CN-121236842-B - NFC-based passive electronic lock unlocking method, system and storage medium

Abstract

The invention provides an unlocking method, a system and a storage medium of a passive electronic lock based on NFC, wherein the lock is started by receiving energy generated by NFC near field communication, then an authentication instruction is analyzed to extract identity information and a timestamp, the identity information is matched with an identity library to finish first re-authentication, then a deviation value of the timestamp and an internal clock of the lock is calculated, second re-authentication is finished through a preset time window threshold value, third re-authentication is finished based on NFC communication energy information and through comparison of two-stage signal intensity threshold values, and finally fourth re-authentication is finished based on communication context information of the timestamp and a preset behavior pattern matching model.

Inventors

• ZHANG GUANFENG

Assignees

• 深圳市天龙世纪科技发展有限公司

Dates

Publication Date

20260512

Application Date

20251114

Claims (10)

1. 1. An unlocking method of a passive electronic lock based on NFC, which is characterized by comprising the following steps: responding to a driving power supply provided by NFC, and acquiring a first verification instruction of lockset communication; Analyzing the first verification instruction to obtain identity information and a time stamp; Judging whether the identity information is matched with a preset identity library or not; if not, outputting an identity verification abnormality; if yes, calculating clock deviation between the time stamp and the lockset; If the clock deviation exceeds a preset deviation threshold, outputting clock verification abnormality; if the clock deviation does not exceed the preset deviation threshold, acquiring NFC communication energy information; judging whether the communication energy information is in a preset energy threshold range or not; If not, outputting an energy verification abnormality; if yes, acquiring communication context information according to the time stamp; inputting the communication context information into a preset behavior pattern matching model; If the pattern matching fails, the output behavior is abnormal; If the pattern matching is successful, an unlocking signal is generated and the lockset is driven to unlock.
2. 2. The method for unlocking a passive electronic lock based on NFC according to claim 1, wherein the determining whether the identity information matches a preset identity library specifically includes: Extracting an identifier type and an identity code according to the identity information; if the identifier type is a plaintext identifier, matching the identity code with a white list item in the identity library; if the identifier type is a ciphertext identifier, performing preset decryption or signature verification processing on the identity code, and then matching with identity items in the identity library; If the matching is successful, obtaining an identity unique code; If the matching fails, the identity verification is output abnormally, and the unlocking process is terminated.
3. 3. The method for unlocking a passive electronic lock based on NFC according to claim 1, wherein the calculating the clock deviation between the timestamp and the lock specifically includes: acquiring an internal clock based on a lock RTC; obtaining current time information according to the internal clock; calculating the absolute difference value of the timestamp and the current time information to obtain clock deviation; judging whether the clock deviation exceeds a preset deviation threshold value or not; if not, the output time passes the verification; if yes, outputting the time verification abnormality, and ending the unlocking process.
4. 4. The method for unlocking a passive electronic lock based on NFC according to claim 1, wherein the determining whether the communication energy information is within a preset energy threshold range specifically includes: acquiring an RSSI value representing communication energy information based on preset conversion processing according to the NFC communication link monitored in real time; According to the RSSI value and a preset signal strength lower limit threshold, executing first energy comparison, and judging whether the communication distance is in an effective near field range or not; If yes, executing second energy comparison according to the RSSI value and a preset upper limit threshold of the signal intensity, and judging whether a signal relay attack risk exists or not; If not, the output energy passes the verification.
5. 5. The method for unlocking a passive electronic lock based on NFC according to claim 1, wherein the inputting the communication context information into a preset behavior pattern matching model specifically includes: According to the time stamp, extracting a communication request in a preset time window in the historical communication instruction record to obtain communication context information; According to the identity information in the communication request, calling a history unlocking record to obtain history behavior mode data; inputting the communication context and the historical behavior pattern data into a behavior pattern matching model, and executing comparison analysis to detect abnormal behavior; if the current request accords with the historical behavior rule, the output behavior verification is passed; If the current request deviates from the historical behavior law and exceeds the preset tolerance, outputting behavior verification abnormality, and terminating the unlocking process.
6. 6. The method for unlocking a passive electronic lock based on NFC according to claim 1, further comprising, after outputting an identity check exception, a clock check exception, an energy check exception, or a behavior exception: Obtaining abnormal output information; based on a preset abnormal type log template, adding abnormal output information to an abnormal log; obtaining abnormal frequency information according to the abnormal log; Setting verification cooling time according to the abnormal frequency information; Controlling the lockset to enter a standby state; And recovering to receive the unlocking verification request according to the verification cooling time.
7. 7. The system is characterized by comprising a memory and a processor, wherein the memory comprises an NFC-based passive electronic lock unlocking method program, and the NFC-based passive electronic lock unlocking method program is executed by the processor to realize the following steps: responding to a driving power supply provided by NFC, and acquiring a first verification instruction of lockset communication; Analyzing the first verification instruction to obtain identity information and a time stamp; Judging whether the identity information is matched with a preset identity library or not; if not, outputting an identity verification abnormality; if yes, calculating clock deviation between the time stamp and the lockset; If the clock deviation exceeds a preset deviation threshold, outputting clock verification abnormality; if the clock deviation does not exceed the preset deviation threshold, acquiring NFC communication energy information; judging whether the communication energy information is in a preset energy threshold range or not; If not, outputting an energy verification abnormality; if yes, acquiring communication context information according to the time stamp; inputting the communication context information into a preset behavior pattern matching model; If the pattern matching fails, the output behavior is abnormal; If the pattern matching is successful, an unlocking signal is generated and the lockset is driven to unlock.
8. 8. The system of claim 7, wherein the determining whether the identity information matches a preset identity library specifically includes: Extracting an identifier type and an identity code according to the identity information; if the identifier type is a plaintext identifier, matching the identity code with a white list item in the identity library; if the identifier type is a ciphertext identifier, performing preset decryption or signature verification processing on the identity code, and then matching with identity items in the identity library; If the matching is successful, obtaining an identity unique code; If the matching fails, the identity verification is output abnormally, and the unlocking process is terminated.
9. 9. The system for unlocking a passive electronic lock based on NFC according to claim 7, wherein the calculating the clock deviation between the timestamp and the lock comprises: acquiring an internal clock based on a lock RTC; obtaining current time information according to the internal clock; calculating the absolute difference value of the timestamp and the current time information to obtain clock deviation; judging whether the clock deviation exceeds a preset deviation threshold value or not; if not, the output time passes the verification; if yes, outputting the time verification abnormality, and ending the unlocking process.
10. 10. A computer readable storage medium, on which a computer program is stored, characterized in that the computer readable storage medium comprises a passive electronic lock unlocking method program based on NFC, which when executed by a processor, implements the steps of the passive electronic lock unlocking method based on NFC according to any one of claims 1 to 6.

Description

NFC-based passive electronic lock unlocking method, system and storage medium Technical Field The invention relates to the field of passive electronic locks, in particular to an unlocking method, an unlocking system and a storage medium of a passive electronic lock based on NFC. Background Along with the rapid development of the Internet of things and the intelligent access control system, in the fields of high-end security, logistics storage and intelligent home, the passive electronic lock has been widely focused on because of the characteristics of no built-in power supply and low maintenance cost. However, the existing passive electronic lock scheme based on NFC technology still has a significant technical bottleneck in realizing security and reliability. Firstly, the prior art relies on a single verification mechanism, for example, authentication is performed only through identity matching or basic encryption algorithm, and the static verification mode is easy to suffer from replay attack and identity forging and cannot cope with dynamic security threat. Secondly, the traditional scheme lacks effective monitoring of physical characteristics of a communication environment, and cannot discriminate short-distance attacks implemented through signal relay equipment, so that the safety boundary of near field communication is similar to a dummy. Then, most systems do not introduce a user behavior pattern analysis mechanism, so that abnormal operation behaviors after legal certificates are stolen are difficult to identify, and active early warning capability on potential risks is lacked. Finally, the existing scheme often lacks an effective active defense strategy when encountering continuous illegal attempts, and cannot record complete attack traceability information or block violent cracking through an intelligent cooling mechanism, so that the overall anti-attack capability of the system is insufficient. Therefore, a passive electronic lock unlocking technology that can integrate multiple security verification dimensions and behavior analysis capabilities and can realize dynamic security policy adjustment is needed. Disclosure of Invention In view of the above problems, the present invention aims to provide a passive electronic lock unlocking method, a system and a storage medium based on NFC, which implement omnibearing and multi-layer dynamic security protection by constructing a quadruple interlink security barrier of identity authentication, time window authentication, near field energy authentication and behavior pattern authentication. The method comprises the steps of firstly distinguishing plaintext and ciphertext identity marks and executing corresponding verification processing to achieve compatibility and system applicability of certificates with different security levels, secondly achieving effective blocking of replay attacks and strict control of instruction timeliness by accurately calculating timestamp deviation and executing time window threshold judgment, then achieving accurate control of communication distances and reliable recognition of relay attacks by executing double energy comparison based on upper and lower limits of signal intensity, finally achieving active wind control of identity theft and abnormal operation by performing intelligent matching analysis on communication context and historical behavior patterns, and furthermore achieving intelligent suppression of violent cracking actions and continuous optimization of system security states by establishing an abnormal log audit and verification cooling time self-adjusting mechanism. The first aspect of the invention provides a passive electronic lock unlocking method based on NFC, which comprises the following steps: responding to a driving power supply provided by NFC, and acquiring a first verification instruction of lockset communication; Analyzing the first verification instruction to obtain identity information and a time stamp; Judging whether the identity information is matched with a preset identity library or not; if not, outputting an identity verification abnormality; if yes, calculating clock deviation between the time stamp and the lockset; If the clock deviation exceeds a preset deviation threshold, outputting clock verification abnormality; if the clock deviation does not exceed the preset deviation threshold, acquiring NFC communication energy information; judging whether the communication energy information is in a preset energy threshold range or not; If not, outputting an energy verification abnormality; if yes, acquiring communication context information according to the time stamp; inputting the communication context information into a preset behavior pattern matching model; If the pattern matching fails, the output behavior is abnormal; If the pattern matching is successful, an unlocking signal is generated and the lockset is driven to unlock. In this scheme, judge whether the identity information matches t