2 ..., 103-n) in the compass of competency of dispatch server 102 State selects a certification safety control module (in the present embodiment, for convenience of description, it is assumed that dispatch server 102 selected Authenticating safety control module is certification safety control module 103-1), by the mark of the certification safety control module 103-1 of selection Information (for example, sequence number of certification safety control module 103-1) is sent to identity card card-reading terminal;It is whole according to identity card card reading The identification information at end obtains the ciphertext of the encryption key of identity card card-reading terminal from authentication database 101, wherein encryption is close The ciphertext of key is to be encrypted to obtain using the encryption key of the protection key pair identity card card-reading terminal of authentication database 101 's;Data information is sent to the certification safety control module 103-1 of selection, wherein data information includes: identity card card-reading terminal Encryption key ciphertext.
In the present embodiment, the encryption key of identity card card-reading terminal, which can be, applies for identity card card-reading terminal in user When, when encryption key is written into identity card card-reading terminal, by encryption key storage into authentication database 101, in order to protect The storage safety of encryption key is demonstrate,proved, authentication database 101 can further encrypt encryption key, for example, can use The protection key pair encryption key of authentication database 101 is encrypted, and authentication database 101 stores encrypted encryption key. In a particular application, the encryption key of identity card card-reading terminal can be stored in authentication database 101 by the way of key assignments, i.e., Use the identification information of identity card card-reading terminal as keyword, the encryption key ciphertext of identity card card-reading terminal is the data Value, certainly, however it is not limited to which this, in practical applications, authentication database 101 can also store identity card in other manners The encryption key of card-reading terminal.
In an optional embodiment of the embodiment of the present invention, the encryption key of identity card card-reading terminal can be symmetrical Key may be unsymmetrical key, if encryption key is unsymmetrical key, being stored in authentication database 101 to be The public key of identity card card-reading terminal.
The certification safety control module 103-1 of selection, information, uses the protection of authentication database 101 for receiving data The ciphertext of the encryption key of key pair identity card card-reading terminal is decrypted, and obtains the encryption key of identity card card-reading terminal.? In the present embodiment, certification safety control module is the external interface for verifying safety control module, and verifying safety control module is responsible for The ciphertext stored in decryption identity card, and authenticate safety control module and be responsible for encryption and decryption and certification work, to ensure to be sent to Verify the safety of the data of safety control module.In the present embodiment, verifying safety control module can use existing resident ID card verification safety control module (i.e. the residence card verifying safety control module of Ministry of Public Security's certification) is realized.Certification safety After control module 103-1 obtains the encryption key of identity card card-reading terminal, encryption key can be used to identity card card-reading terminal The data encrypted are decrypted, and therefore, in the present embodiment, identity card card-reading terminal sends number to network side in first time According to when, it can encrypted using encryption key to sent data, certification safety control module 103-1 use the identity The encryption key of card card-reading terminal is decrypted, and so as to obtain the data of identity card card-reading terminal transmission, guarantees that data pass Defeated safety.
The scheduling system of the reading identity card provided through this embodiment seeks identity card in identity card card-reading terminal, to When network side sends card seeking request, dispatch server 102 is after receiving card seeking request, it is first determined whether allowing the identity Demonstrate,proving card-reading terminal reading identity card is just the identity only in the case where allowing the identity card card-reading terminal reading identity card Card-reading terminal distribution certification safety control module is demonstrate,proved, so as to avoid illegal identity card card-reading terminal to certification safety control module Attack, improve identity card reading safety.
In an optional embodiment of the embodiment of the present invention, dispatch server 102 at least can be in the following manner One of obtain identity card card-reading terminal identification information:
(1) dispatch server 102 receives the access request that identity card card-reading terminal is sent, and identity is obtained from access request Demonstrate,prove the identification information of card-reading terminal.That is identity card card-reading terminal sends access request when accessing network, to network side, and request connects Enter, dispatch server 102 obtains identity card card reading end according to the identification information of the identity card card-reading terminal carried in access request The identification information at end after the judgement of dispatch server 102 allows the identity card card-reading terminal reading identity card, is permitted in this approach Perhaps the identity card card-reading terminal accesses, and after the access of identity card card-reading terminal, can protect long connection, after seeking identity card, Card seeking request is sent to dispatch server 102;In an optional embodiment of the present embodiment, in order to guarantee data transmission peace Entirely, dispatch server 102 can establish exit passageway with identity card card-reading terminal after allowing identity card card-reading terminal to access, For example, negotiating transmission key with identity card card-reading terminal, identity card card-reading terminal can pass through the peace after seeking identity card Full tunnel sends card seeking request to dispatch server 102, i.e., is encrypted using transmission key to card seeking request, dispatch server It after 102 receive encryption card seeking request, is decrypted using transmission key, obtains card seeking request, be identity card card-reading terminal Distribution certification safety control module.By this way, can identity card card-reading terminal access when to identity card card-reading terminal into Row verifying, for comparatively safe identity card card-reading terminal (for example, identity card card-reading terminal that bank is arranged in), can use This mode, it is possible to reduce to the verifying number of identity card card-reading terminal, improve efficiency.
(2) dispatch server 102 receives the identity card request that identity card card-reading terminal is sent, and obtains from identity card request The identification information of identity card card-reading terminal, wherein card seeking request and identity card card-reading terminal are carried in identity card request Identification information.I.e. in this approach, identity card of the every reading of identity card card-reading terminal, dispatch server 102 are verified once, body Part card card-reading terminal sends card seeking request after seeking identity card, to network side, and dispatch server 102 receives the card seeking and asks After asking, the identification information of identity card card-reading terminal is obtained.It by this way, can be in the every reading one of identity card card-reading terminal Identity card card-reading terminal is verified when identity card, for relatively less safe identity card card-reading terminal (for example, setting exists The identity card card-reading terminal of personal trade company), it can in this way, to guarantee safety.
In an optional embodiment of the embodiment of the present invention, the identification information of identity card card-reading terminal may include: The digital certificate of identity card card-reading terminal;Whether then dispatch server 102 is judged by the following manner allows identity card card reading whole End reading identity card: judge whether the digital certificate of identity card card-reading terminal is abnormal, if it is, determination does not allow identity card to read Card terminal reading identity card, otherwise judge identity card card-reading terminal digital certificate whether blacklist or control list in, In, the digital certificate for allowing the identity card card-reading terminal of reading identity card is had recorded not in blacklist, is managed and is had recorded in list The digital certificate for the identity card card-reading terminal for needing to control its reading identity card according to preset control strategy;Judging In the case that the digital certificate of identity card card-reading terminal is in blacklist, does not allow identity card card-reading terminal reading identity card, refuse The request of exhausted identity card card-reading terminal;In the digital certificate for judging identity card card-reading terminal in the case where managing in list, press Identity card card-reading terminal reading identity card is determined whether according to preset control strategy.
Alternatively, the identification information of identity card card-reading terminal can in another optional embodiment of the embodiment of the present invention To include: the sequence number of identity card card-reading terminal and the digital certificate of identity card card-reading terminal;Dispatch server 102 can lead to Cross following manner and determine whether identity card card-reading terminal reading identity card: judging the digital certificate of identity card card-reading terminal is No exception, if it is, determination does not allow identity card card-reading terminal reading identity card, otherwise, judge identity card card-reading terminal Whether digital certificate or the sequence number of identity card card-reading terminal are in blacklist or control list, wherein have recorded in blacklist Do not allow the identification information of the identity card card-reading terminal of reading identity card, manages and have recorded needs in list according to preset control The identification information for the identity card card-reading terminal that strategy controls reading identity card operation;Judging identity card card-reading terminal In the case that digital certificate or the sequence number of identity card card-reading terminal are in blacklist, identity card card-reading terminal is not allowed to read body Part card, refuses the request of identity card card-reading terminal;In the digital certificate or identity card card-reading terminal for judging identity card card-reading terminal Sequence number manage list in the case where, according to preset control strategy determine whether identity card card-reading terminal reading Identity card.
In above two optional embodiment, dispatch server 102 is in the digital certificate for judging identity card card-reading terminal Whether it is abnormal when, the digital certificate for being used for sign test and described can inquire on digital certificate status online query server The survival condition of digital certificate for encryption, the survival condition include: normal existence state and improper survival condition, institute Improper survival condition is stated including at least following one: Certificate Revocation, certificate expired, certificate freeze to be put into black name with certificate It is single.
In above two optional embodiment, blacklist and control list can be according to preset rules according to each The card reading behavior of a identity card card-reading terminal is configured.
By above two optional embodiment, whether identity card card reading can be allowed by blacklist and control name single pair Terminal reading identity card is judged, attack of the card-reading terminal to network side can be demonstrate,proved to avoid illegal identity, identity card is improved and reads The safety taken.
In an optional embodiment of the embodiment of the present invention, there is illegal identity card card-reading terminal in blacklist Identification information, for example, the identity card card-reading terminal that is reported the loss identification information, continuous there is abnormal identity card card-reading terminal Identification information, the identity card card readings occurred more than the sequence number of the identity card card-reading terminal of service life or in short-term in multiple areas The identification information etc. of terminal, the processing requested it can bring greater risk, if dispatch server 102 judges that identity card card reading is whole The identification information at end is included in blacklist, illustrates that the identification information of the identity card card-reading terminal is that illegal identity demonstrate,proves card-reading terminal Identification information, dispatch server 102 not in processing, termination process.Optionally, dispatch server 102 can return For prompt information to prompt user, which has been added into blacklist, carries out subsequent operation and problem convenient for user It solves.
In an optional embodiment of the embodiment of the present invention, manages and can recorde specific control strategy in list, Judging the identification information of identity card card-reading terminal in the case where managing in list, one of includes, but are not limited to, the following ways and to sentence It is disconnected whether to allow identity card card-reading terminal reading identity card:
(1) according to preset control strategy, judge whether identity card card-reading terminal is currently in the position range allowed, If it is, identity card card-reading terminal reading identity card is allowed otherwise not allow identity card card-reading terminal reading identity card, refuse The request of exhausted identity card card-reading terminal, wherein the position model of identity card card-reading terminal permission is had recorded in preset control strategy It encloses;I.e. for certain identity card card-reading terminals, these identity card card-reading terminals is only allowed to read identity in certain position ranges Card, and exceed these ranges, then do not allow its reading identity card.For example, in a particular application, bank client application can be set Identity card card-reading terminal can only carry out identity card reading in bank outlets, not allow then identity card card reading whole beyond bank outlets Hold reading identity card.In this case, in this way, identity card card-reading terminal can be positioned, to determine body The current position of part card card-reading terminal.It in this way, can be to avoid being specific to the identity card card-reading terminal quilt that somewhere uses It usurps.
(2) according to preset control strategy, judge current time whether in the time for allowing identity card card-reading terminal card reading In range, if it is, allowing identity card card-reading terminal reading identity card, otherwise, identity card card-reading terminal is not allowed to read body Part card, refuses the request of identity card card-reading terminal, wherein having recorded in preset control strategy allows the reading of identity card card-reading terminal The time range of card.I.e. for certain identity card card-reading terminals, only allow these identity card card-reading terminals within certain periods Reading identity card does not allow for identity card card-reading terminal reading identity card beyond these periods.For example, the railway system only exists 7:00-22:00 ticketing, therefore, the identity card card-reading terminal that the railway system is arranged in only allow to read body within these periods Part card, is illegally used to avoid these identity card card-reading terminals.
(3) according to preset control strategy, within a preset period of time, the history card reading of identity card card-reading terminal is secondary for judgement Whether number is more than preset times threshold value, if it is, not allowing identity card card-reading terminal reading identity card, refuses identity card card reading Otherwise the request of terminal allows identity card card-reading terminal reading identity card, wherein have recorded in preset control strategy default The duration and preset times threshold value of period.That is the card reading number of limitation identity card card-reading terminal within a preset period of time, keeps away Exempting from same identity card card-reading terminal, frequent card reading causes certification safety control module over-burden in a short time, and causes to recognize The problem of card safety control module can not work normally.
(4) according to preset control strategy, judgement within a preset period of time, identity card card-reading terminal card reading twice in succession The distance between position whether be more than pre-determined distance, if it is, not allowing identity card card-reading terminal reading identity card, refuse Otherwise the request of identity card card-reading terminal allows identity card card-reading terminal reading identity card, wherein in preset control strategy Have recorded the duration and pre-determined distance of preset time period;I.e. for certain identity card card-reading terminals, do not allow its span from making With not allowing the identity card card-reading terminal at two apart from farther away for example, being distributed to the identity card card-reading terminal of some trade company Place uses, stolen to avoid the identity card card-reading terminal of user.
(5) according to preset control strategy, judge whether the time interval of identity card card-reading terminal card reading twice in succession surpasses Preset value is crossed, if it is, not allowing identity card card-reading terminal reading identity card, refuses the request of identity card card-reading terminal, it is no Then, allow identity card card-reading terminal reading identity card, wherein had recorded during preset control is tactful the duration of preset time period with And pre-determined distance.The card reading frequency for controlling identity card card-reading terminal, avoids the same frequent card reading of identity card card-reading terminal to recognizing Demonstrate,prove the attack of safety control module bring.
It should be noted that, although above-mentioned five kinds of modes are separately discussed, but carry out those skilled in the art, for same Identity card card-reading terminal, it is clear that two or more control strategy can be set simultaneously, for example, reading for same identity card Card terminal only allows identity card card-reading terminal reading identity card in certain a period of time in certain position ranges, then only has When meeting position and the requirement of time at the same time, just allow identity card card-reading terminal reading identity card.
In an optional embodiment of the embodiment of the present invention, as shown in Fig. 2, the system can also include n verifying Safety control module (105-1,105-2 ..., 105-n), wherein a certification safety control module is correspondingly connected with one and tests Safety control module is demonstrate,proved, and the verifying safety control module of different certification security control connections is not identical.In the optional implementation In mode, dispatch server 102 is by the identification information of the certification safety control module 103-1 selected (for example, can be selection Authenticate safety control module 103-1 the network port) return to identity card card-reading terminal after, dispatch server 102 can will connect The card seeking request received is sent to the certification safety control module 103-1 of selection, in this case, each certification security control Module (103-1,103-2 ..., 103-n) can be connected directly between on each port of dispatch server 102;Alternatively, can also To be that the identification information of the certification safety control module 103-1 of selection is returned to identity card card-reading terminal by dispatch server 102 Afterwards, identity card card-reading terminal is controlled according to the identification information of the certification safety control module 103-1 of selection to the certification safety of selection The transmission card seeking of molding block 103-1 is requested, and in this case, certification safety control module is the mould with network communication function Block can be communicated directly with identity card card-reading terminal.In the optional embodiment, the certification safety control module of selection 103-1 is also used to obtain card seeking request, and card seeking request can be identity card card-reading terminal using the encryption key of itself to seeking The ciphertext data that card request data is encrypted, the certification safety control module 103-1 of selection are asked receiving the card seeking After asking, card seeking request is decrypted in the encryption key that the identity card card-reading terminal got can be used, and decryption is obtained Card seeking request is sent to the verifying safety control module 105-1 being correspondingly connected with the certification safety control module 103-1 of selection.It is right The verifying safety control module 105-1 that should be connected, for receive card seeking request confirm, will confirm that information is sent to choosing The certification safety control module 103-1 selected;The certification safety control module 103-1 of selection is also used to obtain session key, uses Session key encrypts confirmation message, and encrypted confirmation message is sent to identity card card-reading terminal.It needs to illustrate It is, in the optional embodiment, in order to guarantee that data transmission security identity card card-reading terminal carries out encryption hair to card seeking request It sending, the certification safety control module 103-1 of selection also carries out encryption transmission to confirmation message, but if transmission environment is safe, Can be without encryption, it is specific that this embodiment is not limited.
In above-mentioned optional embodiment, session key can be the certification safety control module 103-1 and identity of selection Card card-reading terminal is held consultation, and the random number that the certification safety control module 103-1 of selection is directly generated is also possible to, If it is the random number that the certification safety control module 103-1 of selection is generated, then the certification safety control module 103-1 selected can To use the encryption key of identity card card-reading terminal to encrypt random number, the public key of identity card card-reading terminal also can be used Random number is encrypted, the confirmation message of the random number of encryption and encryption is sent jointly into identity card card-reading terminal, thus It can guarantee the transmission safety of session key.
In an optional embodiment of the embodiment of the present invention, according to normal identity card card reading process, identity card is read Card terminal executes card selection process, after choosing identity card, identity card card reading after the confirmation message for receiving card seeking request Terminal sends the card selection request of encryption, the certification safety control module of selection to the certification safety control module 103-1 of selection 103-1 is sent to corresponding verifying safety control module 105-1 after the card selection request of encryption is decrypted, and verifies security control Module 105-1 to card selection request respond, send response message to selection certification safety control module 103-1, selection Certification safety control module 103-1 carries out encryption to response message and is sent to identity card card-reading terminal, and identity card card-reading terminal exists After receiving response message, the identification information of the identity card of selection is sent to the certification safety control module 103-1 of selection.? In the optional embodiment, the certification safety control module 103-1 of selection is also used to receive encryption identity card identification information, to adding Close identity card identification information is decrypted, and the identity card identification information that decryption obtains is returned to dispatch server 102;Scheduling clothes Business device 102 is also used to according at least to identity card identification information, the identification information of identity card card-reading terminal and preset plan Slightly, judge whether that blacklist or control list for the identification information of identity card card-reading terminal is added, for example, judging that the identity card is read Whether the card reading frequency of card terminal is more than that predetermined value, identity card card-reading terminal continually read different identity card etc., so that it is determined that Whether blacklist is added in the identification information of identity card card-reading terminal or manages list.By dispatching in the optional embodiment Server 102 can be managed identity card card-reading terminal according to preset strategy, so as to dynamically update black name Single and control list is further ensured that certification safety control module will not be by rogue attacks.
In an optional embodiment of the embodiment of the present invention, dispatch server 102 is also used to judge that identity card identifies Whether information is in identity card blacklist, if it is, instruction information is sent to the certification safety control module 103-1 of selection, The identity card for indicating that identity card card-reading terminal is currently read is illegal, and the certification safety control module 103-1 of selection receives instruction After information, can stop handling current identity card and read process, it is also an option that certification safety control module 103-1 may be used also To send prompt information to identity card card-reading terminal, the identity card for prompting user current is illegal.Wherein, it is deposited in identity card blacklist Have the identification information of illegal identity card, for example, the identity card being reported the loss identification information, continuous there is abnormal identity card Identification information, identification information of expired identity card etc..Optionally, the identification information of identity card can be the sequence of identity card Number, i.e. the birth certificate of identity card.It by the optional embodiment, can identify that illegal identity is demonstrate,proved, avoid reading illegal identity Card.
In an optional embodiment of the embodiment of the present invention, dispatch server 102 is also used in one certification of selection After safety control module 103-1, authentication code is generated, authentication code is sent respectively to identity card card-reading terminal and authentication database 101 (for example, it is whole to send jointly to identity card card reading with the identification information of the certification safety control module 103-1 of selection End), authentication code is stored in authentication database 101, and authentication code has a validity period, when reaching validity period, authentication data Delete the authentication code in library 101.After identity card card-reading terminal receives authentication code, carried in the subsequent request for being sent to network side The authentication code.For example, if identity card card-reading terminal is in the identification information for authenticating safety control module 103-1 for receiving selection Later, it needs to send card seeking request to the certification safety control module 103-1 of selection, then can carry the mirror in card seeking request Weighted code is that authentication code can be encrypted to the certification safety control module for being sent to selection together if card seeking request is encryption Whether 103-1 can inquire in authentication database and wrap after the certification safety control module 103-1 of selection receives the authentication code Containing the authentication code, illustrate that authentication code is no longer valid if do not included if it is, continuing subsequent processing, refusal identity card is read The request of card terminal.By the optional embodiment, dispatch server 102 can control body by the effective time of authentication code The access time of part card card-reading terminal avoids after selecting certification safety control module for identity card card-reading terminal, and identity card is read Card terminal do not initiate card reading request for a long time and cause to authenticate safety control module it is idle for a long time cannot be assigned to it is other The problem of identity card card-reading terminal.
It, can also be to certification safety in order to guarantee data security in an optional embodiment of the embodiment of the present invention Control module is authenticated.In the optional embodiment, as shown in Fig. 2, the system further includes can be with authorization server 104.
In above-mentioned optional embodiment, dispatch server 102 is also used to the certification safety control module 103-1 in selection When powering on, data to be signed are sent to the certification safety control module 103-1 of selection;The certification safety control module 103- of selection 1 is also used for the signed data that signature private key signs to data to be signed, will include signed data, signature private key The authentication data of the encrypted public key certificate of corresponding public signature key certificate and the certification safety control module 103-1 of selection is returned Back to dispatch server 102;What the certification safety control module 103-1 that dispatch server 102 is also used to receive selection was returned recognizes Data are demonstrate,proved, judge whether public signature key certificate and encrypted public key certificate handle abnormality;Judge public signature key certificate with And in the case that encrypted public key certificate is not processing abnormality, data to be signed and authentication data are sent to authorization service Device 104;Authorization server 104, for the authorization electronic signature equipment verification public signature key certificate and encryption public affairs by connection Whether key certificate distributes to same identity card card-reading terminal, if it is, whether verifying signed data is correct, if it is, The authentication of the certification safety control module 103-1 of selection passes through, and otherwise, the authentication of the certification security module of selection is not Pass through;Authorization server 104 is also used in the case where the authentication of the certification safety control module 103-1 of selection passes through, Dispatch server 102 is sent to after encrypting by protection key of the authorization electronic signature equipment to authentication database 101;With And it is sent a warning message in the unacceptable situation of authentication of the certification safety control module 103-1 of selection;Dispatch service Device 102 is also used to for the protection key of the authentication database 101 of encryption being sent to the certification safety control module 103-1 of selection; The certification safety control module 103-1 of selection is also used to that the protection key of the authentication database 101 of encryption is decrypted, and obtains The protection key of authentication database 101.
In the above-described embodiment, dispatch server 102 passes through the certification security control mould of 104 pairs of authorization server selections Block 103-1 is authenticated, but not limited to this, if the certification safety control module 103-1 of selection has communication function, authorization clothes Business device 104 can directly authenticate the certification safety control module 103-1 of selection.Authenticate the certification tool of safety control module Body may refer to the description of embodiment 4 and embodiment 5.
In an optional embodiment of the embodiment of the present invention, the certification safety control module 103-1 of selection is also used to By the protection key storage of obtained authentication database 101 in RAM, and forbid protecting the protection key of authentication database 101 There are in flash.By the optional embodiment, the certification safety control module 103-1 of selection is after lower electricity, authentication database 101 protection key is automatically deleted, and ensure that the safety of the protection key of authentication database 101.
In an optional embodiment of the embodiment of the present invention, dispatch server 102 is also used in one certification of selection After server, the working condition of the certification safety control module 103-1 for the selection that authentication database 101 stores is updated, thus Subsequent dispatch server 102 is selected according to the working condition of update.
In an optional embodiment of the embodiment of the present invention, dispatch server 102 is also used to according in current system The working condition of all certification safety control modules, order open or close partial authentication safety control module.It is optional by this Embodiment, dispatch server 102 can be opened or be closed according to the working condition of the certification safety control module in current system Partial authentication safety control module is closed, reaches resource and makes full use of and energy-efficient purpose.
In an optional embodiment of the embodiment of the present invention, dispatch server 102 is also used to each certification safety The working condition of control is monitored in real time, when having monitored certification safety control module appearance exception, then exports alarm signal Breath, so as to notify system maintenance personnel to handle in time when authenticating safety control module and occurring abnormal.
Embodiment 2
Present embodiments provide a kind of dispatching method of reading identity card.
Fig. 3 is the flow chart of the dispatching method of reading identity card provided in this embodiment, as shown in figure 3, this method is main The following steps are included:
Step S301, dispatch server obtains the identification information of identity card card-reading terminal, according to identity card card-reading terminal Whether identification information judgment allows identity card card-reading terminal reading identity card;
Step S302 is read in the case where judgement allows identity card card-reading terminal reading identity card receiving identity card After the card seeking request that card terminal is sent, the certification security control mould out of authentication database obtains dispatch server compass of competency The working condition of block;
Step S303, according to the principle of task equilibrium, according to the certification safety in the compass of competency of dispatch server The working condition table of control module selects a certification safety control module, by the mark of the certification safety control module of selection Information is sent to identity card card-reading terminal;
It is whole to obtain identity card card reading according to the identification information of identity card card-reading terminal from authentication database by step S304 The ciphertext of the encryption key at end, wherein ciphertext is the encryption using the protection key pair identity card card-reading terminal of authentication database What key was encrypted;
Step S305 sends data information to the certification safety control module of selection, wherein data information includes: identity Demonstrate,prove the ciphertext of the encryption key of card-reading terminal.
In the present embodiment, the working condition of all certification safety control modules in authentication database in storage system, And the ciphertext of the encryption key of each identity card card-reading terminal in system, wherein the encryption of each identity card card-reading terminal The ciphertext of key is to be added respectively to the encryption key of each identity card card-reading terminal using the protection key of authentication database It is close to obtain.In an optional embodiment of the embodiment of the present invention, a working condition can be safeguarded in authentication database Table, the working condition table at least have recorded each certification safety control module and are presently at idle state or busy condition. Dispatch server can judge that some certification safety control module is currently idle or busy according to the working condition table.Into one It step ground can also be further in authentication database if it is busy condition that some, which authenticates the current state of safety control module, The number of the currently processed identity card card-reading terminal of the certification safety control module is safeguarded, to facilitate dispatch server according to load Balanced principle is allocated.
In the present embodiment, the encryption key of identity card card-reading terminal, which can be, applies for identity card card-reading terminal in user When, when encryption key is written into identity card card-reading terminal, by encryption key storage into authentication database, in order to guarantee to add The storage safety of key, authentication database can further encrypt encryption key, for example, authentication data can be used The protection key pair encryption key in library is encrypted, and authentication database stores encrypted encryption key.In a particular application, recognize The encryption key that identity card card-reading terminal can be stored in card database by the way of key assignments, that is, use identity card card-reading terminal Identification information as keyword, the encryption key ciphertext of identity card card-reading terminal is the value of the data, certainly, however it is not limited to This, in practical applications, authentication database can also store the encryption key of identity card card-reading terminal in other manners.
In an optional embodiment of the embodiment of the present invention, the encryption key of identity card card-reading terminal can be symmetrical Key may be unsymmetrical key, if encryption key is unsymmetrical key, being stored in authentication database can be body The public key of part card card-reading terminal.
In the present embodiment, the encryption key of identity card card-reading terminal is sent to choosing in step S305 by dispatch server The certification safety control module selected can be with after selection certification safety control module obtains the encryption key of identity card card-reading terminal Identity card card-reading terminal is decrypted using the data that encryption key is encrypted, therefore, in the present embodiment, identity card is read Card terminal is when sending data to network side first time, it can is encrypted, is recognized to sent data using encryption key Card safety control module is decrypted using the encryption key of the identity card card-reading terminal, whole so as to obtain identity card card reading The data sent are held, guarantee the safety of data transmission.
The dispatching method provided through this embodiment seeks identity card in identity card card-reading terminal, seeks to network side transmission When card request, dispatch server is after receiving card seeking request, it is first determined whether the identity card card-reading terminal is allowed to read Identity card is just identity card card-reading terminal distribution only in the case where allowing the identity card card-reading terminal reading identity card Safety control module is authenticated, the attack so as to avoid illegal identity card card-reading terminal to certification safety control module improves The safety that identity card is read.
In an optional embodiment of the embodiment of the present invention, dispatch server obtains the mark of identity card card-reading terminal Information includes following one:
(1) dispatch server receives the access request that identity card card-reading terminal is sent, and identity card is obtained from access request The identification information of card-reading terminal.That is identity card card-reading terminal sends access request when accessing network, to network side, and request connects Enter, dispatch server obtains identity card card-reading terminal according to the identification information of the identity card card-reading terminal carried in access request Identification information after dispatch server judgement allows the identity card card-reading terminal reading identity card, allows the identity in this approach Demonstrate,proving card-reading terminal access can protect long connection after the access of identity card card-reading terminal, after seeking identity card, take to scheduling Device transmission card seeking of being engaged in is requested;In an optional embodiment of the present embodiment, in order to guarantee data transmission security, dispatch service Device can establish exit passageway with identity card card-reading terminal after allowing identity card card-reading terminal to access, for example, reading with identity card Card terminal negotiates transmission key, and identity card card-reading terminal can be taken by the exit passageway to scheduling after seeking identity card Device transmission card seeking of being engaged in is requested, i.e., is encrypted using transmission key to card seeking request, dispatch server receives the encryption card seeking It after request, is decrypted using transmission key, obtains card seeking request, for identity card card-reading terminal distribution certification security control mould Block.By this way, identity card card-reading terminal can be verified when identity card card-reading terminal accesses, for comparatively safe Identity card card-reading terminal (for example, identity card card-reading terminal that bank is set), can be in this way, it is possible to reduce right The verifying number of identity card card-reading terminal, improves efficiency.
(2) dispatch server receives the identity card request that identity card card-reading terminal is sent, and obtains body from identity card request The identification information of part card card-reading terminal, wherein the mark of card seeking request and identity card card-reading terminal is carried in identity card request Know information.I.e. in this approach, identity card of the every reading of identity card card-reading terminal, dispatch server verifying is primary, identity card Card-reading terminal sends card seeking request after seeking identity card, to network side, after dispatch server receives card seeking request, Obtain the identification information of identity card card-reading terminal.It by this way, can be in identity card card-reading terminal one identity card of every reading When identity card card-reading terminal is verified, for relatively less safe identity card card-reading terminal (for example, being arranged in personal quotient The identity card card-reading terminal at family), it can in this way, to guarantee safety.
In an optional embodiment of the embodiment of the present invention, the identification information of identity card card-reading terminal may include: The digital certificate of identity card card-reading terminal;Then dispatch server determines whether that identity card card-reading terminal reading identity card can be with It include: to judge whether the digital certificate of identity card card-reading terminal is abnormal, if it is, determining does not allow identity card card-reading terminal to read Identity card is taken, otherwise judges the digital certificate of identity card card-reading terminal whether in blacklist or control list, wherein blacklist In have recorded the digital certificate for not allowing the identity card card-reading terminal of reading identity card, manage and have recorded needs in list according to pre- If the control strategy digital certificate of identity card card-reading terminal that its reading identity card is controlled;Judging identity card card reading In the case that the digital certificate of terminal is in blacklist, identity card card-reading terminal reading identity card is not allowed, refusal identity card is read The request of card terminal;In the case where judging that the digital certificate of identity card card-reading terminal is in control list, according to preset pipe Control strategy determines whether identity card card-reading terminal reading identity card.
Alternatively, the identification information of identity card card-reading terminal can in another optional embodiment of the embodiment of the present invention To include: the sequence number of identity card card-reading terminal and the digital certificate of identity card card-reading terminal;Dispatch server can pass through Following manner determines whether identity card card-reading terminal reading identity card: judge identity card card-reading terminal digital certificate whether It is abnormal, if it is, determination does not allow identity card card-reading terminal reading identity card, otherwise, judge the number of identity card card-reading terminal Whether word certificate or the sequence number of identity card card-reading terminal are in blacklist or control list, wherein have recorded not in blacklist Allow the identification information of the identity card card-reading terminal of reading identity card, manages and have recorded needs in list according to preset control plan The identification information for the identity card card-reading terminal that slightly reading identity card operation is controlled;In the number for judging identity card card-reading terminal In the case that word certificate or the sequence number of identity card card-reading terminal are in blacklist, identity card card-reading terminal is not allowed to read identity Card refuses the request of identity card card-reading terminal;In the digital certificate or identity card card-reading terminal for judging identity card card-reading terminal Sequence number determines whether that identity card card-reading terminal reads body in the case where managing in list, according to preset control strategy Part card.
In above two optional embodiment, dispatch server the digital certificate for judging identity card card-reading terminal whether When abnormal, the digital certificate for sign test can be inquired on digital certificate status online query server and described is used for The survival condition of the digital certificate of encryption, the survival condition include: normal existence state and improper survival condition, described non- Normal existence state includes at least following one: Certificate Revocation, certificate expired, certificate freeze to be put on the blacklist with certificate.
In above two optional embodiment, blacklist and control list can be according to preset rules according to each The card reading behavior of a identity card card-reading terminal is configured.
By above two optional embodiment, whether identity card card reading can be allowed by blacklist and control name single pair Terminal reading identity card is judged, attack of the card-reading terminal to network side can be demonstrate,proved to avoid illegal identity, identity card is improved and reads The safety taken.
In an optional embodiment of the embodiment of the present invention, there is illegal identity card card-reading terminal in blacklist Identification information, for example, the identity card card-reading terminal that is reported the loss identification information, continuous there is abnormal identity card card-reading terminal Identification information, the identity card card readings occurred more than the sequence number of the identity card card-reading terminal of service life or in short-term in multiple areas The identification information etc. of terminal, the processing requested it can bring greater risk, if dispatch server judges identity card card-reading terminal Identification information be included in blacklist, illustrate that the identification information of the identity card card-reading terminal is that illegal identity demonstrate,proves card-reading terminal Identification information, dispatch server is not in processing, termination process.Optionally, dispatch server can return to prompt information To prompt user, which has been added into blacklist, carries out subsequent operation and Resolving probiems convenient for user.
In an optional embodiment of the embodiment of the present invention, manages and can recorde specific control strategy in list, Judging the identification information of identity card card-reading terminal in the case where managing in list, one of includes, but are not limited to, the following ways and to sentence It is disconnected whether to allow identity card card-reading terminal reading identity card:
(1) according to preset control strategy, judge whether identity card card-reading terminal is currently in the position range allowed, If it is, identity card card-reading terminal reading identity card is allowed otherwise not allow identity card card-reading terminal reading identity card, refuse The request of exhausted identity card card-reading terminal, wherein the position model of identity card card-reading terminal permission is had recorded in preset control strategy It encloses;I.e. for certain identity card card-reading terminals, these identity card card-reading terminals is only allowed to read identity in certain position ranges Card, and exceed these ranges, then do not allow its reading identity card.For example, in a particular application, bank client application can be set Identity card card-reading terminal can only carry out identity card reading in bank outlets, not allow then identity card card reading whole beyond bank outlets Hold reading identity card.In this case, in this way, identity card card-reading terminal can be positioned, to determine body The current position of part card card-reading terminal.It in this way, can be to avoid being specific to the identity card card-reading terminal quilt that somewhere uses It usurps.
(2) according to preset control strategy, judge current time whether in the time for allowing identity card card-reading terminal card reading In range, if it is, allowing identity card card-reading terminal reading identity card, otherwise, identity card card-reading terminal is not allowed to read body Part card, refuses the request of identity card card-reading terminal, wherein having recorded in preset control strategy allows the reading of identity card card-reading terminal The time range of card.I.e. for certain identity card card-reading terminals, only allow these identity card card-reading terminals within certain periods Reading identity card does not allow for identity card card-reading terminal reading identity card beyond these periods.For example, the railway system only exists 7:00-22:00 ticketing, therefore, the identity card card-reading terminal that the railway system is arranged in only allow to read body within these periods Part card, is illegally used to avoid these identity card card-reading terminals.
(3) according to preset control strategy, within a preset period of time, the history card reading of identity card card-reading terminal is secondary for judgement Whether number is more than preset times threshold value, if it is, not allowing identity card card-reading terminal reading identity card, refuses identity card card reading Otherwise the request of terminal allows identity card card-reading terminal reading identity card, wherein have recorded in preset control strategy default The duration and preset times threshold value of period.That is the card reading number of limitation identity card card-reading terminal within a preset period of time, keeps away Exempting from same identity card card-reading terminal, frequent card reading causes certification safety control module over-burden in a short time, and causes to recognize The problem of card safety control module can not work normally.
(4) according to preset control strategy, judgement within a preset period of time, identity card card-reading terminal card reading twice in succession The distance between position whether be more than pre-determined distance, if it is, not allowing identity card card-reading terminal reading identity card, refuse Otherwise the request of identity card card-reading terminal allows identity card card-reading terminal reading identity card, wherein in preset control strategy Have recorded the duration and pre-determined distance of preset time period;I.e. for certain identity card card-reading terminals, do not allow its span from making With not allowing the identity card card-reading terminal at two apart from farther away for example, being distributed to the identity card card-reading terminal of some trade company Place uses, stolen to avoid the identity card card-reading terminal of user.
(5) according to preset control strategy, judge whether the time interval of identity card card-reading terminal card reading twice in succession surpasses Preset value is crossed, if it is, not allowing identity card card-reading terminal reading identity card, refuses the request of identity card card-reading terminal, it is no Then, allow identity card card-reading terminal reading identity card, wherein had recorded during preset control is tactful the duration of preset time period with And pre-determined distance.The card reading frequency for controlling identity card card-reading terminal, avoids the same frequent card reading of identity card card-reading terminal to recognizing Demonstrate,prove the attack of safety control module bring.
It should be noted that, although above-mentioned five kinds of modes are separately discussed, but carry out those skilled in the art, for same Identity card card-reading terminal, it is clear that two or more control strategy can be set simultaneously, for example, reading for same identity card Card terminal only allows identity card card-reading terminal reading identity card in certain a period of time in certain position ranges, then only has When meeting position and the requirement of time at the same time, just allow identity card card-reading terminal reading identity card.
In an optional embodiment of the embodiment of the present invention, dispatch server is by the certification safety control module of selection Identification information (for example, can for selection certification safety control module the network port) return to identity card card-reading terminal Afterwards, the card seeking received can be requested the certification safety control module for being sent to selection by dispatch server.In this case, Each certification safety control module can be connected directly between on each port of dispatch server;Alternatively, being also possible to scheduling clothes After the identification information of the certification safety control module of selection is returned to identity card card-reading terminal by business device, identity card card-reading terminal root According to the identification information of the certification safety control module of selection, requested to the transmission card seeking of the certification safety control module of selection, In this case, certification safety control module be the module with network communication function, can directly with identity card card-reading terminal It is communicated.In the optional embodiment, the available card seeking request of the certification safety control module of selection, card seeking request It can be the ciphertext data that identity card card-reading terminal encrypts card seeking request data using the encryption key of itself, choosing The encryption of the identity card card-reading terminal got can be used after receiving card seeking request in the certification safety control module selected The request of key pair card seeking is decrypted, and the card seeking request that decryption obtains is sent to corresponding with the certification safety control module of selection The verifying safety control module of connection.The verifying safety control module being correspondingly connected with confirms to card seeking request is received, and incites somebody to action Confirmation message is sent to the certification safety control module of selection;The certification safety control module of selection obtains session key, uses Session key encrypts confirmation message, and encrypted confirmation message is sent to identity card card-reading terminal.It needs to illustrate It is, in the optional embodiment, in order to guarantee that data transmission security identity card card-reading terminal carries out encryption hair to card seeking request It send, the certification safety control module of selection also carries out encryption transmission to confirmation message, can also not but if transmission environment is safe It is encrypted, specific this embodiment is not limited.
In above-mentioned optional embodiment, session key can be the certification safety control module and identity card card reading of selection What terminal was held consultation, it is also possible to the random number that the certification safety control module of selection directly generates, if it is selection The random number that generates of certification safety control module, then identity card card-reading terminal can be used in the certification safety control module selected Encryption key random number is encrypted, the confirmation message of the random number of encryption and encryption is sent jointly into identity card card reading Terminal thereby may be ensured that the transmission safety of session key.
In an optional embodiment of the embodiment of the present invention, according to normal identity card card reading process, identity card is read Card terminal executes card selection process, after choosing identity card, identity card card reading after the confirmation message for receiving card seeking request Terminal sends the card selection request of encryption to the certification safety control module of selection, and the certification safety control module of selection is to encryption Card selection request is sent to corresponding verifying safety control module after being decrypted, verifying safety control module requests to carry out to card selection Response, sends response message to the certification safety control module of selection, the certification safety control module of selection to response message into Row encryption is sent to identity card card-reading terminal, and identity card card-reading terminal is after receiving response message, by the identity card of selection Identification information is sent to the certification safety control module of selection.In the optional embodiment, the certification security control mould of selection Block receives encryption identity card identification information, and encryption identity card identification information is decrypted, and the identity card that decryption is obtained identifies Information returns to dispatch server.Therefore, this method can also include: the certification security control mould that dispatch server receives selection The identity card identification information that block returns, according at least to identity card identification information, the identification information of identity card card-reading terminal and pre- The strategy first set judges whether that blacklist or control list for the identification information of identity card card-reading terminal is added, for example, judgement Whether the card reading frequency of the identity card card-reading terminal is more than that predetermined value, identity card card-reading terminal continually read different identity card Deng determining whether that blacklist or control list for the identification information of identity card card-reading terminal is added.Pass through the optional implementation In mode, dispatch server can be managed identity card card-reading terminal according to preset strategy, so as to dynamic Blacklist and control list are updated, is further ensured that certification safety control module will not be by rogue attacks.
In an optional embodiment of the embodiment of the present invention, after receiving identity card identification information, this method It can also include: that dispatch server judges identity card identification information whether in identity card blacklist, if it is, to selection It authenticates safety control module and sends instruction information, the identity card that instruction identity card card-reading terminal is currently read is illegal, and selection is recognized After card safety control module receives instruction information, it can stop handling current identity card reading process, it is also an option that Prompt information can also be sent to identity card card-reading terminal by authenticating safety control module, and the identity card for prompting user current is illegal. Wherein, there is the identification information of illegal identity card in identity card blacklist, such as identification information, the company of the identity card being reported the loss It is continuous abnormal identification information, the identification information of expired identity card of identity card etc. occur.Optionally, the identification information of identity card It can be the sequence number of identity card, the i.e. birth certificate of identity card.By the optional embodiment, illegal identity can be identified Card avoids reading illegal identity card.
In an optional embodiment of the embodiment of the present invention, dispatch server is selecting a certification security control mould After block, this method can also include: generation authentication code, and authentication code is sent respectively to identity card card-reading terminal and authentication data Library (for example, identity card card-reading terminal can be sent jointly to the identification information of the certification safety control module of selection).Authentication Code is stored in authentication database, and authentication code has a validity period, and when reaching validity period, authentication database deletes the authentication Code.After identity card card-reading terminal receives authentication code, the authentication code is carried in the subsequent request for being sent to network side.For example, If identity card card-reading terminal needs recognizing to selection after receiving the identification information of certification safety control module of selection It demonstrate,proves safety control module and sends card seeking request, then can carry the authentication code in card seeking request, if card seeking request is encryption , it is that authentication code can be encrypted to the certification safety control module for being sent to selection, the certification safety control module of selection together After receiving the authentication code, it can inquire whether comprising the authentication code in authentication database, if it is, continue subsequent processing, If do not included, illustrate that authentication code is no longer valid, refuses the request of identity card card-reading terminal.By the optional embodiment, Dispatch server can control the access time of identity card card-reading terminal by the effective time of authentication code, avoid as identity card After card-reading terminal selection certification safety control module, identity card card-reading terminal does not initiate card reading request for a long time and causes to authenticate The problem of safety control module long-time free time cannot be assigned to other identity card card-reading terminals again.
It, can also be to certification safety in order to guarantee data security in an optional embodiment of the embodiment of the present invention Control module is authenticated.Therefore, this method further include: when the certification safety control module of selection powers on, dispatch server Data to be signed are sent to the certification safety control module of selection;The certification safety control module that dispatch server receives selection returns The authentication data returned, wherein authentication data includes: treating number of signature using the signature private key of the certification safety control module of selection According to signed signed data, selection certification safety control module the corresponding public signature key certificate of signature private key, And the encrypted public key certificate of the certification safety control module of selection;Dispatch server judges that public signature key certificate and encryption are public Whether key certificate handles abnormality;It is the feelings for handling abnormality judging public signature key certificate and encrypted public key certificate not Under condition, whether signature verification public key certificate and encrypted public key certificate distribute to same identity card card-reading terminal, if it is, Verify whether signed data is correct, if it is, the authentication of the certification safety control module of selection passes through, to authentication data The protection key in library is sent to the certification safety control module of selection after being encrypted;If signed data is incorrect, selection The authentication of certification security module does not pass through, and sends a warning message.
In a particular application, dispatch server can be completed to recognize certification safety control module in conjunction with authorization server Card.Therefore, in another optional implementation method, this method can also include: certification security control of the dispatch server in selection When module powers on, data to be signed are sent to the certification safety control module of selection;The certification safety control module of selection uses The signed data that signature private key signs to data to be signed will include signed data, the corresponding signature of signature private key The authentication data of the encrypted public key certificate of public key certificate and the certification safety control module of selection returns to dispatch server; Dispatch server receives the authentication data that the certification safety control module of selection returns, and judges that public signature key certificate and encryption are public Whether key certificate handles abnormality;It is the feelings for handling abnormality judging public signature key certificate and encrypted public key certificate not Under condition, data to be signed and authentication data are sent to authorization server;The authorization electronics label that authorization server passes through connection Whether name equipment verification public signature key certificate and encrypted public key certificate distribute to same identity card card-reading terminal, if so, Then verify whether signed data is correct, if it is, the authentication of the certification safety control module of selection passes through, otherwise, choosing The authentication for the certification security module selected does not pass through;Authentication of the authorization server in the certification safety control module of selection In the case where, scheduling clothes are sent to after encrypting by protection key of the authorization electronic signature equipment to authentication database Business device;And it is sent a warning message in the unacceptable situation of authentication of the certification safety control module of selection;Scheduling clothes The protection key of the authentication database of encryption is sent to the certification safety control module of selection by business device;The certification of selection is controlled safely The protection key of the authentication database of encryption is decrypted in molding block, obtains the protection key of authentication database.
In the above-described embodiment, dispatch server is carried out by certification safety control module of the authorization server to selection Certification, but not limited to this, if the certification safety control module of selection has communication function, authorization server can be directly to choosing The certification safety control module selected is authenticated.The certification of certification safety control module specifically may refer to embodiment 4 and implement The description of example 5.
In an optional embodiment of the embodiment of the present invention, this method further include: dispatch server is in selection one After certificate server, the working condition of the certification safety control module of the selection of authentication database storage is updated, so that Subsequent dispatch server can be selected according to the working condition of update.
Embodiment 3
A kind of dispatch server read applied to identity card is present embodiments provided, which can be used for making For dispatch server 102 in embodiment 1, can be used for realizing method described in embodiment 2.
Fig. 4 is the structural schematic diagram of the dispatch server provided in this embodiment read applied to identity card, such as Fig. 4 institute Show, which specifically includes that the first acquisition module 401, for obtaining the identification information of identity card card-reading terminal;First Whether judgment module 402 allows identity card card-reading terminal to read body for the identification information judgment according to identity card card-reading terminal Part card;Second obtains module 403, for receiving in the case where judgement allows identity card card-reading terminal reading identity card After the card seeking request that identity card card-reading terminal is sent, from the certification peace in the compass of competency that authentication database obtains dispatch server The working condition of full control module;Scheduler module 404, for the principle according to task equilibrium, according to dispatch server The working condition table of certification safety control module in compass of competency, selects a certification safety control module, by recognizing for selection The identification information of card safety control module is sent to identity card card-reading terminal;Third obtains module 405, for being read according to identity card The identification information of card terminal obtains the ciphertext of the encryption key of identity card card-reading terminal, wherein ciphertext is from authentication database It is encrypted using the encryption key of the protection key pair identity card card-reading terminal of authentication database;First sending module 406, for sending data information to the certification safety control module of selection, wherein data information includes: identity card card-reading terminal Encryption key ciphertext.
The dispatching method provided through this embodiment seeks identity card in identity card card-reading terminal, seeks to network side transmission When card request, dispatch server is after receiving card seeking request, it is first determined whether the identity card card-reading terminal is allowed to read Identity card is just identity card card-reading terminal distribution only in the case where allowing the identity card card-reading terminal reading identity card Safety control module is authenticated, the attack so as to avoid illegal identity card card-reading terminal to certification safety control module improves The safety that identity card is read.
Optionally, the first acquisition module 401 can obtain the identification information of identity card card-reading terminal in the following manner:
(1), the access request that identity card card-reading terminal is sent is received, identity card card-reading terminal is obtained from access request Identification information;Alternatively, i.e. identity card card-reading terminal sends access request, request access, scheduling when accessing network, to network side Server is believed according to the mark that the identification information of the identity card card-reading terminal carried in access request obtains identity card card-reading terminal Breath after dispatch server judgement allows the identity card card-reading terminal reading identity card, allows the identity card card reading in this approach Terminal access can protect long connection after the access of identity card card-reading terminal, after seeking identity card, send out to dispatch server Card seeking is sent to request;In an optional embodiment of the present embodiment, in order to guarantee that data transmission security, dispatch server are being permitted Perhaps after the access of identity card card-reading terminal, exit passageway can be established with identity card card-reading terminal, for example, with identity card card-reading terminal Negotiate transmission key, identity card card-reading terminal can be sent out by the exit passageway to dispatch server after seeking identity card It send card seeking to request, i.e., card seeking request is encrypted using transmission key, after dispatch server receives encryption card seeking request, It is decrypted using transmission key, obtains card seeking request, for identity card card-reading terminal distribution certification safety control module.By this Mode can verify identity card card-reading terminal when identity card card-reading terminal accesses, for comparatively safe identity card Card-reading terminal (for example, identity card card-reading terminal that bank is arranged in), can be in this way, it is possible to reduce reads identity card The verifying number of card terminal, improves efficiency.
(2), the identity card request that identity card card-reading terminal is sent is received, it is whole to obtain identity card card reading from identity card request The identification information at end, wherein the identification information of card seeking request and identity card card-reading terminal is carried in identity card request.Exist In which, an identity card card-reading terminal identity card of every reading, dispatch server verifying is primary, and identity card card-reading terminal is being sought To after identity card, card seeking request is sent to network side, after dispatch server receives card seeking request, identity card is obtained and reads The identification information of card terminal.By this way, identity card can be read in identity card card-reading terminal one identity card of every reading Card terminal is verified, for relatively less safe identity card card-reading terminal (for example, the identity card that personal trade company is arranged in is read Card terminal), it can in this way, to guarantee safety.
Optionally, the identification information of identity card card-reading terminal includes: the digital certificate of identity card card-reading terminal;First judgement Whether module 402 is judged by the following manner allows identity card card-reading terminal reading identity card: judging identity card card-reading terminal Whether digital certificate is abnormal, if it is, determination does not allow identity card card-reading terminal reading identity card otherwise to judge identity card Whether the digital certificate of card-reading terminal is in blacklist or control list, wherein having recorded in blacklist not allows to read identity The digital certificate of the identity card card-reading terminal of card is managed and has recorded needs in list according to preset control strategy to reading identity The digital certificate for the identity card card-reading terminal that card operation is controlled;In the digital certificate for judging identity card card-reading terminal in black name In the case where in list, do not allow identity card card-reading terminal reading identity card, refuses the request of identity card card-reading terminal;Judging body The digital certificate of part card card-reading terminal determines whether identity according to preset control strategy in the case where managing in list Demonstrate,prove card-reading terminal reading identity card.
Optionally, the identification information of identity card card-reading terminal includes: that the sequence number of identity card card-reading terminal and identity card are read The digital certificate of card terminal;Whether first judgment module 402 is judged by the following manner allows identity card card-reading terminal to read body Part card: judge whether the digital certificate of identity card card-reading terminal is abnormal, if it is, determining does not allow identity card card-reading terminal to read Identity card is taken, otherwise, whether the sequence number of the digital certificate or identity card card-reading terminal that judge identity card card-reading terminal is in black name In single or control list, wherein the identification information for allowing the identity card card-reading terminal of reading identity card is had recorded not in blacklist, It is whole to have recorded the identity card card reading for needing reading identity card operation to be controlled according to preset control strategy in control list The identification information at end;The digital certificate or identity card card-reading terminal that judge identity card card-reading terminal sequence number in blacklist In the case where, do not allow identity card card-reading terminal reading identity card, refuses the request of identity card card-reading terminal;Judging identity card The digital certificate of card-reading terminal or the sequence number of identity card card-reading terminal are in the case where managing in list, according to preset control Strategy determines whether identity card card-reading terminal reading identity card.
In above two optional embodiment, dispatch server the digital certificate for judging identity card card-reading terminal whether When abnormal, the digital certificate for sign test can be inquired on digital certificate status online query server and described is used for The survival condition of the digital certificate of encryption, the survival condition include: normal existence state and improper survival condition, described non- Normal existence state includes at least following one: Certificate Revocation, certificate expired, certificate freeze to be put on the blacklist with certificate.
In above two optional embodiment, blacklist and control list can be according to preset rules according to each The card reading behavior of a identity card card-reading terminal is configured.
By above two optional embodiment, whether identity card card reading can be allowed by blacklist and control name single pair Terminal reading identity card is judged, attack of the card-reading terminal to network side can be demonstrate,proved to avoid illegal identity, identity card is improved and reads The safety taken.
In an optional embodiment of the embodiment of the present invention, there is illegal identity card card-reading terminal in blacklist Identification information, for example, the identity card card-reading terminal that is reported the loss identification information, continuous there is abnormal identity card card-reading terminal Identification information, the identity card card readings occurred more than the sequence number of the identity card card-reading terminal of service life or in short-term in multiple areas The identification information etc. of terminal, the processing requested it can bring greater risk, if dispatch server judges identity card card-reading terminal Identification information be included in blacklist, illustrate that the identification information of the identity card card-reading terminal is that illegal identity demonstrate,proves card-reading terminal Identification information, dispatch server is not in processing, termination process.Optionally, dispatch server can return to prompt information To prompt user, which has been added into blacklist, carries out subsequent operation and Resolving probiems convenient for user.
Optionally, first judgment module 402 is according to preset control strategy by judging at least through one of following manner Whether identity card card-reading terminal reading identity card is allowed:
(1) according to preset control strategy, judge identity card card-reading terminal currently whether in the on-position model allowed It encloses, if it is, identity card card-reading terminal reading identity card is allowed otherwise not allow identity card card-reading terminal reading identity card, Refuse the request of identity card card-reading terminal, wherein the access of identity card card-reading terminal permission is had recorded in preset control strategy Position range;I.e. for certain identity card card-reading terminals, these identity card card-reading terminals is only allowed to read in certain position ranges Identity card is taken, and exceeds these ranges, then does not allow its reading identity card.For example, in a particular application, bank visitor can be set The identity card card-reading terminal of family application can only carry out identity card reading in bank outlets, not allow identity card then beyond bank outlets Card-reading terminal reading identity card.In this case, in this way, identity card card-reading terminal can be positioned, with Determine the current position of identity card card-reading terminal.It in this way, can be to avoid being specific to the identity card card reading that somewhere uses Terminal is stolen.
(2) according to preset control strategy, judge current time whether in the time for allowing identity card card-reading terminal to access In range, if it is, allowing identity card card-reading terminal reading identity card, otherwise, identity card card-reading terminal is not allowed to read body Part card, refuses the request of identity card card-reading terminal, wherein having recorded in preset control strategy allows identity card card-reading terminal to connect The time range entered;I.e. for certain identity card card-reading terminals, only allow these identity card card-reading terminals within certain periods Reading identity card does not allow for identity card card-reading terminal reading identity card beyond these periods.For example, the railway system only exists 7:00-22:00 ticketing, therefore, the identity card card-reading terminal that the railway system is arranged in only allow to read body within these periods Part card, is illegally used to avoid these identity card card-reading terminals.
(3) according to preset control strategy, within a preset period of time, the history access of identity card card-reading terminal is secondary for judgement Whether number is more than preset times threshold value, if it is, not allowing identity card card-reading terminal reading identity card, refuses identity card card reading Otherwise the request of terminal allows identity card card-reading terminal reading identity card, wherein have recorded in preset control strategy default The duration and preset times threshold value of period;That is the card reading number of limitation identity card card-reading terminal within a preset period of time, keeps away Exempting from same identity card card-reading terminal, frequent card reading causes certification safety control module over-burden in a short time, and causes to recognize The problem of card safety control module can not work normally.
(4) according to preset control strategy, within a preset period of time, identity card card-reading terminal accesses twice in succession for judgement The distance between on-position whether be more than pre-determined distance, if it is, do not allow identity card card-reading terminal reading identity card, Refuse the request of identity card card-reading terminal, otherwise, allows identity card card-reading terminal reading identity card, wherein preset control plan The duration and pre-determined distance of preset time period are had recorded in slightly;I.e. for certain identity card card-reading terminals, its span is not allowed From using, for example, be distributed to the identity card card-reading terminal of some trade company, do not allow the identity card card-reading terminal two distances compared with Remote place uses, stolen to avoid the identity card card-reading terminal of user.
(5) according to preset control strategy, judge whether the time interval that identity card card-reading terminal accesses twice in succession surpasses Preset value is crossed, if it is, not allowing identity card card-reading terminal reading identity card, refuses the request of identity card card-reading terminal, it is no Then, allow identity card card-reading terminal reading identity card, wherein had recorded during preset control is tactful the duration of preset time period with And pre-determined distance.The card reading frequency for controlling identity card card-reading terminal, avoids the same frequent card reading of identity card card-reading terminal to recognizing Demonstrate,prove the attack of safety control module bring.
It should be noted that, although above-mentioned five kinds of modes are separately discussed, but carry out those skilled in the art, for same Identity card card-reading terminal, it is clear that two or more control strategy can be set simultaneously, for example, reading for same identity card Card terminal only allows identity card card-reading terminal reading identity card in certain a period of time in certain position ranges, then only has When first judgment module 402 judges while meeting the requirement of position and time, just identity card card-reading terminal is allowed to read identity Card.
Optionally, which can also include: the first receiving module, return for receiving certification safety control module The identity card identification information returned;Second judgment module, for the mark according at least to identity card identification information, identity card card-reading terminal Know information and preset strategy, judges whether that blacklist or control list for identity card card-reading terminal is added.For example, Whether the card reading frequency for judging the identity card card-reading terminal is more than that predetermined value, identity card card-reading terminal continually read different identity Card etc. determines whether that blacklist or control list for the identification information of identity card card-reading terminal is added.Pass through the optional reality It applies in mode, dispatch server can be managed identity card card-reading terminal according to preset strategy, so as to dynamic State updates blacklist and control list, is further ensured that certification safety control module will not be by rogue attacks.
Optionally, dispatch server can also include: third judgment module, for judge identity card identification information whether In identity card blacklist;Second sending module, for judge identity card identification information in the case where identity card blacklist, to The certification safety control module of selection sends instruction information, and the identity card that instruction identity card card-reading terminal is currently read is illegal.Choosing After the certification safety control module selected receives instruction information, it can stop handling current identity card and read process, it can be with The certification safety control module of selection can also send prompt information to identity card card-reading terminal, the identity card for prompting user current Illegally.Wherein, there is the identification information of illegal identity card in identity card blacklist, such as the mark letter for the identity card being reported the loss Breath, continuous identification information, identification information of expired identity card of identity card for exception occur etc..Optionally, the mark of identity card Know the sequence number that information can be identity card, the i.e. birth certificate of identity card.By the optional embodiment, can identify illegal Identity card avoids reading illegal identity card.
Optionally, data information further include: card seeking request.That is dispatch server is by the certification safety control module of selection After identification information (for example, can be the network port of the certification safety control module of selection) returns to identity card card-reading terminal, The card seeking received can be requested the certification safety control module for being sent to selection by dispatch server.In this case, respectively A certification safety control module can be connected directly between on each port of dispatch server
Optionally, dispatch server can also include: third sending module, and for generating authentication code, authentication code is distinguished Identity card card-reading terminal and authentication database are sent to (for example, can be with the identification information of the certification safety control module of selection Send jointly to identity card card-reading terminal).Authentication code is stored in authentication database, and authentication code has a validity period, is being had When the effect phase reaches, authentication database deletes the authentication code.After identity card card-reading terminal receives authentication code, net is sent to subsequent The authentication code is carried in the request of network side.For example, if identity card card-reading terminal is in the certification security control mould for receiving selection After the identification information of block, need to send card seeking request to the certification safety control module of selection, then it can be in card seeking request The authentication code is carried, is that authentication code can be encrypted to the certification safety for being sent to selection together if card seeking request is encryption Control module, after the certification safety control module of selection receives the authentication code, can inquire in authentication database whether include The authentication code illustrates that authentication code is no longer valid if do not included if it is, continuing subsequent processing, refuses identity card card reading The request of terminal.By the optional embodiment, dispatch server can control identity card by the effective time of authentication code The access time of card-reading terminal avoids after selecting certification safety control module for identity card card-reading terminal, and identity card card reading is whole It does not initiate card reading request for a long time and causes certification safety control module is idle for a long time cannot be assigned to other identity in end The problem of demonstrate,proving card-reading terminal.
Optionally, in order to guarantee data security, certification safety control module can also be authenticated.Therefore, scheduling clothes Business device can also include: the 4th sending module, for pacifying to the certification of selection when the certification safety control module of selection powers on Full control module sends data to be signed;Second receiving module, what the certification safety control module for receiving selection returned recognizes It demonstrate,proves data, wherein authentication data includes: data to be signed being carried out using the signature private key of the certification safety control module of selection The corresponding public signature key certificate of signature private key, the Yi Jixuan of the certification safety control module of signed data, selection that signature obtains The encrypted public key certificate for the certification safety control module selected;First authentication module, for judging public signature key certificate and encryption Whether public key certificate handles abnormality;Second authentication module, for judging public signature key certificate and encrypted public key certificate In the case where not being processing abnormality, whether signature verification public key certificate and encrypted public key certificate distribute to same identity card Card-reading terminal, if it is, whether verifying signed data is correct;4th sending module, in public signature key certificate and Encrypted public key certificate distribution to same identity card card-reading terminal and in the correct situation of signed data, determine selection certification peace The authentication of full control module passes through, and the certification safety of selection is sent to after encrypting to the protection key of authentication database Control module;Alert module, for not being allocated to same identity card card reading in public signature key certificate and encrypted public key certificate Terminal and/or in the incorrect situation of signed data, determine that the authentication of the certification security module of selection does not pass through, issue Warning message.
Embodiment 4
A kind of key acquisition method is present embodiments provided, in this embodiment, dispatch server cooperates authorization server Certification is carried out to certification safety control module and sends the guarantor of authentication database to certification safety control module after certification passes through Protect key.As shown in figure 5, this approach includes the following steps S501~S505:
S501: certification safety control module sends authentication data to dispatch server, and authentication data includes at least: certification peace Signed data that full control module signs to data to be signed and for the digital certificate of sign test and for encrypting Digital certificate;
In the present embodiment, as one of the present embodiment optional embodiment, authenticating safety control module can be Safety chip, safety chip (Z8D64U (the close lot number SSX43 of state), Z32 (the close lot number of state of such as Guoming Technology Co., Ltd SSX20)) internal to possess independent processor and storage unit, can store PKI digital certificate and corresponding private key and other Characteristic carries out encryption and decryption operation to data, provides data encryption and identification safety authentication service for user, protection business is hidden Therefore private and data safety authenticates in the present embodiment and is stored with the digital certificate for sign test in safety control module and is used for The digital certificate of encryption and corresponding private key, wherein for the former, authenticating safety control module can be used and use Data to be signed are signed to obtain signed data in the digital certificate of sign test corresponding private key, authorization server can use This is used for the public key of the digital certificate of sign test to signed data sign test, to realize authorization server to certification safety control module Authentication guarantees the legitimacy of certification safety control module;For the latter, authorization server can use the number for encryption The public key of word certificate generates the protection key ciphertext of authentication database to the protection key encryption of authentication database, to realize ciphertext Transmission to guarantee the safety of transmission mode, and is only stored with private key corresponding with the digital certificate for encryption The protection key ciphertext of certification safety control module ability decrypted authentication database obtains the protection key of authentication database, to protect Card obtains the safety of the protection key of authentication database, can prevent the protection key of authentication database from illegally being usurped.
In the present embodiment, data to be signed can be generated by certification safety control module, can also be by authorization server It generates.Therefore, is authenticated by safety control module and is sent to tune as one of the present embodiment optional embodiment for the former It spends in the authentication data of server further include: data to be signed;The data to be signed include at least: certification safety control module is raw At single authentication data, the digital certificate for sign test, the digital certificate for encryption and authenticate safety control module body Part mark.Wherein, single authentication data are random factor, including random number and/or chance event, to prevent repeat attack, and And the reliability of authorization server sign test is increased by the combination of above-mentioned a variety of data to be signed;Alternatively, for the latter, as Another optional embodiment in the present embodiment, data to be signed, comprising: the single authentication data that authorization server generates And/or the identity of authorization server, wherein single authentication data are random factor, including random number and/or Random event Part to prevent repeat attack, and increases the reliable of authorization server sign test by the combination of above-mentioned a variety of data to be signed Property;The single authentication data that the authorization server generates can be forwarded to certification safety control module by dispatch server, recognize Card safety control module can use is signed to obtain for the corresponding private key of digital certificate of sign test to the data to be signed Signed data carries out sign test so as to authorization server.
S502: dispatch server receives the authentication data that certification safety control module is sent, and inquires the number for being used for sign test The survival condition of word certificate and the digital certificate for encryption sends out authentication data if survival condition is normal survival condition It send to authorization server;
In the present embodiment, certification safety control module only passes through dispatch server and the dual of authorization server is recognized Card, could obtain the protection key of authentication database.Dispatch server is to pass through inquiry to the certification of certification safety control module Whether normal survival condition is realized for the survival condition of digital certificate for sign test and the digital certificate for encryption.Make For a kind of optional embodiment of the present embodiment, number of the dispatch server inquiry for the digital certificate of sign test and for encryption The state of certificate, comprising: dispatch server inquires the number card for sign test on digital certificate status online query server The survival condition of book and the digital certificate for encryption, survival condition include: normal existence state and improper survival condition, non- Normal existence state includes at least following one: Certificate Revocation, certificate expired, certificate freeze to be put on the blacklist with certificate. If the failure of above-mentioned digital certificate, it is expired, freeze or be put on the blacklist, just illustrate to authenticate safety control module has very much can It can be illegality equipment, then authentication data will not be sent to authorization server by dispatch server, so, authenticate safety control module Also the protection key of authentication database can not be just received, the ciphertext received from identity card card-reading terminal cannot be decrypted, thus Attack of the illegal safety control module to verifying safety control module has been prevented, has passed through the certification of dispatch server as a result, It ensure that the legitimacy of certification safety control module.
S503: it is same whether authorization server judges belong to for the digital certificate of sign test and the digital certificate for encryption User, after judging to belong to same user for the digital certificate of sign test and digital certificate for encryption, to signed data into Row sign test after sign test passes through, obtains the protection key of authentication database;And the encryption of the protection key of authentication database is generated and is recognized The protection key ciphertext of database is demonstrate,proved, and the protection key ciphertext of authentication database is sent to dispatch server;
In the present embodiment, authorization server is by judging the number for sign test to the certification of certification safety control module Whether word certificate and digital certificate for encryption belong to same user and utilize the digital certificate for sign test to number of signature It is realized according to sign test is carried out.Wherein, as one of the present embodiment optional embodiment, authorization server judges are for testing Whether the digital certificate of label and digital certificate for encryption belong to same user, comprising: authorization server is according to being used for sign test Digital certificate and the user attaching information judgement that respectively carries of digital certificate for encryption for sign test digital certificate and Whether the digital certificate for encryption belongs to same user.
User attaching information refers to can be with the information of identity user identity, for example (User Identification is used UID Family unique identification) etc., if the user attaching information that two digital certificates carry is identical, illustrate that the two belongs to same user. When practical application, the digital certificate for sign test and the digital certificate for encryption should be the same users in Third Party Authentication Platform application, once because the user can use after authorization server is used to the signed data sign test of this user The digital certificate for being used for encryption, which decrypts the protection key ciphertext of the authentication database received from authorization server, to be recognized Demonstrate,prove the protection key of database, in order to prevent invalid user stealing other people for sign test digital certificate or usurp other people use Authorization server 50 needs before to signed data sign test in the digital certificate of encryption, the present embodiment, first judges two numbers Whether word certificate belongs to same user, if belonging to same user, can at least guarantee to exclude and illegally usurp digital certificate Situation.
In addition, the signed data that authorization server receives is to authenticate safety control module to utilize and the number card for sign test The signed data that the corresponding private key of book signs to data to be signed, authorization server can use this and be used for sign test as a result, Digital certificate public key to signed data carry out sign test.
As a result, only by the double authentication of dispatch server and authorization server, certification safety control module can just be obtained The protection key for obtaining authentication database ensure that certification safety control module obtains the safety of the protection key of authentication database Property.
As a kind of optional embodiment of the present embodiment, authorization server can use the digital certificate for encryption Public key generates the protection key ciphertext of authentication database to the protection key encryption of authentication database, certainly, as the present embodiment Another optional embodiment, random key also can be generated in authorization server, using random key to authentication database Key encryption is protected, and the public key for the digital certificate of encryption is utilized to encrypt random key, by encrypted random key It is sent to dispatch server together with the protection key ciphertext of authentication database;In the present embodiment, due to authenticating security control mould The digital certificate for oneself being used to encrypt is sent to authorization server by block, and authorization server is used using the public key of the digital certificate Mode mentioned above realizes that ciphertext passes to certification safety control module is transmitted further to after the protection key encryption of authentication database It is defeated, it ensure that the safety of transmission data, and only possess the certification safety control module of the corresponding private key of the digital certificate Can to authentication database protection key ciphertext decryption, even if being trapped, due to do not have save private key can not also decode the certification Therefore the protection key ciphertext of database further ensures the safety of the protection key of authentication database.
S504: the protection key ciphertext of authentication database is sent to certification safety control module by dispatch server;
When it is implemented, certification safety control module is safety chip when not having communication interface, need dispatch server into Row forwarding data.Moreover, certification safety control module only with dispatch server connection communication, without being connect with other external equipments Communication only receives the data that dispatch server is sent, further keeps off unsafe data by dispatch server and pacifying in certification Except full control module, the safety of certification safety control module has been ensured.
S505: certification safety control module is decrypted to obtain the guarantor of authentication database to the protection key ciphertext of authentication database Key is protected, and the protection key of authentication database is stored in the random access memory of certification safety control module.
The mode of the protection key ciphertext of authentication database is generated correspondingly, certification is pacified with authorization server in step S503 The protection key that full control module decrypts to obtain authentication database to the protection key ciphertext of authentication database illustratively provides Following implementations: close to the protection of authentication database using the private key corresponding with the digital certificate for encryption being locally stored Key ciphertext decrypts to obtain the protection key of authentication database, alternatively, using being locally stored and the digital certificate pair for encryption Random key after the private key pair encryption answered is decrypted to obtain random key, and close to the protection of authentication database using random key Key ciphertext decrypts to obtain the protection key of authentication database.In the present embodiment, since oneself is used for by certification safety control module The digital certificate of encryption is sent to authorization server, and authorization server uses the public key of the digital certificate to the guarantor of authentication database It is transmitted further to certification safety control module after shield key encryption, ciphertext transmission is realized, ensure that the safety of transmission data, and only There is the certification safety control module for possessing the corresponding private key of the digital certificate could protection key ciphertext solution to authentication database It is close, even if being trapped, due to there is no preservation private key that can not decode the protection key ciphertext of the authentication database yet, into one Step ensure that the safety of the protection key of authentication database.
Moreover, being stored in random access memory after the protection key of certification safety control module decryption acquisition authentication database It in device RAM, rather than is stored in FLASH, is deleted once the protection key of the power down authentication database in this way, works as certification When safety control module powers on again, it is necessary to the step of re-executing the protection key for obtaining authentication database, as a result, from hard It ensure that the protection key of authentication database will not persistently be occupied by a certification safety control module on part, be more not easy to be cut It obtains.
The key acquisition method provided through this embodiment, authenticate safety control module in order to by the event of rogue attacks all Gear is being verified except safety control module, could be from authorization after needing to pass through via dispatch server and authorization server certification Server gets the protection key of authentication database, so that the certification security control in the Transmission system of ID card information The transmission key ciphertext that module can use the protection key pair identity card card-reading terminal of the authentication database, which is decrypted, to be transmitted Key, certification safety control module only get the ciphertext solution that the transmission key can send identity card card-reading terminal It is close, it is possible thereby to guarantee that authenticating safety control module is sent to the safety for verifying the data of safety control module.
Embodiment 5
A kind of key acquisition method is present embodiments provided, in this embodiment, authorization server is directly to certification safety Control module carries out certification and sends the protection key of authentication database to certification safety control module after certification passes through.Such as figure Shown in 6, this approach includes the following steps S601~S604:
S601: certification safety control module sends authentication data to authorization server, and authentication data includes at least: certification peace Signed data that full control module signs to data to be signed and for the digital certificate of sign test and for encrypting Digital certificate;
In the present embodiment, as one of the present embodiment optional embodiment, authenticating safety control module can be Safety chip, safety chip (Z8D64U (the close lot number SSX43 of state), Z32 (the close lot number of state of such as Guoming Technology Co., Ltd SSX20)) internal to possess independent processor and storage unit, can store PKI digital certificate and corresponding private key and other Characteristic carries out encryption and decryption operation to data, provides data encryption and identification safety authentication service for user, protection business is hidden Therefore private and data safety authenticates in the present embodiment and is stored with the digital certificate for sign test in safety control module and is used for The digital certificate of encryption and corresponding private key, wherein for the former, authenticating safety control module can be used and use Data to be signed are signed to obtain signed data in the digital certificate of sign test corresponding private key, authorization server can use This is used for the public key of the digital certificate of sign test to signed data sign test, to realize authorization server to certification safety control module Authentication guarantees the legitimacy of certification safety control module;For the latter, authorization server can use the number for encryption The public key of word certificate generates the protection key ciphertext of authentication database to the protection key encryption of authentication database, to realize ciphertext Transmission to guarantee the safety of transmission mode, and is only stored with private key corresponding with the digital certificate for encryption The protection key ciphertext of certification safety control module ability decrypted authentication database obtains the protection key of authentication database, to protect Card obtains the safety of the protection key of authentication database, can prevent the protection key of authentication database from illegally being usurped.
In the present embodiment, data to be signed can be generated by certification safety control module, can also be by authorization server It generates.Therefore, for the former, as one of the present embodiment optional embodiment, certification safety control module, which is sent to, to be awarded In the authentication data for weighing server further include: data to be signed;The data to be signed include at least: certification safety control module is raw At single authentication data, the digital certificate for sign test, the digital certificate for encryption and authenticate safety control module body Part mark.Wherein, single authentication data are random factor, including random number and/or chance event, to prevent repeat attack, and And the reliability of authorization server sign test is increased by the combination of above-mentioned a variety of data to be signed;Alternatively, for the latter, as Another optional embodiment in the present embodiment, data to be signed, comprising: the single authentication data that authorization server generates And/or the identity of authorization server, wherein single authentication data are random factor, including random number and/or Random event Part to prevent repeat attack, and increases the reliable of authorization server sign test by the combination of above-mentioned a variety of data to be signed Property;The single authentication data that the authorization server generates can be forwarded to certification safety control module by authorization server, recognize Card safety control module can use is signed to obtain for the corresponding private key of digital certificate of sign test to the data to be signed Signed data carries out sign test so as to authorization server.
S602: authorization server receives the authentication data that certification safety control module is sent, and inquires the number for being used for sign test The survival condition of word certificate and the digital certificate for encryption thens follow the steps S603 if survival condition is normal survival condition;
In the present embodiment, certification safety control module only passes through the certification of authorization server, could obtain certification number According to the protection key in library.Authorization server is to the number that the certification of certification safety control module includes: to certification safety control module The certification of the validity of word certificate and the certification of the legitimacy to the digital certificate for authenticating safety control module.
Wherein, authorization server to certification safety control module certification be by inquire for sign test digital certificate and The survival condition of digital certificate for encryption whether normal survival condition is realized.One kind as the present embodiment is optional Embodiment, queries are for the digital certificate of sign test and the state of the digital certificate for encryption, comprising: authorization Server inquires the digital certificate for sign test and the number card for encryption on digital certificate status online query server The survival condition of book, survival condition include: normal existence state and improper survival condition, and improper survival condition includes at least Following one: Certificate Revocation, certificate expired, certificate freeze to be put on the blacklist with certificate.If above-mentioned digital certificate failure, It is expired, freeze or be put on the blacklist, just illustrate authenticate safety control module be likely to be illegality equipment, then authorize clothes Authentication data will not be sent to authorization server by business device, so, certification safety control module also can not just receive authentication data The protection key in library cannot decrypt the ciphertext received from identity card card-reading terminal, to prevent the illegal safety control Attack of the molding block to verifying safety control module ensure that certification security control mould by the certification of authorization server as a result, The legitimacy of block.
S603: it is same whether authorization server judges belong to for the digital certificate of sign test and the digital certificate for encryption User, after judging to belong to same user for the digital certificate of sign test and digital certificate for encryption, to signed data into Row sign test after sign test passes through, obtains the protection key of authentication database;And the encryption of the protection key of authentication database is generated and is recognized The protection key ciphertext of database is demonstrate,proved, and the protection key ciphertext of authentication database is sent to certification safety control module;
In the present embodiment, authorization server is logical to the certification of the legitimacy of the digital certificate of certification safety control module Cross whether judgement belongs to same user for the digital certificate of sign test and the digital certificate for encryption and utilize for sign test Digital certificate sign test is carried out to signed data to realize.Wherein, it as one of the present embodiment optional embodiment, awards Whether power server judgement belongs to same user for the digital certificate of sign test and the digital certificate for encryption, comprising: authorization The user attaching information judgement that server is respectively carried according to the digital certificate for sign test and the digital certificate for encryption is used Whether the digital certificate in sign test and the digital certificate for encryption belong to same user, if it is, determining for sign test Digital certificate and digital certificate for encryption belong to same user.
User attaching information refers to can be with the information of identity user identity, for example (User Identification is used UID Family unique identification) etc., if the user attaching information that two digital certificates carry is identical, illustrate that the two belongs to same user. When practical application, the digital certificate for sign test and the digital certificate for encryption should be the same users in Third Party Authentication Platform application, once because the user can benefit after authorization server passes through the signed data sign test of this user With private key corresponding with the digital certificate for being used for encryption to the protection key of the authentication database received from authorization server Ciphertext decrypts to obtain the protection key of authentication database, in order to prevent other people digital certificate for sign test of invalid user stealing Or other people digital certificate for encryption is usurped, in the present embodiment, authorization server needs before to signed data sign test, First judge whether two digital certificates belong to same user, if belonging to same user, can at least guarantee the two number cards Book belongs to the same user, has excluded the case where illegally usurping digital certificate.
In addition, the signed data that authorization server receives is to authenticate safety control module to utilize and the number card for sign test The signed data that the corresponding private key of book signs to data to be signed, authorization server can use this and be used for sign test as a result, Digital certificate public key to signed data carry out sign test.
As a result, only by authorization server to the validity of digital certificate and the double authentication of legitimacy, certification safety Control module could obtain the protection key of authentication database, ensure that certification safety control module obtains the guarantor of authentication database Protect the safety of key.
As a kind of optional embodiment of the present embodiment, authorization server can use the digital certificate for encryption Public key generates the protection key ciphertext of authentication database to the protection key encryption of authentication database, certainly, as the present embodiment Another optional embodiment, random key also can be generated in authorization server 50, using random key to authentication database Protection key encryption, and utilize for encryption digital certificate public key to random key encryption, by encrypted with secret The protection key ciphertext of key and authentication database is sent to authorization server together;In the present embodiment, due to authenticating security control The digital certificate for oneself being used to encrypt is sent to authorization server by module 30, and authorization server uses the public key of the digital certificate To certification safety control module is transmitted further to after the protection key encryption of authentication database by the way of mentioned above, realize close Text transmission, ensure that the safety of transmission data, and only possess the certification security control mould of the corresponding private key of the digital certificate Block could to authentication database protection key ciphertext decryption, even if being trapped, due to do not have save private key can not also decode this Therefore the protection key ciphertext of authentication database further ensures the safety of the protection key of authentication database.
S604: certification safety control module is decrypted to obtain the guarantor of authentication database to the protection key ciphertext of authentication database Key is protected, and the protection key of authentication database is stored in the random access memory of certification safety control module.
The mode of the protection key ciphertext of authentication database is generated correspondingly, certification is pacified with authorization server in step S603 The protection key that full control module decrypts to obtain authentication database to the protection key ciphertext of authentication database illustratively provides Following implementations: close to the protection of authentication database using the private key corresponding with the digital certificate for encryption being locally stored Key ciphertext decrypts to obtain the protection key of authentication database, alternatively, using being locally stored and the digital certificate pair for encryption Random key after the private key pair encryption answered is decrypted to obtain random key, and close to the protection of authentication database using random key Key ciphertext decrypts to obtain the protection key of authentication database.In the present embodiment, since oneself is used for by certification safety control module The digital certificate of encryption is sent to authorization server, and authorization server uses the public key of the digital certificate to the guarantor of authentication database It is transmitted further to certification safety control module after shield key encryption, ciphertext transmission is realized, ensure that the safety of transmission data, and only There is the certification safety control module for possessing the corresponding private key of the digital certificate could protection key ciphertext solution to authentication database It is close, even if being trapped, due to there is no preservation private key that can not decode the protection key ciphertext of the authentication database yet, into one Step ensure that the safety of the protection key of authentication database.
Moreover, being stored in random access memory after the protection key of certification safety control module decryption acquisition authentication database It in device RAM, rather than is stored in FLASH, is deleted once the protection key of the power down authentication database in this way, works as certification When safety control module powers on again, it is necessary to the step of re-executing the protection key for obtaining authentication database, as a result, from hard It ensure that the protection key of authentication database will not persistently be occupied by a certification safety control module on part, be more not easy to be cut It obtains.
The key acquisition method provided through this embodiment, authenticate safety control module in order to by the event of rogue attacks all Gear is being verified except safety control module, could be from authorization after needing to pass through via authorization server and authorization server certification Server gets the protection key of authentication database, so that the certification security control in the Transmission system of ID card information The transmission key ciphertext that module can use the protection key pair identity card card-reading terminal of the authentication database, which is decrypted, to be transmitted Key, certification safety control module only get the ciphertext solution that the transmission key can send identity card card-reading terminal It is close, it is possible thereby to guarantee that authenticating safety control module is sent to the safety for verifying the data of safety control module.
Although the embodiments of the present invention has been shown and described above, it is to be understood that above-described embodiment is example Property, it is not considered as limiting the invention, those skilled in the art are not departing from the principle of the present invention and objective In the case where can make changes, modifications, alterations, and variations to the above described embodiments within the scope of the invention.The scope of the present invention By appended claims and its equivalent limit.

Claims (14)

1. a kind of scheduling system of reading identity card characterized by comprising authentication database, dispatch server and n recognize Demonstrate,prove safety control module, wherein n is the integer more than or equal to 1, in which:
The authentication database and is for the working conditions of all certification safety control modules in storage system The ciphertext of the encryption key of each identity card card-reading terminal in system, wherein the encryption key of each identity card card-reading terminal Ciphertext is to be encrypted respectively to the encryption key of each identity card card-reading terminal using the protection key of the authentication database It obtains;
The dispatch server, is used for:
Whether the identification information for obtaining identity card card-reading terminal, allow according to the identification information judgment of the identity card card-reading terminal The identity card card-reading terminal reading identity card;
In the case where judgement allows the identity card card-reading terminal reading identity card, the identity card card-reading terminal is being received After the card seeking request of transmission, from the certification security control in the compass of competency that the authentication database obtains the dispatch server The working condition of module;
According to the working condition of each certification safety control module in the compass of competency of the dispatch server, selects one and recognize Safety control module is demonstrate,proved, it is whole that the identification information of the certification safety control module of selection is sent to the identity card card reading End;
According to the identification information of the identity card card-reading terminal, the identity card card-reading terminal is obtained from the authentication database Encryption key ciphertext, wherein the ciphertext be using the authentication database protection key pair described in identity card card reading What the encryption key of terminal was encrypted;
Data information is sent to the certification safety control module of selection, wherein the data information includes: the identity card The ciphertext of the encryption key of card-reading terminal;
The selected certification safety control module, information, uses the protection key of the authentication database for receiving data The ciphertext of the encryption key of the identity card card-reading terminal is decrypted, the encryption for obtaining the identity card card-reading terminal is close Key.
2. system according to claim 1, which is characterized in that the dispatch server obtains identity card in the following manner The identification information of card-reading terminal:
The dispatch server receives the access request that the identity card card-reading terminal is sent, and institute is obtained from the access request State the identification information of identity card card-reading terminal;Alternatively,
The dispatch server receives the identity card request that the identity card card-reading terminal is sent, and obtains from identity card request Take the identification information of the identity card card-reading terminal, wherein the card seeking request and institute are carried in the identity card request State the identification information of identity card card-reading terminal.
3. system according to claim 1, which is characterized in that the identification information of the identity card card-reading terminal includes: institute State the digital certificate of identity card card-reading terminal;Whether the dispatch server is judged by the following manner allows the identity card to read Card terminal reading identity card:
Judge whether the digital certificate of the identity card card-reading terminal is abnormal, if it is, determining does not allow the identity card to read Otherwise whether card terminal reading identity card judges the digital certificate of the identity card card-reading terminal in blacklist or control list In, wherein the digital certificate for allowing the identity card card-reading terminal of reading identity card, the control are had recorded not in the blacklist The number for needing the identity card card-reading terminal controlled according to preset control strategy its reading identity card is had recorded in list Word certificate;
In the case where judging that the digital certificate of the identity card card-reading terminal is in the blacklist, the identity card is not allowed Card-reading terminal reading identity card refuses the request of the identity card card-reading terminal;
In the case where judging that the digital certificate of the identity card card-reading terminal is in the control list, according to described preset Control strategy determines whether the identity card card-reading terminal reading identity card.
4. system according to claim 1, which is characterized in that the identification information of the identity card card-reading terminal includes: institute State the sequence number of identity card card-reading terminal and the digital certificate of the identity card card-reading terminal;The dispatch server by with Under type determines whether the identity card card-reading terminal reading identity card:
Judge whether the digital certificate of the identity card card-reading terminal is abnormal, if it is, determining does not allow the identity card to read Card terminal reading identity card, otherwise, judge the identity card card-reading terminal digital certificate or the identity card card-reading terminal Whether sequence number is in blacklist or control list, wherein the identity for allowing reading identity card is had recorded not in the blacklist The identification information of card-reading terminal is demonstrate,proved, needs is had recorded in the control list, reading identity card is grasped according to preset control strategy The identification information of the identity card card-reading terminal controlled;
The digital certificate or the identity card card-reading terminal that judge the identity card card-reading terminal sequence number in the black name In the case where in list, do not allow the identity card card-reading terminal reading identity card, refuses the request of the identity card card-reading terminal;
The digital certificate or the identity card card-reading terminal that judge the identity card card-reading terminal sequence number in the control In the case where in list, determine whether that the identity card card-reading terminal reads identity according to the preset control strategy Card.
5. system according to claim 3 or 4, which is characterized in that in the mark letter for judging the identity card card-reading terminal In the case that breath is in the control list, at least the identity card card-reading terminal is determined whether one of in the following way Reading identity card:
According to the preset control strategy, judge whether the identity card card-reading terminal is currently in the position range allowed, If it is, allowing the identity card card-reading terminal reading identity card, otherwise, the identity card card-reading terminal is not allowed to read body Part card, refuses the request of the identity card card-reading terminal, wherein has recorded the identity card in the preset control strategy and reads The position range that card terminal allows;
According to the preset control strategy, judge current time whether in the time for allowing the identity card card-reading terminal card reading In range, if it is, allowing the identity card card-reading terminal reading identity card, otherwise, do not allow the identity card card reading whole Reading identity card is held, the request of the identity card card-reading terminal is refused, wherein has recorded permission in the preset control strategy In the time range of the identity card card-reading terminal card reading;
According to the preset control strategy, within a preset period of time, the history card reading of the identity card card-reading terminal is secondary for judgement Whether number is more than that preset times threshold value if it is, not allowing the identity card card-reading terminal reading identity card refuses the body Otherwise the request of part card card-reading terminal allows the identity card card-reading terminal reading identity card, wherein the preset control The duration and the preset times threshold value of preset time period are had recorded in strategy;
According to the preset control strategy, judgement within a preset period of time, identity card card-reading terminal card reading twice in succession The distance between position whether be more than pre-determined distance, if it is, do not allow the identity card card-reading terminal reading identity card, Refuse the request of the identity card card-reading terminal, otherwise, allows the identity card card-reading terminal reading identity card, wherein described It is preset to manage the duration that preset time period is had recorded in strategy and the pre-determined distance;
According to the preset control strategy, judge whether the time interval of identity card card-reading terminal card reading twice in succession surpasses Preset value is crossed, if it is, not allowing the identity card card-reading terminal reading identity card, refuses the identity card card-reading terminal Request, otherwise, allows the identity card card-reading terminal reading identity card, wherein has recorded in the preset control strategy pre- If the duration of period and the pre-determined distance.
6. system according to claim 3 or 4, which is characterized in that
The selected certification safety control module is also used to receive the encryption identity card identification information, to the crypto identity Card identification information is decrypted, and the identity card identification information that decryption obtains is returned to the dispatch server;
The dispatch server is also used to the mark letter according at least to the identity card identification information, the identity card card-reading terminal Breath and preset strategy, judge whether for the identification information of the identity card card-reading terminal to be added the blacklist or The control list.
7. system according to claim 6, which is characterized in that the dispatch server is also used to judge the identity card mark Information is known whether in identity card blacklist, if it is, instruction information is sent to the selected certification safety control module, The identity card for indicating that the identity card card-reading terminal is currently read is illegal.
8. system according to any one of claims 1 to 4, which is characterized in that the system also includes: n certification safety Control module, wherein a certification safety control module is correspondingly connected with a verifying safety control module, and different institutes The verifying safety control module for stating certification security control connection is not identical;
The selected certification safety control module is also used to obtain the card seeking request, wherein the card seeking request is use The ciphertext data that the encryption key of the identity card card-reading terminal is encrypted;Use adding for the identity card card-reading terminal The request of card seeking described in close key pair is decrypted, and the card seeking request that decryption obtains is sent to the verifying security control being correspondingly connected with Module;
The verifying safety control module being correspondingly connected with, for receive card seeking request confirm, will confirm that information send out Give the selected certification safety control module;
The selected certification safety control module is also used to obtain session key, using the session key to the confirmation letter Breath is encrypted, and encrypted confirmation message is sent to the identity card card-reading terminal.
9. system according to any one of claims 1 to 4, which is characterized in that the dispatch server is also used to selecting After one certification safety control module, authentication code is generated, the authentication code is sent respectively to the identity card card-reading terminal With the authentication database.
10. system according to any one of claims 1 to 4, which is characterized in that the system also includes authorization server, Wherein,
The dispatch server is also used to when the certification safety control module of selection powers on, and is pacified to the selected certification Full control module sends data to be signed;
The selected certification safety control module is also used for signature private key and is signed to obtain to the data to be signed Signed data, will include the signed data, the corresponding public signature key certificate of the signature private key and selected recognize The authentication data for demonstrate,proving the encrypted public key certificate of safety control module returns to the dispatch server;
The dispatch server is also used to receive the authentication data that the selected certification safety control module returns, judgement Whether the public signature key certificate and the encrypted public key certificate handle abnormality;
It, will be described in the case where judging the public signature key certificate and the encrypted public key certificate not is processing abnormality Data to be signed and the authentication data are sent to the authorization server;
The authorization server, for public signature key certificate and described described in the authorization electronic signature equipment verification by connection Whether encrypted public key certificate distributes to same identity card card-reading terminal, if it is, whether verify the signed data correct, If it is, the authentication of the selected certification safety control module passes through, and otherwise, the selected certification security module Authentication do not pass through;
The authorization server is also used to lead in the case where the authentication of the selected certification safety control module passes through It crosses after the authorization electronic signature equipment encrypts the protection key of the authentication database and is sent to the dispatch service Device;And it is sent a warning message in the unacceptable situation of authentication of the selected certification safety control module;
The dispatch server is also used to the protection key of the authentication database of encryption being sent to the selected certification Safety control module;
The selected certification safety control module is also used to that the protection key of the authentication database of encryption is decrypted, Obtain the protection key of the authentication database.
11. system according to claim 10, which is characterized in that the selected certification safety control module be also used to by The protection key storage of the obtained authentication database is forbidden protecting the protection key of the authentication database in RAM There are in flash.
12. system according to any one of claims 1 to 4, which is characterized in that the dispatch server is also used to selecting After one certificate server, the work shape of the selected certification safety control module of the authentication database storage is updated State.
13. system according to any one of claims 1 to 4, which is characterized in that the dispatch server is also used to basis and works as The working condition of all certification safety control modules, order open or close the part certification security control in preceding system Module.
14. system according to any one of claims 1 to 4, which is characterized in that the dispatch server is also used to each The working condition of the certification security control is monitored in real time, when having monitored certification safety control module appearance exception, Then export warning message.
CN201610041590.1A 2016-01-21 2016-01-21 A kind of scheduling system of reading identity card Active CN105991649B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610041590.1A CN105991649B (en) 2016-01-21 2016-01-21 A kind of scheduling system of reading identity card

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610041590.1A CN105991649B (en) 2016-01-21 2016-01-21 A kind of scheduling system of reading identity card

Publications (2)

Publication Number Publication Date
CN105991649A CN105991649A (en) 2016-10-05
CN105991649B true CN105991649B (en) 2019-10-01

Family

ID=57039916

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610041590.1A Active CN105991649B (en) 2016-01-21 2016-01-21 A kind of scheduling system of reading identity card

Country Status (1)

Country Link
CN (1) CN105991649B (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108462681B (en) * 2017-02-22 2020-12-29 ***通信集团公司 Communication method, device and system of heterogeneous network
CN112560008A (en) * 2020-12-22 2021-03-26 中国农业银行股份有限公司 External device authentication method, external device and device management system

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN201657022U (en) * 2010-04-23 2010-11-24 朱杰 Network type identity document check system
CN103593634A (en) * 2013-11-08 2014-02-19 国家电网公司 Network centralized decoding system and method of identity card identifier
CN103914913A (en) * 2012-12-28 2014-07-09 北京握奇数据***有限公司 Intelligent card application scene recognition method and system
CN104639538A (en) * 2015-01-15 2015-05-20 李明 Identity card information obtaining method and system

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN201657022U (en) * 2010-04-23 2010-11-24 朱杰 Network type identity document check system
CN103914913A (en) * 2012-12-28 2014-07-09 北京握奇数据***有限公司 Intelligent card application scene recognition method and system
CN103593634A (en) * 2013-11-08 2014-02-19 国家电网公司 Network centralized decoding system and method of identity card identifier
CN104639538A (en) * 2015-01-15 2015-05-20 李明 Identity card information obtaining method and system

Also Published As

Publication number Publication date
CN105991649A (en) 2016-10-05

Similar Documents

Publication Publication Date Title
US8971537B2 (en) Access control protocol for embedded devices
CN106027467B (en) A kind of identity card reading response system
CN105654580B (en) Access control method and system, electronic lock, management and visitor's terminal
CN106559408B (en) SDN authentication method based on trust management
CN106027475B (en) The transmission method and system of a kind of key acquisition method, ID card information
US20100186075A1 (en) Method and system for accessing devices in a secure manner
CN106027251B (en) A kind of identity card card-reading terminal and cloud authentication platform data transmission method and system
KR101753859B1 (en) Server and method for managing smart home environment thereby, method for joining smart home environment and method for connecting communication session with smart device
CN106027473B (en) Identity card card-reading terminal and cloud authentication platform data transmission method and system
CN105191207A (en) Federated key management
CN103430183A (en) Physically secured authorization for utility applications
WO1999024895A1 (en) Tamper resistant method and apparatus
CN105991650B (en) A kind of transmission method and system of ID card information
KR20040101085A (en) Personal authentication device and system and method thereof
CN106506491B (en) Network safety system
CN110505055A (en) Based on unsymmetrical key pond to and key card outer net access identity authentication method and system
CN103391194B (en) The method and system that the safety equipment of user are unlocked
CN106027477B (en) A kind of identity card reading response method
CN105991649B (en) A kind of scheduling system of reading identity card
CN110519222A (en) Outer net access identity authentication method and system based on disposable asymmetric key pair and key card
CN105991648B (en) A kind of dispatching method of reading identity card
CN108055124A (en) Lock administration system and lock management method
CN106027256B (en) A kind of identity card card reading response system
CN106027471B (en) Scheduling server applied to identity card reading
CN103780600B (en) RSA public key cryptography based off-line electric power transaction information system authorization method

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant