CN100505658C - Method for realizing wireless LAN accessing - Google Patents
Method for realizing wireless LAN accessing Download PDFInfo
- Publication number
- CN100505658C CN100505658C CNB2004100740619A CN200410074061A CN100505658C CN 100505658 C CN100505658 C CN 100505658C CN B2004100740619 A CNB2004100740619 A CN B2004100740619A CN 200410074061 A CN200410074061 A CN 200410074061A CN 100505658 C CN100505658 C CN 100505658C
- Authority
- CN
- China
- Prior art keywords
- request
- discriminating
- mobile radio
- radio terminal
- plug
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Landscapes
- Small-Scale Networks (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The method includes steps: (1) setting up BSS digital certificate list, public and private keys and WAPI algorithm needed for logging on wireless local area network (WLAN) to a plug-in package supported by WAPI, and setting up interface of supporting the plug-in package on a wireless mobile terminal; (2) when STA enters to effective range of AP, AP initiates authentication activation for authenticating BSS ID; (3) based on BSS certificate list in dedicated plug-in package, SAT determines whether access condition is possessed; if yes, carrying out access authentication; if no, then refusing the authentication activation. The plug-in package can contain multiple pieces of certificate so as to solve issue that user logs on two or more WLAN by turns.
Description
Technical field
The present invention relates to the communications field, relate in particular to a kind of method that realizes that WLAN (wireless local area network) inserts.
Technical background
WLAN (WLAN (wireless local area network)) the national standard WAPI (WAPI) that is formulated by wide-band wireless IP standard operation group formally came into effect on June 1st, 2004, and will force to carry out the WAPI standard at the wlan product that Chinese home sale uses.This standard at the safety problem of WLAN (wireless local area network), has provided technical solution and code requirement taking into full account and take into account on the basis that the WLAN (wireless local area network) product interconnects.The promulgation of this standard will make the WLAN technology obtain broad development in China the application of standard wlan product in China, and will expedite the emergence of out many new market business opportunities.But in standard, there are some weak links, as: STA (mobile radio terminal) can't support a plurality of BSS networks, the problem that ease for use is not strong automatically in the existing standard; Can not effectively prevent from simply to store forwarding attack, easily cause ASU (asu (authentication service unit)) to block.The existence of these problems will influence the popularization and effectively application implementation of China WLAN standard.
Some weak links that exist in the WLAN gb specification are as follows:
1, when STA supports a plurality of BSS (basic service sets) network, can't discern automatically or must the user manually intervene, ease for use is not strong.
In actual applications, the user wishes to land online in two or more WLAN (wireless local area network) application demand may appear.But the ASU that does not deposit in the equipment of regulation access of radio network in the WLAN gb specification issues the certificate number, also just can't satisfy the demand that the user lands a plurality of WLAN (wireless local area network).
2, in the WAI authentication infrastructure, can not effectively prevent from simply to store forwarding attack, cause the obstruction of ASU easily.
In the former standard P51 page or leaf about " (English: access point, explain: any one has the website function to AP, and the entity of the ability of visit Distributed Services is provided for the website of association by wireless medium.Annotate: be called " WAP (wireless access point) " generally speaking) when receiving the access discriminating request of STA transmission, the state that this STA is set is " link verification, related, discriminating " at every turn, promptly discrimination process is restarted.”
If malicious user is arranged by intercepting and capturing the request of certificate authentication that normal STA sends to AP, constantly retransmit after repeating transmission or the simple modification, ASU is handled differentiate that requested resource is occupied, cause validated user can't carry out normal identity validation process, influence the operation of whole network.
Summary of the invention
The objective of the invention is under the prerequisite of the application service demand of relevant SSL in satisfying China WLAN protocol frame, using increases the method that mobile terminal of wireless local area network is supported the WAPI custom plug-in, solve the user and can't between a plurality of WLAN (wireless local area network), intersect and land indulging in the internet, provide the WAPI that satisfies China's WLAN (wireless local area network) standard to serve.For this reason, the present invention adopts following technical scheme:
A kind of method that realizes that WLAN (wireless local area network) inserts comprises:
A, in supporting WAPI (WAPI) plug-in unit, be provided with and land the WLAN (wireless local area network) required tabulation of BSS digital certificate, public and private key and WAPI algorithm, and the interface of supporting this plug-in unit is set at mobile radio terminal;
B, when mobile radio terminal (STA) enters the effective range of WAP (wireless access point) (AP), AP initiate to differentiate that the discriminating of BSS sign activates;
C, STA tabulates by the BSS digital certificate that described interface obtains in the described plug-in unit, public and private key and WAPI algorithm, and judge according to the BSS list of cert in the custom plug-in whether it possesses access conditions, if possess, then enter to insert and differentiate, after entering the access discriminating, the discriminating request time that mobile radio terminal adopts this mobile radio terminal private key will insert in the request of discriminating is signed, and the discriminating request after will signing sends to WAP (wireless access point), WAP (wireless access point) is used mobile radio terminal public key verifications signature, make and differentiate judgement, and then insert mobile radio terminal or refuse to insert request, if do not possess, then refuse this discriminating and activate.
Described step C further comprises:
C1, as STA in the list of cert that obtains, find meet AP differentiate to activate in the certificate of BSS identification information, then STA selects this certificate and generates new discriminating request.
After entering the access discriminating, the discriminating request time that mobile radio terminal adopts this mobile radio terminal private key will insert in the request of discriminating is signed, and the discriminating request after will signing sends to WAP (wireless access point), WAP (wireless access point) is used mobile radio terminal public key verifications signature, make and differentiate judgement, and then insert mobile radio terminal or refusal access request, further comprise:
D3, judge this discriminating request and whether last to insert request consistent, if unanimity enters step D4; If inconsistent, enter step D5;
D4, refusal this time insert request;
D5, discriminating are passed through.
Described step D4 further comprises:
D41, AP certifying signature, if the verification passes, the state that this STA then is set is " link verification, related, discriminating ".
Discriminating request after described will the signature sends to WAP (wireless access point), further comprises:
Request time differentiated in D6, AP record, and send request of certificate authentication to ASU, and time-out time is set.
Described method also is included in the step that STA is provided with the canonical function interface of this plug-in unit.
The present invention realizes the service of WAPI part by supporting the WAPI custom plug-in with the product form of hardware or software; This custom plug-in adopts the close WAPI of the doing tailor-made algorithm of built-in merchant, required digital certificate when loading portable terminal and logining to wireless access point AP, and the security service of authentication, signature, authentication and encryption is provided by standard interface.The present invention be convenient to based on the STA product of international wireless local area network technology or similar techniques easily and fast the product that meets China's standard-required is provided.When not having this plug-in unit, former wireless network card can insert common AP equipment, satisfies the needs of international roaming.
Support the WAPI custom plug-in independently to issue, and the list of cert that can deposit many certificates and can mate automatically, thereby the solution user is intersected the problem of online of landing between two or more WLAN (wireless local area network).
2, this plug-in unit provides the standard interface of interoperable, is convenient to be more convenient for reaching meeting " telecommunication and information exchange local net and metropolitan area network particular requirement the 11st part between information technology system: WLAN (wireless local area network) media interviews control and physical layer specification " required standard based on the STA product of international wireless local area network technology or similar techniques with implementing.
3, this plug-in unit can be deposited many certificates, intersects the problem of online of landing thereby solve the user between two or more WLAN (wireless local area network).
Description of drawings
Fig. 1 is the logical construction block diagram of the chip of support WAPI custom plug-in of the present invention;
Fig. 2 is the Principle of Communication figure of support WAPI custom plug-in of the present invention and portable terminal;
Fig. 3 is the workflow of support WAPI custom plug-in of the present invention;
Fig. 4 is that STA of the present invention receives the process chart that the discriminating of the AP that increases the BSS sign activates;
Fig. 5 is that AP of the present invention receives the process chart after STA inserts the request of discriminating;
Fig. 6 is a WAPI custom plug-in canonical function interface interchange flow chart of the present invention;
Fig. 7 is WAPI custom plug-in canonical function interface of the present invention and other part relations schematic diagrames.
Embodiment
Below in conjunction with Figure of description the specific embodiment of the present invention is described.
One, support the structural principle and the workflow explanation of WAPI custom plug-in:
Support that the WAPI custom plug-in is to utilize the high-speed intelligent chip with USB communication interface that the safety information product of the WAPI service of satisfying China's WLAN (wireless local area network) standard is provided for the user for core.This plug-in unit realizes that in strict accordance with China's " WLAN (wireless local area network) product cipher algorithm application standard " symmetric cryptographic algorithm, elliptic curve encryption algorithm, ECDSA, hash algorithm and random number that GB15629.11-2003 uses produce algorithm, required digital certificate when loading portable terminal simultaneously and logining to AP, and generate, preserve interim WPI (wireless local area network security foundation structure) session key in key agreement stage, and in supporting the WAPI custom plug-in, finish the security service of authentication, signature, authentication and encryption.
WPI is a wireless local area network security foundation structure, and the 8th chapter in China GB 15629.11-2003 " telecommunication and information exchange local net and metropolitan area network particular requirement the 11st part between information technology system: WLAN (wireless local area network) media interviews control and physical layer specification " is described in detail it.It adopts symmetric cryptographic algorithm that is used for WLAN of State Secret Code Regulatory Commission Office approval to realize data protection, to the MSDU (MAC service data unit) of MAC (media interviews control) sublayer add, decryption processing.In WAPI by WAI (authentication infrastructure) thus in certificate discriminating, unicast key agreement and multicast key notification formation WPI session key.)
Support that the chip of WAPI custom plug-in is a high safe SOC chip based on 32 risc processors, possess characteristics such as high throughput, high security, low-power consumption, low cost.
As shown in Figure 1, be the logical construction block diagram of supporting the chip of WAPI custom plug-in among the present invention.The key characteristic of the chip that uses of the present invention as we can see from the figure:
1) processor performance
● the high safe CPU nuclear of custom-made
0 32 RISC
05 level production lines
Zero changeable frequency, dominant frequency can be operated in more than the 100MHz
Zero hardware multiplication coprocessor
● general safety notion, excellent security energy and disposal ability
● high-performance CACHE
Zero 1K byte instruction CACHE
Zero 1K byte data CACHE
● storage administration and protected location (MMU)
Zero can dispose and closes, and closes back hold segment management mode;
The zero maximum 128MB space of supporting;
Zero application oriented partition holding;
Zero supports variable page length, the multistage structure of searching;
Zero virtual support storage space management;
Zero support hardware safe access control, the peripheral assembly access-controlled.
2) on-chip memory cell
● 32KB EEROM is used for the memory space of data and program
Zero can carry out reading, wipe, writing of byte;
Zero can carry out wiping, writing of byte or multibyte (maximum 64 bytes);
Zero minimum sassafras is write number of times 300,000 times;
Data hold time is minimum 10 years under zero room temperature;
Zero sassafras write performance
The ■ byte is write the time: 20us
■ page or leaf sassafras removes time: 4ms
Zero EEPROM program voltage produces in chip.
● 128KB FLASH is used for storage, function library and device drives memory space
The wiping, write of 0 128 byte pages;
Zero minimum sassafras is write number of times 20,000 times;
Data hold time is minimum 10 years under zero room temperature.
Zero sassafras write performance
The ■ byte is write the time: 20us
■ page or leaf sassafras removes time: 4ms
●RAM:8KB
3) peripheral assembly
● hardware ECC coprocessor
● hardware DES coprocessor
Zero supports the encrypting and decrypting of DES, 3DES (2KEY and 3KEY) algorithm
Zero supports the encryption and decryption of EBC pattern and CBC pattern
Zero data-transmission channel of optimizing, the port data encryption/decryption speed reaches 3Mbps (two-way)
● high-speed, true random-number generator
Zero random number generation code check is 2Mbps
Zero tests by State Secret Code Regulatory Commission Office
● USB interface
Zero supports USB1.1 agreement full rate
Zero supports three end points, and each end points is supported two Buffer, port utilization ratio height
● 1 serial line interface
Zero meets the ISO7816-3 standard, maximum 5MHz, the highest support of the speed 310Kbps of supporting of clock
● 1 GPIO interface
● 2 32 bit timing devices
● built-in oscillating controller and PLL can connect the 4MHz crystal in the outside
● support electrification reset
4) security feature
● hardware store management and defencive function
● the height voltage detecting
● the height frequency detecting
● prevent that DPA/SPA from attacking
● storage area is encrypted
● the bus scrambling
● clock and reset signal pulse filter
● safety-optimized wiring
● the unique sequence number of each chip
5) electrical characteristic
● the power consumption of entire chip is less than 200mw (under the 5V situation)
● 3 grades of low-power consumption mode controls
Zero keeps pattern
Zero park mode
Zero power-down mode
● power supply
Zero ISO pattern: 2.7-5.5V
Zero USB pattern: 3.6V-5.5V
● esd protection: more than the 4000V
● the Bond position meets the ISO7816-2 standard
As shown in Figure 2, be the Principle of Communication figure that supports WAPI custom plug-in and portable terminal among the present invention, as seen from the figure, support the WAPI custom plug-in to carry out the transmission of data message by USB port and portable terminal.
As shown in Figure 3, be the workflow of supporting the WAPI custom plug-in among the present invention, implementation procedure of the present invention as seen from the figure is as follows:
1, the user will support the WAPI custom plug-in to be fit on the user side of being furnished with wireless network card, computer operating system has detected this custom plug-in connecting system, and checks according to specific identity whether this plug-in unit is the plug-in unit that meets specified standard function interface of the present invention.
If 2 confirm that this plug-in unit is the plug-in unit that meets specified standard function interface of the present invention, then STA is by obtaining the BSS list of cert in this plug-in unit.
3, when STA enters in the effective range of AP of a BSS network, AP initiates to differentiate and activates, and differentiating this moment increases the BSS sign so that STA judges whether to possess access conditions according to list of cert in activating, and avoids invalid request, improves networks efficiency.
4, STA will utilize the access after the private key of supporting in the WAPI custom plug-in is signed to differentiate that request sends to AP, so that AP judges the authenticity of STA.
When being subjected to simply storing forwarding attack, AP should be able to filter out with last and insert the consistent request of request, and filters out aggressive request by certifying signature, thereby guarantees that ASU can handle normal request of certificate authentication efficiently, avoids the obstruction of ASU.
When being subjected to simply storing forwarding attack, AP should be able to filter out with last and insert the consistent request of request, and filters out aggressive request by certifying signature, thereby guarantees that ASU can handle normal request of certificate authentication efficiently, avoids the obstruction of ASU.
5, after finishing the certificate discrimination process, enter the key agreement stage.The interim WPI session key that generates in this stage is kept to be supported in the WAPI custom plug-in, provides WPI service according to encryption, the deciphering interface of standard.
Two, solve when STA supports a plurality of BSS network, can't discern automatically or must the user manually intervene the explanation that ease for use is not strong:
Utilization of the present invention increases the BSS sign in the discriminating of AP activates method overcomes the above problems.Promptly when STA enters in the effective range of AP of a BSS network, AP initiates to differentiate and activates, and differentiating this moment increases the BSS sign so that STA judges whether to possess access conditions according to list of cert in activating, and avoids invalid request, improves networks efficiency.
Former standard change is as follows:
● former standard P52 page or leaf 8.3.2.1.1 differentiates and activates original text in the grouping: " mail to STA by AP, differentiate that packet type is 0, the data content in the grouping is empty.”
● change to: " mail to STA by AP, differentiate that packet type is 0, the data content in the grouping such as figure below.”
Issuer name data field length is eight hyte numbers of 6-256.
Issuer name field during issuer title content representation WAI certificate is content-defined.
As shown in Figure 4, be that STA receives the process chart that the discriminating of the AP that increases the BSS sign activates among the present invention, implementation procedure of the present invention as seen from the figure is as follows:
Related or when being associated to AP again as STA, AP sends to STA and differentiates and activate, and activates STA and carries out two-way certificate and differentiate.
1, STA receives after discriminating that AP sends activates, and carries out following processing:
2, STA receives the discriminating activation of AP;
3, STA obtains the BSS list of cert of supporting in the WAPI custom plug-in by standard interface;
4, if find the certificate that meets BSS identification information in the AP discriminating activation in the list of cert of STA in the support WAPI custom plug-in of obtaining, then STA selects this certificate automatically, and generates new access discriminating request, issues AP; Otherwise STA abandons this discriminating and activates.
Three, solve in the WAI authentication infrastructure, can not effectively prevent from simply to store forwarding attack, cause the explanation of the obstruction of ASU easily:
The present invention utilizes STA will insert discriminating and asks to carry out sending to AP after the private key signature, overcomes the above problems so that AP judges the method for the authenticity of STA.Be that STA will insert and send to AP after discriminating request time in the request differentiated utilizes the private key of this STA to sign, AP receives when differentiating request with the public key verifications data signature of STA, judges the authenticity of STA.When being subjected to simply storing forwarding attack, AP should be able to filter out with last and insert the consistent request of request, and filters out aggressive request by certifying signature, thereby guarantees that ASU can handle normal request of certificate authentication efficiently, avoids the obstruction of ASU.
Former standard change is as follows:
● change to: " AP receives when request is differentiated in access that STA sends at every turn, AP judge earlier its differentiate request whether with the last time insert ask consistent, if unanimity then abandon this request; AP certifying signature more then, the state that this STA then is set if the verification passes for " link verification, related, differentiate ", promptly discrimination process is restarted; Otherwise abandon this request.”
● Figure 50 inserts the former figure of the data field of discrimination request grouping in the former standard P52 page or leaf:
| The STA certificate | Differentiate request time |
STD certificate data field length is eight hyte numbers of 155-1300, differentiates that the request time data-field length is 4 eight hyte numbers.
Change to:
| The STA certificate | Differentiate request time | The STA signature |
STD certificate data field length is eight hyte numbers of 155-1300, differentiates that the request time data-field length is 4 eight hyte numbers, and STD signed data field length is eight hyte numbers of 41-256.
The signature of STA signature expression STA all data fields before utilizing private key to STA signature field in the access discriminating request.
As shown in Figure 5, be that AP receives that STA inserts the process chart of differentiating after asking among the present invention, implementation procedure of the present invention as seen from the figure is as follows:
AP receives after access that STA sends differentiates request, carries out following processing:
1) AP receives the access discriminating request of STA;
2) whether the signature of AP checking SAT is effective, and signature makes mistakes as STA, then abandons this access and differentiates request;
3) request time differentiated in the AP record, sends request of certificate authentication to ASU then, and time-out time is set.
Four, solve the standard of clear and definite WAPI interface of failing, under the typical commercial pattern separately issued certificate lack effectively and support, can not realize the independent explanation of providing of certificate:
The present invention utilizes increases the method head it off that the STA end is supported the canonical function interface of WAPI custom plug-in.When STA receives the discriminating activation beginning that AP sends, after finishing the certificate discrimination process, enter the key agreement stage, and the encryption of carrying out subsequently, the WPI service of deciphering, STA all can utilize the WAPI canonical function interface of this programme to realize connecting with the WAPI custom plug-in, the management of WAPI custom plug-in module, the session management of WAPI custom plug-in module, the Object Management group of WAPI custom plug-in module, the encryption and decryption operation of WAPI custom plug-in module, the summary operation of WAPI custom plug-in module, the signature and the verification operation of WAPI custom plug-in module, the generation cipher key operation of WAPI custom plug-in module, calling of the functions such as generation random number of WAPI custom plug-in module.
As shown in Figure 6, be WAPI custom plug-in canonical function interface interchange flow chart among the present invention.
As shown in Figure 7, be WAPI custom plug-in canonical function interface and other part relations schematic diagrames among the present invention.
The wireless network card Drive Layer is differentiated needs to send to by the canonical function that calls custom plug-in with the information data of security services and is supported the WAPI custom plug-in to handle in the mobile radio terminal, and obtains result.
Claims (6)
1, a kind of method that realizes that WLAN (wireless local area network) inserts is characterized in that comprising:
A, in supporting the WAPI plug-in unit, be provided with and land the WLAN (wireless local area network) required tabulation of basic service sets digital certificate, public and private key and WAPI algorithm, and the interface of supporting this plug-in unit is set at mobile radio terminal;
B, when mobile radio terminal enters the effective range of WAP (wireless access point), WAP (wireless access point) initiate to differentiate that the discriminating of basic service set identification activates;
C, mobile radio terminal is tabulated by the basic service sets digital certificate that described interface obtains in the described plug-in unit, public and private key and WAPI algorithm, and judge according to the basic service sets list of cert in the custom plug-in whether it possesses access conditions, if possess, then enter to insert and differentiate, after entering the access discriminating, the discriminating request time that mobile radio terminal adopts this mobile radio terminal private key will insert in the request of discriminating is signed, and the discriminating request after will signing sends to WAP (wireless access point), WAP (wireless access point) is used mobile radio terminal public key verifications signature, make and differentiate judgement, and then insert mobile radio terminal or refuse to insert request, if do not possess, then refuse this discriminating and activate.
2, the method for claim 1 is characterized in that described step C further comprises:
C1, as mobile radio terminal in the list of cert that obtains, find meet WAP (wireless access point) differentiate to activate in the certificate of basic service set identification information, then mobile radio terminal is selected this certificate and is generated new discriminating request.
3, the method for claim 1, it is characterized in that described enter insert to differentiate after, the discriminating request time that mobile radio terminal adopts this mobile radio terminal private key will insert in the request of discriminating is signed, and the discriminating request after will signing sends to WAP (wireless access point), WAP (wireless access point) is used mobile radio terminal public key verifications signature, make and differentiate judgement, and then insert mobile radio terminal or refusal access request, further comprise:
D3, judge this discriminating request and whether last to insert request consistent, if unanimity enters step D4; If inconsistent, enter step D5;
D4, refusal this time insert request;
D5, discriminating are passed through.
4, method as claimed in claim 3 is characterized in that described step D4 further comprises:
D41, WAP (wireless access point) certifying signature, if the verification passes, the state that this mobile radio terminal then is set is " link verification, related, discriminating ".
5, method as claimed in claim 4 is characterized in that the discriminating request after described will the signature sends to WAP (wireless access point), further comprises:
Request time differentiated in D6, WAP (wireless access point) record, and send request of certificate authentication to asu (authentication service unit), and time-out time is set.
6, the method for claim 1 is characterized in that also being included in the step that mobile radio terminal is provided with the canonical function interface of this plug-in unit.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB2004100740619A CN100505658C (en) | 2004-09-02 | 2004-09-02 | Method for realizing wireless LAN accessing |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB2004100740619A CN100505658C (en) | 2004-09-02 | 2004-09-02 | Method for realizing wireless LAN accessing |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN1744540A CN1744540A (en) | 2006-03-08 |
| CN100505658C true CN100505658C (en) | 2009-06-24 |
Family
ID=36139745
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNB2004100740619A Expired - Fee Related CN100505658C (en) | 2004-09-02 | 2004-09-02 | Method for realizing wireless LAN accessing |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN100505658C (en) |
Families Citing this family (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP2096884A1 (en) * | 2008-02-29 | 2009-09-02 | Koninklijke KPN N.V. | Telecommunications network and method for time-based network access |
| CN101557588B (en) * | 2009-05-08 | 2011-10-26 | 中兴通讯股份有限公司 | User certificate management and use method and mobile terminal thereof |
| CN101568147A (en) * | 2009-05-15 | 2009-10-28 | 刘建 | Method and device of overtime processing of wireless local area network authentication infrastructure |
| CN101656962B (en) * | 2009-06-12 | 2011-12-07 | 中兴通讯股份有限公司 | Method and system for debugging equipment based on wireless local area network security foundation structure |
| CN102469456A (en) * | 2010-11-16 | 2012-05-23 | 北京中电华大电子设计有限责任公司 | Method for realizing security application of wireless local area network authentication and privacy infrastructure (WAPI) |
-
2004
- 2004-09-02 CN CNB2004100740619A patent/CN100505658C/en not_active Expired - Fee Related
Also Published As
| Publication number | Publication date |
|---|---|
| CN1744540A (en) | 2006-03-08 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN105099711B (en) | A kind of small cipher machine and data ciphering method based on ZYNQ | |
| CN103116720A (en) | Universal serial bus (USB) Key device and account management method and authentication application method thereof | |
| CN103117853B (en) | A kind of safe storage device account input and authentication method | |
| CN110753344B (en) | NB-IoT-based smart meter secure access system | |
| CN1881924A (en) | Group communication safety distribution media recording and retaking method and device | |
| CN1878055A (en) | Separation type mass data encryption/decryption device and implementing method therefor | |
| CN101141348A (en) | Intelligent domestic system and safety implementing method | |
| CN110188564B (en) | Mobile data storage terminal based on quantum key encryption | |
| CN114448727B (en) | Information processing method and system based on industrial internet identification analysis system | |
| CN105069442A (en) | Finger SE module group and payment verification method | |
| CN102693385A (en) | Embedded terminal based on SD (secure digital) trusted computing module and implementation method thereof | |
| CN104281272B (en) | Password Input processing method and processing device | |
| CN104202299A (en) | System and method of identity authentication based on Bluetooth | |
| CN108449325A (en) | A kind of block chain authentication method, equipment and the storage device of ID-based cryptosystem | |
| CN109104433A (en) | A kind of distributed cryptographic storage system | |
| CN110191136A (en) | A kind of convenient and fast file secure transmission method and equipment | |
| CN100505658C (en) | Method for realizing wireless LAN accessing | |
| CN201716734U (en) | Usb safe storage encryption device | |
| CN201438370U (en) | Movable memory device with identity successive authentication and journal recording function | |
| CN101882114A (en) | Mobile storage device with gradual identity authentication and log record | |
| CN1655142A (en) | Intelligent digital audio emitter and electronic identity safety certification method therefor | |
| Hu | Study of file encryption and decryption system using security key | |
| CN202221590U (en) | Mobile phone payment safety protection device | |
| CN102761559A (en) | Private data-based network security sharing method and communication terminal | |
| CN106060087A (en) | Multi-factor host security access control system and method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| C17 | Cessation of patent right | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20090624 Termination date: 20130902 |