CN101557289A - Storage safe key management method based on ID authentication - Google Patents

Storage safe key management method based on ID authentication Download PDF

Info

Publication number
CN101557289A
CN101557289A CNA2009100115790A CN200910011579A CN101557289A CN 101557289 A CN101557289 A CN 101557289A CN A2009100115790 A CNA2009100115790 A CN A2009100115790A CN 200910011579 A CN200910011579 A CN 200910011579A CN 101557289 A CN101557289 A CN 101557289A
Authority
CN
China
Prior art keywords
user
key
information
terminal
kmc
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CNA2009100115790A
Other languages
Chinese (zh)
Inventor
刘晓冰
白朝阳
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Dalian University of Technology
Original Assignee
Dalian University of Technology
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Dalian University of Technology filed Critical Dalian University of Technology
Priority to CNA2009100115790A priority Critical patent/CN101557289A/en
Publication of CN101557289A publication Critical patent/CN101557289A/en
Pending legal-status Critical Current

Links

Images

Landscapes

  • Storage Device Security (AREA)

Abstract

A storage safe key management method based on ID authentication belongs to the storage safe field. The method is characterized in that based on a normal identity key authentication, a safe management system conducts secondary identity authentication according to the memory protection password set when a user register and uses the password to establish the functional relation of the user key and the encapsulation information of the storage protection key so that a validated user can use the autologous key to decrypt the encapsulation information of the storage protection key and has access to visit confidential information. The method can resist the attack of the extreme security incidents; even if the key of the user is copied, an attacker can not pass through an identify authentication system owing to lack of the memory protection password; the attacker steals the storage protection key of the confidential information, and so can not pass through the identify authentication system owing to being unable of getting the key of a terminal unit to obtain the cryptic confidential information.

Description

Storage security key management method based on authentication
Technical field
The invention belongs to the storage security field, relate to the information security management technology, specially refer to the key management method in a kind of enterprise terminal storage safety.
Background technology
Along with being extensive use of of information technologies such as the aggravation of market competition and movable storage device, be stored in the security threat that the confidential information in the corporate intranet is come from the outside, the bulk information leakage of a state or party secret has appearred.The safety management of Intranet terminal storage is more and more paid attention to by each large enterprises and tissue.At present, for the storage security management of the sensitive data in the Intranet, mainly be to take at application system level or operating system nucleus layer, logarithm applies privacy protection factually.In this process, topmost problem is the safety management of key, relates to key generation, cipher controlled, key updating.
Confidential information is as one of enterprise core competence, and its security relationship is to " final and decisive juncture " of enterprise and tissue.Therefore; the storage security key management of confidential information should be considered the generation of some extreme security incidents; reveal or confidential information protection key is revealed as subscriber identity information, when these extreme security incidents took place, system can guarantee that still confidential information can't be stolen by malice.Simultaneously, key management and maintenance cost should be not excessive.
The present invention proposes a kind of storage security key management method, effectively address the above problem based on authentication.
Summary of the invention
The technical problem to be solved in the present invention provides a kind of storage security key management method based on authentication, adopts the method for twice protection checking, authorizes specific user's addressing machine confidential information.
Each logic module that the present invention includes is coordinated common protection confidential information safety with system security management, specifically comprises:
(1) terminal proxy module: operate on the terminating machine, the interface of safety operation is provided, the key associative operation of administrative client and authenticating user identification request.
(2) KMC's module: be responsible for carrying out and the managing keys operation.
(3) data are preserved module: for cipher key operation provides the backstage storage.
Technical scheme of the present invention is as follows:
Step 1: initialization system parameter
Before authentication, according to deriving from user safety strategy and system context environmentAL safety condition, the level of security of main body of initialization system (visit process) and object (visit data), level of security can be set as required.
Step 2: according to the system parameters of above-mentioned setting, the terminal storage facility information that safety management system generates user profile and has uniqueness.
Step 3: key generates
The key that the present invention relates to comprises: system's master key, user key (client public key and private key for user), terminal storage key (terminal storage PKI and terminal storage private key), information stores protection key.
System's master key: KMC chooses random number arbitrarily as system's master key, is stored in the data memory module, and this key is not open to the user;
User key: according to client public key (user profile), KMC generates private key for user, and private key for user is sent to the user terminal proxy module, is stored among user's the USB-KEY;
The terminal storage key: according to the terminal storage facility information (terminal storage PKI) of safety management system authentication, KMC generates the terminal storage private key, is stored in the data memory module, and this key is not open to the user;
Information stores protection key: KMC chooses random number arbitrarily and protects key as information stores, is stored in the data memory module, and this key is not open to the user.
In the key generative process, user's private key is stored among the USB-KEY, and its fail safe has obtained guarantee.In addition; for the protection of the information stores on package terminals key; KMC is that each registration terminal in the system has generated a pair of public and private key based on identity; but this private key is only kept properly by KMC; terminal is invisible; the phenomenon that the storage protection key is exposed of losing can not occur, guarantee the safety of confidential information because of terminal equipment.
Step 4: user's registration
The user before the confidential information, need carry out user's registration on access terminal, its concrete steps are as follows:
Step 4.1: the user is to the identity information of safety management system submission oneself, request registration access terminal equipment;
Step 4.2: safety management system audit subscriber identity information, if audit is passed through, just subscriber identity information is added in the access terminal user list, this table is submitted to KMC, the access terminal user list is kept at data and preserves in the module.If audit is not passed through, return application;
Step 4.3: safety management system requires the user that the storage protection password is set, and this password is kept at KMC;
Step 4.4: KMC utilizes client public key, terminal storage private key in the tabulation according to the access terminal user list, generates the packaging information of storage protection key;
Step 4.5: KMC returns to safety management system with packaging information in proper order according to the access terminal user list, is kept at data and preserves module.
Step 5: user's login
User's login, the confidential information on the application access terminal, its concrete steps are as follows:
Step 5.1: the user inserts the USB-KEY that has private key for user in terminal, and the input subscriber identity information, submits the identity information of oneself to KMC;
Step 5.2: KMC carries out the authentication first time, calculates its corresponding private key according to user's identity information, the private key information among the comparison user USB-KEY;
Step 5.3: after checking was passed through, whether KMC's searching user's information information in the access terminal user list; If by the checking enter next step, if not by the checking return step 4 and register;
Step 5.4: according to the user profile in the access terminal user list, safety management system carries out the authentication second time, the storage protection password that is provided with when requiring the user to input the user to register.If password bad proves that subscriber identity information divulges a secret, this terminal of system lock is notified the responsible person concerned, investigates;
Step 5.5: after checking is passed through for the second time, storage protection password and private key for user that KMC utilizes the user to set, the packaging information of generation access terminal device private;
Step 5.6: access terminal is stored the packaging information of private key to safety management system and the packaging information of storage protection key sends to the terminal proxy module;
Step 5.7: the terminal proxy module calculates the terminal storage private key according to private key for user, utilizes this private key to calculate the storage protection key then, possesses the authority of addressing machine confidential information.
Step 6: user key upgrades
If user key is divulged a secret, must carry out the renewal of user key, concrete steps are as follows:
Step 6.1: the user submits new subscriber identity information to KMC;
Step 6.2: after receiving application, KMC utilizes the new user profile of user, generates new private key for user, sends to the user;
Step 6.3: the terminal proxy module is stored in new private key for user among the USB-KEY, and with old private key for user deletion;
Step 6.4: the user submits to safety management system and submits new, old identity information to;
Step 6.5: safety management system upgrades the access terminal user list according to subscriber identity information;
Step 6.6: execution in step 4.3, step 4.4;
Step 6.7: KMC is the packaging information of new data preservation module more.
Effect of the present invention and benefit are to resist the attack of limit security incident, even private key for user is replicated, because the storage protection password that the duplicator set when can not get the user and registering can't pass through identity authorization system, the packaging information that also can't decipher the storage protection key; Even and the assailant steals confidential information storage protection key,, can't pass through identity authorization system, the confidential information that obtains encrypting equally owing to can not get the terminal storage private key.
Key management method provided by the invention is isolated the public and private key of private key for user, registration terminal, is stored in respectively among user's the USB-KEY and key management system, has reduced the degree of association of the key and the key that the user is held of storage protection.Effective like this having avoided needs to upgrade the problem of whole system storage protection key because terminal key is revealed, in case a certain user key is lost or leaked, only needs to upgrade this user key information, effectively reduces cipher key system and safeguards complexity and workload.
Description of drawings
Accompanying drawing 1 is based on the storage security key management method schematic diagram of authenticating user identification
Embodiment
Be described in detail specific embodiments of the invention below in conjunction with technical scheme and accompanying drawing.
The concrete steps of embodiment are as follows:
Step 1: according to the system safety strategy, initialization terminal data security rank is divided into high safe level and low level security with the data security rank.
Step 2: choose user's login ID as user authentication information ID u
Step 3: key generates control
(1) KMC selects the master key of a random number s as oneself at random;
(2) user at first submits the identity information ID of oneself to KMC u, after authentication, the HASH of KMC function calculation, Q ID u = H ( ID u ) , Will S ID u = s Q ID u Leave in and return to the user among the USB-KEY as private key;
(3) safety management system is submitted the identity information ID of terminal to KMC tAfter authentication, the HASH of KMC function calculation Q ID t = H ( ID t ) , And properly preserve S ID t = s Q ID t ;
(4) random number k is selected by KMC, as terminal information storage protection key.
Step 4: user registration course
(1) user submits the identity information ID of oneself to safety management system uWith request registration access terminal ID t
(2) safety management system is through after authenticating, if allow ID uAccess terminal ID t, then with ID uAdd and allow access terminal ID tUser identity tabulation in (result who establishes after the renewal is { ID 1, ID 2...., ID n), then with the terminal identity Information ID tAnd allow access terminal to deposit ID tUser list { ID 1, ID 2...., ID nSubmit to KMC;
(3) safety management system requires the user that storage protection password p is set;
(4) KMC takes out Termination ID through after authenticating tPrivate key
Figure A20091001157900105
The list of identities of submitting to according to safety management system then, order computation ID t(i=1.....n) pairing K i = H ( e ( S ID t , H ( ID i ) ) ) ( i = 1 . . . . n ) , On this basis, KMC takes out the Termination ID that prestores tStorage protection key k, evaluator f ( x ) = Π i = 1 n ( x - K i ) + k , Last order returns to safety management system with the coefficient of f (x);
(5) after safety management system is received the coefficient of f (x), it is kept at data preserves module.
Step 5: process of user login
(1) the user USB-KEY that will have a private key information is inserted on the terminal platform, then the identity information ID of input oneself u, the request login system;
(2) receive request after, KMC checking user ID uInformation is compared private key for user, determines the binding relationship of user and USB-KEY;
(3) after checking was passed through, whether KMC's searching user's information in the access terminal user list, if do not have, returned step 4 and registers;
The storage protection password that is provided with when (4) safety management system requires the user to input the user to register is given system verification then;
(5) after checking was passed through, KMC was calculated P = H ( p ( S ID u , H ( S ID t ) ) ) , The result is returned to the terminal proxy module;
(6) safety management system sends to the terminal proxy module with f (x) and P;
(7) the terminal proxy module is according to P, the computing terminal device private
Figure A20091001157900112
Utilize then And the coefficient calculations k=f (K) of f (x), thereby obtain the key of storage protection, possessed the ability of access sensitive data.
Step 6: key updating control
(1) user selects new ID Un, request KMC generates corresponding S ID un = s Q ID un ;
(2) user submits the new and old identity information ID of oneself to safety management system UnAnd ID Uo, ID is cancelled in request UoAnd interpolation ID UnAccess rights to terminal;
(3) safety management system upgrades the list of identities that allows access terminal, then with the terminal identity Information ID through after authenticating tAnd the user list { ID of new permission access terminal 1, ID 2...., ID nSubmit to KMC;
(4) (3) of execution in step 4, (4);
(5) after safety management system is received the coefficient of f (x), upgrade Termination ID tThe coefficient information of preserving.

Claims (1)

1. the storage security key management method based on authentication is characterized in that following steps: step 1: the initialization system parameter
Before authentication, according to deriving from user safety strategy and system context environmentAL safety condition, the level of security of main body of initialization system (visit process) and object (visit data), level of security can be set as required;
Step 2: according to the system parameters of above-mentioned setting, the terminal storage facility information that safety management system generates user profile and has uniqueness;
Step 3: key generates
The key that the present invention relates to comprises: system's master key, user key (client public key and private key for user), terminal storage key (terminal storage PKI and terminal storage private key), information stores protection key;
System's master key: KMC chooses random number arbitrarily as system's master key, is stored in the data memory module, and this key is not open to the user;
User key: according to client public key (user profile), KMC generates private key for user, and private key for user is sent to the user terminal proxy module, is stored among user's the USB-KEY;
The terminal storage key: according to the terminal storage facility information (terminal storage PKI) of safety management system authentication, KMC generates the terminal storage private key, is stored in the data memory module, and this key is not open to the user;
Information stores protection key: KMC chooses random number arbitrarily and protects key as information stores, is stored in the data memory module, and this key is not open to the user;
In the key generative process, user's private key is stored among the USB-KEY, and its fail safe has obtained guarantee; In addition, for the protection of the information stores on package terminals key, KMC is that each registration terminal in the system has generated a pair of public and private key based on identity, but this private key is only kept properly by KMC, terminal is invisible, the phenomenon that the storage protection key is exposed of losing can not occur, guarantee the safety of confidential information because of terminal equipment;
Step 4: user's registration
The user before the confidential information, need carry out user's registration on access terminal, its concrete steps are as follows:
Step 4.1: the user is to the identity information of safety management system submission oneself, request registration access terminal equipment;
Step 4.2: safety management system audit subscriber identity information, if audit is passed through, just subscriber identity information is added in the access terminal user list, this table is submitted to KMC, the access terminal user list is kept at data and preserves in the module; If audit is not passed through, return application;
Step 4.3: safety management system requires the user that the storage protection password is set, and this password is kept at KMC;
Step 4.4: KMC utilizes client public key, terminal storage private key in the tabulation according to the access terminal user list, generates the packaging information of storage protection key;
Step 4.5: KMC returns to safety management system with packaging information in proper order according to the access terminal user list, is kept at data and preserves module;
Step 5: user's login
User's login, the confidential information on the application access terminal, its concrete steps are as follows:
Step 5.1: the user inserts the USB-KEY that has private key for user in terminal, and the input subscriber identity information, submits the identity information of oneself to KMC;
Step 5.2: KMC carries out the authentication first time, calculates its corresponding private key according to user's identity information, the private key information among the comparison user USB-KEY;
Step 5.3: after checking was passed through, whether KMC's searching user's information information in the access terminal user list; If by the checking enter next step, if not by the checking return step 4 and register;
Step 5.4: according to the user profile in the access terminal user list, safety management system carries out the authentication second time, the storage protection password that is provided with when requiring the user to input the user to register; If password bad proves that subscriber identity information divulges a secret, this terminal of system lock is notified the responsible person concerned, investigates;
Step 5.5: after checking is passed through for the second time, storage protection password and private key for user that KMC utilizes the user to set, the packaging information of generation access terminal device private;
Step 5.6: access terminal is stored the packaging information of private key to safety management system and the packaging information of storage protection key sends to the terminal proxy module;
Step 5.7: the terminal proxy module calculates the terminal storage private key according to private key for user, utilizes this private key to calculate the storage protection key then, possesses the authority of addressing machine confidential information;
Step 6: user key upgrades
If user key is divulged a secret, must carry out the renewal of user key, concrete steps are as follows:
Step 6.1: the user submits new subscriber identity information to KMC;
Step 6.2: after receiving application, KMC utilizes the new user profile of user, generates new private key for user, sends to the user;
Step 6.3: the terminal proxy module is stored in new private key for user among the USB-KEY, and with old private key for user deletion;
Step 6.4: the user submits to safety management system and submits new, old identity information to;
Step 6.5: safety management system upgrades the access terminal user list according to subscriber identity information;
Step 6.6: execution in step 4.3, step 4.4;
Step 6.7: KMC is the packaging information of new data preservation module more.
CNA2009100115790A 2009-05-13 2009-05-13 Storage safe key management method based on ID authentication Pending CN101557289A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CNA2009100115790A CN101557289A (en) 2009-05-13 2009-05-13 Storage safe key management method based on ID authentication

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CNA2009100115790A CN101557289A (en) 2009-05-13 2009-05-13 Storage safe key management method based on ID authentication

Publications (1)

Publication Number Publication Date
CN101557289A true CN101557289A (en) 2009-10-14

Family

ID=41175243

Family Applications (1)

Application Number Title Priority Date Filing Date
CNA2009100115790A Pending CN101557289A (en) 2009-05-13 2009-05-13 Storage safe key management method based on ID authentication

Country Status (1)

Country Link
CN (1) CN101557289A (en)

Cited By (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102663633A (en) * 2012-03-16 2012-09-12 上海宝钢钢材贸易有限公司 Steel product transaction system
CN102868706A (en) * 2011-07-04 2013-01-09 中兴通讯股份有限公司 Method and system for realizing DSN content service access security
CN102930212A (en) * 2011-01-18 2013-02-13 苏州国芯科技有限公司 Data leakage prevention method for office system
CN103095455A (en) * 2013-01-10 2013-05-08 天地融科技股份有限公司 Storage method and storage system for private key of user
WO2013143144A1 (en) * 2012-03-31 2013-10-03 Nokia Corporation Method and apparatus for secured social networking
CN103580872A (en) * 2013-11-11 2014-02-12 北京华大智宝电子系统有限公司 System and method for generating and managing secret key
CN104660417A (en) * 2015-03-17 2015-05-27 联想(北京)有限公司 Verification method, verification device and electronic device
CN106055931A (en) * 2016-05-18 2016-10-26 北京芯盾时代科技有限公司 Software security component system of mobile terminal and secret key system used for system
CN106055966A (en) * 2016-05-16 2016-10-26 邵军利 Method and system for authentication
CN107426628A (en) * 2017-07-11 2017-12-01 国创科视科技股份有限公司 A kind of video data protection system and processing method
WO2018000867A1 (en) * 2016-07-01 2018-01-04 华为技术有限公司 Method and apparatus for configuring key and determining security policy
CN109361663A (en) * 2018-10-10 2019-02-19 中航信托股份有限公司 A kind of correlation technique, system and relevant apparatus accessing encryption data
CN109560929A (en) * 2016-07-01 2019-04-02 华为技术有限公司 Cipher key configuration and security strategy determine method, apparatus
CN109687959A (en) * 2018-12-29 2019-04-26 上海唯链信息科技有限公司 Key security management system and method, medium and computer program
US10362001B2 (en) 2012-10-17 2019-07-23 Nokia Technologies Oy Method and apparatus for providing secure communications based on trust evaluations in a distributed manner
CN111010275A (en) * 2019-12-31 2020-04-14 嘉兴太美医疗科技有限公司 Key management method, method for generating key and key management system

Cited By (29)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102930212B (en) * 2011-01-18 2016-03-02 苏州国芯科技有限公司 For the anti-leakage of data method of office system
CN102930212A (en) * 2011-01-18 2013-02-13 苏州国芯科技有限公司 Data leakage prevention method for office system
CN102868706A (en) * 2011-07-04 2013-01-09 中兴通讯股份有限公司 Method and system for realizing DSN content service access security
CN102868706B (en) * 2011-07-04 2017-07-14 中兴通讯股份有限公司 A kind of method and system for realizing DSN content service access safeties
CN102663633A (en) * 2012-03-16 2012-09-12 上海宝钢钢材贸易有限公司 Steel product transaction system
CN104221321A (en) * 2012-03-31 2014-12-17 诺基亚公司 Method and apparatus for secured social networking
WO2013143144A1 (en) * 2012-03-31 2013-10-03 Nokia Corporation Method and apparatus for secured social networking
US10045208B2 (en) 2012-03-31 2018-08-07 Nokia Technologies Oy Method and apparatus for secured social networking
US10362001B2 (en) 2012-10-17 2019-07-23 Nokia Technologies Oy Method and apparatus for providing secure communications based on trust evaluations in a distributed manner
CN103095455B (en) * 2013-01-10 2015-11-18 天地融科技股份有限公司 The storage means of private key for user and the storage system of private key for user
CN103095455A (en) * 2013-01-10 2013-05-08 天地融科技股份有限公司 Storage method and storage system for private key of user
CN103580872A (en) * 2013-11-11 2014-02-12 北京华大智宝电子系统有限公司 System and method for generating and managing secret key
CN103580872B (en) * 2013-11-11 2016-12-07 北京华大智宝电子系统有限公司 A kind of system and method generating for key and managing
CN104660417B (en) * 2015-03-17 2018-02-27 联想(北京)有限公司 Verification method, checking device and electronic equipment
CN104660417A (en) * 2015-03-17 2015-05-27 联想(北京)有限公司 Verification method, verification device and electronic device
CN106055966B (en) * 2016-05-16 2019-04-26 邵军利 A kind of authentication method and system
CN106055966A (en) * 2016-05-16 2016-10-26 邵军利 Method and system for authentication
CN106055931A (en) * 2016-05-18 2016-10-26 北京芯盾时代科技有限公司 Software security component system of mobile terminal and secret key system used for system
CN109560929A (en) * 2016-07-01 2019-04-02 华为技术有限公司 Cipher key configuration and security strategy determine method, apparatus
WO2018000867A1 (en) * 2016-07-01 2018-01-04 华为技术有限公司 Method and apparatus for configuring key and determining security policy
CN109560929B (en) * 2016-07-01 2020-06-16 华为技术有限公司 Secret key configuration and security policy determination method and device
US11057775B2 (en) 2016-07-01 2021-07-06 Huawei Technologies Co., Ltd. Key configuration method, security policy determining method, and apparatus
US11689934B2 (en) 2016-07-01 2023-06-27 Huawei Technologies Co., Ltd. Key configuration method, security policy determining method, and apparatus
CN107426628A (en) * 2017-07-11 2017-12-01 国创科视科技股份有限公司 A kind of video data protection system and processing method
CN109361663A (en) * 2018-10-10 2019-02-19 中航信托股份有限公司 A kind of correlation technique, system and relevant apparatus accessing encryption data
CN109361663B (en) * 2018-10-10 2021-05-28 中航信托股份有限公司 Method, system and device for accessing encrypted data
CN109687959A (en) * 2018-12-29 2019-04-26 上海唯链信息科技有限公司 Key security management system and method, medium and computer program
CN109687959B (en) * 2018-12-29 2021-11-12 上海唯链信息科技有限公司 Key security management system, key security management method, key security management medium, and computer program
CN111010275A (en) * 2019-12-31 2020-04-14 嘉兴太美医疗科技有限公司 Key management method, method for generating key and key management system

Similar Documents

Publication Publication Date Title
CN101557289A (en) Storage safe key management method based on ID authentication
US10673626B2 (en) Threshold secret share authentication proof and secure blockchain voting with hardware security modules
CN1708942B (en) Secure implementation and utilization of device-specific security data
TWI233739B (en) Systems, methods and computer readable recording medium for remote password authentication using multiple servers
CN110300973A (en) The foundation of alliance's block chain network
US8806200B2 (en) Method and system for securing electronic data
WO2017202756A1 (en) Cryptologic rewritable blockchain
CN109728903B (en) Block chain weak center password authorization method using attribute password
US11924332B2 (en) Cryptographic systems and methods using distributed ledgers
CN101359991A (en) Public key cipher system private key escrowing system based on identification
CN101827101A (en) Information asset protection method based on credible isolated operating environment
CN103310161A (en) Protection method and system for database system
US20130097427A1 (en) Soft-Token Authentication System
Nirmala et al. Data confidentiality and integrity verification using user authenticator scheme in cloud
CN104219232B (en) Method for controlling file security of block distributed file system
Hussein et al. A survey of cryptography cloud storage techniques
Kulkarni et al. Security frameworks for mobile cloud computing: A survey
MacKenzie et al. Delegation of cryptographic servers for capture-resilient devices
CN106487792A (en) A kind of power marketing cloud storage encryption method and system
Zhao et al. Security analysis of SM2 key exchange protocol in TPM2. 0
Qian et al. Anonymous password‐based key exchange with low resources consumption and better user‐friendliness
CN111538973A (en) Personal authorization access control system based on state cryptographic algorithm
CN114124392B (en) Data controlled circulation method, system, device and medium supporting access control
Chase et al. Acsesor: A new framework for auditable custodial secret storage and recovery
WO2022223136A1 (en) Method and communication system for supporting key recovery for a user

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C12 Rejection of a patent application after its publication
RJ01 Rejection of invention patent application after publication

Open date: 20091014