chrispeng [ad_1]
1 Introduction
With the development and maturity of network technology, computer technology, database technology and smart card technology, people’s management concepts and methods are undergoing profound changes. Shandong Normal University, which has a long history and profound cultural heritage, fully realizes that education informatization is a rare opportunity and challenge for the reform and development of school management, and it is the only way for the school to modernize and integrate into the international stage. In the planning and construction of Changqingqing Campus, Shandong Normal University, after careful investigation and demonstration, fully draws on the successful experience of its brothers and universities, and closely integrates its own actual situation, the “Campus One Card” project is regarded as an important part and important part of the school’s digital campus construction. Basic engineering, adhere to a high starting point, high standards, high quality, unified organization and coordination, special project management, overall planning and design, and phased construction and implementation. The campus “all-in-one card” system, that is, the establishment of unified identity authentication, unified information portal and data sharing platform, has laid a good foundation for realizing the qualitative transformation of the school campus from a traditional campus to a digital campus in a true sense.
The essence of digital campus construction is that the management department of the school realizes the effective integration, integration and optimization of various resources through informatization means, realizes the effective allocation and full utilization of resources, and realizes the optimization and coordination of school administration and service processes. The optimization of teaching, learning and life process, thereby improving the efficiency, effect and benefit of various management and service work.
The campus “all-in-one card” refers to the campus personal data management application platform built on the campus network and using mature and advanced contactless IC cards to realize data collection. It comprehensively applies computer technology, network communication technology, database technology, automatic control technology and IC card technology. It integrates document management, file management, attendance management, restaurant management, apartment management, computer room management and other management service functions, and truly realizes “one card in hand, travel all over the campus”. Through the campus network of the school, the campus card system gradually connects the computers in various places into a relatively large data network to realize the unity and standardization of all kinds of data in the whole school. It is an important symbol of the school’s standardized, scientific and modern management. .
This article will introduce the overall structure, system function, operation plan and safety of the “One Card” of the digital campus of Shandong Normal University, and summarize and look forward to the current operation.
2 The overall structure of the campus card system
The campus “All-in-One Card” system adopts a three-level platform structure: the bank is the first-level platform; the campus card management center is the second-level platform; each campus platform is the third-level platform. The first-level platform is the bank network system, which is connected to the school campus card management center in real time through DDN, and uses ordinary telephone dialing as a line backup to realize real-time access to users, report the loss of bank cards, and daily business settlement. The secondary and tertiary platforms use the campus network as the backbone communication platform of the “campus card” system, which mainly realizes various services of the campus card in the school. The overall structure of the campus card system is shown in Figure 1.
Figure 1 The overall structure of the campus card system
The whole system adopts the popular C/S and B/S structure. The system is generally divided into two parts: the system backbone platform and the application subsystem.
(1) The system backbone platform is built on the campus network across campuses, and is divided into two parts: the data center and the management center of each campus. The data center is located at the core of the school and is connected to the backbone switch. The data center is composed of database server + disk array storage, integrated front-end, transfer front-end, identity and query front-end; the management center is placed at the core of each campus and is connected to the secondary switches of each campus, which is convenient for teachers and teachers. Health service. Each campus management center consists of a comprehensive business subsystem and an identity management subsystem.
(2) The application subsystem accepts the management and service of the backbone platform. The application subsystem can be cross-campus or independent on the campus network, and is not limited by physical location. Application subsystems can be divided into business consumption, identification and hybrid, such as business, attendance, access control, medical, water control, library and other systems.
The “One Card” system is subject to the unified planning of the digital campus and co-exists with other application systems on the campus. The “One Card” system is the basic application system in the digital campus and an important part of the digital campus. The “All-in-One Card” system firstly manages and uses the identity information files of all teachers, students and employees in the whole school. According to the different applications of the school, the system can tightly couple each application subsystem into a “three-way” card in the true sense of the “three-way” type of function communication, regional communication and time communication at the same time.
The campus card system provides a unified central platform, through which various subsystems can be connected. Subsystems include business management subsystem, water control management subsystem, library management subsystem, medical management subsystem, access control and attendance management subsystem, computer management subsystem, educational affairs management subsystem, student management subsystem, graduate management subsystem , Scientific research management subsystem, electronic control management subsystem, patrol management subsystem, school bus management subsystem, small wallet application scheme. For each subsystem, its function is independent. However, the data is controlled by the central database. The connection relationship of each subsystem is shown in Figure 2.
Figure 2 The structure diagram of the campus card
Each subsystem is connected to the campus network, and the subsystems are connected to devices that interact with users. We take the library access control management system as an example to introduce its structure. The library access control system is mainly composed of access control management software, encryption card, access control controller, channel machine, access control card reader, etc. Both the access control and the passage machine adopt the two-way access control method. There are IC card sensors on the inside and outside of the door to sense IC cards. Users use the “campus card” to enter and exit the door. Its hardware structure is shown in Figure 3.
Figure 3 Library access control hardware composition
3 Main functions of the campus card
The All-in-One Card Center Server is the core of the entire “Campus One-Card Card System”. It adopts the disk array storage technology to provide data storage services for the entire campus and real-time data backup. The processing function of the campus card for management information is mainly the function of the campus network itself. The hardware configuration of the one-card center server adopts Sun V880 server + EMC CX300 disk array + fiber switch, dual-machine hot backup, equipped with tape drive for data backup, two electronic wallet financial center servers and two identity authentication center servers. The software platform adopts Sun Solaris 9, Oracle 9i and dual-machine fault-tolerant hot backup software. The application software adopts the one-card electronic wallet data center and the one-card identity information data center.
The campus all-in-one card system uses a non-contact IC card with the cardholder’s ID printed on the surface. It is used as an ID card on campus, and the card has an expiry date and can be modified. Through the organic combination of campus card and bank card, the bank card financial function can be realized. Through the electronic wallet in the campus card, cardholders can settle their consumption with the card at any outlets in each campus, realizing digital and electronic currency settlement. The campus card center system can monitor various business subsystems and consumer terminals in real time. Cardholders can provide cardholders with functions such as inquiry, loss reporting, cancellation, and password modification through touch screen, telephone, online, and self-service terminals. Cardholders can realize real-time transfer from bank card to campus card by means of network and self-service terminal equipment.
Users can also realize business management, water control management, library management, medical management, access control and attendance management, computer management and other functions through the campus card to better serve school management and students. The functions of each subsystem are described as follows:
(1) Business management system The business management system is the most important and widely used system in the one-card system. The system is connected with the one-card central platform and shares the one-card database, so that the campus card has the function of business consumption. The main functions of the system include consumption deduction, subsidy distribution, cash recharge, loss reporting, report statistics, meal setting, recipe management, etc.
(2) Water control management system This system can combine metering and hourly charging, and is convenient to use according to the school’s own settings. Realize reasonable charges, charge more for more use, and charge less for less use. It realizes automatic statistics and avoids manual charging; it is convenient and quick to control the electric valve switch with a card; the card reading and display part can be installed separately from the valve meter, which is convenient for users to insert the card and view the balance; the system also has the functions of reporting loss, operator Password, administrator password, authority classification, report anti-counterfeiting, legal error correction, misoperation recovery and blocking, key operation warning, PC dual hard disk backup and other preventive measures, improve the safety factor.
(3) Book Management System The library is one of the important application fields of the all-in-one card system. The campus card system is widely used in library management, such as: access control, book loan management, discount payment processing such as book overdue, damage, loss, data retrieval, copy charge management, etc. Due to the management standard of Shandong Normal University Library, it is managed by mature professional management software, so the All-in-One Card is seamlessly connected as a third-party connection kit, which truly realizes the All-in-One Card for the management of the library.
(4) Medical management system This system is mainly used for the charging work of the school hospital. Through this system, the patient’s electronic medical file can be established, and the medication list can be inquired and printed at any time; discounts can be automatically calculated according to the patient’s identity and drug category to realize automatic reimbursement. Fully apply the one-card card to various functions such as registration, charging, and patient medication inquiry, which is convenient and fast; according to the statistical settlement of drugs, departments, and operators, it is convenient for purchase and settlement; it can realize relevant statistical reports.
(5) Access control and attendance management system The system includes access control and attendance functions. Access control is mainly used for identity authentication in various occasions, such as library access control, dormitory access control, etc.; attendance is mainly used for faculty attendance, personnel attendance, student attendance, etc. Use the campus card to check the attendance of faculty, staff and students, and realize computer management. Provide teachers and students’ class assessment for academic affairs, and provide financial data basis for staff attendance rewards and punishments.
(6) Computer management system This system uses a computer to supervise the login and logout operations of students using the computer in the computer room, and the remote operation of the computer in the computer room, etc. It also registers and opens accounts that have been verified correctly. On-board management provides reservation operations for computers in the computer room under the conditions of card reservation, card-free reservation, and borrowing from other schools, and can arrange students’ daily courses, settlement statistics, student class attendance statistics, and computer room usage statistics, etc. ; It can also run off the network in the case of network abnormalities to ensure the stable operation of the system.
4 Management of campus card
A good management model is the key to the normal operation of the system. Therefore, our school campus card adopts standardized management, which is divided into system management and card management. Next, we will introduce the management modes of these two aspects.
4.1 System Management Mode
Our school’s “Campus All-in-One Card System” involves multiple relationships such as banks and schools. The daily operation and maintenance of the system and the expansion of later subsystems are problems that the system management organization needs to solve. To this end, in order to ensure the smooth operation of the “Campus All-in-One Card System”, our school has set up the following departments: Bank Card Issuing Center and One-Card Center Management Organization. The Bank Card Issuing Center is mainly responsible for opening bank card accounts and conducting business with schools. Financial reporting, etc.; the cardholder business management department is mainly responsible for the daily management of cardholders, such as: account opening, account withdrawal, loss reporting, cancellation, card replacement, cardholder information modification, checking running accounts, etc.; the system maintenance department is responsible for the daily management of the system Maintenance, system data backup, global parameter setting, monitoring of various subsystems, subsystem access management, etc. The structure of these departments is shown in Figure 4.
Figure 4 Structure of the management department
4.2 Card Management Mode
The card management mode includes five modes: batch card issuance, individual card issuance, temporary card issuance, card recharge, and batch withdrawal. The management methods of each management mode are different, and the corresponding mode is used in different situations.
(1) Batch card issuance mode When new students enter the school, the batch card issuance mode is mainly adopted. Taking the department as a unit, the information entry subsystem program is installed in each hospital office, and digital camera equipment is configured to collect information. After the account opening information is entered into the program, it is uniformly entered into the central database. The central database has all the information except bank card number and campus card account number. The student ID is the unique index key field. After the information is centralized, the account opening information will be transmitted to the bank. The bank opens a bank card account and makes a bank card for each cardholder. The campus card adopts the batch card making method to print the campus card number, name, student number, photo and other information on the campus card at one time. The All-in-One Card Center guides the obtained account opening information into the account opening information database, reads the card number through a universal card reader, and writes the basic account information and electronic wallet information into the card. Finally, the college will organize the card issuance work in a unified way.
(2) Individual card issuance mode This mode is suitable for use in cases where account opening information is not provided on time or the card is lost. Campus cards and bank cards are handled separately. Individual issuance of bank cards is handled in accordance with the relevant regulations of the bank. Individual issuance of campus cards requires applicants to go through the campus card account opening procedures at the cardholder business subsystem counter of the campus. The applicant presents the relevant documents, fills in the application form, the subsystem administrator enters the account opening information, and uses the card printer to apply on-site. Lost reporting and card replacement are effective in real time across the entire network.
(3) Temporary card issuance mode This mode is suitable for new students to report to the school or when temporary personnel who come to the school are temporarily staying. The account opening information of the temporary card does not need to be complete. The temporary card mark and the card account number are printed on the surface of the card, and there is no personal information. New students who do not collect information or visitors, advanced students, and temporary staff are all suitable for temporary cards. The temporary card can be set with an expiration date, and it cannot be used after the expiration date. The card can be transferred or cancelled after use.
(4) Batch withdrawal mode This mode is suitable for use when students cancel their cards after graduation. According to the specific situation of the students, the school card center will perform batch account withdrawal operations on the business subsystem, and at the same time generate batch account withdrawal documents and transmit the information to the bank. After the bank receives the account withdrawal document, it will carry out the batch transfer business and transfer the balance to the cardholder’s bank card. After the transfer is completed, the bank will send it back to the All-in-One Card Center to complete the transfer.
(5) Card recharge mode This mode is used when the cardholder recharges. There are three ways to recharge the campus card: automatic transfer, automatic real-time transfer, and cash recharge. Automatic transfer means that the campus card automatically initiates a transfer application to the bank and transfers automatically; automatic real-time transfer refers to the student deciding when to perform automatic transfer; cash recharge refers to the cardholder taking cash to the recharge point to recharge, this method has many drawbacks and is not recommended use.
5 Security of the campus card
Our school’s one-card system is systematic, complete and safe. System security includes hardware physical security, data center security, network security, bank transfer security, and card security.
(1) The hardware entity security encryption technology is used in data transmission to prevent illegal interception and deciphering; the encryption card with the financial security processor as the core device is used to store the key and other information; the data center computer room should be placed in waterproof, fireproof, anti-theft The environment temperature and humidity are stable and clean; establish strict rules and regulations, standard operation, and real-time detection.
(2) The data center security operating system adopts the Unix system, and the security level reaches the C2 level. The system is a multi-user system, and no virus infection has been found so far. The database system adopts Oracle database, and its access control includes host operating system verification, network verification, and database verification. When designing a database, in order to improve security, important data and common data are stored in different tables; important data tables are electronically signed. Each subsystem of the data has operation logs and system security logs, which is convenient for troubleshooting when problems occur.
(3) Security of the network environment The network environment of our school’s campus card system adopts the method of dividing the virtual local area network VLAN on the basis of the campus network. Establish complete emergency measures to ensure normal operation when the campus card system fails or the communication line fails. By dividing the VLAN to ensure the logical isolation of the one-card system to improve the security of the system.
(4) The security of bank transfer adopts the method of setting up a transfer front-end, and isolates two logical network segments through dual network cards, thereby preventing access to the bank network within the campus network, and only allowing the bank transfer front-end to access the bank network. Encryption is used in the data transmission process. The transfer front-end uses dual network cards, and the logical network segment is isolated by the IP addresses of the dual network segments. The IP forwarding and routing functions and remote management and maintenance functions of the transfer front-end are closed, thus shielding the campus network. Internal and campus front-end attacks against the bank.
(5) The security of the card The card adopts the encryption mechanism of one card, one key and one zone, one key to prevent theft and misuse. In the card, the data is divided into two types: the one-card data area and the personalized subsystem data area, which enhances the security of the data. The card generates a factory key through an encryption algorithm when it leaves the factory to prevent the application of counterfeit cards. When the card is registered in the one-card system, the factory password is first verified, and then the card key is generated according to the cardholder information, and the read-write control key of the card is obtained according to the encryption algorithm and written into the card. Different limits are used to enable PINs when the card is used offline, so that the loss of a card that is lost but not reported in time is minimized.
6 Summary
In today’s rapid development of informatization construction, education informatization must not only possess today’s technology, but more importantly, make the current construction conform to the trend of tomorrow. The “All-in-One Card” system on our school campus has been in operation for more than a year, and various management departments have basically realized the effective integration, integration and optimization of various resources through informatization means, and have realized the optimization and coordination of school administration and service processes. Optimization of teaching, learning and life process, so as to improve the efficiency, effect and benefit of various management and service work. Based on the construction of our school’s campus card and the current usage, the summary is as follows:
(1) From construction to operation, the campus card of our school is a large project, involving every department of the school, every teacher, student and employee. The school leaders attach great importance to it, and all departments of the school cooperate with each other. The school has established a special management organization to plan and manage the construction of the campus card.
(2) Use the campus network to establish a network operating environment of the campus card system, realize the real-time transmission of the basic data of the campus card, dynamically grasp the situation of each cardholder, and greatly improve the management level of the school. Strengthening the management of campus cards makes registration, loss reporting, and re-application simple and easy, and personal security is high. Protect the interests of cardholders to the greatest extent and ensure the safe operation of the campus card system.
(3) Judging from the current use, our school’s one-card system has good scalability. Since the application of campus cards is very wide, it is impossible to build them all at once. Our school continues to increase the application scope of campus cards according to their own needs, such as student status management system, attendance management system, etc. The hardware system design adopts a distributed system, and the control host has sufficient margin and communication interface; the software design adopts functional module division, and the increase of subsystems or the increase of subsystem functions will not cause technical transformation or structural network expansion of the system. burden.
(4) The data center adopts a large database, and adopts the management method of separating important data from ordinary data, which improves the security of data and lays a solid foundation for the campus network to provide more and better services to teachers and students.
The application scope of the campus card covers the entire campus, and truly realizes the consumption card, the identification card, and the school management card. Moreover, the organic combination of campus card and bank card has greatly facilitated the financial management of schools and students. However, the functions of the campus card still need to be improved:
(1) The authentication function needs to be strengthened. All-in-one card has played an important role in the information management of the campus. In fact, this card in the hands of students happens to be a true portrayal of students’ daily life. It acts as a window. Therefore, the identity verification function in the all-in-one card should be used in some important place to play its full role. At present, this function can fully play its role in libraries, canteens and other places, but it has not played its identity verification function in teaching buildings, dormitory buildings, computers, and school gates. In order to truly realize the management of students’ apartments and information integration, the above links are issues that must be considered.
(2) Establish an electronic file for each student’s credit assessment, and you can check the student’s daily school-related information at any time. It is not easy to understand students’ daily life, study and other related information, but a card can effectively solve similar problems. On the basis of the comprehensive identity verification function of the one-card, each student’s daily access and study place can be recorded through the one-card system, such as leaving the apartment door in the morning, when to go to the classroom, what time to go to the library, when to arrive The dining hall can be recorded by swiping the card, and it can be called up and inquired at any time, and some important links can be controlled a little, so that the relevant credit assessment files of students’ consumption, borrowing, work and rest, etc. Information integration management and behavior assessment and evaluation are very helpful. In terms of technical support, through the single sign-on (SSO) technology, the relevant information of the student activity cycle (one day) can be recorded. When the student logs in by swiping the card at any place in the relevant service system, the object tracking service in the activity cycle will be activated. Cycle ends. Therefore, single sign-on can effectively record the student’s activity information in the school, and finally can generate each student’s credit assessment file through the control strategy.
(3) Realize the consumption function of the all-in-one card on campus. At present, the all-in-one card has realized its value in many aspects, but it has not yet been used in more consumption links of students, such as supermarket shopping, on-board settlement, medical treatment in school hospitals, etc. It is still operated by paying cash. On the basis of credit card consumption in the cafeteria, consumption points (servers and credit card machines) in the local area network can be appropriately added to realize the above-mentioned credit card consumption, which can bring convenience to students in consumption and save many disadvantages of cash transactions. However, there are many problems involved in the consumption function, especially its security control. In addition to processing each operation through the transaction mechanism, it is also necessary to consider limiting the daily consumption amount and the number of times students swipe their cards to avoid theft. Overdraft consumption.
In a word, all-in-one card has played an irreplaceable role in our life, it has made our life more and more convenient, fast and safe. If we can use it more effectively, there is reason to believe that in the near future, we can truly realize “one card in hand, travel all over the campus”!
The construction and use of digital campus network card not only reflects the degree of school informatization, but more importantly, it improves the level of school teaching and management, and lays a foundation for the development of the school!
references:
[1] Zhang Peng. It is imperative to connect the campus network with the one-card card. China Modern Educational Equipment, No. 2, 2006.
[2] Chen Yingzi. One card is the inevitable trend of modern university management. Microcomputer Application, No.4, 2004.
[3] Xie Liming. The experience of campus card and the construction of campus network. Journal of Sun Yat-Sen University, June 2002, Volume 41.
[4] Tang Xiangyang, Wang Chao, Zhang Youyou. Security management strategy of digital campus card system.[J]. Journal of Southwest University for Nationalities (Natural Science Edition), 2005
[5] Summer hire. Design of campus card system and analysis of network security system. Zhejiang University Master’s Thesis, 2005.
[6] Sun Fuqiang, Tao Li. Digital Campus and Campus Card, Information Science, 2003; 21(8): 824—826.
About the Author:
Zhang Jingtao, Li Tianlai, School of Information Science and Engineering, Shandong Normal University
Information Technology Center of Shandong Normal University Li Xiangyang
[ad_2]
