TWI871022B - Information security management system for opening nfc locks with authorization - Google Patents

Abstract

An information security management system for opening NFC locks with authorization is disclosed. It includes a database module, an identity confirmation module, a public key infrastructure module, an unlocking processing module, an unlocking notification module and an information security notification module. The present invention uses a mobile communication device as a repeater and does not involve itself in unlocking-related operations. For a person who needs to unlock the lock to obtain protected information or items, the identity confirmation module and the unlock processing module will first confirm his identity and management authority before digitally signing the generated random number through the public key infrastructure module. After the near field communication chip is digitally verified to confirm that the generated random numbers are correct, the near field communication lock is opened. This can achieve a keyless and passwordless working environment, eliminating the need for keys and passwords to authorize open locks.

Description

Information security management system that authorizes the opening of the NFC lock

The present invention relates to an information security management system, in particular to an information security management system for authorizing the opening of a near field communication lock.

In order to protect confidential data that can be circulated within the enterprise, such as documents, reports, design drawings, samples, etc., as well as production equipment such as servers, machines, and cash registers such as POS machines and cash registers, a company needs to have many permanent or temporary containers to store these cash, confidential data and related assets; accordingly, these containers also need to use one or more locks to ensure that they will not be opened maliciously or accidentally. In addition to the high cost of purchasing and installing each lock, the management of its use (authorized opening) is also very cumbersome. For example, each employee is equipped with a locked office cabinet and a personal belongings cabinet, and the employee is given a key when he/she joins the company and the key is collected when he/she leaves the company. This may be something that the human resources department can take care of. Each department has its own file cabinets, document cabinets, display cabinets, etc., to store departmental assets; special cabinet locks, especially those that store important or confidential assets, must also be managed by key usage procedures and processes, and even the complicated work of storing and managing spare keys, and preventing employees from copying keys privately, which requires department heads to handle personally. If it is important confidential information for senior management or across departments, the procedures for its storage and authorization to open the safe deposit box often require the approval of the top management. It is helpless to consume many unnecessary people for the action of "unlocking", but these confidentiality practices are the only way for most companies to meet the security requirements of ISO27001.

In addition to the traditional method of authorizing and unlocking with physical keys, many companies use combination locks to replace mechanical locks. The advantage of doing so is that it saves the risk of handing over and keeping keys, but the password to unlock the combination lock may be leaked to an unrelated third party or even remembered by a former employee, causing unnecessary risks. Recently, the business community has a rapidly increasing demand for a keyless and passwordless work environment, and fingerprint locks or facial recognition locks have become a solution under technological substitution. However, in practice, this is not very suitable for corporate use because the program architecture for these locks to record personal biometrics is very cumbersome. In addition, the average turnover rate of enterprises is about 15%, not counting job changes, so the management workload is very huge. Biometric locks require batteries or external power, and regular charging is also an additional management cost for enterprises. If the risk of personal biometric leakage is considered too high, there is also a potential moral cost. Therefore, biometric locks are not a better choice for enterprises than traditional keys.

Therefore, enterprises are still pursuing better solutions to create a keyless and passwordless working environment while also having the security required by ISO27001.

This paragraph extracts and compiles certain features of the invention. Other features will be revealed in subsequent paragraphs. Its purpose is to cover various modifications and similar arrangements within the spirit and scope of the attached patent application.

In order to meet the above-mentioned needs, the present invention discloses an information security management system for authorizing the opening of a near-field communication lock. The system is installed in a server cluster and is connected to a plurality of mobile communication devices, including: a database module for storing a plurality of registered accounts and a registration password corresponding to each registered account, a plurality of registered near-field communication chip serial numbers, and each registered near-field communication chip serial number is selected from the plurality of registered accounts set an identity verification module, connected to the database module information, receiving a user account and a user password from any mobile communication device, and allowing the mobile communication device to perform an authorization unlocking procedure if the user account and the user password are the same as a set of registered account and registered password in the database module; an identity verification module, connected to the database module information, receiving a user account and a user password from any mobile communication device, and allowing the mobile communication device to perform an authorization unlocking procedure if the user account and the user password are the same as a set of registered account and registered password in the database module; A public key infrastructure module generates a plurality of key pairs using the registered near field communication chip serial numbers, stores the public keys in the key pairs and the registered near field communication chip serial numbers, and can digitally sign any message with any public key in any key pair to obtain a decryption code; and a decryption processing module, which is connected to the database module, The identity confirmation module and the public key infrastructure module are informationally connected to execute the authorization unlocking procedure, and the authorization unlocking procedure includes the following steps: a serial number receiving step: receiving a target near field communication chip serial number from an authorized mobile communication device that is allowed to execute the authorization unlocking procedure, and the target near field communication chip serial number is the serial number of the authorized mobile communication device. A near field communication chip for controlling a near field communication lock unlocking mechanism is obtained from a mobile communication device, and the near field communication chip has a private key in a key group generated by the near field communication chip serial number of the target; a first judgment step: judging whether the near field communication chip serial number of the target is one of the registered near field communication chip serial numbers, if not, stopping the authorization unlocking procedure; a second judgment step: judging whether the user account used by the authorized mobile communication device is the registered account set by the registered near field communication chip serial number corresponding to the near field communication chip serial number of the target, if not, stopping the authorization unlocking procedure; a random number receiving step: receiving a generated random number from the authorized mobile communication device, the generated random number The number is randomly generated by the near field communication chip; the unlocking code generation step: the target near field communication chip serial number and the generated random number are transmitted to the public key infrastructure module, and the public key infrastructure module uses the public key in the key group generated by the registered near field communication chip serial number that is the same as the target near field communication chip serial number to perform the unlocking code on the generated random number. Digital signature is performed to obtain the corresponding unlocking code; and unlocking step: the unlocking code is sent back to the near field communication chip through the authorized mobile communication device, and the near field communication chip digitally verifies the unlocking code with the private key to obtain a verification random number. If the verification random number is the same as the generated random number, the near field communication chip unlocks the near field communication lock.

According to the present invention, the database module can further record the data generated by the unlocking processing module each time it executes the authorization unlocking procedure, and the relevant data of the NFC lock corresponding to each registered NFC chip serial number.

The information security management system for authorizing the unlocking of the NFC lock may further include an unlock notification module, which is informationally connected to the database module and the unlock processing module. When a registered NFC chip serial number is used to execute the authorized unlocking procedure, the unlock notification module synchronously notifies at least one mobile communication device logged in with the same user account as the at least one registered account. In the second judgment step of the authorized unlocking procedure, if the authorized unlocking procedure stops due to a negative judgment result, the unlock notification module further notifies the authorized mobile communication device operator that he is not authorized to unlock the NFC lock.

According to the present invention, the relevant data of the NFC lock includes information tags of the classification of the information or assets protected by the NFC lock. The authorization unlocking procedure may further include a first information tag step: the unlocking processing module sends the information tag of the NFC lock to the authorized mobile communication device and displays it on it.

According to the present invention, each NFC chip can also store relevant data, which includes information tags of the classification of information or assets protected by the NFC lock.

According to the present invention, the authorization unlocking procedure may further include a second information tag step: the NFC chip of the NFC lock sends the information tag of the NFC lock to the authorized mobile communication device and displays it on it.

According to the present invention, the authorized unlocking procedure may further include the following steps: Unlocking success notification step: the near field communication chip notifies the unlocking processing module of unlocking success through the authorized mobile communication device; Unlocking purpose collection step: the unlocking processing module presents an unlocking purpose window on the authorized mobile communication device, allowing the unlocker to input the unlocking purpose into the unlocking purpose window or select the unlocking reason in the menu displayed in the unlocking purpose window, receive the unlocking purpose sent from the authorized mobile communication device and store it in the database module.

The information security management system for authorizing the opening of the NFC lock may further include an information security notification module, which is in information communication with the database module and the unlocking processing module, wherein the database module further stores the notification unit corresponding to each unlocking purpose, and when the unlocking processing module stores the unlocking purpose of the NFC lock after unlocking in the database module, the corresponding notification unit is notified of the user account that performs the unlocking.

Preferably, the database module can further record a personal identification code bound to each registered account. Therefore, the authorization unlocking procedure can further include the following steps: a personal identification code acquisition step: receiving a personal identification code input by the unlocker from the authorized mobile communication device; and a personal identification code confirmation step: determining whether the personal identification code is one of the personal identification codes bound to the registered accounts, and if not, stopping the authorization unlocking procedure.

The present invention uses a mobile communication device as a repeater and does not intervene in unlocking-related calculations. For a person who needs to unlock the lock to obtain protected data or items, the identity confirmation module and the unlocking processing module will first confirm his identity and management authority, and then digitally sign the generated random number through the public key infrastructure module. After the near-field communication chip performs digital signature verification to confirm that the generated random number is correct, the near-field communication lock is unlocked. This can achieve a keyless and password-free working environment, eliminating the cumbersomeness of requiring keys and passwords to authorize unlocking.

1: First server

2: Second server

3: Third server

4: First mobile communication device

4a: Screen

4b: Unlock the destination window

5: Second mobile communication device

5a: Screen

6: Third mobile communication device

7: File Cabinet

8: Folder

9: Safe

10: Near Field Communication Lock

20: Lock module

30: Unlock module

31: Near field communication antenna unit

32: Unlocking unit

33: Processing unit

33a: Near field communication chip

33b: Random Access Memory

33c: Read-only memory

33d: Input and output interface

100: Database module

200: Identity confirmation module

300: Public key infrastructure module

400: Unlock processing module

500: Unlock notification module

600: Information security notification module

Figure 1 is a schematic diagram of the components and application environment of an information security management system for authorizing the opening of a near field communication lock according to an embodiment of the present invention.

Figure 2 is a block diagram of the components of the near field communication lock used in the present invention.

Figure 3 lists the data set for each registered NFC chip serial number.

Figure 4 is a flow chart of the authorization unlocking procedure.

Figure 5 shows the display of a second mobile communication device screen.

Figure 6 is a partial flow chart of the authorization unlocking procedure in another embodiment.

FIG7 shows the display of a first mobile communication device screen.

The present invention will be described in more detail with reference to the following embodiments.

Please see Figure 1, which is a schematic diagram of the components and application environment of an information security management system for authorizing the opening of a near-field communication lock according to an implementation method of the present invention. The information security management system for authorizing the opening of a near-field communication lock (hereinafter referred to as the system) is installed in a server cluster and operates through the hardware architecture of the server cluster. The server cluster includes more than one server, each of which performs different tasks or jointly maintains a larger workload service. According to the present invention, the number of servers in the server cluster is not limited. In this embodiment, three servers are used as an example, namely the first server 1, the second server 2 and the third server 3. The hardware architecture of each server is not much different from the general server architecture, and may include a central processing unit, memory, storage device (such as a hard disk), input and output units, etc. Although these hardware are not shown in Figure 1, they are architectures that technical personnel in the server field should understand. The following introduction to the various modules of the present invention is the technical requirements of the system that utilizes or cooperates with the above-mentioned existing server equipment. Therefore, they can be software, including specific program codes and data, and run in at least a part of the hardware architecture under the operating system (for example, program codes and related data files are stored in a storage device, temporarily stored in the memory under the operation of the operating system, and dynamically called and executed by the central processing unit). On the other hand, these modules can also be special hardware, such as application-specific integrated circuits (ASIC) or external cards, to perform the functions assigned to these modules. Moreover, these technical requirements can be partly software and partly hardware, and can be effectively integrated according to the needs of product designers, all within the technical scope advocated by this patent.

The server cluster is connected to several mobile communication devices through the network N (indicated by dotted arrow connections in Figure 1, which can be wired or wireless connections). The mobile communication devices can be but are not limited to smart phones, tablets or smart wearable devices. However, these mobile communication devices need to be equipped with a Near-Field Communication (NFC) module to form an NFC reader, which can exchange information with the NFC tag through near-field communication (indicated by the dotted-dashed arrow connection in Figure 1). In this embodiment, three mobile communication devices are used as an example for illustration, namely a smartphone of the first mobile communication device 4 , a tablet computer of the second mobile communication device 5 and a smart watch of the third mobile communication device 6 . According to the present invention, each mobile communication device functions as a data transmission repeater, providing the system with communication with multiple devices or apparatuses controlled by near-field communication locks 10, and unlocking the near-field communication locks 10 with authorized unlock codes, thereby obtaining the data or items protected in the devices or apparatuses. In this embodiment, the first mobile communication device 4 is to unlock a NFC lock 10 on the inner side of the bottom slide of a file cabinet 7 (it cannot be seen from the outside, so it is represented by a dotted frame), the second mobile communication device 5 is to unlock a NFC lock 10 on a folder 8, and the third mobile communication device 6 is to unlock a NFC lock 10 inside a safe 9 (it cannot be seen from the outside, so it is represented by a dotted frame).

The NFC lock 10 is a composite lock that combines electronic components and physical locks. See FIG2, which is a block diagram of the components of the NFC lock 10 used in the present invention. The structure of the NFC lock 10 includes a lock module 20 and an unlocking module 30. The lock module 20 usually includes two lock assemblies that can be locked to each other and are respectively installed on the objects to be locked. One lock has a corresponding structure that matches the other lock. The unlocker operates one of them to unlock the lock module 20. In terms of form, the lock module 20 can be a mechanical lock without power, or an electronic (magnetic) lock that requires power or has its own power. Different lock modules 20 can be used according to different protection objects.

The unlocking module 30 is a technical component that unlocks the lock module 20 by mechanical drive or electromagnetic field change when specific conditions are met. Generally speaking, the unlocking module 30 includes a near field communication antenna unit 31, an unlocking unit 32 and a processing unit 33. The near field communication antenna unit 31 is a tool for receiving near field communication signals and obtaining electrical energy therefrom. The signal includes an unlocking signal from the system and converts the electromagnetic energy emitted by the automatic communication device into electrical energy. This embodiment uses the NFC 13.56MHz frequency band to transmit the unlocking signal, and provides the unlocking module 30 with the power required for unlocking by coil induction power supply. The unlocking signal is an electromagnetic wave signal that can transmit an unlocking code in a continuous transmission or packet transmission mode. The unlocking unit 32 is a technical component that couples the unlocking module 30 with the lock module 20 and actually drives the lock module 20 to unlock mechanically or electromagnetically. For example, if the lock module 20 is a mechanical lock that needs to be subjected to external impact or rotation to release the complex mechanical lock, the unlocking unit 32 can be a module (not shown) composed of a stepping motor, a gear set and a control circuit. The processing unit 33 is electrically connected to the NFC antenna unit 31 to receive power and unlocking signals from the NFC antenna unit 31, and is also coupled to the unlocking unit 32. The function of the processing unit 33 is to authenticate the unlocking code in the unlocking signal, and when the authentication is successful, notify the unlocking unit 32 to perform the unlocking action. The processing unit 33 includes a NFC chip 33a, a random access memory 33b, a read-only memory 33c, and an input/output interface 33d. The NFC chip 33a is used to process the received signal, and in particular, it can be programmed to randomly generate a random number and process the unlocking code in the unlocking signal. The relevant program code is stored in the read-only memory 33c, and the data generated when the NFC chip 33a is in operation can be temporarily stored in the random access memory 33b. The input and output interface 33d is a device for the processing unit 33 to communicate with the NFC antenna unit 31 and the unlocking unit 32.

The system includes a database module 100, an identity verification module 200, a public key infrastructure module 300, an unlocking processing module 400, an unlocking notification module 500 and an information security notification module 600. The types, functions and interactions of these modules will be described in detail below with the corresponding diagrams. It should be noted that the servers where each module is installed are only examples and may not be based on the actual architecture.

The database module 100 is installed in the first server 1, and is used to store a set of registered accounts and registered passwords, a plurality of registered near field communication chip serial numbers, and at least one registered account set for each registered near field communication chip serial number. This system is applied to a company that has a need to control confidential documents or items. In addition to installing a NFC lock 10 on each device that protects documents or items, such as the aforementioned file cabinet 7, file folder 8, and safe 9, all employees of the company must register with the system with their mobile communication devices in order to be authorized to unlock all or part of these NFC locks 10. The registration process is to leave a unique set of registration accounts and registration passwords in the database module 100, and the set of accounts and passwords is used when logging into the system. The registered NFC chip serial number is the NFC chip serial number stored in the NFC chip 33a of the NFC lock 10 that the system can authorize to unlock. The word "registered" indicates that the database module 100 has and is authorized to use the corresponding near field communication chip serial number. For the state of the registered account set for each registered near field communication chip serial number, please see Figure 3, which lists the data set for each registered near field communication chip serial number. Figure 3 is an example of the application of this system in a small company. The company has three members, namely employee A, employee B and the boss. Employee A registered the registered account N0001 with the first mobile communication device 4, employee B registered the registered account N0002 with the second mobile communication device 5, and the boss registered the registered account N0003 with the third mobile communication device 6. The company uses 10 NFC locks, whose registered NFC chip serial numbers are NFC0001 to NFC0010. For the registered NFC chip serial number NFC0001, its set registration account is N0001, which means that only the registered account N0001 has the management authority to open the NFC lock with the registered NFC chip serial number NFC0001. The lock is usually used to protect personal belongings or highly confidential information or assets. In contrast, for the registered NFC chip serial number NFC0007, the registered accounts are set to N0001~N0003, which means that all registered accounts have the management authority to open the NFC lock with the registered NFC chip serial number NFC0007, which usually protects shared information or assets. However, for the registered NFC chip serial number NFC0005, only the registered accounts N0002 and N0003 have the management authority to open the corresponding NFC lock. From the perspective of company management, it excludes the possibility of employee A obtaining the information or assets protected by the lock.

The identity confirmation module 200 is installed in the second server 2 and is informationally connected to the database module 100. Its function is to receive a user account and a user password from any mobile communication device. The user account and user password refer to a set of account and password input by the mobile communication device and transmitted to the second server 2. If the input is incorrect, it cannot be accepted by the system and the unlocking service is not provided. On the contrary, if the aforementioned user account and user password are the same as a set of registered account and registered password in the database module, the mobile communication device is allowed to perform an authorized unlocking procedure. The authorized unlocking procedure will be described in detail later.

The public key infrastructure module 300 is installed in the third server 3. The public key infrastructure (PKI) is an infrastructure composed of hardware, software, participants, management policies and processes, and its purpose is to create, manage, distribute, use, store and recover digital certificates. The public key infrastructure module 300 is to complete the purpose of the public key infrastructure, and the encryption technology it uses is the same as other public key infrastructure platforms. In practice, the public key infrastructure module 300 generates several pairs of key sets using the aforementioned registered NFC chip serial numbers, stores the public keys in the key sets and the registered NFC chip serial numbers, and can digitally sign any message with the public key in any pair of key sets to obtain a decryption code, which is included in the aforementioned decryption signal and transmitted to the corresponding NFC lock through the mobile communication device.

The unlocking processing module 400 is installed in the second server 2 and is informationally connected to the database module 100, the identity confirmation module 200 and the public key infrastructure module 300. The unlocking processing module 400 is the main technical component for executing the authorization unlocking procedure. See Figure 4, which is a flow chart of the authorization unlocking procedure, and the authorization unlocking procedure includes the following steps.

The first step: serial number receiving step (S01). The specific content of the serial number receiving step is to receive a target NFC chip serial number from an authorized mobile communication device that is allowed to execute the authorization unlocking procedure. The target NFC chip serial number is a NFC chip that controls a NFC lock unlocking mechanism obtained by the authorized mobile communication device. The NFC chip has a private key in the key set generated by the target NFC chip serial number. For example, the authorized mobile communication device is the first mobile communication device 4, that is, employee A can approach any NFC lock to obtain the NFC chip serial number in the NFC chip after logging into the system using his registered account N0001 and obtaining authorization. For the sake of clarity, the acquired NFC chip serial number is called the target NFC chip serial number, which is different from other registered NFC chip serial numbers that have not been acquired and other NFC chip serial numbers of NFC chips that do not belong to this system.

Step 2: The first judgment step (S02). The first judgment step is to judge whether the target near-field communication chip serial number is one of the registered near-field communication chip serial numbers. If not, the authorization unlocking procedure is stopped. The purpose of this step is to determine whether the near-field communication chip approached by the authorized mobile communication device is registered and used by this system. If the result of the above judgment is "no", then the authorization unlocking procedure is stopped, and the unlocking processing module 400 can also send a message such as "This lock is not controlled by this system, please ask the administrator" to the authorized mobile communication device, so that the user of the authorized mobile communication device can know that this near-field communication lock cannot be unlocked. If the result of the judgment is "yes", then the unlocking processing module 400 proceeds to the next step.

Step 3: Second judgment step (S03). The second judgment step is to judge whether the user account used by the authorized mobile communication device is the registered account set by the registered near-field communication chip serial number corresponding to the target near-field communication chip serial number. If not, the authorization unlocking procedure is stopped. The first judgment step is for the unlocking control of the near-field communication lock, and the second judgment step is for the authority control of the user. That is, only when the registered account with the same user account is set on the registered near-field communication chip corresponding to the target near-field communication chip serial number, the unlocking processing module 400 will proceed to the next step. Taking Figure 3 as an example, after employee B uses his registered account N0002 to log in to the system and obtains authorization, the NFC locks he can unlock are limited to those with registered NFC chip serial numbers NFC0004~NFC0008. Other NFC locks will stop at this step during the authorization unlocking process.

Step 4: random number receiving step (S04). The random number receiving step is to receive a generated random number from the authorized mobile communication device, and the generated random number is randomly generated by the near field communication chip. As mentioned above, the generated random number is randomly generated by the near field communication chip 33a in the near field communication lock that performs near field communication with the authorized mobile communication device, and its purpose is to be used for digital signature by the public key infrastructure module 300. In practice, this step can also be incorporated into the first step and processed synchronously by the unlocking processing module 400.

Step 5: Unlock code generation step (S05). The unlock code generation step is to transmit the target NFC chip serial number and the generated random number to the public key infrastructure module 300. The public key infrastructure module 300 uses the public key in the key group generated by the registered NFC chip serial number that is the same as the target NFC chip serial number to digitally sign the generated random number to obtain the corresponding unlock code. The purpose of this step is to use the public key infrastructure technology to digitally sign the generated random number generated by the NFC lock, and use the obtained unlock code for the NFC lock to determine whether to unlock.

Step 6: Unlocking step (S06). The unlocking step is to transmit the unlocking code back to the NFC chip through the authorized mobile communication device. The NFC chip uses the private key to digitally verify the unlocking code to obtain a verification random number. If the verification random number is the same as the generated random number, the NFC chip unlocks the NFC lock. The unlocking code may use the header and footer of the transmission protocol during the transmission process, which needs to be removed during the digital verification. The key point of this step to allow the NFC chip to unlock the NFC lock is to let the NFC chip perform a digital verification operation relative to the digital signature operation, and unlock it only when the confirmation result is the same as the generated random number issued. From the above explanation, it can be seen that in the entire unlocking process, the authorized mobile communication device only acts as a relay for information transmission and does not participate in the unlocking-related calculations. For those who need to unlock to obtain protected data or items, this system will first confirm his identity and management authority before executing the second half of the steps. In terms of operation, this system only requires the intervention of the system administrator when registering the near field communication chip serial number and setting the registration account, and the subsequent unlocking operations are all automated.

The unlock notification module 500 is installed in the second server 2 and connected to the database module 100 and the unlock processing module information 400. When a registered near field communication chip serial number is used to execute the authorization unlocking procedure, the unlock notification module 500 can synchronously notify at least one mobile communication device logged in with the same user account as the at least one registered account. As shown in FIG. 3 , when the registered NFC chip serial number NFC0006 is used to execute the authorization unlocking procedure with the registered account number N0002, since the registered account number set by the registered NFC chip serial number also has N0003, which is the registered account number of the boss, if the boss uses his registered account number as the user account to log in to the identity confirmation module 200, the unlocking notification module 500 will synchronously notify the third mobile communication device 6 used by the boss. The specific content of the notification of the unlocking notification module 500 is that the NFC lock corresponding to the registered NFC chip serial number NFC0006 is being opened by the person using the registered account N0002, and the relevant parties are informed of the current status of the specific lock. Of course, for the NFC lock with the registered NFC chip serial number NFC0001, since it is for private storage of items, it is not necessary to notify employee A when it is opened. However, considering that there may be the possibility of theft of the registered account, the system can also be set to receive the function of the unlocking notification module 500 report when the party opens the NFC lock for personal use. In this case, in the second judgment step of the authorization unlocking procedure, if the authorization unlocking procedure stops due to the judgment result of "no", that is, although the authorization unlocking procedure can be executed but the NFC lock without management authority is unlocked, the unlocking notification module 500 will further notify the authorized mobile communication device operator that he is not authorized to unlock the NFC lock. However, this kind of wrong unlocking may be unintentional, and the process will only be recorded in the database module 100. The unlocking notification module 500 will not notify the mobile communication device logged in with other registered accounts set by the registered NFC chip serial number.

For some companies with strict internal control, the details of the unlocking process need to be recorded to prevent the occurrence of information security incidents or to handle the subsequent information security incidents. To achieve this goal, the database module 100 needs to further record the data generated by the unlocking processing module 400 each time it executes the authorization unlocking procedure, and is not limited to whether the unlocking is successful or failed. For example, the data generated by executing the authorization unlocking procedure can include the time of occurrence, the registered account of the unlocking operation, the target NFC chip serial number, the reason for the success or failure of the unlocking, etc. In addition, the database module 100 also records the relevant data of the NFC lock corresponding to each registered NFC chip serial number. According to the present invention, the relevant data includes information tags of the classification of information or assets protected by the NFC lock. For a better understanding of this, please refer to Figure 3. Take the NFC lock with the registered NFC chip serial number NFC0002 as an example. The lock is applied to a storage cabinet, which stores samples of goods shipped in the past, shipping documents and some reference books. The content of the information tag can simply have the text of bulk samples, general documents and books. The function of the information tag is to let the unlocker know the type of things protected in the object locked by the NFC lock before unlocking. In practice, the information tag can also be a corresponding image, not limited to text.

After the database module 100 records the data generated by the unlocking processing module 400 each time executing the authorization unlocking procedure and the corresponding NFC lock related data, the unlocking processing module 400 can further add a first information tag step to the authorization unlocking procedure between any two steps after the first step, or after the sixth step. The specific content of the first information tag step is: sending the information tag of the NFC lock to the authorized mobile communication device and displaying it on it. Take the second mobile communication device 5 as an authorized mobile communication device to unlock the NFC lock 10 with the registered NFC chip serial number NFC0005 as an example, please refer to Figure 5, which shows the display state of the screen 5a of the second mobile communication device 5. The content displayed on the screen 5a includes the content classification of the information tags, and other notification matters, such as the text "Unlocking" and related animations informing that the authorization unlocking process is in progress. This information can be dynamically displayed through the mobile communication software installed on each mobile communication device.

In the previous embodiment, the relevant data of the NFC lock corresponding to each registered NFC chip serial number is recorded in the database module 100, called by the unlocking processing module 400 and presented on the screen of the authorized mobile communication device. In another embodiment, each NFC chip can also store relevant data, and the relevant data includes the information label of the classification of the information or assets protected by the aforementioned NFC lock. In other words, the source of the information label has changed. Therefore, the unlocking processing module 400 of the present system can also further add a second information label step to the authorization unlocking procedure between any two steps after the first step, or after the sixth step. The specific content of the second information tag step is: the NFC chip of the NFC lock sends the information tag of the NFC lock to the authorized mobile communication device and displays it on it. The display result is the same as Figure 5. The second information tag step and the first information tag step have different implementation conditions, so you must choose one to implement.

If the mobile communication device used by the unlocker may be lost or stolen by someone with bad intentions, and then used to unlock a specific NFC lock, the present invention also has a corresponding solution. To this end, the database module 100 can further record a personal identification number (PIN) bound to each registered account. This is another set of passwords set by the unlocker, which is different from the login password, and its use is explained as follows. The authorization unlocking procedure may further include the following steps at any time point after the first step and before the fifth step: A. Personal identity confirmation code acquisition step: receiving a personal identity confirmation code input by the unlocker from the authorized mobile communication device; and B. Personal identity confirmation code confirmation step: determining whether the personal identity confirmation code is one of the personal identity confirmation codes bound to the registered accounts, if not, stopping the authorization unlocking procedure. Step A is to dynamically "test" whether the unlocker remembers the personal identity confirmation code he has registered before the unlocking code is generated. If the unlocker is the registered account owner, he will not forget the personal identification code. He will enter the correct personal identification code to complete the unlocking, which is equivalent to another guarantee for the operation of this system. After entering the personal identification code, if it is correct, the subsequent steps will be continued. If it is incorrect, the authorization unlocking process will be stopped.

In a low-noise communication environment, the entire unlocking process is very fast, and the unlocker does not have to wait too long to unlock and retrieve the item. However, if the noise in the communication environment is high, the communication key between the NFC lock and the server must be communicated multiple times to complete the unlocking. In this case, the unlocker waiting for the unlocking must be informed when the unlocking is successful, so that he will not accidentally think that the unlocking is successful, thereby forcibly pulling the NFC lock to cause damage, or thinking that the system is malfunctioning. In addition, based on information security considerations, it is best for the unlocker to leave a note of his purpose for unlocking the NFC lock after it is opened, so that it can be tracked in the event of an information security incident in the future. In the following embodiments, the unlocking processing module 400 continues the sixth step of the authorization unlocking procedure and then has other steps to complete the entire procedure.

Please see FIG. 6, which is a partial flow chart of the authorization unlocking procedure in another embodiment. Step 7: Unlocking success notification step (S07). Unlocking success notification step The NFC chip notifies the unlocking processing module 400 of the unlocking success through the authorized mobile communication device. Step 8: Unlocking target collection step (S08). The unlocking purpose collection step is that the unlocking processing module 400 presents an unlocking purpose window on the authorized mobile communication device, so that the unlocker can input the unlocking purpose into the unlocking purpose window or select the unlocking reason from the menu displayed in the unlocking purpose window, and receives the unlocking purpose sent from the authorized mobile communication device and stores it in the database module 100. For a better understanding of this, please refer to FIG. 7, which shows the display state of the screen 4a of the first mobile communication device 4. The first mobile communication device 4 is used as the authorized mobile communication device for explanation. The screen 4a of the first mobile communication device 4 presents a window 4b for unlocking purpose. The menu displayed in the window 4b for unlocking purpose contains multiple reasons for unlocking for the unlocker to select. After selecting, the unlocker clicks the "Confirm" button to upload the unlocking reason to the server. After the unlocking processing module 400 receives it, it is stored in the database module 100 for standby use.

Finally, the information security notification module 600 of the present system is installed in the second server 2, and is connected to the database module 100 and the unlocking processing module 400. With the aforementioned unlocking purpose record service, the present system can use the information security notification module 600 to notify different notification units of the unlocker according to the unlocking purpose. A specific registered account has opened a specific near field communication lock. For example, if the unlocking purpose is a device failure and the server needs to be repaired, under the definition of ISO27001, this accident will cause business continuity, and the information security team that receives the notification needs to determine whether to notify the relevant parties, such as customers or consumers. For example, if the purpose of unlocking is to send the equipment for repair, the information security team that receives the notification needs to understand whether the equipment or components sent for repair contain storage memory. If so, they must follow the data deletion method and delete it before sending it for repair to avoid information leakage. Here, the notification unit is not limited to the upper-level managers of the organizational structure. For the company's important secrets or assets, managers may place them in special safe deposit boxes. Their actions of unlocking and taking items, especially during non-working hours, need to be reported to the security company or even the police station. In this case, the security company and the police station are the aforementioned notification units. In practice, a specific person in the company, such as a human resources manager, can also be found to act as the notification unit. According to the present invention, the database module 100 needs to further store the notification unit corresponding to each unlocking purpose in response to the aforementioned needs. For example, if the purpose of unlocking is to authorize the order to pick up the item, the notification unit is the human resources manager; if the purpose of unlocking is to regularly count the contents, the notification unit is the security company; if the purpose of unlocking is to accidentally open the item, the notification unit is the police station, etc. It should be emphasized that this kind of notification involves a wide range of matters, and the commercial value of the data or items protected by the NFC lock involved is very high. When the unlocking processing module 400 stores the unlocking purpose of the NFC lock in the database module 100, the information security notification module 600 will notify the corresponding notification unit of the user account that executed the unlocking. When an information security incident occurs later, the user account in the record can be used to find the person involved as a basis for clarifying rights and responsibilities.

Although the present invention has been disclosed in the form of implementation as above, it is not intended to limit the present invention. Anyone with ordinary knowledge in the relevant technical field can make some changes and modifications without departing from the spirit and scope of the present invention. Therefore, the scope of protection of the present invention shall be subject to the scope of the patent application attached hereto.

1: First server

2: Second server

3: Third server

4: First mobile communication device

5: Second mobile communication device

6: Third mobile communication device

7: File Cabinet

8: Folder

9: Safe

10: Near Field Communication Lock

100: Database module

200: Identity confirmation module

300: Public key infrastructure module

400: Unlock processing module

500: Unlock notification module

600: Information security notification module

Claims (12)

A security management system for authorizing the opening of a near field communication lock is installed in a server cluster and connected to a plurality of mobile communication devices, including: a database module for storing a plurality of registered accounts and a registration password corresponding to each registered account, a plurality of registered near field communication chip serial numbers, and each registered near field communication chip serial number At least one registered account is selected from the plurality of registered accounts; an identity verification module is connected to the database module information, receives a user account and a user password from any mobile communication device, and allows the mobile communication device to access the mobile communication device if the user account and the user password are the same as a set of registered account and registered password in the database module. An authorization unlocking procedure is performed; a public key infrastructure module generates a plurality of key sets with the registered near field communication chip serial numbers, stores the public keys in the key sets and the registered near field communication chip serial numbers, and can digitally sign any message with the public key in any pair of key sets to obtain an unlocking code; and an unlocking processing module , and the database module, the identity confirmation module and the public key infrastructure module information connection, execute the authorization unlocking procedure, the authorization unlocking procedure includes the following steps: serial number receiving step: receiving a target near field communication chip serial number from an authorized mobile communication device that is allowed to execute the authorization unlocking procedure, the target near field communication chip The serial number is a NFC chip for controlling a NFC lock unlocking mechanism taken from the authorized mobile communication device, and the NFC chip has a private key in a key set generated by the target NFC chip serial number; the first judgment step: judging whether the target NFC chip serial number is one of the registered NFC chip serial numbers, if not, stopping the authorization unlocking procedure; the second judgment step: judging whether the user account used by the authorized mobile communication device is the registered account set by the registered NFC chip serial number corresponding to the target NFC chip serial number, if not, stopping the authorization unlocking procedure; random number receiving step: receiving a generated random number from the authorized mobile communication device, The generated random number is randomly generated by the near field communication chip; the unlocking code generation step: the target near field communication chip serial number and the generated random number are transmitted to the public key infrastructure module, and the public key infrastructure module uses the public key in the key group generated by the registered near field communication chip serial number that is the same as the target near field communication chip serial number to generate the generated random number. The NFC chip digitally signs the generated random number to obtain the corresponding unlocking code; and the unlocking step: the unlocking code is sent back to the NFC chip through the authorized mobile communication device, and the NFC chip digitally verifies the unlocking code with the private key to obtain a verification random number. If the verification random number is the same as the generated random number, the NFC chip unlocks the NFC lock. The information security management system for authorizing the opening of a near field communication lock as described in claim 1, wherein the database module further records the data generated by the unlocking processing module each time the authorization unlocking procedure is executed, and the relevant data of the near field communication lock corresponding to each registered near field communication chip serial number. The information security management system for authorizing the opening of the near field communication lock as described in claim 2 further comprises an unlock notification module, which is informationally connected to the database module and the unlock processing module. When a registered near field communication chip serial number is used to execute the authorized unlocking procedure, the unlock notification module synchronously notifies at least one mobile communication device logged in with the same user account as the at least one registered account. As described in claim 3, in the information security management system for authorizing the unlocking of a near field communication lock, in the second judgment step of the authorization unlocking procedure, if the authorization unlocking procedure stops due to a negative judgment result, the unlocking notification module further notifies the authorized mobile communication device operator that he is not authorized to unlock the near field communication lock. An information security management system for authorizing the opening of a near field communication lock as described in claim 2, wherein the relevant data of the near field communication lock includes information tags for the classification of information or assets protected by the near field communication lock. The information security management system for authorizing the opening of the near field communication lock as described in claim 5, wherein the authorization unlocking procedure further includes a first information tag step: the unlocking processing module sends the information tag of the near field communication lock to the authorized mobile communication device and displays it on it. The information security management system for authorizing the opening of a near field communication lock as described in claim 1, wherein each near field communication chip stores a piece of relevant data, and the relevant data includes an information label of the classification of the information or assets protected by the near field communication lock. The information security management system for authorizing the opening of the NFC lock as described in claim 7, wherein the authorization unlocking procedure further includes a second information tag step: the NFC chip of the NFC lock sends the information tag of the NFC lock to the authorized mobile communication device and displays it on it. The information security management system for authorizing the opening of the near field communication lock as described in claim 1, wherein the authorized unlocking procedure further comprises the following steps: Unlocking success notification step: the near field communication chip notifies the unlocking processing module of the successful unlocking through the authorized mobile communication device; Unlocking purpose collection step: the unlocking processing module presents an unlocking purpose window on the authorized mobile communication device, allowing the unlocker to input the unlocking purpose into the unlocking purpose window or select the unlocking reason in the menu displayed in the unlocking purpose window, and receives the unlocking purpose sent from the authorized mobile communication device and stores it in the database module. The information security management system for authorizing the opening of the NFC lock as described in claim 9 further comprises an information security notification module, which is in information communication with the database module and the unlocking processing module, wherein the database module further stores the notification unit corresponding to each unlocking purpose, and when the unlocking processing module stores the unlocking purpose of the NFC lock after unlocking in the database module, the corresponding notification unit is notified of the user account that performs the unlocking. The information security management system for authorizing the opening of a near field communication lock as described in claim 2, wherein the database module further records a personal identification code bound to each registered account. The information security management system for authorizing the opening of the near field communication lock as described in claim 11, wherein the authorization unlocking procedure further includes the following steps: a personal identity confirmation code acquisition step: receiving a personal identity confirmation code input by the unlocker from the authorized mobile communication device; and a personal identity confirmation code confirmation step: determining whether the personal identity confirmation code is one of the personal identity confirmation codes bound to the registered accounts, and if not, stopping the authorization unlocking procedure.