Application of One Card System Based on CPU Card Technology in Intelligent Buildings
1 technical background
Since the Mifare 1 card key cracking incident was widely watched by social media in February 2009, the security of contactless logical encryption cards has become one of the hottest topics in the smart card industry. The traditional NXP Mifare 1 card algorithm has been cracked, which has brought a security crisis to the security of access control products and the entire security industry. It is foreseeable that if this research result is maliciously exploited, most access control systems will lose their meaning. For the security crisis of the Mifare 1 card chip, the Ministry of Industry and Information, the National Cryptographic Authority and other competent authorities issued relevant policy documents at the first time, requiring all industries and units at all levels to give full attention.
.jpg)
At present, it is extremely urgent for domestic government agencies, judicial, military, prison, public security and state key departments to replace the original ID card or logical encryption card access control system with a more secure CPU card access control product. In addition, there are also huge security risks in the application of the card in the new intelligent building project.
The CPU card and CPU card card system with domestic independent intellectual property rights can effectively solve the serious security risks of the traditional card system based on Mifare 1 logical encryption card.
Tongfang Ruian Technology Co., Ltd. (formerly Tongfang Smart Card Products Co., Ltd.) is a supplier and service provider of smart cards, electronic tags, reading and writing machines, and industrial application software. Relying on the complete industrial chain layout of chip design, label packaging, machine tool manufacturing and software middleware in the smart card industry, the company has accumulated a large number of successful cases in the field of CPU card industry application: the introduction of non-contact CPU card technology The card system can be widely applied to the intelligent building card system of government departments, financial securities, judicial prisons, military organs, military enterprises and other security-related units and key units.
2 industry background
The card system has gradually become a widely used card system from the initial access control system. It almost touches all aspects of unit operation management. From the current application point of view, attendance, visitors, patrols, conference sign-in, and consumption have been derived. Multiple subsystem modules such as parking lot access, elevator control, etc., and with the expansion of requirements for personnel identification and item certification, the application field of smart card systems is still expanding.
As a subsystem in the building intelligent application system, the intelligent building card system centrally stores the basic information of the cardholders and the operating data of the card system, and centrally processes the system operation of the card. The multiple application subsystems share the same smart card. The same platform and the same database complete the basic information of all personnel in the system, the operation, storage and sharing of the reading information of each subsystem, so as to realize the application functions of subsystem modules such as access control, attendance and consumption.
The intelligent building card system should realize the cardholder's card consumption behavior in the consumer place; the self-inquiry function of the historical record of the operations such as recharging, credit card consumption, and self-service subsidy is needed; at the same time, the credit limit and number of restrictions on the card should be considered. To protect the loss of the lost card.
As an integral part of intelligent system integration, the intelligent building card system should be open. The system platform can be hooked and bundled in IBMS, BAS and other systems through the standard interface protocols such as OPC and SOCKET to realize the corresponding function integration. Realize linkage with monitoring system, fire protection system and equipment management system.
The intelligent building card system should realize the data docking with the unit operation management system of OA, HR, etc. For example, through the data integration between the systems, the basic data of the card holders in the card system can be updated in time as the relevant data of the human resources department changes; The ERP system can timely obtain the attendance information data of the card holders in the card system.
3 construction goals
Through the powerful software function combination and perfect hardware supporting equipment of the intelligent building CPU card card management system, the intelligent building staff can carry out consumption, access control, attendance management, conference attendance, vehicle access management with only one CPU card. Personnel visitor access management and other "one card" services, and can be extended to patrol, elevator control and other systems and docking with HR systems, OA systems, financial systems, ERP systems, IBMS and other systems.
4 card selection
Compared with the Mifare 1 card, the contactless CPU card has a separate CPU processor and chip operating system, so it can more flexibly support a variety of different application requirements and a more secure design transaction process. The contactless CPU card has three authentication methods, cardholder legality certification - PIN verification, card legality certification - internal authentication, system legality certification - external authentication, for each unit of the transaction (cardholder , cards, terminal equipment) mutual authentication to ensure the legality of the transaction medium. In the above authentication process, the key does not appear in the plaintext on the line, and each time it is sent, it is encrypted by random number, and because the random number participates, it ensures that the content of each transmission is different, and the legality of the transaction content is guaranteed. Therefore, the use of non-contact CPU cards can eliminate counterfeit cards, counterfeit terminals, and counterfeit transactions, ultimately ensuring the security of transactions.
Based on the above analysis, the intelligent building CPU card card management system adopts Tongfang TF-CS2000 series non-contact CPU card, which is a non-contact CPU card with TDES/DES hardware acceleration function independently developed by Tongfang. The product supports multi-application firewall, supports internal and external two-way authentication, has hardware DES processor and true random number generator, conforms to IEC/ISO14443 standard; has anti-collision mechanism, supports anti-plug processing and data power-off protection mechanism, suitable for each High-end CPU card application area.
5 system components
The system comprises a card center platform, a transaction application platform, an identity application platform, a self-service application platform, and a key management module, a card initialization module, a central management module, a card management module, a consumption management module, an access control module, and an attendance. Management system, online patrol management, personnel visitor management, self-service query module, etc., as shown in the figure.
.jpg)
(1) One Card Center Platform System: It is the core layer of the card. It consists of a card center database and various modules such as identity management, transaction settlement management and system management. It mainly manages all kinds of application subsystems and hardware terminals of the card. Manage business flows and data flows.
(2) One-card application subsystem: It is the application service layer of the card, providing all kinds of application function management of the card, including card management, comprehensive inquiry, consumption, access control, attendance, personnel visitor management and other subsystems. Through various POS machines and card reading devices, the card information of the cardholders is collected and read, and the cardholders are managed through the computer terminal to provide cardholders with various services related to the card.
(3) Third-party application interface: The card system provides a standardized interface and an open communication protocol, which facilitates the third-party application subsystem to access the card center platform through a unified application interface to realize data sharing and data exchange.
Repair Mask,Maintain Stability Mask ,Sensitive Skin Mask ,Soothing Mask
Guangdong Yueji Cosmetics Co., Ltd , https://www.mask-family.com