CN103905208A - Interactive method using asymmetric security mechanisms - Google Patents
Interactive method using asymmetric security mechanisms Download PDFInfo
- Publication number
- CN103905208A CN103905208A CN201410167947.1A CN201410167947A CN103905208A CN 103905208 A CN103905208 A CN 103905208A CN 201410167947 A CN201410167947 A CN 201410167947A CN 103905208 A CN103905208 A CN 103905208A
- Authority
- CN
- China
- Prior art keywords
- customer end
- party
- security mechanism
- data
- request
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
Abstract
The embodiment of the invention discloses an interactive method using asymmetric security mechanisms. Corresponding security mechanisms are applied to different action applications, flexible and multifunctional bidirectional interaction or transmission can be achieved, and the complexity of the security mechanisms is greatly lowered while the information of a user is protected. According the interactive method using the asymmetric security mechanisms, a client end A and a client end B are included; the client end A initiates interaction to the client end B through a high security verification mode; the client end B responds to the client A through a low security verification mode; the verification requirement of the low security verification is lower than the verification requirement of the high security verification.
Description
Technical field
The embodiment of the present invention relates to information security field, is specifically related to a kind of exchange method that utilizes asymmetric security mechanism.
Background technology
Existing secure communication mechanism is all two-way, and when communicating pair exchange of encryption information, as authenticated or encrypting after secret key, the communication channel of a safety is just established, and communicating pair can secure communication.As Internet Protocol Security (IPsec), Secure Sockets Layer (SSL), Transport Layer Secure Shell (SSH).
Conventional security communication mechanism is set up escape way, requires communicating pair will reach safety identification authentication, could set up like this trusted mechanism.But this is all very high to the requirement of communicating pair, such as, before secure communication is set up, just need to confirm both sides' identity, as adopted PKI encryption mechanism to need to exchange public/private keys.But, universal and the web2.0 of social networks, the rise of mobile2.0 platform, the instantaneity of communication and convenience, for loaded down with trivial details security authentication mechanism, challenge is proposed, because traditional bi-directional symmetrical security mechanism has hindered instantaneity and the convenience of communication to a great extent.Therefore a lot of social network sites; as Facebook, twitter etc., there is no any safety encipher mechanism; just the authentication to user login and the authority of login/password are encrypted protection, and other all communication datas are all without any encrypting.
But do not have the network service of encipherment protection to cause potential very big harm for individual privacy and sensitive data; in order to reach a balance between the convenience in communication and data security; just need a kind of system of supporting asymmetric one-way safety mechanism, to realize flexibly the mutual or transmission of multi-function double-way.
Summary of the invention
The embodiment of the present invention provides a kind of exchange method that utilizes asymmetric security mechanism; by adopting the mode of different behaviors being applied to corresponding security mechanism; can realize flexible multi-functional two-way interactive or transmission, in the data that can protect user, significantly reduce the complexity of security mechanism.
The exchange method of asymmetric security mechanism that what the embodiment of the present invention provided utilize, comprising: customer end A and customer end B;
Described customer end A is initiated mutual by high safety verification mode to described customer end B;
Described customer end B is responded described customer end A by lower security verification mode;
The checking of described lower security checking requires the checking requirement lower than described high safety verification.
Alternatively,
Described customer end A is initiated mutual by the security mechanism of the encryption (Identity Based Encryption, IBE) based on identity to described customer end B;
Described customer end B is responded described customer end A by clear-text way.
Alternatively,
Described transfer of data and the communication interaction of comprising alternately.
Alternatively,
Described method also comprises: belief system, for preservation data and processing external request;
Described customer end B is storage end, for to described belief system data on file;
Described customer end A is access end, for accessing or obtain data to described belief system;
Described belief system receives external request and judges request type, determines that described external request is data on file request, and described belief system is enabled lower security checking, and in the time being verified, receives the data of described storage end;
Described belief system receives external request and judges request type, determines described external request for access or obtains data request, and described belief system is enabled high safety verification, and in the time being verified, responds the request of described access end.
Alternatively,
Described method also comprises:
Described belief system records the access track of described access end;
Described access track comprises the storage of described access end or obtains data behavior.
Alternatively,
Described lower security checking comprises: without safety verification.
Alternatively,
Described lower security checking comprises:
Detect in the data that described access end need to store and whether contain virus.
Alternatively,
Described high safety verification comprises:
The identity of authentication-access end and authority;
Described authority is described access end storage or the authority of obtaining data.
Alternatively,
Described high safety verification comprises:
The security mechanism of the encryption (Identity Based Encryption, IBE) based on identity.
Alternatively,
Described storage end is server;
Described access end is the client being connected with described server.
Alternatively,
Described method also comprises: third party's mediator deputy;
The contact method that described third party's mediator deputy comprises client;
Described customer end A is asked to described third party's mediator deputy starting client B alternately by high safety verification mode;
Mutual described customer end B request is sent to described customer end B by described third party's mediator deputy;
Described customer end B sends customer end A by lower security verification mode to described third party's mediator deputy and responds;
Described third party's mediator deputy is responded described customer end A to send to described customer end A.
Alternatively,
Described method also comprises: client C;
Described client C is in the time obtaining described customer end A mandate, and the described customer end B that receives described third party's mediator deputy transmission is asked alternately, or provides service by described third party's mediator deputy to described customer end A;
Or
Described client C, in the time of described customer end B mandate, receives the described customer end A response that described third party's mediator deputy sends, or provides service by described third party's mediator deputy to described customer end B.
Alternatively,
Described client C is the third party service provider independently.
In the embodiment of the present invention, utilize the exchange method of asymmetric security mechanism, comprising: customer end A and customer end B; Described customer end A is initiated mutual by high safety verification mode to described customer end B; Described customer end B is responded described customer end A by lower security verification mode; The checking of described lower security checking requires the checking requirement lower than described high safety verification.Because the present invention adopts the mode of different behaviors being applied to corresponding security mechanism; for example storage behavior application lower security is verified and the behavior of obtaining is applied the mode of high safety verification; because can realize flexible multi-functional two-way interactive or transmission, and can in protection user's data, significantly reduce the complexity of security mechanism.
Brief description of the drawings
Fig. 1 is exchange method the first embodiment flow chart that the present invention utilizes asymmetric security mechanism;
Fig. 2 is the mutual schematic diagram of exchange method the first embodiment that the present invention utilizes asymmetric security mechanism;
Fig. 3 is exchange method the second embodiment flow chart that the present invention utilizes asymmetric security mechanism;
Fig. 4 is the mutual schematic diagram of exchange method the second embodiment that the present invention utilizes asymmetric security mechanism;
Fig. 5 is exchange method the 3rd embodiment flow chart that the present invention utilizes asymmetric security mechanism;
Fig. 6 is the mutual schematic diagram of exchange method the 3rd embodiment that the present invention utilizes asymmetric security mechanism.
Embodiment
The embodiment of the present invention provides a kind of exchange method that utilizes asymmetric security mechanism; by adopting the mode of different behaviors being applied to corresponding security mechanism; can realize flexible multi-functional two-way interactive or transmission, in the data that can protect user, significantly reduce the complexity of security mechanism.
IBE, also referred to as IBC, what IBC cryptographic technique was used is asymmetric cryptography system, and encrypt and decrypt uses the different key of two covers, and everyone PKI is exactly his identify label, such as E-Mail address, telephone number etc.Private key is grasped by user oneself with the form of data, and key management is quite simple, can carry out encryption and decryption to data message very easily.The basic technology of IBC comprises data encryption, digital signature, data integrity mechanism, digital envelope, user identification, and user authenticates etc.
Refer to Fig. 1 and Fig. 2, in the embodiment of the present invention, utilize the exchange method of asymmetric security mechanism, comprising: customer end A and customer end B;
101, customer end A is initiated mutual by high safety verification mode to customer end B;
Between customer end A and customer end B, carry out mutual, when customer end A is initiated when mutual to customer end B, can be by high safety verification mode, the above-mentioned communication behavior that is specifically as follows alternately.
102, customer end B is responded customer end A by lower security verification mode;
When customer end B receives from the mutual request of customer end A, can respond customer end A by lower security verification mode, above-mentioned lower security verification mode can comprise without safety verification mode.
The checking of lower security checking requires the checking requirement lower than high safety verification.
Concrete, customer end A can be initiated mutual by IBE security mechanism to customer end B, and customer end B is responded customer end A by clear-text way, customer end A and customer end B, by this kind of asymmetrical interactive mode, can realize data/communication security and easy-to-use balance.
It should be noted that, the checking of above-mentioned lower security checking requires the checking requirement lower than above-mentioned high safety verification, that is the complexity of lower security checking is lower than the complexity of high safety verification.
Because the present invention adopts the mode of different behaviors being applied to corresponding security mechanism; for example storage behavior application lower security is verified and the behavior of obtaining is applied the mode of high safety verification; because can realize flexible multi-functional two-way interactive or transmission, and can in protection user's data, significantly reduce the complexity of security mechanism.
Introduce the first embodiment that the present invention utilizes the exchange method of asymmetric security mechanism above, introduce the second embodiment that the present invention utilizes the exchange method of asymmetric security mechanism below, refer to Fig. 3 and Fig. 4, in the embodiment of the present invention, utilize the second embodiment of the exchange method of asymmetric security mechanism to comprise:
Belief system, for preservation data and processing external request;
Customer end B is storage end, for to belief system data on file;
Customer end A is access end, for accessing or obtain data to belief system;
201, belief system receives external request;
Belief system is being deposited various types of data, for example, can comprise data that visit information, user profile or user deposit etc., and access end can pass through network, and for example the Internet, Internet of Things or internal network are connected to storage end, and sends request to storage end.
Above-mentioned belief system can be server, and above-mentioned customer end A and customer end B can be the client being connected with server electrical connection or the Internet.
202, judge request type, and perform step 203 in the time that request is data on file request, in the time asking as access or obtain data request, perform step 204;
The request that belief system receives can be obtained data request for data on file request or access, because different requests can cause different impacts to belief system, therefore in the time that request is data on file request, can perform step 203, in the time asking as access or obtain data request, can perform step 204.
203, belief system is enabled lower security checking, and in the time being verified, receives the data of storage end;
After determining that request is for data on file request, belief system is enabled lower security checking, and in the time being verified, receives the data of storage end.Because data on file is to the process of storage end transmission data, cause the possibility of potential hazard less to storage end, therefore can enable lower security checking, and in the time being verified, receive the data of access end.
The checking of above-mentioned lower security can comprise: without safety verification, or whether contain virus in the data that need to store of test access end.The concrete security mechanism of lower security checking can be determined according to the actual requirements, storage behavior for example in the time that storage behavior does not exist potential hazard, can adopt without safety verification, in the data that can adopt test access end to store, whether contain virulent security mechanism in the time that may occur taking viruliferous situation.
204, belief system is enabled high safety verification, and in the time being verified, responds the request of access end;
Determine that request is for obtaining after data request, belief system is enabled high safety verification, and in the time being verified, responds the request of access end.Because the data of obtaining is to read or download the process of preservation data from storage end, cause the possibility of potential hazard larger to storage end, therefore can enable high safety verification, and in the time being verified, respond the request of access end.
Above-mentioned high safety verification specifically can comprise: the identity of authentication-access end and authority, wherein authority is access end storage or the authority of obtaining data.Because the authority of the identity of different access end may be inconsistent, for example the authority of access end A only limits to browser document, and the authority of access end B is browser document and download file, if authentication failed when therefore the request of access end A is download file.
Above-mentioned high safety verification also can comprise: IBE security mechanism.
It should be noted that, the method for the embodiment of the present invention can also comprise step 205, that is the not prerequisite step of the embodiment of the present invention of step 205, as follows:
205, the access track of storage end record access end.
Above-mentioned access track comprises the storage of access end or obtains data behavior.
It should be noted that, the checking of above-mentioned lower security checking requires the checking requirement lower than above-mentioned high safety verification, that is the complexity of lower security checking is lower than the complexity of high safety verification.
It should be noted that, step 205 is not limited to after step 204, but can, in the step 201 of the embodiment of the present invention to before or after the arbitrary step in step 204, be not construed as limiting herein.
The course of work of the each step of the embodiment of the present invention is described with an instantiation below:
Suppose that belief system is corporate server, for the total data of the company of storing, above-mentioned data comprise general data, emphasis data and confidential data; Storage end is the computer client being connected by Internet of Things or internal network with this server with access end, above-mentioned computer client comprises common employee's computer client, management level computer client and president's computer client, wherein common employee's computer client can be accessed general data, management level computer client can be accessed emphasis data and general data, and president's computer client can be accessed total data.When corporate server receives from the request of computer client, first determine the type of request, if the request of computer client is storage resource request, corporate server can not verified the request of computer client, directly the content of computer client stores is carried out after virus detects storing this content; If the request of computer client is access request, it is for example access emphasis request of data, corporate server can be verified the identity of client and authority, and hypothesis verification is management level computer client to this client, allows this client emphasis data that conduct interviews.By this security management mechanism, can reduce the burden of corporate server, can manage use to company data better simultaneously.
Because the present invention adopts the mode of different behaviors being applied to corresponding security mechanism; for example storage behavior application lower security is verified and the behavior of obtaining is applied the mode of high safety verification; because can realize flexible multi-functional two-way interactive or transmission, and can in protection user's data, significantly reduce the complexity of security mechanism.
Introduce the second embodiment that the present invention utilizes the exchange method of asymmetric security mechanism above, particularly storage end is enabled lower security checking and high safety verification and comes the process of authentication-access end request, introduce the 3rd embodiment that the present invention utilizes the exchange method of asymmetric security mechanism below, refer to Fig. 5 and Fig. 6, the present invention utilizes the 3rd embodiment of the exchange method of asymmetric security mechanism to comprise:
Third party's mediator deputy, the contact method that comprises client;
301, customer end A is asked to third party's mediator deputy starting client B alternately by high safety verification mode;
Customer end A need to be carried out alternately with customer end B, for example, while communicating, do not need to know particular location and the address of customer end B, can first ask alternately to third party's mediator deputy starting client B by high safety verification mode, undertaken alternately by third party's mediator deputy and customer end B.
Owing to adopting high safety verification mode between customer end A and third party's mediator deputy; that is customer end A can ask customer end B taking customer end B information as encryption key to send to third party's mediator deputy after encryption alternately again; can avoid like this information to be revealed by third party's mediator deputy, can protect planet well.
302, visitor and the mutual request of family end B are sent to customer end B by third party's mediator deputy;
After third party's mediator deputy is just received the mutual request of the customer end B of customer end A transmission, mutual customer end B request can be sent to customer end B.
303, customer end B sends customer end A response by lower security verification mode to third party's mediator deputy;
Customer end B is resolved after request customer end B alternately according to self information after receiving the mutual request of customer end B, and sends customer end A response by lower security verification mode to third party's mediator deputy.
304, third party's mediator deputy is responded customer end A to send to customer end A.
Third party's mediator deputy can be responded customer end A to send to customer end A after receiving above-mentioned customer end A response, completes the reciprocal process between customer end A and customer end B.
It should be noted that, above-mentioned method can also comprise client C, wherein
Client C is in the time obtaining customer end A mandate, and the customer end B that receives the transmission of third party's mediator deputy is asked alternately, or provides service by third party's mediator deputy to customer end A;
Or
Client C, in the time of customer end B mandate, receives the customer end A response that third party's mediator deputy sends, or provides service by third party's mediator deputy to customer end B.
Above-mentioned client C can be the third party service provider independently.
The course of work of the each step of the embodiment of the present invention is described with an instantiation below:
Suppose that customer end A and customer end B are communicating pair, the Content of Communication of the mailing address that the agent of third party intermediary comprises customer end A and customer end B and storage customer end A and customer end B, client C is the third party service provider independently.While communication between customer end A and customer end B, due to the existence of the agent of third party intermediary, customer end A and customer end B do not need to know particular location and the address of communicating pair, only need to know that both sides' code name or title can find the other side by the agent of third party intermediary.Now customer end A can first be encrypted request content, then the request content after encrypting is sent to the agent of third party intermediary, and be transmitted to customer end B by the agent of third party intermediary, customer end B obtain encrypt request content after according to the manner of decryption of mutual agreement, for example code name title is decrypted encrypting request content, in the time that customer end B is replied request content, can be by plaintext or the mode of encrypting reply content, be transmitted to customer end A by the agent of third party intermediary, complete communicating by letter between customer end A and customer end B.Client C is in the situation that obtaining customer end A or customer end B mandate, can obtain the reply content after request content or the encryption after encrypting, and by the manner of decryption of client C and customer end A and customer end B agreement, content is decrypted to use, for example can add up content, and provide association service according to statistics to customer end A or customer end B.
Because the present invention adopts the mode of different behaviors being applied to corresponding security mechanism; for example storage behavior application lower security is verified and the behavior of obtaining is applied the mode of high safety verification; because can realize flexible multi-functional two-way interactive or transmission, and can in protection user's data, significantly reduce the complexity of security mechanism.
In the several embodiment that provide in the application, should be understood that, disclosed apparatus and method can realize by another way.For example, device embodiment described above is only schematic, for example, the division of described unit, be only that a kind of logic function is divided, when actual realization, can have other dividing mode, for example multiple unit or assembly can in conjunction with or can be integrated into another system, or some features can ignore, or do not carry out.Another point, shown or discussed coupling each other or direct-coupling or communication connection can be by some interfaces, indirect coupling or the communication connection of device or unit can be electrically, machinery or other form.
The described unit as separating component explanation can or can not be also physically to separate, and the parts that show as unit can be or can not be also physical locations, can be positioned at a place, or also can be distributed in multiple network element.Can select according to the actual needs some or all of unit wherein to realize the object of the present embodiment scheme.
In addition, the each functional unit in each embodiment of the present invention can be integrated in a processing unit, can be also that the independent physics of unit exists, and also can be integrated in a unit two or more unit.Above-mentioned integrated unit both can adopt the form of hardware to realize, and also can adopt the form of SFU software functional unit to realize.
If described integrated unit is realized and during as production marketing independently or use, can be stored in a computer read/write memory medium using the form of SFU software functional unit.Based on such understanding, the all or part of of the part that technical scheme of the present invention contributes to prior art in essence in other words or this technical scheme can embody with the form of software product, this computer software product is stored in a storage medium, comprise that some instructions (can be personal computers in order to make a computer equipment, server, or the network equipment etc.) carry out all or part of step of method described in each embodiment of the present invention.And aforesaid storage medium comprises: USB flash disk, portable hard drive, read-only memory (ROM, Read-Only Memory), the various media that can be program code stored such as random access memory (RAM, Random Access Memory), magnetic disc or CD.
The above; be only the specific embodiment of the present invention, but protection scope of the present invention is not limited to this, any be familiar with those skilled in the art the present invention disclose technical scope in; can expect easily changing or replacing, within all should being encompassed in protection scope of the present invention.Therefore, protection scope of the present invention should described be as the criterion with the protection range of claim.
Claims (13)
1. an exchange method that utilizes asymmetric security mechanism, is characterized in that, comprising: customer end A and customer end B;
Described customer end A is initiated mutual by high safety verification mode to described customer end B;
Described customer end B is responded described customer end A by lower security verification mode;
The checking of described lower security checking requires the checking requirement lower than described high safety verification.
2. the exchange method that utilizes asymmetric security mechanism according to claim 1, is characterized in that,
Described customer end A is initiated mutual by the security mechanism of the encryption (Identity Based Encryption, IBE) based on identity to described customer end B;
Described customer end B is responded described customer end A by clear-text way.
3. the exchange method that utilizes asymmetric security mechanism according to claim 1 and 2, is characterized in that,
Described transfer of data and the communication interaction of comprising alternately.
4. the exchange method that utilizes asymmetric security mechanism according to claim 1, is characterized in that, described method also comprises: belief system, for preservation data and processing external request;
Described customer end B is storage end, for to described belief system data on file;
Described customer end A is access end, for accessing or obtain data to described belief system;
Described belief system receives external request and judges request type, determines that described external request is data on file request, and described belief system is enabled lower security checking, and in the time being verified, receives the data of described storage end;
Described belief system receives external request and judges request type, determines described external request for access or obtains data request, and described belief system is enabled high safety verification, and in the time being verified, responds the request of described access end.
5. the exchange method that utilizes asymmetric security mechanism according to claim 4, is characterized in that, described method also comprises:
Described belief system records the access track of described access end;
Described access track comprises the storage of described access end or obtains data behavior.
6. according to the exchange method that utilizes asymmetric security mechanism described in claim 4 or 5, it is characterized in that, described lower security checking comprises: without safety verification.
7. according to the exchange method that utilizes asymmetric security mechanism described in claim 4 or 5, it is characterized in that, described lower security checking comprises:
Detect in the data that described access end need to store and whether contain virus.
8. according to the exchange method that utilizes asymmetric security mechanism described in claim 4 or 5, it is characterized in that, described high safety verification comprises:
The identity of authentication-access end and authority;
Described authority is described access end storage or the authority of obtaining data.
9. according to the exchange method that utilizes asymmetric security mechanism described in claim 4 or 5, it is characterized in that, described high safety verification comprises:
The security mechanism of the encryption (Identity Based Encryption, IBE) based on identity.
10. according to the exchange method that utilizes asymmetric security mechanism described in claim 4 or 5, it is characterized in that,
Described storage end is server;
Described access end is the client being connected with described server.
11. exchange methods that utilize asymmetric security mechanism according to claim 1, is characterized in that, described method also comprises: third party's mediator deputy;
The contact method that described third party's mediator deputy comprises client;
Described customer end A is asked to described third party's mediator deputy starting client B alternately by high safety verification mode;
Mutual described customer end B request is sent to described customer end B by described third party's mediator deputy;
Described customer end B sends customer end A by lower security verification mode to described third party's mediator deputy and responds;
Described third party's mediator deputy is responded described customer end A to send to described customer end A.
12. exchange methods that utilize asymmetric security mechanism according to claim 11, is characterized in that, described method also comprises: client C;
Described client C is in the time obtaining described customer end A mandate, and the described customer end B that receives described third party's mediator deputy transmission is asked alternately, or provides service by described third party's mediator deputy to described customer end A;
Or
Described client C, in the time of described customer end B mandate, receives the described customer end A response that described third party's mediator deputy sends, or provides service by described third party's mediator deputy to described customer end B.
13. exchange methods that utilize asymmetric security mechanism according to claim 12, is characterized in that, described client C is the third party service provider independently.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410167947.1A CN103905208A (en) | 2014-04-24 | 2014-04-24 | Interactive method using asymmetric security mechanisms |
| PCT/CN2014/081364 WO2015161563A1 (en) | 2014-04-24 | 2014-07-01 | Interaction method using asymmetric security mechanisms |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410167947.1A CN103905208A (en) | 2014-04-24 | 2014-04-24 | Interactive method using asymmetric security mechanisms |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN103905208A true CN103905208A (en) | 2014-07-02 |
Family
ID=50996365
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410167947.1A Pending CN103905208A (en) | 2014-04-24 | 2014-04-24 | Interactive method using asymmetric security mechanisms |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN103905208A (en) |
| WO (1) | WO2015161563A1 (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111212066A (en) * | 2019-12-31 | 2020-05-29 | 浙江工业大学 | Dynamic allocation request verification method |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101505479A (en) * | 2009-03-16 | 2009-08-12 | 中兴通讯股份有限公司 | Safe context negotiation method and system in authentication process |
| CN103109510A (en) * | 2012-10-16 | 2013-05-15 | 华为技术有限公司 | Resource safety access method and device |
| CN103701611A (en) * | 2013-12-30 | 2014-04-02 | 天地融科技股份有限公司 | Method for accessing and uploading data in data storage system |
-
2014
- 2014-04-24 CN CN201410167947.1A patent/CN103905208A/en active Pending
- 2014-07-01 WO PCT/CN2014/081364 patent/WO2015161563A1/en active Application Filing
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101505479A (en) * | 2009-03-16 | 2009-08-12 | 中兴通讯股份有限公司 | Safe context negotiation method and system in authentication process |
| CN103109510A (en) * | 2012-10-16 | 2013-05-15 | 华为技术有限公司 | Resource safety access method and device |
| CN103701611A (en) * | 2013-12-30 | 2014-04-02 | 天地融科技股份有限公司 | Method for accessing and uploading data in data storage system |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111212066A (en) * | 2019-12-31 | 2020-05-29 | 浙江工业大学 | Dynamic allocation request verification method |
| CN111212066B (en) * | 2019-12-31 | 2022-04-01 | 浙江工业大学 | Dynamic allocation request verification method |
Also Published As
| Publication number | Publication date |
|---|---|
| WO2015161563A1 (en) | 2015-10-29 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| JP6941146B2 (en) | Data security service | |
| US11470054B2 (en) | Key rotation techniques | |
| US9852300B2 (en) | Secure audit logging | |
| RU2756048C2 (en) | Addressing trusted execution environment using encryption key | |
| US10122692B2 (en) | Handshake offload | |
| WO2017097041A1 (en) | Data transmission method and device | |
| US8462955B2 (en) | Key protectors based on online keys | |
| US10148438B2 (en) | Methods and apparatus for protecting sensitive data in distributed applications | |
| WO2015180691A1 (en) | Key agreement method and device for verification information | |
| US9419799B1 (en) | System and method to provide secure credential | |
| US10142111B2 (en) | Binding digitally signed requests to sessions | |
| JP6678457B2 (en) | Data security services | |
| US9686251B2 (en) | Devices and techniques for controlling disclosure of sensitive information | |
| CN106790037B (en) | User mode encrypted instant messaging method and system | |
| US9313185B1 (en) | Systems and methods for authenticating devices | |
| CN104333545B (en) | The method that cloud storage file data is encrypted | |
| CN102638459A (en) | Authentication information transmission system, authentication information transmission service platform and authentication information transmission method | |
| CN102457561B (en) | Data access method and equipment adopting same | |
| CN103780609A (en) | Cloud data processing method and device and cloud data security gateway | |
| US20180053018A1 (en) | Methods and systems for facilitating secured access to storage devices | |
| KR101541165B1 (en) | Mobile message encryption method, computer readable recording medium recording program performing the method and download server storing the method | |
| US20060053288A1 (en) | Interface method and device for the on-line exchange of content data in a secure manner | |
| EP3282670B1 (en) | Maintaining data security in a network device | |
| Sathyan et al. | Multi-layered collaborative approach to address enterprise mobile security challenges | |
| CN108701200B (en) | Improved memory system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20140702 |