CN104579690B - High in the clouds KEY systems and application method - Google Patents
High in the clouds KEY systems and application method Download PDFInfo
- Publication number
- CN104579690B CN104579690B CN201510035738.6A CN201510035738A CN104579690B CN 104579690 B CN104579690 B CN 104579690B CN 201510035738 A CN201510035738 A CN 201510035738A CN 104579690 B CN104579690 B CN 104579690B
- Authority
- CN
- China
- Prior art keywords
- key
- server
- client
- verification
- clouds
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 14
- 238000012795 verification Methods 0.000 claims abstract description 36
- 238000012546 transfer Methods 0.000 claims abstract description 8
- 230000003993 interaction Effects 0.000 claims abstract description 6
- 238000012360 testing method Methods 0.000 claims description 4
- 238000010200 validation analysis Methods 0.000 claims description 4
- 230000006872 improvement Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 230000008569 process Effects 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000006243 chemical reaction Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 238000007726 management method Methods 0.000 description 1
- 238000001629 sign test Methods 0.000 description 1
- 230000009897 systematic effect Effects 0.000 description 1
- 239000002699 waste material Substances 0.000 description 1
Landscapes
- Storage Device Security (AREA)
Abstract
Based on the secure encryption system of high in the clouds KEY, including client, the server being connect with client network, several KEY being connect with the server, client further includes fingerprint input device.Safe encryption method under this systems:First multiple registered KEY are connect with server;Client user inputs server log information and carries out normal data interaction with server;If you need to call KEY, solicited message need to be sent to server, transfer KEY data;If server is transferred corresponding KEY and is matched with client, can be returned to data for customer end in KEY at this time and used by checking solicited message;If not over verification, any KEY cannot be transferred, and prompts solicited message mistake.By the present invention in that with high in the clouds KEY, it can effectively solve the problem that user in operation needs the cumbersome flow of circumscribed USB KEY, can solve the problems, such as that KEY is carried.
Description
Technical field
The present invention relates to safe field of encryption, specifically a kind of high in the clouds KEY systems and application method.
Background technology
With information-based and internet high speed development, individual also gets over the security requirement of self information and online transaction
Come higher;Can be current effectively and rapidly to file encryption and online transaction on the original use habit of user is not changed
The emphasis of internet information security fields.
At present as user will realize file encryption and online transaction, need to could be carried out after client circumscribed USB KEY corresponding
Operation, and reach the result that user wants.In USBKEY operating process is used, cumbersome operation brings inconvenience, and nothing
Method solves the problems, such as that USBKEY loses and leaves behind, and excessive USBKEY also results in waste.If USBKEY lose or
It leaves behind, will be unable to carry out the operations such as file encryption and online transaction, some emergency managements also will be unable to be handled, simultaneously
The loss of USBKEY also can cause security risk to the property of user.
Invention content
Need the cumbersome flow of circumscribed USB KEY and solution USBKEY portable to solve user in operation
Problem, the purpose of the present invention is to provide a kind of high in the clouds KEY systems and application methods.
To solve the above problems, the present invention uses following technical scheme:A kind of high in the clouds KEY systems, which is characterized in that including
Client, the server being connect with client network and several KEY being connect with the server, each KEY is interior to be wrapped
It includes for the digital signature of digital signature and signature key pair, for the encrypted certificate of file encryption and encryption key pair,
Personal document for the verification information verified to KEY identity and for storing personal attribute's file.
Further, several KEY are connect by USBHUB with server.
Further, the client further includes fingerprint input device.
A kind of application method of high in the clouds KEY systems, includes the following steps:
Multiple registered KEY are connect by the first step with server;
Second step, client user input server log information and carry out normal data interaction with server;
Third walks, and if you need to call KEY, need to send solicited message to server, transfer KEY data;If server is by testing
Solicited message is demonstrate,proved, then transfers corresponding KEY and is matched with client, data for customer end in KEY can be returned at this time and used;If no
By verification, then any KEY cannot be transferred, and prompt solicited message mistake.
Further, the verification of solicited message is included to verify comprising verification information in the solicited message of third step
The verification information of information and server reserves carries out contrast verification.
Further, the verification information includes finger print information and/or PIN code.
Further, in the third step, it if not over verification information, prompts to ask user's input validation letter again
Breath still cannot shield the client, set if user is inputted after n times verification information by verification, server
Client is not allowed to be transferred KEY data again in time.
The beneficial effects of the present invention are:It can effectively solve the problem that user needs in operation by using high in the clouds KEY
The cumbersome flow of circumscribed USB KEY can solve the problems, such as that KEY is carried;In file encryption and online transaction with using
The method of USBKEY is consistent, can be conveniently accomplished payment and user's property safety in this way;And it can effectively solve
The problems such as USBKEY loses and leaves behind.
Description of the drawings
Fig. 1 is the systematic schematic diagram of the present invention;
Fig. 2 is the KEY of the present invention and server catenation principle figure;
Fig. 3 is flow chart of the method for the present invention.
Specific embodiment
Below in conjunction with the accompanying drawings and the present invention is described in detail in specific embodiment.
High in the clouds KEY systems as shown in Figure 1, it includes client, the server being connect with client network, with the clothes
Be engaged in several KEY that device connects.Preferably, as shown in Fig. 2, several KEY are connect by USBHUB with server, in Fig. 2
The conversion chip of GL850/GL850A chips, that is, USBHUB, safety chip are KEY, and each KEY carries USB interface, they
It is connect respectively with each USB interface of USBHUB.Certainly, the connection mode of KEY and server is not limited to shown in Fig. 2,
All safety chips can be grouped, every group of all safety chips can be integrated into a chip, then pass through a USB
Interface is connect with USBHUB.Include in each KEY for the digital signature of digital signature and signature key pair, be used for
The encrypted certificate of file encryption and an encryption key pair, for the verification information verified to KEY identity and for storing
The personal document of humanized file.Digital certificate is authoritative electronic document, by the just third-party institution of authority, i.e. CA centers
The certificate signed and issued, digital signature and encrypted certificate belong to digital certificate scope, and digital signature mainly apply with
Digital signature, encrypted certificate are mainly used in file encryption.Signature key can be divided into signature private key and sign test to being generated by terminal
Name public key, signature private key are used for digital signature, test public signature key for verifying digital signature.Encryption key pair:By key management
Center (KMC) or server generate, and can be divided into encrypted public key and decrypted private key, make encryption and decryption functions respectively;Verification information is main
To KEY authentications, such as:It verifies whether to meet the information such as KPI specifications.Personal property file is mainly stored in personal document.
Further, the client further includes fingerprint input device, in this way, when client obtains high in the clouds KEY information,
, by verification, safety is improved by verifying user fingerprints.
A kind of application method of high in the clouds KEY systems, as shown in figure 3, its substantially flow is:Client inputs log-on message,
Login service device carries out data interaction with server, if desired calls KEY, then validation information, verification information is correct, then
Client accesses KEY.Specifically include following steps:
According to the application of user, KEY is registered for the first step, one KEY of a user, by multiple registered KEY with
Server connects;
Second step, client normally access the process of server end:User inputs the log-on message of server, log-on message
Server is entered correctly into, client and server end is normally carried out data interaction at this time, and client can transfer server end number
According to;If log-on message is incorrect, error code is returned, prompts log-on message mistake.
Third walks, if user needs to call KEY, need to send solicited message to server, transfer KEY data, request letter
Comprising verification information in breath, the verification of solicited message is included comparing the verification information of verification information and server reserves
Verification.Further, the verification information includes finger print information and/or PIN code, and user needs typing fingerprint and input PIN
Code can call KEY data.
If server is transferred corresponding KEY and is matched with client, can be returned in KEY at this time by checking solicited message
Data for customer end uses;If not over verification, any KEY cannot be transferred, and prompts solicited message mistake, asks user again
Secondary validation information, if user's input (can voluntarily set number) three times, verification information cannot be serviced by verification
Device shields the client, client is not allowed to be transferred KEY data again in setting time, but the client is also
Normal data interaction can be carried out with server.
The above combination attached drawing is described above in detail the preferred embodiment of the present invention and embodiment, but the present invention is not
The above-described embodiment and examples are confined to, for those skilled in the art, are not departing from structure of the present invention
Under the premise of think of, several improvement and modification can also be made, these improvements and modifications also should be regarded as protection scope of the present invention.
Claims (5)
1. a kind of high in the clouds KEY systems, which is characterized in that including client, the server being connect with client network and with institute
Several KEY of server connection are stated, digital signature and signature key for digital signature are included in each KEY
It is right, for the encrypted certificate of file encryption and encryption key pair, for the verification information verified to KEY identity, Yi Jiyong
In the personal document of storage personal attribute's file;Signature key is signed to being generated by terminal, being divided into signature private key and testing public signature key
Name private key tests public signature key for verifying digital signature for digital signature;Encryption key is to by Key Management Center or service
Device generates, and is divided into encrypted public key and decrypted private key, makees encryption and decryption functions respectively.
2. KEY systems in high in the clouds according to claim 1, which is characterized in that several KEY pass through USBHUB and server
Connection.
3. KEY systems in high in the clouds according to claim 1, which is characterized in that the client further includes fingerprint input device.
4. a kind of application method of high in the clouds KEY systems, includes the following steps:
Multiple registered KEY are connect by the first step with server;
Second step, client user input server log information and carry out normal data interaction with server;
Third walks, and if you need to call KEY, need to send solicited message to server, transfer KEY data;If server please by verification
Information is sought, then transfers corresponding KEY and is matched with client, data for customer end in KEY can be returned at this time and used;If not over
Verification, then cannot transfer any KEY, and prompt solicited message mistake;
Comprising verification information in the solicited message of third step, the verification of solicited message is included verification information is pre- with server
The verification information stayed carries out contrast verification;The verification information includes finger print information and/or PIN code.
5. the application method of a kind of high in the clouds KEY systems according to claim 4, which is characterized in that in the third step, if not having
Have through verification information, then user's validation information again is asked in prompting, if user cannot still lead to after inputting n times verification information
Verification is crossed, then server shields the client, client is not allowed to be transferred KEY numbers again in setting time
According to.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510035738.6A CN104579690B (en) | 2015-01-23 | 2015-01-23 | High in the clouds KEY systems and application method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510035738.6A CN104579690B (en) | 2015-01-23 | 2015-01-23 | High in the clouds KEY systems and application method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN104579690A CN104579690A (en) | 2015-04-29 |
| CN104579690B true CN104579690B (en) | 2018-07-10 |
Family
ID=53094969
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510035738.6A Active CN104579690B (en) | 2015-01-23 | 2015-01-23 | High in the clouds KEY systems and application method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104579690B (en) |
Families Citing this family (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106936588B (en) * | 2017-04-13 | 2020-04-24 | 北京深思数盾科技股份有限公司 | Hosting method, device and system of hardware control lock |
| CN107169316A (en) * | 2017-04-13 | 2017-09-15 | 北京深思数盾科技股份有限公司 | A kind of method and system of trustship hardware controls lock |
| CN107229874B (en) * | 2017-05-27 | 2020-12-15 | 北京世纪龙脉科技有限公司 | Method, device and server for realizing VR-Key |
Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1921395A (en) * | 2006-09-19 | 2007-02-28 | 北京飞天诚信科技有限公司 | Method and system for improving security of network software |
| CN101221641A (en) * | 2007-12-20 | 2008-07-16 | 魏恺言 | On-line trading method and its safety affirmation equipment |
| CN101848090A (en) * | 2010-05-11 | 2010-09-29 | 武汉珞珈新世纪信息有限公司 | Authentication device and system and method using same for on-line identity authentication and transaction |
| CN102420692A (en) * | 2011-12-28 | 2012-04-18 | 广州杰赛科技股份有限公司 | Safety authentication method and system of universal serial bus (USB) key of client terminal based on cloud computation |
| CN102426715A (en) * | 2011-09-30 | 2012-04-25 | 华为技术有限公司 | Unlocking method for electronic door lock, electronic door lock and electronic door lock system |
| CN102710611A (en) * | 2012-05-11 | 2012-10-03 | 福建联迪商用设备有限公司 | Network security authentication method and system |
| CN103095650A (en) * | 2011-10-31 | 2013-05-08 | 广东电子工业研究院有限公司 | Cloud service identity authentication method suitable for thin client terminal |
| CN103618719A (en) * | 2013-11-29 | 2014-03-05 | 北京奇虎科技有限公司 | Cloud service identity authentication method and equipment |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20140337290A1 (en) * | 2013-05-08 | 2014-11-13 | Intermedia.Net, Inc. | Secure synchronization of files |
-
2015
- 2015-01-23 CN CN201510035738.6A patent/CN104579690B/en active Active
Patent Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1921395A (en) * | 2006-09-19 | 2007-02-28 | 北京飞天诚信科技有限公司 | Method and system for improving security of network software |
| CN101221641A (en) * | 2007-12-20 | 2008-07-16 | 魏恺言 | On-line trading method and its safety affirmation equipment |
| CN101848090A (en) * | 2010-05-11 | 2010-09-29 | 武汉珞珈新世纪信息有限公司 | Authentication device and system and method using same for on-line identity authentication and transaction |
| CN102426715A (en) * | 2011-09-30 | 2012-04-25 | 华为技术有限公司 | Unlocking method for electronic door lock, electronic door lock and electronic door lock system |
| CN103095650A (en) * | 2011-10-31 | 2013-05-08 | 广东电子工业研究院有限公司 | Cloud service identity authentication method suitable for thin client terminal |
| CN102420692A (en) * | 2011-12-28 | 2012-04-18 | 广州杰赛科技股份有限公司 | Safety authentication method and system of universal serial bus (USB) key of client terminal based on cloud computation |
| CN102710611A (en) * | 2012-05-11 | 2012-10-03 | 福建联迪商用设备有限公司 | Network security authentication method and system |
| CN103618719A (en) * | 2013-11-29 | 2014-03-05 | 北京奇虎科技有限公司 | Cloud service identity authentication method and equipment |
Also Published As
| Publication number | Publication date |
|---|---|
| CN104579690A (en) | 2015-04-29 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| KR102044747B1 (en) | Method for providing user authentication service based on blockchain | |
| US10341109B2 (en) | Controlling exposure of sensitive data and operation using process bound security tokens in cloud computing environment | |
| TWI667585B (en) | Method and device for safety authentication based on biological characteristics | |
| US10091194B2 (en) | Preventing unauthorized access to secured information systems using multi-device authentication techniques | |
| US20190190723A1 (en) | Authentication system and method, and user equipment, authentication server, and service server for performing same method | |
| US11669605B1 (en) | Dynamic enrollment using biometric tokenization | |
| CA2786271C (en) | Anytime validation for verification tokens | |
| US20170331816A1 (en) | Preventing Unauthorized Access to Secured Information Systems Using Multi-Device Authentication Techniques | |
| JP6468013B2 (en) | Authentication system, service providing apparatus, authentication apparatus, authentication method, and program | |
| US20180254904A1 (en) | Integrated authentication system for authentication using single-use random numbers | |
| CN106789059B (en) | A kind of long-range two-way access control system and method based on trust computing | |
| CN101221641B (en) | On-line trading method and its safety affirmation equipment | |
| CN108989346A (en) | The effective identity trustship agility of third party based on account concealment authenticates access module | |
| CA2884005A1 (en) | Method and system for verifying an access request | |
| CN103634328A (en) | Authentication method, device and system for network platform authentication server | |
| CN104579690B (en) | High in the clouds KEY systems and application method | |
| CN104038509A (en) | Fingerprint authentication cloud system | |
| TW201544983A (en) | Data communication method and system, client terminal and server | |
| CN102694776A (en) | Authentication system and method based on dependable computing | |
| CN109889342B (en) | Interface test authentication method and device, electronic equipment and storage medium | |
| CN103929310A (en) | Mobile phone client side password unified authentication method and system | |
| AU2015200701B2 (en) | Anytime validation for verification tokens | |
| CN103297398A (en) | Method and system for improving safety of intelligent information equipment | |
| TWI392310B (en) | Method for implementing and authenticating an one time password (otp) for integrated circuit cards | |
| KR20180089328A (en) | Method for authenticating using financing application and apparatus thereof |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| CP03 | Change of name, title or address |
Address after: 250101 room 2301, 6 tower, Shun Tai Plaza, 2000 Shun Hua Road, hi tech Zone, Ji'nan, Shandong. Patentee after: SHANDONG TONGZHI WEIYE SOFTWARE CO.,LTD. Address before: 250101 7, 2, Shun Tai Plaza, 2000 Shun Hua Road, Ji'nan high tech Zone, Shandong. Patentee before: JINAN TONGZHI WEIYE SOFTWARE Co.,Ltd. |
|
| CP03 | Change of name, title or address | ||
| CP01 | Change in the name or title of a patent holder |
Address after: 250101 room 2301, 6 tower, Shun Tai Plaza, 2000 Shun Hua Road, hi tech Zone, Ji'nan, Shandong. Patentee after: Tongzhi Weiye Software Co.,Ltd. Address before: 250101 room 2301, 6 tower, Shun Tai Plaza, 2000 Shun Hua Road, hi tech Zone, Ji'nan, Shandong. Patentee before: SHANDONG TONGZHI WEIYE SOFTWARE Co.,Ltd. |
|
| CP01 | Change in the name or title of a patent holder | ||
| PE01 | Entry into force of the registration of the contract for pledge of patent right |
Denomination of invention: Cloud KEY system and usage methods Granted publication date: 20180710 Pledgee: Jinan Free Trade Zone sub branch of Qilu Bank Co.,Ltd. Pledgor: Tongzhi Weiye Software Co.,Ltd. Registration number: Y2024980004011 |
|
| PE01 | Entry into force of the registration of the contract for pledge of patent right |