CN101345622B - Information safety device capable of defining authority of apparatus holder - Google Patents
Information safety device capable of defining authority of apparatus holder Download PDFInfo
- Publication number
- CN101345622B CN101345622B CN2007101185787A CN200710118578A CN101345622B CN 101345622 B CN101345622 B CN 101345622B CN 2007101185787 A CN2007101185787 A CN 2007101185787A CN 200710118578 A CN200710118578 A CN 200710118578A CN 101345622 B CN101345622 B CN 101345622B
- Authority
- CN
- China
- Prior art keywords
- password
- user
- dynamic password
- information safety
- static
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
- 230000003068 static effect Effects 0.000 claims abstract description 73
- 230000007246 mechanism Effects 0.000 claims abstract description 6
- 238000012360 testing method Methods 0.000 claims abstract description 3
- 230000008676 import Effects 0.000 claims description 19
- 238000000034 method Methods 0.000 claims description 13
- 238000004891 communication Methods 0.000 claims description 12
- 230000008569 process Effects 0.000 claims description 12
- 230000005540 biological transmission Effects 0.000 claims description 11
- 230000008859 change Effects 0.000 claims description 9
- 238000003860 storage Methods 0.000 claims description 9
- 230000008901 benefit Effects 0.000 claims description 5
- 238000009434 installation Methods 0.000 claims description 5
- 238000012795 verification Methods 0.000 claims description 5
- 230000001681 protective effect Effects 0.000 claims description 4
- 239000000203 mixture Substances 0.000 claims description 3
- 230000000052 comparative effect Effects 0.000 claims description 2
- 238000012217 deletion Methods 0.000 claims description 2
- 230000037430 deletion Effects 0.000 claims description 2
- 230000009365 direct transmission Effects 0.000 claims description 2
- 238000005516 engineering process Methods 0.000 description 5
- 238000000151 deposition Methods 0.000 description 3
- 230000006870 function Effects 0.000 description 3
- 238000007689 inspection Methods 0.000 description 2
- 230000009545 invasion Effects 0.000 description 2
- 241000700605 Viruses Species 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000001914 filtration Methods 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- GOLXNESZZPUPJE-UHFFFAOYSA-N spiromesifen Chemical compound CC1=CC(C)=CC(C)=C1C(C(O1)=O)=C(OC(=O)CC(C)(C)C)C11CCCC1 GOLXNESZZPUPJE-UHFFFAOYSA-N 0.000 description 1
Images
Landscapes
- Storage Device Security (AREA)
Abstract
Description
Claims (20)
- One kind can defining authority of apparatus holder information safety device, it is characterized in that: this device comprises communication interface, dynamic password generation, demonstration and authentication unit, static password record and use the unit also has at least one protection zone; Device receives after the request unit that imports into from the outside generates the instruction of dynamic password; Generate dynamic password and be presented on the device with certain form; For be in device nearby and the device holder that can observe the dynamic password display unit on the device read, device receives and the dynamic password of demo plant holder input, also comprises a static password in the packet of the said dynamic password of transmission that device receives; Device is in case said dynamic password is passed through in checking; This static password of immediate record, this static password promptly become the user unit protection district are carried out the authority of subsequent access, wherein; The user uses said static password access means protection zone, does not need the simultaneous verification dynamic password.
- 2. according to claim 1ly can clearly install the information safety device of holder's right, it is characterized in that: said dynamic password is more preferential than said static password; Said static password is divulged a secret even is distorted when causing device by Long-distance Control; When perhaps the user forgets said static password; The device holder through verifying dynamic password again the mode entering device and reset static password, regain the power of access means protection zone; This is provided with and has guaranteed that the device holder has the power in priority access unit protection district.
- 3. information safety device that can defining authority of apparatus holder according to claim 1 is characterized in that: said communication interface is used for the operational order of transmission user to give device and the operation result of device is transferred to the device outside; Import the instruction of request unit generation dynamic password into, import the transmitted in both directions of data complete data packet, user and the device daily conversation process of dynamic password and static password composition into from installing the outside, all will pass through this communication interface from installing the outside.
- 4. information safety device that can defining authority of apparatus holder according to claim 1, it is characterized in that: said protection zone has a plurality of, and there is different static passwords each protection zone.
- 5. information safety device that can defining authority of apparatus holder according to claim 1; It is characterized in that: said static password; A credible program outside by device produces and encrypts storage, and this credible Automatic Program is called this static password during each operative installations, does not need the user to import.
- 6. information safety device that can defining authority of apparatus holder according to claim 5; It is characterized in that: said dynamic password display unit; It can be the device that shows dynamic password by the character string one whole; Can be the device that shows dynamic password by character string several times, also can be the device that step-by-step shows dynamic password several times.
- 7. information safety device that can defining authority of apparatus holder according to claim 6 is characterized in that: if said dynamic password shows that several times then the user needs several times dynamic password is sent to device; The user sends every part of this dynamic password must add same static password; Before complete dynamic password sent and accomplishes, this static password did not allow change, if change is arranged; Install that the dynamic password of empirical tests partly cancels, need restart checking.
- 8. information safety device that can defining authority of apparatus holder according to claim 1, it is characterized in that: also have the key of a pair of rivest, shamir, adelman, the PKI of this key is sent to the device outside, and the private key of this key is stored in device inside; The complete data packet that dynamic password that said device receives and static password are formed is used said public key encryption in the device outside, and it is inner with said private key deciphering to be transferred to device; Data in the packet do not allow change in transmission course, if change is arranged, decrypting process can not normally carry out, and whole packet is invalid, and this is provided with and can prevents that static password is stolen or is replaced in transmission course.
- 9. based on the described information safety device that can defining authority of apparatus holder of claim 8; It is characterized in that: the key of said a pair of rivest, shamir, adelman can be the device characteristic key, the pair of secret keys that enough said device and other devices is distinguished that promptly exists in the device; It also can be the pair of secret keys that device generates in addition.
- 10. information safety device that can defining authority of apparatus holder according to claim 9; It is characterized in that: for the employment mechanism that guarantees dynamic password is never closed; Have two logical channels that can not close in the device, the data flow in one of them logical channel is from installing the user, and this logical channel is used for sending the PKI of the key of said a pair of rivest, shamir, adelman; Not encrypted, the direct transmission of this PKI, the recipient need verify the sender; Data flow in another logical channel is from user's auto levelizer, and this logical channel is used for sending the complete data packet of forming with the dynamic key of the public key encryption of the password of said a pair of rivest, shamir, adelman and static keys.
- 11. information safety device that can defining authority of apparatus holder according to claim 10; It is characterized in that: said " recipient need verify the sender "; Promptly through a trust chain; The private key of PKI pairing of key that guarantees the said a pair of rivest, shamir, adelman outside with sending to device is inner at device, and this private key is in other local not backups, thereby guarantees to have only this device to decipher with the data of the public key encryption of the key of said a pair of rivest, shamir, adelman.
- 12. information safety device that can defining authority of apparatus holder according to claim 1, it is characterized in that: said static password can be a password; During the each access means of user protection zone, device at first relatively from install the password that imports into the outside and device the password of record whether consistent, the comparative result unanimity is installed and is just allowed user capture unit protection district.
- 13. information safety device that can defining authority of apparatus holder according to claim 1, it is characterized in that: said static password can be the key of symmetric encipherment algorithm, comprises the key of DES algorithm, 3DES algorithm; Also can be the PKI and the private key of rivest, shamir, adelman, comprise the PKI and the private key of RSA Algorithm, ECC algorithm; Said static password can be used for device the user is carried out authentication, also can in the process of device and user conversation, be used for data are carried out encryption and decryption.
- 14. according to claim 12 or 13 described information safety devices that can defining authority of apparatus holder, it is characterized in that: said static password makes up use as required.
- 15. information safety device that can defining authority of apparatus holder according to claim 1; It is characterized in that: when said device used as the access controller that hard disk is protected, said unit protection district comprised the authority list that all types of user conducts interviews to hard disk.
- 16. information safety device that can defining authority of apparatus holder according to claim 1; It is characterized in that: when said device used as the channel controller on the network, said unit protection district comprised the access rule tabulation that determines each network channel break-make.
- 17. information safety device that can defining authority of apparatus holder according to claim 1; It is characterized in that: when said device used as conventional USBKEY, said unit protection district comprised the arithmetic element that pin sign indicating number memory block, private key memory block, use private key are deciphered or signed.
- 18. information safety device that can defining authority of apparatus holder according to claim 17 is characterized in that: after the user obtains the power of access means protection zone, could verify the pin sign indicating number; The pin sign indicating number is through after verifying, the user could visit the private key memory block; Unit protection pin sign indicating number and private key for user, pin sign indicating number protection private key for user, the advantage of this structure is the multiple protective of having realized private key for user.
- 19. information safety device that can defining authority of apparatus holder according to claim 17; It is characterized in that: when said device uses as conventional USBKEY; In some particular application; Do not establish the pin sign indicating number, said unit protection district comprises private key memory block, the arithmetic element of using private key to decipher or sign.
- 20. information safety device that can defining authority of apparatus holder according to claim 1 is characterized in that: be not made as the information that can not destroy by the device owner, the device holder has the power of whole these information of deletion; When the device owner did not set any information that can not destroy, device the holder can format whole device.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN2007101185787A CN101345622B (en) | 2007-07-10 | 2007-07-10 | Information safety device capable of defining authority of apparatus holder |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN2007101185787A CN101345622B (en) | 2007-07-10 | 2007-07-10 | Information safety device capable of defining authority of apparatus holder |
Publications (2)
Publication Number | Publication Date |
---|---|
CN101345622A CN101345622A (en) | 2009-01-14 |
CN101345622B true CN101345622B (en) | 2012-07-25 |
Family
ID=40247519
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN2007101185787A Expired - Fee Related CN101345622B (en) | 2007-07-10 | 2007-07-10 | Information safety device capable of defining authority of apparatus holder |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN101345622B (en) |
Families Citing this family (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103428000A (en) * | 2013-08-27 | 2013-12-04 | 深圳市文鼎创数据科技有限公司 | Information authentication method and system |
US10666642B2 (en) * | 2016-02-26 | 2020-05-26 | Ca, Inc. | System and method for service assisted mobile pairing of password-less computer login |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1359487A (en) * | 1998-09-17 | 2002-07-17 | 英戴克系统公司 | Apparatus and methods for unlocking password protected software systems to recover master password |
CN1650568A (en) * | 2002-05-06 | 2005-08-03 | 汤姆森特许公司 | Hand-held device forgotten password notification |
-
2007
- 2007-07-10 CN CN2007101185787A patent/CN101345622B/en not_active Expired - Fee Related
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1359487A (en) * | 1998-09-17 | 2002-07-17 | 英戴克系统公司 | Apparatus and methods for unlocking password protected software systems to recover master password |
CN1650568A (en) * | 2002-05-06 | 2005-08-03 | 汤姆森特许公司 | Hand-held device forgotten password notification |
Also Published As
Publication number | Publication date |
---|---|
CN101345622A (en) | 2009-01-14 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Ye et al. | Security analysis of Internet-of-Things: A case study of august smart lock | |
Landman | Managing smart phone security risks | |
Mohamed et al. | Android vs iOS security: A comparative study | |
US20100275265A1 (en) | System for securing transactions across insecure networks | |
CN108418691A (en) | Dynamic network identity identifying method based on SGX | |
US9177165B2 (en) | System and method for a secure environment that authenticates secure data handling to the user | |
CN102063592A (en) | Credible platform and method for controlling hardware equipment by using same | |
Lee et al. | Reverse‐safe authentication protocol for secure USB memories | |
CN103930899A (en) | A method for managing public and private data input at a device | |
US11677546B2 (en) | Methods and systems of securely transferring data | |
WO2008053279A1 (en) | Logging on a user device to a server | |
CN117040741A (en) | Method and device for safely transmitting data based on FTTR networking mode | |
KR101042234B1 (en) | Method for protecting from unauthorized reading a classified digital document using location authentication in client document protection program | |
CN101345622B (en) | Information safety device capable of defining authority of apparatus holder | |
CN103164661A (en) | Device and method used for managing data in terminal | |
KR101262844B1 (en) | Apparatus for relaying remote meter data for controlling network access and method thereof | |
KR101318668B1 (en) | Portable memory card having information security function | |
CN109600397A (en) | A kind of network security monitoring and managing method | |
Dictionary | Cybersecurity | |
Shahbazov | NAVIGATING THE 5G SECURITY LANDSCAPE: REGULATIONS, TECHNOLOGIES, AND FUTURE CHALLENGES | |
KR100782695B1 (en) | Device of security and authentication for remote access to process control system and method of the same | |
KR20080042582A (en) | System and method for protecting a user device using a token device | |
Bwalya et al. | A Security Framework for Mobile Application Systems: Case of Android Applications. | |
CN109818738A (en) | A kind of terminal safe logging method | |
CN202177903U (en) | Trusted platform with control function |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
ASS | Succession or assignment of patent right |
Owner name: BEIJING ZEBANON SCIENCE + TECHNOLOGY CO., LTD. Free format text: FORMER OWNER: LI DAIFU Effective date: 20110512 |
|
C41 | Transfer of patent application or patent right or utility model | ||
COR | Change of bibliographic data |
Free format text: CORRECT: ADDRESS; FROM: 100096 BEIJING ZEBANON S + T LTD., TOWER B, NO. 31, JIANCAILU WEST ROAD, XISANQI, HAIDIAN DISTRICT, BEIJING TO: 100096 TOWER B, NO. 31, JIANCAICHENG WEST ROAD, XISANQI, HAIDIAN DISTRICT, BEIJING |
|
TA01 | Transfer of patent application right |
Effective date of registration: 20110512 Address after: 100096, B, building 31, Chengxi Road, Xisanqi, Haidian District, Beijing Applicant after: Beijing Zebanon Science & Technology Co., Ltd. Address before: 100096, Beijing, Xisanqi, Haidian District building materials Road West No. 31 B block, Beijing Purple Dragon technology limited liability company Applicant before: Li Daifu |
|
C14 | Grant of patent or utility model | ||
GR01 | Patent grant | ||
C56 | Change in the name or address of the patentee |
Owner name: BEIJING ZEBANON SCIENCE + TECHNOLOGY, INC. Free format text: FORMER NAME: BEIJING ZEBANON SCIENCE + TECHNOLOGY CO., LTD. |
|
CP01 | Change in the name or title of a patent holder |
Address after: 100096, B, building 31, Chengxi Road, Xisanqi, Haidian District, Beijing Patentee after: BEIJING ZEBANON SCIENCE & TECHNOLOGY, INC. Address before: 100096, B, building 31, Chengxi Road, Xisanqi, Haidian District, Beijing Patentee before: Beijing Zebanon Science & Technology Co., Ltd. |
|
CP01 | Change in the name or title of a patent holder | ||
CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20120725 Termination date: 20180710 |
|
CF01 | Termination of patent right due to non-payment of annual fee |