CN113824688B - Encryption communication method, network controller and access control system - Google Patents

Encryption communication method, network controller and access control system Download PDF

Info

Publication number
CN113824688B
CN113824688B CN202110973524.9A CN202110973524A CN113824688B CN 113824688 B CN113824688 B CN 113824688B CN 202110973524 A CN202110973524 A CN 202110973524A CN 113824688 B CN113824688 B CN 113824688B
Authority
CN
China
Prior art keywords
data
communication
data packet
key
sub
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202110973524.9A
Other languages
Chinese (zh)
Other versions
CN113824688A (en
Inventor
何猛
莫明锋
陈荣
简智君
李锦华
郭军
胡运龙
胡远航
李大乐
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Ralid Information System Co ltd
Original Assignee
Ralid Information System Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ralid Information System Co ltd filed Critical Ralid Information System Co ltd
Priority to CN202110973524.9A priority Critical patent/CN113824688B/en
Publication of CN113824688A publication Critical patent/CN113824688A/en
Application granted granted Critical
Publication of CN113824688B publication Critical patent/CN113824688B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Small-Scale Networks (AREA)

Abstract

The invention provides an encryption communication method, a network controller and an access control system, wherein the encryption communication method comprises the following steps: s101: receiving encrypted data sent by a management platform, and decrypting the encrypted data through a stored internal key to obtain a project key; s102: receiving command data transmitted by the management platform through a communication link, judging whether the communication link for transmitting the command data is provided with a communication key, if so, executing the command data, and executing S103 after determining that the command data comprises communication with the sub-control equipment, if not, not executing the command data; s103: and adding a verification offset into the data packet sent to the sub-control equipment, so that the sub-control equipment performs validity verification on the data packet according to the verification offset. According to the access control device, illegal control of the access control device by manually intercepting data is prevented by adopting a data encryption transmission mode in the communication of the management platform and the network controller and the communication of the network controller and the sub-control device, so that the safety and the reliability of the communication are improved.

Description

Encryption communication method, network controller and access control system
Technical Field
The invention relates to the field of access control equipment communication, in particular to an encryption communication method, a network controller and an access control system.
Background
The door access system refers to the forbidden authority of a door in the field of intelligent buildings, namely ACS (access control system), wherein the door broadly comprises various passages capable of passing through, including doors for passing through people, doors for passing through vehicles and the like. Therefore, the entrance guard comprises a vehicle entrance guard, in the application of parking lot management, the vehicle entrance guard is an important means for vehicle management, the purpose of not taking parking fees is mainly to manage the entrance and exit rights of vehicles, the entrance guard safety management system is a novel modern safety management system, integrates a microcomputer automatic identification technology and modern safety management measures, and relates to a plurality of new technologies such as electronics, machinery, optics, computer technology, communication technology, biotechnology and the like, and the entrance guard safety management system is an effective measure for realizing safety precaution management of an entrance of an important department. The entrance guard system is suitable for various confidential departments, such as banks, hotels, parking lot management, machine rooms, ordnance libraries, confidential rooms, offices, intelligent communities, factories and the like, and is superior to simple gateway and key management, and the entrance guard system has gradually developed into a complete entrance and exit management system which plays a great role in administrative management work such as work environment safety, personnel attendance management and the like.
However, the communication between the access control devices mainly uses the Ethernet and the RS485 bus as intermediaries to perform data interaction, the data transmission enters the package transmission through a specific format, and the format of the data is fixed and is easy to be obtained through illegal means, so that the equipment is controlled illegally by people.
Disclosure of Invention
In order to overcome the defects of the prior art, the invention provides an encryption communication method, a network controller and an access control system, wherein an item key is obtained by decrypting encryption data through a prestored internal key, when command data transmitted by a management platform is received, whether the command data is executed is selected according to whether a communication link for transmitting the command data is provided with the communication key, illegal data are prevented from being executed by a sub-control device in a dynamic verification mode for data transmission between the sub-control device and the sub-control device, and illegal control of the access control device by manually intercepting the data is prevented in a mode of data encryption transmission between the management platform and the network controller and between the network controller and the sub-control device, so that the safety and reliability of the communication of the access control device are improved.
In order to solve the problems, the invention adopts a technical scheme that: an encrypted communication method applied to a network controller, comprising: s101: receiving encrypted data sent by a management platform, and decrypting the encrypted data through a stored internal key to obtain a project key; s102: receiving command data transmitted by the management platform through a communication link, judging whether the communication link for transmitting the command data is provided with a communication key, wherein the communication key is used for transmitting the encrypted communication key through the communication link after the communication link is established for the management platform, if so, executing the command data, and if not, executing the command data after determining that the command data comprises communication with a sub-control device, otherwise, not executing the command data; s103: and adding a check offset into the data packet sent to the sub-control equipment, so that the sub-control equipment checks the data packet according to the check offset to judge whether the data packet is legal or not.
Further, the step of receiving the encrypted data sent by the management platform further includes: and the management platform acquires the project key, encrypts the project key through the internal key to form encrypted data, and different projects and areas correspond to different project keys.
Further, the communication key is generated by a random function interface of the management platform.
Further, before the step of receiving command data transmitted by the management platform through the communication link, the method further includes: decrypting the encrypted communication key with the item key and storing the communication key.
Further, the step of adding the check offset to the data packet sent to the sub-control device specifically includes: and acquiring a verification initial value according to the verification offset, counting the data to be transmitted in the data packet according to the verification initial value to acquire a packet verification value, and placing the verification offset and the packet verification value in a preset position in the data packet.
Further, the step of the sub-control device verifying the data packet according to the verification offset to determine whether the data packet is legal specifically includes: acquiring a verification initial value according to the verification offset, and judging whether a packet verification value acquired through the verification initial value is consistent with a packet verification value in the data packet or not; if yes, determining the data package method; if not, determining that the data packet is illegal.
Further, after the step of verifying the data packet according to the verification offset by the sub-control device to determine whether the data packet is legal, the method further includes: the sub-control equipment judges whether the error between the check offset in the data packet and the pre-stored check offset is in a preset range; if yes, executing operation according to the data in the data packet, and replacing the check offset in the data packet with a pre-stored check offset; if not, returning notification information of the check error.
Further, the return of the notification information of the check error further includes: and setting the check offset corresponding to the sub-control equipment returning the notification information as a preset value, and transmitting the data packet next time according to the preset value.
Based on the same inventive concept, the invention also provides a network controller, which comprises: a processor, a memory storing a computer program by which the processor executes the encrypted communication method as described above.
Based on the same inventive concept, the invention also provides a network control system, wherein the access control system comprises a management platform, a network controller and a sub-control device, the network controller is respectively connected with the management platform and the sub-control device, and the access control system realizes the encryption communication method through the management platform, the network controller and the sub-control device.
Compared with the prior art, the invention has the beneficial effects that: the method comprises the steps of decrypting encrypted data through a pre-stored internal key to obtain an item key, selecting whether to execute command data according to whether a communication key is arranged on a communication link for transmitting the command data when the command data transmitted by a management platform is received, and preventing illegal data from being executed by a sub-control device in a dynamic verification mode for data transmission between the sub-control device and the sub-control device.
Drawings
FIG. 1 is a flow chart of an embodiment of an encryption communication method of the present invention;
FIG. 2 is a flow chart of an embodiment of the method for setting an item key in an encrypted communication method according to the present invention;
FIG. 3 is a flow chart of an embodiment of a communication key setting in the encryption communication method of the present invention;
FIG. 4 is a flowchart illustrating an embodiment of determining whether to execute a platform command operation in an encrypted communication method according to the present invention;
FIG. 5 is a flow chart of an embodiment of the encryption communication between the network controller and the sub-control setting in the encryption communication method of the present invention;
FIG. 6 is a block diagram of an embodiment of a network controller according to the present invention;
fig. 7 is a block diagram of an embodiment of an access control system according to the present invention.
Detailed Description
The present invention will be further described with reference to the accompanying drawings and detailed description, wherein it is to be understood that, on the premise of no conflict, the following embodiments or technical features may be arbitrarily combined to form new embodiments.
Referring to fig. 1-5, fig. 1 is a flowchart illustrating an embodiment of an encryption communication method according to the present invention; FIG. 2 is a flow chart of an embodiment of the method for setting an item key in an encrypted communication method according to the present invention; FIG. 3 is a flow chart of an embodiment of a communication key setting in the encryption communication method of the present invention; FIG. 4 is a flowchart illustrating an embodiment of determining whether to execute a platform command operation in an encrypted communication method according to the present invention; fig. 5 is a flowchart of an embodiment of the encryption communication between the network controller and the sub-control setting in the encryption communication method of the present invention. The encryption communication method of the present invention will be described in detail with reference to fig. 1 to 5.
In this embodiment, the encryption communication method is applied to a network controller, and includes:
s101: and receiving the encrypted data sent by the management platform, and decrypting the encrypted data through the stored internal key to obtain the project key.
The network controller receives the encrypted data sent by the management platform in a wireless or wired communication mode, the encrypted data is formed by encrypting the project key through the internal key after the management platform acquires the project key, and the network controller decrypts the encrypted data by utilizing the internal key to obtain the project key.
In this embodiment, the management platform may be a server, a computer, a cloud platform, and other entity devices or virtual devices, and the management of the access control device is implemented through the management platform. The network controller can be a router, a network card and other devices capable of transmitting data sent by the management platform to the sub-control equipment through a network.
In this embodiment, before the management platform and the network controller are shipped from the factory for use, the internal key is obtained by means of an independent carrier or by means of device writing, and is stored as the first-level public key in the network controller and the management platform in use. When the independent carriers are used for obtaining, the management platform or the network controller can be connected with the same independent carrier to obtain the internal secret key, or can be connected with different independent carriers to obtain the same internal secret key.
In this embodiment, the management platform performs verification and isolation management on different items or different item keys for different area trials. The area is the area where the network controller or the sub-control device is located.
After the network controller decrypts the encrypted data by using the internal key to obtain the project key, the network controller stores the project key into a preset storage area and records the project or area corresponding to the project key.
In a specific embodiment, the management platform encrypts the item key data value by using an internal key (first-level public key), then sets the encrypted item key data value into the network controller, and the network controller decrypts the item key data by using the internal key, and stores the item key data in the item key storage area, wherein the item key is used as a second-level public key to provide encryption and decryption basis for subsequent communication key setting. When the project key is installed and implemented, the project key is set and stored on a network controller and a management platform related to the project, and after the project is normally used, the project key does not need to be set repeatedly.
S102: receiving command data transmitted by the management platform through a communication link, judging whether the communication link for transmitting the command data is provided with a communication key, wherein the communication key is used for transmitting the encrypted communication key through the communication link after the communication link is established for the management platform, if so, executing the command data, and after determining that the command data comprises communication with the sub-control equipment, executing S103, otherwise, not executing the command data.
The step of receiving command data transmitted by the management platform through the communication link further comprises: the encrypted communication key is decrypted by the item key and stored.
In this embodiment, the communication key is generated by a random function interface of the management platform. The communication key used for each communication link is different. After the management platform establishes a new communication link with the network controller, the management platform firstly encrypts the communication key value by using the item key and then sends the encrypted communication key value to the network controller, and likewise, the network controller obtains the communication key used by the current communication link by using the item key decryption data and stores the communication key in a cache.
In order to improve the communication security between the management platform and the network controller, when the network controller receives command data or platform command operation transmitted by the management platform, judging whether a communication link for transmitting the data or the command operation is provided with a communication key, if so, executing the command or the operation according to the transmitted data, and if not, not processing the command data or the platform command operation.
In order to further protect the data, the management platform may further encrypt the command data or the platform command with a communication key corresponding to the communication link, and transmit the encrypted information to the network controller through the communication link. After the network controller determines that the communication link sets the communication key, the encrypted information is decrypted by using the communication key, so as to obtain command data or platform command operation.
S103: and adding a check offset into the data packet sent to the sub-control equipment, so that the sub-control equipment checks the data packet according to the check offset to judge whether the data packet is legal or not.
In this embodiment, the sub-control device may be a gate inhibition device, a gate inhibition controller, a gate, or other devices for managing personnel to enter and exit. The network controller and the sub-control device encrypt data in a CRC16 (1021) check mode and verify whether the data is legal or not.
The step of adding the check offset to the data packet sent to the sub-control device specifically includes: and acquiring a verification initial value according to the verification offset, counting the data to be transmitted in the data packet according to the verification initial value to acquire a packet verification value, and placing the verification offset and the packet verification value in a preset position in the data packet.
The step of checking the data packet by the sub-control device according to the checking offset to judge whether the data packet is legal specifically comprises the following steps: acquiring a verification initial value according to the verification offset, and judging whether a packet verification value acquired through the verification initial value is consistent with a packet verification value in a data packet or not; if yes, determining a data package method; if not, determining that the data packet is illegal.
The step of verifying the data packet by the sub-control device according to the verification offset to determine whether the data packet is legal further comprises the following steps: the sub-control equipment judges whether the error between the check offset in the data packet and the pre-stored check offset is in a preset range; if yes, executing operation according to the data in the data packet, and replacing the check offset in the data packet with a pre-stored check offset; if not, returning notification information of the check error.
In this embodiment, the preset range is that the error is not greater than a preset threshold, the preset threshold is 6, and in other embodiments, the preset threshold may be 7, 8, 9 or other values, which is not limited herein.
When the value of the check offset in the data packet is 0, the sub-control device does not acquire an error between the check offset in the data packet and a pre-stored check offset, determines that the check is passed, and executes corresponding operation according to the data in the data packet.
The method further comprises the following steps of: and setting the check offset corresponding to the sub-control equipment returning the notification information as a preset value, and transmitting the data packet next time according to the preset value.
In a specific embodiment, the communication between the network controller and the sub-controller makes the data frame intercepted illegally unable to be used illegally by introducing a check offset. The value of the verification offset is automatically increased by the network controller when the network controller performs command communication with the sub-control each time; the CRC16 (1021) of the data is checked when the data group is packed by using the value of the check offset, and the initial value of the CRC16 (1021) is: a value obtained by adding 0xA1EC to the value of the check offset; and the value of the offset is checked as the data content and put into the data of the group package (the fixed position of the data package). And counting the data to be transmitted by using the verification initial value to obtain a 16-bit packet verification value, and placing the 16-bit packet verification value at the tail end of the data packet and transmitting the 16-bit packet verification value and the data together. After the sub-control device receives the data packet: and adding 0xA1EC to the check offset value in the data packet to obtain an initial value of CRC16 (1021) check of the data packet, performing CRC16 (1021) check on the data packet (packet check value not containing 16 bits), comparing the calculated value with the 16bit number at the tail end of the packet, and performing the next processing if the calculated value is the same, otherwise, disregarding. If the verification process of the previous step is passed, it is required to compare whether the value of the verification offset currently stored by the control device and the value of the verification offset in the data packet are within an allowable range (for example, error 6), and note that: if the value of the check offset in the data packet is 0, the contrast value is not directly passed. If so, the command further performs processing and replaces the value of the check offset of the packet with the value of the check offset of the current cache for comparison for the next communication. If not, the subcontrol should return a check error command to notify the network controller. After receiving the command, the network controller sets the check offset value corresponding to the sub-control to 0, and the check offset value is used in the next transmission.
The beneficial effects are that: the encryption communication method of the invention decrypts the encrypted data through the pre-stored internal key to obtain the project key, when the command data transmitted by the management platform is received, whether the command data is executed is selected according to whether the communication link for transmitting the command data is provided with the communication key, and illegal data is prevented from being executed by the sub-control equipment in a dynamic verification mode for data transmission between the sub-control equipment and the sub-control equipment, and illegal control of the access control equipment by human interception of the data is prevented in a data encryption transmission mode for communication between the management platform and the network controller and communication between the network controller and the sub-control equipment, thereby improving the safety and reliability of the access control equipment communication.
Based on the same inventive concept, the present invention also provides a network controller, please refer to fig. 6, fig. 6 is a block diagram of an embodiment of the network controller of the present invention. The network controller of the present invention will be described with reference to fig. 6.
In this embodiment, the network controller includes: a processor, a memory storing a computer program by which the processor executes the encrypted communication method as described in the above embodiment.
Based on the same inventive concept, the present invention further provides an access control system, referring to fig. 7, and fig. 7 is a block diagram of an embodiment of the access control system of the present invention. The access control system of the present invention will be described with reference to fig. 7.
In this embodiment, the access control system includes a management platform, a network controller, and a sub-control device, where the network controller is connected to the management platform and the sub-control device, respectively, and the access control system implements the encryption communication method described in the foregoing embodiments through the management platform, the network controller, and the sub-control device.
In the embodiments provided in the present invention, it should be understood that the disclosed network controller/access control system and method may be implemented in other manners. For example, the embodiments described above are merely illustrative, e.g., the division of the modules or units is merely a logical functional division, and there may be additional divisions when actually implemented, e.g., multiple units or components may be combined or integrated into another storage device, or some features may be omitted, or not performed. Alternatively, the coupling or direct coupling or communication connection shown or discussed may be an indirect coupling or communication connection via codes, devices, or units, which may be in electrical, mechanical, or other forms.
The units described as separate units may or may not be physically separate, and units shown as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution of this embodiment.
In the present specification, each embodiment is described in a progressive manner, and each embodiment is mainly described in a different point from other embodiments, and identical and similar parts between the embodiments are all enough to refer to each other.
The previous description of the disclosed embodiments is provided to enable any person skilled in the art to make or use the present invention. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the invention. Thus, the present invention is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.

Claims (9)

1. An encrypted communication method, wherein the encrypted communication method is applied to a network controller, and comprises:
s101: receiving encrypted data sent by a management platform, and decrypting the encrypted data through a stored internal key to obtain a project key;
s102: receiving command data transmitted by the management platform through a communication link, judging whether the communication link for transmitting the command data is provided with a communication key, wherein after the management platform establishes the communication link, transmitting the encrypted communication key through the communication link, decrypting the encrypted communication key through a project key by a network controller, storing the communication key, if yes, executing the command data, and if not, executing the command data after determining that the command data comprises communication with a sub-control device, otherwise, executing the command data;
s103: and adding a check offset into the data packet sent to the sub-control equipment, so that the sub-control equipment checks the data packet according to the check offset to judge whether the data packet is legal or not.
2. The method of encrypted communication according to claim 1, wherein the step of receiving the encrypted data transmitted by the management platform further comprises, before:
and the management platform acquires the project key, encrypts the project key through the internal key to form encrypted data, and different projects and areas correspond to different project keys.
3. The encrypted communication method according to claim 1, wherein the communication key is generated by a random function interface of the management platform.
4. The encrypted communication method according to claim 1, wherein the step of adding the check offset to the data packet transmitted to the separate control device comprises:
and acquiring a verification initial value according to the verification offset, counting the data to be transmitted in the data packet according to the verification initial value to acquire a packet verification value, and placing the verification offset and the packet verification value in a preset position in the data packet.
5. The method of encrypted communication according to claim 4, wherein the step of the sub-control device checking the data packet according to the check offset to determine whether the data packet is valid comprises:
acquiring a verification initial value according to the verification offset, and judging whether a packet verification value acquired through the verification initial value is consistent with a packet verification value in the data packet or not;
if yes, determining the data package method;
if not, determining that the data packet is illegal.
6. The method of encrypted communication according to claim 5, wherein the step of verifying the data packet by the control division device according to the verification offset to determine whether the data packet is legitimate further comprises:
the sub-control equipment judges whether the error between the check offset in the data packet and the pre-stored check offset is in a preset range;
if yes, executing operation according to the data in the data packet, and replacing the check offset in the data packet with a pre-stored check offset;
if not, returning notification information of the check error.
7. The encryption communication method according to claim 6, wherein the return of notification information of the check error further comprises:
and setting the check offset corresponding to the sub-control equipment returning the notification information as a preset value, and transmitting the data packet next time according to the preset value.
8. A network controller, the network controller comprising: a processor, a memory storing a computer program by which the processor performs the encrypted communication method according to any one of claims 1-7.
9. An access control system, characterized in that the access control system comprises a management platform, a network controller and sub-control equipment, wherein the network controller is connected with the management platform and the sub-control equipment, and the network controller realizes the encryption communication method according to any one of claims 1-7 through the management platform and the sub-control equipment.
CN202110973524.9A 2021-08-24 2021-08-24 Encryption communication method, network controller and access control system Active CN113824688B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110973524.9A CN113824688B (en) 2021-08-24 2021-08-24 Encryption communication method, network controller and access control system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110973524.9A CN113824688B (en) 2021-08-24 2021-08-24 Encryption communication method, network controller and access control system

Publications (2)

Publication Number Publication Date
CN113824688A CN113824688A (en) 2021-12-21
CN113824688B true CN113824688B (en) 2023-04-25

Family

ID=78913519

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110973524.9A Active CN113824688B (en) 2021-08-24 2021-08-24 Encryption communication method, network controller and access control system

Country Status (1)

Country Link
CN (1) CN113824688B (en)

Family Cites Families (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1299446C (en) * 2004-05-01 2007-02-07 中兴通讯股份有限公司 A method of frame synchronization for wireless interface of time division communication system
KR101831134B1 (en) * 2016-05-17 2018-02-26 현대자동차주식회사 Method of providing security for controller using encryption and appratus for implementing the same
CN107947924A (en) * 2017-12-04 2018-04-20 深圳绿米联创科技有限公司 Intelligent domestic system and information ciphering method and device, terminal
CN107948178A (en) * 2017-12-04 2018-04-20 深圳绿米联创科技有限公司 Intelligent domestic system and information ciphering method and device, terminal
CN107979465A (en) * 2018-01-11 2018-05-01 浙江九州量子信息技术股份有限公司 A kind of key management system and cipher key synchronization method applied to intelligent home equipment
CN111031535A (en) * 2019-11-15 2020-04-17 华中科技大学 Secure communication method and system for smart card system
CN112887273B (en) * 2021-01-11 2022-05-20 苏州浪潮智能科技有限公司 Key management method and related equipment

Also Published As

Publication number Publication date
CN113824688A (en) 2021-12-21

Similar Documents

Publication Publication Date Title
US10498538B2 (en) Time-bound secure access
AU2016273890B2 (en) Controlling physical access to secure areas via client devices in a networked environment
JP4890248B2 (en) Control access to a given area
AU2015287628B2 (en) Networked access control system
CN105139499A (en) Mobile phone door lock system based on asymmetric secret key and realization method thereof
US20050232421A1 (en) Secure logging of transactions
CN101816140A (en) Token-based management system for PKI personalization process
US8566952B1 (en) System and method for encrypting data and providing controlled access to encrypted data with limited additional access
CN104636680A (en) Verification of authenticity of a maintenance means and provision and obtainment of a license key for use therein
CN109936555A (en) A kind of date storage method based on cloud platform, apparatus and system
KR101677249B1 (en) Security Apparatus and Method for Controlling Internet of Things Device Using User Token
CN101065789B (en) Logging access attempts to an area
WO2021170049A1 (en) Method and apparatus for recording access behavior
KR20230104921A (en) How to break the protection of an object achieved by the protection device
CN113824688B (en) Encryption communication method, network controller and access control system
CN106790304A (en) Data access method, device, node and server cluster
CN110120866A (en) The user management method of field device
US20220085996A1 (en) Digital key generation for electric and electronic locks
US20220407848A1 (en) Method for secure data communication in a computer network
CN107911384A (en) A kind of cell management system and method based on digital certificate
US20210287465A1 (en) Realestate as tradable digital assets through blockchain integration
KR100880512B1 (en) An entrance terminal with a built-in sam
AU2006200187B2 (en) Controlling access to an area
CN114697111B (en) Method and system for cross-cloud access to public cloud and public cloud
KR102411797B1 (en) Hardware-based vehicle cyber security system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant