1. The utility model provides a smart campus card system, includes smart card and is used for to the smart card management system that manages, its characterized in that:

the intelligent card is internally provided with a solar power supply module, a data storage module, a transaction execution module, a wireless communication module, a GPS positioning module and a microprocessor; the solar power supply module, the data storage module, the transaction execution module, the wireless communication module and the GPS positioning module are all connected with the microprocessor;

the data storage module is used for storing basic information of the smart card, and the microprocessor receives a transaction instruction from external card reading equipment and controls the transaction execution module to execute corresponding transaction operation; the microprocessor is communicated with the all-purpose card management system through the wireless communication module;

the GPS positioning module transmits the position information of the smart card to the microprocessor, and the microprocessor sends the basic information and the position information of the smart card to the one-card management system through the wireless communication module;

the one-card management system comprises an one-card management terminal, a teaching management system, a dormitory access control management system, a book borrowing system and an one-card soft bank gateway, and the teaching management system, the dormitory access control management system and the book borrowing system are all provided with reading equipment capable of reading the intelligent card;

the one-card soft bank gateway comprises a bank payment module, a positive PAY module and a new payment module;

the positive PAY module is used for realizing the butt joint with WeChat, cloud flash payment and a Payment treasure, and recharging the smart card account through a trusted service interface provided by the positive one-card system;

the new payment module is used for realizing the butt joint with the payment bank and realizing the recharging of the intelligent card account through a trusted service interface provided by the new all-purpose card system;

the bank payment module is provided with independent docking programs aiming at different banks and is used for realizing docking with bank APP provided by the banks; the bank payment module can complete recharging of the intelligent card account through a trusted service interface provided by the normal one-card system or the new one-card system;

the intelligent card is also provided with a TCM chip, the TCM chip is internally provided with a nonvolatile storage area and an encryption algorithm module, and the encryption algorithm module is used for re-encrypting an encrypted hard disk key generated by a crypto-control system to obtain an encrypted key;

the encryption algorithm module performs hash calculation on an encrypted hard disk key generated by the crypto-control system to obtain a hash value of the encrypted hard disk key; and storing the encrypted key and the hash value of the encrypted hard disk key in the nonvolatile storage area.

2. The smart campus card system of claim 1, wherein:

the solar power supply module comprises a solar panel, an inverter and a storage battery, wherein the solar panel is connected with the storage battery through the inverter.

3. The smart campus card system of claim 1, wherein:

the intelligent card is characterized in that a video image monitoring module is further arranged in the intelligent card and connected with a microprocessor, the microprocessor controls the video image monitoring module to monitor image information around the intelligent card, and the video image monitoring module feeds the monitored image information around the intelligent card back to the microprocessor.

4. The smart campus card system of claim 3, wherein:

the video image monitoring module comprises an image acquisition module, an image optimization module and an image processing module, wherein the image acquisition module is electrically connected with the image processing module through the image optimization module.

5. The smart campus card system of claim 1, wherein:

after the forward PAY module is in butt joint with the WeChat and cloud flash payment, the intelligent card account can be recharged through a trusted service interface provided by a new one-card system; the positive PAY module needs to inquire and check third-party service before recharging the smart card account through a trusted service interface provided by the new smart card system.

6. The smart campus card system of claim 1, wherein:

the bank payment module is in butt joint with a trusted service interface provided by the card-through-card system through a bank-school gateway, so that the intelligent card account is charged.

7. The smart campus card system of claim 1, wherein:

the genuine one-card system and the new all-in-one card system both adopt independent recharge service prepositions.

8. The smart campus card system of claim 1, wherein:

and the TCM chip stores the encrypted key and the hash value of the encrypted hard disk key in the nonvolatile storage area through a TCM storage interface.

9. The smart campus card system of claim 1, wherein:

the TCM chip comprises a TCM identity authentication interface and a TCM hash algorithm interface, the TCM chip performs identity authentication through the TCM identity authentication interface, and the TCM chip calculates hash on an identity authentication password through the TCM hash algorithm interface to obtain an identity authentication hash value.

Background

With the gradual deepening of the digital and information construction of the campus, the integration of various information resources in the campus has entered into the comprehensive planning and implementation stage, and the campus card is taken as an information carrier integrating the functions of comprehensive consumption, identity recognition, financial services, public information services and the like. The campus card is widely applied to a campus, and students borrow the campus card, eat food or take bath and the like.

However, the disadvantage that the conventional campus card is easy to lose becomes a big problem which troubles students, and the time and money are wasted when the campus card is additionally handled.

In addition, the charging of one card is difficult to be a common phenomenon, and the charging process has the following problems: part of schools use the card swiping machine to manually recharge offline or the offline loading mode, so that users recharge the one-card campus card face time and labor consuming difficulties such as queuing, reservation and the like, and consumption records are difficult to inquire; part of schools which do online recharging business cannot be compatible with a plurality of bank organizations at the same time, even if online recharging business of a plurality of banks is simultaneously negotiated, because of the blank of market products, a plurality of service providers need to be found for auxiliary butt joint, and resource waste and operation and maintenance difficulty are increased; in schools with bank recharging business, due to the blank of market products, more service providers need to be found, a novel and convenient third-party platform under internet modes such as WeChat and Paibao cloud flash payment is accessed, the number of service providers is increased, and the management difficulty is increased; the market products do not have automatic reconciliation and reconciliation mechanisms, and the manual reconciliation and manual reconciliation method is adopted, so that the time consumption is high, the accuracy rate is low, and the management difficulty is increased.

Disclosure of Invention

In order to solve the prior art problems, the invention provides a smart campus one-card system, which comprises a smart card and a one-card management system for managing the smart card, wherein the smart card is internally provided with a solar power supply module, a data storage module, a transaction execution module, a wireless communication module, a GPS (global positioning system) positioning module and a microprocessor; the solar power supply module, the data storage module, the transaction execution module, the wireless communication module and the GPS positioning module are all connected with the microprocessor;

the data storage module is used for storing basic information of the smart card, and the microprocessor receives a transaction instruction from external card reading equipment and controls the transaction execution module to execute corresponding transaction operation; the microprocessor is communicated with the all-purpose card management system through the wireless communication module;

the GPS positioning module transmits the position information of the smart card to the microprocessor, and the microprocessor sends the basic information and the position information of the smart card to the one-card management system through the wireless communication module;

the one-card management system comprises an one-card management terminal, a teaching management system, a dormitory access control management system, a book borrowing system and an one-card soft bank gateway, and the teaching management system, the dormitory access control management system and the book borrowing system are all provided with reading equipment capable of reading the intelligent card;

the one-card soft bank gateway comprises a bank payment module, a positive PAY module and a new payment module;

the positive PAY module is used for realizing the butt joint with WeChat, cloud flash payment and a Payment treasure, and recharging the smart card account through a trusted service interface provided by the positive one-card system;

the new payment module is used for realizing the butt joint with the payment bank and realizing the recharging of the intelligent card account through a trusted service interface provided by the new all-purpose card system;

the bank payment module is provided with independent docking programs aiming at different banks and is used for realizing docking with bank APP provided by the banks; the bank payment module can complete recharging of the intelligent card account through a trusted service interface provided by the normal one-card system or the new one-card system;

the intelligent card is also provided with a TCM chip, the TCM chip is internally provided with a nonvolatile storage area and an encryption algorithm module, and the encryption algorithm module is used for re-encrypting an encrypted hard disk key generated by a crypto-control system to obtain an encrypted key;

the encryption algorithm module performs hash calculation on an encrypted hard disk key generated by the crypto-control system to obtain a hash value of the encrypted hard disk key; and storing the encrypted key and the hash value of the encrypted hard disk key in the nonvolatile storage area.

The solar power supply module comprises a solar panel, an inverter and a storage battery, wherein the solar panel is connected with the storage battery through the inverter.

The further scheme is that a video image monitoring module is further arranged in the intelligent card and connected with a microprocessor, the microprocessor controls the video image monitoring module to monitor image information around the intelligent card, and the video image monitoring module feeds the monitored image information around the intelligent card back to the microprocessor.

The video image monitoring module comprises an image acquisition module, an image optimization module and an image processing module, wherein the image acquisition module is electrically connected with the image processing module through the image optimization module.

The further scheme is that after the forward PAY module is in butt joint with the WeChat and cloud flash payment, the intelligent card account can be charged through a trusted service interface provided by a new one-card system; the positive PAY module needs to inquire and check third-party service before recharging the smart card account through a trusted service interface provided by the new smart card system.

The further scheme is that the bank payment module is in butt joint with a trusted service interface provided by the card-through-card system through a bank-school gateway to complete recharging of the smart card account.

The further proposal is that the genuine one-card system and the new one-card system adopt independent recharge service prepositions.

The further scheme is that the TCM chip stores the encrypted key and the hash value of the encrypted hard disk key in the nonvolatile storage area through a TCM storage interface.

The TCM chip comprises a TCM identity authentication interface and a TCM hash algorithm interface, the TCM chip performs identity authentication through the TCM identity authentication interface, and the TCM chip calculates hash on an identity authentication password through the TCM hash algorithm interface to obtain an identity authentication hash value.

Compared with the prior art, the invention has the following beneficial effects:

according to the campus card management system, the microprocessor, the GPS positioning module and the wireless communication module are arranged, the wireless communication module is communicated with the all-purpose card management system, the basic information and the position information of the campus card are sent to the all-purpose card management system, and a user can use and position the campus card conveniently.

The video image monitoring module is arranged to monitor the image information around the smart card, so that a user is helped to determine the position of the campus card;

the campus one-card soft bank gateway integrates the traditional online transfer service of banks, can be compatible with a plurality of mainstream and regional bank mechanisms only by deploying one service node, and realizes the online transfer service butt joint of various mainstream banks and regional banks;

the campus one-card soft bank gateway provided by the invention can balance the Internet mode and the third party transfer service at the same time, and complete the transfer service access of a third party platform;

the campus one-card soft bank gateway provided by the invention can be compatible with main stream one-card manufacturers such as a genuine manufacturer, a new manufacturer and the like, and realizes online recharging, transferring and docking of card accounts of major factory one-card systems such as the genuine manufacturer, the new manufacturer and the like;

the campus one-card soft-silver gateway can realize automatic account checking, adopts an account-supplementing mechanism and a dynamically configurable scheduling type timing task mechanism, and sets account checking and account-supplementing periods as required; the method has the advantages that the serial number of the third-party transaction platform is used as a evidence and a unique identifier, the account numbers of the one-card are related, account checking is carried out one by one, account compensation or deduction is automatically carried out according to a calculation result, the trouble of uneven accounts caused by network or communication problems is solved in a reasonable period, 100% of account balance is obtained under the condition that a user hardly senses the account balance, and the utilization rate of the user is improved;

according to the campus one-card soft silver gateway provided by the invention, the interface butt joint of each third party is realized to form a multi-module structured service framework, and then each single module is classified, judged, uniformly scheduled, managed and integrated, so that the campus one-card soft silver gateway has good compatibility, high configurability, expandability and logical operation efficiency, and finally the recharging of the one-card account is completed according to a trusted service interface exclusively provided by a mainstream one-card manufacturer;

the one-card secret key is subjected to security protection through a trusted computing technology, and is subjected to authorized access and safe storage through identity authentication and password service provided by TCM, so that the security of the one-card secret key is improved.

Drawings

Fig. 1 is a schematic structural diagram of a smart campus card system according to an embodiment of the present invention;

FIG. 2 is a schematic structural diagram of a one-card soft silver gateway according to an embodiment of the present invention;

fig. 3 is a schematic structural diagram of a TCM chip according to an embodiment of the invention.

Detailed Description

The technical solution in the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present invention.

As shown in fig. 1-3, an embodiment of the present invention discloses a smart campus one-card system, which includes a smart card and a one-card management system for managing the smart card, wherein the smart card is provided with a solar power supply module, a data storage module, a transaction execution module, a wireless communication module, a GPS positioning module, and a microprocessor; the solar power supply module, the data storage module, the transaction execution module, the wireless communication module and the GPS positioning module are all connected with the microprocessor;

the data storage module is used for storing basic information of the intelligent card, and the microprocessor receives a transaction instruction from external card reading equipment and controls the transaction execution module to execute corresponding transaction operation; the microprocessor is communicated with the one-card management system through the wireless communication module;

the GPS positioning module transmits the position information of the smart card to the microprocessor, and the microprocessor transmits the basic information and the position information of the smart card to the one-card management system through the wireless communication module;

in the embodiment, the solar power supply module, the microprocessor, the GPS positioning module and the wireless communication module are additionally arranged in the smart card, and the smart card is communicated with the all-purpose card management system through the wireless communication module, so that the basic information of the all-purpose card in the school and the position information of the all-purpose card in the school are sent to the all-purpose card management system, and a user can use and position the all-purpose card in the school conveniently.

In this embodiment, the solar power supply module includes a solar panel, an inverter, and a storage battery, and the solar panel is connected to the storage battery through the inverter.

In this embodiment, the smart card is further provided with a video image monitoring module, the video image monitoring module is connected to the microprocessor, the microprocessor controls the video image monitoring module to monitor image information around the smart card, and the video image monitoring module feeds back the monitored image information around the smart card to the microprocessor. And the microprocessor processes the received image and then sends the processed image to the all-purpose card management system through the wireless communication module.

In this embodiment, the video image monitoring module includes an image capturing module, an image optimizing module and an image processing module, and the image capturing module is electrically connected to the image processing module through the image optimizing module. The image acquisition module acquires image information around the card body and sends the image information to the image optimization module, the image optimization module optimizes the received image information and sends the optimized image information to the image processing module for processing, and the image processing module sends the processed image information to the microprocessor.

In this embodiment, the wireless communication module is a bluetooth communication module, a WiFi communication module or a 3G/4G network module.

The one-card management system comprises an one-card management terminal, a teaching management system, a dormitory access control management system, a book borrowing system and an one-card soft bank gateway, wherein the teaching management system, the dormitory access control management system and the book borrowing system are all provided with reading equipment capable of reading an intelligent card;

the one-card soft bank gateway comprises a bank payment module, a positive PAY module and a new payment module;

the positive PAY module is used for realizing the butt joint with WeChat, cloud flash payment and a Payment treasure, and recharging the smart card account through a trusted service interface provided by the positive one-card system;

the new payment module is used for realizing the butt joint with the payment bank and realizing the recharging of the intelligent card account through a trusted service interface provided by the new all-purpose card system;

the bank payment module is provided with independent docking programs aiming at different banks and is used for realizing docking with bank APP provided by the banks; the bank payment module can complete recharging of the intelligent card account through a trusted service interface provided by the normal one-card system or the new one-card system;

in this embodiment, after the forward PAY module is in butt joint with the WeChat and cloud flash payment, the smart card account can be recharged through a trusted service interface provided by the new all-purpose card system; the positive PAY module needs to inquire and check third-party service before recharging the smart card account through a trusted service interface provided by the new smart card system.

In this embodiment, the bank payment module needs to be docked with a trusted service interface provided by the smart card system through the bank-school gateway to complete recharging of the smart card account.

In this embodiment, the genuine one-card system and the new-in-new one-card system both use the independent top-up service prefix.

The step of recharging the campus card by using the campus card soft bank gateway of the embodiment comprises the following steps:

s1: the method comprises the following steps of realizing the butt joint of a campus one-card soft bank gateway and interfaces of a bank, a cloud flash payment, a WeChat and a Payment treasure, and forming a multi-module structured service framework;

s2: classifying, judging, uniformly scheduling, managing and integrating the individual modules;

s3: and completing recharging of the one-card account according to a trusted service interface exclusively provided by a mainstream one-card manufacturer. The mainstream all-purpose card manufacturers comprise a genuine, a new and easy-to-pass platform.

It is understood that only one campus one-card soft silver gateway of the embodiment needs to be deployed, so that access of transfer services of third-party platforms such as a payment bank, a cloud flash payment and a WeChat can be completed, convenient recharging of the campus one-card is achieved, and on-line transfer service docking of various mainstream banks and local banks can be achieved.

The smart card is also provided with a TCM chip, the TCM chip is internally provided with a nonvolatile storage area and an encryption algorithm module, and the encryption algorithm module is used for re-encrypting an encrypted hard disk key generated by the crypto-control system to obtain an encrypted key;

the encryption algorithm module performs Hash calculation on an encrypted hard disk key generated by the crypto-control system to obtain a Hash value of the encrypted hard disk key; and storing the encrypted key and the hash value of the encrypted hard disk key in a nonvolatile storage area.

In this embodiment, the TCM chip stores the encrypted key and the hash value of the encrypted hard disk key in the nonvolatile storage area through the TCM storage interface.

In this embodiment, the TCM chip includes a TCM identity authentication interface and a TCM hash algorithm interface, the TCM chip performs identity authentication through the TCM identity authentication interface, and the TCM chip calculates hash of the identity authentication password through the TCM hash algorithm interface to obtain an identity authentication hash value.

In this embodiment, the smart card encryption key injection is realized by setting the TCM chip: through the TCM identity authentication password, a Hash algorithm is called to calculate the Hash value of the identity authentication password, the Hash value is used as an encryption key, the TCM encryption algorithm is called to encrypt the plaintext of the encryption key of the encrypted hard disk, meanwhile, the Hash algorithm is called to calculate the Hash value of the plaintext of the encryption key of the hard disk, and the Hash value and the encrypted key are stored in a TCM nonvolatile storage area;

in this embodiment, the smart card encryption key loading is realized by setting the TCM chip: the BIOS prompts a user to input a TCM identity authentication password, after the password authentication is passed, a Hash algorithm is called to calculate a Hash value of the identity authentication password, the Hash value is used as an encryption key, an encryption key ciphertext is read from a TCM nonvolatile storage area, a TCM decryption algorithm is called to decrypt the read hard disk encryption key ciphertext, the Hash algorithm is called to calculate the Hash value after decryption, the Hash value is compared with the Hash value during injection, if the Hash value is consistent, the Hash value is transmitted to an encryption hard disk, and otherwise, the user is prompted.

The method for protecting the key of the smart card in the embodiment comprises a key injection method and a key loading method:

the key injection method comprises the following steps:

a1: importing an encryption key K1 generated by a crypto system into a computer;

a2: calling a TCM identity authentication interface to perform identity authentication, and executing the step A3 after the identity authentication is passed, otherwise, ending;

a3: calling a TCM hash algorithm interface to calculate hash on the identity authentication password to obtain an identity authentication hash value H1;

a4: taking the identity authentication hash value H1 as an encryption key, calling a TCM symmetric encryption algorithm to encrypt an encryption key K1 to obtain an encrypted key K2;

a5: calling a TCM hash algorithm to calculate the hash of an encryption key K1 to obtain an encrypted hard disk key hash value H2;

a6: and calling the TCM storage interface to store the encrypted key K2 and the encryption key hash value H2 in the nonvolatile storage area.

The key loading method comprises the following steps:

b1: firstly, prompting a user to input a TCM identity authentication password for identity authentication;

b2: after the identity authentication is passed, calling a TCM hash algorithm to calculate to obtain a password hash value H3;

b3: reading the injected encrypted key K2 and the encrypted hard disk key hash value H2 from the TCM nonvolatile storage area;

b4: taking the password hash value H3 as a decryption key, calling a TCM symmetric decryption algorithm to decrypt the encrypted key K2 to obtain a key plaintext K3;

b5: calculating a hash value of the encrypted key K2 to obtain a hash value H4, comparing the hash value H4 with the hash value H4, if the hash value H4 is equal to the hash value H4, loading the key plaintext K3 into the encrypted hard disk, and otherwise, prompting the user of failure.

Finally, only specific embodiments of the present invention have been described in detail above. The invention is not limited to the specific embodiments described above. Equivalent modifications and substitutions by those skilled in the art are also within the scope of the present invention. Accordingly, equivalent alterations and modifications are intended to be included within the scope of the invention, without departing from the spirit and scope of the invention.