WO2016165446A1 - Mobile terminals of teacher and parent, and method of authenticating identity of parent - Google Patents

Mobile terminals of teacher and parent, and method of authenticating identity of parent Download PDF

Info

Publication number
WO2016165446A1
WO2016165446A1 PCT/CN2016/072161 CN2016072161W WO2016165446A1 WO 2016165446 A1 WO2016165446 A1 WO 2016165446A1 CN 2016072161 W CN2016072161 W CN 2016072161W WO 2016165446 A1 WO2016165446 A1 WO 2016165446A1
Authority
WO
WIPO (PCT)
Prior art keywords
parent
mobile terminal
dynamic code
student
dynamic
Prior art date
Application number
PCT/CN2016/072161
Other languages
French (fr)
Chinese (zh)
Inventor
李文娟
易明
Original Assignee
中兴通讯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中兴通讯股份有限公司 filed Critical 中兴通讯股份有限公司
Publication of WO2016165446A1 publication Critical patent/WO2016165446A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • G06F21/35User authentication involving the use of external additional devices, e.g. dongles or smart cards communicating wirelessly

Definitions

  • the present application relates to, but is not limited to, the field of mobile communication technologies, and in particular, to a teacher, a parent mobile terminal, and a method for parental identity verification.
  • the school has taken many security measures, mainly through hardware means, such as face collection, fingerprint recognition and so on.
  • security measures mainly through hardware means, such as face collection, fingerprint recognition and so on.
  • schools generally use radio frequency to swipe cards.
  • parents swipe their cards they open the real-time monitoring window of the software and compare the parent photo information appearing on the software to confirm whether it is the parent of the child.
  • the real-time monitoring card is taken, and each record can be recorded.
  • the photos and time of the pick-up person are convenient for future enquiries and avoid unnecessary disputes.
  • the embodiments of the present invention provide a teacher, a parent mobile terminal, and a method for parental identity verification, which can overcome the loopholes and limitations of the prior art to prevent the children of the school from being taken away by the bad guys through hardware facilities.
  • the embodiment of the invention provides a method for parental identity verification, which is applied to a teacher mobile terminal, and includes:
  • each of the original dynamic codes corresponding to a student's dynamic lock of the student, the student dynamic lock comprising: a parent corresponding to the student, and a public key corresponding to each of the parents;
  • the parent mobile terminal that selects the encrypted dynamic code is selected as the pick-up parent mobile terminal, and receives the dynamic code sent by the pick-up parent mobile terminal, and the dynamic code is used by the pick-up parent mobile terminal to pick up the public key pair corresponding to the parent. Decrypting the dynamic code for decryption;
  • the method further includes:
  • the foregoing method further includes:
  • the embodiment of the invention further provides a teacher mobile terminal, comprising:
  • a dynamic code generating module configured to generate a corresponding original dynamic code for each student, wherein each of the original dynamic codes corresponds to a student's student dynamic lock, and the student dynamic lock includes: the student Corresponding parents, the public key corresponding to each of the parents;
  • a dynamic code encryption module configured to encrypt the original dynamic code to obtain an encrypted dynamic code
  • the communication setting module is configured to: send the encrypted dynamic code to the parent mobile terminal; use the parent mobile terminal that selects the encrypted dynamic code as the pick-up parent mobile terminal, and receive the dynamic code sent by the pick-up parent mobile terminal, where The dynamic code is obtained by decrypting the encrypted dynamic code by the shuttle parent mobile terminal by using a public key corresponding to the parent;
  • the authentication module is configured to: invoke the student dynamic lock to authenticate the dynamic code; if the dynamic code is consistent with the original dynamic code, determine that the dynamic code of the shuttle parent passes verification; If the dynamic code is inconsistent with the original dynamic code, it is determined that the dynamic code verification of the shuttle parent does not pass.
  • the communication setting module is further configured to receive a private key corresponding to the pick-up parent sent by the pick-up parent mobile terminal; the authentication module is further configured to authenticate the private key according to the student dynamic lock.
  • the teacher mobile terminal further includes:
  • the initialization module is configured to: select a teacher identity to enter the server on the selective identity interface provided by the server, and save the student information of each student and the parent information corresponding to each student on the server.
  • the embodiment of the invention further provides a method for parental identity verification, which is applied to a parent mobile terminal, and includes:
  • the primary parent mobile terminal If the primary parent mobile terminal is selected, sending update information to the server, the update information causing the server to update the student dynamic lock of the primary parent corresponding student, and the updated student dynamic lock includes the encrypted dynamic code and the primary parent Corresponding public key;
  • the method further includes:
  • the secondary parent mobile terminal If the secondary parent mobile terminal is selected, sending update information to the server, the update information causing the server to update the student dynamic lock of the secondary parent corresponding student, and the updated student dynamic lock includes the encrypted dynamic code and the secondary parent Corresponding public key;
  • the embodiment of the invention further provides a parent mobile terminal, comprising:
  • the communication setting module is configured to: set the primary parent mobile terminal or the secondary parent mobile terminal as the mobile terminal that receives the encrypted dynamic code sent by the teacher mobile terminal; if the primary parent mobile terminal is selected, send the update information to the server, the update information And causing the server to update the student dynamic lock of the primary parent corresponding student, and the updated student dynamic lock includes the encrypted dynamic code and a public key corresponding to the primary parent;
  • the decryption module is configured to: decrypt the encrypted dynamic code according to the public key corresponding to the primary parent to obtain a dynamic code, and decrypt the private key corresponding to the primary parent;
  • the communication setting module is further configured to: send the dynamic code and the private key to the teacher mobile terminal, so that the teacher mobile terminal authenticates the dynamic code and the private key according to the student dynamic lock, and verifies Whether the primary parent status is legal.
  • the communication setting module is further configured to: if the secondary parent mobile terminal is selected, send update information to the server, the update information causing the server to update the student dynamic lock of the secondary parent corresponding student, and the updated student dynamic
  • the lock includes the encrypted dynamic code and a public key corresponding to the secondary parent;
  • the decryption module is further configured to: decrypt the encrypted dynamic code according to a public key corresponding to the secondary parent to obtain a dynamic code, and decrypt the private key corresponding to the secondary parent;
  • the communication setting module is further configured to: send the dynamic code and the private key to the teacher mobile terminal, so that the teacher mobile terminal authenticates the dynamic code and the private key according to the student dynamic lock, Verify that the secondary parent status is legal.
  • the embodiment of the present invention further provides a method for parental identity verification, which is applied to a parent mobile terminal, and the method includes:
  • the parent mobile terminal serves as the mobile terminal that receives the encrypted dynamic code sent by the teacher mobile terminal, after receiving the encrypted dynamic code, sends update information to the server, wherein the update information causes the server to correspond to the parent
  • the student dynamic lock is updated, and the updated student dynamic lock includes the encrypted dynamic code and the public key corresponding to the parent;
  • the method further includes: setting the primary parent mobile terminal or the secondary parent mobile terminal as the mobile terminal that receives the encrypted dynamic code sent by the teacher mobile terminal.
  • the method further includes: decrypting a private key corresponding to the parent, and sending the private key to the teacher mobile terminal, so that the teacher mobile terminal performs the private key according to the student dynamic lock. Authentication to verify that the parental status is legal.
  • an embodiment of the present invention further provides a parent mobile terminal, including: a wireless communication unit and a processor,
  • the wireless communication unit is configured to: when the parent mobile terminal receives the encrypted dynamic code as the mobile terminal that receives the encrypted dynamic code sent by the teacher mobile terminal, the update information is sent to the server, wherein the update information is The server updates the student dynamic lock of the parent corresponding student, and the updated student dynamic lock includes the encrypted dynamic code and the public key corresponding to the parent;
  • the processor is configured to: decrypt the encrypted dynamic code according to the public key corresponding to the parent to obtain a dynamic code
  • the wireless communication unit is further configured to: send the dynamic code to the teacher mobile terminal, so that the teacher mobile terminal authenticates the dynamic code according to the student dynamic lock to verify the home Whether long status is legal.
  • an embodiment of the present invention further provides a teacher mobile terminal, including: a wireless communication unit and a processor,
  • the processor is configured to generate a corresponding original dynamic code for each student, wherein each of the original dynamic codes corresponds to a student dynamic lock of a student, and the student dynamic lock includes: a parent corresponding to the student, each a public key corresponding to the parent; encrypting the original dynamic code to obtain an encrypted dynamic code;
  • the wireless communication unit is configured to: send the encrypted dynamic code to the parent mobile terminal; use the parent mobile terminal that selects to receive the encrypted dynamic code as the pick-up parent mobile terminal, and receive the dynamic code sent by the pick-up parent mobile terminal,
  • the dynamic code is obtained by decrypting the encrypted dynamic code by the shuttle parent mobile terminal by using a public key corresponding to the parent;
  • the processor is further configured to: invoke the student dynamic lock to authenticate the dynamic code; if the dynamic code is consistent with the original dynamic code, determine that the dynamic code of the shuttle parent passes verification; If the dynamic code is inconsistent with the original dynamic code, it is determined that the dynamic code verification of the shuttle parent does not pass.
  • an embodiment of the present invention further provides a computer readable storage medium storing computer executable instructions that implement a method for parental authentication applied to a teacher mobile terminal when the computer executable instructions are executed.
  • an embodiment of the present invention further provides a computer readable storage medium storing computer executable instructions that implement a method for parental authentication applied to a parent mobile terminal when the computer executable instructions are executed.
  • the method for parental identity verification in the embodiment of the present invention can ensure security, and the authentication is performed for each parent to be authenticated, and the encrypted dynamic code for verification is not only encrypted but also updated every day, providing a double Guarantee.
  • the embodiment of the present invention can be applied to the situation that other members of the family pick up and drop off children at any time, without worrying about the authentication problem, and is more life-oriented, humanized, and secure.
  • FIG. 1 is a flowchart of a method for parental identity verification applied to a teacher mobile terminal according to an embodiment of the present invention
  • FIG. 2 is a structural diagram of a teacher mobile terminal according to an embodiment of the present invention.
  • FIG. 3 is a flowchart of a method for parental identity verification applied to a parent mobile terminal according to an embodiment of the present invention
  • FIG. 4 is a structural diagram of a parent mobile terminal according to an embodiment of the present invention.
  • FIG. 5 is a schematic diagram of a server for storing student information, a parent public key, and a student dynamic lock in the embodiment of the present invention
  • FIG. 6 is a schematic diagram showing an identity selection interface provided by a server in an embodiment of the present invention.
  • FIG. 7 is a schematic diagram showing the interaction process between the mobile terminal of the primary and secondary parents and the mobile terminal of the teacher in the embodiment of the present invention.
  • FIG. 8 is a schematic flowchart showing the process of authenticating a dynamic code in the embodiment of the present invention.
  • FIG. 9 is a schematic diagram showing interaction between a mobile terminal of a primary and secondary parent and a mobile terminal of a teacher in an embodiment of the present invention.
  • FIG. 10 is a first schematic flowchart 1 showing a method for parental identity verification according to an embodiment of the present invention.
  • FIG. 11 is a second schematic diagram showing the flow of the method for parental authentication in the embodiment of the present invention.
  • a method for parental identity verification provided by an embodiment of the present invention is applied to a teacher mobile terminal, and the method includes the following steps:
  • Step 101 Generate a corresponding original dynamic code for each student, wherein each original dynamic code corresponds to a student's dynamic lock of the student, and the student dynamic lock includes: a parent corresponding to the student, and a public key corresponding to each parent. Specifically, the original dynamic code corresponding to each student is generated according to the number of students.
  • Step 102 Encrypt the original dynamic code to obtain an encrypted dynamic code.
  • the state code is tampered with during the transmission process, and the original dynamic code is encrypted according to a certain algorithm.
  • Step 103 Send the encrypted dynamic code to the parent mobile terminal.
  • Step 104 The parent mobile terminal that selects to receive the encrypted dynamic code is used as the pick-up parent mobile terminal, and receives the dynamic code sent by the parent mobile terminal, wherein the dynamic code is sent by the parent mobile terminal to the encrypted dynamic code by using the public key corresponding to the parent. Decrypted.
  • the parent mobile terminal ie, the mobile terminal of the parent who picks up the student
  • the teacher mobile terminal receives the dynamic code obtained by the parent mobile terminal decrypting according to the encrypted dynamic code.
  • Step 105 Invoke the student dynamic lock to authenticate the dynamic code. If the dynamic code is consistent with the original dynamic code, it is determined that the dynamic code of the parent is verified; if the dynamic code is inconsistent with the original dynamic code, the dynamic code verification of the parent is determined. Fail. Specifically, the student dynamic lock uniquely corresponding to the original dynamic code is compared with the dynamic code to determine whether the dynamic code is consistent with the original dynamic code; if they are consistent, the dynamic code of the pick-up parent is determined to pass the verification.
  • the method for parental authentication provided by the embodiment of the invention can ensure security, authenticate each parent to be authenticated, and encrypt the encrypted dynamic code for verification.
  • the method provided by the embodiment of the present invention can be applied to the situation that other members in the family can pick up and drop children at any time without worrying about the authentication problem, and is more life-oriented, humanized, and secure.
  • the difference between the embodiment and the first embodiment is that, in the embodiment, after the step 104, the method for the parental authentication provided by the embodiment further includes: receiving a private key corresponding to the shuttle parent sent by the parent mobile terminal, and The private key is authenticated according to the student dynamic lock.
  • the parent mobile terminal that receives the encrypted dynamic code is selected as the pick-up parent mobile terminal that performs authentication verification when the student picks up the student, and the teacher mobile terminal receives the private key corresponding to the pick-up parent sent by the parent mobile terminal, and according to the student dynamic lock pair
  • the private key is authenticated to further ensure the legitimacy of the parents.
  • the information of each student and the parent of the student may be saved in the student information system in advance, and the public key information corresponding to each parent is saved. It is also possible to save only the information and public key of each student and the parent parent in advance, and the information and public key of the other parent parents are added by the parent parent.
  • public key generation, private key decryption, and dynamic code decryption are all agreed in advance. The method in the present invention does not limit the algorithm.
  • the method for the parental authentication provided by the embodiment further includes: selecting a teacher identity to enter the server on the selected identity interface provided by the server, and The student information of each student and the parent information corresponding to each student are saved on the server.
  • the teacher can save the student information of each student and the parent information corresponding to each student on the server through the teacher mobile terminal.
  • the server stores: student family information, parent public key information, and student dynamic lock.
  • the three tables are identified and associated by the student's unique identification number (ID, Identification). Among them, the information of each student and the parent information of the student can be pre-set by the teacher, and can also be updated by the parent parent during use.
  • Parent public key information is provided by each student's parents, and is encrypted and stored using an encryption algorithm common to the system.
  • the data in the student dynamic lock is dynamically changed.
  • the dynamic code is dynamically generated and encrypted by the teacher mobile terminal every day.
  • the dynamic public key is dynamically extracted according to the parent's choice.
  • FIG. 6 is a schematic diagram of an identity selection interface provided by a server.
  • the identity selection interface is a system portal provided by the server for the teacher, the primary parent, and the secondary parent.
  • the teacher selects the interface shown in FIG. 6 through the teacher mobile terminal. After the "teacher” enters the teacher's side system. After the parents enter the identity selection interface through the parent mobile terminal, they first need to input the child's name and other related information. After that, the interface displays the parent option, which usually includes: the child's mother, father, grandfather, grandmother, grandfather, grandmother, etc. After the parent chooses the corresponding identity, it is also necessary to determine whether the identity is the primary parent or the deputy parent. If the parent selects the primary parent through the parent mobile terminal, he or she enters the primary parent system, and if the secondary parent is selected, the secondary parental system is entered. Once the identity selection is complete, the background synchronizes the information to the server.
  • the server maintains information about all students, including the student's name, the relevant parent of each student, the public key information of the relevant parent, and saves the dynamic code information encrypted by each student transmitted by the teacher's mobile terminal every day.
  • the public key information of the student's parents are examples of the public key information of the student's parents.
  • the embodiment provides a teacher mobile terminal, including:
  • the dynamic code generating module 201 is configured to generate a corresponding original dynamic code for each student, wherein each original dynamic code corresponds to a student dynamic lock of the student, and the student dynamic lock includes: a parent corresponding to the student and a corresponding parent Public key
  • the dynamic code encryption module 202 is configured to encrypt the original dynamic code to obtain an encrypted dynamic code.
  • the communication setting module 203 is configured to: send the encrypted dynamic code to the parent mobile terminal; use the parent mobile terminal that selects to receive the encrypted dynamic code as the pick-up parent mobile terminal, and receive the dynamic code sent by the parent mobile terminal, wherein the dynamic code is sent and received.
  • the parent mobile terminal decrypts the encrypted dynamic code by picking up the parent's corresponding public key;
  • the authentication module 204 is configured to: invoke the student dynamic lock to authenticate the dynamic code. If the dynamic code is consistent with the original dynamic code, it is determined that the dynamic code of the parent is verified; if the dynamic code is inconsistent with the original dynamic code, the transfer is determined. The parent's dynamic code verification failed.
  • the number of original dynamic codes randomly generated by the dynamic code generating module is the same as the number of students. For the safety of the child, the dynamic code generation needs to agree on the frequency of replacement.
  • the dynamic code encryption module encrypts the randomly generated original dynamic code according to a certain encryption algorithm to avoid being tampered with during transmission.
  • the original dynamic code before encryption is stored in the database of the student information system by the system.
  • the authentication module verifies whether the identity of the parent who picks up the student is legal according to the last dynamic lock information of each student saved in the student information system.
  • the authentication module is further configured to: receive the private key corresponding to the shuttle parent sent by the parent mobile terminal, and according to the student dynamic The lock authenticates the private key to determine whether the identity of the pick-up parent is legal.
  • the teacher mobile terminal further includes: an initialization module, configured to: select a teacher identity to enter the server on the selected identity interface provided by the server, and save each on the server. Student information and student-specific parent information.
  • the initialization module that is, the entry module of the teacher mobile terminal, initializes the student information and the parent information corresponding to the student into the server.
  • an embodiment of the present invention provides a method for parental identity verification, which is applied to a parent mobile terminal, including:
  • Step 301 The primary parent mobile terminal sets the primary parent mobile terminal or its secondary parent mobile terminal as the mobile terminal that receives the encrypted dynamic code sent by the teacher mobile terminal. Specifically, the primary parent may select a different family member as the candidate for picking up the child through the primary parent mobile terminal, so that the corresponding mobile terminal can receive the encrypted dynamic code from the teacher mobile terminal for identity verification.
  • Step 302 If the primary parent mobile terminal is selected, the primary parent mobile terminal sends update information to the server, wherein the update information causes the server to update the student dynamic lock of the primary parent corresponding student, and the updated student dynamic lock includes the encrypted dynamic code.
  • the public key corresponding to the primary parent Specifically, when the primary parent corresponding to the primary parent mobile terminal is selected as the parent who picks up the child, the server updates the student dynamic lock of the student to include the encrypted dynamic code and the public key corresponding to the primary parent, so that the primary parent mobile terminal invokes The public key corresponding to the primary parent.
  • Step 303 The primary parent mobile terminal decrypts the encrypted dynamic code according to the public key corresponding to the primary parent to obtain a dynamic code, and decrypts the private key corresponding to the primary parent, and provides the teacher mobile terminal with the dynamic code and the private key of the primary parent mobile terminal. Perform authentication.
  • Step 304 The primary parent mobile terminal sends the dynamic code and the private key to the teacher mobile terminal, so that the teacher mobile terminal authenticates the dynamic code and the private key according to the student dynamic lock, and verifies whether the primary parent identity is legal.
  • the method for parental authentication provided by the embodiment further includes: if the secondary parent mobile terminal is selected, the secondary parent mobile terminal sends the server to the server. Updating information, wherein the updating information causes the server to update the student dynamic lock of the secondary parent corresponding student, the updated student dynamic lock includes the encrypted dynamic code and the public key corresponding to the secondary parent; and the secondary parent mobile terminal decrypts the encrypted dynamic code Obtaining a dynamic code, and decrypting the private key corresponding to the secondary parent; the secondary parent mobile terminal sends the dynamic code and the private key to the teacher mobile terminal, so that the teacher mobile terminal performs the dynamic code and the private key according to the student dynamic lock. Right, verify whether the identity of the deputy parent is legal.
  • this embodiment provides a parent mobile terminal, including:
  • the communication setting module 401 is configured to: set the primary parent mobile terminal or the secondary parent mobile terminal as the mobile terminal that receives the encrypted dynamic code sent by the teacher mobile terminal; if the primary parent mobile terminal is selected, send the update information to the server, where the update The information causes the server to update the student dynamic lock of the primary parent corresponding student, and the updated student dynamic lock includes the encrypted dynamic code and the public key corresponding to the primary parent;
  • the decryption module 402 is configured to decrypt the encrypted dynamic code to obtain a dynamic code, and decrypt the private key corresponding to the primary parent;
  • the communication setting module 401 is further configured to: send the dynamic code and the private key to the teacher mobile terminal, so that the teacher mobile terminal authenticates the dynamic code and the private key according to the student dynamic lock, and verifies whether the primary parent identity is legal.
  • the communication process of the communication setting module of the teacher mobile terminal and the parent mobile terminal is as follows:
  • Step 3011 After the teacher selects the identity, enters the teacher's party system, and initially needs to create all the original information data of the student in charge of the class;
  • Step 3012 The dynamic code generating module of the teacher mobile terminal generates the original dynamic code, and encrypts the original dynamic code by using the dynamic code encryption module, and saves the original dynamic code in the server, and the teacher mobile terminal needs to go to the server to read before sending the original dynamic code;
  • Step 3013 The teacher clicks to send the encrypted dynamic code, and the communication setting module of the teacher mobile terminal sends the mobile terminal to the student's parent mobile terminal by default;
  • Step 3021 After step 3013, the primary parent mobile terminal receives the encrypted dynamic code sent by the teacher mobile terminal, automatically saves, and prompts the primary parent whether to accept the encrypted dynamic code;
  • Step 3022 The primary parent may accept the prompt or refuse the prompt and select another parent to pick up the student;
  • Step 3023 The system reads the primary parent setting
  • Step 3024 According to the setting of the primary parent, the primary parent mobile terminal sends update information to the server, so that the server updates the student dynamic lock. If the primary parent transfers, the server loads the parent parent. Key, if no, subsequent updates;
  • Step 3025 The primary parent wants to add or delete a deputy parent in the server, and select the corresponding add or delete option;
  • Step 3026 Adding and deleting a public key of the corresponding secondary parent, the public key algorithm is not limited in the embodiment of the present invention.
  • Step 3027 After the update is completed, the server is updated
  • Step 3031 If, in step 3023, the primary parent selects the secondary parent transfer, the corresponding secondary parent mobile terminal receives the encrypted dynamic code and the prompt information;
  • Step 3032 The deputy parent accepts the request (normally, the primary parent will send a request after communicating with the deputy parent, so the default deputy parent accepts the request);
  • Step 3033 The secondary parent mobile terminal sends update information to the server, and the student information server updates, and loads the parent key's public key information.
  • the communication setting module has different functions on the corresponding terminal depending on the selection of the identity.
  • the communication setting module of the teacher mobile terminal can read and send the encrypted dynamic code to the primary parent mobile terminal.
  • the communication setting module of the primary parent mobile terminal may select the parent who picks up the child today, may be himself, or may assign it to other members of the family as the pick-up parent, the mobile terminal of the assigned deputy parent.
  • the main parent can also have a special permission to create a temporary member as a temporary deputy parent. The primary parent only needs to select the identity in the system, create a new parent, and upload the new parent's public key to the student information system server.
  • the communication setting module of the deputy parent side can receive the prompt for sending and receiving the child and the encrypted dynamic code sent by the parent parent mobile terminal.
  • the communication setting module may last update the dynamic public key information corresponding to each student ID in the student information system according to the settings of the master parent. For example, the parent (mother) of Wang Er chose Wang Er’s father as the parent to pick up the child today. Then, the communication setting module of Wang Er’s father’s mobile terminal receives the settings of the master parent and goes to the student information system server. Query the ID of Wang Er, and find the public key of his father based on this ID. The server finally combines the father's public key information with the randomly assigned Wang Er's encrypted dynamic code, as the dynamic of the identity of Wang Er's father will be verified today. lock.
  • the communication setting module is further configured. If the secondary parent mobile terminal is selected, the update information is sent to the server, wherein the update information causes the server to update the student dynamic lock of the secondary parent corresponding student, and the updated student dynamic lock includes the encrypted dynamic code and the secondary parent corresponding The public key; the decryption module is further configured to: decrypt the encrypted dynamic code to obtain a dynamic code, and decrypt the private key corresponding to the secondary parent; the communication setting module is further configured to: send the dynamic code and the private key to the teacher mobile terminal, so that The teacher mobile terminal authenticates the dynamic code and the private key according to the student dynamic lock, and verifies whether the identity of the secondary parent is legal.
  • Step 4011 When the primary parent or the deputy parent authenticates in the school, the primary parent mobile terminal or the secondary parent mobile terminal needs to read the encrypted dynamic code sent by the teacher mobile terminal, and the encrypted dynamic code can be stored in the cache or stored in the system. Other location
  • Step 4012 After reading, the primary parent mobile terminal or the secondary parent mobile terminal decrypts according to the built-in default dynamic code decryption algorithm, and restores the original dynamic code.
  • Step 4013 The restored original dynamic code is compared by the authentication system of the teacher mobile terminal, and is consistent with the generated original dynamic code;
  • Step 4014 After the dynamic code is successfully decrypted, the identity of the parent needs to be verified, so the primary parent mobile terminal or the secondary parent mobile terminal needs to call the parent's own private key, and the system stipulates the private key generation method and the storage location;
  • Step 4015 The teacher mobile terminal needs to authenticate the parent's private key
  • Step 4016 When the teacher mobile terminal authenticates the dynamic code and the private key, the dynamic code and the public key in the student information server need to be called for authentication.
  • the parent identity verification system provided by the embodiment of the present invention includes at least two mobile terminal devices, one of which is a teacher side and the other or multiple mobile terminal devices are a parent side.
  • Parents must set up a primary parent and the rest of the parents as deputy parents.
  • the primary parent is the parent who is mainly responsible for picking up the child
  • the deputy parent is the parent who may pick up the child.
  • Step S601 the teacher side and the parent side use their respective mobile terminals to connect to the server for identity selection;
  • Step S602 The teacher mobile terminal performs dynamic code generation.
  • Step S603 The teacher mobile terminal encrypts the generated dynamic code.
  • Step S604 the teacher clicks on the dynamic code to send, and the teacher mobile terminal sends the encrypted dynamic code to the primary parent mobile terminal;
  • Step S605 The primary parent mobile terminal receives the encrypted dynamic code, and selects itself as the parent who picks up the child;
  • Step S606 After receiving the setting of the master parent, the communication setting module of the master parent mobile terminal notifies the server to update the student dynamic lock, and the server updates the student dynamic lock to the encrypted dynamic code and the master parent public key;
  • Step S607 when the primary parent picks up the child, selects decryption, and the decryption module of the primary parent mobile terminal decrypts the encrypted dynamic code
  • Step S608 The teacher mobile terminal invokes the student dynamic lock stored in the server to verify whether the primary parent identity is legal;
  • Step S609 In the case that the primary parent identity verification fails, the teacher mobile terminal prompts an alarm.
  • Step S701 the teacher side and the parent side use their respective terminal connection servers for identity selection;
  • Step S702 The teacher mobile terminal performs dynamic code generation.
  • Step S703 The teacher mobile terminal encrypts the generated dynamic code.
  • Step S704 the teacher clicks on the dynamic code to send, and the teacher mobile terminal sends the encrypted dynamic code to the primary parent mobile terminal;
  • Step S705 After receiving the encrypted dynamic code, the primary parent mobile terminal selects the deputy parent (father) as the parent who picks up the child;
  • Step S706 The secondary parent mobile terminal receives the encrypted dynamic code and the prompt to pick up the child;
  • Step S707 the father accepts the request; the communication setting module of the secondary parent (father) mobile terminal passes Knowing that the server updates the student dynamic lock, the server updates the student dynamic lock to the encrypted dynamic code and the father public key;
  • Step S708 When the father picks up the child, select decryption, and the decryption module of the secondary parent mobile terminal loads the encrypted dynamic code and the private key in the cache;
  • Step S709 the decryption module calling algorithm of the secondary parent mobile terminal (father) decrypts the encrypted dynamic code
  • Step S710 The teacher mobile terminal invokes the student dynamic lock in the server to verify whether the identity of the secondary parent is legal;
  • Step S711 In the case that the secondary parent identity verification fails, the teacher mobile terminal prompts an alarm.
  • the modules may be implemented in software for execution by various types of processors.
  • a communication setup module can include one or more physical or logical blocks of computer instructions, which can be constructed, for example, as an object, procedure, or function. Nonetheless, the executable code of the communication setup module need not be physically located together, but may include different instructions stored at different locations that, when logically combined, constitute a module and achieve the stated purpose of the module .
  • the communication setup module can be a single instruction or a number of instructions, and can even be distributed over multiple different code segments, distributed among different programs, and distributed across multiple memory devices.
  • operational data may be identified within the modules and may be implemented in any suitable form and organized within any suitable type of data structure. The operational data may be collected as a single data set, or may be distributed at different locations (including on different storage devices), and may at least partially exist as an electronic signal on a system or network.
  • the module can be implemented by software, considering the level of the existing hardware process, the module can be implemented in software, and the technician can construct a corresponding hardware circuit to implement the corresponding function without considering the cost.
  • the hardware circuitry includes conventional Very Large Scale Integration (VLSI) circuits or gate arrays as well as existing semiconductors such as logic chips, transistors, or other discrete components.
  • VLSI Very Large Scale Integration
  • the modules can also be implemented with programmable hardware devices such as field programmable gate arrays, programmable array logic, programmable logic devices, and the like.
  • the embodiment of the present invention further provides a method for parental identity verification, which is applied to a parent mobile terminal, and the method includes:
  • the parent mobile terminal serves as the mobile terminal that receives the encrypted dynamic code sent by the teacher mobile terminal, after receiving the encrypted dynamic code, sends update information to the server, wherein the update information causes the server to correspond to the parent
  • the student dynamic lock is updated, and the updated student dynamic lock includes the encrypted dynamic code and the public key corresponding to the parent;
  • the method further includes: setting the primary parent mobile terminal or the secondary parent mobile terminal as the mobile terminal that receives the encrypted dynamic code sent by the teacher mobile terminal.
  • the method further includes: decrypting a private key corresponding to the parent, and sending the private key to the teacher mobile terminal, so that the teacher mobile terminal performs the private key according to the student dynamic lock. Authentication to verify that the parental status is legal.
  • an embodiment of the present invention further provides a parent mobile terminal, including: a wireless communication unit and a processor,
  • the wireless communication unit is configured to: when the parent mobile terminal receives the encrypted dynamic code as the mobile terminal that receives the encrypted dynamic code sent by the teacher mobile terminal, the update information is sent to the server, wherein the update information is The server updates the student dynamic lock of the parent corresponding student, and the updated student dynamic lock includes the encrypted dynamic code and the public key corresponding to the parent;
  • the processor is configured to: decrypt the encrypted dynamic code according to the public key corresponding to the parent to obtain a dynamic code
  • the wireless communication unit is further configured to: send the dynamic code to the teacher mobile terminal, so that the teacher mobile terminal authenticates the dynamic code according to the student dynamic lock to verify whether the parent identity is legal.
  • an embodiment of the present invention further provides a teacher mobile terminal, including: a wireless communication unit and a processor,
  • the processor is configured to generate a corresponding original dynamic code for each student, wherein each of the original dynamic codes corresponds to a student dynamic lock of a student, and the student dynamic lock includes: the student corresponding a parent, a public key corresponding to each of the parents; encrypting the original dynamic code to obtain an encrypted dynamic code;
  • the wireless communication unit is configured to: send the encrypted dynamic code to the parent mobile terminal; use the parent mobile terminal that selects to receive the encrypted dynamic code as the pick-up parent mobile terminal, and receive the dynamic code sent by the pick-up parent mobile terminal,
  • the dynamic code is obtained by decrypting the encrypted dynamic code by the shuttle parent mobile terminal by using a public key corresponding to the parent;
  • the processor is further configured to: invoke the student dynamic lock to authenticate the dynamic code; if the dynamic code is consistent with the original dynamic code, determine that the dynamic code of the shuttle parent passes verification; If the dynamic code is inconsistent with the original dynamic code, it is determined that the dynamic code verification of the shuttle parent does not pass.
  • an embodiment of the present invention further provides a computer readable storage medium storing computer executable instructions that implement a method for parental authentication applied to a teacher mobile terminal when the computer executable instructions are executed.
  • an embodiment of the present invention further provides a computer readable storage medium storing computer executable instructions that implement a method for parental authentication applied to a parent mobile terminal when the computer executable instructions are executed.
  • each module/unit in the above embodiment may be implemented in the form of hardware, for example, by implementing an integrated circuit to implement its corresponding function, or may be implemented in the form of a software function module, for example, executing a program stored in the memory by a processor. / instruction to achieve its corresponding function.
  • the invention is not limited to any specific form of combination of hardware and software.
  • Embodiments of the present invention provide a method for a teacher mobile terminal, a parent mobile terminal, and a parental identity verification, which can ensure security, authenticate each parent, and verify that the encrypted dynamic code is not only encrypted but also updated every day. A double guarantee. Moreover, the embodiment of the present invention can be applied to the situation that other members of the family pick up and drop off children at any time, without worrying about the authentication problem, and is more life-oriented, humanized, and secure.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

A method of authenticating an identity of a parent applies to a mobile terminal of a teacher. The method comprises: generating, for each of students, an original dynamic code corresponding thereto; encrypting the original dynamic code to obtain an encrypted dynamic code; transmitting the encrypted dynamic code to a mobile terminal of a parent; setting the mobile terminal of the parent selected to receive the encrypted dynamic code as a mobile terminal of a parent picking up a student, and receiving a dynamic code transmitted by the mobile terminal of the parent picking up the student; invoking a student dynamic lock to authenticate the dynamic code. The method can ensure security by performing the identity authentication for each of the parents picking up the students and encrypting the dynamic code for authentication and updating the encrypted dynamic code on a daily basis, thus providing double security. Furthermore, the method is suitable for the situation in which other family members may be designated anytime to pick up the child, without worrying for the authentication problem, and is more adaptive for various lifestyles, user-friendly and secured.

Description

老师、家长移动终端及家长身份验证的方法Teacher, parent mobile terminal and parental authentication method 技术领域Technical field
本申请涉及但不限于移动通信技术领域,尤其涉及一种老师、家长移动终端及家长身份验证的方法。The present application relates to, but is not limited to, the field of mobile communication technologies, and in particular, to a teacher, a parent mobile terminal, and a method for parental identity verification.
背景技术Background technique
近几年来经常出现小孩被抱走、杀害等案例。为此,子女的安全问题,对所有父母乃至整个社会而言都是最关心、最重要的问题。In recent years, there have been many cases in which children have been taken away and killed. To this end, the safety of children is the most important and important issue for all parents and society as a whole.
从幼儿园开始到走出校园,孩子们所在最多的地方就是学校,因此,学校如何肩负起每个学生的安全问题,尤为重要。特别是每天放学后,需要确保是否每一位学生都平安地回到了家中。现在的学校都要求家长亲自来接送小孩,但是这也不能避免有坏人冒充家长恶意将孩子带走的情况。From kindergarten to school, the most common place for children is the school. Therefore, it is especially important for the school to shoulder the safety of each student. Especially after school every day, you need to make sure that every student returns home safely. Today's schools require parents to pick up and drop children in person, but this does not prevent bad people from pretending to be maliciously taking their children away.
针对该问题,目前学校采取了许多安全措施,主要是通过硬件手段来实现,比如人脸采集、指纹识别等。例如,目前学校一般采用射频方式刷卡,家长刷卡时,打开软件的实时监测窗口,比对软件上出现的家长照片信息,确认是否为该小孩的家长,同时,实时监测刷卡拍照,还可记录每次接送人的照片、时间,便于日后查询,避免不必要的纠纷。In response to this problem, the school has taken many security measures, mainly through hardware means, such as face collection, fingerprint recognition and so on. For example, at present, schools generally use radio frequency to swipe cards. When parents swipe their cards, they open the real-time monitoring window of the software and compare the parent photo information appearing on the software to confirm whether it is the parent of the child. At the same time, the real-time monitoring card is taken, and each record can be recorded. The photos and time of the pick-up person are convenient for future enquiries and avoid unnecessary disputes.
以上方法主要借助于硬件设施来达到安全的目的。然而,硬件设施有其固有的缺点,就是整个***缺一不可,需要刷卡机、学校给家长发放的卡、电脑。如果上述有一个条件不具备,或者,在停电情况下,会无法保障***正常工作,从而无法保障学生的安全。而且,正常情况下,针对一个孩子,家长照片和卡必须准备多个,以备家庭中有其他家长临时接送孩子使用,不具有灵活性。此外,这样的方法并不是完全没有漏洞的,犯罪分子依然可以在卡和照片上做文章,这样,孩子的安全依然无法得到保障。The above methods mainly rely on hardware facilities for security purposes. However, hardware facilities have their inherent shortcomings, that is, the entire system is indispensable, requiring a credit card machine, a card issued by the school to parents, and a computer. If one of the above conditions is not available, or in the event of a power outage, the system will not be able to work properly and the student's safety will not be guaranteed. Moreover, under normal circumstances, for a child, parents photos and cards must be prepared in order to have other parents in the family to temporarily pick up the child for use, without flexibility. In addition, such a method is not completely flawless, and criminals can still make a fuss about cards and photos, so that the safety of children is still not guaranteed.
发明内容Summary of the invention
以下是对本文详细描述的主题的概述。本概述并非是为了限制权利要求 的保护范围。The following is an overview of the topics detailed in this document. This summary is not intended to limit the claims The scope of protection.
本发明实施例提供了一种老师、家长移动终端及家长身份验证的方法,能够克服现有技术中通过硬件设施来避免学校的孩子被坏人领走存在的漏洞和局限性。The embodiments of the present invention provide a teacher, a parent mobile terminal, and a method for parental identity verification, which can overcome the loopholes and limitations of the prior art to prevent the children of the school from being taken away by the bad guys through hardware facilities.
本发明实施例提供了一种家长身份验证的方法,应用于老师移动终端,包括:The embodiment of the invention provides a method for parental identity verification, which is applied to a teacher mobile terminal, and includes:
对每个学生生成对应的原始动态码,每个所述原始动态码对应该学生的学生动态锁,所述学生动态锁包括:该学生对应的家长、每个所述家长对应的公钥;Generating a corresponding original dynamic code for each student, each of the original dynamic codes corresponding to a student's dynamic lock of the student, the student dynamic lock comprising: a parent corresponding to the student, and a public key corresponding to each of the parents;
对所述原始动态码进行加密,得到加密动态码;Encrypting the original dynamic code to obtain an encrypted dynamic code;
将所述加密动态码发送给家长移动终端;Transmitting the encrypted dynamic code to the parent mobile terminal;
将选择接收所述加密动态码的家长移动终端作为接送家长移动终端,接收所述接送家长移动终端发送的动态码,所述动态码由所述接送家长移动终端通过接送家长对应的公钥对所述加密动态码进行解密得到;The parent mobile terminal that selects the encrypted dynamic code is selected as the pick-up parent mobile terminal, and receives the dynamic code sent by the pick-up parent mobile terminal, and the dynamic code is used by the pick-up parent mobile terminal to pick up the public key pair corresponding to the parent. Decrypting the dynamic code for decryption;
调用所述学生动态锁对所述动态码进行鉴权,若所述动态码与所述原始动态码一致,则认定所述接送家长的动态码通过验证;若所述动态码与所述原始动态码不一致,则认定所述接送家长的动态码验证不通过。Invoking the student dynamic lock to authenticate the dynamic code, if the dynamic code is consistent with the original dynamic code, determining that the dynamic code of the shuttle parent passes verification; if the dynamic code and the original dynamic If the codes are inconsistent, it is determined that the dynamic code verification of the transfer parent does not pass.
可选地,所述将选择接收所述加密动态码的家长移动终端作为接送家长移动终端之后,上述方法还包括:Optionally, after the parent mobile terminal that selects the encrypted dynamic code is selected as the parent mobile terminal, the method further includes:
接收所述接送家长移动终端发送的接送家长对应的私钥,并根据学生动态锁对所述私钥进行鉴权。Receiving the private key corresponding to the pick-up parent sent by the pick-up parent mobile terminal, and authenticating the private key according to the student dynamic lock.
可选地,所述对每个学生生成对应的动态码之前,上述方法还包括:Optionally, before the generating the corresponding dynamic code for each student, the foregoing method further includes:
在服务器提供的选择身份界面上选择老师身份进入所述服务器,并在所述服务器上保存所述每个学生的学生信息及每个学生对应的家长信息。Selecting a teacher identity to enter the server on the selective identity interface provided by the server, and storing the student information of each student and the parent information corresponding to each student on the server.
本发明实施例还提供了一种老师移动终端,包括:The embodiment of the invention further provides a teacher mobile terminal, comprising:
动态码生成模块,设置为对每个学生生成对应的原始动态码,其中,每个所述原始动态码对应该学生的学生动态锁,所述学生动态锁包括:该学生 对应的家长、每个所述家长对应的公钥;a dynamic code generating module, configured to generate a corresponding original dynamic code for each student, wherein each of the original dynamic codes corresponds to a student's student dynamic lock, and the student dynamic lock includes: the student Corresponding parents, the public key corresponding to each of the parents;
动态码加密模块,设置为对所述原始动态码进行加密,得到加密动态码;a dynamic code encryption module, configured to encrypt the original dynamic code to obtain an encrypted dynamic code;
通信设置模块,设置为:将所述加密动态码发送给家长移动终端;将选择接收所述加密动态码的家长移动终端作为接送家长移动终端,接收所述接送家长移动终端发送的动态码,其中,所述动态码由所述接送家长移动终端通过接送家长对应的公钥对所述加密动态码进行解密得到;The communication setting module is configured to: send the encrypted dynamic code to the parent mobile terminal; use the parent mobile terminal that selects the encrypted dynamic code as the pick-up parent mobile terminal, and receive the dynamic code sent by the pick-up parent mobile terminal, where The dynamic code is obtained by decrypting the encrypted dynamic code by the shuttle parent mobile terminal by using a public key corresponding to the parent;
鉴权模块,设置为:调用所述学生动态锁对所述动态码进行鉴权;若所述动态码与所述原始动态码一致,则认定所述接送家长的动态码通过验证;若所述动态码与所述原始动态码不一致,则认定所述接送家长的动态码验证不通过。The authentication module is configured to: invoke the student dynamic lock to authenticate the dynamic code; if the dynamic code is consistent with the original dynamic code, determine that the dynamic code of the shuttle parent passes verification; If the dynamic code is inconsistent with the original dynamic code, it is determined that the dynamic code verification of the shuttle parent does not pass.
可选地,所述通信设置模块还设置为接收所述接送家长移动终端发送的接送家长对应的私钥;所述鉴权模块还设置为根据学生动态锁对所述私钥进行鉴权。Optionally, the communication setting module is further configured to receive a private key corresponding to the pick-up parent sent by the pick-up parent mobile terminal; the authentication module is further configured to authenticate the private key according to the student dynamic lock.
可选地,所述老师移动终端还包括:Optionally, the teacher mobile terminal further includes:
初始化模块,设置为:在服务器提供的选择身份界面上选择老师身份进入所述服务器,并在所述服务器上保存所述每个学生的学生信息及每个学生对应的家长信息。The initialization module is configured to: select a teacher identity to enter the server on the selective identity interface provided by the server, and save the student information of each student and the parent information corresponding to each student on the server.
本发明实施例还提供了一种家长身份验证的方法,应用于家长移动终端,包括:The embodiment of the invention further provides a method for parental identity verification, which is applied to a parent mobile terminal, and includes:
设置主家长移动终端或其副家长移动终端作为接收老师移动终端发送的加密动态码的移动终端;Setting a primary parent mobile terminal or a secondary parent mobile terminal as a mobile terminal that receives an encrypted dynamic code sent by the teacher mobile terminal;
若选择主家长移动终端,则向服务器发出更新信息,所述更新信息使得所述服务器将主家长对应学生的学生动态锁进行更新,更新后的所述学生动态锁包括该加密动态码和主家长对应的公钥;If the primary parent mobile terminal is selected, sending update information to the server, the update information causing the server to update the student dynamic lock of the primary parent corresponding student, and the updated student dynamic lock includes the encrypted dynamic code and the primary parent Corresponding public key;
根据主家长对应的公钥对所述加密动态码进行解密得到动态码,并对主家长对应的私钥进行解密;Decrypting the encrypted dynamic code according to the public key corresponding to the primary parent to obtain a dynamic code, and decrypting the private key corresponding to the primary parent;
向所述老师移动终端发送所述动态码和所述私钥,使得老师移动终端根据所述学生动态锁对所述动态码和所述私钥进行鉴权,验证所述主家长身份 是否合法。Transmitting the dynamic code and the private key to the teacher mobile terminal, so that the teacher mobile terminal authenticates the dynamic code and the private key according to the student dynamic lock, and verifies the primary parent identity is it legal.
可选地,所述设置主家长移动终端或其副家长移动终端作为接收老师移动终端发送的加密动态码的移动终端之后,上述方法还包括:Optionally, after the setting the primary parent mobile terminal or the secondary parent mobile terminal as the mobile terminal that receives the encrypted dynamic code sent by the teacher mobile terminal, the method further includes:
若选择副家长移动终端,则向服务器发出更新信息,所述更新信息使得所述服务器将副家长对应学生的学生动态锁进行更新,更新后的所述学生动态锁包括该加密动态码和副家长对应的公钥;If the secondary parent mobile terminal is selected, sending update information to the server, the update information causing the server to update the student dynamic lock of the secondary parent corresponding student, and the updated student dynamic lock includes the encrypted dynamic code and the secondary parent Corresponding public key;
根据副家长对应的公钥对所述加密动态码进行解密得到动态码,并对副家长对应的私钥进行解密;Decrypting the encrypted dynamic code according to the public key corresponding to the secondary parent to obtain a dynamic code, and decrypting the private key corresponding to the secondary parent;
向所述老师移动终端发送所述动态码和所述私钥,使得老师移动终端根据所述学生动态锁对所述动态码和所述私钥进行鉴权,验证所述副家长身份是否合法。Sending the dynamic code and the private key to the teacher mobile terminal, so that the teacher mobile terminal authenticates the dynamic code and the private key according to the student dynamic lock, and verifies whether the secondary parent identity is legal.
本发明实施例还提供了一种家长移动终端,包括:The embodiment of the invention further provides a parent mobile terminal, comprising:
通信设置模块,设置为:设置主家长移动终端或其副家长移动终端作为接收老师移动终端发送的加密动态码的移动终端;若选择主家长移动终端,则向服务器发出更新信息,所述更新信息使得所述服务器将主家长对应学生的学生动态锁进行更新,更新后的所述学生动态锁包括该加密动态码和主家长对应的公钥;The communication setting module is configured to: set the primary parent mobile terminal or the secondary parent mobile terminal as the mobile terminal that receives the encrypted dynamic code sent by the teacher mobile terminal; if the primary parent mobile terminal is selected, send the update information to the server, the update information And causing the server to update the student dynamic lock of the primary parent corresponding student, and the updated student dynamic lock includes the encrypted dynamic code and a public key corresponding to the primary parent;
解密模块,设置为:根据主家长对应的公钥对所述加密动态码进行解密得到动态码,并对主家长对应的私钥进行解密;The decryption module is configured to: decrypt the encrypted dynamic code according to the public key corresponding to the primary parent to obtain a dynamic code, and decrypt the private key corresponding to the primary parent;
通信设置模块,还设置为:向所述老师移动终端发送所述动态码和所述私钥,使得老师移动终端根据所述学生动态锁对所述动态码和所述私钥进行鉴权,验证所述主家长身份是否合法。The communication setting module is further configured to: send the dynamic code and the private key to the teacher mobile terminal, so that the teacher mobile terminal authenticates the dynamic code and the private key according to the student dynamic lock, and verifies Whether the primary parent status is legal.
可选地,Optionally,
所述通信设置模块还设置为:若选择副家长移动终端,则向服务器发出更新信息,所述更新信息使得所述服务器将副家长对应学生的学生动态锁进行更新,更新后的所述学生动态锁包括该加密动态码和副家长对应的公钥;The communication setting module is further configured to: if the secondary parent mobile terminal is selected, send update information to the server, the update information causing the server to update the student dynamic lock of the secondary parent corresponding student, and the updated student dynamic The lock includes the encrypted dynamic code and a public key corresponding to the secondary parent;
所述解密模块还设置为:根据副家长对应的公钥对所述加密动态码进行解密得到动态码,并对副家长对应的私钥进行解密; The decryption module is further configured to: decrypt the encrypted dynamic code according to a public key corresponding to the secondary parent to obtain a dynamic code, and decrypt the private key corresponding to the secondary parent;
所述通信设置模块还设置为:向所述老师移动终端发送所述动态码和所述私钥,使得老师移动终端根据所述学生动态锁对所述动态码和所述私钥进行鉴权,验证所述副家长身份是否合法。The communication setting module is further configured to: send the dynamic code and the private key to the teacher mobile terminal, so that the teacher mobile terminal authenticates the dynamic code and the private key according to the student dynamic lock, Verify that the secondary parent status is legal.
此外,本发明实施例还提供一种家长身份验证的方法,应用于家长移动终端,所述方法包括:In addition, the embodiment of the present invention further provides a method for parental identity verification, which is applied to a parent mobile terminal, and the method includes:
当所述家长移动终端作为接收老师移动终端发送的加密动态码的移动终端,在接收到该加密动态码后,向服务器发出更新信息,其中,所述更新信息使得所述服务器将家长对应学生的学生动态锁进行更新,更新后的所述学生动态锁包括该加密动态码和该家长对应的公钥;When the parent mobile terminal serves as the mobile terminal that receives the encrypted dynamic code sent by the teacher mobile terminal, after receiving the encrypted dynamic code, sends update information to the server, wherein the update information causes the server to correspond to the parent The student dynamic lock is updated, and the updated student dynamic lock includes the encrypted dynamic code and the public key corresponding to the parent;
根据该家长对应的公钥对所述加密动态码进行解密得到动态码;Decrypting the encrypted dynamic code according to the public key corresponding to the parent to obtain a dynamic code;
向所述老师移动终端发送所述动态码,使得老师移动终端根据所述学生动态锁对所述动态码进行鉴权,以验证所述家长身份是否合法。Sending the dynamic code to the teacher mobile terminal, so that the teacher mobile terminal authenticates the dynamic code according to the student dynamic lock to verify whether the parent identity is legal.
可选地,当所述家长移动终端为主家长移动终端时,上述方法还包括:设置主家长移动终端或其副家长移动终端作为接收老师移动终端发送的加密动态码的移动终端。Optionally, when the parent mobile terminal is the primary parent mobile terminal, the method further includes: setting the primary parent mobile terminal or the secondary parent mobile terminal as the mobile terminal that receives the encrypted dynamic code sent by the teacher mobile terminal.
可选地,上述方法还包括:对所述家长对应的私钥进行解密,向所述老师移动终端发送所述私钥,使得所述老师移动终端根据所述学生动态锁对所述私钥进行鉴权,以验证所述家长身份是否合法。Optionally, the method further includes: decrypting a private key corresponding to the parent, and sending the private key to the teacher mobile terminal, so that the teacher mobile terminal performs the private key according to the student dynamic lock. Authentication to verify that the parental status is legal.
此外,本发明实施例还提供一种家长移动终端,包括:无线通信单元以及处理器,In addition, an embodiment of the present invention further provides a parent mobile terminal, including: a wireless communication unit and a processor,
所述无线通信单元设置为:当所述家长移动终端作为接收老师移动终端发送的加密动态码的移动终端,在接收到该加密动态码后,向服务器发出更新信息,其中,所述更新信息使得所述服务器将家长对应学生的学生动态锁进行更新,更新后的所述学生动态锁包括该加密动态码和该家长对应的公钥;The wireless communication unit is configured to: when the parent mobile terminal receives the encrypted dynamic code as the mobile terminal that receives the encrypted dynamic code sent by the teacher mobile terminal, the update information is sent to the server, wherein the update information is The server updates the student dynamic lock of the parent corresponding student, and the updated student dynamic lock includes the encrypted dynamic code and the public key corresponding to the parent;
所述处理器设置为:根据该家长对应的公钥对所述加密动态码进行解密得到动态码;The processor is configured to: decrypt the encrypted dynamic code according to the public key corresponding to the parent to obtain a dynamic code;
所述无线通信单元还设置为:向所述老师移动终端发送所述动态码,使得老师移动终端根据所述学生动态锁对所述动态码进行鉴权,以验证所述家 长身份是否合法。The wireless communication unit is further configured to: send the dynamic code to the teacher mobile terminal, so that the teacher mobile terminal authenticates the dynamic code according to the student dynamic lock to verify the home Whether long status is legal.
此外,本发明实施例还提供一种老师移动终端,包括:无线通信单元以及处理器,In addition, an embodiment of the present invention further provides a teacher mobile terminal, including: a wireless communication unit and a processor,
所述处理器设置为:对每个学生生成对应的原始动态码,其中,每个所述原始动态码对应该学生的学生动态锁,所述学生动态锁包括:该学生对应的家长、每个所述家长对应的公钥;对所述原始动态码进行加密,得到加密动态码;The processor is configured to generate a corresponding original dynamic code for each student, wherein each of the original dynamic codes corresponds to a student dynamic lock of a student, and the student dynamic lock includes: a parent corresponding to the student, each a public key corresponding to the parent; encrypting the original dynamic code to obtain an encrypted dynamic code;
所述无线通信单元设置为:将所述加密动态码发送给家长移动终端;将选择接收所述加密动态码的家长移动终端作为接送家长移动终端,接收所述接送家长移动终端发送的动态码,其中,所述动态码由所述接送家长移动终端通过接送家长对应的公钥对所述加密动态码进行解密得到;The wireless communication unit is configured to: send the encrypted dynamic code to the parent mobile terminal; use the parent mobile terminal that selects to receive the encrypted dynamic code as the pick-up parent mobile terminal, and receive the dynamic code sent by the pick-up parent mobile terminal, The dynamic code is obtained by decrypting the encrypted dynamic code by the shuttle parent mobile terminal by using a public key corresponding to the parent;
所述处理器还设置为:调用所述学生动态锁对所述动态码进行鉴权;若所述动态码与所述原始动态码一致,则认定所述接送家长的动态码通过验证;若所述动态码与所述原始动态码不一致,则认定所述接送家长的动态码验证不通过。The processor is further configured to: invoke the student dynamic lock to authenticate the dynamic code; if the dynamic code is consistent with the original dynamic code, determine that the dynamic code of the shuttle parent passes verification; If the dynamic code is inconsistent with the original dynamic code, it is determined that the dynamic code verification of the shuttle parent does not pass.
此外,本发明实施例还提供一种计算机可读存储介质,存储有计算机可执行指令,所述计算机可执行指令被执行时实现应用于老师移动终端的家长身份验证的方法。In addition, an embodiment of the present invention further provides a computer readable storage medium storing computer executable instructions that implement a method for parental authentication applied to a teacher mobile terminal when the computer executable instructions are executed.
此外,本发明实施例还提供一种计算机可读存储介质,存储有计算机可执行指令,所述计算机可执行指令被执行时实现应用于家长移动终端的家长身份验证的方法。In addition, an embodiment of the present invention further provides a computer readable storage medium storing computer executable instructions that implement a method for parental authentication applied to a parent mobile terminal when the computer executable instructions are executed.
本发明实施例的有益效果是:本发明实施例的家长身份验证的方法能够确保安全性,对每个接送家长都会进行身份验证,并且进行验证的加密动态码不仅加密而且每天更新,提供了双重保障。而且,本发明实施例可以适用于随时选择家庭中其他成员接送孩子的情况,无需担心鉴权问题,更加生活化、人性化、安全化。The beneficial effects of the embodiments of the present invention are: the method for parental identity verification in the embodiment of the present invention can ensure security, and the authentication is performed for each parent to be authenticated, and the encrypted dynamic code for verification is not only encrypted but also updated every day, providing a double Guarantee. Moreover, the embodiment of the present invention can be applied to the situation that other members of the family pick up and drop off children at any time, without worrying about the authentication problem, and is more life-oriented, humanized, and secure.
在阅读并理解了附图和详细描述后,可以明白其他方面。 Other aspects will be apparent upon reading and understanding the drawings and detailed description.
附图概述BRIEF abstract
图1表示本发明实施例提供的应用于老师移动终端的家长身份验证的方法的流程图;FIG. 1 is a flowchart of a method for parental identity verification applied to a teacher mobile terminal according to an embodiment of the present invention;
图2表示本发明实施例提供的老师移动终端的构成图;2 is a structural diagram of a teacher mobile terminal according to an embodiment of the present invention;
图3表示本发明实施例提供的应用于家长移动终端的家长身份验证的方法的流程图;3 is a flowchart of a method for parental identity verification applied to a parent mobile terminal according to an embodiment of the present invention;
图4表示本发明实施例提供的家长移动终端的构成图;4 is a structural diagram of a parent mobile terminal according to an embodiment of the present invention;
图5表示本发明实施例中的服务器保存学生信息、家长公钥及学生动态锁的示意图;FIG. 5 is a schematic diagram of a server for storing student information, a parent public key, and a student dynamic lock in the embodiment of the present invention; FIG.
图6表示本发明实施例中的服务器提供的身份选择界面的示意图;6 is a schematic diagram showing an identity selection interface provided by a server in an embodiment of the present invention;
图7表示本发明实施例中主、副家长移动终端与老师移动终端的交互流程示意图;FIG. 7 is a schematic diagram showing the interaction process between the mobile terminal of the primary and secondary parents and the mobile terminal of the teacher in the embodiment of the present invention; FIG.
图8表示本发明实施例中对动态码进行鉴权的流程示意图;FIG. 8 is a schematic flowchart showing the process of authenticating a dynamic code in the embodiment of the present invention;
图9表示本发明实施例中主、副家长移动终端与老师移动终端的交互示意图;FIG. 9 is a schematic diagram showing interaction between a mobile terminal of a primary and secondary parent and a mobile terminal of a teacher in an embodiment of the present invention; FIG.
图10表示本发明实施例中家长身份验证的方法的详细流程示意图一;FIG. 10 is a first schematic flowchart 1 showing a method for parental identity verification according to an embodiment of the present invention; FIG.
图11表示本发明实施例中家长身份验证的方法的详细流程示意图二。FIG. 11 is a second schematic diagram showing the flow of the method for parental authentication in the embodiment of the present invention.
本发明的实施方式Embodiments of the invention
下面将结合附图及具体实施例对本申请进行详细描述。The present application will be described in detail below with reference to the accompanying drawings and specific embodiments.
实施例一Embodiment 1
参照图1所示,本发明实施例提供的一种家长身份验证的方法,应用于老师移动终端,该方法包括以下步骤:Referring to FIG. 1 , a method for parental identity verification provided by an embodiment of the present invention is applied to a teacher mobile terminal, and the method includes the following steps:
步骤101:对每个学生生成对应的原始动态码,其中,每个原始动态码对应该学生的学生动态锁,学生动态锁包括:该学生对应的家长、每个家长对应的公钥。具体而言,根据学生的数量生成每个学生对应的原始动态码。Step 101: Generate a corresponding original dynamic code for each student, wherein each original dynamic code corresponds to a student's dynamic lock of the student, and the student dynamic lock includes: a parent corresponding to the student, and a public key corresponding to each parent. Specifically, the original dynamic code corresponding to each student is generated according to the number of students.
步骤102:对原始动态码进行加密,得到加密动态码。为了防止原始动 态码在传输的过程中被篡改,原始动态码按照一定的算法进行加密。Step 102: Encrypt the original dynamic code to obtain an encrypted dynamic code. In order to prevent original movement The state code is tampered with during the transmission process, and the original dynamic code is encrypted according to a certain algorithm.
步骤103:将加密动态码发送给家长移动终端。Step 103: Send the encrypted dynamic code to the parent mobile terminal.
步骤104:将选择接收加密动态码的家长移动终端作为接送家长移动终端,接收接送家长移动终端发送的动态码,其中,动态码由接送家长移动终端通过接送家长对应的公钥对加密动态码进行解密得到。接送家长移动终端(即接送学生的家长的移动终端)选择接收加密动态码,然后,老师移动终端接收接送家长移动终端根据加密动态码解密得到的动态码。Step 104: The parent mobile terminal that selects to receive the encrypted dynamic code is used as the pick-up parent mobile terminal, and receives the dynamic code sent by the parent mobile terminal, wherein the dynamic code is sent by the parent mobile terminal to the encrypted dynamic code by using the public key corresponding to the parent. Decrypted. The parent mobile terminal (ie, the mobile terminal of the parent who picks up the student) is selected to receive the encrypted dynamic code, and then the teacher mobile terminal receives the dynamic code obtained by the parent mobile terminal decrypting according to the encrypted dynamic code.
步骤105:调用学生动态锁对动态码进行鉴权,若动态码与原始动态码一致,则认定接送家长的动态码通过验证;若动态码与原始动态码不一致,则认定接送家长的动态码验证不通过。具体而言,将与原始动态码唯一对应的学生动态锁与动态码进行比较,判断动态码与原始动态码是否一致;若一致,则认定接送家长的动态码通过验证。Step 105: Invoke the student dynamic lock to authenticate the dynamic code. If the dynamic code is consistent with the original dynamic code, it is determined that the dynamic code of the parent is verified; if the dynamic code is inconsistent with the original dynamic code, the dynamic code verification of the parent is determined. Fail. Specifically, the student dynamic lock uniquely corresponding to the original dynamic code is compared with the dynamic code to determine whether the dynamic code is consistent with the original dynamic code; if they are consistent, the dynamic code of the pick-up parent is determined to pass the verification.
本发明实施例提供的家长身份验证的方法能够确保安全性,会对每个接送家长进行身份验证,并且对进行验证的加密动态码进行了加密保障。另外,本发明实施例提供的方法可以适用于随时选择家庭中其他成员接送孩子的情况,而不必担心鉴权问题,更加生活化、人性化、安全化。The method for parental authentication provided by the embodiment of the invention can ensure security, authenticate each parent to be authenticated, and encrypt the encrypted dynamic code for verification. In addition, the method provided by the embodiment of the present invention can be applied to the situation that other members in the family can pick up and drop children at any time without worrying about the authentication problem, and is more life-oriented, humanized, and secure.
实施例二Embodiment 2
本实施例与实施例一的区别在于:在本实施例中,在步骤104之后,本实施例提供的家长身份验证的方法还包括:接收接送家长移动终端发送的接送家长对应的私钥,并根据学生动态锁对私钥进行鉴权。The difference between the embodiment and the first embodiment is that, in the embodiment, after the step 104, the method for the parental authentication provided by the embodiment further includes: receiving a private key corresponding to the shuttle parent sent by the parent mobile terminal, and The private key is authenticated according to the student dynamic lock.
具体而言,选择接收加密动态码的家长移动终端作为接送学生时进行鉴权验证的接送家长移动终端,老师移动终端接收接送家长移动终端发送的接送家长对应的私钥,并根据学生动态锁对私钥进行鉴权,来进一步保证接送家长的合法性。Specifically, the parent mobile terminal that receives the encrypted dynamic code is selected as the pick-up parent mobile terminal that performs authentication verification when the student picks up the student, and the teacher mobile terminal receives the private key corresponding to the pick-up parent sent by the parent mobile terminal, and according to the student dynamic lock pair The private key is authenticated to further ensure the legitimacy of the parents.
在本发明实施例中,可以事先将每个学生以及学生家长的信息保存在学生信息***中,并保存每个家长对应的公钥信息。也可以事先只保存每个学生及主家长的信息和公钥,其他副家长的信息和公钥由主家长后续自己添加。本发明实施例中的公钥生成和私钥解密以及动态码解密都事先约定好相应算 法,本发明实施例不对算法进行限制。In the embodiment of the present invention, the information of each student and the parent of the student may be saved in the student information system in advance, and the public key information corresponding to each parent is saved. It is also possible to save only the information and public key of each student and the parent parent in advance, and the information and public key of the other parent parents are added by the parent parent. In the embodiment of the present invention, public key generation, private key decryption, and dynamic code decryption are all agreed in advance. The method in the present invention does not limit the algorithm.
实施例三Embodiment 3
本实施例与实施例一的区别在于:在本实施例中,在步骤101之前,本实施例提供的家长身份验证的方法还包括:在服务器提供的选择身份界面上选择老师身份进入服务器,并在服务器上保存每个学生的学生信息及每个学生对应的家长信息。The difference between the embodiment and the first embodiment is that, in the embodiment, before the step 101, the method for the parental authentication provided by the embodiment further includes: selecting a teacher identity to enter the server on the selected identity interface provided by the server, and The student information of each student and the parent information corresponding to each student are saved on the server.
具体而言,老师可以通过老师移动终端将每个学生的学生信息及每个学生对应的家长信息保存在服务器上。Specifically, the teacher can save the student information of each student and the parent information corresponding to each student on the server through the teacher mobile terminal.
参照图5所示,该服务器上保存有:学生家庭信息、家长公钥信息以及学生动态锁,三张表通过学生的唯一标识号(ID,Identification)标识和关联。其中,可以由老师方预先设定好每个学生的信息以及学生的家长信息,同时也可以在使用过程中由主家长方进行更新。家长公钥信息由每个学生的家长提供,采用***公用的一种加密算法进行加密后保存。学生动态锁中的数据是动态变化的,动态码由老师移动终端每天动态生成和加密,动态公钥是根据家长的选择而动态提取的。Referring to FIG. 5, the server stores: student family information, parent public key information, and student dynamic lock. The three tables are identified and associated by the student's unique identification number (ID, Identification). Among them, the information of each student and the parent information of the student can be pre-set by the teacher, and can also be updated by the parent parent during use. Parent public key information is provided by each student's parents, and is encrypted and stored using an encryption algorithm common to the system. The data in the student dynamic lock is dynamically changed. The dynamic code is dynamically generated and encrypted by the teacher mobile terminal every day. The dynamic public key is dynamically extracted according to the parent's choice.
参照图6所示,图6所示为服务器提供的身份选择界面的示意图,身份选择界面是服务器为老师、主家长及副家长提供的***入口,老师通过老师移动终端选择图6所示界面中的“老师”后进入老师方***。学生家长通过家长移动终端进入身份选择界面后,首先需要输入孩子的姓名等相关信息,之后,界面显示家长选项,通常情况下,包括:孩子的母亲、父亲、爷爷、奶奶、外公、外婆等,家长选择对应的身份后,还需要确定该身份为主家长还是副家长。若家长通过家长移动终端选择主家长后,则进入主家长***,若选择副家长后,则进入副家长***。该身份选择一旦完成,后台会将信息同步到服务器中。Referring to FIG. 6, FIG. 6 is a schematic diagram of an identity selection interface provided by a server. The identity selection interface is a system portal provided by the server for the teacher, the primary parent, and the secondary parent. The teacher selects the interface shown in FIG. 6 through the teacher mobile terminal. After the "teacher" enters the teacher's side system. After the parents enter the identity selection interface through the parent mobile terminal, they first need to input the child's name and other related information. After that, the interface displays the parent option, which usually includes: the child's mother, father, grandfather, grandmother, grandfather, grandmother, etc. After the parent chooses the corresponding identity, it is also necessary to determine whether the identity is the primary parent or the deputy parent. If the parent selects the primary parent through the parent mobile terminal, he or she enters the primary parent system, and if the secondary parent is selected, the secondary parental system is entered. Once the identity selection is complete, the background synchronizes the information to the server.
服务器维护了所有学生的信息,包括学生的姓名、每个学生的相关家长、相关家长的公钥信息,并且保存了老师移动终端传输过来的每天每个学生加密的动态码信息和当天将要来接学生的家长的公钥信息。The server maintains information about all students, including the student's name, the relevant parent of each student, the public key information of the relevant parent, and saves the dynamic code information encrypted by each student transmitted by the teacher's mobile terminal every day. The public key information of the student's parents.
实施例四 Embodiment 4
参照图2所示,本实施例提供了一种老师移动终端,包括:Referring to FIG. 2, the embodiment provides a teacher mobile terminal, including:
动态码生成模块201,设置为对每个学生生成对应的原始动态码,其中,每个原始动态码对应该学生的学生动态锁,学生动态锁包括:该学生对应的家长以及每个家长对应的公钥;The dynamic code generating module 201 is configured to generate a corresponding original dynamic code for each student, wherein each original dynamic code corresponds to a student dynamic lock of the student, and the student dynamic lock includes: a parent corresponding to the student and a corresponding parent Public key
动态码加密模块202,设置为对原始动态码进行加密,得到加密动态码;The dynamic code encryption module 202 is configured to encrypt the original dynamic code to obtain an encrypted dynamic code.
通信设置模块203,设置为:将加密动态码发送给家长移动终端;将选择接收加密动态码的家长移动终端作为接送家长移动终端,接收接送家长移动终端发送的动态码,其中,动态码由接送家长移动终端通过接送家长对应的公钥对加密动态码进行解密得到;The communication setting module 203 is configured to: send the encrypted dynamic code to the parent mobile terminal; use the parent mobile terminal that selects to receive the encrypted dynamic code as the pick-up parent mobile terminal, and receive the dynamic code sent by the parent mobile terminal, wherein the dynamic code is sent and received. The parent mobile terminal decrypts the encrypted dynamic code by picking up the parent's corresponding public key;
鉴权模块204,设置为:调用学生动态锁对动态码进行鉴权,若动态码与原始动态码一致,则认定接送家长的动态码通过验证;若动态码与原始动态码不一致,则认定接送家长的动态码验证不通过。The authentication module 204 is configured to: invoke the student dynamic lock to authenticate the dynamic code. If the dynamic code is consistent with the original dynamic code, it is determined that the dynamic code of the parent is verified; if the dynamic code is inconsistent with the original dynamic code, the transfer is determined. The parent's dynamic code verification failed.
其中,动态码生成模块随机生成的原始动态码的个数与学生个数相同。为了孩子的安全,该动态码生成需要约定更换的频率。动态码加密模块将随机生成的原始动态码按照一定的加密算法进行加密,避免在传输过程中被篡改。加密之前的原始动态码被***统一存放在学生信息***的数据库中。在家长接走学生进行验证身份时,鉴权模块根据学生信息***中保存的每个学生最后的动态锁信息验证接走学生的家长的身份是否合法。The number of original dynamic codes randomly generated by the dynamic code generating module is the same as the number of students. For the safety of the child, the dynamic code generation needs to agree on the frequency of replacement. The dynamic code encryption module encrypts the randomly generated original dynamic code according to a certain encryption algorithm to avoid being tampered with during transmission. The original dynamic code before encryption is stored in the database of the student information system by the system. When the parent picks up the student for verification, the authentication module verifies whether the identity of the parent who picks up the student is legal according to the last dynamic lock information of each student saved in the student information system.
实施例五Embodiment 5
本实施例与实施例四的区别在于:在本实施例中,为了保证家长验证的可靠性,鉴权模块还设置为:接收接送家长移动终端发送的接送家长对应的私钥,并根据学生动态锁对私钥进行鉴权,来判断接送家长的身份是否合法。The difference between this embodiment and the fourth embodiment is that, in this embodiment, in order to ensure the reliability of the parent verification, the authentication module is further configured to: receive the private key corresponding to the shuttle parent sent by the parent mobile terminal, and according to the student dynamic The lock authenticates the private key to determine whether the identity of the pick-up parent is legal.
实施例六Embodiment 6
本实施例与实施例四的区别在于:在本实施例中,老师移动终端还包括:初始化模块,设置为:在服务器提供的选择身份界面上选择老师身份进入服务器,并在服务器上保存每个学生的学生信息及每个学生对应的家长信息。具体而言,初始化模块即老师移动终端的录入模块,将学生信息及学生对应的家长信息初始化录入服务器中。 The difference between this embodiment and the fourth embodiment is that, in the embodiment, the teacher mobile terminal further includes: an initialization module, configured to: select a teacher identity to enter the server on the selected identity interface provided by the server, and save each on the server. Student information and student-specific parent information. Specifically, the initialization module, that is, the entry module of the teacher mobile terminal, initializes the student information and the parent information corresponding to the student into the server.
实施例七Example 7
参照图3所示,本发明实施例提供了一种家长身份验证的方法,应用于家长移动终端,包括:Referring to FIG. 3, an embodiment of the present invention provides a method for parental identity verification, which is applied to a parent mobile terminal, including:
步骤301:主家长移动终端设置主家长移动终端或其副家长移动终端作为接收老师移动终端发送的加密动态码的移动终端。具体而言,主家长可以通过主家长移动终端选择不同的家庭成员作为接送孩子的人选,以使得对应的移动终端可以从老师移动终端接收加密动态码进行身份验证。Step 301: The primary parent mobile terminal sets the primary parent mobile terminal or its secondary parent mobile terminal as the mobile terminal that receives the encrypted dynamic code sent by the teacher mobile terminal. Specifically, the primary parent may select a different family member as the candidate for picking up the child through the primary parent mobile terminal, so that the corresponding mobile terminal can receive the encrypted dynamic code from the teacher mobile terminal for identity verification.
步骤302:若选择主家长移动终端,则主家长移动终端向服务器发出更新信息,其中,更新信息使得服务器将主家长对应学生的学生动态锁进行更新,更新后的学生动态锁包括该加密动态码和主家长对应的公钥。具体而言,当选择主家长移动终端对应的主家长作为接送孩子的家长时,服务器将该学生的学生动态锁更新为包括该加密动态码和主家长对应的公钥,以便主家长移动终端调用主家长对应的公钥。Step 302: If the primary parent mobile terminal is selected, the primary parent mobile terminal sends update information to the server, wherein the update information causes the server to update the student dynamic lock of the primary parent corresponding student, and the updated student dynamic lock includes the encrypted dynamic code. The public key corresponding to the primary parent. Specifically, when the primary parent corresponding to the primary parent mobile terminal is selected as the parent who picks up the child, the server updates the student dynamic lock of the student to include the encrypted dynamic code and the public key corresponding to the primary parent, so that the primary parent mobile terminal invokes The public key corresponding to the primary parent.
步骤303:主家长移动终端根据主家长对应的公钥对加密动态码进行解密得到动态码,并对主家长对应的私钥进行解密,供老师移动终端对动态码及主家长移动终端的私钥进行鉴权。Step 303: The primary parent mobile terminal decrypts the encrypted dynamic code according to the public key corresponding to the primary parent to obtain a dynamic code, and decrypts the private key corresponding to the primary parent, and provides the teacher mobile terminal with the dynamic code and the private key of the primary parent mobile terminal. Perform authentication.
步骤304:主家长移动终端向老师移动终端发送动态码和私钥,使得老师移动终端根据学生动态锁对动态码和所述私钥进行鉴权,验证主家长身份是否合法。Step 304: The primary parent mobile terminal sends the dynamic code and the private key to the teacher mobile terminal, so that the teacher mobile terminal authenticates the dynamic code and the private key according to the student dynamic lock, and verifies whether the primary parent identity is legal.
实施例八Example eight
本实施例与实施例七的区别在于:在本实施例中,在步骤301之后,本实施例提供的家长身份验证的方法还包括:若选择副家长移动终端,则副家长移动终端向服务器发出更新信息,其中,更新信息使得服务器将副家长对应学生的学生动态锁进行更新,更新后的学生动态锁包括该加密动态码和副家长对应的公钥;副家长移动终端对加密动态码进行解密得到动态码,并对副家长对应的私钥进行解密;副家长移动终端向老师移动终端发送动态码和所述私钥,使得老师移动终端根据所述学生动态锁对动态码和私钥进行鉴权,验证所述副家长身份是否合法。 The difference between the embodiment and the seventh embodiment is that, in the embodiment, after the step 301, the method for parental authentication provided by the embodiment further includes: if the secondary parent mobile terminal is selected, the secondary parent mobile terminal sends the server to the server. Updating information, wherein the updating information causes the server to update the student dynamic lock of the secondary parent corresponding student, the updated student dynamic lock includes the encrypted dynamic code and the public key corresponding to the secondary parent; and the secondary parent mobile terminal decrypts the encrypted dynamic code Obtaining a dynamic code, and decrypting the private key corresponding to the secondary parent; the secondary parent mobile terminal sends the dynamic code and the private key to the teacher mobile terminal, so that the teacher mobile terminal performs the dynamic code and the private key according to the student dynamic lock. Right, verify whether the identity of the deputy parent is legal.
实施例九Example nine
如图4所示,本实施例提供了一种家长移动终端,包括:As shown in FIG. 4, this embodiment provides a parent mobile terminal, including:
通信设置模块401,设置为:设置主家长移动终端或其副家长移动终端作为接收老师移动终端发送的加密动态码的移动终端;若选择主家长移动终端,则向服务器发出更新信息,其中,更新信息使得服务器将主家长对应学生的学生动态锁进行更新,更新后的学生动态锁包括该加密动态码和主家长对应的公钥;The communication setting module 401 is configured to: set the primary parent mobile terminal or the secondary parent mobile terminal as the mobile terminal that receives the encrypted dynamic code sent by the teacher mobile terminal; if the primary parent mobile terminal is selected, send the update information to the server, where the update The information causes the server to update the student dynamic lock of the primary parent corresponding student, and the updated student dynamic lock includes the encrypted dynamic code and the public key corresponding to the primary parent;
解密模块402,设置为对加密动态码进行解密得到动态码,并对主家长对应的私钥进行解密;The decryption module 402 is configured to decrypt the encrypted dynamic code to obtain a dynamic code, and decrypt the private key corresponding to the primary parent;
通信设置模块401还设置为:向老师移动终端发送动态码和私钥,使得老师移动终端根据学生动态锁对动态码和所述私钥进行鉴权,验证主家长身份是否合法。The communication setting module 401 is further configured to: send the dynamic code and the private key to the teacher mobile terminal, so that the teacher mobile terminal authenticates the dynamic code and the private key according to the student dynamic lock, and verifies whether the primary parent identity is legal.
参照图7所示,老师移动终端和家长移动终端的通信设置模块的通信过程如下:Referring to FIG. 7, the communication process of the communication setting module of the teacher mobile terminal and the parent mobile terminal is as follows:
步骤3011:老师方选择身份后,进入老师方***,最开始需要创建所负责班级学生的所有原始信息数据;Step 3011: After the teacher selects the identity, enters the teacher's party system, and initially needs to create all the original information data of the student in charge of the class;
步骤3012:老师移动终端的动态码生成模块生成原始动态码,并利用动态码加密模块加密原始动态码后,保存在服务器中,老师移动终端发送原始动态码前需要去服务器读取;Step 3012: The dynamic code generating module of the teacher mobile terminal generates the original dynamic code, and encrypts the original dynamic code by using the dynamic code encryption module, and saves the original dynamic code in the server, and the teacher mobile terminal needs to go to the server to read before sending the original dynamic code;
步骤3013:老师点击发送加密动态码,老师移动终端的通信设置模块默认发送给学生的主家长移动终端;Step 3013: The teacher clicks to send the encrypted dynamic code, and the communication setting module of the teacher mobile terminal sends the mobile terminal to the student's parent mobile terminal by default;
步骤3021:在步骤3013后,主家长移动终端收到老师移动终端发来的加密动态码,自动保存,并提示主家长是否接受该加密动态码;Step 3021: After step 3013, the primary parent mobile terminal receives the encrypted dynamic code sent by the teacher mobile terminal, automatically saves, and prompts the primary parent whether to accept the encrypted dynamic code;
步骤3022:主家长可以接受提示,或者拒绝提示而选择另一个副家长接送该学生;Step 3022: The primary parent may accept the prompt or refuse the prompt and select another parent to pick up the student;
步骤3023:***读取主家长设置;Step 3023: The system reads the primary parent setting;
步骤3024:根据主家长的设置,主家长移动终端向服务器发出更新信息,使得服务器更新学生动态锁,如果是主家长接送,则服务器加载主家长的公 钥,如果否,则后续更新;Step 3024: According to the setting of the primary parent, the primary parent mobile terminal sends update information to the server, so that the server updates the student dynamic lock. If the primary parent transfers, the server loads the parent parent. Key, if no, subsequent updates;
步骤3025:主家长想要在服务器中新增或删除一位副家长,选择相应的添加或删除选项;Step 3025: The primary parent wants to add or delete a deputy parent in the server, and select the corresponding add or delete option;
步骤3026:添加删除相应副家长的公钥,公钥算法本发明实施例不限制;Step 3026: Adding and deleting a public key of the corresponding secondary parent, the public key algorithm is not limited in the embodiment of the present invention;
步骤3027:更新完成后,更新服务器;Step 3027: After the update is completed, the server is updated;
步骤3031:如果在步骤3023中,主家长选择了副家长接送,则相应的副家长移动终端会收到加密动态码及提示信息;Step 3031: If, in step 3023, the primary parent selects the secondary parent transfer, the corresponding secondary parent mobile terminal receives the encrypted dynamic code and the prompt information;
步骤3032:副家长接受请求(通常情况下,主家长会在同副家长沟通后进行发送请求,所以默认副家长都是接受请求的);Step 3032: The deputy parent accepts the request (normally, the primary parent will send a request after communicating with the deputy parent, so the default deputy parent accepts the request);
步骤3033:副家长移动终端向服务器发出更新信息,学生信息服务器更新,加载该副家长的公钥信息。Step 3033: The secondary parent mobile terminal sends update information to the server, and the student information server updates, and loads the parent key's public key information.
通信设置模块根据身份的选择不同而在相应终端上的功能不同。老师移动终端的通信设置模块可以读取并发送加密的动态码到主家长移动终端。主家长移动终端的通信设置模块除了接收和发送加密动态码外,可以选择今天接送孩子的家长,可以是自己,也可以分配给家庭中的其他成员作为接送家长,该分配的副家长的移动终端接收老师移动终端发送的加密动态码。除此之外,主家长还能有一项特殊的权限就是新建临时成员作为临时副家长。主家长只需要在***中选择身份、新建家长后,上传新家长的公钥到学生信息***服务器即可。当然,主家长还能随时删除成员。副家长方的通信设置模块,可以接收主家长移动终端发来的接送孩子的提示和加密动态码。另外,该通信设置模块可以根据主家长的设置而最后更新学生信息***中每个学生ID下对应的动态公钥信息。例如,王二的主家长(母亲)选择了王二的父亲作为今天接送孩子的家长,那么,王二的父亲的移动终端的通信设置模块接收到主家长的设置后,前往学生信息***服务器中查询到王二的ID,并根据这个ID找到其父亲的公钥,服务器最后把父亲的公钥信息同随机分配的王二的加密动态码组合在一起,作为今天即将验证王二父亲身份的动态锁。The communication setting module has different functions on the corresponding terminal depending on the selection of the identity. The communication setting module of the teacher mobile terminal can read and send the encrypted dynamic code to the primary parent mobile terminal. In addition to receiving and transmitting the encrypted dynamic code, the communication setting module of the primary parent mobile terminal may select the parent who picks up the child today, may be himself, or may assign it to other members of the family as the pick-up parent, the mobile terminal of the assigned deputy parent. Receiving the encrypted dynamic code sent by the teacher mobile terminal. In addition, the main parent can also have a special permission to create a temporary member as a temporary deputy parent. The primary parent only needs to select the identity in the system, create a new parent, and upload the new parent's public key to the student information system server. Of course, the primary parent can also remove members at any time. The communication setting module of the deputy parent side can receive the prompt for sending and receiving the child and the encrypted dynamic code sent by the parent parent mobile terminal. In addition, the communication setting module may last update the dynamic public key information corresponding to each student ID in the student information system according to the settings of the master parent. For example, the parent (mother) of Wang Er chose Wang Er’s father as the parent to pick up the child today. Then, the communication setting module of Wang Er’s father’s mobile terminal receives the settings of the master parent and goes to the student information system server. Query the ID of Wang Er, and find the public key of his father based on this ID. The server finally combines the father's public key information with the randomly assigned Wang Er's encrypted dynamic code, as the dynamic of the identity of Wang Er's father will be verified today. lock.
实施例十Example ten
本实施例与实施例九的区别在于:在本实施例中,通信设置模块还设置 为:若选择副家长移动终端,则向服务器发出更新信息,其中,更新信息使得服务器将该副家长对应学生的学生动态锁进行更新,更新后的学生动态锁包括该加密动态码和副家长对应的公钥;解密模块还设置为:对加密动态码进行解密得到动态码,并对副家长对应的私钥进行解密;通信设置模块还设置为:向老师移动终端发送动态码和私钥,使得老师移动终端根据学生动态锁对动态码和所述私钥进行鉴权,验证副家长身份是否合法。The difference between this embodiment and the embodiment 9 is that in the embodiment, the communication setting module is further configured. If the secondary parent mobile terminal is selected, the update information is sent to the server, wherein the update information causes the server to update the student dynamic lock of the secondary parent corresponding student, and the updated student dynamic lock includes the encrypted dynamic code and the secondary parent corresponding The public key; the decryption module is further configured to: decrypt the encrypted dynamic code to obtain a dynamic code, and decrypt the private key corresponding to the secondary parent; the communication setting module is further configured to: send the dynamic code and the private key to the teacher mobile terminal, so that The teacher mobile terminal authenticates the dynamic code and the private key according to the student dynamic lock, and verifies whether the identity of the secondary parent is legal.
参照图8所示,下面介绍老师移动终端对家长移动终端进行鉴权的详细流程。Referring to FIG. 8, the detailed process of authenticating the parent mobile terminal by the teacher mobile terminal is described below.
步骤4011:主家长或副家长在学校鉴权时,主家长移动终端或副家长移动终端需要读取老师移动终端发送过来的加密动态码,该加密动态码可以保存在缓存中,也可以存放在***其它位置;Step 4011: When the primary parent or the deputy parent authenticates in the school, the primary parent mobile terminal or the secondary parent mobile terminal needs to read the encrypted dynamic code sent by the teacher mobile terminal, and the encrypted dynamic code can be stored in the cache or stored in the system. Other location
步骤4012:读取后,主家长移动终端或副家长移动终端根据内置默认的动态码解密算法进行解密,还原回原始动态码;Step 4012: After reading, the primary parent mobile terminal or the secondary parent mobile terminal decrypts according to the built-in default dynamic code decryption algorithm, and restores the original dynamic code.
步骤4013:还原的原始动态码经过老师移动终端的鉴权***进行对比,是否同生成的原始动态码一致;Step 4013: The restored original dynamic code is compared by the authentication system of the teacher mobile terminal, and is consistent with the generated original dynamic code;
步骤4014:动态码解密成功后,还需要验证家长的身份,于是主家长移动终端或副家长移动终端需要调用家长自己的私钥,***约定私钥生成办法和存储位置;Step 4014: After the dynamic code is successfully decrypted, the identity of the parent needs to be verified, so the primary parent mobile terminal or the secondary parent mobile terminal needs to call the parent's own private key, and the system stipulates the private key generation method and the storage location;
步骤4015:老师移动终端需要对家长的私钥进行鉴权;Step 4015: The teacher mobile terminal needs to authenticate the parent's private key;
步骤4016:在老师移动终端鉴权动态码和私钥时,需要调用学生信息服务器中的动态码和公钥进行鉴权。Step 4016: When the teacher mobile terminal authenticates the dynamic code and the private key, the dynamic code and the public key in the student information server need to be called for authentication.
实施例十一Embodiment 11
本发明实施例提供的家长身份验证***包括至少两个移动终端设备,其中一个移动终端设备作为老师方,另一个或多个移动终端设备作为家长方。家长方必须设置一个主家长,其余的家长作为副家长。主家长是主要负责接送孩子的家长,副家长是可能会接送孩子的家长。The parent identity verification system provided by the embodiment of the present invention includes at least two mobile terminal devices, one of which is a teacher side and the other or multiple mobile terminal devices are a parent side. Parents must set up a primary parent and the rest of the parents as deputy parents. The primary parent is the parent who is mainly responsible for picking up the child, and the deputy parent is the parent who may pick up the child.
参照图9和图10来详细介绍本发明实施例中,老师移动终端对家长移动终端进行鉴权的详细流程。 A detailed flow of authenticating a parent mobile terminal by a teacher mobile terminal in the embodiment of the present invention will be described in detail with reference to FIG. 9 and FIG.
步骤S601:老师方和家长方使用各自的移动终端连接服务器进行身份选择;Step S601: the teacher side and the parent side use their respective mobile terminals to connect to the server for identity selection;
步骤S602:老师移动终端进行动态码生成;Step S602: The teacher mobile terminal performs dynamic code generation.
步骤S603:老师移动终端对生成的动态码进行加密;Step S603: The teacher mobile terminal encrypts the generated dynamic code.
步骤S604:老师点击动态码发送,老师移动终端将加密动态码发送到主家长移动终端;Step S604: the teacher clicks on the dynamic code to send, and the teacher mobile terminal sends the encrypted dynamic code to the primary parent mobile terminal;
步骤S605:主家长移动终端收到加密动态码,并选择自己作为接送孩子的家长;Step S605: The primary parent mobile terminal receives the encrypted dynamic code, and selects itself as the parent who picks up the child;
步骤S606:主家长移动终端的通信设置模块接收到主家长的设置后,通知服务器更新学生动态锁,服务器将学生动态锁更新为加密动态码和主家长公钥;Step S606: After receiving the setting of the master parent, the communication setting module of the master parent mobile terminal notifies the server to update the student dynamic lock, and the server updates the student dynamic lock to the encrypted dynamic code and the master parent public key;
步骤S607:主家长接送孩子时,选择解密,由主家长移动终端的解密模块对加密动态码进行解密;Step S607: when the primary parent picks up the child, selects decryption, and the decryption module of the primary parent mobile terminal decrypts the encrypted dynamic code;
步骤S608:老师移动终端调用服务器存储的学生动态锁验证主家长身份是否合法;Step S608: The teacher mobile terminal invokes the student dynamic lock stored in the server to verify whether the primary parent identity is legal;
步骤S609:在主家长身份验证不通过的情况下,老师移动终端提示报警。Step S609: In the case that the primary parent identity verification fails, the teacher mobile terminal prompts an alarm.
参照图9和图11来说明老师移动终端对家长移动终端进行鉴权的另一实施过程,具体如下:Another implementation process of authenticating the parent mobile terminal by the teacher mobile terminal will be described with reference to FIG. 9 and FIG. 11 , as follows:
步骤S701:老师方和家长方使用各自的终端连接服务器进行身份选择;Step S701: the teacher side and the parent side use their respective terminal connection servers for identity selection;
步骤S702:老师移动终端进行动态码生成;Step S702: The teacher mobile terminal performs dynamic code generation.
步骤S703:老师移动终端对生成的动态码进行加密;Step S703: The teacher mobile terminal encrypts the generated dynamic code.
步骤S704:老师点击动态码发送,老师移动终端将加密动态码发送到主家长方移动终端;Step S704: the teacher clicks on the dynamic code to send, and the teacher mobile terminal sends the encrypted dynamic code to the primary parent mobile terminal;
步骤S705:主家长移动终端收到加密动态码后,选择副家长(父亲)作为接送孩子的家长;Step S705: After receiving the encrypted dynamic code, the primary parent mobile terminal selects the deputy parent (father) as the parent who picks up the child;
步骤S706:副家长移动终端接收到加密动态码和即将接送孩子的提示;Step S706: The secondary parent mobile terminal receives the encrypted dynamic code and the prompt to pick up the child;
步骤S707:父亲接受请求;副家长(父亲)移动终端的通信设置模块通 知服务器更新学生动态锁,服务器更新学生动态锁为加密动态码和父亲公钥;Step S707: the father accepts the request; the communication setting module of the secondary parent (father) mobile terminal passes Knowing that the server updates the student dynamic lock, the server updates the student dynamic lock to the encrypted dynamic code and the father public key;
步骤S708:父亲接送孩子时,选择解密,由副家长移动终端的解密模块加载缓存中的加密动态码和私钥;Step S708: When the father picks up the child, select decryption, and the decryption module of the secondary parent mobile terminal loads the encrypted dynamic code and the private key in the cache;
步骤S709:副家长移动终端(父亲)的解密模块调用算法对加密动态码进行解密;Step S709: the decryption module calling algorithm of the secondary parent mobile terminal (father) decrypts the encrypted dynamic code;
步骤S710:老师移动终端调用服务器中的学生动态锁验证副家长身份是否合法;Step S710: The teacher mobile terminal invokes the student dynamic lock in the server to verify whether the identity of the secondary parent is legal;
步骤S711:在副家长身份验证不通过的情况下,老师移动终端提示报警。Step S711: In the case that the secondary parent identity verification fails, the teacher mobile terminal prompts an alarm.
本发明实施例中,模块可以用软件实现,以便由各种类型的处理器执行。举例来说,一个通信设置模块可以包括计算机指令的一个或多个物理或者逻辑块,举例来说,其可以被构建为对象、过程或函数。尽管如此,通信设置模块的可执行代码无需物理地位于一起,而是可以包括存储在不同位置上的不同的指令,当这些指令逻辑上结合在一起时,其构成模块并且实现该模块的规定目的。In an embodiment of the invention, the modules may be implemented in software for execution by various types of processors. For example, a communication setup module can include one or more physical or logical blocks of computer instructions, which can be constructed, for example, as an object, procedure, or function. Nonetheless, the executable code of the communication setup module need not be physically located together, but may include different instructions stored at different locations that, when logically combined, constitute a module and achieve the stated purpose of the module .
实际上,通信设置模块可以是单条指令或者是许多条指令,并且甚至可以分布在多个不同的代码段上,分布在不同程序当中,以及跨越多个存储器设备分布。同样地,操作数据可以在模块内被识别,并且可以依照任何适当的形式实现并且被组织在任何适当类型的数据结构内。所述操作数据可以作为单个数据集被收集,或者可以分布在不同位置上(包括在不同存储设备上),并且至少部分地可以仅作为电子信号存在于***或网络上。In fact, the communication setup module can be a single instruction or a number of instructions, and can even be distributed over multiple different code segments, distributed among different programs, and distributed across multiple memory devices. As such, operational data may be identified within the modules and may be implemented in any suitable form and organized within any suitable type of data structure. The operational data may be collected as a single data set, or may be distributed at different locations (including on different storage devices), and may at least partially exist as an electronic signal on a system or network.
在模块可以利用软件实现时,考虑到现有硬件工艺的水平,所以可以以软件实现的模块,在不考虑成本的情况下,本领域技术人员都可以搭建对应的硬件电路来实现对应的功能,所述硬件电路包括常规的超大规模集成(VLSI)电路或者门阵列以及诸如逻辑芯片、晶体管之类的现有半导体或者是其它分立的元件。模块还可以用可编程硬件设备,诸如现场可编程门阵列、可编程阵列逻辑、可编程逻辑设备等实现。When the module can be implemented by software, considering the level of the existing hardware process, the module can be implemented in software, and the technician can construct a corresponding hardware circuit to implement the corresponding function without considering the cost. The hardware circuitry includes conventional Very Large Scale Integration (VLSI) circuits or gate arrays as well as existing semiconductors such as logic chips, transistors, or other discrete components. The modules can also be implemented with programmable hardware devices such as field programmable gate arrays, programmable array logic, programmable logic devices, and the like.
此外,本发明实施例还提供一种家长身份验证的方法,应用于家长移动终端,所述方法包括: In addition, the embodiment of the present invention further provides a method for parental identity verification, which is applied to a parent mobile terminal, and the method includes:
当所述家长移动终端作为接收老师移动终端发送的加密动态码的移动终端,在接收到该加密动态码后,向服务器发出更新信息,其中,所述更新信息使得所述服务器将家长对应学生的学生动态锁进行更新,更新后的所述学生动态锁包括该加密动态码和该家长对应的公钥;When the parent mobile terminal serves as the mobile terminal that receives the encrypted dynamic code sent by the teacher mobile terminal, after receiving the encrypted dynamic code, sends update information to the server, wherein the update information causes the server to correspond to the parent The student dynamic lock is updated, and the updated student dynamic lock includes the encrypted dynamic code and the public key corresponding to the parent;
根据该家长对应的公钥对所述加密动态码进行解密得到动态码;Decrypting the encrypted dynamic code according to the public key corresponding to the parent to obtain a dynamic code;
向所述老师移动终端发送所述动态码,使得老师移动终端根据所述学生动态锁对所述动态码进行鉴权,以验证所述家长身份是否合法。Sending the dynamic code to the teacher mobile terminal, so that the teacher mobile terminal authenticates the dynamic code according to the student dynamic lock to verify whether the parent identity is legal.
可选地,当所述家长移动终端为主家长移动终端时,上述方法还包括:设置主家长移动终端或其副家长移动终端作为接收老师移动终端发送的加密动态码的移动终端。Optionally, when the parent mobile terminal is the primary parent mobile terminal, the method further includes: setting the primary parent mobile terminal or the secondary parent mobile terminal as the mobile terminal that receives the encrypted dynamic code sent by the teacher mobile terminal.
可选地,上述方法还包括:对所述家长对应的私钥进行解密,向所述老师移动终端发送所述私钥,使得所述老师移动终端根据所述学生动态锁对所述私钥进行鉴权,以验证所述家长身份是否合法。Optionally, the method further includes: decrypting a private key corresponding to the parent, and sending the private key to the teacher mobile terminal, so that the teacher mobile terminal performs the private key according to the student dynamic lock. Authentication to verify that the parental status is legal.
此外,本发明实施例还提供一种家长移动终端,包括:无线通信单元以及处理器,In addition, an embodiment of the present invention further provides a parent mobile terminal, including: a wireless communication unit and a processor,
所述无线通信单元设置为:当所述家长移动终端作为接收老师移动终端发送的加密动态码的移动终端,在接收到该加密动态码后,向服务器发出更新信息,其中,所述更新信息使得所述服务器将家长对应学生的学生动态锁进行更新,更新后的所述学生动态锁包括该加密动态码和该家长对应的公钥;The wireless communication unit is configured to: when the parent mobile terminal receives the encrypted dynamic code as the mobile terminal that receives the encrypted dynamic code sent by the teacher mobile terminal, the update information is sent to the server, wherein the update information is The server updates the student dynamic lock of the parent corresponding student, and the updated student dynamic lock includes the encrypted dynamic code and the public key corresponding to the parent;
所述处理器设置为:根据该家长对应的公钥对所述加密动态码进行解密得到动态码;The processor is configured to: decrypt the encrypted dynamic code according to the public key corresponding to the parent to obtain a dynamic code;
所述无线通信单元还设置为:向所述老师移动终端发送所述动态码,使得老师移动终端根据所述学生动态锁对所述动态码进行鉴权,以验证所述家长身份是否合法。The wireless communication unit is further configured to: send the dynamic code to the teacher mobile terminal, so that the teacher mobile terminal authenticates the dynamic code according to the student dynamic lock to verify whether the parent identity is legal.
此外,本发明实施例还提供一种老师移动终端,包括:无线通信单元以及处理器,In addition, an embodiment of the present invention further provides a teacher mobile terminal, including: a wireless communication unit and a processor,
所述处理器设置为:对每个学生生成对应的原始动态码,其中,每个所述原始动态码对应该学生的学生动态锁,所述学生动态锁包括:该学生对应 的家长、每个所述家长对应的公钥;对所述原始动态码进行加密,得到加密动态码;The processor is configured to generate a corresponding original dynamic code for each student, wherein each of the original dynamic codes corresponds to a student dynamic lock of a student, and the student dynamic lock includes: the student corresponding a parent, a public key corresponding to each of the parents; encrypting the original dynamic code to obtain an encrypted dynamic code;
所述无线通信单元设置为:将所述加密动态码发送给家长移动终端;将选择接收所述加密动态码的家长移动终端作为接送家长移动终端,接收所述接送家长移动终端发送的动态码,其中,所述动态码由所述接送家长移动终端通过接送家长对应的公钥对所述加密动态码进行解密得到;The wireless communication unit is configured to: send the encrypted dynamic code to the parent mobile terminal; use the parent mobile terminal that selects to receive the encrypted dynamic code as the pick-up parent mobile terminal, and receive the dynamic code sent by the pick-up parent mobile terminal, The dynamic code is obtained by decrypting the encrypted dynamic code by the shuttle parent mobile terminal by using a public key corresponding to the parent;
所述处理器还设置为:调用所述学生动态锁对所述动态码进行鉴权;若所述动态码与所述原始动态码一致,则认定所述接送家长的动态码通过验证;若所述动态码与所述原始动态码不一致,则认定所述接送家长的动态码验证不通过。The processor is further configured to: invoke the student dynamic lock to authenticate the dynamic code; if the dynamic code is consistent with the original dynamic code, determine that the dynamic code of the shuttle parent passes verification; If the dynamic code is inconsistent with the original dynamic code, it is determined that the dynamic code verification of the shuttle parent does not pass.
此外,本发明实施例还提供一种计算机可读存储介质,存储有计算机可执行指令,所述计算机可执行指令被执行时实现应用于老师移动终端的家长身份验证的方法。In addition, an embodiment of the present invention further provides a computer readable storage medium storing computer executable instructions that implement a method for parental authentication applied to a teacher mobile terminal when the computer executable instructions are executed.
此外,本发明实施例还提供一种计算机可读存储介质,存储有计算机可执行指令,所述计算机可执行指令被执行时实现应用于家长移动终端的家长身份验证的方法。In addition, an embodiment of the present invention further provides a computer readable storage medium storing computer executable instructions that implement a method for parental authentication applied to a parent mobile terminal when the computer executable instructions are executed.
本领域普通技术人员可以理解上述方法中的全部或部分步骤可通过程序来指令相关硬件(例如处理器)完成,所述程序可以存储于计算机可读存储介质中,如只读存储器、磁盘或光盘等。可选地,上述实施例的全部或部分步骤也可以使用一个或多个集成电路来实现。相应地,上述实施例中的各模块/单元可以采用硬件的形式实现,例如通过集成电路来实现其相应功能,也可以采用软件功能模块的形式实现,例如通过处理器执行存储于存储器中的程序/指令来实现其相应功能。本发明不限制于任何特定形式的硬件和软件的结合。One of ordinary skill in the art will appreciate that all or a portion of the above steps may be performed by a program to instruct related hardware, such as a processor, which may be stored in a computer readable storage medium, such as a read only memory, disk or optical disk. Wait. Alternatively, all or part of the steps of the above embodiments may also be implemented using one or more integrated circuits. Correspondingly, each module/unit in the above embodiment may be implemented in the form of hardware, for example, by implementing an integrated circuit to implement its corresponding function, or may be implemented in the form of a software function module, for example, executing a program stored in the memory by a processor. / instruction to achieve its corresponding function. The invention is not limited to any specific form of combination of hardware and software.
以上所述的是本申请的优选实施方式,应当指出对于本技术领域的普通人员来说,在不脱离本申请所述的原理前提下还可以作出若干改进和润饰,这些改进和润饰也在本申请的保护范围内。 The above description is a preferred embodiment of the present application, and it should be noted that those skilled in the art can also make several improvements and retouchings without departing from the principles described herein. Within the scope of protection of the application.
工业实用性Industrial applicability
本发明实施例提供一种老师移动终端、家长移动终端及家长身份验证的方法,能够确保安全性,对每个接送家长都会进行身份验证,并且进行验证的加密动态码不仅加密而且每天更新,提供了双重保障。而且,本发明实施例可以适用于随时选择家庭中其他成员接送孩子的情况,无需担心鉴权问题,更加生活化、人性化、安全化。 Embodiments of the present invention provide a method for a teacher mobile terminal, a parent mobile terminal, and a parental identity verification, which can ensure security, authenticate each parent, and verify that the encrypted dynamic code is not only encrypted but also updated every day. A double guarantee. Moreover, the embodiment of the present invention can be applied to the situation that other members of the family pick up and drop off children at any time, without worrying about the authentication problem, and is more life-oriented, humanized, and secure.

Claims (11)

  1. 一种家长身份验证的方法,应用于老师移动终端,所述方法包括:A method for parental authentication is applied to a teacher mobile terminal, and the method includes:
    对每个学生生成对应的原始动态码,每个所述原始动态码对应该学生的学生动态锁,所述学生动态锁包括:该学生对应的家长、每个所述家长对应的公钥;Generating a corresponding original dynamic code for each student, each of the original dynamic codes corresponding to a student's dynamic lock of the student, the student dynamic lock comprising: a parent corresponding to the student, and a public key corresponding to each of the parents;
    对所述原始动态码进行加密,得到加密动态码;Encrypting the original dynamic code to obtain an encrypted dynamic code;
    将所述加密动态码发送给家长移动终端;Transmitting the encrypted dynamic code to the parent mobile terminal;
    将选择接收所述加密动态码的家长移动终端作为接送家长移动终端,接收所述接送家长移动终端发送的动态码,所述动态码由所述接送家长移动终端通过接送家长对应的公钥对所述加密动态码进行解密得到;The parent mobile terminal that selects the encrypted dynamic code is selected as the pick-up parent mobile terminal, and receives the dynamic code sent by the pick-up parent mobile terminal, and the dynamic code is used by the pick-up parent mobile terminal to pick up the public key pair corresponding to the parent. Decrypting the dynamic code for decryption;
    调用所述学生动态锁对所述动态码进行鉴权;若所述动态码与所述原始动态码一致,则认定所述接送家长的动态码通过验证;若所述动态码与所述原始动态码不一致,则认定所述接送家长的动态码验证不通过。Calling the student dynamic lock to authenticate the dynamic code; if the dynamic code is consistent with the original dynamic code, determining that the dynamic code of the shuttle parent passes verification; if the dynamic code and the original dynamic If the codes are inconsistent, it is determined that the dynamic code verification of the transfer parent does not pass.
  2. 如权利要求1所述的家长身份验证的方法,所述将选择接收所述加密动态码的家长移动终端作为接送家长移动终端之后,所述方法还包括:The method of the parental authentication method of claim 1, after the parent mobile terminal that selects the encrypted dynamic code is selected as the parent mobile terminal, the method further includes:
    接收所述接送家长移动终端发送的接送家长对应的私钥,并根据所述学生动态锁对所述私钥进行鉴权。Receiving a private key corresponding to the pick-up parent sent by the pick-up parent mobile terminal, and authenticating the private key according to the student dynamic lock.
  3. 如权利要求1所述的家长身份验证的方法,所述对每个学生生成对应的原始动态码之前,所述方法还包括:The method of parental authentication according to claim 1, wherein before the generating the corresponding original dynamic code for each student, the method further comprises:
    在服务器提供的选择身份界面上选择老师身份进入所述服务器,并在所述服务器上保存所述每个学生的学生信息及每个学生对应的家长信息。Selecting a teacher identity to enter the server on the selective identity interface provided by the server, and storing the student information of each student and the parent information corresponding to each student on the server.
  4. 一种老师移动终端,包括:A teacher mobile terminal, comprising:
    动态码生成模块,设置为对每个学生生成对应的原始动态码,其中,每个所述原始动态码对应该学生的学生动态锁,所述学生动态锁包括:该学生对应的家长、每个所述家长对应的公钥;a dynamic code generating module, configured to generate a corresponding original dynamic code for each student, wherein each of the original dynamic codes corresponds to a student's student dynamic lock, and the student dynamic lock includes: a parent corresponding to the student, each The public key corresponding to the parent;
    动态码加密模块,设置为对所述原始动态码进行加密,得到加密动态码;a dynamic code encryption module, configured to encrypt the original dynamic code to obtain an encrypted dynamic code;
    通信设置模块,设置为:将所述加密动态码发送给家长移动终端;将选 择接收所述加密动态码的家长移动终端作为接送家长移动终端,接收所述接送家长移动终端发送的动态码,其中,所述动态码由所述接送家长移动终端通过接送家长对应的公钥对所述加密动态码进行解密得到;a communication setting module, configured to: send the encrypted dynamic code to a parent mobile terminal; The parent mobile terminal that receives the encrypted dynamic code is used as a shuttle parent mobile terminal to receive the dynamic code sent by the parent mobile terminal, wherein the dynamic code is sent by the shuttle parent mobile terminal to the public key pair corresponding to the parent The encrypted dynamic code is decrypted;
    鉴权模块,设置为:调用所述学生动态锁对所述动态码进行鉴权;若所述动态码与所述原始动态码一致,则认定所述接送家长的动态码通过验证;若所述动态码与所述原始动态码不一致,则认定所述接送家长的动态码验证不通过。The authentication module is configured to: invoke the student dynamic lock to authenticate the dynamic code; if the dynamic code is consistent with the original dynamic code, determine that the dynamic code of the shuttle parent passes verification; If the dynamic code is inconsistent with the original dynamic code, it is determined that the dynamic code verification of the shuttle parent does not pass.
  5. 如权利要求4所述的老师移动终端,其中,The teacher mobile terminal according to claim 4, wherein
    所述通信设置模块还设置为接收所述接送家长移动终端发送的接送家长对应的私钥;The communication setting module is further configured to receive a private key corresponding to the pick-up parent sent by the pick-up parent mobile terminal;
    所述鉴权模块还设置为根据所述学生动态锁对所述私钥进行鉴权。The authentication module is further configured to authenticate the private key according to the student dynamic lock.
  6. 如权利要求4所述的老师移动终端,所述老师移动终端还包括:The teacher mobile terminal of claim 4, wherein the teacher mobile terminal further comprises:
    初始化模块,设置为:在服务器提供的选择身份界面上选择老师身份进入所述服务器,并在所述服务器上保存所述每个学生的学生信息及每个学生对应的家长信息。The initialization module is configured to: select a teacher identity to enter the server on the selective identity interface provided by the server, and save the student information of each student and the parent information corresponding to each student on the server.
  7. 一种家长身份验证的方法,应用于家长移动终端,所述方法包括:A method for parental authentication is applied to a parent mobile terminal, and the method includes:
    当所述家长移动终端作为接收老师移动终端发送的加密动态码的移动终端,在接收到该加密动态码后,向服务器发出更新信息,其中,所述更新信息使得所述服务器将家长对应学生的学生动态锁进行更新,更新后的所述学生动态锁包括该加密动态码和该家长对应的公钥;When the parent mobile terminal serves as the mobile terminal that receives the encrypted dynamic code sent by the teacher mobile terminal, after receiving the encrypted dynamic code, sends update information to the server, wherein the update information causes the server to correspond to the parent The student dynamic lock is updated, and the updated student dynamic lock includes the encrypted dynamic code and the public key corresponding to the parent;
    根据该家长对应的公钥对所述加密动态码进行解密得到动态码;Decrypting the encrypted dynamic code according to the public key corresponding to the parent to obtain a dynamic code;
    向所述老师移动终端发送所述动态码,使得老师移动终端根据所述学生动态锁对所述动态码进行鉴权,以验证所述家长身份是否合法。Sending the dynamic code to the teacher mobile terminal, so that the teacher mobile terminal authenticates the dynamic code according to the student dynamic lock to verify whether the parent identity is legal.
  8. 根据权利要求7所述的家长身份验证的方法,当所述家长移动终端为主家长移动终端时,还包括:设置主家长移动终端或其副家长移动终端作为接收老师移动终端发送的加密动态码的移动终端。The method of parental authentication according to claim 7, when the parent mobile terminal is the primary parent mobile terminal, further comprising: setting the primary parent mobile terminal or the secondary parent mobile terminal as the encrypted dynamic code sent by the receiving teacher mobile terminal Mobile terminal.
  9. 根据权利要求7或8所述的家长身份验证的方法,还包括:对所述家长对应的私钥进行解密,向所述老师移动终端发送所述私钥,使得所述老师 移动终端根据所述学生动态锁对所述私钥进行鉴权,以验证所述家长身份是否合法。The method of parental authentication according to claim 7 or 8, further comprising: decrypting a private key corresponding to the parent, and transmitting the private key to the teacher mobile terminal, so that the teacher The mobile terminal authenticates the private key according to the student dynamic lock to verify whether the parent identity is legal.
  10. 一种家长移动终端,包括:无线通信单元以及处理器,A parent mobile terminal includes: a wireless communication unit and a processor,
    所述无线通信单元设置为:当所述家长移动终端作为接收老师移动终端发送的加密动态码的移动终端,在接收到该加密动态码后,向服务器发出更新信息,其中,所述更新信息使得所述服务器将家长对应学生的学生动态锁进行更新,更新后的所述学生动态锁包括该加密动态码和该家长对应的公钥;The wireless communication unit is configured to: when the parent mobile terminal receives the encrypted dynamic code as the mobile terminal that receives the encrypted dynamic code sent by the teacher mobile terminal, the update information is sent to the server, wherein the update information is The server updates the student dynamic lock of the parent corresponding student, and the updated student dynamic lock includes the encrypted dynamic code and the public key corresponding to the parent;
    所述处理器设置为:根据该家长对应的公钥对所述加密动态码进行解密得到动态码;The processor is configured to: decrypt the encrypted dynamic code according to the public key corresponding to the parent to obtain a dynamic code;
    所述无线通信单元还设置为:向所述老师移动终端发送所述动态码,使得老师移动终端根据所述学生动态锁对所述动态码进行鉴权,以验证所述家长身份是否合法。The wireless communication unit is further configured to: send the dynamic code to the teacher mobile terminal, so that the teacher mobile terminal authenticates the dynamic code according to the student dynamic lock to verify whether the parent identity is legal.
  11. 一种老师移动终端,包括:无线通信单元以及处理器,A teacher mobile terminal includes: a wireless communication unit and a processor,
    所述处理器设置为:对每个学生生成对应的原始动态码,其中,每个所述原始动态码对应该学生的学生动态锁,所述学生动态锁包括:该学生对应的家长、每个所述家长对应的公钥;对所述原始动态码进行加密,得到加密动态码;The processor is configured to generate a corresponding original dynamic code for each student, wherein each of the original dynamic codes corresponds to a student dynamic lock of a student, and the student dynamic lock includes: a parent corresponding to the student, each a public key corresponding to the parent; encrypting the original dynamic code to obtain an encrypted dynamic code;
    所述无线通信单元设置为:将所述加密动态码发送给家长移动终端;将选择接收所述加密动态码的家长移动终端作为接送家长移动终端,接收所述接送家长移动终端发送的动态码,其中,所述动态码由所述接送家长移动终端通过接送家长对应的公钥对所述加密动态码进行解密得到;The wireless communication unit is configured to: send the encrypted dynamic code to the parent mobile terminal; use the parent mobile terminal that selects to receive the encrypted dynamic code as the pick-up parent mobile terminal, and receive the dynamic code sent by the pick-up parent mobile terminal, The dynamic code is obtained by decrypting the encrypted dynamic code by the shuttle parent mobile terminal by using a public key corresponding to the parent;
    所述处理器还设置为:调用所述学生动态锁对所述动态码进行鉴权;若所述动态码与所述原始动态码一致,则认定所述接送家长的动态码通过验证;若所述动态码与所述原始动态码不一致,则认定所述接送家长的动态码验证不通过。 The processor is further configured to: invoke the student dynamic lock to authenticate the dynamic code; if the dynamic code is consistent with the original dynamic code, determine that the dynamic code of the shuttle parent passes verification; If the dynamic code is inconsistent with the original dynamic code, it is determined that the dynamic code verification of the shuttle parent does not pass.
PCT/CN2016/072161 2015-09-23 2016-01-26 Mobile terminals of teacher and parent, and method of authenticating identity of parent WO2016165446A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201510611956.XA CN106548059A (en) 2015-09-23 2015-09-23 The method of teacher, head of a family's mobile terminal and head of a family's authentication
CN201510611956.X 2015-09-23

Publications (1)

Publication Number Publication Date
WO2016165446A1 true WO2016165446A1 (en) 2016-10-20

Family

ID=57125565

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2016/072161 WO2016165446A1 (en) 2015-09-23 2016-01-26 Mobile terminals of teacher and parent, and method of authenticating identity of parent

Country Status (2)

Country Link
CN (1) CN106548059A (en)
WO (1) WO2016165446A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116368489A (en) * 2020-10-30 2023-06-30 苹果公司 Hardware verification of dynamically generated code
CN117218756A (en) * 2023-09-23 2023-12-12 朗朗教育科技股份有限公司 Intelligent safety pick-up system and method based on face recognition

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107093154A (en) * 2017-04-18 2017-08-25 上海斐讯数据通信技术有限公司 A kind of intelligent student picks system and method and checking equipment
CN107301613A (en) * 2017-07-18 2017-10-27 湖南光海教育科技有限公司 Intelligent campus system management method, device and computer-readable recording medium
CN111832042B (en) * 2020-06-23 2024-02-13 武汉菲奥达物联科技有限公司 Apartment student data safety management method and device
CN113111985B (en) * 2021-04-08 2023-09-26 读书郎教育科技有限公司 Student pickup and delivery system and method based on two-dimensional code recognition technology

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070229217A1 (en) * 2006-03-31 2007-10-04 Pretide Holdings, Inc. A rfid automatic guarding system for campus safety
JP2007264723A (en) * 2006-03-27 2007-10-11 Nec Corp Student commuting monitoring system using shoe pressure sensor and ic tag, information processor and processing program
CN101262349A (en) * 2008-04-17 2008-09-10 华为技术有限公司 SMS-based identity authentication method and device
CN102752306A (en) * 2012-07-09 2012-10-24 广州杰赛科技股份有限公司 Digital media management method and system based on identification
CN102800036A (en) * 2012-07-04 2012-11-28 深圳市巨发科技有限公司 Method and system for confirming identity of guardian
CN102883325A (en) * 2012-10-29 2013-01-16 东莞宇龙通信科技有限公司 Identification server, mobile terminal and end-to-end identification communication channel establishing method

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2007264723A (en) * 2006-03-27 2007-10-11 Nec Corp Student commuting monitoring system using shoe pressure sensor and ic tag, information processor and processing program
US20070229217A1 (en) * 2006-03-31 2007-10-04 Pretide Holdings, Inc. A rfid automatic guarding system for campus safety
CN101262349A (en) * 2008-04-17 2008-09-10 华为技术有限公司 SMS-based identity authentication method and device
CN102800036A (en) * 2012-07-04 2012-11-28 深圳市巨发科技有限公司 Method and system for confirming identity of guardian
CN102752306A (en) * 2012-07-09 2012-10-24 广州杰赛科技股份有限公司 Digital media management method and system based on identification
CN102883325A (en) * 2012-10-29 2013-01-16 东莞宇龙通信科技有限公司 Identification server, mobile terminal and end-to-end identification communication channel establishing method

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116368489A (en) * 2020-10-30 2023-06-30 苹果公司 Hardware verification of dynamically generated code
CN117218756A (en) * 2023-09-23 2023-12-12 朗朗教育科技股份有限公司 Intelligent safety pick-up system and method based on face recognition
CN117218756B (en) * 2023-09-23 2024-02-13 朗朗教育科技股份有限公司 Intelligent safety pick-up system and method based on face recognition

Also Published As

Publication number Publication date
CN106548059A (en) 2017-03-29

Similar Documents

Publication Publication Date Title
WO2016165446A1 (en) Mobile terminals of teacher and parent, and method of authenticating identity of parent
JP6571250B2 (en) How to use one device to unlock another
US9256725B2 (en) Credential recovery with the assistance of trusted entities
US7613929B2 (en) Method and system for biometric identification and authentication having an exception mode
KR102202547B1 (en) Method and system for verifying an access request
US11057210B1 (en) Distribution and recovery of a user secret
US20130159699A1 (en) Password Recovery Service
CN104919775A (en) Keychain synchronization
JP2007060581A (en) Information management system and method
US11741214B2 (en) Passcode authentication based data storage device
JP7343680B2 (en) Authentication device, authentication support method, and program
KR20160099358A (en) Certification method for cloud document centralized system
CN115037452A (en) Data protection method and system and electronic equipment

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 16779421

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 16779421

Country of ref document: EP

Kind code of ref document: A1