CN106034135A - Identity card cloud authentication device - Google Patents
Identity card cloud authentication device Download PDFInfo
- Publication number
- CN106034135A CN106034135A CN201610041122.4A CN201610041122A CN106034135A CN 106034135 A CN106034135 A CN 106034135A CN 201610041122 A CN201610041122 A CN 201610041122A CN 106034135 A CN106034135 A CN 106034135A
- Authority
- CN
- China
- Prior art keywords
- serial number
- control list
- card reader
- frequency management
- identity card
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000004891 communication Methods 0.000 claims abstract description 100
- 238000012545 processing Methods 0.000 claims abstract description 66
- 238000000034 method Methods 0.000 claims description 330
- 230000008569 process Effects 0.000 claims description 316
- 230000002159 abnormal effect Effects 0.000 abstract description 48
- 230000010365 information processing Effects 0.000 abstract description 10
- 238000012795 verification Methods 0.000 abstract description 2
- 230000005856 abnormality Effects 0.000 description 23
- 230000008859 change Effects 0.000 description 12
- 230000008014 freezing Effects 0.000 description 7
- 238000007710 freezing Methods 0.000 description 7
- 230000000977 initiatory effect Effects 0.000 description 7
- 238000000151 deposition Methods 0.000 description 5
- 230000002547 anomalous effect Effects 0.000 description 3
- 238000005516 engineering process Methods 0.000 description 3
- 230000003993 interaction Effects 0.000 description 2
- 238000003672 processing method Methods 0.000 description 2
- 230000005540 biological transmission Effects 0.000 description 1
- 230000008878 coupling Effects 0.000 description 1
- 238000010168 coupling process Methods 0.000 description 1
- 238000005859 coupling reaction Methods 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
- H04L63/0245—Filtering by information in the payload
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
The invention provides an identity card cloud authentication device which comprises a first judgment module, a second judgment module and a third judgment module, wherein the first judgment module is used for judging whether an identity card serial number or a card reader serial number is contained in a blacklist; the fourth communication module is used for acquiring an access frequency control list; the second judgment module is used for judging whether the access frequency control list contains a stored record of the serial number of the identity card or not within a first preset time interval before the moment that the access frequency control list is obtained, or whether the access frequency control list contains a stored record of the serial number of the card reader within a second preset time interval; the fifth communication module is used for acquiring the exception rule; the third judging module is used for judging whether the serial number of the identity card or the serial number of the card reader conforms to an abnormal rule or not; and the processing module is used for processing the identity card authentication information processing request. Triple dynamic verification of the identity card and the identity card reader is realized, and the safety and reliability of processing the identity card authentication information processing request are improved.
Description
Technical field
The present invention relates to a kind of electronic technology field, particularly relate to a kind of identity card cloud certification device.
Background technology
Along with China's rapid development of economy, people's lives have had the biggest improvement, no matter obtain employment, engage in trade, travel, enter a higher school
Deng, it is required for carrying out authentication, and processes money, property, application welfare, seek medical advice etc., need also exist for carrying out identity and recognize
Card.Current No.2 residence card uses the design of built-in intelligence chip, has the ability to realize identity based on the Internet completely and recognizes
Card, but released so far from 2004, its using value is mined the most far away, and in recent years, ticket sale system has started on a large scale should
With Internet authentication and the identification of identity-based card.
The Internet authentication technology of identity-based card due in actually used, exist identity card lose, the situation such as stolen, deposit
Harm and risk in the identity card non-malice that I authorizes use;The transmission of network data simultaneously also faces communication and monitors, counts
According to distorting and the risk of a series of typical network attacks such as data playback.Therefore, how to stop to eavesdrop on escape way, usurp
Changing or the attack of the mode such as playback, screen the assailant of malice in real time, protection authentication module (SAM) safety becomes needs head badly
Solve the technical problem that.
Summary of the invention
Present invention seek to address that the problems referred to above/one of.
A kind of identity card cloud certification device of offer, for reaching above-mentioned purpose, the technical side of the present invention are provided
Case is specifically achieved in that and includes:
First communication module, is used for receiving authentication ids information process request, and authentication ids information includes: identity card sequence
Number secret value and card reader serial number, wherein, the serial number of card reader Serial No. ID card information reading terminals;Second communication
Module, for obtaining the identity card serial number that decryption identity card serial number encryption is worth to;Third communication module, is used for obtaining black
List;First judge module, is used for judging whether identity card serial number or card reader serial number are included in blacklist, if identity
Card serial number or card reader serial number are included in blacklist, then termination flow process;Fourth communication module, at identity card
When serial number and card reader serial number are all not included in blacklist, obtain visiting frequency management and control list;Second judge module, uses
In judging before distance gets the visiting frequency management and control list moment in the first prefixed time interval, visiting frequency management and control list
In whether comprise the record that is stored in of identity card serial number, or second preset before distance gets the visiting frequency management and control list moment
In time interval, whether comprise card reader serial number in visiting frequency management and control list is stored in record;If judging to get in distance
Before the visiting frequency management and control list moment in the first prefixed time interval, visiting frequency management and control list comprises identity card serial number
It is stored in record, or before distance gets the visiting frequency management and control list moment in the second prefixed time interval, visiting frequency management and control
Comprise card reader serial number in list is stored in record, then termination flow process;Fifth communication module, for judging in distance
Get before the visiting frequency management and control list moment in the first prefixed time interval, visiting frequency management and control list does not comprise identity card
Serial number be stored in record, and before distance gets the visiting frequency management and control list moment in the second prefixed time interval, access
Frequency management and control list does not comprise when being stored in record of card reader serial number, obtains exception rules;3rd judge module, is used for sentencing
Whether disconnected identity card serial number or card reader serial number meet exception rules, if identity card serial number or card reader serial number meet different
Routine then, then termination flow process;Processing module, for all not meeting abnormal rule at identity card serial number and card reader serial number
Time then, authentication ids information process request is processed.
Alternatively, the first judge module, in being additionally operable to judge identity card serial number whether bag blacklist, if identity card serial number comprises
In blacklist, then termination flow process;If identity card serial number is not comprised in blacklist, then judge card reader serial number
Whether it is included in blacklist, if card reader serial number is included in blacklist, then termination flow process;First judge module,
It is additionally operable to judge whether card reader serial number is included in blacklist, if card reader serial number is included in blacklist, then termination
Reason flow process;If card reader serial number is not comprised in blacklist, then judge whether identity card serial number is included in blacklist,
If identity card serial number is included in blacklist, then termination flow process.
Alternatively, the second judge module, it is additionally operable to judge that before distance gets the visiting frequency management and control list moment first presets
In time interval, whether comprise identity card serial number in visiting frequency management and control list is stored in record, if getting access in distance
Before the frequency management and control list moment in the first prefixed time interval, visiting frequency management and control list comprises being stored in of identity card serial number
Record, then termination flow process;If before distance gets the visiting frequency management and control list moment in the first prefixed time interval,
Do not comprise identity card serial number in visiting frequency management and control list is stored in record, then judge to get visiting frequency management and control name in distance
Before single moment in the second prefixed time interval, whether comprise card reader serial number in visiting frequency management and control list is stored in record,
If before distance gets the visiting frequency management and control list moment in the second prefixed time interval, visiting frequency management and control list comprising
Card reader serial number be stored in record, then termination flow process;Second judge module, is additionally operable to judge to get access in distance
Before the frequency management and control list moment in the second prefixed time interval, whether visiting frequency management and control list comprises card reader serial number
It is stored in record, if before distance gets the visiting frequency management and control list moment in the second prefixed time interval, visiting frequency management and control
Comprise card reader serial number in list is stored in record, then termination flow process;If getting visiting frequency management and control list in distance
Before moment in the second prefixed time interval, do not comprise card reader serial number in visiting frequency management and control list is stored in record, then sentence
Break before distance gets the visiting frequency management and control list moment in the first prefixed time interval, in visiting frequency management and control list whether
Comprise identity card serial number is stored in record, if before distance gets the visiting frequency management and control list moment between the first Preset Time
Every interior, comprise identity card serial number in visiting frequency management and control list is stored in record, then termination flow process.
Alternatively, the 3rd judge module, it is additionally operable to judge whether identity card serial number meets exception rules, if identity card serial number
Meet exception rules, then termination flow process;If identity card serial number does not meets exception rules, then judge that card reader serial number is
No meet exception rules, if card reader serial number meets exception rules, then termination flow process;3rd judge module, is additionally operable to
Judge whether card reader serial number meets exception rules, if card reader serial number meets exception rules, then termination flow process;If
Card reader serial number does not meets exception rules, then judge whether identity card serial number meets exception rules, if identity card serial number symbol
Close exception rules, then termination flow process.
Alternatively, the second judge module, it is additionally operable to the first Preset Time before distance gets the visiting frequency management and control list moment
In interval, if visiting frequency management and control list comprises when being stored in record of identity card serial number, obtain and get access frequency in distance
Before the degree management and control list moment in the 3rd prefixed time interval, in visiting frequency management and control list, being stored in of identity card serial number records out
Occurrence number, if the record occurrence number that is stored in of identity card serial number is less than the first preset value, then returns the first information and terminates
Handling process;If the record occurrence number that is stored in of identity card serial number is more than or equal to the first preset value, then by identity card serial number
It is stored in blacklist, returns error message termination flow process;Second judge module, is additionally operable to get visiting frequency in distance
Before the management and control list moment in the second prefixed time interval, comprise card reader serial number in visiting frequency management and control list is stored in record
Time, obtain before distance gets the visiting frequency management and control list moment in the 4th prefixed time interval, visiting frequency management and control list
Middle card reader serial number be stored in record occurrence number, if card reader serial number be stored in record occurrence number less than the second preset value,
Then return the second information termination flow process;If the record occurrence number that is stored in of card reader serial number is more than or equal to second
Preset value, then be stored in blacklist by card reader serial number, returns error message termination flow process.
Alternatively, the 3rd judge module, it is additionally operable to when identity card serial number meets exception rules, then be deposited by identity card serial number
Enter visiting frequency management and control list, return the first information termination flow process;When card reader serial number meets exception rules,
Then card reader serial number is stored in visiting frequency management and control list, returns the second information termination flow process.
Alternatively, authentication ids information process request also includes: timestamp secret value and card reader counting secret value;First leads to
Letter module, is additionally operable to obtain decryption time stamp secret value and the timestamp of card reader counting secret value acquisition and card reader count value,
Wherein, timestamp is demonstrate,proved the generation of information process request by the card reader identity-based identification generating authentication ids information process request
Moment generates;Card reader count value is processed request number of times by card reader based on the history that card reader is initiated and generates;3rd judge module,
It is additionally operable to based on timestamp and the moment receiving authentication ids information process request, generates very first time interval, it is judged that first
Whether time interval is more than the 5th prefixed time interval and less than the 6th prefixed time interval, if very first time interval is pre-more than the 5th
If time interval and less than the 6th prefixed time interval, then judge that identity card serial number is legal, otherwise, it is judged that identity card serial number
Meet exception rules;3rd judge module, is additionally operable to based on timestamp and card reader count value, it is judged that distance gets access frequency
Before the degree management and control list moment in the 7th prefixed time interval, the authentication ids comprising identity card serial number encryption value received
Whether the request number of times of information process request is less than the 3rd preset value, if the identity comprising identity card serial number encryption value received
The request number of times of identification card information process request less than the 3rd preset value, then judges that identity card serial number is legal, otherwise, it is judged that body
Part card serial number meets exception rules;3rd judge module, is additionally operable to based on timestamp and receives authentication ids information processing
In the moment of request, generate very first time interval, it is judged that whether very first time interval is more than the 8th prefixed time interval and less than the 9th
Prefixed time interval, if very first time interval is more than the 8th prefixed time interval and less than the 9th prefixed time interval, then judges to read
Card device serial number is legal, otherwise, it is judged that card reader serial number meets exception rules;3rd judge module, was additionally operable to based on the time
Stamp and card reader count value, it is judged that before distance gets the visiting frequency management and control list moment in the tenth prefixed time interval, connect
Whether the request number of times of the authentication ids information process request comprising card reader serial number received is less than the 4th preset value, if connecing
The request number of times of the authentication ids information process request comprising card reader serial number received is less than the 4th preset value, then judge to read
Card device serial number is legal, otherwise, it is judged that card reader serial number meets exception rules;3rd judge module, is additionally operable to based on Card Reader
Device count value, it is judged that in the authentication ids information process request continuously received, the card reader with card reader sequence numbers match counts
Whether value meets preset rules, if card reader count value meets preset rules, then judges that card reader serial number is legal, otherwise, sentences
Disconnected card reader serial number meets exception rules.
Alternatively, also comprise authentication module, wherein, first communication module, be additionally operable at the authentication ids information that will receive
Reason request sends to authentication module;Authentication module, adds for the identity card serial number extracted in authentication ids information process request
Close value, timestamp secret value and/or card reader counting secret value, to identity card serial number encryption value, timestamp secret value and/or reading
Card device counting secret value is decrypted operation, it is thus achieved that identity card serial number, timestamp and/or card reader count value, and by identity card
Serial number, timestamp and/or card reader count value send to first communication module.
Alternatively, also comprise memory module, wherein, memory module, be used for storing blacklist and frequency management and control list;Threeway
Letter module, is additionally operable to when acquisition request blacklist, generates blacklist and obtains request, and sends to memory module;Fourth communication
Module, is additionally operable to when acquisition request frequency management and control list, generates frequency management and control list and obtains request, and sends to memory module;
Memory module, is additionally operable to, when receiving blacklist and obtaining request, send blacklist to third communication module;Memory module,
It is additionally operable to, when receiving frequency management and control list and obtaining request, send frequency management and control list to fourth communication module;The third communication
Module, is additionally operable to after blacklist is carried out write operation, generate update after blacklist, and will update after blacklist send
To memory module;Fourth communication module, is additionally operable to after frequency management and control list is carried out write operation, generates the frequency after updating
Management and control list, and will update after frequency management and control list send to memory module;Memory module, is additionally operable to receive and store renewal
After blacklist or frequency management and control list.
The device provided by the present invention, it is possible to realize the authentication ids letter generated based on abnormal identity card or abnormal card reader
Breath processes request and carries out effective abnormality processing, uses identity card serial number and/or card reader serial number to manage as key value
Control, it is to avoid because of other factors, the legitimate request caused such as the change of IP address or the change of type of card cannot obtain execution, logical
Cross blacklist, it is possible in the process request that the very first time stops illegal identity card or illegal card reader is initiated, different by the present invention
Often processing method is capable of the dynamic renewal of blacklist, enhances dynamic and the real-time of abnormality processing;By frequency management and control
List is capable of the abnormality processing occurring abnormal identity card or card reader the most in a short time, it is achieved to Short Term Anomalous identity
Card or the freezing in short-term of card reader, it is to avoid the security risk causing the process of illegal request, by the abnormality processing side of the present invention
Method is capable of the dynamic renewal of frequency management and control list, enhances dynamic and the real-time of abnormality processing;By exception rules energy
The exception of current identity card or card reader is judged by enough realizations, even if this processes the identity card in request or card reader is not included in
In blacklist or in the range of the management and control of frequency management and control list, can recognize that abnormal identity card or card reader equally, thus realize right
Identity card and triple dynamic authentication of card reader, improve the safety and reliability processing authentication ids information process request.
Accompanying drawing explanation
In order to be illustrated more clearly that the technical scheme of the embodiment of the present invention, the required accompanying drawing used in embodiment being described below
It is briefly described, it should be apparent that, the accompanying drawing in describing below is only some embodiments of the present invention, for this area
From the point of view of those of ordinary skill, on the premise of not paying creative work, it is also possible to obtain other accompanying drawings according to these accompanying drawings.
The process flow figure of the authentication ids information process request that Fig. 1 provides for the embodiment of the present invention 1;
The structural representation of the identity card cloud certification device that Fig. 2 provides for the embodiment of the present invention 2.
Detailed description of the invention
Below in conjunction with the accompanying drawing in the embodiment of the present invention, the technical scheme in the embodiment of the present invention is clearly and completely described,
Obviously, described embodiment is only a part of embodiment of the present invention rather than whole embodiments.Reality based on the present invention
Execute example, the every other embodiment that those of ordinary skill in the art are obtained under not making creative work premise, broadly fall into
Protection scope of the present invention.
In describing the invention, it is to be understood that term " " center ", " longitudinally ", " laterally ", " on ", D score, " front ",
Orientation or the position relationship of the instruction such as " afterwards ", "left", "right", " vertically ", " level ", " top ", " end ", " interior ", " outward " are base
In orientation shown in the drawings or position relationship, it is for only for ease of the description present invention and simplifies description rather than instruction or hint institute
The device that refers to or element must have specific orientation, with specific azimuth configuration and operation, therefore it is not intended that to the present invention
Restriction.Additionally, term " first ", " second " are only used for describing purpose, and it is not intended that instruction or hint relative importance
Or quantity or position.
In describing the invention, it should be noted that unless otherwise clearly defined and limited, term " install ", " being connected ",
" connect " and should be interpreted broadly, connect for example, it may be fixing, it is also possible to be to removably connect, or be integrally connected;Permissible
It is to be mechanically connected, it is also possible to be electrical connection;Can be to be joined directly together, it is also possible to be indirectly connected to by intermediary, can be two
The connection of individual element internal.For the ordinary skill in the art, can understand that above-mentioned term is in the present invention with concrete condition
In concrete meaning.
Below in conjunction with accompanying drawing, the embodiment of the present invention is described in further detail.
Embodiment 1
The present embodiment provides a kind of authentication ids information process request processing method, as it is shown in figure 1, comprise the following steps:
S1: receiving authentication ids information process request, authentication ids information process request includes: identity card serial number encryption
Value and card reader serial number;
Identity card processes the process request that request is initiated for card reader of ID card, it is judged that identity card processes request and asks for legal processes
After, according to preset rules, process the security authentication module that request distribution is idle, allocated security authentication module for this identity card
The originating end processing request with this identity card carries out data interaction, and wherein, identity card serial number encryption value is card reader of ID card pair
The identity card serial number encryption obtained from identity card obtains, the serial number of card reader Serial No. card reader of ID card self.
S2: obtain the identity card serial number that decryption identity card serial number encryption is worth to;
The identity card serial number encryption value received is decrypted computing, if card reader of ID card uses symmetric encipherment algorithm encryption
Identity card serial number, then use corresponding symmetrical decipherment algorithm to be decrypted computing to the identity card serial number encryption value received;
If card reader of ID card uses own private key encryption identity card serial number, then the identity card serial number encryption value received is used body
The PKI of part card card reader is decrypted computing;The main body that identity card serial number encryption value is decrypted computing can be itself,
Can also be external equipment or external chip.
S3: obtain blacklist, performs step S401 or step S402;
Blacklist can be obtained from self stores, it is also possible to obtain blacklist from outside, blacklist includes illegal identity card
Serial number and illegal card reader serial number;If the authentication ids information process request received comprises illegal identity card sequence
Number or illegal card reader serial number, then this authentication ids information process request is in illegal state, it is impossible to by server just
Often accept.
S401: judge whether identity card serial number is included in blacklist, if identity card serial number is included in blacklist, then eventually
Only handling process;
Blacklist has illegal identity card serial number, the serial number of the identity card being such as reported the loss, the body of appearance exception continuously
The serial number of part card or the serial number etc. of identity cards occurred in multiple areas in the short time, its place asked is comprehended bring bigger
Risk, if judging, identity card serial number is included in blacklist, illustrates that this identity card Serial No. illegal identity demonstrate,proves serial number, clothes
Business device is disregarded, termination flow process.Alternatively, server can return information to point out user, and this identity card is
It is added into blacklist, it is simple to user carries out subsequent operation and Resolving probiems;
Alternatively, if after identity card serial number is included in blacklist, further comprise the steps of: acquisition visiting frequency management and control list,
Judge before distance gets the visiting frequency management and control list moment, in the second prefixed time interval, visiting frequency management and control list was
No comprise card reader serial number be stored in record, if the second Preset Time before distance gets the visiting frequency management and control list moment
In interval, comprise card reader serial number in visiting frequency management and control list is stored in record, then obtain and get visiting frequency in distance
Before the management and control list moment in the 4th prefixed time interval, in visiting frequency management and control list, the record that is stored in of card reader serial number occurs
Number of times, if the record occurrence number that is stored in of card reader serial number is more than or equal to the second preset value, is then stored in card reader serial number
Blacklist;If judging before distance gets the visiting frequency management and control list moment in the second prefixed time interval, visiting frequency pipe
Do not comprise card reader serial number in control list is stored in record, then obtain exception rules, it is judged that it is different whether card reader serial number meets
Routine then, if card reader serial number meets exception rules, then by card reader serial number write-access frequency management and control list;
If identity card serial number is not comprised in blacklist, then judge whether card reader serial number is included in blacklist, if reading
Card device serial number is included in blacklist, then termination flow process;
If identity card serial number is not comprised in blacklist, then determine whether the legitimacy of card reader serial number, to determine body
Part card serial number and card reader serial number are the most legal, have illegal card reader serial number, such as, be reported the loss in blacklist
The serial number of card reader, the serial number of abnormal card reader occurs continuously, exceed the serial number or in short-term of the card reader of service life
At the serial number etc. of the card reader that multiple areas occur, its place asked is comprehended and brings greater risk, if judging card reader sequence
Number being included in blacklist, illustrate that this card reader Serial No. illegal identity demonstrate,proves serial number, server is disregarded, termination
Flow process.Alternatively, server can return information to point out user, and this card reader has been added into blacklist, it is simple to user
Carry out subsequent operation and Resolving probiems;
Alternatively, after step judges that identity card serial number is not comprised in blacklist, further comprise the steps of: acquisition and access frequency
Degree management and control list, it is judged that before distance gets the visiting frequency management and control list moment in the first prefixed time interval, visiting frequency
Whether comprise identity card serial number in management and control list is stored in record, if before distance gets the visiting frequency management and control list moment
In first prefixed time interval, comprise identity card serial number in visiting frequency management and control list is stored in record, then obtain and obtain in distance
Get before the visiting frequency management and control list moment in the 3rd prefixed time interval, identity card serial number in visiting frequency management and control list
It is stored in record occurrence number, if the record occurrence number that is stored in of identity card serial number is more than or equal to the first preset value, then by identity
Card serial number is stored in blacklist;If judging before distance gets the visiting frequency management and control list moment in the first prefixed time interval,
Do not comprise identity card serial number in visiting frequency management and control list is stored in record, then obtain exception rules, it is judged that identity card serial number
Whether meet exception rules, if identity card serial number meets exception rules, then by identity card serial number write-access frequency management and control name
Single;
S402: judge whether card reader serial number is included in blacklist, if card reader serial number is included in blacklist, then eventually
Only handling process;
Blacklist has illegal card reader serial number, the serial number of the card reader being such as reported the loss, the reading of appearance exception continuously
The serial number of card device, the serial number exceeding the card reader of service life or the serial number etc. of card reader occurred in multiple areas in short-term,
Comprehending its place asked and bring greater risk, if judging, card reader serial number is included in blacklist, and this card reader sequence is described
Number demonstrate,proving serial number for illegal identity, server disregards, termination flow process.Alternatively, server can return prompting letter
Breath is to point out user, and this card reader has been added into blacklist, it is simple to user carries out subsequent operation and Resolving probiems;
Alternatively, if after card reader serial number is included in blacklist, further comprise the steps of: acquisition visiting frequency management and control list,
Judge before distance gets the visiting frequency management and control list moment, in the first prefixed time interval, visiting frequency management and control list was
No comprise identity card serial number be stored in record, if the first Preset Time before distance gets the visiting frequency management and control list moment
In interval, comprise identity card serial number in visiting frequency management and control list is stored in record, then obtain and get visiting frequency in distance
Before the management and control list moment in the 3rd prefixed time interval, in visiting frequency management and control list, the record that is stored in of identity card serial number occurs
Number of times, if the record occurrence number that is stored in of identity card serial number is more than or equal to the first preset value, is then stored in identity card serial number
Blacklist;If judging before distance gets the visiting frequency management and control list moment in the first prefixed time interval, visiting frequency pipe
Do not comprise identity card serial number in control list is stored in record, then obtain exception rules, it is judged that it is different whether identity card serial number meets
Routine then, if identity card serial number meets exception rules, then by identity card serial number write-access frequency management and control list;
If card reader serial number is not comprised in blacklist, then judge whether identity card serial number is included in blacklist, if body
Part card serial number is included in blacklist, then termination flow process;
If judging, identity card serial number and card reader serial number are all not included in blacklist, then perform step S5;
If judging, identity card serial number and card reader serial number are all not included in blacklist, and identity card serial number and card reader are described
Serial number is all legal, say, that this authentication ids information process request is in legal state, need to determine whether this
Whether authentication ids information process request is in by management and control state;
S5: obtain visiting frequency management and control list, and perform step S601 or step S602;
Visiting frequency management and control list can be obtained, it is also possible to obtain visiting frequency management and control list from outside, access from self stores
Frequency management and control list includes the identity card serial number by management and control and the card reader serial number by management and control;If the identity card received
Authentication information processes in request and comprises the identity card serial number by management and control or the card reader serial number by management and control, then this identity identification
Card information process request is in by management and control state, could thaw after needing frozen certain time length, currently cannot normally be subject to by bedding and clothing business device
Reason.
S601: judge before distance gets the visiting frequency management and control list moment in the first prefixed time interval, visiting frequency pipe
Whether comprise identity card serial number in control list is stored in record, if before distance gets the visiting frequency management and control list moment the
In one prefixed time interval, comprise identity card serial number in visiting frequency management and control list is stored in record, then termination flow process;
For avoiding suffering Replay Attack, abnormal identity card serial number and abnormal card reader serial number can frozen management and control certain time length,
Under management and control state, its request initiated is not processed, can first determine whether to get visiting frequency management and control list in distance
Before moment in the first prefixed time interval, whether comprise identity card serial number in visiting frequency management and control list is stored in record, if
Before distance gets the visiting frequency management and control list moment in the first prefixed time interval, visiting frequency management and control list comprises body
Part card serial number be stored in record, illustrate this identity card serial number also in freezing management and control state, termination flow process;Wherein,
First prefixed time interval is preset value, can be configured according to concrete application scenarios, such as, when card-reading terminal is for automatically to take
During ticket machine, the first prefixed time interval can be set as 1 minute, say, that when finding that certain specific identity card serial number is in frequency
During degree management and control list, within ensuing 1 minute, do not carry out the request initiated based on this identity card serial number processing operation;
Alternatively, when finding that certain specific identity card serial number is in frequency management and control list, information prompting this identity card of user is returned
Abnormal state, tries the most again;
Alternatively, if step in the first prefixed time interval, accessed frequency before distance gets the visiting frequency management and control list moment
Comprise identity card serial number in degree management and control list is stored in record, then termination flow process, including step: if getting in distance
Before the visiting frequency management and control list moment in the first prefixed time interval, visiting frequency management and control list comprises identity card serial number
It is stored in record, then obtains before distance gets the visiting frequency management and control list moment in the 3rd prefixed time interval, visiting frequency
In management and control list identity card serial number be stored in record occurrence number, if identity card serial number be stored in record occurrence number less than the
One preset value, then return the first information termination flow process;If the record occurrence number that is stored in of identity card serial number is more than
Or equal to the first preset value, then identity card serial number is stored in blacklist, return error message termination flow process;
In order to be further ensured that the integrity of abnormal data, it is ensured that process safety, get visiting frequency management and control when determining in distance
Before the list moment in the first prefixed time interval, visiting frequency management and control list comprises the feelings being stored in record of identity card serial number
Under condition, can determine whether before distance gets the visiting frequency management and control list moment in the 3rd prefixed time interval, access frequency
Comprise identity card serial number in degree management and control list is stored in record number of times;In one section of Preset Time, if repeatedly receive based on
During the process request that a certain identity card serial number being specifically present in frequency management and control list is initiated, it is believed that this identity card sequence
Number it is illegal sequence number, adds blacklist;Specifically, if judging receiving the first prefixed time interval before the request of process
In, once it was written in frequency management and control list according to the identity card serial number that the request of process obtains, then determine whether receiving
In the 3rd prefixed time interval processed before request, once it was written to frequency according to the identity card serial number that the request of process obtains
Whether the number of times in management and control list reaches the first preset value, and wherein the 3rd prefixed time interval and the first preset value are preset value,
Can set according to application scenarios, such as: the 3rd prefixed time interval is 5 minutes, the first preset value is 100 times, then if
Judge, in receiving the process initiated based on specific identity card serial number and asking first 5 minutes, to have been received by based on this identity card sequence
The number of times processing request that row number are initiated less than 100 times, then returns the first information prompting user and tries and termination the most again
Flow process;If having been received by the number of times processing request based on this identity card serial number is initiated to be more than or equal to 100 times, then should
Identity card serial number write blacklist, returns error message prompting this identity card of user and has been added into blacklist, and termination stream
Journey;
Alternatively, if step in the first prefixed time interval, accessed frequency before distance gets the visiting frequency management and control list moment
Degree management and control list in comprise identity card serial number be stored in record after, further comprise the steps of: and judge to get visiting frequency in distance
Before the management and control list moment in the second prefixed time interval, whether visiting frequency management and control list comprises being stored in of card reader serial number
Record, if before distance gets the visiting frequency management and control list moment in the second prefixed time interval, visiting frequency management and control list
In comprise card reader serial number be stored in record, then obtained before distance gets the visiting frequency management and control list moment the 4th and preset
In time interval, in visiting frequency management and control list card reader serial number be stored in record occurrence number, if the depositing of card reader serial number
Enter to record occurrence number and be more than or equal to the second preset value, then card reader serial number is stored in blacklist;
In order to be further ensured that the integrity of abnormal data, it is ensured that process safety, get visiting frequency management and control when determining in distance
Before the list moment in the first prefixed time interval, visiting frequency management and control list comprises the feelings being stored in record of identity card serial number
Under condition, can determine whether to judge before distance gets the visiting frequency management and control list moment in the second prefixed time interval, visit
Ask and whether frequency management and control list comprises being stored in record and judging to get visiting frequency management and control name in distance of card reader serial number
Before single moment in the 4th prefixed time interval, comprise card reader serial number in visiting frequency management and control list is stored in record number of times,
In one section of Preset Time, if repeatedly received based on a certain card reader serial number being specifically present in frequency management and control list
During the process request initiated, it is believed that this card reader Serial No. illegal sequence number, add blacklist;Specifically, if judging
Receive in the second prefixed time interval before the request of process, be once written to according to the card reader serial number that the request of process obtains
In frequency management and control list, then determine whether in receiving the 4th prefixed time interval before the request of process, according to process
Whether the card reader serial number number of times that was once written in frequency management and control list that request obtains reaches the second preset value, and wherein the 4th
Prefixed time interval and the second preset value are preset value, can set according to application scenarios, such as: the 4th prefixed time interval is
5 minutes, the second preset value was 100 times, then if it is determined that ask receiving the process initiated based on specific card reader serial number
Asking first 5 minutes in, the number of times processing request having been received by initiating based on this card reader serial number less than 100 times, then returns the
Two information prompting users try and termination flow process the most again;If having been received by the place initiated based on this card reader serial number
This card reader serial number more than or equal to 100 times, is then write blacklist by the number of times of reason request, returns error message prompting user
This card reader has been added into blacklist, and termination flow process;
If before distance gets the visiting frequency management and control list moment in the first prefixed time interval, in visiting frequency management and control list
Do not comprise identity card serial number is stored in record, then judged that before distance gets the visiting frequency management and control list moment second presets
In time interval, whether comprise card reader serial number in visiting frequency management and control list is stored in record, if getting access in distance
Before the frequency management and control list moment in the second prefixed time interval, visiting frequency management and control list comprises being stored in of card reader serial number
Record, then termination flow process;
Alternatively, if step in the second prefixed time interval, accessed frequency before distance gets the visiting frequency management and control list moment
Comprise card reader serial number in degree management and control list is stored in record, then termination flow process, including step: if getting in distance
Before the visiting frequency management and control list moment in the second prefixed time interval, visiting frequency management and control list comprises card reader serial number
It is stored in record, then obtains before distance gets the visiting frequency management and control list moment in the 4th prefixed time interval, visiting frequency
In management and control list card reader serial number be stored in record occurrence number, if card reader serial number be stored in record occurrence number less than the
Two preset values, then return the second information termination flow process;If the record occurrence number that is stored in of card reader serial number is more than
Or equal to the second preset value, then card reader serial number is stored in blacklist, return error message termination flow process;
In order to be further ensured that the integrity of abnormal data, it is ensured that process safety, get visiting frequency management and control when determining in distance
Before the list moment in the first prefixed time interval, visiting frequency management and control list does not comprise the record that is stored in of identity card serial number
In the case of, can determine whether to judge before distance gets the visiting frequency management and control list moment in the second prefixed time interval,
Whether visiting frequency management and control list comprises being stored in record and judging to get visiting frequency management and control in distance of card reader serial number
Before the list moment in the 4th prefixed time interval, comprise card reader serial number in visiting frequency management and control list is stored in record number of times,
In one section of Preset Time, if repeatedly received based on a certain card reader serial number being specifically present in frequency management and control list
During the process request initiated, it is believed that this card reader Serial No. illegal sequence number, add blacklist;Specifically, if judging
Receive in the second prefixed time interval before the request of process, be once written to according to the card reader serial number that the request of process obtains
In frequency management and control list, then determine whether in receiving the 4th prefixed time interval before the request of process, according to process
Whether the card reader serial number number of times that was once written in frequency management and control list that request obtains reaches the second preset value, and wherein the 4th
Prefixed time interval and the second preset value are preset value, can set according to application scenarios, such as: the 4th prefixed time interval is
5 minutes, the second preset value was 100 times, then if it is determined that ask receiving the process initiated based on specific card reader serial number
Asking first 5 minutes in, the number of times processing request having been received by initiating based on this card reader serial number less than 100 times, then returns the
Two information prompting users try and termination flow process the most again;If having been received by the place initiated based on this card reader serial number
This card reader serial number more than or equal to 100 times, is then write blacklist by the number of times of reason request, returns error message prompting user
This card reader has been added into blacklist, and termination flow process;
S602: judge before distance gets the visiting frequency management and control list moment in the second prefixed time interval, visiting frequency pipe
Whether comprise card reader serial number in control list is stored in record, if before distance gets the visiting frequency management and control list moment the
In two prefixed time interval, comprise card reader serial number in visiting frequency management and control list is stored in record, then termination flow process;
For avoiding suffering Replay Attack, abnormal identity card serial number and abnormal card reader serial number can frozen management and control certain time length,
Under management and control state, its request initiated is not processed, can first determine whether to get visiting frequency management and control list in distance
Before moment in the first prefixed time interval, whether comprise card reader serial number in visiting frequency management and control list is stored in record, if
Before distance gets the visiting frequency management and control list moment in the first prefixed time interval, visiting frequency management and control list comprises reading
Card device serial number be stored in record, illustrate this card reader serial number also in freezing management and control state, termination flow process;Wherein,
First prefixed time interval is preset value, can be configured according to concrete application scenarios, such as, when card-reading terminal is for automatically to take
During ticket machine, the first prefixed time interval can be set as 1 minute, say, that when finding that certain specific card reader serial number is in frequency
During degree management and control list, within ensuing 1 minute, do not carry out the request initiated based on this card reader serial number processing operation;
Alternatively, when finding that certain specific card reader serial number is in frequency management and control list, return information prompting this card reader of user
Abnormal state, tries the most again;
Alternatively, if step in the second prefixed time interval, accessed frequency before distance gets the visiting frequency management and control list moment
Comprise card reader serial number in degree management and control list is stored in record, then termination flow process, including step: if getting in distance
Before the visiting frequency management and control list moment in the second prefixed time interval, visiting frequency management and control list comprises card reader serial number
It is stored in record, then obtains before distance gets the visiting frequency management and control list moment in the 4th prefixed time interval, visiting frequency
In management and control list card reader serial number be stored in record occurrence number, if card reader serial number be stored in record occurrence number less than the
Two preset values, then return the second information termination flow process;If the record occurrence number that is stored in of card reader serial number is more than
Or equal to the second preset value, then card reader serial number is stored in blacklist, return error message termination flow process;
In order to be further ensured that the integrity of abnormal data, it is ensured that process safety, get visiting frequency management and control when determining in distance
Before the list moment in the second prefixed time interval, visiting frequency management and control list comprises the feelings being stored in record of card reader serial number
Under condition, can determine whether before distance gets the visiting frequency management and control list moment in the 4th prefixed time interval, access frequency
Comprise card reader serial number in degree management and control list is stored in record number of times;In one section of Preset Time, if repeatedly receive based on
During the process request that a certain card reader serial number being specifically present in frequency management and control list is initiated, it is believed that this card reader sequence
Number it is illegal sequence number, adds blacklist;Specifically, if judging receiving the second prefixed time interval before the request of process
In, once it was written in frequency management and control list according to the card reader serial number that the request of process obtains, then determine whether receiving
In the 4th prefixed time interval processed before request, once it was written to frequency according to the card reader serial number that the request of process obtains
Whether the number of times in management and control list reaches the second preset value, and wherein the 4th prefixed time interval and the second preset value are preset value,
Can set according to application scenarios, such as: the 4th prefixed time interval is 5 minutes, the second preset value is 100 times, then if
Judge, in receiving the process initiated based on specific card reader serial number and asking first 5 minutes, to have been received by based on this card reader sequence
The number of times processing request that row number are initiated less than 100 times, then returns the second information prompting user and tries and termination the most again
Flow process;If having been received by the number of times processing request based on this card reader serial number is initiated to be more than or equal to 100 times, then should
Card reader serial number write blacklist, returns error message prompting this card reader of user and has been added into blacklist, and termination stream
Journey;
Alternatively, if step in the second prefixed time interval, accessed frequency before distance gets the visiting frequency management and control list moment
Degree management and control list in comprise card reader serial number be stored in record after, further comprise the steps of: and judge to get visiting frequency in distance
Before the management and control list moment in the first prefixed time interval, whether visiting frequency management and control list comprises being stored in of identity card serial number
Record, if before distance gets the visiting frequency management and control list moment in the first prefixed time interval, visiting frequency management and control list
In comprise identity card serial number be stored in record, then obtained before distance gets the visiting frequency management and control list moment the 3rd and preset
In time interval, in visiting frequency management and control list identity card serial number be stored in record occurrence number, if the depositing of identity card serial number
Enter to record occurrence number and be more than or equal to the first preset value, then identity card serial number is stored in blacklist;
In order to be further ensured that the integrity of abnormal data, it is ensured that process safety, get visiting frequency management and control when determining in distance
Before the list moment in the second prefixed time interval, visiting frequency management and control list comprises the feelings being stored in record of card reader serial number
Under condition, can determine whether to judge before distance gets the visiting frequency management and control list moment in the first prefixed time interval, visit
Ask and whether frequency management and control list comprises being stored in record and judging to get visiting frequency management and control name in distance of identity card serial number
Before single moment in the 3rd prefixed time interval, comprise identity card serial number in visiting frequency management and control list is stored in record number of times,
In one section of Preset Time, if repeatedly received based on a certain identity card serial number being specifically present in frequency management and control list
During the process request initiated, it is believed that this identity card Serial No. illegal sequence number, add blacklist;Specifically, if judging
Receive in the first prefixed time interval before the request of process, be once written to according to the identity card serial number that the request of process obtains
In frequency management and control list, then determine whether in receiving the 3rd prefixed time interval before the request of process, according to process
Whether the identity card serial number number of times that was once written in frequency management and control list that request obtains reaches the first preset value, and wherein the 3rd
Prefixed time interval and the first preset value are preset value, can set according to application scenarios, such as: the 3rd prefixed time interval is
5 minutes, the first preset value was 100 times, then if it is determined that ask receiving the process initiated based on specific identity card serial number
Asking first 5 minutes in, the number of times processing request having been received by initiating based on this identity card serial number less than 100 times, then returns the
One information prompting user tries and termination flow process the most again;If having been received by the place initiated based on this identity card serial number
This identity card serial number more than or equal to 100 times, is then write blacklist by the number of times of reason request, returns error message prompting user
This identity card has been added into blacklist, and termination flow process;
If before distance gets the visiting frequency management and control list moment in the second prefixed time interval, in visiting frequency management and control list
Do not comprise card reader serial number is stored in record, then judged that before distance gets the visiting frequency management and control list moment first presets
In time interval, whether comprise identity card serial number in visiting frequency management and control list is stored in record, if getting access in distance
Before the frequency management and control list moment in the first prefixed time interval, visiting frequency management and control list comprises being stored in of identity card serial number
Record, then termination flow process;
Alternatively, if step in the first prefixed time interval, accessed frequency before distance gets the visiting frequency management and control list moment
Comprise identity card serial number in degree management and control list is stored in record, then termination flow process, including step: if getting in distance
Before the visiting frequency management and control list moment in the first prefixed time interval, visiting frequency management and control list comprises identity card serial number
It is stored in record, then obtains before distance gets the visiting frequency management and control list moment in the 3rd prefixed time interval, visiting frequency
In management and control list identity card serial number be stored in record occurrence number, if identity card serial number be stored in record occurrence number less than the
One preset value, then return the first information termination flow process;If the record occurrence number that is stored in of identity card serial number is more than
Or equal to the first preset value, then identity card serial number is stored in blacklist, return error message termination flow process;
In order to be further ensured that the integrity of abnormal data, it is ensured that process safety, get visiting frequency management and control when determining in distance
Before the list moment in the second prefixed time interval, visiting frequency management and control list does not comprise the record that is stored in of card reader serial number
In the case of, can determine whether to judge before distance gets the visiting frequency management and control list moment in the first prefixed time interval,
Whether visiting frequency management and control list comprises being stored in record and judging to get visiting frequency management and control in distance of identity card serial number
Before the list moment in the 3rd prefixed time interval, comprise identity card serial number in visiting frequency management and control list is stored in record number of times,
In one section of Preset Time, if repeatedly received based on a certain identity card serial number being specifically present in frequency management and control list
During the process request initiated, it is believed that this identity card Serial No. illegal sequence number, add blacklist;Specifically, if judging
Receive in the first prefixed time interval before the request of process, be once written to according to the identity card serial number that the request of process obtains
In frequency management and control list, then determine whether in receiving the 3rd prefixed time interval before the request of process, according to process
Whether the identity card serial number number of times that was once written in frequency management and control list that request obtains reaches the first preset value, and wherein the 3rd
Prefixed time interval and the first preset value are preset value, can set according to application scenarios, such as: the 3rd prefixed time interval is
5 minutes, the first preset value was 100 times, then if it is determined that ask receiving the process initiated based on specific identity card serial number
Asking first 5 minutes in, the number of times processing request having been received by initiating based on this identity card serial number less than 100 times, then returns the
One information prompting user tries and termination flow process the most again;If having been received by the place initiated based on this identity card serial number
This identity card serial number more than or equal to 100 times, is then write blacklist by the number of times of reason request, returns error message prompting user
This identity card has been added into blacklist, and termination flow process;
If judging before distance gets the visiting frequency management and control list moment in the first prefixed time interval, visiting frequency management and control name
Do not comprise identity card serial number in list is stored in record and second when presetting before distance gets the visiting frequency management and control list moment
Between interval in, do not comprise card reader serial number in visiting frequency management and control list is stored in record, then perform step S7;
When judging before distance gets the visiting frequency management and control list moment in the first prefixed time interval, visiting frequency management and control name
Do not comprise identity card serial number in list is stored in record and second when presetting before distance gets the visiting frequency management and control list moment
Between interval in, visiting frequency management and control list does not comprise when being stored in record of card reader serial number, it may be determined that this identity card sequence
Number and this card reader serial number at the first prefixed time interval and abnormality did not occur in the second prefixed time interval, enter
One step judges whether this identity card serial number or this card reader serial number are in abnormality in this is asked;
S7, obtains exception rules, and performs step S801 or step S802;
S801: judge whether identity card serial number meets exception rules, if identity card serial number meets exception rules, then termination
Reason flow process;
Exception rules can be stored in self storage, it is also possible to obtains from external equipment, it is possible to judge this according to exception rules
Whether identity card serial number or card reader serial number in request are in abnormality;
Alternatively, authentication ids information process request also includes: timestamp secret value and card reader counting secret value;Step S2
Also include, acquisition decryption time stamp secret value and the timestamp of card reader counting secret value acquisition and card reader count value, wherein,
The generation moment that timestamp is demonstrate,proved information process request by the card reader identity-based identification generating authentication ids information process request is raw
Become;Card reader count value is processed request number of times by card reader based on the history that card reader is initiated and generates;
Judge identity card serial number whether meet exception rules can in the following ways in one or more:
Mode one: based on timestamp and the moment receiving authentication ids information process request, generates very first time interval, sentences
Whether disconnected very first time interval is more than the 5th prefixed time interval and less than the 6th prefixed time interval, if very first time interval is more than
5th prefixed time interval and less than the 6th prefixed time interval, then judge that identity card serial number is legal, otherwise, it is judged that identity card
Serial number meets exception rules;
Timestamp includes the generation moment of authentication ids information process request, when receiving process request, can be according to connecing
The moment and the timestamp that receive the request of process obtain very first time interval, and very first time interval represents this process and asks from being generated to
Received the time of middle experience, if very first time interval is too short or long, all represents and this request transmitting procedure occurs extremely,
The security and the reliability processed for guarantee, it is judged that the identity card serial number comprised in authentication ids information process request is abnormal, the
The zone of reasonableness of one time interval is preset value, can set according to specific application scenarios, such as: the 5th prefixed time interval is
1 second, the 6th prefixed time interval was 60 seconds, then when very first time interval is less than 1 second or is more than 60 seconds, permissible
Judge that the identity card serial number in this authentication ids information process request meets exception rules;
Mode two: based on timestamp and card reader count value, it is judged that distance got before the visiting frequency management and control list moment the 7th
In prefixed time interval, the request number of times of the authentication ids information process request comprising identity card serial number encryption value received
Whether less than the 3rd preset value, if the authentication ids information process request comprising identity card serial number encryption value received please
Ask number of times to be less than the 3rd preset value, then judge that identity card serial number is legal, otherwise, it is judged that identity card serial number meets exception rules;
When the authentication ids information process request generated based on a certain specific identity card serial number the most repeatedly occurs,
Can be determined that this identity card serial number meets exception rules, the 7th prefixed time interval and the 3rd preset value are preset value, can depend on
Setting according to concrete application scenarios, such as, the 7th prefixed time interval is 5 minutes, and the 3rd preset value is 100 times, then read
This processes the timestamp in request and the timestamp that the 100th time processes in request before generated based on this identity card serial number,
Judge that the time interval between two timestamps, whether less than 5 minutes, if less than 5 minutes, then judges this identity card serial number
Meet exception rules;
Alternatively, it is judged that whether card reader serial number meets one or more in exception rules in the following manner:
Mode one: based on timestamp and the moment receiving authentication ids information process request, generates very first time interval, sentences
Whether disconnected very first time interval is more than the 8th prefixed time interval and less than the 9th prefixed time interval, if very first time interval is more than
8th prefixed time interval and less than the 9th prefixed time interval, then judge that card reader serial number is legal, otherwise, it is judged that card reader
Serial number meets exception rules;
Timestamp includes the generation moment of authentication ids information process request, when receiving process request, can be according to connecing
The moment and the timestamp that receive the request of process obtain very first time interval, and very first time interval represents this process and asks from being generated to
Received the time of middle experience, if very first time interval is too short or long, all represents and this request transmitting procedure occurs extremely,
The security and the reliability processed for guarantee, it is judged that the card reader serial number comprised in authentication ids information process request is abnormal, the
The zone of reasonableness of one time interval is preset value, can set according to specific application scenarios, such as: the 8th prefixed time interval is
1 second, the 9th prefixed time interval was 60 seconds, then when very first time interval is less than 1 second or is more than 60 seconds, permissible
Judge that the card reader serial number in this authentication ids information process request meets exception rules;
Mode two: based on timestamp and card reader count value, it is judged that before distance gets the visiting frequency management and control list moment
In ten prefixed time interval, whether the request number of times of the authentication ids information process request comprising card reader serial number received
Less than the 4th preset value, if the request number of times of the authentication ids information process request comprising card reader serial number received is less than
4th preset value, then judge that card reader serial number is legal, otherwise, it is judged that card reader serial number meets exception rules;
When the authentication ids information process request generated based on a certain specific card reader serial number the most repeatedly occurs,
Can be determined that this card reader serial number meets exception rules, the tenth prefixed time interval and the 4th preset value are preset value, can depend on
Setting according to concrete application scenarios, such as, the tenth prefixed time interval is 5 minutes, and the 4th preset value is 100 times, then read
This processes the timestamp in request and the timestamp that the 100th time processes in request before generated based on this card reader serial number,
Judge that the time interval between two timestamps, whether less than 5 minutes, if less than 5 minutes, then judges this card reader serial number
Meet exception rules;
Mode three: based on card reader count value, it is judged that with card reader sequence in the authentication ids information process request continuously received
Whether the card reader count value of row number coupling meets preset rules, if card reader count value meets preset rules, then judges card reader
Serial number is legal, otherwise, it is judged that card reader serial number meets exception rules;
When card reader initiates authentication ids information process request, its card reader count value can be changed according to preset rules, example
As, often initiate single treatment request, card reader count value adds one;After receiving process request, extract card reader serial number and reading
Card device count value, it is judged that processed the card reader count value in request and this card reader meter the last time corresponding with this card reader serial number
Whether numerical value meets preset rules, if not meeting preset rules, then illustrates that this card reader exists abnormal, and its card reader serial number accords with
Close exception rules;
Alternatively, if step identity card serial number meets exception rules, then termination flow process, including step: if identity card sequence
Row number meet exception rules, then identity card serial number is stored in visiting frequency management and control list, returns the first information termination
Reason flow process;
In order to be further ensured that the integrity of abnormal data, the dynamic and intelligent that lifting processes, it is ensured that process safety, when really
Determine in the case of identity card serial number meets exception rules, further this identity card serial number to be write frequency management and control list, return
Return the existence of this identity card of information alert user extremely to try the most again, and termination flow process, thus realize frequency management and control list
Dynamically change, promotes the intelligent of authentication ids information process request processing procedure;
Alternatively, if after step identity card serial number meets exception rules, further comprising the steps of: and whether judge card reader serial number
Meet exception rules, if card reader serial number meets exception rules, then by card reader serial number write-access frequency management and control list;
In order to be further ensured that the integrity of abnormal data, the dynamic and intelligent that lifting processes, it is ensured that process safety, when really
Determine in the case of identity card serial number meets exception rules, to determine whether whether card reader serial number meets exception rules, if
Whether card reader serial number meets exception rules, then the prompting of card reader serial number write-access frequency management and control list return information used
This card reader of family exists to be tried extremely the most again, and termination flow process, thus realizes the dynamic change of frequency management and control list, carries
Rise the intelligent of authentication ids information process request processing procedure;
If identity card serial number does not meets exception rules, then judge whether card reader serial number meets exception rules, if card reader sequence
Row number meet exception rules, then termination flow process;
Alternatively, if step card reader serial number meets exception rules, then termination flow process, including step: if card reader sequence
Row number meet exception rules, then card reader serial number is stored in visiting frequency management and control list, returns the second information termination
Reason flow process;
In order to be further ensured that the integrity of abnormal data, the dynamic and intelligent that lifting processes, it is ensured that process safety, when really
Determine in the case of identity card serial number do not meets exception rules, to determine whether whether card reader serial number meets exception rules,
If whether card reader serial number meets exception rules, then card reader serial number write-access frequency management and control list return information is pointed out
This card reader of user exists to be tried extremely the most again, and termination flow process, thus realizes the dynamic change of frequency management and control list,
Promote the intelligent of authentication ids information process request processing procedure;
S802: judge whether card reader serial number meets exception rules, if card reader serial number meets exception rules, then termination
Reason flow process;
With S801 accordingly, it is also possible to first whether card reader serial number is met exception rules and judge,
Alternatively, if step card reader serial number meets exception rules, then termination flow process, including step: if card reader sequence
Row number meet exception rules, then card reader serial number is stored in visiting frequency management and control list, returns the second information termination
Reason flow process;
In order to be further ensured that the integrity of abnormal data, the dynamic and intelligent that lifting processes, it is ensured that process safety, when really
Determine in the case of card reader serial number meets exception rules, further this card reader serial number to be write frequency management and control list, return
Return the existence of this card reader of information alert user extremely to try the most again, and termination flow process, thus realize frequency management and control list
Dynamically change, promotes the intelligent of authentication ids information process request processing procedure;
Alternatively, if after step card reader serial number meets exception rules, further comprising the steps of: and whether judge identity card serial number
Meet exception rules, if whether identity card serial number meets exception rules, then by identity card serial number write-access frequency management and control name
Single;
In order to be further ensured that the integrity of abnormal data, the dynamic and intelligent that lifting processes, it is ensured that process safety, when really
Determine in the case of card reader serial number meets exception rules, to determine whether whether identity card serial number meets exception rules, if
Whether identity card serial number meets exception rules, then the prompting of identity card serial number write-access frequency management and control list return information used
Family this identity card existence is abnormal to be tried the most again, and termination flow process, thus realizes the dynamic change of frequency management and control list, carries
Rise the intelligent of authentication ids information process request processing procedure;
If card reader serial number does not meets exception rules, then judge whether identity card serial number meets exception rules, if identity card sequence
Row number meet exception rules, then termination flow process;
Alternatively, if step identity card serial number meets exception rules, then termination flow process, including step: if identity card sequence
Row number meet exception rules, then identity card serial number is stored in visiting frequency management and control list, returns the first information termination
Reason flow process;
In order to be further ensured that the integrity of abnormal data, the dynamic and intelligent that lifting processes, it is ensured that process safety, when really
Determine in the case of card reader serial number do not meets exception rules, to determine whether whether identity card serial number meets exception rules,
If whether identity card serial number meets exception rules, then identity card serial number write-access frequency management and control list return information is pointed out
The existence of this identity card of user is abnormal to be tried the most again, and termination flow process, thus realizes the dynamic change of frequency management and control list,
Promote the intelligent of authentication ids information process request processing procedure;
If judging, identity card serial number and card reader serial number all do not meet exception rules, then perform step S9;
S9: authentication ids information process request is processed;
When judging identity card serial number and card reader serial number does not all meet exception rules, then explanation identity card serial number and Card Reader
Device serial number does not all appear in blacklist, and does not appears in frequency pipe in the prefixed time interval before receiving the request of process
In control list, do not meet exception rules, say, that now identity card serial number and card reader serial number are the most legal simultaneously, this
Time, carry out processing operation to the authentication ids information process request generated based on this identity card serial number and this card reader serial number.
The method provided by the embodiment of the present invention, it is possible to realize the identity card generated based on abnormal identity card or abnormal card reader
Authentication information processes request and carries out effective abnormality processing, uses identity card serial number and/or card reader serial number to enter as key value
Line pipe control, it is to avoid because of other factors, the legitimate request caused such as the change of IP address or the change of type of card cannot obtain execution,
Pass through blacklist, it is possible to stop illegal identity card or the process request of illegal card reader initiation in the very first time, by the present invention's
Abnormality eliminating method is capable of the dynamic renewal of blacklist, enhances dynamic and the real-time of abnormality processing;By frequency pipe
Control list is capable of the abnormality processing occurring abnormal identity card or card reader the most in a short time, it is achieved to Short Term Anomalous body
Part card or the freezing in short-term of card reader, it is to avoid the security risk causing the process of illegal request, by the abnormality processing of the present invention
Method is capable of the dynamic renewal of frequency management and control list, enhances dynamic and the real-time of abnormality processing;Pass through exception rules
It is capable of the exception to current identity card or card reader to judge, even if this processes the identity card in request or card reader does not comprises
In blacklist or in the range of the management and control of frequency management and control list, can recognize that abnormal identity card or card reader equally, thus realize
To identity card and triple dynamic authentication of card reader, improve the safety that authentication ids information process request is processed with reliable
Property.
Embodiment 2:
The present embodiment provides a kind of identity card cloud certification device, as in figure 2 it is shown, include:
First communication module 201, is used for receiving authentication ids information process request, and described authentication ids information includes: body
Part card serial number encryption value and card reader serial number, wherein, the sequence of described card reader Serial No. ID card information reading terminals
Number;
Identity card processes the process request that request is initiated for card reader of ID card, and identity card cloud authentication platform judges that identity card process please
Ask after asking for legal processes, according to preset rules, process, for this identity card, the security authentication module 210 that request distribution is idle,
The originating end that allocated security authentication module 210 and this identity card process request carries out data interaction, wherein, identity card sequence
Number secret value is that the identity card serial number encryption obtained from identity card is obtained by card reader of ID card, card reader Serial No. identity
The serial number of card card reader self.
Second communication module 202, deciphers, for obtaining, the identity card serial number that described identity card serial number encryption is worth to;
The identity card serial number encryption value received is decrypted computing, if card reader of ID card uses symmetric encipherment algorithm encryption
Identity card serial number, then use corresponding symmetrical decipherment algorithm to be decrypted computing to the identity card serial number encryption value received;
If card reader of ID card uses own private key encryption identity card serial number, then the identity card serial number encryption value received is used body
The PKI of part card card reader is decrypted computing;The main body that identity card serial number encryption value is decrypted computing can be itself,
Can also be external equipment or external chip.
Third communication module 203, is used for obtaining blacklist;
First judge module 206, is used for judging whether described identity card serial number is included in described blacklist, if described identity
Card serial number is included in described blacklist, then processing module 209 termination flow process;
Third communication module 203 can obtain blacklist from self stores, it is also possible to obtains blacklist from outside, in blacklist
Include illegal identity card serial number and illegal card reader serial number;If the authentication ids letter that first communication module 201 receives
Breath processes in request and comprises illegal identity card serial number or illegal card reader serial number, then this authentication ids information processing
Request is in illegal state, it is impossible to normally accepted by server.
Blacklist has illegal identity card serial number, the serial number of the identity card being such as reported the loss, the body of appearance exception continuously
The serial number of part card or the serial number etc. of identity cards occurred in multiple areas in the short time, its place asked is comprehended bring bigger
Risk, if the first judge module 206 judges that identity card serial number is included in blacklist, illustrates that this identity card Serial No. is illegal
Identity card serial number, server disregards, processing module 209 termination flow process.Alternatively, the first judge module 206
Can return information to point out user, this identity card has been added into blacklist, it is simple to user carries out subsequent operation and solution
Certainly;
Alternatively, when the first judge module 206 judges that identity card serial number is included in blacklist, fourth communication module 204,
For obtaining visiting frequency management and control list, the second judge module 207 judges to get access frequency in distance fourth communication module 204
Before the degree management and control list moment in the second prefixed time interval, whether visiting frequency management and control list comprises depositing of card reader serial number
Enter record, if getting before the visiting frequency management and control list moment in the second prefixed time interval in distance fourth communication module 204,
Comprise card reader serial number in visiting frequency management and control list is stored in record, then the second judge module 207 obtains at distance four-way
Letter module 204 gets before the visiting frequency management and control list moment in the 4th prefixed time interval, reads in visiting frequency management and control list
Card device serial number be stored in record occurrence number, if card reader serial number be stored in record occurrence number more than or equal to second preset
Value, then be stored in blacklist by card reader serial number;If the second judge module 207 judges to obtain in distance fourth communication module 204
Before the visiting frequency management and control list moment in the second prefixed time interval, visiting frequency management and control list does not comprise card reader sequence
Number be stored in record, then fifth communication module 205 obtains exception rules, it is judged that whether card reader serial number meets exception rules,
If card reader serial number meets exception rules, then by card reader serial number write-access frequency management and control list;
If identity card serial number is not comprised in blacklist, then the first judge module 206 judges whether card reader serial number comprises
In blacklist, if card reader serial number is included in blacklist, then processing module 209 termination flow process;
If identity card serial number is not comprised in blacklist, then the first judge module 206 determines whether card reader serial number
Legitimacy, demonstrate,proves serial number to determine one's identity and card reader serial number is the most legal, have illegal card reader sequence in blacklist
Number, the serial number of the card reader being such as reported the loss, continuously the serial number of abnormal card reader occurs, exceed the Card Reader of service life
The serial number of device or the serial number etc. of card reader occurred in multiple areas in short-term, comprehend its place asked and bring greater risk,
If the first judge module 206 judges that card reader serial number is included in blacklist, illustrate that this card reader Serial No. illegal identity is demonstrate,proved
Serial number, server disregards, processing module 209 termination flow process.Alternatively, the first judge module 206 can return
Return information to point out user, this card reader has been added into blacklist, it is simple to user carries out subsequent operation and Resolving probiems;
Alternatively, if after the first judge module 206 judges that card reader serial number is included in blacklist, fourth communication module 204
For obtaining visiting frequency management and control list, the second judge module 207 judges to get access frequency in distance fourth communication module 204
Before the degree management and control list moment in the first prefixed time interval, whether visiting frequency management and control list comprises depositing of identity card serial number
Enter record, if getting before the visiting frequency management and control list moment in the first prefixed time interval in distance fourth communication module 204,
Comprise identity card serial number in visiting frequency management and control list is stored in record, then the second judge module 207 obtains at distance four-way
Letter module 204 gets before the visiting frequency management and control list moment in the 3rd prefixed time interval, body in visiting frequency management and control list
Part card serial number be stored in record occurrence number, if identity card serial number be stored in record occurrence number more than or equal to first preset
Value, then be stored in blacklist by identity card serial number;If the second judge module 207 judges to obtain in distance fourth communication module 204
Before the visiting frequency management and control list moment in the first prefixed time interval, visiting frequency management and control list does not comprise identity card sequence
Number be stored in record, then fifth communication module 205 obtains exception rules, it is judged that whether identity card serial number meets exception rules,
If identity card serial number meets exception rules, then by identity card serial number write-access frequency management and control list;
Third communication module 203, is used for obtaining blacklist,
First judge module 206, is used for judging whether described card reader serial number is included in described blacklist, if described Card Reader
Device serial number is included in described blacklist, then processing module 209 termination flow process;
Blacklist has illegal card reader serial number, the serial number of the card reader being such as reported the loss, the reading of appearance exception continuously
The serial number of card device, the serial number exceeding the card reader of service life or the serial number etc. of card reader occurred in multiple areas in short-term,
Its place asked is comprehended and brings greater risk, if the first judge module 206 judges that card reader serial number is included in blacklist,
Illustrating that this card reader Serial No. illegal identity demonstrate,proves serial number, server is disregarded, processing module 209 termination flow process.
Alternatively, server can return information to point out user, and this card reader has been added into blacklist, it is simple to after user is carried out
Continuous operation and Resolving probiems;
Alternatively, if after card reader serial number is included in blacklist, fourth communication module 204 is additionally operable to obtain visiting frequency
Management and control list, the second judge module 207 judge distance fourth communication module 204 get the visiting frequency management and control list moment it
In front first prefixed time interval, whether comprise identity card serial number in visiting frequency management and control list is stored in record, if in distance
Fourth communication module 204 gets before the visiting frequency management and control list moment in the first prefixed time interval, visiting frequency management and control name
Comprise identity card serial number in list is stored in record, then the second judge module 207 obtains and obtains in distance fourth communication module 204
Before the visiting frequency management and control list moment in the 3rd prefixed time interval, in visiting frequency management and control list, identity card serial number deposits
Enter to record occurrence number, if the record occurrence number that is stored in of identity card serial number is more than or equal to the first preset value, then by identity card
Serial number is stored in blacklist;If the second judge module 207 judges to get visiting frequency management and control in distance fourth communication module 204
Before the list moment in the first prefixed time interval, do not comprise identity card serial number in visiting frequency management and control list is stored in record,
Then fifth communication module 205 obtains exception rules, it is judged that whether identity card serial number meets exception rules, if identity card serial number
Meet exception rules, then by identity card serial number write-access frequency management and control list;
If card reader serial number is not comprised in blacklist, then the first judge module 206 judges whether identity card serial number comprises
In blacklist, if identity card serial number is included in blacklist, then processing module 209 termination flow process;
If card reader serial number is not comprised in blacklist, then the first judge module 206 determines whether identity card serial number
Legitimacy, demonstrate,proves serial number to determine one's identity and card reader serial number is the most legal, have illegal identity card sequence in blacklist
Number, the serial number of the identity card being such as reported the loss, the serial number occurring abnormal identity card continuously or short time are interior in multiple areas
The serial number etc. of the identity card occurred, comprehends its place asked and brings greater risk, if the first judge module 206 judges identity
Card serial number is included in blacklist, illustrates that this identity card Serial No. illegal identity demonstrate,proves serial number, and server is disregarded, place
Reason module 209 termination flow process.Alternatively, server can return information to point out user, and this identity card is added
Enter blacklist, it is simple to user carries out subsequent operation and Resolving probiems;
Alternatively, after the first judge module 206 judges that card reader serial number is not comprised in blacklist, fourth communication mould
Block 204 is additionally operable to obtain visiting frequency management and control list, and the second judge module 207 judges to obtain in distance fourth communication module 204
Before the visiting frequency management and control list moment in the second prefixed time interval, whether visiting frequency management and control list comprises card reader sequence
Row number be stored in record, if distance fourth communication module 204 get the visiting frequency management and control list moment before second preset time
Between interval in, comprise card reader serial number in visiting frequency management and control list is stored in record, then the second judge module 207 obtains
Before fourth communication module 204 gets the visiting frequency management and control list moment in the 4th prefixed time interval, visiting frequency pipe
Control list in card reader serial number be stored in record occurrence number, if card reader serial number be stored in record occurrence number more than or etc.
In the second preset value, then card reader serial number is stored in blacklist;If the second judge module 207 judges at distance fourth communication mould
Block 204 gets before the visiting frequency management and control list moment in the second prefixed time interval, does not comprises in visiting frequency management and control list
Card reader serial number be stored in record, then fifth communication module 205 obtains exception rules, it is judged that whether card reader serial number meets
Exception rules, if card reader serial number meets exception rules, then by card reader serial number write-access frequency management and control list;
Fourth communication module 204, is additionally operable to when judging identity card serial number and card reader serial number is all not included in blacklist,
Obtaining visiting frequency management and control list, the second judge module 207 judges to get visiting frequency pipe in distance fourth communication module 204
Before the control list moment in the first prefixed time interval, whether comprise identity card serial number in visiting frequency management and control list is stored in note
Record, if getting before the visiting frequency management and control list moment in the first prefixed time interval in distance fourth communication module 204, visits
Ask that comprise identity card serial number in frequency management and control list is stored in record, then processing module 209 termination flow process;
If the first judge module 206 judges that identity card serial number and card reader serial number are all not included in blacklist, identity is described
Card serial number and card reader serial number are all legal, say, that this authentication ids information process request is in legal state,
Need to determine whether whether this authentication ids information process request is in by management and control state;
Fourth communication module 204 can obtain visiting frequency management and control list from self stores, it is also possible to obtains from outside and accesses frequency
Degree management and control list, includes the identity card serial number by management and control and the card reader serial number by management and control in visiting frequency management and control list;
If the authentication ids information process request that first communication module 201 receives comprises the identity card serial number or managed by management and control
The card reader serial number of control, then this authentication ids information process request is in by management and control state, after needing frozen certain time length
Could thaw, currently cannot normally accept by bedding and clothing business device.
For avoiding suffering Replay Attack, abnormal identity card serial number and abnormal card reader serial number can frozen management and control certain time length,
Under management and control state, identity card cloud certification device not to initiate request process, first the second judge module 207 can be sentenced
Break and get before the visiting frequency management and control list moment in the first prefixed time interval in distance fourth communication module 204, access frequency
Whether comprise identity card serial number in degree management and control list is stored in record, if getting access frequency in distance fourth communication module 204
Before the degree management and control list moment in the first prefixed time interval, comprise identity card serial number in visiting frequency management and control list is stored in note
Record, illustrate this identity card serial number also in freezing management and control state, processing module 209 termination flow process;Wherein, first is pre-
If time interval is preset value, can be configured according to concrete application scenarios, such as, when card-reading terminal is automatic ticket taking machine,
The first prefixed time interval can be set as 1 minute, say, that when finding that certain specific identity card serial number is in frequency management and control name
Dan Shi, within ensuing 1 minute, does not carry out the request initiated based on this identity card serial number processing operation;Alternatively,
When finding that certain specific identity card serial number is in frequency management and control list, return information prompting this identity card abnormal state of user,
Try the most again;
If getting before the visiting frequency management and control list moment in the first prefixed time interval in distance fourth communication module 204, visit
Ask that do not comprise identity card serial number in frequency management and control list is stored in record, then the second judge module 207 judges at distance four-way
Letter module 204 gets before the visiting frequency management and control list moment in the second prefixed time interval, in visiting frequency management and control list is
No comprise card reader serial number be stored in record, if getting the visiting frequency management and control list moment in distance fourth communication module 204
Before in the second prefixed time interval, comprise card reader serial number in visiting frequency management and control list is stored in record, then processing module
209 termination flow processs;
Fourth communication module 204, for when judging identity card serial number and card reader serial number is all not included in blacklist, obtains
Taking visiting frequency management and control list, the second judge module 207 judges to get visiting frequency management and control in distance fourth communication module 204
Before the list moment in the second prefixed time interval, whether comprise card reader serial number in visiting frequency management and control list is stored in record,
If getting before the visiting frequency management and control list moment in the second prefixed time interval in distance fourth communication module 204, access frequency
Comprise card reader serial number in degree management and control list is stored in record, then processing module 209 termination flow process;
For avoiding suffering Replay Attack, abnormal identity card serial number and abnormal card reader serial number can frozen management and control certain time length,
Under management and control state, identity card cloud certification device not to initiate request process, first the second judge module 207 can be sentenced
Break and get before the visiting frequency management and control list moment in the first prefixed time interval in distance fourth communication module 204, access frequency
Whether comprise card reader serial number in degree management and control list is stored in record, if getting access frequency in distance fourth communication module 204
Before the degree management and control list moment in the first prefixed time interval, comprise card reader serial number in visiting frequency management and control list is stored in note
Record, illustrate this card reader serial number also in freezing management and control state, processing module 209 termination flow process;Wherein, first is pre-
If time interval is preset value, can be configured according to concrete application scenarios, such as, when card-reading terminal is automatic ticket taking machine,
The first prefixed time interval can be set as 1 minute, say, that when finding that certain specific card reader serial number is in frequency management and control name
Dan Shi, within ensuing 1 minute, does not carry out the request initiated based on this card reader serial number processing operation;Alternatively,
When finding that certain specific card reader serial number is in frequency management and control list, return information prompting this Card reader status of user abnormal,
Try the most again;
If getting before the visiting frequency management and control list moment in the second prefixed time interval in distance fourth communication module 204, visit
Ask that do not comprise card reader serial number in frequency management and control list is stored in record, then the second judge module 207 judges at distance four-way
Letter module 204 gets before the visiting frequency management and control list moment in the first prefixed time interval, in visiting frequency management and control list is
No comprise identity card serial number be stored in record, if getting the visiting frequency management and control list moment in distance fourth communication module 204
Before in the first prefixed time interval, comprise identity card serial number in visiting frequency management and control list is stored in record, then processing module
209 termination flow processs;
Before the second judge module 207 judging distance fourth communication module 204 gets the visiting frequency management and control list moment first
In prefixed time interval, do not comprise identity card serial number in visiting frequency management and control list is stored in record and at distance fourth communication mould
Block 204 gets before the visiting frequency management and control list moment in the second prefixed time interval, does not comprises in visiting frequency management and control list
When being stored in record of card reader serial number, fifth communication module 205 obtains exception rules, and judges whether identity card serial number accords with
Close exception rules, if identity card serial number meets exception rules, then processing module 209 termination flow process;
Exception rules can be stored in memory module 211, it is also possible to obtaining from external equipment, the 3rd judge module 208 can
Judge whether the identity card serial number in this request or card reader serial number are in abnormality according to exception rules;
If identity card serial number does not meets exception rules, then the 3rd judge module 208 judges whether card reader serial number meets exception
Rule, if card reader serial number meets exception rules, then processing module 209 termination flow process;
When the second judge module 207 judges to get before the visiting frequency management and control list moment the in distance fourth communication module 204
In one prefixed time interval, do not comprise identity card serial number in visiting frequency management and control list is stored in record and in distance fourth communication
Module 204 gets before the visiting frequency management and control list moment in the second prefixed time interval, does not wraps in visiting frequency management and control list
Containing when being stored in record of card reader serial number, it may be determined that this identity card serial number and this card reader serial number are at the first Preset Time
Being spaced and do not occurred abnormality in the second prefixed time interval, the 3rd judge module 208 determines whether this identity card
Whether serial number or this card reader serial number are in abnormality in this is asked;
Before the second judge module 207 judging distance fourth communication module 204 gets the visiting frequency management and control list moment first
In prefixed time interval, do not comprise identity card serial number in visiting frequency management and control list is stored in record and at distance fourth communication mould
Block 204 gets before the visiting frequency management and control list moment in the second prefixed time interval, does not comprises in visiting frequency management and control list
When being stored in record of card reader serial number, fifth communication module 205 obtains exception rules, and the 3rd judge module 208 judges Card Reader
Whether device serial number meets exception rules, if card reader serial number meets exception rules, then and processing module 209 termination flow process;
If card reader serial number does not meets exception rules, then the 3rd judge module 208 judges whether identity card serial number meets exception rules,
If identity card serial number meets exception rules, then processing module 209 termination flow process;
Processing module 209, for when judging identity card serial number and card reader serial number does not all meet exception rules, to identity
Identification card information process request processes.
Alternatively, the second judge module 207, it is additionally operable to get visiting frequency management and control list in distance fourth communication module 204
Before moment in the first prefixed time interval, if visiting frequency management and control list comprises when being stored in record of identity card serial number, obtain
It is taken at before fourth communication module 204 gets the visiting frequency management and control list moment in the 3rd prefixed time interval, accesses frequency
In degree management and control list, identity card serial number is stored in record occurrence number, if the record occurrence number that is stored in of identity card serial number is less than
First preset value, then return the first information processing module 209 termination flow process;If identity card serial number be stored in note
Identity card serial number more than or equal to the first preset value, is then stored in blacklist by record occurrence number, returns error message and processes mould
Block 209 termination flow process;
In order to be further ensured that the integrity of abnormal data, it is ensured that process safety, obtain in distance fourth communication module 204 when determining
Get before the visiting frequency management and control list moment in the first prefixed time interval, visiting frequency management and control list comprises identity card sequence
Number be stored in record in the case of, the second judge module 207 can determine whether distance fourth communication module 204 obtain visiting
Ask before the frequency management and control list moment in the 3rd prefixed time interval, visiting frequency management and control list comprises depositing of identity card serial number
Enter to record number of times;In one section of Preset Time, if identity card cloud certification device repeatedly receives specifically it is present in based on a certain
During the process request that the identity card serial number in frequency management and control list is initiated, it is believed that this identity card Serial No. illegal sequence number,
Add blacklist;Specifically, if the second judge module 207 judges receiving the first prefixed time interval before the request of process
In, once it was written in frequency management and control list according to the identity card serial number that the request of process obtains, then determine whether receiving
In the 3rd prefixed time interval processed before request, once it was written to frequency according to the identity card serial number that the request of process obtains
Whether the number of times in management and control list reaches the first preset value, and wherein the 3rd prefixed time interval and the first preset value are preset value,
Can set according to application scenarios, such as: the 3rd prefixed time interval is 5 minutes, the first preset value is 100 times, then if
Second judge module 207 judges, in receiving the process initiated based on specific identity card serial number and asking first 5 minutes, to receive
To the number of times processing request initiated based on this identity card serial number less than 100 times, then return the first information prompting user slightly
After again examination and processing module 209 termination flow process;If having been received by process request based on the initiation of this identity card serial number
Number of times is more than or equal to 100 times, then this identity card serial number is write blacklist, returns error message prompting this identity card of user
Blacklist, processing module 209 termination flow process it are added into;
Alternatively, the second judge module 207, it is additionally operable to get visiting frequency management and control list in distance fourth communication module 204
Before moment in the second prefixed time interval, visiting frequency management and control list comprises when being stored in record of card reader serial number, obtain
Get before the visiting frequency management and control list moment in the 4th prefixed time interval in distance fourth communication module 204, visiting frequency
In management and control list card reader serial number be stored in record occurrence number, if card reader serial number be stored in record occurrence number less than the
Two preset values, then the second judge module 207 returns the second information processing module 209 termination flow process;If card reader
The record occurrence number that is stored in of serial number is more than or equal to the second preset value, then card reader serial number is stored in blacklist, returns mistake
False information processing module 209 termination flow process.
In order to be further ensured that the integrity of abnormal data, it is ensured that process safety, obtain in distance fourth communication module 204 when determining
Get before the visiting frequency management and control list moment in the first prefixed time interval, visiting frequency management and control list comprises identity card sequence
Number be stored in record in the case of, the second judge module 207 can determine whether distance fourth communication module 204 obtain visiting
Ask before the frequency management and control list moment in the second prefixed time interval, whether visiting frequency management and control list comprises card reader serial number
Be stored in record and judge apart from fourth communication module 204 get the visiting frequency management and control list moment before the 4th preset time
Between interval in, comprise card reader serial number in visiting frequency management and control list is stored in record number of times, in one section of Preset Time, as
Really identity card cloud certification device repeatedly receives and initiates based on a certain card reader serial number being specifically present in frequency management and control list
Process request time, it is believed that this card reader Serial No. illegal sequence number, add blacklist;Specifically, if second judges mould
Block 207 judges in receiving the second prefixed time interval before the request of process, the card reader sequence obtained according to the request of process
Number once it was written in frequency management and control list, then determine whether receiving the 4th prefixed time interval before the request of process
In, whether the number of times that the card reader serial number obtained according to the request of process was once written in frequency management and control list reaches second is preset
Value, wherein the 4th prefixed time interval and the second preset value are preset value, can set according to application scenarios, such as: the 4th is pre-
If time interval is 5 minutes, the second preset value is 100 times, then if the second judge module 207 judge receive based on
In the process that specific card reader serial number is initiated is asked first 5 minutes, have been received by the process based on this card reader serial number is initiated and ask
The number of times asked is less than 100 times, then return the second information prompting user and try and processing module 209 termination flow process the most again;
If having been received by the number of times processing request based on this card reader serial number is initiated to be more than or equal to 100 times, then by this card reader
Serial number write blacklist, returns error message prompting this card reader of user and has been added into blacklist, and processing module 209 terminates
Handling process;
Alternatively, the 3rd judge module 208 is additionally operable to when identity card serial number meets exception rules, then by identity card serial number
It is stored in visiting frequency management and control list, returns the first information processing module 209 termination flow process;At card reader serial number
When meeting exception rules, then card reader serial number is stored in visiting frequency management and control list, returns the second information processing module
209 termination flow processs;
Alternatively, authentication ids information process request also includes: timestamp secret value and card reader counting secret value;Second leads to
Letter module 202 is additionally operable to obtain decryption time stamp secret value and the timestamp of card reader counting secret value acquisition and card reader counting
Value, wherein, timestamp is demonstrate,proved information process request by the card reader identity-based identification generating authentication ids information process request
Produce moment generation;Card reader count value is processed request number of times by card reader based on the history that card reader is initiated and generates;
3rd judge module 208 is additionally operable to based on timestamp and the moment receiving authentication ids information process request, generates the
One time interval, it is judged that whether very first time interval is more than the 5th prefixed time interval and less than the 6th prefixed time interval, if the
One time interval more than the 5th prefixed time interval and less than the 6th prefixed time interval, then judges that identity card serial number is legal, no
Then, it is judged that identity card serial number meets exception rules;
3rd judge module 208 is additionally operable to based on timestamp and card reader count value, it is judged that distance fourth communication module 204 obtains
Before the visiting frequency management and control list moment in the 7th prefixed time interval, the body comprising identity card serial number encryption value received
Whether the request number of times of part identification card information process request is less than the 3rd preset value, if receive comprises identity card serial number encryption
The request number of times of the authentication ids information process request of value less than the 3rd preset value, then judges that identity card serial number is legal, otherwise,
Judge that identity card serial number meets exception rules;
3rd judge module 208 is additionally operable to based on timestamp and the moment receiving authentication ids information process request, generates the
One time interval, it is judged that whether very first time interval is more than the 8th prefixed time interval and less than the 9th prefixed time interval, if the
One time interval more than the 8th prefixed time interval and less than the 9th prefixed time interval, then judges that card reader serial number is legal, no
Then, it is judged that card reader serial number meets exception rules;
3rd judge module 208 is additionally operable to based on timestamp and card reader count value, it is judged that obtain in distance fourth communication module 204
Get before the visiting frequency management and control list moment in the tenth prefixed time interval, the identity card comprising card reader serial number received
Authentication information processes whether the request number of times of request is less than the 4th preset value, if the identity card comprising card reader serial number received
Authentication information processes the request number of times of request and is less than the 4th preset value, then judge that card reader serial number is legal, otherwise, it is judged that Card Reader
Device serial number meets exception rules;
3rd judge module 208 is additionally operable to based on card reader count value, it is judged that the authentication ids information processing continuously received please
In asking, whether the card reader count value with card reader sequence numbers match meets preset rules, if card reader count value meets preset rules,
Then judge that card reader serial number is legal, otherwise, it is judged that card reader serial number meets exception rules.
Alternatively, also comprising authentication module 210, wherein, second communication module 202 is additionally operable to the authentication ids that will receive
Information process request sends to authentication module 210;Authentication module 210, for extracting the body in authentication ids information process request
Part card serial number encryption value, timestamp secret value and/or card reader counting secret value, to identity card serial number encryption value, timestamp
Secret value and/or card reader counting secret value are decrypted operation, it is thus achieved that identity card serial number, timestamp and/or card reader count value,
And identity card serial number, timestamp and/or card reader count value are sent to second communication module 202;
Authentication module 210 is decrypted operation independent of identity card cloud certification device to secret value, on the one hand can reduce identity card
The computing pressure of cloud certification device, on the other hand, it is possible to promote the safety of verification process.
Alternatively, also comprise memory module 211, wherein, memory module 211, be used for storing blacklist and frequency management and control list;
Third communication module 203, is additionally operable to when acquisition request blacklist, generates blacklist and obtains request, and sends to memory module
211;Fourth communication module 204, is additionally operable to when acquisition request frequency management and control list, generates frequency management and control list and obtains request,
And send to memory module 211;Memory module 211, is additionally operable to, when receiving blacklist and obtaining request, be sent extremely by blacklist
Third communication module 203;Memory module 211, is additionally operable to when receiving frequency management and control list and obtaining request, by frequency management and control name
Single-shot delivers to fourth communication module 204;Third communication module 203, is additionally operable to after blacklist is carried out write operation, generates more
Blacklist after Xin, and will update after blacklist send to memory module 211;Fourth communication module 204, is additionally operable to frequency
Degree is after management and control list carries out write operation, generates the frequency management and control list after updating, and the frequency management and control list after updating sends
To memory module 211;Memory module 211, is additionally operable to the blacklist after receiving and store renewal or frequency management and control list.
Blacklist and frequency management and control list can be stored in independent memory module 211, promote the safety of data, delay simultaneously
Solving the data processing pressure of identity card cloud certification device, the storage of blacklist and frequency management and control list can be by memory module 211
Ciphertext stores, it is to avoid by malicious access and distorting.
The device provided by the embodiment of the present invention, it is possible to realize the identity card generated based on abnormal identity card or abnormal card reader
Authentication information processes request and carries out effective abnormality processing, uses identity card serial number and/or card reader serial number to enter as key value
Line pipe control, it is to avoid because of other factors, the legitimate request caused such as the change of IP address or the change of type of card cannot obtain execution,
Pass through blacklist, it is possible to stop illegal identity card or the process request of illegal card reader initiation in the very first time, by the present invention's
Abnormality eliminating method is capable of the dynamic renewal of blacklist, enhances dynamic and the real-time of abnormality processing;By frequency pipe
Control list is capable of the abnormality processing occurring abnormal identity card or card reader the most in a short time, it is achieved to Short Term Anomalous body
Part card or the freezing in short-term of card reader, it is to avoid the security risk causing the process of illegal request, by the abnormality processing of the present invention
Method is capable of the dynamic renewal of frequency management and control list, enhances dynamic and the real-time of abnormality processing;Pass through exception rules
It is capable of the exception to current identity card or card reader to judge, even if this processes the identity card in request or card reader does not comprises
In blacklist or in the range of the management and control of frequency management and control list, can recognize that abnormal identity card or card reader equally, thus realize
To identity card and triple dynamic authentication of card reader, improve the safety that authentication ids information process request is processed with reliable
Property.
Although above it has been shown and described that embodiments of the invention, it is to be understood that above-described embodiment is exemplary,
Being not considered as limiting the invention, those of ordinary skill in the art is in the case of without departing from the principle of the present invention and objective
Above-described embodiment can be changed within the scope of the invention, revise, replace and modification.The scope of the present invention is by appended power
Profit requires and equivalent limits.
Claims (9)
1. an identity card cloud certification device, it is characterised in that including:
First communication module, is used for receiving authentication ids information process request, and described authentication ids information includes: identity card
Serial number encryption value and card reader serial number, wherein, the serial number of described card reader Serial No. ID card information reading terminals;
Second communication module, deciphers, for obtaining, the identity card serial number that described identity card serial number encryption is worth to;
Third communication module, is used for obtaining blacklist;
First judge module, is used for judging whether described identity card serial number or described card reader serial number are included in described blacklist
In, if described identity card serial number or described card reader serial number are included in described blacklist, then termination flow process;
Fourth communication module, for being all not included in described blacklist at described identity card serial number and described card reader serial number
Time, obtain visiting frequency management and control list;
Second judge module, for judging the first Preset Time before distance gets the described visiting frequency management and control list moment
In interval, whether comprise described identity card serial number in described visiting frequency management and control list is stored in record, or gets in distance
Before the described visiting frequency management and control list moment in the second prefixed time interval, whether described visiting frequency management and control list comprises institute
That states card reader serial number is stored in record;If judging before distance gets the described visiting frequency management and control list moment, first presets
In time interval, comprise described identity card serial number in described visiting frequency management and control list is stored in record, or gets in distance
Before the described visiting frequency management and control list moment in the second prefixed time interval, described visiting frequency management and control list comprises described reading
Card device serial number be stored in record, then termination flow process;
Fifth communication module, for judging the first Preset Time before distance gets the described visiting frequency management and control list moment
In interval, described visiting frequency management and control list does not comprise the record that is stored in of described identity card serial number, and gets institute in distance
State before the visiting frequency management and control list moment in the second prefixed time interval, described visiting frequency management and control list does not comprise described reading
When being stored in record of card device serial number, obtains exception rules;
3rd judge module, is used for judging whether described identity card serial number or described card reader serial number meet exception rules, if
Described identity card serial number or described card reader serial number meet exception rules, then termination flow process;
Processing module, for when described identity card serial number and described card reader serial number all do not meet exception rules, to described
Authentication ids information process request processes.
Device the most according to claim 1, it is characterised in that
Described first judge module, is additionally operable to judge whether described identity card serial number wraps in described blacklist, if described identity card
Serial number is included in described blacklist, then termination flow process;If described identity card serial number is not comprised in described blacklist
In, then judge whether described card reader serial number is included in described blacklist, if described card reader serial number is included in described black
In list, then termination flow process;
Described first judge module, is additionally operable to judge whether described card reader serial number is included in described blacklist, if described reading
Card device serial number is included in described blacklist, then termination flow process;If described card reader serial number is not comprised in described black
In list, then judge whether described identity card serial number is included in described blacklist, if described identity card serial number is included in institute
State in blacklist, then termination flow process.
Device the most according to claim 1 and 2, it is characterised in that
Described second judge module, is additionally operable to judge that before distance gets the described visiting frequency management and control list moment first presets
In time interval, whether comprise described identity card serial number in described visiting frequency management and control list is stored in record, if obtaining in distance
Get before the described visiting frequency management and control list moment in the first prefixed time interval, described visiting frequency management and control list comprises institute
That states identity card serial number is stored in record, then termination flow process;If getting the described visiting frequency management and control list moment in distance
Before in the first prefixed time interval, do not comprise described identity card serial number in described visiting frequency management and control list is stored in record,
Then judge before distance gets the described visiting frequency management and control list moment in the second prefixed time interval, described visiting frequency pipe
Whether comprise described card reader serial number in control list is stored in record, if when distance gets described visiting frequency management and control list
Before quarter in the second prefixed time interval, comprise described card reader serial number in described visiting frequency management and control list is stored in record,
Then termination flow process;
Described second judge module, is additionally operable to judge that before distance gets the described visiting frequency management and control list moment second presets
In time interval, whether comprise described card reader serial number in described visiting frequency management and control list is stored in record, if obtaining in distance
Get before the described visiting frequency management and control list moment in the second prefixed time interval, described visiting frequency management and control list comprises institute
That states card reader serial number is stored in record, then termination flow process;If getting the described visiting frequency management and control list moment in distance
Before in the second prefixed time interval, do not comprise described card reader serial number in described visiting frequency management and control list is stored in record,
Then judge before distance gets the described visiting frequency management and control list moment in the first prefixed time interval, described visiting frequency pipe
Whether comprise described identity card serial number in control list is stored in record, if when distance gets described visiting frequency management and control list
Before quarter in the first prefixed time interval, comprise described identity card serial number in described visiting frequency management and control list is stored in record,
Then termination flow process.
4. according to the device described in any one of claims 1 to 3, it is characterised in that
Described 3rd judge module, is additionally operable to judge whether described identity card serial number meets exception rules, if described identity card sequence
Row number meet exception rules, then termination flow process;If described identity card serial number does not meets exception rules, then judge described reading
Whether card device serial number meets exception rules, if described card reader serial number meets exception rules, then and termination flow process;
Described 3rd judge module, is additionally operable to judge whether described card reader serial number meets exception rules, if described card reader sequence
Row number meet exception rules, then termination flow process;If described card reader serial number does not meets exception rules, then judge described body
Whether part card serial number meets exception rules, if described identity card serial number meets exception rules, then and termination flow process.
5. according to the device described in any one of Claims 1-4, it is characterised in that
Described second judge module, is additionally operable to the first Preset Time before distance gets the described visiting frequency management and control list moment
In interval, if described visiting frequency management and control list comprises when being stored in record of described identity card serial number, obtain and obtain in distance
Before the described visiting frequency management and control list moment in the 3rd prefixed time interval, identity described in described visiting frequency management and control list
That demonstrate,proves serial number is stored in record occurrence number, if the record occurrence number that is stored in of described identity card serial number is less than the first preset value,
Then return the first information termination flow process;If the record occurrence number that is stored in of described identity card serial number is more than or equal to
Described first preset value, then be stored in described blacklist by described identity card serial number, returns described error message termination stream
Journey;
Described second judge module, is additionally operable to the second Preset Time before distance gets the described visiting frequency management and control list moment
In interval, described visiting frequency management and control list comprises when being stored in record of described card reader serial number, obtain and get in distance
Before the described visiting frequency management and control list moment in the 4th prefixed time interval, card reader described in described visiting frequency management and control list
Serial number be stored in record occurrence number, if described card reader serial number be stored in record occurrence number less than the second preset value, then
Return the second information termination flow process;If the record occurrence number that is stored in of described card reader serial number is more than or equal to institute
State the second preset value, then described card reader serial number is stored in described blacklist, return described error message termination flow process.
6. according to the device described in any one of claim 1 to 5, it is characterised in that
Described 3rd judge module, is additionally operable to when described identity card serial number meets exception rules, then by described identity card sequence
Number it is stored in described visiting frequency management and control list, returns described first information termination flow process;In described card reader sequence
When number meeting exception rules, then described card reader serial number is stored in described visiting frequency management and control list, returns described second prompting
Information termination flow process.
7. according to the device described in any one of claim 1 to 6, it is characterised in that described authentication ids information process request
Also include: timestamp secret value and card reader counting secret value;Described first communication module, is additionally operable to obtain and deciphers the described time
Stamp secret value and described card reader count timestamp and the card reader count value that secret value obtains, and wherein, described timestamp is by generating
The card reader of the described authentication ids information process request generation moment based on described authentication ids information process request generates;
Described card reader count value is processed request number of times by described card reader based on the history that described card reader is initiated and generates;
Described 3rd judge module, be additionally operable to based on described timestamp and receive described authentication ids information process request time
Carve, generate very first time interval, it is judged that whether interval of the described very first time is more than the 5th prefixed time interval and presets less than the 6th
Time interval, if interval of the described very first time is more than described 5th prefixed time interval and less than described 6th prefixed time interval,
Then judge that described identity card serial number is legal, otherwise, it is judged that described identity card serial number meets exception rules;
Described 3rd judge module, is additionally operable to based on described timestamp and described card reader count value, it is judged that distance gets described
Before the visiting frequency management and control list moment in the 7th prefixed time interval, receive comprises described identity card serial number encryption value
Whether the request number of times of authentication ids information process request is less than the 3rd preset value, if receive comprises described identity card sequence
The request number of times of the authentication ids information process request of number secret value less than described 3rd preset value, then judges described identity card sequence
Row number are legal, otherwise, it is judged that described identity card serial number meets exception rules;
Described 3rd judge module, be additionally operable to based on described timestamp and receive described authentication ids information process request time
Carve, generate interval of the described very first time, it is judged that whether interval of the described very first time is more than described 8th prefixed time interval and is less than
Described 9th prefixed time interval, if interval of the described very first time is more than described 8th prefixed time interval and 9th pre-less than described
If time interval, then judge that described card reader serial number is legal, otherwise, it is judged that described card reader serial number meets exception rules;
Described 3rd judge module, is additionally operable to based on described timestamp and described card reader count value, it is judged that get institute in distance
State before the visiting frequency management and control list moment in the tenth prefixed time interval, the identity comprising described card reader serial number received
Whether the request number of times of identification card information process request is less than the 4th preset value, if receive comprises described card reader serial number
The request number of times of authentication ids information process request is less than described 4th preset value, then judge that described card reader serial number is legal,
Otherwise, it is judged that described card reader serial number meets exception rules;
Described 3rd judge module, is additionally operable to based on described card reader count value, it is judged that the described authentication ids continuously received
In information process request, whether the described card reader count value with described card reader sequence numbers match meets preset rules, if described reading
Card device count value meets preset rules, then judge that described card reader serial number is legal, otherwise, it is judged that described card reader serial number accords with
Close exception rules.
8. according to the device described in any one of claim 1 to 7, it is characterised in that also comprise authentication module,
Wherein, described first communication module, it is additionally operable to send to described the described authentication ids information process request received
Authentication module;
Described authentication module, for extract described identity card serial number encryption value in described authentication ids information process request,
Described timestamp secret value and/or described card reader counting secret value, add described identity card serial number encryption value, described timestamp
Close value and/or described card reader counting secret value are decrypted operation, it is thus achieved that described identity card serial number, described timestamp and/or institute
State card reader count value, and described identity card serial number, described timestamp and/or described card reader count value are sent to the most described the
One communication module.
9. according to the device described in any one of claim 1 to 8, it is characterised in that also comprise memory module,
Wherein, described memory module, it is used for storing described blacklist and described frequency management and control list;
Described third communication module, is additionally operable to when blacklist described in acquisition request, generates blacklist and obtains request, and sends extremely
Described memory module;
Described fourth communication module, is additionally operable to when frequency management and control list described in acquisition request, and generating the acquisition of frequency management and control list please
Ask, and send to described memory module;
Described memory module, is additionally operable to, when receiving described blacklist and obtaining request, send described blacklist to the described 3rd
Communication module;
Described memory module, is additionally operable to when receiving described frequency management and control list and obtaining request, by described frequency management and control name single-shot
Deliver to described fourth communication module;
Described third communication module, is additionally operable to after described blacklist is carried out write operation, generates the described blacklist after updating,
And the described blacklist after updating sends to described memory module;
Described fourth communication module, is additionally operable to after described frequency management and control list is carried out write operation, generate update after described
Frequency management and control list, and the described frequency management and control list after updating sends to described memory module;
Described memory module, is additionally operable to the described blacklist after receiving and store renewal or described frequency management and control list.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610041122.4A CN106034135B (en) | 2016-01-21 | 2016-01-21 | Identity card cloud authentication device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610041122.4A CN106034135B (en) | 2016-01-21 | 2016-01-21 | Identity card cloud authentication device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN106034135A true CN106034135A (en) | 2016-10-19 |
| CN106034135B CN106034135B (en) | 2019-06-28 |
Family
ID=57149275
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201610041122.4A Active CN106034135B (en) | 2016-01-21 | 2016-01-21 | Identity card cloud authentication device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN106034135B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113688362A (en) * | 2021-08-25 | 2021-11-23 | 中国工商银行股份有限公司 | Identity card information security processing method and device |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1429373A (en) * | 2000-03-08 | 2003-07-09 | 高利科技有限公司 | Method and apparatus for readucing on-line fraud using personal digital identification |
| US20060018467A1 (en) * | 2004-07-20 | 2006-01-26 | Scribocel, Inc. | Device for authentication and identification for computerized and networked systems |
| CN101510258A (en) * | 2009-01-16 | 2009-08-19 | 北京中星微电子有限公司 | Certificate verification method, system and certificate verification terminal |
| CN101841543A (en) * | 2010-05-10 | 2010-09-22 | 秦野 | Intelligent verification system of second-generation resident identification card |
| CN202495066U (en) * | 2012-03-31 | 2012-10-17 | 成都因纳伟盛科技股份有限公司 | Fingerprint reading module of second generation identity card reader |
| US20130077169A1 (en) * | 2011-09-23 | 2013-03-28 | Ppg Industries Ohio, Inc. | Hollow particle crystalline colloidal arrays |
-
2016
- 2016-01-21 CN CN201610041122.4A patent/CN106034135B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1429373A (en) * | 2000-03-08 | 2003-07-09 | 高利科技有限公司 | Method and apparatus for readucing on-line fraud using personal digital identification |
| US20060018467A1 (en) * | 2004-07-20 | 2006-01-26 | Scribocel, Inc. | Device for authentication and identification for computerized and networked systems |
| CN101510258A (en) * | 2009-01-16 | 2009-08-19 | 北京中星微电子有限公司 | Certificate verification method, system and certificate verification terminal |
| CN101841543A (en) * | 2010-05-10 | 2010-09-22 | 秦野 | Intelligent verification system of second-generation resident identification card |
| US20130077169A1 (en) * | 2011-09-23 | 2013-03-28 | Ppg Industries Ohio, Inc. | Hollow particle crystalline colloidal arrays |
| CN202495066U (en) * | 2012-03-31 | 2012-10-17 | 成都因纳伟盛科技股份有限公司 | Fingerprint reading module of second generation identity card reader |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113688362A (en) * | 2021-08-25 | 2021-11-23 | 中国工商银行股份有限公司 | Identity card information security processing method and device |
Also Published As
| Publication number | Publication date |
|---|---|
| CN106034135B (en) | 2019-06-28 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| EP3941014B1 (en) | Digital key-based identity authentication method, terminal apparatus, and medium | |
| US4438824A (en) | Apparatus and method for cryptographic identity verification | |
| EP1922632B1 (en) | Extended one-time password method and apparatus | |
| EP2466505B1 (en) | Method for authenticating a terminal | |
| CN104641375A (en) | Communication secured between a medical device and its remote device | |
| RU2677233C2 (en) | Body coupled communication system | |
| CN107332671A (en) | A kind of safety mobile terminal system and method for secure transactions based on safety chip | |
| CN106330968B (en) | Identity authentication method and device for access equipment | |
| CN106027474B (en) | A kind of identity card card-reading terminal in authentication ids system | |
| CN106027465A (en) | Method for processing identity card authentication information processing request | |
| CN105391555B (en) | A kind of method, backstage and system accessing SAM device | |
| CA2432593C (en) | Anti-cloning method | |
| CN106027253A (en) | Access frequency management and control device for identity card authentication information | |
| EP0304547A2 (en) | Identification control apparatus, method for cryptographic identity control and method for detecting an interruption between a terminal and a communication system | |
| CN106034135A (en) | Identity card cloud authentication device | |
| Jensen et al. | A secure credit card protocol over NFC | |
| CN106027468A (en) | Exception handling system for identity card authentication information processing request | |
| CN115189876B (en) | Certificate expiration method, device and server | |
| CN106027472A (en) | Exception handling method for identity card authentication information processing request | |
| CN117040740A (en) | Quantum security key offline distribution system, method and device | |
| CN106027478A (en) | Access frequency management and control method for identity card authentication information | |
| CN107026817B (en) | System for automatically inputting password | |
| CN106027479B (en) | A kind of method for dynamically processing and system of authentication ids information process request | |
| CN106027469B (en) | The processing method and identity card cloud authentication device of authentication ids information process request | |
| CN104794430B (en) | A kind of method and system of fingerprint decryption |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20220426 Address after: Tiantianrong building, No. 1, Zhongguancun, Beiqing Road, Haidian District, Beijing 100094 Patentee after: TENDYRON Corp. Address before: 100086 room 603, building 12, taiyueyuan, Haidian District, Beijing Patentee before: Li Ming |