CN102868688A - Certification system and method and electronic signature tool - Google Patents
Certification system and method and electronic signature tool Download PDFInfo
- Publication number
- CN102868688A CN102868688A CN2012103262401A CN201210326240A CN102868688A CN 102868688 A CN102868688 A CN 102868688A CN 2012103262401 A CN2012103262401 A CN 2012103262401A CN 201210326240 A CN201210326240 A CN 201210326240A CN 102868688 A CN102868688 A CN 102868688A
- Authority
- CN
- China
- Prior art keywords
- account
- server
- electronic tag
- authentication
- presented
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Abstract
The invention discloses a certification system which comprises a client end used for receiving information seleced by a user, a server prestored with a radio frequency identification and a first account number and used for generating a two-dimensional code according to the radio frequency identification, the first account number and the information selected by the user, and an electronic signature tool, wherein the electronic signature tool is prestored with a certification identification issued to the server by a third party certification mechanism, and is used for obtaining the two-dimensional code from the server through the client end, and certifying the server and the first account number according to the two-dimensional code and the prestored certification identification issued to the server by the third party certification mechanism. The certification system provided by the embodiment of the invention can be used for certifying the legality and the reliability of two transaction parties, thereby ensuring correctness of transaction. The invention also discloses an electronic signature tool and a certification method.
Description
Technical field
The present invention relates to field of information security technology, particularly a kind of Verification System, authentication method and electric signing tools.
Background technology
At present, along with popularizing of ecommerce and Web bank, increasing user selection is concluded the business with ecommerce, and the transaction of ecommerce must bring popularizing of Web bank, and the fail safe in order to guarantee to conclude the business, the user of Web bank uses electric signing tools more and more.For the user, Web bank uses electric signing tools to guarantee user's account property safety, but but can not guarantee the legitimacy of businessman, fishing website for example, however the user does not know that also it is true legal e-commerce website or fishing website, thereby, when the user concludes the business on the net, money may be forwarded in the account of incorrect fishing website, cause user's property loss.
Summary of the invention
The present invention is intended to one of solve the problems of the technologies described above at least.
For this reason, one object of the present invention is to propose a kind of can the checking both parties' legitimacy and reliability, thereby the Verification System of the correctness of guaranteeing to conclude the business, for example, when concluding the business on the net, can guarantee legitimacy and the reliability of trade company, for example take precautions against fishing website the user is caused any property loss.
Another object of the present invention is to propose a kind of electric signing tools.
A further object of the present invention is to propose a kind of authentication method.
To achieve these goals, the embodiment of first aspect present invention provides a kind of Verification System, comprising: client, for the information that receives user selection; Server, described server prestores electronic tag and the first account, Information generation two-dimension code according to described electronic tag, described the first account and described user selection, wherein, described electronic tag comprises authentication sign and the second account that is presented to described server by Third Party Authentication mechanism; Electric signing tools, prestore the authentication sign that is presented to described server by Third Party Authentication mechanism in the described electric signing tools, obtain described two-dimension code by described client from server, according to described two-dimension code and the authentication sign that is presented to described server by Third Party Authentication mechanism that prestores described server and described the first account are authenticated.
Verification System according to the embodiment of the invention, according to two-dimension code and the authentication sign that is presented to server by Third Party Authentication mechanism that prestores server and the first account are authenticated, adopt this mode both can guarantee the safety of individual subscriber account, can carry out to trade company the checking of legitimacy and reliability again, thereby improve the fail safe of transaction.Effectively take precautions against fishing website the user brought property loss, simultaneously, can also be conveniently to the supervision of trade company, and and network bank business based docking.This Verification System has guaranteed the safety of individual subscriber account, and has accuracy and ease for use.
In one embodiment of the invention, described electric signing tools comprises: memory module, store the authentication sign that the first PKI, the second PKI and Third Party Authentication mechanism are presented to described server; The first decoder module according to described the first PKI that obtains from described memory module, is decoded to described two-dimension code, obtains described electronic tag and described the first account; The second decoder module according to the second PKI that obtains from described memory module, is decoded to the described electronic tag that described the first decoder module obtains, and obtains authentication sign and second account of carrying in the electronic tag; Comparing module, the authentication of carrying in the electronic tag that described the second decoder module is obtained sign is compared with the authentication sign of the Third Party Authentication mechanism that obtains from described memory module, and it is trusted servers that comparison unanimously then authenticates described server; Second account of carrying in the electronic tag that the first account that described the first decoder module is obtained and described the second decoder module obtain is compared, and it is legal account that comparison unanimously then authenticates described the first account.
Thus, the realization of efficiently and accurately the first account and the second account compare and authenticate comparing of sign, guaranteed the safety of individual subscriber account, have timeliness and ease for use.
In one embodiment of the invention, described signature instrument also comprises: update module, upgrade the authentication sign that Third Party Authentication mechanism in the described memory module issues described server.
Thus, so that issuing the authentication sign of server, Third Party Authentication mechanism has timeliness.
In one embodiment of the invention, described authentication is designated digital signature or the digital finger-print that Third Party Authentication mechanism is presented to described server.
Thus, improved the diversity of authentication form of identification.
In one embodiment of the invention, the information of described user selection comprises: merchandise news, trade name and the commodity amount of money.In one embodiment of the invention, described electric signing tools is USBKey.
The embodiment of second aspect present invention has proposed a kind of electric signing tools, comprising: memory module, store the authentication sign that the first PKI, the second PKI and Third Party Authentication mechanism are presented to described server; The first decoder module according to described the first PKI that obtains from described memory module, is decoded to described two-dimension code, obtains described electronic tag and described the first account; The second decoder module according to the second PKI that obtains from described memory module, is decoded to the electronic tag that described the first decoder module obtains, and obtains authentication sign and second account of carrying in the electronic tag; Comparing module, the authentication of carrying in the electronic tag that described the second decoder module is obtained sign is compared with the authentication sign of the Third Party Authentication mechanism that obtains from described memory module, and it is trusted servers that comparison unanimously then authenticates described server; Second account of carrying in the electronic tag that the first account that described the first decoder module is obtained and described the second decoder module obtain compares, and it is legal account that comparison unanimously then authenticates described the first account.
Electric signing tools according to the embodiment of the invention, electric signing tools prestores the authentication sign that is presented to server by Third Party Authentication mechanism, obtain server according to the two-dimension code of the Information generation of electronic tag, the first account and user selection by client from server, according to two-dimension code and the authentication sign that is presented to server by Third Party Authentication mechanism that prestores server and the first account are authenticated.Both can guarantee the safety of individual subscriber account, can carry out to trade company the checking of legitimacy and reliability again, thereby improve the fail safe of transaction.Effectively take precautions against fishing website the user is brought property loss.
In one embodiment of the invention, described electric signing tools also comprises: update module, upgrade the authentication sign that Third Party Authentication mechanism in the described memory module is presented to described server.
Thus, so that issuing the authentication sign of server, Third Party Authentication mechanism has timeliness.
In one embodiment of the invention, described electronic tag comprises authentication sign and the second account that is presented to described server by Third Party Authentication mechanism; The information of described user selection comprises: merchandise news and the commodity amount of money, in order to carry out adaptive authentication for different commodity, improve the efficient of authentication.
The embodiment of third aspect present invention has proposed a kind of authentication method, comprise: server generates two-dimension code according to electronic tag and the first account that information and the described server of user selection prestores, wherein, described electronic tag comprises authentication sign and the second account that is presented to described server by Third Party Authentication mechanism; Electric signing tools obtains described two-dimension code from described server, and the authentication sign that is presented to described server by Third Party Authentication mechanism that prestores according to described two-dimension code and described electric signing tools authenticates described server and described the first account.
Authentication method according to the embodiment of the invention, according to two-dimension code and the authentication sign that is presented to server by Third Party Authentication mechanism that prestores server and the first account are authenticated, adopt this mode both can guarantee the safety of individual subscriber account, can carry out to trade company the checking of legitimacy and reliability again, thereby improve the fail safe of transaction.Effectively take precautions against fishing website the user brought property loss, simultaneously, can also be conveniently to the supervision of trade company, and and network bank business based docking.This authentication method has guaranteed the safety of individual subscriber account, and has accuracy and ease for use.
In one embodiment of the invention, the described authentication sign that is presented to described server by Third Party Authentication mechanism that prestores according to described two-dimension code and described electric signing tools authenticates described server and described the first account and comprises:
According to the first PKI that described electric signing tools prestores, described two-dimension code is decoded, obtain described electronic tag and described the first account; According to the second PKI that described electric signing tools prestores, described electronic tag is decoded, obtain authentication sign and second account of carrying in the electronic tag; The authentication sign that the authentication of carrying in the electronic tag that obtains is identified the Third Party Authentication mechanism that prestores with described electric signing tools is compared, and it is trusted servers that comparison unanimously then authenticates described server; Second account of carrying in the first account of obtaining and the electronic tag that obtains is compared, and it is legal account that comparison unanimously then authenticates described the first account.
Thus, the realization of efficiently and accurately the first account and the second account compare and authenticate comparing of sign, guaranteed the safety of individual subscriber account, have timeliness and ease for use.
In one embodiment of the invention, described method also comprises: upgrade the authentication sign that Third Party Authentication mechanism that described electric signing tools prestores is presented to described server.
Thus, so that issuing the authentication sign of server, Third Party Authentication mechanism has timeliness.
Total in one embodiment of the present of invention, described authentication is designated digital signature or the digital finger-print that Third Party Authentication mechanism is presented to described server.
Thus, improved the diversity of authentication form of identification.In one embodiment of the invention, the information of described user selection comprises: merchandise news and the commodity amount of money.
Additional aspect of the present invention and advantage in the following description part provide, and part will become obviously from the following description, or recognize by practice of the present invention.
Description of drawings
Above-mentioned and/or additional aspect of the present invention and advantage are from obviously and easily understanding becoming the description of embodiment in conjunction with following accompanying drawing, wherein:
Fig. 1 is the structure chart of Verification System according to an embodiment of the invention;
Fig. 2 is the structure chart of electric signing tools according to an embodiment of the invention;
Fig. 3 is the structure chart of electric signing tools according to another embodiment of the present invention; And
Fig. 4 is the flow chart of authentication method according to an embodiment of the invention.
Embodiment
The below describes embodiments of the invention in detail, and the example of described embodiment is shown in the drawings, and wherein identical or similar label represents identical or similar element or the element with identical or similar functions from start to finish.Being exemplary below by the embodiment that is described with reference to the drawings, only being used for explaining the present invention, is limitation of the present invention and can not understand.On the contrary, embodiments of the invention comprise spirit and interior all changes, modification and the equivalent of intension scope that falls into additional claims.
In description of the invention, need to prove that unless clear and definite regulation and restriction are arranged in addition, term " links to each other ", " connection " should do broad understanding, for example: can be to be fixedly connected with, also can make to removably connect, or connect integratedly; Can make mechanical connection, also can be to be electrically connected; Can make directly to link to each other, also can indirectly link to each other by intermediary.For the ordinary skill in the art, can concrete condition understand above-mentioned term concrete meaning in the present invention.In addition, in description of the invention, except as otherwise noted, the implication of " a plurality of " is two or more.
In description of the invention, it will be appreciated that term " first ", " second " only are used for describing purpose, and can not be interpreted as indication or hint relative importance.
Below with reference to Verification System and the electric signing tools of accompanying drawing description according to the embodiment of the invention.
Fig. 1 is the structure chart of Verification System according to an embodiment of the invention.
As shown in Figure 1, the Verification System according to the embodiment of the invention comprises: client 100, electric signing tools 300 and server 200.
Prestore the authentication sign that is presented to server 200 by Third Party Authentication mechanism in the electric signing tools 300, obtain two-dimension code by client from server, according to two-dimension code and the authentication sign that is presented to server 200 by Third Party Authentication mechanism that prestores server 200 and the first account are authenticated.In this example, electric signing tools is USB-Key.Authentication is designated digital signature or the digital finger-print that Third Party Authentication mechanism is presented to server.Two-dimension code is that the information of electronic tag, the first account and user selection generates.
Verification System according to the embodiment of the invention, according to two-dimension code and the authentication sign that is presented to server by Third Party Authentication mechanism that prestores server and the first account are authenticated, both can guarantee the safety of individual subscriber account, can carry out to trade company the checking of legitimacy and reliability again, thereby improve the fail safe of transaction.Effectively take precautions against fishing website the user brought property loss, simultaneously, can also be conveniently to the supervision of trade company, and and network bank business based docking.This Verification System has guaranteed the safety of individual subscriber account, and has accuracy and ease for use.
As shown in Figure 2, in one embodiment of the invention, electric signing tools comprises: memory module 301, the first decoder module 302, the second decoder module 303 and contrast module 304.
Particularly, memory module 301 is used for the authentication sign that storage the first PKI, the second PKI and Third Party Authentication mechanism are presented to server.In one embodiment of the invention, wherein, the first PKI is server public key; The second PKI is Third Party Authentication mechanism PKI; The authentication sign can be presented to for Third Party Authentication mechanism the combination of digital signature or digital finger-print or digital signature and two kinds of forms of digital finger-print of server, is not restricted to a kind of mode here.The first decoder module 302 is decoded to two-dimension code according to the first PKI that obtains from memory module 301, obtains electronic tag and the first account.The second decoder module 303 is decoded to the electronic tag that the first decoder module obtains according to the second PKI that obtains from memory module, obtains authentication sign and second account of carrying in the electronic tag.
The authentication sign of carrying in the electronic tag that comparing module 304 is obtained the second decoder module 303 is compared with the authentication sign of the Third Party Authentication mechanism of storage from memory module 301, comparison unanimously then certificate server be trusted servers; Second account of carrying in the electronic tag that the first account that the first decoder module 302 is obtained and the second decoder module 303 obtain is compared, and it is legal account that comparison unanimously then authenticates the first account.
As a concrete example, suppose that in the e-commerce website process of exchange individual subscriber PC is that client 100, e-business network site server are server 200.The authoritative institution of authorized by state is Third Party Authentication mechanism.Particularly, the e-business network site server is put on record in the authoritative institution of authorized by state, when network bank business based, the e-business network site server can send to the PC of two-dimension code by the user in user's the electric signing tools 300, such as USBKey etc., the PKI that includes the signature that authoritative institution issues among the USBKey, when two-dimension code is sent on the USBKey, USBKey utilizes PKI that digital signature or the fingerprint certificate that the authoritative institution in the two-dimension code that sends over issues is decrypted, the certificate that prestores among the certificate of the electronic signature of the authoritative institution after then will deciphering and the USBKey is verified, if correct, illustrate that then the e-business network site server is legal, authentic.
Further, after USBKey has verified the legitimacy of e-business network site server, accounts information in the electronic signature of the authoritative institution after will deciphering is again verified with the accounts information that is sent to USBKey, if checking is correct, illustrate that then account is legal account, thereby further guaranteed the safety of transaction, if verify incorrectly, then the user has been pointed out.
As shown in Figure 3, in one embodiment of the invention, electric signing tools comprises: update module 305, the Third Party Authentication mechanism in the updated stored module 301 is presented to the authentication sign of server.
By the Verification System that the present invention adopts, can verify both parties' legitimacy and reliability, thereby guarantee the correctness of concluding the business.For example, when concluding the business, both can improve the fail safe of individual subscriber account on the net, can guarantee again legitimacy and the reliability of trade company, and for example take precautions against fishing website the user is caused any property loss.Further, electric signing tools according to the embodiment of the invention, prestore the authentication sign that is presented to server by Third Party Authentication mechanism, obtain server according to the two-dimension code of the Information generation of electronic tag, the first account and user selection by client from server, according to two-dimension code and the authentication sign that is presented to server by Third Party Authentication mechanism that prestores server and the first account are authenticated.Both can guarantee the safety of individual subscriber account, can carry out to trade company the checking of legitimacy and reliability again, thereby improve the fail safe of transaction.Effectively take precautions against fishing website the user is brought property loss.
Fig. 4 is the flow chart of authentication method according to an embodiment of the invention.
A kind of authentication method, may further comprise the steps: server generates two-dimension code according to electronic tag and the first account that information and the server of user selection prestores, wherein, electronic tag comprises authentication sign and the second account that is presented to server by Third Party Authentication mechanism; Electric signing tools obtains two-dimension code from server, and the authentication sign that is presented to server by Third Party Authentication mechanism that prestores according to two-dimension code and electric signing tools authenticates server and the first account.
As shown in Figure 4, the authentication method according to the embodiment of the invention may further comprise the steps:
Step S401, server generates two-dimension code according to electronic tag and the first account that information and the server of user selection prestores, wherein, electronic tag comprises authentication sign and the second account that is presented to server by Third Party Authentication mechanism, in this example, the information of user selection includes but not limited to: merchandise news, trade name and the commodity amount of money.The out of Memory that certainly, also can comprise the commodity such as trade name.In this example, authentication is designated digital signature or the digital finger-print that Third Party Authentication mechanism is presented to server, and the first account is seller's account, the legal account that the second account is truly put on record for the seller.
Step S402, electric signing tools obtains two-dimension code from server, wherein obtain two-dimension code mode can but be not limited to: directly obtain or obtain from client, for example electric signing tools has communication device, can directly link to each other with server by network etc., thereby directly obtain two-dimension code from server, also can obtain two-dimension code on the server by client, client links to each other with server.
Step S403 authenticates server and the first account.Particularly, the authentication sign that is presented to server by Third Party Authentication mechanism that prestores according to two-dimension code and electric signing tools authenticates server and the first account.In this example, electric signing tools is USB-Key.Two-dimension code is that the information of electronic tag, the first account and user selection generates.
In one embodiment of the invention, the authentication sign that is presented to server by Third Party Authentication mechanism that prestores according to two-dimension code and electric signing tools is stated server and described the first account and is authenticated and comprise: the first PKI that prestores according to electric signing tools, two-dimension code is decoded, obtain electronic tag and the first account; According to the second PKI that electric signing tools prestores, electronic tag is decoded, obtain authentication sign and second account of carrying in the electronic tag; The authentication sign of the Third Party Authentication mechanism that the authentication sign of carrying in the electronic tag that obtains and electric signing tools are prestored is compared, comparison unanimously then certificate server be trusted servers; Second account of carrying in the first account of obtaining and the electronic tag that obtains is compared, and it is legal account that comparison unanimously then authenticates the first account.
As a concrete example, suppose that in the e-commerce website process of exchange e-business network site server is server.The authoritative institution of authorized by state is Third Party Authentication mechanism.Particularly, the e-business network site server is put on record in the authoritative institution of authorized by state, when network bank business based, the e-business network site server can send to two-dimension code in user's the electric signing tools 300, such as USBKey etc., the PKI that includes the signature that authoritative institution issues among the USBKey, when two-dimension code is sent on the USBKey, USBKey utilizes PKI that digital signature or the fingerprint certificate that the authoritative institution in the two-dimension code that sends over issues is decrypted, the certificate that prestores among the certificate of the electronic signature of the authoritative institution after then will deciphering and the USBKey is verified, if correct, illustrate that then the e-business network site server is legal, authentic.
Further, after USBKey has verified the legitimacy of e-business network site server, accounts information in the electronic signature of the authoritative institution after will deciphering is again verified with the accounts information that is sent to USBKey, if checking is correct, illustrate that then account is legal account, thereby further guaranteed the safety of transaction, if verify incorrectly, then the user has been pointed out.
As shown in Figure 4, authentication method also can comprise the steps:
Step S404, the Third Party Authentication mechanism that the renewal electric signing tools prestores are presented to the authentication sign of server.
Authentication method according to the embodiment of the invention, according to two-dimension code and the authentication sign that is presented to server by Third Party Authentication mechanism that prestores server and the first account are authenticated, both can guarantee the safety of individual subscriber account, can carry out to trade company the checking of legitimacy and reliability again, thereby improve the fail safe of transaction.Effectively take precautions against fishing website the user brought property loss, simultaneously, can also be conveniently to the supervision of trade company, and and network bank business based docking.This authentication method has guaranteed the safety of individual subscriber account, and has accuracy and ease for use.
Describe and to be understood in the flow chart or in this any process of otherwise describing or method, expression comprises module, fragment or the part of code of the executable instruction of the step that one or more is used to realize specific logical function or process, and the scope of preferred implementation of the present invention comprises other realization, wherein can be not according to order shown or that discuss, comprise according to related function by the mode of basic while or by opposite order, carry out function, this should be understood by the embodiments of the invention person of ordinary skill in the field.
Should be appreciated that each several part of the present invention can realize with hardware, software, firmware or their combination.In the above-described embodiment, a plurality of steps or method can realize with being stored in the memory and by software or firmware that suitable instruction execution system is carried out.For example, if realize with hardware, the same in another embodiment, can realize with the combination of each or they in the following technology well known in the art: have for the discrete logic of data-signal being realized the logic gates of logic function, application-specific integrated circuit (ASIC) with suitable combinational logic gate circuit, programmable gate array (PGA), field programmable gate array (FPGA) etc.
Those skilled in the art are appreciated that and realize that all or part of step that above-described embodiment method is carried is to come the relevant hardware of instruction to finish by program, described program can be stored in a kind of computer-readable recording medium, this program comprises step of embodiment of the method one or a combination set of when carrying out.
In addition, each functional unit in each embodiment of the present invention can be integrated in the processing module, also can be that the independent physics of unit exists, and also can be integrated in the module two or more unit.Above-mentioned integrated module both can adopt the form of hardware to realize, also can adopt the form of software function module to realize.If described integrated module realizes with the form of software function module and during as independently production marketing or use, also can be stored in the computer read/write memory medium.
The above-mentioned storage medium of mentioning can be read-only memory, disk or CD etc.
In the description of this specification, the description of reference term " embodiment ", " some embodiment ", " example ", " concrete example " or " some examples " etc. means to be contained at least one embodiment of the present invention or the example in conjunction with specific features, structure, material or the characteristics of this embodiment or example description.In this manual, the schematic statement of above-mentioned term not necessarily referred to identical embodiment or example.And the specific features of description, structure, material or characteristics can be with suitable mode combinations in any one or more embodiment or example.
Although the above has illustrated and has described embodiments of the invention, be understandable that, above-described embodiment is exemplary, can not be interpreted as limitation of the present invention, those of ordinary skill in the art can change above-described embodiment in the situation that does not break away from principle of the present invention and aim within the scope of the invention, modification, replacement and modification.Scope of the present invention extremely is equal to by claims and limits.
Claims (15)
1. a Verification System is characterized in that, comprising:
Client is for the information that receives user selection;
Server, described server prestores electronic tag and the first account, Information generation two-dimension code according to described electronic tag, described the first account and described user selection, wherein, described electronic tag comprises authentication sign and the second account that is presented to described server by Third Party Authentication mechanism;
Electric signing tools, prestore the authentication sign that is presented to described server by Third Party Authentication mechanism in the described electric signing tools, obtain described two-dimension code by described client from described server, according to described two-dimension code and the authentication sign that is presented to described server by Third Party Authentication mechanism that prestores described server and described the first account are authenticated.
2. system according to claim 1 is characterized in that, described electric signing tools comprises:
Memory module is stored the authentication sign that the first PKI, the second PKI and Third Party Authentication mechanism are presented to described server;
The first decoder module according to described the first PKI that obtains from described memory module, is decoded to described two-dimension code, obtains described electronic tag and described the first account;
The second decoder module according to the second PKI that obtains from described memory module, is decoded to the described electronic tag that described the first decoder module obtains, and obtains authentication sign and second account of carrying in the electronic tag;
Comparing module, the authentication of carrying in the electronic tag that described the second decoder module is obtained sign is compared with the authentication sign of the Third Party Authentication mechanism that obtains from described memory module, and it is trusted servers that comparison unanimously then authenticates described server; Second account of carrying in the electronic tag that the first account that described the first decoder module is obtained and described the second decoder module obtain is compared, and it is legal account that comparison unanimously then authenticates described the first account.
3. system according to claim 2 is characterized in that, described electric signing tools also comprises: update module, upgrade the authentication sign that Third Party Authentication mechanism in the described memory module is presented to described server.
4. each described system is characterized in that according to claim 1-3, and described authentication is designated digital signature or the digital finger-print that Third Party Authentication mechanism is presented to described server.
5. each described system is characterized in that according to claim 1-3, and the information of described user selection comprises: merchandise news and the commodity amount of money.
6. each described system is characterized in that according to claim 1-3, and described electric signing tools is USB Key.
7. electric signing tools, it is characterized in that, described electric signing tools prestores the authentication sign that is presented to server by Third Party Authentication mechanism, obtain described server according to the two-dimension code of the Information generation of electronic tag, the first account and user selection by client from described server, according to described two-dimension code and the authentication sign that is presented to described server by Third Party Authentication mechanism that prestores described server and described the first account are authenticated.
8. electric signing tools according to claim 7 is characterized in that, described electric signing tools comprises:
Memory module is stored the authentication sign that the first PKI, the second PKI and Third Party Authentication mechanism are presented to described server;
The first decoder module according to described the first PKI that obtains from described memory module, is decoded to described two-dimension code, obtains described electronic tag and described the first account;
The second decoder module according to the second PKI that obtains from described memory module, is decoded to the described electronic tag that described the first decoder module obtains, and obtains authentication sign and second account of carrying in the electronic tag;
Comparing module, the authentication of carrying in the electronic tag that described the second decoder module is obtained sign is compared with the authentication sign of the Third Party Authentication mechanism that obtains from described memory module, and it is trusted servers that comparison unanimously then authenticates described server; Second account of carrying in the electronic tag that the first account that described the first decoder module is obtained and described the second decoder module obtain is compared, and it is legal account that comparison unanimously then authenticates described the first account.
9. electric signing tools according to claim 8 is characterized in that, described electric signing tools also comprises: update module, upgrade the authentication sign that Third Party Authentication mechanism in the described memory module is presented to described server.
10. each described electric signing tools is characterized in that according to claim 7-9, and described electronic tag comprises authentication sign and the second account that is presented to described server by Third Party Authentication mechanism; The information of described user selection comprises: merchandise news and the commodity amount of money.
11. an authentication method is characterized in that, comprising:
Server generates two-dimension code according to electronic tag and the first account that information and the described server of user selection prestores, and wherein, described electronic tag comprises authentication sign and the second account that is presented to described server by Third Party Authentication mechanism;
Electric signing tools obtains described two-dimension code from described server, and the authentication sign that is presented to described server by Third Party Authentication mechanism that prestores according to described two-dimension code and described electric signing tools authenticates described server and described the first account.
12. method according to claim 11, it is characterized in that the described authentication sign that is presented to described server by Third Party Authentication mechanism that prestores according to described two-dimension code and described electric signing tools authenticates described server and described the first account and comprises:
According to the first PKI that described electric signing tools prestores, described two-dimension code is decoded, obtain described electronic tag and described the first account;
According to the second PKI that described electric signing tools prestores, described electronic tag is decoded, obtain authentication sign and second account of carrying in the electronic tag;
The authentication sign that the authentication of carrying in the electronic tag that obtains is identified the Third Party Authentication mechanism that prestores with described electric signing tools is compared, and it is trusted servers that comparison unanimously then authenticates described server; Second account of carrying in the first account of obtaining and the electronic tag that obtains is compared, and it is legal account that comparison unanimously then authenticates described the first account.
13. method according to claim 12 is characterized in that, described method also comprises:
Upgrade the authentication sign that Third Party Authentication mechanism that described electric signing tools prestores is presented to described server.
14. each described method is characterized in that according to claim 11-13, described authentication is designated digital signature or the digital finger-print that Third Party Authentication mechanism is presented to described server.
15. each described method is characterized in that according to claim 11-13, the information of described user selection comprises: merchandise news and the commodity amount of money.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210326240.1A CN102868688B (en) | 2012-09-05 | 2012-09-05 | Certification system and method and electronic signature tool |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210326240.1A CN102868688B (en) | 2012-09-05 | 2012-09-05 | Certification system and method and electronic signature tool |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102868688A true CN102868688A (en) | 2013-01-09 |
| CN102868688B CN102868688B (en) | 2015-05-06 |
Family
ID=47447279
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201210326240.1A Active CN102868688B (en) | 2012-09-05 | 2012-09-05 | Certification system and method and electronic signature tool |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102868688B (en) |
Cited By (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103747012A (en) * | 2013-08-01 | 2014-04-23 | 戴林巧 | Security verification method, device and system of network transaction |
| CN104301105A (en) * | 2014-06-24 | 2015-01-21 | 齐亚斌 | Digital certificate signing method based on mobile device with communication function, and equipment for realizing the same |
| CN104320253A (en) * | 2014-09-28 | 2015-01-28 | 东北大学 | Two-dimension code authentication system and method based on CBS signature mechanism |
| WO2015062232A1 (en) * | 2013-10-30 | 2015-05-07 | Tencent Technology (Shenzhen) Company Limited | Information transmission method, apparatus and system |
| CN104735028A (en) * | 2013-12-19 | 2015-06-24 | 中国移动通信集团辽宁有限公司 | Website authenticity identification method, system, device and mobile equipment |
| CN105809433A (en) * | 2014-12-29 | 2016-07-27 | 北京握奇智能科技有限公司 | Online banking transaction method |
| CN105809419A (en) * | 2014-12-29 | 2016-07-27 | 北京握奇智能科技有限公司 | Online banking transaction system |
| CN105844520A (en) * | 2015-01-13 | 2016-08-10 | 伍彬 | Electronic receipt generating and verifying method |
| CN106161037A (en) * | 2016-08-19 | 2016-11-23 | 北京小米移动软件有限公司 | Digital signature method and device |
| CN106599952A (en) * | 2016-12-16 | 2017-04-26 | 广东优替信息科技股份有限公司 | Method and device for acquiring article information based on electronic tag |
| CN109600228A (en) * | 2018-10-31 | 2019-04-09 | 如般量子科技有限公司 | The signature method and sealing system of anti-quantum calculation based on public keys pond |
| US10977650B2 (en) | 2013-10-30 | 2021-04-13 | Tencent Technology (Shenzhen) Company Limited | Information transmission method, apparatus and system |
| US11972428B2 (en) | 2013-10-30 | 2024-04-30 | Tencent Technology (Shenzhen) Company Limited | Information transmission method, apparatus and system |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2008148118A2 (en) * | 2007-05-25 | 2008-12-04 | Metafos Inc. | Anonymous online payment systems and methods |
| CN101471770A (en) * | 2007-12-24 | 2009-07-01 | 毛华 | Method for determining inquiry answer type bidirectional identification and business, and encipher device applying the method |
| US20090192944A1 (en) * | 2008-01-24 | 2009-07-30 | George Sidman | Symmetric verification of web sites and client devices |
| CN102170437A (en) * | 2011-04-19 | 2011-08-31 | 上海众人网络安全技术有限公司 | System and method for realizing Phishing identification based on challenge password token |
-
2012
- 2012-09-05 CN CN201210326240.1A patent/CN102868688B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2008148118A2 (en) * | 2007-05-25 | 2008-12-04 | Metafos Inc. | Anonymous online payment systems and methods |
| CN101471770A (en) * | 2007-12-24 | 2009-07-01 | 毛华 | Method for determining inquiry answer type bidirectional identification and business, and encipher device applying the method |
| US20090192944A1 (en) * | 2008-01-24 | 2009-07-30 | George Sidman | Symmetric verification of web sites and client devices |
| CN102170437A (en) * | 2011-04-19 | 2011-08-31 | 上海众人网络安全技术有限公司 | System and method for realizing Phishing identification based on challenge password token |
Non-Patent Citations (2)
| Title |
|---|
| 叶涛等: ""基于双向认证"网络钓鱼"攻击防范技术"", 《商场现代化》, 15 May 2008 (2008-05-15), pages 132 * |
| 马丁: ""如何防御网上诈骗盗窃"", 《网络安全技术与应用》, 15 November 2007 (2007-11-15), pages 68 - 69 * |
Cited By (17)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103747012A (en) * | 2013-08-01 | 2014-04-23 | 戴林巧 | Security verification method, device and system of network transaction |
| CN103747012B (en) * | 2013-08-01 | 2017-12-19 | 戴林巧 | Safe verification method, the apparatus and system of network trading |
| US10977650B2 (en) | 2013-10-30 | 2021-04-13 | Tencent Technology (Shenzhen) Company Limited | Information transmission method, apparatus and system |
| WO2015062232A1 (en) * | 2013-10-30 | 2015-05-07 | Tencent Technology (Shenzhen) Company Limited | Information transmission method, apparatus and system |
| US11972428B2 (en) | 2013-10-30 | 2024-04-30 | Tencent Technology (Shenzhen) Company Limited | Information transmission method, apparatus and system |
| CN104735028A (en) * | 2013-12-19 | 2015-06-24 | 中国移动通信集团辽宁有限公司 | Website authenticity identification method, system, device and mobile equipment |
| CN104301105A (en) * | 2014-06-24 | 2015-01-21 | 齐亚斌 | Digital certificate signing method based on mobile device with communication function, and equipment for realizing the same |
| CN104320253A (en) * | 2014-09-28 | 2015-01-28 | 东北大学 | Two-dimension code authentication system and method based on CBS signature mechanism |
| CN104320253B (en) * | 2014-09-28 | 2017-06-09 | 东北大学 | A kind of Quick Response Code Verification System and method based on CBS signature mechanisms |
| CN105809433A (en) * | 2014-12-29 | 2016-07-27 | 北京握奇智能科技有限公司 | Online banking transaction method |
| CN105809419A (en) * | 2014-12-29 | 2016-07-27 | 北京握奇智能科技有限公司 | Online banking transaction system |
| CN105844520A (en) * | 2015-01-13 | 2016-08-10 | 伍彬 | Electronic receipt generating and verifying method |
| CN106161037A (en) * | 2016-08-19 | 2016-11-23 | 北京小米移动软件有限公司 | Digital signature method and device |
| CN106161037B (en) * | 2016-08-19 | 2019-05-10 | 北京小米移动软件有限公司 | Digital signature method and device |
| CN106599952A (en) * | 2016-12-16 | 2017-04-26 | 广东优替信息科技股份有限公司 | Method and device for acquiring article information based on electronic tag |
| CN109600228A (en) * | 2018-10-31 | 2019-04-09 | 如般量子科技有限公司 | The signature method and sealing system of anti-quantum calculation based on public keys pond |
| CN109600228B (en) * | 2018-10-31 | 2021-07-27 | 如般量子科技有限公司 | Anti-quantum-computation signature method and system based on public key pool |
Also Published As
| Publication number | Publication date |
|---|---|
| CN102868688B (en) | 2015-05-06 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102868688B (en) | Certification system and method and electronic signature tool | |
| CN101527633B (en) | Method for intelligent key devices to obtain digital certificates | |
| CN106656488B (en) | Key downloading method and device for POS terminal | |
| CN103081399B (en) | Authenticating device and system | |
| US8132722B2 (en) | System and method for binding a smartcard and a smartcard reader | |
| AU2011205391B2 (en) | Anytime validation for verification tokens | |
| US8689290B2 (en) | System and method for securing a credential via user and server verification | |
| EP3425842B1 (en) | Communication system and communication method for certificate generation | |
| EP3017580B1 (en) | Signatures for near field communications | |
| CN103401844B (en) | The processing method of operation requests and system | |
| US20070118745A1 (en) | Multi-factor authentication using a smartcard | |
| CN103269271B (en) | A kind of back up the method and system of private key in electronic signature token | |
| CN106230784A (en) | A kind of device authentication method and device | |
| CN103136664A (en) | Trading system and trading method of smart card with electronic signature function | |
| CN108683674A (en) | Verification method, device, terminal and the computer readable storage medium of door lock communication | |
| CN105162607A (en) | Authentication method and system of payment bill voucher | |
| CN103516524A (en) | Security authentication method and system | |
| KR101253683B1 (en) | Digital Signing System and Method Using Chained Hash | |
| CN103198401A (en) | Smart card transaction method and smart card transaction system with electronic signature function | |
| CN109302286B (en) | Fido equipment key index generation method | |
| CN110798322A (en) | Operation request method, device, storage medium and processor | |
| CN103136667B (en) | There is the smart card of electronic signature functionality, smart card transaction system and method | |
| US20210067349A1 (en) | Method Of Enrolling A Device Into A PKI Domain For Certificate Management Using Factory Key Provisioning | |
| CN108418692B (en) | On-line writing method of authentication certificate | |
| KR20130100032A (en) | Method for distributting smartphone application by using code-signing scheme |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C53 | Correction of patent of invention or patent application | ||
| CB02 | Change of applicant information |
Address after: 100083, room 1810, block B, 38 clear road, Haidian District, Beijing Applicant after: Tendyron Technology Co., Ltd. Address before: 100083, room 1810, block B, golden building, No. 17, Qinghua East Road, Beijing, Haidian District Applicant before: Tendyron Technology Co., Ltd. |
|
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant |