[go: up one dir, main page]

CN120105436B - Intelligent self-service method with identity recognition function and terminal - Google Patents

Intelligent self-service method with identity recognition function and terminal

Info

Publication number
CN120105436B
CN120105436B CN202510589597.6A CN202510589597A CN120105436B CN 120105436 B CN120105436 B CN 120105436B CN 202510589597 A CN202510589597 A CN 202510589597A CN 120105436 B CN120105436 B CN 120105436B
Authority
CN
China
Prior art keywords
update
module
updated
data
task
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202510589597.6A
Other languages
Chinese (zh)
Other versions
CN120105436A (en
Inventor
刘彦能
朱恒力
杨钰
刘宇
张建兵
何超
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Guangdong Create Technology Co ltd
Original Assignee
Guangdong Create Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Guangdong Create Technology Co ltd filed Critical Guangdong Create Technology Co ltd
Priority to CN202510589597.6A priority Critical patent/CN120105436B/en
Publication of CN120105436A publication Critical patent/CN120105436A/en
Application granted granted Critical
Publication of CN120105436B publication Critical patent/CN120105436B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/572Secure firmware programming, e.g. of basic input output system [BIOS]
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/33User authentication using certificates
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • G06F21/53Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Storage Device Security (AREA)

Abstract

The application relates to the technical field of self-service, in particular to an intelligent self-service method with an identity recognition function and a terminal. The system comprises an updating isolation module and a pluggable functional module, wherein the updating isolation module is connected with the pluggable functional module, the pluggable functional module is used for connecting external equipment and sending a connection success signal to the updating isolation module after the connection is successful, the updating isolation module is used for detecting the connection permission of the external equipment and identifying the identity information of a pluggable person after receiving the connection success signal, and a preset API interface is used for receiving and downloading a task to be updated after the updating permission is determined. After the verification of the external equipment is confirmed and the identity information of the plug-in personnel is identified, the update isolation module receives and downloads the task to be updated through a preset API interface, which is the core of the update process, so that the transmission safety of the task to be updated and the correctness of the task to be updated are ensured.

Description

Intelligent self-service method with identity recognition function and terminal
Technical Field
The application relates to the technical field of self-service, in particular to an intelligent self-service method with an identity recognition function and a terminal.
Background
Along with the comprehensive promotion of informatization construction in various fields of social services, the intelligent self-service terminal is used as an important carrier bridging a user and a system platform, and is widely applied to a plurality of public service scenes such as government service, financial transaction, medical registration, transportation trip, education informatization and the like.
However, as the functions of the intelligent self-service terminal are increasingly complex, the operation environments are gradually diversified, and some self-service terminals with higher security requirements can generally perform online update only in order to avoid on-line intrusion interfaces, so how to avoid potential risks in the update process becomes a key of technical development on the premise of ensuring update efficiency and update content safety of the intelligent self-service terminal.
Disclosure of Invention
The application provides an intelligent self-service method with an identity recognition function and a terminal, and aims to solve the problems.
In a first aspect, the present application provides an intelligent self-service terminal with an identity recognition function, where the terminal includes an update isolation module and a pluggable functional module;
The updating isolation module is connected with the pluggable functional module;
The pluggable functional module is used for connecting external equipment and sending a connection success signal to the update isolation module after the connection is successful;
And the update isolation module is used for detecting the connection permission of the external equipment and identifying the identity information of the plug-in personnel after receiving the connection success signal, and receiving and downloading the task to be updated through a preset API interface after determining that the update is allowed.
Through the scheme, the connection between the updating isolation module and the pluggable functional module ensures that the interaction between the external equipment and the terminal internal equipment can be performed through one controlled interface, so that the risk of directly accessing the core equipment is reduced. The pluggable functional module is connected with external equipment such as a USB flash disk, so that the intelligent self-service terminal can receive tasks to be updated from the outside. The connection of the external device is the starting point of the updating process, and provides a physical basis for task transmission and identity information verification. The successful connection signal sent by the pluggable functional module is an important feedback mechanism informing the update isolation module that the task to be updated is ready to be received and the authentication is performed. And detecting the connection permission of the external equipment, ensuring that only the authorized equipment can be updated, and verifying the legitimacy of the external equipment by checking the digital certificate and the hardware feature code of the external equipment. The updating isolation module simultaneously recognizes that the identity information of the pluggable personnel is part of the multiple identity information authentication process, so that only the authorized pluggable personnel can execute the updating operation, and the safety of the updating process is improved. After the verification of the external equipment is confirmed and the identity information of the plug-in personnel is identified, the update isolation module receives and downloads the task to be updated through a preset API interface, which is the core of the update process, so that the transmission safety of the task to be updated and the correctness of the task to be updated are ensured.
Optionally, the update isolation module includes a plurality of virtual isolation boxes, and each virtual isolation box is internally provided with an independent sandbox environment and is used for isolating and updating the task to be updated after receiving the task to be updated.
By the scheme, the update isolation module provides an independent execution space for each task to be updated by creating a plurality of virtual isolation boxes. And even if a task to be updated has a problem, other parts of the intelligent self-service terminal cannot be affected, so that the stability of the intelligent self-service terminal and the safety of user data are protected. And configuring an independent sandbox environment in each virtual isolation box, and limiting the authority and resource access of the task to be updated. The independent sandbox environment prevents potential threats to the intelligent self-service terminal by tasks to be updated, such as malicious code execution or data leakage. And receiving the task to be updated through a preset API interface, ensuring the safety and consistency of the transmission of the task to be updated, and preventing the task to be updated from being tampered or leaked in the transmission process. And the tasks to be updated are distributed to the corresponding virtual isolation boxes and independent sandboxes for isolation update, so that the influence of errors or malicious behaviors in the update process on the original functions of the terminal is prevented, and the stable operation of the intelligent self-service terminal is ensured.
Optionally, when detecting the connection permission of the external device, the update isolation module is configured to:
Reading a digital certificate and a hardware feature code of the external equipment;
And analyzing the digital certificate and the hardware feature code to determine whether the external device is a trusted device.
By the scheme, the updating isolation module reads the digital certificate on the external device to ensure the authenticity and reliability of the identity information of the external device. By reading the digital certificate, the update isolation module is facilitated to verify whether the external device is known and trusted. The updating isolation module reads hardware feature codes of the external device, such as serial numbers, MAC addresses and the like. The update isolation module further confirms the identity information of the external device by reading the information of the hardware feature code and ensures that the external device is not tampered. The update isolation module analyzes the read digital certificate and hardware feature code, is favorable for verifying the external device, and judges whether the external device is authorized to perform update operation by comparing the digital certificate and the hardware feature code with prestored authorization device information. And through analysis results, the updating isolation module determines whether the external equipment is a trusted equipment, thereby being beneficial to ensuring the safety of the updating process and preventing potential threat of the un-trusted equipment to the intelligent self-service terminal.
Optionally, after the task to be updated is updated, obtaining a process to be detected, and entering an isolation detection stage, wherein the independent sandbox environment is used for monitoring operation data of the process to be detected in real time, determining operation smoothness, and releasing the process to be detected when the operation smoothness is higher than a preset smoothness threshold so that the process to be detected and other existing processes enter the same operation environment.
According to the scheme, the task to be updated is updated in the independent sandbox environment, so that the original function of the intelligent self-service terminal is not influenced in the updating process, and the new task to be updated is allowed to be performed under the condition of no interference, so that potential conflict and error are avoided. The update isolation module extracts an updated process to be detected from the independent sandbox environment, and ensures the integrity of a task to be updated. The process to be detected enters an isolation detection stage, and the process to be detected is prevented from affecting the stable operation of the intelligent self-service terminal. The start of the isolation detection phase marks the preparation of the transition of the task to be updated from the stand-alone sandboxed environment to the actual running environment. The independent sandbox environment monitors the running data of the process to be detected in real time, including resource use conditions, error logs, performance indexes and the like, and is beneficial to evaluating the running state and performance of the process to be detected, so that the updated process to be detected can meet expected performance standards. The running smoothness ensures that the updated process to be detected provides good user experience. Comparing the preset fluency threshold helps ensure that the updated process to be detected reaches the expected performance level. If the running fluency of the process to be detected is higher than a preset fluency threshold, determining that the updated process to be detected starts to provide services for the user, and not negatively affecting the stability of the intelligent self-service terminal.
Optionally, the intelligent self-service terminal further comprises a data calling module connected with the update isolation module;
after the process to be detected enters an isolation detection stage, the update isolation module is used for analyzing the operation logic of the process to be detected, determining the data and the operation period required by operation, and sending a data calling signal to the data calling module according to the data and the operation period required by operation;
and after receiving the data calling signal, the data calling module analyzes the data calling signal, determines the data sending frequency according to the operation period, and sends the data required by the operation to the updating isolation module according to the data sending frequency.
Through the scheme, the update isolation module analyzes the operation logic of the process to be detected, so that the process to be detected can normally operate after being updated, and faults caused by data problems can be avoided. Based on the operation logic analysis, the update isolation module determines which data are needed by the process to be detected in the operation process, ensures that the process to be detected has enough data support in the operation process, and completes the expected function. The update isolation module analyzes the running period of the process to be detected, is beneficial to planning the frequency and the time of data retrieval, and ensures that the data is extracted at the correct time. The data calling signal contains the request information and the calling schedule of the data calling, and the timeliness and the accuracy of the data calling are ensured. Resolving the data retrieval signal ensures that the data retrieval module correctly recognizes and performs the data retrieval task. Determining the frequency of data transmission involves scheduling the points in time of transmission of data according to the run-time of the process to be detected, ensuring that the data can be transmitted at the correct point in time. According to the determined data sending frequency, the data calling module extracts data required by operation from the database, and sends the data to the updating isolation module through a safe data transmission channel, so that the safety of data transmission is ensured, and the data is prevented from being intercepted or tampered in the transmission process.
Optionally, the update isolation module further includes a data transmission channel, and an encryption protocol is set in the data transmission channel and connected with the data calling module, and is configured to receive the data required for operation, encrypt the data according to the encryption protocol, and then transmit the encrypted data required for operation to the independent sandbox environment of the update isolation module.
By the scheme, the security of the data transmission channel is ensured by configuring an encryption protocol. The encryption protocol provides end-to-end encryption in the transmission process of the data required by operation, and prevents the data required by operation from being intercepted or tampered in the transmission process, thereby protecting the security and the integrity of the data required by operation. The data calling module encrypts data before sending the data required by operation, so that the security of the data required by operation is improved, and an unauthorized third party is prevented from accessing or modifying the data in the transmission process. And the encrypted data required by operation are packed into a data packet, so that the ordered transmission and easy management of the data required by operation are ensured. Each data packet contains encrypted data and necessary metadata, such as packet sequence numbers, data lengths, etc., to assist the receiving party in correctly unpacking and processing the data. The data transmission channel with the encryption protocol is configured to transmit the data packet, so that the safety of the data packet in the transmission process is ensured, the reliable transmission of the data packet is ensured, and the integrity of the data packet can be ensured even under the condition that the network is unstable. The updating isolation module receives the data packet through a data transmission channel configured with an encryption protocol, the receiving process comprises the steps of checking and verifying the integrity of the received data packet, ensuring that the data packet is not tampered in the transmission process, and protecting the integrity and the safety of the data packet. The decryption process ensures that the data packets can be used and processed correctly after reaching the terminal. The independent sandbox environment ensures the isolation of data required for operation and prevents leakage of the data required for operation or potential influence on other parts of the terminal.
Optionally, the update isolation module is used for receiving NFC verification information when identifying the identity information of the pluggable personnel, analyzing the NFC verification information, determining whether the tablet has an internal update permission, and if so, acquiring face identification information and fingerprint authentication information;
And if the internal updating permission does not exist, sending a device pop-up signal to the pluggable functional module to disconnect the external device.
Through this scheme, update isolation module passes through NFC technique receipt NFC verification information, helps plug personnel authentication, ensures that plug personnel hold effectual identity verification instrument. The update isolation module analyzes the received NFC authentication information to determine whether the tablet has an internal update permission, thereby being helpful for verifying whether a pluggable personnel has the right to execute the update operation and preventing unauthorized update attempts. If the analysis result shows that the tablet has an internal update permission, the update isolation module allows the update operation to continue, so that only authorized pluggable personnel can start the update flow. The face recognition information of the plug personnel is acquired through the integrated face recognition equipment, an additional identity verification layer is provided, and safety is improved. Meanwhile, fingerprint authentication information of the pluggable personnel is obtained through the fingerprint scanner, and the identity of the pluggable personnel is further confirmed. The updating isolation module analyzes the face identification information and the fingerprint authentication information, is beneficial to verifying the identity of the plug personnel, and ensures the validity of updating operation. The update isolation module will send a device pop-up signal to the pluggable functionality module to help prevent unauthorized device connections. After receiving the equipment pop-up signal, the pluggable functional module disconnects the connection with the external equipment, prevents unauthorized updating operation, ensures the safety of the intelligent self-service terminal, and prevents the risks of unauthorized equipment access and data leakage.
Optionally, the terminal further includes a key verification module, connected to the pluggable functional module, configured to sense a connection state of the pluggable functional module in real time, obtain and verify a key string, and when it is determined that the key string is not verified correctly, trigger a physical port to perform power-off protection if the connection state is that the external device exists.
Through this scheme, the connection state of update isolation module real-time supervision pluggable function module, in time response external equipment insert or remove, help in real time grasp external equipment's safe state, prevent unauthorized external equipment connection. The key character string is acquired to help verify the legitimacy of the external device. And verifying the received secret key character string to ensure the authenticity, validity and legitimacy of the secret key character string. The authentication process helps to prevent forgery or tampering with the external device for the update operation. Checking the connection state ensures that the external device is in the connection state when security measures are taken. The power-down protection measures help prevent unauthorized external device access and potential security threats.
Optionally, the terminal further includes an update identification module connected to the update isolation module;
The update isolation module is used for sending the task to be updated to the update identification module after detecting the connection permission of the external device and determining that the link permission exists;
After receiving the task to be updated, the update identification module analyzes the task to be updated and determines an encrypted watermark and a digital signature of the task to be updated;
Retrieving verification information of the rest of the existing processes, verifying the encrypted watermark and the digital signature according to the verification information;
And if the encrypted watermark and the digital signature are matched with the verification information and the encrypted watermark and the digital signature only correspond to one existing process, sending a verification passing signal to the update isolation module.
According to the scheme, the update isolation module sends the task to be updated to the update identification module, so that the transmission of the task to be updated is ensured. The parsing process of the task to be updated is helpful to extract the encrypted watermark and digital signature in the task to be updated. The encrypted watermark and digital signature help to verify the integrity and origin of the task to be updated. The update identification module retrieves the verification information of the rest existing processes from the database, thereby being beneficial to verifying the validity of the task to be updated and ensuring the safety of the update operation. The updating identification module is used for verifying the encryption watermark and the digital signature according to the fetched verification information, so that the integrity and the source of the task to be updated can be confirmed, and the spreading of malicious software can be prevented. It is determined whether the encrypted watermark and the digital signature match the verification information and correspond to only one of the existing processes, ensuring that the source of the task to be updated is trusted. The verification passing signal indicates that the task to be updated has passed the authentication and the integrity check, and the updating operation is continued.
In a second aspect, the present application provides an intelligent self-service method with an identity recognition function, the method comprising:
detecting a connection permission of an external device;
identifying the identity information of the plug personnel;
And after the update permission is determined, the task to be updated is received and downloaded through a preset API interface.
Optionally, the method comprises the step of carrying out isolated update on the task to be updated after receiving the task to be updated.
Optionally, the detecting the connection permission of the external device includes:
Reading a digital certificate and a hardware feature code of the external equipment;
And analyzing the digital certificate and the hardware feature code to determine whether the external device is a trusted device.
Optionally, the method includes monitoring operation data of the process to be detected in real time, determining operation smoothness, and releasing the process to be detected when the operation smoothness is higher than a preset smoothness threshold so that the process to be detected and other existing processes enter the same operation environment.
Optionally, the method comprises the steps of analyzing the operation logic of the process to be detected, determining data required by operation and an operation period, and determining data transmission frequency according to the operation period.
Optionally, the method comprises receiving the data required for operation and encrypting the data according to an encryption protocol.
Optionally, the method comprises the steps of receiving NFC verification information, analyzing the NFC verification information, determining whether the tablet has an internal update permission, and if so, acquiring face identification information and fingerprint authentication information;
And if the internal updating permission does not exist, sending a device pop-up signal to the pluggable functional module to disconnect the external device.
Optionally, the method includes obtaining and verifying a key character string, and triggering a physical port to perform power-off protection if the connection state is that the external device exists when the key character string is determined to be incorrectly verified.
Optionally, detecting the connection permission of the external device, analyzing the task to be updated after determining that the link permission exists, and determining an encryption watermark and a digital signature of the task to be updated;
Retrieving verification information of the rest of the existing processes, verifying the encrypted watermark and the digital signature according to the verification information;
and if the encrypted watermark and the digital signature are matched with the verification information and the encrypted watermark and the digital signature only correspond to one existing process, sending a verification passing signal.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions of the prior art, the drawings that are needed in the embodiments or the description of the prior art will be briefly described below, it will be obvious that the drawings in the following description are some embodiments of the present application, and that other drawings can be obtained according to these drawings without inventive effort to a person skilled in the art.
Fig. 1 is a schematic view of an application scenario provided in an embodiment of the present application;
FIG. 2 is a schematic diagram of a configuration of an intelligent self-service terminal with an identity recognition function according to an embodiment of the present application;
FIG. 3 is a schematic diagram of another intelligent self-service terminal with identity recognition function according to an embodiment of the present application;
Fig. 4 is a flowchart of an intelligent self-service method with an identification function according to an embodiment of the present application.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present application more clear, the technical solutions of the embodiments of the present application will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present application. It will be apparent that the described embodiments are some, but not all, embodiments of the application. All other embodiments, which can be made by those skilled in the art based on the embodiments of the application without making any inventive effort, are intended to be within the scope of the application.
In addition, the term "and/or" is merely an association relation describing the association object, and means that three kinds of relations may exist, for example, a and/or B, and that three kinds of cases where a exists alone, while a and B exist alone, exist alone. In this context, unless otherwise specified, the term "/" generally indicates that the associated object is an "or" relationship.
Embodiments of the application are described in further detail below with reference to the drawings.
Along with the increasing complexity of the functions of the intelligent self-service terminal, the running environment is gradually diversified, and in order to avoid on-line intrusion interfaces, some self-service terminals with higher security requirements can only perform off-line updating in a general updating mode, so that on the premise of ensuring the updating efficiency and the safety of updated contents, the intelligent self-service terminal is prevented from becoming a key of technical development.
Based on the above, the application provides an intelligent self-service method and a terminal with an identity recognition function, wherein the updating isolation module and the pluggable function module are connected, the pluggable function module is used for connecting external equipment and sending a connection success signal to the updating isolation module after the connection success signal is received, and the updating isolation module is used for detecting the connection permission of the external equipment and recognizing the identity information of pluggable personnel after the connection success signal is received, and receiving and downloading a task to be updated through a preset API interface after the updating permission is determined. Through the scheme, the connection between the updating isolation module and the pluggable functional module ensures that the interaction between the external equipment and the terminal internal equipment can be performed through one controlled interface, so that the risk of directly accessing the core equipment is reduced. The pluggable functional module is connected with external equipment such as a USB flash disk, so that the intelligent self-service terminal can receive tasks to be updated from the outside. The connection of the external device is the starting point of the updating process, and provides a physical basis for task transmission and identity information verification. The connection success signal sent by the pluggable function module 202 is an important feedback mechanism informing the update isolation module that it is ready to receive the task to be updated and perform identity information verification. And detecting the connection permission of the external equipment, ensuring that only the authorized equipment can be updated, and verifying the legitimacy of the external equipment by checking the digital certificate and the hardware feature code of the external equipment. The updating isolation module simultaneously recognizes that the identity information of the pluggable personnel is part of the multiple identity information authentication process, so that only the authorized pluggable personnel can execute the updating operation, and the safety of the updating process is improved. After the verification of the external equipment is confirmed and the identity information of the plug-in personnel is identified, the update isolation module receives and downloads the task to be updated through a preset API interface, which is the core of the update process, so that the transmission safety of the task to be updated and the correctness of the task to be updated are ensured.
Fig. 1 is a schematic diagram of an application scenario provided by the present application, and in a self-service scenario, the method provided by the present application is applied.
Specifically, the method provided by the application is applied to any intelligent self-service terminal with an identity recognition function, and the service terminal comprises an updating isolation module and a pluggable functional module, wherein the updating isolation module is connected with the pluggable functional module, and the pluggable functional module is connected with external equipment such as a USB flash disk, so that the intelligent self-service terminal can receive tasks to be updated from the external equipment. The connection of the external device is the starting point of the updating process, and provides a physical basis for task transmission and identity information verification. And the update isolation module receives the task to be updated and performs identity information verification. And detecting the connection permission of the external equipment, ensuring that only the authorized equipment can be updated, and verifying the legitimacy of the external equipment by checking the digital certificate and the hardware feature code of the external equipment. The updating isolation module simultaneously recognizes that the identity information of the pluggable personnel is part of the multiple identity information authentication process, so that only the authorized pluggable personnel can execute the updating operation, and the safety of the updating process is improved. After the verification of the external equipment is confirmed and the identity information of the plug-in personnel is identified, the update isolation module receives and downloads the task to be updated through a preset API interface, which is the core of the update process, so that the transmission safety of the task to be updated and the correctness of the task to be updated are ensured. Reference may be made to the following examples for specific implementation.
Fig. 2 is a schematic structural diagram of an intelligent self-service terminal with an identity recognition function according to an embodiment of the present application, where the intelligent self-service terminal 200 with an identity recognition function according to the present embodiment includes an update isolation module 201 and a pluggable function module 202;
The update isolation module 201 is connected with the pluggable function module 202;
The pluggable functional module 202 is used for connecting external equipment, and after the connection is successful, sending a connection success signal to the update isolation module 201;
the update isolation module 201 is configured to detect a connection permission of an external device and identify identity information of a plug-in person after receiving a connection success signal, and receive and download a task to be updated through a preset API interface after determining that the update is permitted.
The external device can be external devices such as a USB flash disk, a mobile hard disk, an SD card and the like which are connected to the intelligent self-service terminal.
The connection success signal may be a notification signal sent by the pluggable functional module after detecting that the external device is successfully connected.
The connection permission can be the process of the intelligent self-service terminal for carrying out identity information verification and authorization on the external equipment.
The plug personnel can be the personnel responsible for inserting and extracting the external equipment into and from the intelligent self-service terminal in the updating process.
The identity information can be the data such as the work number, the identity card information, the fingerprint, the face recognition information and the like for verifying the identity of the pluggable personnel.
The preset API interface can be a software interface which is preconfigured on the intelligent self-service terminal and used for carrying out communication and data exchange with the external equipment, and the software interface is prestored in a server and is called when the intelligent self-service terminal is used.
The task to be updated may be software, an application or other data file that needs to be installed on the intelligent self-service terminal.
Specifically, the update isolation module 201 is connected to the pluggable function module 202 to form an update channel. The plug person plugs the external device into the pluggable function module 202. Once the external device is successfully connected to the pluggable functional module 202, the pluggable functional module 202 sends a connection success signal to the update isolation module 201 indicating that the task to be updated is ready to be received. After receiving the connection success signal, the update isolation module 201 starts a detection mechanism to verify the connection permission of the external device. Meanwhile, the update isolation module 201 identifies the identity information of the pluggable personnel. After confirming that the external device passes the verification and that the identity information of the plug-in person passes the identification, the update isolation module 201 will allow the update process to proceed. Once the update is allowed, the update isolation module 201 will communicate with the external device through the preset API interface, receive and download the task to be updated.
Through the scheme, the connection between the update isolation module 201 and the pluggable functional module 202 ensures that the interaction between the external device and the terminal internal device can be performed through one controlled interface, so that the risk of directly accessing the core device is reduced. The pluggable functional module 202 is connected to an external device, such as a usb disk, so that the intelligent self-service terminal can receive a task to be updated from the outside. The connection of the external device is the starting point of the updating process, and provides a physical basis for task transmission and identity information verification. The connection success signal sent by the pluggable function module 202 is an important feedback mechanism informing the update isolation module 201 that it is ready to receive the task to be updated and perform authentication. And detecting the connection permission of the external equipment, ensuring that only the authorized equipment can be updated, and verifying the legitimacy of the external equipment by checking the digital certificate and the hardware feature code of the external equipment. The update isolation module 201 simultaneously recognizes that the identity information of the pluggable personnel is part of the multiple identity information authentication process, and ensures that only authorized pluggable personnel can perform the update operation, thereby improving the security of the update process. After confirming that the external device passes verification and the identity information of the plug-in personnel passes identification, the update isolation module 201 receives and downloads the task to be updated through a preset API interface, which is the core of the update process, so that the transmission safety of the task to be updated and the correctness of the task to be updated are ensured.
In some embodiments, the update isolation module 201 includes a plurality of virtual isolation boxes, each virtual isolation box having a built-in independent sandbox environment for isolating and updating the task to be updated after receiving the task to be updated.
The virtual isolation box may be an independent execution space for isolating execution of tasks to be updated.
The independent sandbox environment may be a secure execution environment within the virtual isolation box with strict rights control and resource access restrictions.
Specifically, the update isolation module 201 first creates several virtual isolation boxes. Inside each virtual isolation box, the update isolation module 201 configures an independent sandbox environment. The update isolation module 201 receives the task to be updated through a preset API interface. And the tasks to be updated are distributed to the corresponding virtual isolation boxes and independent sandboxed environments for isolation updating.
By creating several virtual isolation boxes, the update isolation module 201 provides an independent execution space for each task to be updated. And even if a task to be updated has a problem, other parts of the intelligent self-service terminal cannot be affected, so that the stability of the intelligent self-service terminal and the safety of user data are protected. And configuring an independent sandbox environment in each virtual isolation box, and limiting the authority and resource access of the task to be updated. The independent sandbox environment prevents potential threats to the intelligent self-service terminal by tasks to be updated, such as malicious code execution or data leakage. And receiving the task to be updated through a preset API interface, ensuring the safety and consistency of the transmission of the task to be updated, and preventing the task to be updated from being tampered or leaked in the transmission process. And the tasks to be updated are distributed to the corresponding virtual isolation boxes and independent sandboxes for isolation update, so that the influence of errors or malicious behaviors in the update process on the original functions of the terminal is prevented, and the stable operation of the intelligent self-service terminal is ensured.
In some embodiments, the update isolation module 201 is configured to detect a connection permission of an external device, and includes reading a digital certificate and a hardware feature code of the external device, and analyzing the digital certificate and the hardware feature code to determine whether the external device is a trusted device.
The digital certificate may be an electronic document used to verify a digital identity.
The hardware feature code may be a unique identifier embedded in the hardware device.
The trusted device may be a device that has been authenticated and authorized by the identity information, and is allowed to connect for operation.
Specifically, the update isolation module 201 reads the digital certificate and the hardware feature code through an external device. And analyzing whether the signature of the digital certificate is correct, whether the digital certificate is in the validity period, whether the hardware feature code is matched with the feature code in the pre-stored authorized equipment list, and whether the hardware feature code is consistent with the safety starting characteristic of the external equipment. The update isolation module 201 determines whether the external device is a trusted device according to the analysis result.
By the scheme, the update isolation module 201 reads the digital certificate on the external device to ensure the authenticity and reliability of the identity information of the external device. By reading the digital certificate, the update isolation module 201 is facilitated to verify whether the external device is known, trusted or not. The update isolation module 201 reads the hardware feature code of the external device, such as a serial number, a MAC address, etc. By reading the information of the hardware feature code, the update isolation module 201 further confirms the identity information of the external device and ensures that the external device is not tampered. The update isolation module 201 analyzes the read digital certificate and hardware feature code, and helps to verify the external device, and determines whether the external device is authorized to perform the update operation by comparing the digital certificate and the hardware feature code with the prestored authorization device information. Through the analysis result, the update isolation module 201 determines whether the external device is a trusted device, which helps to ensure the security of the update process and prevent the potential threat of an un-trusted device to the intelligent self-service terminal.
In some embodiments, after the task to be updated is updated, obtaining a process to be detected, entering an isolation detection stage, and using an independent sandbox environment to monitor operation data of the process to be detected in real time, determining operation smoothness, and releasing the process to be detected to enable the process to be detected to enter the same operation environment as other existing processes when the operation smoothness is higher than a preset smoothness threshold.
The process to be detected may be a process that is ready for testing and verification in the update isolation module 201.
The isolation detection phase may be a phase in which the process to be detected is tested in a separate, controlled environment.
The running data can be all data such as resource use condition, error log, performance index and the like generated in the execution process of the process to be detected.
The running smoothness can be an index for measuring the performance of the process to be detected.
The preset fluency threshold may be a preset performance criterion for evaluating whether the process to be detected reaches an expected performance level, and is stored in the server in advance, and is invoked when used.
The rest of the existing processes may be other applications, software components running on the intelligent self-service terminal.
The operating environment may be a platform on which all software components, such as operating devices, hardware resources, network connections, etc., operate on the intelligent self-service terminal.
Specifically, the task to be updated completes the update in the independent sandbox environment, and the update isolation module 201 extracts the updated process to be detected from the independent sandbox environment. And enabling the process to be detected to enter an isolation detection stage. The independent sandbox environment monitors running data such as resource use condition, error log, performance index and the like of the process to be detected in real time. By analyzing the operation data monitored in real time, the update isolation module 201 evaluates the operation smoothness of the process to be detected. And presetting a fluency threshold according to the performance requirement and the user experience standard of the intelligent self-service terminal. The update isolation module 201 compares the running smoothness of the process to be detected with a preset smoothness threshold. If the running smoothness of the process to be detected is higher than the preset smoothness threshold, the update isolation module 201 releases the process to be detected, so that the process to be detected and other existing processes of the intelligent self-service terminal enter the same running environment.
According to the scheme, the task to be updated is updated in the independent sandbox environment, so that the original function of the intelligent self-service terminal is not influenced in the updating process, and the new task to be updated is allowed to be performed under the condition of no interference, so that potential conflict and error are avoided. The update isolation module 201 extracts the updated process to be detected from the independent sandbox environment, and ensures the integrity of the task to be updated. The process to be detected enters an isolation detection stage, and the process to be detected is prevented from affecting the stable operation of the intelligent self-service terminal. The start of the isolation detection phase marks the preparation of the transition of the task to be updated from the stand-alone sandboxed environment to the actual running environment. The independent sandbox environment monitors the running data of the process to be detected in real time, including resource use conditions, error logs, performance indexes and the like, and is beneficial to evaluating the running state and performance of the process to be detected, so that the updated process to be detected can meet expected performance standards. The running smoothness ensures that the updated process to be detected provides good user experience. Comparing the preset fluency threshold helps ensure that the updated process to be detected reaches the expected performance level. If the running fluency of the process to be detected is higher than a preset fluency threshold, determining that the updated process to be detected starts to provide services for the user, and not negatively affecting the stability of the intelligent self-service terminal.
In addition to the above modules, the following modules are included as shown in fig. 3:
in some embodiments, the intelligent self-service terminal 200 with an identity recognition function further includes a data retrieving module 203 connected to the update isolation module 201, wherein after the process to be detected enters the isolation detection stage, the update isolation module 201 is configured to analyze an operation logic of the process to be detected, determine operation required data and an operation period, and send a data retrieving signal to the data retrieving module 203 according to the operation required data and the operation period, and the data retrieving module 203, after receiving the data retrieving signal, parses the data retrieving signal, determines a data sending frequency according to the operation period, and sends the operation required data to the update isolation module 201 according to the data sending frequency.
The execution logic may be an operation flow and rules of the process to be detected in the execution process.
The data required for running can be the data which needs to be accessed and processed by the process to be detected in the executing process.
The run period may be a fixed time interval or trigger condition for the process to be detected to perform an operation.
The data retrieval signal may be a request sent by the data required for operation and the operation cycle, indicating the data retrieved from the data source database by the data retrieval module 203.
The data transmission frequency may be the time interval during which data is transmitted from the database to the target location.
Specifically, the update isolation module 201 analyzes the running logic of the process to be detected, and determines the data required by running of the configuration file, user data, database record and the like of the process to be detected in the executing process. The update isolation module 201 analyzes the running period of the process to be detected, i.e., the time interval or trigger condition for the running of the process. The data retrieval signal is sent to the data retrieval module 203 according to the determined data required for operation and the operation period. After receiving the data calling signal, analyzing the data calling signal, and extracting detailed information such as data type, data quantity and calling schedule of the data calling signal. And according to the running period, analyzing the requirements of the process to be detected on the type, the quantity, the updating frequency and the like of the data in each running period. Based on the run-time and the data demand, a data transmission frequency is determined. According to the determined data transmission frequency, the data retrieving module 203 extracts data required for operation from the database and transmits the data to the update isolation module 201 through a secure data transmission channel.
By the scheme, the update isolation module 201 analyzes the running logic of the process to be detected, so that the process to be detected can normally run after being updated, and faults caused by data problems can be avoided. Based on the running logic analysis, the update isolation module 201 determines which data is needed by the process to be detected in the running process, ensures that the process to be detected has enough data support in the running process, and completes the expected function. The update isolation module 201 analyzes the run-time of the process to be detected, helps to program the frequency and timing of data retrieval, and ensures that data is extracted at the correct time. The data calling signal contains the request information and the calling schedule of the data calling, and the timeliness and the accuracy of the data calling are ensured. Parsing the data call signal ensures that the data call module 203 correctly recognizes and performs the data call task. Determining the frequency of data transmission involves scheduling the points in time of transmission of data according to the run-time of the process to be detected, ensuring that the data can be transmitted at the correct point in time. According to the determined data transmission frequency, the data extraction module 203 extracts data required by operation from the database, and transmits the data to the update isolation module 201 through a secure data transmission channel, so as to ensure the security of data transmission and prevent the data from being intercepted or tampered in the transmission process.
In some embodiments, the update isolation module 201 further includes a data transmission channel, in which an encryption protocol is set, and connected to the data retrieving module 203, and configured to receive data required for operation, encrypt the data according to the encryption protocol, and then transmit the encrypted data required for operation to the independent sandbox environment of the update isolation module 201.
The data transmission channel may be a physical or virtual channel for transmitting data.
The encryption protocol may be a set of rules and standards for securing data during data transmission.
Specifically, the data transport channel configures TLS (transport layer security protocol) or SSL (secure socket layer protocol) encryption protocols. The data retrieval module 203 encrypts the operation-required data using an encryption protocol before transmitting the operation-required data. And packaging the encrypted data required by operation into a data packet. The data retrieving module 203 sends the data packet to the update isolation module 201 through a data transmission channel configured with an encryption protocol. The update isolation module 201 receives the data packet through a data transmission channel configured with an encryption protocol. The update isolation module 201 decrypts the received data packet to recover the original data. The decrypted data is stored in a separate sandbox environment of the update isolation module 201.
By the scheme, the security of the data transmission channel is ensured by configuring an encryption protocol. The encryption protocol provides end-to-end encryption in the transmission process of the data required by operation, and prevents the data required by operation from being intercepted or tampered in the transmission process, thereby protecting the security and the integrity of the data required by operation. The data retrieving module 203 encrypts data before sending the data required for operation, thereby increasing security of the data required for operation and preventing an unauthorized third party from accessing or modifying the data during transmission. And the encrypted data required by operation are packed into a data packet, so that the ordered transmission and easy management of the data required by operation are ensured. Each data packet contains encrypted data and necessary metadata, such as packet sequence numbers, data lengths, etc., to assist the receiving party in correctly unpacking and processing the data. The data transmission channel with the encryption protocol is configured to transmit the data packet, so that the safety of the data packet in the transmission process is ensured, the reliable transmission of the data packet is ensured, and the integrity of the data packet can be ensured even under the condition that the network is unstable. The update isolation module 201 receives the data packet through the data transmission channel configured with the encryption protocol, and the receiving process includes integrity checking and verification of the received data packet, so as to ensure that the data packet is not tampered in the transmission process, and protect the integrity and the security of the data packet. The decryption process ensures that the data packets can be used and processed correctly after reaching the terminal. The independent sandbox environment ensures the isolation of data required for operation and prevents leakage of the data required for operation or potential influence on other parts of the terminal.
In some embodiments, the update isolation module 201 is configured to receive NFC verification information when identifying identity information of a pluggable person, analyze the NFC verification information to determine whether an internal update permission exists on a tablet, acquire face identification information and fingerprint authentication information if the internal update permission exists, analyze the face identification information and the fingerprint authentication information to determine whether to allow update, and send a device pop-up signal to the pluggable function module 202 to disconnect an external device if the internal update permission does not exist.
The NFC authentication information may be authentication information transmitted through an NFC (near field communication) technology.
The internal update permissions may be rights granted to the plug-in person for the update.
The face recognition information may be facial feature data such as facial contours, eyes, nose, mouth, etc. collected by the face recognition device.
The fingerprint authentication information can be fingerprint characteristic data such as ridge lines, valley lines, end points, bifurcation points and the like of the fingerprint acquired by the fingerprint identification technology.
The device pop-up signal may be a signal sent to the external device indicating that the external device is disconnected.
Specifically, the update isolation module 201 receives NFC (near field communication) authentication information through NFC technology. The update isolation module 201 parses the received NFC authentication information. The update isolation module 201 verifies the validity of the NFC authentication information. The update isolation module 201, after parsing and verifying the NFC authentication information, looks up whether there is an internal update license in the tablet. And acquiring the face recognition information of the pluggable personnel through the integrated face recognition equipment. Facial features are extracted from the face recognition information, and the facial features are converted into face templates. And comparing the extracted face template with the stored face template of the authorized user. And acquiring fingerprint authentication information of the pluggable personnel through a fingerprint scanner. Extracting fingerprint features from the collected fingerprint authentication information, and converting the fingerprint features into fingerprint templates. And comparing the extracted fingerprint template with a stored fingerprint template of the authorized user. The update isolation module 201 combines the comparison result of the face recognition information and the fingerprint authentication information to determine whether to allow the update. If the face identification information and the fingerprint authentication information are not verified, the update isolation module 201 will send a device pop signal to the pluggable functionality module 202. After receiving the device pop-up signal, the pluggable function module 202 disconnects from the external device.
Through this scheme, update isolation module 201 passes through NFC technique receipt NFC verification information, helps plug personnel authentication, ensures that plug personnel hold effectual identity verification instrument. The update isolation module 201 analyzes the received NFC authentication information to determine whether the tablet has an internal update license, which helps to verify whether the plug-in person has the right to perform the update operation, and prevents unauthorized update attempts. If the analysis results show that the tablet has an internal update permission, the update isolation module 201 will allow the update operation to proceed, ensuring that only authorized plugins can initiate the update flow. The face recognition information of the plug personnel is acquired through the integrated face recognition equipment, an additional identity verification layer is provided, and safety is improved. Meanwhile, fingerprint authentication information of the pluggable personnel is obtained through the fingerprint scanner, and the identity of the pluggable personnel is further confirmed. The update isolation module 201 analyzes the face identification information and the fingerprint authentication information, and helps to verify the identity of the plug person and ensure the validity of the update operation. The update isolation module 201 will send a device pop signal to the pluggable functionality module 202 to help prevent unauthorized device connections. After receiving the device pop-up signal, the pluggable functional module 202 disconnects the external device, prevents unauthorized updating operation, ensures the safety of the intelligent self-service terminal, and prevents the risks of unauthorized device access and data leakage.
In some embodiments, the intelligent self-service terminal 200 with the identity recognition function further includes a key verification module 204, connected to the pluggable function module 202, for sensing a connection state of the pluggable function module 202 in real time, obtaining and verifying a key string, and when determining that the key string is not verified correctly, triggering the physical port to perform power-off protection if the connection state is that an external device exists.
The connection state may be a physical connection state between devices, and may be denoted as "connected" or "disconnected".
The key string may be a string of characters or numbers used for authentication and encrypted communications.
The physical port may be a physical interface on the device for connecting to an external device.
Specifically, the update isolation module 201 continuously monitors the connection status of the pluggable function module 202 through a hardware interface or a software interface. When detecting that the external device is connected, the update isolation module 201 obtains a key string from the external device. And comparing and verifying the received key character string with the prestored key character string. If the key character string verification is incorrect, whether the external device connection exists currently is confirmed. If so, the update isolation module 201 sends a power-off signal to the physical port, triggering a power-off protection mechanism.
By the scheme, the update isolation module 201 monitors the connection state of the pluggable functional module 202 in real time, responds to the insertion or removal of the external device in time, is beneficial to grasping the safety state of the external device in real time, and prevents the connection of unauthorized external devices. The key character string is acquired to help verify the legitimacy of the external device. And verifying the received secret key character string to ensure the authenticity, validity and legitimacy of the secret key character string. The authentication process helps to prevent forgery or tampering with the external device for the update operation. Checking the connection state ensures that the external device is in the connection state when security measures are taken. The power-down protection measures help prevent unauthorized external device access and potential security threats.
In some embodiments, the intelligent self-service terminal 200 with the identity recognition function further includes an update recognition module 205 connected to the update isolation module 201, wherein the update isolation module 201 is configured to send a task to be updated to the update recognition module 205 after detecting a connection permission of an external device and determining that the connection permission exists, the update recognition module 205 analyzes the task to be updated after receiving the task to be updated, determines an encrypted watermark and a digital signature of the task to be updated, retrieves verification information of other existing processes, verifies the encrypted watermark and the digital signature according to the verification information, and sends a verification passing signal to the update isolation module 201 if the encrypted watermark and the digital signature are both matched with the verification information and the encrypted watermark and the digital signature only correspond to one of the existing processes.
The encrypted watermark may be a digital mark for authentication.
Digital signatures may be a technique for verifying the integrity of data.
The verification information may be information for verifying the identity and integrity of the task to be updated.
The existing process may be an application, service, or other software component that is already running on the intelligent self-service terminal.
The verification pass signal may be a signal sent to the update isolation module indicating that the task to be updated has passed the identity verification and the integrity check.
Specifically, the update isolation module 201 sends the task to be updated to the update identification module 205. After receiving the task to be updated, the update identification module 205 parses the task to be updated. After parsing the task to be updated, the update identification module 205 determines the encrypted watermark and the digital signature in the task to be updated. Retrieving authentication information for the remaining existing processes from the database or from the database. And comparing the encrypted watermark in the task to be updated with the encrypted watermark in the verification information according to the retrieved verification information. And decrypting the digital signature in the task to be updated by using the public key in the verification information. After the verification of the encrypted watermark and the digital signature is completed, the encrypted watermark and the digital signature are confirmed to be matched with the verification information. The update identification module 205 further confirms that the encrypted watermark and digital signature correspond to only one of the existing processes. If both the encrypted watermark and the digital signature match the authentication information and correspond to only one existing process, the update identification module 205 generates an authentication pass signal. The generated verification pass signal is sent to the update isolation module 201.
By this scheme, the update isolation module 201 sends the task to be updated to the update identification module 205, and ensures the transmission of the task to be updated. The parsing process of the task to be updated is helpful to extract the encrypted watermark and digital signature in the task to be updated. The encrypted watermark and digital signature help to verify the integrity and origin of the task to be updated. The update identification module 205 retrieves the verification information of the rest existing processes from the database, which is helpful for verifying the validity of the task to be updated, and ensures the security of the update operation. The update identification module 205 facilitates verification of the integrity and origin of the task to be updated by encrypting the watermark and digital signature based on the retrieved verification information, preventing the spread of malware. It is determined whether the encrypted watermark and the digital signature match the verification information and correspond to only one of the existing processes, ensuring that the source of the task to be updated is trusted. The verification passing signal indicates that the task to be updated has passed the authentication and the integrity check, and the updating operation is continued.
Fig. 4 is a flowchart of an intelligent self-service method with an identity recognition function according to an embodiment of the present application, where the method of the present embodiment may be applied to a server in the above scenario. As shown in fig. 4, the method includes:
s301, detecting a connection permission of an external device;
s302, identifying identity information of a pluggable personnel;
S303, after the update permission is determined, the task to be updated is received and downloaded through a preset API interface.
Optionally, the method comprises the step of carrying out isolated update on the task to be updated after receiving the task to be updated.
Optionally, the detecting the connection permission of the external device includes the update isolation module, when detecting the connection permission of the external device, being configured to:
Reading a digital certificate and a hardware feature code of the external equipment;
And analyzing the digital certificate and the hardware feature code to determine whether the external device is a trusted device.
Optionally, the method includes monitoring operation data of the process to be detected in real time, determining operation smoothness, and releasing the process to be detected when the operation smoothness is higher than a preset smoothness threshold so that the process to be detected and other existing processes enter the same operation environment.
Optionally, the method includes analyzing the operation logic of the process to be detected, determining operation required data and an operation period, and sending a data calling signal to the data calling module according to the operation required data and the operation period;
and after receiving the data calling signal, the data calling module analyzes the data calling signal, determines the data sending frequency according to the operation period, and sends the data required by the operation to the updating isolation module according to the data sending frequency.
Optionally, the method includes receiving the operation required data, encrypting the data according to the encryption protocol, and transmitting the encrypted operation required data to the independent sandbox environment of the update isolation module.
Optionally, the method comprises the steps of receiving NFC verification information, analyzing the NFC verification information, determining whether the tablet has an internal update permission, and if so, acquiring face identification information and fingerprint authentication information;
And if the internal updating permission does not exist, sending a device pop-up signal to the pluggable functional module to disconnect the external device.
Optionally, the method includes sensing a connection state of the pluggable function module in real time, acquiring and verifying a secret key character string, and triggering a physical port to perform power-off protection if the connection state is that the external device exists when the secret key character string is determined to be incorrectly verified.
Optionally, the method includes detecting a connection permission of the external device, and after determining that a link permission exists, sending the task to be updated to the update identification module;
After receiving the task to be updated, the update identification module analyzes the task to be updated and determines an encrypted watermark and a digital signature of the task to be updated;
Retrieving verification information of the rest of the existing processes, verifying the encrypted watermark and the digital signature according to the verification information;
And if the encrypted watermark and the digital signature are matched with the verification information and the encrypted watermark and the digital signature only correspond to one existing process, sending a verification passing signal to the update isolation module.
The method of this embodiment may be used to perform the method of any of the foregoing embodiments, and its implementation principle and technical effects are similar, and will not be described herein.

Claims (7)

1.一种具有身份识别功能的智能自助服务终端,其特征在于,包括更新隔离模块、可插拔功能模块;1. An intelligent self-service terminal with identity recognition function, characterized by including an update isolation module and a pluggable functional module; 所述更新隔离模块与所述可插拔功能模块相连;The update isolation module is connected to the pluggable functional module; 所述可插拔功能模块用于连接外接设备,并在连接成功后,向所述更新隔离模块发送连接成功信号;The pluggable functional module is used to connect to an external device and, after successful connection, sends a connection success signal to the update isolation module; 所述更新隔离模块在接收到所述连接成功信号后,用于检测所述外接设备的连接许可以及识别插拔人员的身份信息,在确定允许更新后,以预设API接口接收并下载待更新任务;After receiving the connection success signal, the update isolation module is used to detect the connection permission of the external device and identify the identity information of the plug-in and unplug personnel. After determining that the update is allowed, the update isolation module receives and downloads the task to be updated through a preset API interface; 所述更新隔离模块包含若干虚拟隔离盒,每一虚拟隔离盒内置独立沙箱环境,用于在接收所述待更新任务后,将所述待更新任务进行隔离更新;The update isolation module includes a plurality of virtual isolation boxes, each of which has a built-in independent sandbox environment, and is used to isolate and update the task to be updated after receiving the task to be updated; 在所述待更新任务更新结束后,得到待检测进程并进入隔离检测阶段,所述独立沙箱环境用于实时监测所述待检测进程的运行数据,确定运行流畅度,并在所述运行流畅度高于预设流畅阈值时,释放所述待检测进程以使所述待检测进程与其余已有进程进入相同的运行环境;After the task to be updated is updated, the process to be detected is obtained and enters the isolation detection phase. The independent sandbox environment is used to monitor the running data of the process to be detected in real time, determine the running fluency, and when the running fluency is higher than a preset fluency threshold, release the process to be detected so that the process to be detected and the other existing processes enter the same running environment; 所述智能自助服务终端还包括数据调取模块,与所述更新隔离模块相连;The intelligent self-service terminal further includes a data retrieval module connected to the update isolation module; 在所述待检测进程并进入隔离检测阶段后,所述更新隔离模块用于分析所述待检测进程的运行逻辑,确定运行所需数据及运行周期,并根据所述运行所需数据及所述运行周期发送数据调取信号至所述数据调取模块;After the process to be detected enters the isolation detection phase, the update isolation module is used to analyze the operation logic of the process to be detected, determine the data required for operation and the operation cycle, and send a data retrieval signal to the data retrieval module according to the data required for operation and the operation cycle; 所述数据调取模块在接收到所述数据调取信号后,解析所述数据调取信号,根据所述运行周期,确定数据发送频率,并根据所述数据发送频率将所述运行所需数据发送至所述更新隔离模块。After receiving the data retrieval signal, the data retrieval module analyzes the data retrieval signal, determines the data sending frequency according to the operation cycle, and sends the data required for the operation to the update isolation module according to the data sending frequency. 2.根据权利要求1所述的终端,其特征在于,所述更新隔离模块在检测所述外接设备的连接许可时,用于:2. The terminal according to claim 1, wherein the update isolation module, when detecting the connection permission of the external device, is configured to: 读取所述外接设备的数字证书及硬件特征码;Reading the digital certificate and hardware feature code of the external device; 分析所述数字证书及硬件特征码,确定所述外接设备是否为授信设备。Analyze the digital certificate and hardware feature code to determine whether the external device is a trusted device. 3.根据权利要求1所述的终端,其特征在于,所述更新隔离模块还包括数据传输信道,所述数据传输信道内设加密协议,与所述数据调取模块相连,用于接收所述运行所需数据,并根据所述加密协议进行数据加密后,将加密后的运行所需数据传输至所述更新隔离模块的独立沙箱环境。3. The terminal according to claim 1 is characterized in that the update isolation module also includes a data transmission channel, which has an encryption protocol built in the data transmission channel and is connected to the data retrieval module for receiving the data required for the operation, and after encrypting the data according to the encryption protocol, the encrypted data required for the operation is transmitted to the independent sandbox environment of the update isolation module. 4.根据权利要求1所述的终端,其特征在于,所述更新隔离模块在识别插拔人员的身份信息时,用于接收NFC验证信息,分析所述NFC验证信息,确定工牌是否存在内部更新许可,若存在,则获取人脸识别信息及指纹认证信息;分析所述人脸识别信息及所述指纹认证信息,确定是否允许更新;4. The terminal according to claim 1, wherein the update isolation module is configured to receive NFC verification information when identifying the identity information of the person inserting or removing the device, analyze the NFC verification information, determine whether the work badge has internal update permission, and if so, obtain facial recognition information and fingerprint authentication information; and analyze the facial recognition information and fingerprint authentication information to determine whether the update is allowed; 若不存在所述内部更新许可,则向所述可插拔功能模块发送设备弹出信号以断开所述外接设备的连接。If the internal update permission does not exist, a device eject signal is sent to the pluggable functional module to disconnect the external device. 5.根据权利要求1所述的终端,其特征在于,所述终端还包括秘钥验证模块,与所述可插拔功能模块连接,用于实时感应所述可插拔功能模块的连接状态,获取并验证秘钥字符串,当确定所述秘钥字符串验证不正确时,若所述连接状态为存在所述外接设备,则触发物理端口进行断电保护。5. The terminal according to claim 1 is characterized in that the terminal also includes a key verification module, which is connected to the pluggable functional module and is used to sense the connection status of the pluggable functional module in real time, obtain and verify the key string, and when it is determined that the key string verification is incorrect, if the connection status is that the external device exists, the physical port is triggered to perform power-off protection. 6.根据权利要求1所述的终端,其特征在于,所述终端还包括更新识别模块,与所述更新隔离模块相连;6. The terminal according to claim 1, further comprising an update identification module connected to the update isolation module; 所述更新隔离模块在检测所述外接设备的连接许可,并确定存在链接许可后,用于将所述待更新任务发送至所述更新识别模块;The update isolation module is used to send the task to be updated to the update identification module after detecting the connection permission of the external device and determining that the connection permission exists; 所述更新识别模块在接收到所述待更新任务后,解析所述待更新任务,确定所述待更新任务的加密水印及数字签名;After receiving the task to be updated, the update identification module parses the task to be updated and determines the encrypted watermark and digital signature of the task to be updated; 调取其余已有进程的验证信息;根据所述验证信息,验证所述加密水印及所述数字签名;Retrieving verification information of other existing processes; verifying the encrypted watermark and the digital signature based on the verification information; 若所述加密水印及所述数字签名均与所述验证信息匹配,且所述加密水印及所述数字签名仅对应其中一个已有进程,则向所述更新隔离模块发送验证通过信号。If both the encrypted watermark and the digital signature match the verification information, and the encrypted watermark and the digital signature correspond to only one of the existing processes, a verification pass signal is sent to the update isolation module. 7.一种具有身份识别功能的智能自助服务方法,其特征在于,应用于如权利要求1-6任一项所述的终端,包括:7. An intelligent self-service method with identity recognition function, characterized in that it is applied to the terminal according to any one of claims 1 to 6, comprising: 检测外接设备的连接许可;Detect connection permission of external devices; 识别插拔人员的身份信息;Identify the identity information of the person plugging and unplugging; 在确定允许更新后,以预设API接口接收并下载待更新任务。After confirming that the update is allowed, the task to be updated is received and downloaded via the preset API interface.
CN202510589597.6A 2025-05-08 2025-05-08 Intelligent self-service method with identity recognition function and terminal Active CN120105436B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202510589597.6A CN120105436B (en) 2025-05-08 2025-05-08 Intelligent self-service method with identity recognition function and terminal

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202510589597.6A CN120105436B (en) 2025-05-08 2025-05-08 Intelligent self-service method with identity recognition function and terminal

Publications (2)

Publication Number Publication Date
CN120105436A CN120105436A (en) 2025-06-06
CN120105436B true CN120105436B (en) 2025-07-29

Family

ID=95891261

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202510589597.6A Active CN120105436B (en) 2025-05-08 2025-05-08 Intelligent self-service method with identity recognition function and terminal

Country Status (1)

Country Link
CN (1) CN120105436B (en)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104881277A (en) * 2014-02-28 2015-09-02 Ncr公司 Self-service Terminal (SST) Thin Client
CN111898167A (en) * 2020-07-28 2020-11-06 北京中科麒麟信息工程有限责任公司 External terminal protection equipment and protection system including identity information verification

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9311473B2 (en) * 2014-02-28 2016-04-12 Ncr Corporation Unattended secure device authorization
CN111868719A (en) * 2018-04-30 2020-10-30 惠普发展公司,有限责任合伙企业 Self-service machine equipment maintenance

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104881277A (en) * 2014-02-28 2015-09-02 Ncr公司 Self-service Terminal (SST) Thin Client
CN111898167A (en) * 2020-07-28 2020-11-06 北京中科麒麟信息工程有限责任公司 External terminal protection equipment and protection system including identity information verification

Also Published As

Publication number Publication date
CN120105436A (en) 2025-06-06

Similar Documents

Publication Publication Date Title
CN108604991B (en) Dual-channel authentication agent system capable of detecting tampering of application program and method thereof
RU2680736C1 (en) Malware files in network traffic detection server and method
CN113179240B (en) Key protection method, device, equipment and storage medium
CN108337239A (en) The event of electronic equipment proves
CN105099705B (en) A secure communication method and system based on USB protocol
CN105243314A (en) USB-key based security system and usage method therefor
CN111586021B (en) Remote office business authorization method, terminal and system
CN105933296A (en) Copyright registration method and system
CN116743460A (en) Data exchange isolation method, system, equipment and storage medium for internal and external network
CN118690377B (en) Chip burning method, upper computer and chip burning system
CN115329315A (en) Service authentication method, device, storage medium and electronic device
JP7238997B2 (en) BACKDOOR INSPECTION DEVICE, USER DEVICE, SYSTEM, METHOD, AND PROGRAM
CN120105436B (en) Intelligent self-service method with identity recognition function and terminal
CN119377934A (en) Application verification method, device, equipment and storage medium
WO2018004042A1 (en) Mutual verification system and method for executing same
CN117097520A (en) Access verification method and device for Internet of things equipment and storage medium
CN116455605A (en) Account data interaction method based on trusted execution environment
KR102378989B1 (en) System and method for verifying vulnerability test results in consideration of industrial control system operating environment
CN105913348A (en) Copyright registering method and copyright registering system
CN205029678U (en) Secure communication system based on USB agreement
CN117252599B (en) Dual security authentication method and system for intelligent POS machine
CN114301601B (en) Interface management method and terminal based on Android platform
CN116436681B (en) TrustZone-based security isolation system, trustZone-based security isolation method, trustZone-based security isolation terminal and storage medium
CN117610025B (en) A secure boot method for embedded operating system based on power intelligent terminal
US20220327205A1 (en) Method of blocking access of threatening user and program security application method

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant