CN105610772A - Communication method, communication apparatus, terminal and communication system - Google Patents

Communication method, communication apparatus, terminal and communication system Download PDF

Info

Publication number
CN105610772A
CN105610772A CN201510585513.8A CN201510585513A CN105610772A CN 105610772 A CN105610772 A CN 105610772A CN 201510585513 A CN201510585513 A CN 201510585513A CN 105610772 A CN105610772 A CN 105610772A
Authority
CN
China
Prior art keywords
side terminal
receiving side
user
enciphered data
data
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201510585513.8A
Other languages
Chinese (zh)
Inventor
梁文栋
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Yulong Computer Telecommunication Scientific Shenzhen Co Ltd
Original Assignee
Yulong Computer Telecommunication Scientific Shenzhen Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Yulong Computer Telecommunication Scientific Shenzhen Co Ltd filed Critical Yulong Computer Telecommunication Scientific Shenzhen Co Ltd
Priority to CN201510585513.8A priority Critical patent/CN105610772A/en
Publication of CN105610772A publication Critical patent/CN105610772A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0861Network architectures or network communication protocols for network security for authentication of entities using biometrical features, e.g. fingerprint, retina-scan
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N7/00Television systems
    • H04N7/14Systems for two-way working
    • H04N7/15Conference systems

Abstract

The invention provides a communication method, a communication apparatus, a terminal and a communication system. The communication method comprises the following steps of through a public key of a receiving party terminal, encrypting data to be encrypted to acquire first encrypted data; sending the first encrypted data to the receiving party terminal so that the receiving party terminal processes the first encrypted data to acquire second encrypted data; receiving the second encrypted data from the receiving party terminal; decrypting the second encrypted data and determining whether a user of the receiving party terminal is a user bound with the receiving party terminal according to a decryption result. Through the technical scheme of the invention, safety of video conference data transmission can be increased and simultaneously whether the user participating in the video conference is present can be accurately determined.

Description

Communication means, communicator, terminal and communication system
Technical field
The present invention relates to communication technical field, in particular to a kind of leading to for sending side terminalLetter method, a kind of communicator for sending side terminal, a kind of terminal, a kind of whole for recipientCommunication means, a kind of communicator for receiving side terminal, a kind of terminal and a kind of communication system of endSystem.
Background technology
At present, along with terminal is more and more intelligent, carry out video conference by terminal and become veryGenerally, but, in the time carrying out video conference transmission data, the particularly user of parameter video conference ratioIn more situation, be difficult to find to participate in the user of video conference and whether all show up, and if terminal loseLose and disabled user may pretend to be the user of this terminal to participate in video conference, will cause like this videoData in meeting are revealed, and reduce the security of the data of transmission. In addition, video conference transmissionData be the data of not encrypting, also can reduce the security of the data of transmission.
Therefore, how to improve the security of videoconference data transmission, can determine participation video simultaneouslyWhether the user of meeting shows up becomes technical problem urgently to be resolved hurrily.
Summary of the invention
The present invention, just based on the problems referred to above, has proposed a kind of new technical scheme, can improve videoThe security of conferencing data transmission, can determine whether the user who participates in video conference arrives simultaneously exactly.
In view of this, a first aspect of the present invention has proposed a kind of communication means, for transmit leg eventuallyEnd, comprising: the PKI by receiving side terminal is encrypted to obtain the first encryption to be-encrypted dataData; Described the first enciphered data is sent to described receiving side terminal, for described receiving side terminalDescribed the first enciphered data is processed and obtained the second enciphered data; Receive from described recipient eventuallyDescribed second enciphered data of end; Described the second enciphered data is decrypted, and according to decrypted resultWhether the user who determines described receiving side terminal is the user who binds with described receiving side terminal.
In this technical scheme, by the PKI of receiving side terminal, be-encrypted data is encrypted to obtainTo the first enciphered data, and the first enciphered data is sent to receiving side terminal, passes through like this recipientThe private key of terminal can be decrypted the first enciphered data, and particularly, receiving side terminal is according to receptionThe user's of side's terminal biometric information is carried out authentication to receiving side terminal, and in the time that authentication is passed through,Receiving side terminal judges that it can use the private key of receiving side terminal to be decrypted, then according to recipientThe decrypted result of terminal generates the second enciphered data, sending side terminal according to receive from receptionThe second enciphered data of side's terminal determines whether the user of receiving side terminal is to bind with receiving side terminalUser. For example, the data of sending side terminal after to the second enciphered data deciphering are to be encrypted in above-mentionedData, illustrate that receiving side terminal successfully uses the private key of receiving side terminal to decipher the first enciphered data,The user that receiving side terminal is also just described is the user who binds with receiving side terminal, if after contrary decipheringThe second enciphered data is other data except data to be sent, illustrates that receiving side terminal is not to firstEnciphered data successful decryption, the user that receiving side terminal is also just described is not and this receiving side terminal bindingUser. Therefore,, by technique scheme, can determine exactly with receiving side terminal bindingWhether user has participated in video conference, thereby determines whether the user who participates in video conference all shows up, withIn time, has also been avoided making to pass because disabled user pretends to be the validated user of receiving side terminal to participate in video conferenceDefeated data are revealed.
Preferably, the be-encrypted data in above-mentioned is test data, will test number by sending side terminalAccording to the user who is sent to receiving side terminal and the determines receiving side terminal participation video conference of whether showing up, byFile size in test data is smaller, avoids transmitting in video conference too much data, thereby protectsDemonstrate,prove the fluency of video conference transmission. And it is whole to recipient periodically to send test dataWhether end participates in video conference with the user who understands in real time receiving side terminal.
In addition, sending side terminal can upload onto the server be-encrypted data, passes through for serverThe PKI of receiving side terminal is encrypted be-encrypted data, then first enciphered data of encrypting is sent outDeliver to receiving side terminal. Certainly, be-encrypted data can be to decipher by the private key of sending side terminalArrive, and be-encrypted data before deciphering is the data from other-end A, and recipient eventuallyAfter end is deciphered the first enciphered data, after obtaining be-encrypted data, receiving side terminal is by otherTerminal B is encrypted and is then sent to other-end B be-encrypted data, thereby by point-to-pointMode has realized transfer of data.
In addition,, before the PKI by receiving side terminal is to data encryption to be sent, can set up oneThe territory of cover safety encipher, like this, when receiving side terminal sends the first enciphered data to sending side terminal,Receiving side terminal in the territory of this safety encipher all can be by the user's of this receiving side terminal firstBiometric information judges whether receiving side terminal has the private key of receiving side terminal of use and be decryptedAuthority.
In technique scheme, preferably, described described the second enciphered data is decrypted, andWhether the user who determines described receiving side terminal according to decrypted result is to bind with described receiving side terminalUser's step, specifically comprises: the PKI by described receiving side terminal is to described the second enciphered dataBe decrypted; If successful decryption, determines that the user of described receiving side terminal is and described receiving side terminalThe user of binding, otherwise the user who determines described receiving side terminal ties up with described receiving side terminalFixed user.
In this technical scheme, if the second enciphered data is decrypted into by the PKI of receiving side terminalMerit, illustrates that the second enciphered data is the data that are encrypted by the private key of receiving side terminal, and is connecingThe user of debit's terminal could use the private key of receiving side terminal while being the user who binds with receiving side terminalBe encrypted, the user that receiving side terminal is also just described is the user who binds with receiving side terminal. If logicalCross the PKI of receiving side terminal to the second enciphered data Decryption failures, illustrate that the second enciphered data is not logicalCross the data that the private key of receiving side terminal is encrypted, the user of receiving side terminal is not and recipientThe user of terminal binding. Therefore,, by technique scheme, the PKI by receiving side terminal is toTwo enciphered datas are decrypted, and can determine exactly with receiving side terminal binding according to decrypted resultWhether user has participated in video conference, thereby determines whether the user who participates in video conference all shows up.
In above-mentioned any one technical scheme, preferably, described described the second enciphered data is separatedClose, and determine that according to decrypted result whether the user of described receiving side terminal is and described receiving side terminalThe user's of binding step, specifically comprises: use the private key of described sending side terminal to add described secondCiphertext data is decrypted; If described the second enciphered data after deciphering is described data to be sent, determineThe user of described receiving side terminal is the user who binds with described receiving side terminal, otherwise, described in determiningThe user of receiving side terminal is not the user who binds with described receiving side terminal.
In this technical scheme, if the second enciphered data after deciphering is data to be sent, i.e. recipientTerminal can be encrypted and obtain second and add the first enciphered data (being data to be sent) after decipheringCiphertext data, also just illustrating that receiving side terminal has comes first by the authority of the private key of receiving side terminalEnciphered data is decrypted the first enciphered data (being data to be sent) obtaining after deciphering, thereby saysThe user of bright receiving side terminal is the user who binds with receiving side terminal. If number is encrypted in second after decipheringAccording to not being data to be sent, illustrate that receiving side terminal successfully do not decipher the first enciphered data, alsoThe user that receiving side terminal is described is not the user who binds with receiving side terminal. Therefore, by above-mentioned skillArt scheme, can determine with the user of receiving side terminal binding whether participate in exactly according to decrypted resultVideo conference, thereby determine whether participate in the user of video conference all shows up.
In above-mentioned any one technical scheme, preferably, in the private of the described sending side terminal of described useBefore the step that key is decrypted described the second enciphered data, comprising: gather described sending side terminalUser's biometric information to judge whether the using private key of described sending side terminal to described secondEnciphered data is decrypted; When being, use the private key pair of described sending side terminal in judged resultDescribed the second enciphered data is decrypted.
In this technical scheme, the biometric information of the user by sending side terminal to transmit leg eventuallyThe user of end carries out authentication, and in the time of authentication success, the user that sending side terminal is described is legal useFamily, judges and uses the private key of sending side terminal to be decrypted the second enciphered data, thereby avoidedThe second enciphered data that sending side terminal receives is revealed. Wherein, the user of sending side terminalIt is following one or a combination set of that biometric information includes but not limited to: iris recognition information, fingerprint recognitionInformation, face recognition information and sound identifying information.
A second aspect of the present invention has proposed a kind of communicator, for sending side terminal, comprising: addClose unit, is encrypted to obtain first for the PKI by receiving side terminal to be-encrypted data and addsCiphertext data; Transmitting element, for described the first enciphered data is sent to described receiving side terminal, withFor described receiving side terminal, described the first enciphered data is processed and obtained the second enciphered data; ReceiveUnit, for receiving described the second enciphered data from described receiving side terminal; Processing unit, usesIn described the second enciphered data is decrypted, and determine described receiving side terminal according to decrypted resultWhether user is the user who binds with described receiving side terminal.
In this technical scheme, by the PKI of receiving side terminal, be-encrypted data is encrypted to obtainTo the first enciphered data, and the first enciphered data is sent to receiving side terminal, passes through like this recipientThe private key of terminal can be decrypted the first enciphered data, and particularly, receiving side terminal is according to receptionThe user's of side's terminal biometric information is carried out authentication to receiving side terminal, and in the time that authentication is passed through,Receiving side terminal judges that it can use the private key of receiving side terminal to be decrypted, then according to recipientThe decrypted result of terminal generates the second enciphered data, sending side terminal according to receive from receptionThe second enciphered data of side's terminal determines whether the user of receiving side terminal is to bind with receiving side terminalUser. For example, the data of sending side terminal after to the second enciphered data deciphering are to be encrypted in above-mentionedData, illustrate that receiving side terminal successfully uses the private key of receiving side terminal to decipher the first enciphered data,The user that receiving side terminal is also just described is the user who binds with receiving side terminal, if after contrary decipheringThe second enciphered data is other data except data to be sent, illustrates that receiving side terminal is not to firstEnciphered data successful decryption, the user that receiving side terminal is also just described is not and this receiving side terminal bindingUser. Therefore,, by technique scheme, can determine exactly with receiving side terminal bindingWhether user has participated in video conference, thereby determines whether the user who participates in video conference all shows up, withIn time, has also been avoided making to pass because disabled user pretends to be the validated user of receiving side terminal to participate in video conferenceDefeated data are revealed.
Preferably, the be-encrypted data in above-mentioned is test data, will test number by sending side terminalAccording to the user who is sent to receiving side terminal and the determines receiving side terminal participation video conference of whether showing up, byFile size in test data is smaller, avoids transmitting in video conference too much data, thereby protectsDemonstrate,prove the fluency of video conference transmission. And it is whole to recipient periodically to send test dataWhether end participates in video conference with the user who understands in real time receiving side terminal.
In addition, sending side terminal can upload onto the server be-encrypted data, passes through for serverThe PKI of receiving side terminal is encrypted be-encrypted data, then first enciphered data of encrypting is sent outDeliver to receiving side terminal. Certainly, be-encrypted data can be to decipher by the private key of sending side terminalArrive, and be-encrypted data before deciphering is the data from other-end A, and recipient eventuallyAfter end is deciphered the first enciphered data, after obtaining be-encrypted data, receiving side terminal is by otherTerminal B is encrypted and is then sent to other-end B be-encrypted data, thereby by point-to-pointMode has realized transfer of data.
In addition,, before the PKI by receiving side terminal is to data encryption to be sent, can set up oneThe territory of cover safety encipher, like this, when receiving side terminal sends the first enciphered data to sending side terminal,Receiving side terminal in the territory of this safety encipher all can be by the user's of this receiving side terminal firstBiometric information judges whether receiving side terminal has the private key of receiving side terminal of use and be decryptedAuthority.
In technique scheme, preferably, described processing unit comprises: the first decryption unit, useIn the PKI by described receiving side terminal, described the second enciphered data is decrypted; First determines listUnit, if for successful decryption, determines that the user of described receiving side terminal is for to tie up with described receiving side terminalFixed user, otherwise the user who determines described receiving side terminal is not and described receiving side terminal bindingUser.
In this technical scheme, if the second enciphered data is decrypted into by the PKI of receiving side terminalMerit, illustrates that the second enciphered data is the data that are encrypted by the private key of receiving side terminal, and is connecingThe user of debit's terminal could use the private key of receiving side terminal while being the user who binds with receiving side terminalBe encrypted, the user that receiving side terminal is also just described is the user who binds with receiving side terminal. If logicalCross the PKI of receiving side terminal to the second enciphered data Decryption failures, illustrate that the second enciphered data is not logicalCross the data that the private key of receiving side terminal is encrypted, the user of receiving side terminal is not and recipientThe user of terminal binding. Therefore,, by technique scheme, the PKI by receiving side terminal is toTwo enciphered datas are decrypted, and can determine exactly with receiving side terminal binding according to decrypted resultWhether user has participated in video conference, thereby determines whether the user who participates in video conference all shows up.
In above-mentioned any one technical scheme, preferably, described processing unit comprises: the second deciphering is singleUnit, is decrypted described the second enciphered data for the private key that uses described sending side terminal; SecondDetermining unit, if be described data to be sent for described the second enciphered data after deciphering, determines instituteThe user who states receiving side terminal is the user who binds with described receiving side terminal, otherwise, described in determining, connectThe user of debit's terminal is not the user who binds with described receiving side terminal.
In this technical scheme, if the second enciphered data after deciphering is data to be sent, i.e. recipientTerminal can be encrypted and obtain second and add the first enciphered data (being data to be sent) after decipheringCiphertext data, also just illustrating that receiving side terminal has comes first by the authority of the private key of receiving side terminalEnciphered data is decrypted the first enciphered data (being data to be sent) obtaining after deciphering, thereby saysThe user of bright receiving side terminal is the user who binds with receiving side terminal. If number is encrypted in second after decipheringAccording to not being data to be sent, illustrate that receiving side terminal successfully do not decipher the first enciphered data, alsoThe user that receiving side terminal is described is not the user who binds with receiving side terminal. Therefore, by above-mentioned skillArt scheme, can determine with the user of receiving side terminal binding whether participate in exactly according to decrypted resultVideo conference, thereby determine whether participate in the user of video conference all shows up.
A third aspect of the present invention has proposed a kind of terminal, comprises in technique scheme described in any oneCommunicator, therefore, this terminal have with technique scheme in communicator described in any oneIdentical technique effect, does not repeat them here.
A fourth aspect of the present invention has proposed a kind of communication means, for receiving side terminal, comprising: connectReceive the first enciphered data from the public key encryption that passes through described receiving side terminal of sending side terminal; RootJudge whether to use described receiving side terminal according to the user's of described receiving side terminal biometric informationPrivate key is decrypted described the first enciphered data; When being, use described recipient in judged resultThe private key of terminal is decrypted described the first enciphered data, to described the first enciphered data after decipheringBe encrypted and be sent to described sending side terminal.
In this technical scheme, judge whether to make according to the user's of receiving side terminal biometric informationThe first enciphered data is decrypted with the private key of receiving side terminal the i.e. user's of receiving side terminal lifeThing identifying information is the PIN code (PersonalIdentification that uses the private key of receiving side terminalNumber, individual recognition code), for example, can be by the characteristic value (example in biometric informationAs, iris feature value) as the PIN code of the private key of receiving side terminal. If use receiving side terminalPrivate key is decrypted the first enciphered data, determines that the user of receiving side terminal is validated user, canSeparate from the first enciphered data of sending side terminal receiving with the private key that uses receiving side terminalClose, and the first enciphered data after deciphering is encrypted and is sent to sending side terminal, for transmissionSide's terminal (is encrypted the first enciphered data after deciphering according to the data of the encryption receivingData) determine that the user of receiving side terminal is the user who binds with receiving side terminal. If do not use and receiveThe private key of side's terminal is decrypted the first enciphered data, now can send other data to transmit legTerminal, the data that sending side terminal basis receives are not like this that the first enciphered data after deciphering is come reallyThe user who determines receiving side terminal is not the user who binds with receiving side terminal. By technique scheme,Can make sending side terminal determine in time whether the user of receiving side terminal is to bind with receiving side terminalUser, thereby can learn with the user of receiving side terminal binding whether participate in video conference, simultaneouslyHaving avoided disabled user to participate in video conference is let out with the data of avoiding transmitting in video conferenceReveal, thus the security that has effectively improved transfer of data.
In technique scheme, preferably, described to deciphering after described the first enciphered data carry outEncrypting and transmitting, to the step of described sending side terminal, specifically comprises: by described receiving side terminalPrivate key is encrypted and is sent to described sending side terminal to described the first enciphered data after deciphering, orPerson is encrypted and is sent to described the first enciphered data after deciphering by the PKI of sending side terminalDescribed sending side terminal.
In this technical scheme, at the private key that uses receiving side terminal, the first enciphered data is decryptedAfter, by the private key of receiving side terminal, the first enciphered data after deciphering is encrypted and is sent toThe side's of sending terminal is (right to the data that receive by the PKI of receiving side terminal for sending side terminalThe data that the first enciphered data after deciphering is encrypted) be decrypted, so that sending side terminal is determinedThe user of receiving side terminal is and the user of receiving side terminal binding that also just explanation is tied up with receiving side terminalFixed user shows up and has participated in video conference.
Or after the private key that uses receiving side terminal is decrypted the first enciphered data, by sendingThe PKI of side's terminal is encrypted and is sent to sending side terminal to the first enciphered data after deciphering, withPrivate key for sending side terminal by sending side terminal to the data that receive (to first after decipheringThe data that enciphered data is encrypted) be decrypted so that sending side terminal deciphering obtain above-mentioned inBe-encrypted data time determine receiving side terminal user for the user of receiving side terminal binding, alsoIllustrate with the user of receiving side terminal binding and show up and participated in video conference.
In the above-mentioned any one technical scheme, preferably, do not use described receiving side terminal judgingWhen private key is decrypted described the first enciphered data, described the first enciphered data is sent to described sending outThe side's of sending terminal.
In this technical scheme, do not use the private key of receiving side terminal to enter the first enciphered data in judgementWhen row deciphering, the user that receiving side terminal is also just described is not the user who binds with receiving side terminal, canSo that the first enciphered data is sent to sending side terminal, receiving the first encryption for sending side terminalThe user who determines receiving side terminal when data is not and the user of receiving side terminal binding, determines and connectThe user of debit's terminal binding does not participate in video conference. Certainly do not use receiving side terminal judgingWhen private key is decrypted the first enciphered data, can send other data to sending side terminal, withThe data of other that receive for sending side terminal basis determine that the user of receiving side terminal is not and receptionThe user of side's terminal binding.
In above-mentioned any one technical scheme, preferably, it is one of following that described biometric information comprisesOr its combination: iris recognition information, fingerprint recognition information, face recognition information and voice recognition letterBreath.
In this technical scheme, it is following one or a combination set of that biometric information includes but not limited to: rainbowFilm identifying information, fingerprint recognition information, face recognition information and sound identifying information, owing to obtaining lifeThe convenience of thing identifying information and agility, thus it is just non-to make to carry out authentication by biometric informationOften convenient, fast, and biometric information has uniqueness, can thereby improved the safety of authenticationLean on property, and then pointed out user experience.
A fifth aspect of the present invention has proposed a kind of communicator, for receiving side terminal, comprising: connectReceive unit, for receiving from the of the public key encryption that passes through described receiving side terminal of sending side terminalOne enciphered data; Decryption unit, for according to the user's of described receiving side terminal biometric informationJudge whether to use the private key of described receiving side terminal to be decrypted described the first enciphered data; SendUnit, in judged result when being, use the private key of described receiving side terminal to add described firstCiphertext data is decrypted, and described the first enciphered data after deciphering is encrypted and is sent to described sending outThe side's of sending terminal.
In this technical scheme, judge whether to make according to the user's of receiving side terminal biometric informationThe first enciphered data is decrypted with the private key of receiving side terminal the i.e. user's of receiving side terminal lifeThing identifying information is the PIN code (PersonalIdentification that uses the private key of receiving side terminalNumber, individual recognition code), for example, can be by the characteristic value (example in biometric informationAs, iris feature value) as the PIN code of the private key of receiving side terminal. If use receiving side terminalPrivate key is decrypted the first enciphered data, determines that the user of receiving side terminal is validated user, canSeparate from the first enciphered data of sending side terminal receiving with the private key that uses receiving side terminalClose, and the first enciphered data after deciphering is encrypted and is sent to sending side terminal, for transmissionSide's terminal (is encrypted the first enciphered data after deciphering according to the data of the encryption receivingData) determine that the user of receiving side terminal is the user who binds with receiving side terminal. If do not use and receiveThe private key of side's terminal is decrypted the first enciphered data, now can send other data to transmit legTerminal, the data that sending side terminal basis receives are not like this that the first enciphered data after deciphering is come reallyThe user who determines receiving side terminal is not the user who binds with receiving side terminal. By technique scheme,Can make sending side terminal determine in time whether the user of receiving side terminal is to bind with receiving side terminalUser, thereby can learn with the user of receiving side terminal binding whether participate in video conference, simultaneouslyHaving avoided disabled user to participate in video conference is let out with the data of avoiding transmitting in video conferenceReveal, thus the security that has effectively improved transfer of data.
In technique scheme, preferably, comprise at described transmitting element: ciphering unit, forPrivate key by described receiving side terminal is encrypted and sends described the first enciphered data after decipheringTo described sending side terminal, or described first after to the deciphering for the PKI by sending side terminalEnciphered data is encrypted and is sent to described sending side terminal.
In this technical scheme, at the private key that uses receiving side terminal, the first enciphered data is decryptedAfter, by the private key of receiving side terminal, the first enciphered data after deciphering is encrypted and is sent toThe side's of sending terminal is (right to the data that receive by the PKI of receiving side terminal for sending side terminalThe data that the first enciphered data after deciphering is encrypted) be decrypted, so that sending side terminal is determinedThe user of receiving side terminal is and the user of receiving side terminal binding that also just explanation is tied up with receiving side terminalFixed user shows up and has participated in video conference.
A sixth aspect of the present invention has proposed a kind of terminal, comprises in technique scheme described in any oneCommunicator, therefore, this terminal have with technique scheme in communicator described in any oneIdentical technique effect, does not repeat them here.
Seventh aspect present invention has proposed a kind of communication system, comprising: as arbitrary in the above-mentioned third aspectTerminal described in technical scheme, and end as described in any one technical scheme in above-mentioned the 6th aspectEnd, therefore, this communication system have with the above-mentioned third aspect in terminal described in any one technical schemeAnd the identical technique effect of terminal as described in any one technical scheme in above-mentioned the 6th aspect, at thisRepeat no more.
By technical scheme of the present invention, can improve the security of videoconference data transmission, simultaneouslyCan determine exactly whether the user who participates in video conference shows up.
Brief description of the drawings
Fig. 1 shows the schematic flow sheet of communication means according to an embodiment of the invention;
Fig. 2 shows the structural representation of communicator according to an embodiment of the invention;
Fig. 3 shows the structural representation of terminal according to an embodiment of the invention;
Fig. 4 shows the schematic flow sheet of communication means according to another embodiment of the invention;
Fig. 5 shows the structural representation of communicator according to another embodiment of the invention;
Fig. 6 shows the structural representation of terminal according to another embodiment of the invention;
Fig. 7 shows the structural representation of communication system according to an embodiment of the invention.
Detailed description of the invention
In order more clearly to understand above-mentioned purpose of the present invention, feature and advantage, below in conjunction with attachedFigure and detailed description of the invention are further described in detail the present invention. It should be noted that, notIn the situation of conflict, the feature in the application's embodiment and embodiment can combine mutually.
Set forth in the following description a lot of details so that fully understand the present invention, still,The present invention can also adopt other to be different from other modes described here and implement, therefore, and the present inventionProtection domain be not subject to the restriction of following public specific embodiment.
Fig. 1 shows the schematic flow sheet of communication means according to an embodiment of the invention.
As shown in Figure 1, communication means according to an embodiment of the invention, for transmit leg eventuallyEnd, comprising:
Step 102, is encrypted to obtain first by the PKI of receiving side terminal to be-encrypted dataEnciphered data;
Step 104, is sent to described receiving side terminal by described the first enciphered data, connects for describedDebit's terminal is processed and is obtained the second enciphered data described the first enciphered data;
Step 106, receives described the second enciphered data from described receiving side terminal;
Step 108, is decrypted described the second enciphered data, and described in determining according to decrypted resultWhether the user of receiving side terminal is the user who binds with described receiving side terminal.
In this technical scheme, by the PKI of receiving side terminal, be-encrypted data is encrypted to obtainTo the first enciphered data, and the first enciphered data is sent to receiving side terminal, passes through like this recipientThe private key of terminal can be decrypted the first enciphered data, and particularly, receiving side terminal is according to receptionThe user's of side's terminal biometric information is carried out authentication to receiving side terminal, and in the time that authentication is passed through,Receiving side terminal judges that it can use the private key of receiving side terminal to be decrypted, then according to recipientThe decrypted result of terminal generates the second enciphered data, sending side terminal according to receive from receptionThe second enciphered data of side's terminal determines whether the user of receiving side terminal is to bind with receiving side terminalUser. For example, the data of sending side terminal after to the second enciphered data deciphering are to be encrypted in above-mentionedData, illustrate that receiving side terminal successfully uses the private key of receiving side terminal to decipher the first enciphered data,The user that receiving side terminal is also just described is the user who binds with receiving side terminal, if after contrary decipheringThe second enciphered data is other data except data to be sent, illustrates that receiving side terminal is not to firstEnciphered data successful decryption, the user that receiving side terminal is also just described is not and this receiving side terminal bindingUser. Therefore,, by technique scheme, can determine exactly with receiving side terminal bindingWhether user has participated in video conference, thereby determines whether the user who participates in video conference all shows up, withIn time, has also been avoided making to pass because disabled user pretends to be the validated user of receiving side terminal to participate in video conferenceDefeated data are revealed.
Preferably, the be-encrypted data in above-mentioned is test data, will test number by sending side terminalAccording to the user who is sent to receiving side terminal and the determines receiving side terminal participation video conference of whether showing up, byFile size in test data is smaller, avoids transmitting in video conference too much data, thereby protectsDemonstrate,prove the fluency of video conference transmission. And it is whole to recipient periodically to send test dataWhether end participates in video conference with the user who understands in real time receiving side terminal.
In addition, sending side terminal can upload onto the server be-encrypted data, passes through for serverThe PKI of receiving side terminal is encrypted be-encrypted data, then first enciphered data of encrypting is sent outDeliver to receiving side terminal. Certainly, be-encrypted data can be to decipher by the private key of sending side terminalArrive, and be-encrypted data before deciphering is the data from other-end A, and recipient eventuallyAfter end is deciphered the first enciphered data, after obtaining be-encrypted data, receiving side terminal is by otherTerminal B is encrypted and is then sent to other-end B be-encrypted data, thereby by point-to-pointMode has realized transfer of data.
In addition,, before the PKI by receiving side terminal is to data encryption to be sent, can set up oneThe territory of cover safety encipher, like this, when receiving side terminal sends the first enciphered data to sending side terminal,Receiving side terminal in the territory of this safety encipher all can be by the user's of this receiving side terminal firstBiometric information judges whether receiving side terminal has the private key of receiving side terminal of use and be decryptedAuthority.
In technique scheme, preferably, described step 108 specifically comprises: by described receptionThe PKI of side's terminal is decrypted described the second enciphered data; If successful decryption, determines described receptionThe user of side's terminal is the user who binds with described receiving side terminal, otherwise, determine that described recipient is eventuallyThe user of end is not the user who binds with described receiving side terminal.
In this technical scheme, if the second enciphered data is decrypted into by the PKI of receiving side terminalMerit, illustrates that the second enciphered data is the data that are encrypted by the private key of receiving side terminal, and is connecingThe user of debit's terminal could use the private key of receiving side terminal while being the user who binds with receiving side terminalBe encrypted, the user that receiving side terminal is also just described is the user who binds with receiving side terminal. If logicalCross the PKI of receiving side terminal to the second enciphered data Decryption failures, illustrate that the second enciphered data is not logicalCross the data that the private key of receiving side terminal is encrypted, the user of receiving side terminal is not and recipientThe user of terminal binding. Therefore,, by technique scheme, the PKI by receiving side terminal is toTwo enciphered datas are decrypted, and can determine exactly with receiving side terminal binding according to decrypted resultWhether user has participated in video conference, thereby determines whether the user who participates in video conference all shows up.
In above-mentioned any one technical scheme, preferably, described step 108 specifically comprises: use instituteThe private key of stating sending side terminal is decrypted described the second enciphered data; If described second after decipheringEnciphered data is described data to be sent, determines that the user of described receiving side terminal is and described recipientThe user of terminal binding, otherwise the user who determines described receiving side terminal is not whole with described recipientThe user of end binding.
In this technical scheme, if the second enciphered data after deciphering is data to be sent, i.e. recipientTerminal can be encrypted and obtain second and add the first enciphered data (being data to be sent) after decipheringCiphertext data, also just illustrating that receiving side terminal has comes first by the authority of the private key of receiving side terminalEnciphered data is decrypted the first enciphered data (being data to be sent) obtaining after deciphering, thereby saysThe user of bright receiving side terminal is the user who binds with receiving side terminal. If number is encrypted in second after decipheringAccording to not being data to be sent, illustrate that receiving side terminal successfully do not decipher the first enciphered data, alsoThe user that receiving side terminal is described is not the user who binds with receiving side terminal. Therefore, by above-mentioned skillArt scheme, can determine with the user of receiving side terminal binding whether participate in exactly according to decrypted resultVideo conference, thereby determine whether participate in the user of video conference all shows up.
In above-mentioned any one technical scheme, preferably, in the private of the described sending side terminal of described useBefore the step that key is decrypted described the second enciphered data, comprising: gather described sending side terminalUser's biometric information to judge whether the using private key of described sending side terminal to described secondEnciphered data is decrypted; When being, use the private key pair of described sending side terminal in judged resultDescribed the second enciphered data is decrypted.
In this technical scheme, the biometric information of the user by sending side terminal to transmit leg eventuallyThe user of end carries out authentication, and in the time of authentication success, the user that sending side terminal is described is legal useFamily, judges and uses the private key of sending side terminal to be decrypted the second enciphered data, thereby avoidedThe second enciphered data that sending side terminal receives is revealed. Wherein, the user of sending side terminalIt is following one or a combination set of that biometric information includes but not limited to: iris recognition information, fingerprint recognitionInformation, face recognition information and sound identifying information.
Fig. 2 shows the structural representation of communicator according to an embodiment of the invention.
As shown in Figure 2, communicator 200 according to an embodiment of the invention, for transmit legTerminal, comprising: ciphering unit 202, transmitting element 204, receiving element 206 and processing unit208, wherein, described ciphering unit 202 for the PKI by receiving side terminal to be-encrypted dataBe encrypted to obtain the first enciphered data; Described transmitting element 204, for encrypting described firstData are sent to described receiving side terminal, for described receiving side terminal, described the first enciphered data are enteredRow is processed and is obtained the second enciphered data; Described receiving element 206, for receiving from described recipientDescribed second enciphered data of terminal; Described processing unit 208, for to described the second enciphered dataBe decrypted, and determine that according to decrypted result whether the user of described receiving side terminal is and described receptionThe user of side's terminal binding.
In this technical scheme, by the PKI of receiving side terminal, be-encrypted data is encrypted to obtainTo the first enciphered data, and the first enciphered data is sent to receiving side terminal, passes through like this recipientThe private key of terminal can be decrypted the first enciphered data, and particularly, receiving side terminal is according to receptionThe user's of side's terminal biometric information is carried out authentication to receiving side terminal, and in the time that authentication is passed through,Receiving side terminal judges that it can use the private key of receiving side terminal to be decrypted, then according to recipientThe decrypted result of terminal generates the second enciphered data, sending side terminal according to receive from receptionThe second enciphered data of side's terminal determines whether the user of receiving side terminal is to bind with receiving side terminalUser. For example, the data of sending side terminal after to the second enciphered data deciphering are to be encrypted in above-mentionedData, illustrate that receiving side terminal is successfully to the first enciphered data deciphering, and receiving side terminal is also just describedUser is and the user of receiving side terminal binding that the second enciphered data after deciphering if contrary is for sending out except waitingSend other data outside data, illustrate that receiving side terminal is not to the first enciphered data successful decryption, alsoThe user that receiving side terminal is just described is not the user who binds with this receiving side terminal. Therefore, by upperState technical scheme, can determine exactly with the user of receiving side terminal binding whether participated in video councilView, thus determine that whether the user who participates in video conference all shows up, and has also avoided due to illegal use simultaneouslyFamily pretends to be the validated user participation video conference of receiving side terminal that the data of transmission are revealed.
Preferably, the be-encrypted data in above-mentioned is test data, will test number by sending side terminalAccording to the user who is sent to receiving side terminal and the determines receiving side terminal participation video conference of whether showing up, byFile size in test data is smaller, avoids transmitting in video conference too much data, thereby protectsDemonstrate,prove the fluency of video conference transmission. And it is whole to recipient periodically to send test dataWhether end participates in video conference with the user who understands in real time receiving side terminal.
In addition, sending side terminal can upload onto the server be-encrypted data, passes through for serverThe PKI of receiving side terminal is encrypted be-encrypted data, then first enciphered data of encrypting is sent outDeliver to receiving side terminal. Certainly, be-encrypted data can be to decipher by the private key of sending side terminalArrive, and be-encrypted data before deciphering is the data from other-end A, and recipient eventuallyAfter end is deciphered the first enciphered data, after obtaining be-encrypted data, receiving side terminal is by otherTerminal B is encrypted and is then sent to other-end B be-encrypted data, thereby by point-to-pointMode has realized transfer of data.
In addition,, before the PKI by receiving side terminal is to data encryption to be sent, can set up oneThe territory of cover safety encipher, like this, when receiving side terminal sends the first enciphered data to sending side terminal,Receiving side terminal in the territory of this safety encipher all can be by the user's of this receiving side terminal firstBiometric information judges whether receiving side terminal has the private key of receiving side terminal of use and be decryptedAuthority.
In technique scheme, preferably, described processing unit 208 comprises: the first decryption unit2082, for the PKI by described receiving side terminal, described the second enciphered data is decrypted; TheOne determining unit 2084, if for successful decryption, the user who determines described receiving side terminal for instituteState the user of receiving side terminal binding, otherwise the user who determines described receiving side terminal not with describedThe user of receiving side terminal binding.
In this technical scheme, if the second enciphered data is decrypted into by the PKI of receiving side terminalMerit, illustrates that the second enciphered data is the data that are encrypted by the private key of receiving side terminal, and is connecingThe user of debit's terminal could use the private key of receiving side terminal while being the user who binds with receiving side terminalBe encrypted, the user that receiving side terminal is also just described is the user who binds with receiving side terminal. If logicalCross the PKI of receiving side terminal to the second enciphered data Decryption failures, illustrate that the second enciphered data is not logicalCross the data that the private key of receiving side terminal is encrypted, the user of receiving side terminal is not and recipientThe user of terminal binding. Therefore,, by technique scheme, the PKI by receiving side terminal is toTwo enciphered datas are decrypted, and can determine exactly with receiving side terminal binding according to decrypted resultWhether user has participated in video conference, thereby determines whether the user who participates in video conference all shows up.
In above-mentioned any one technical scheme, preferably, described processing unit 208 comprises: second separatesClose unit 2086, carries out described the second enciphered data for the private key that uses described sending side terminalDeciphering; The second determining unit 2088, if treat described in for described the second enciphered data after deciphering beingSend data, the user who determines described receiving side terminal is the user who binds with described receiving side terminal,Otherwise the user who determines described receiving side terminal is not the user who binds with described receiving side terminal.
In this technical scheme, if the second enciphered data after deciphering is data to be sent, i.e. recipientTerminal can be encrypted and obtain second and add the first enciphered data (being data to be sent) after decipheringCiphertext data, also just illustrating that receiving side terminal has comes first by the authority of the private key of receiving side terminalEnciphered data is decrypted the first enciphered data (being data to be sent) obtaining after deciphering, thereby saysThe user of bright receiving side terminal is the user who binds with receiving side terminal. If number is encrypted in second after decipheringAccording to not being data to be sent, illustrate that receiving side terminal successfully do not decipher the first enciphered data, alsoThe user that receiving side terminal is described is not the user who binds with receiving side terminal. Therefore, by above-mentioned skillArt scheme, can determine with the user of receiving side terminal binding whether participate in exactly according to decrypted resultVideo conference, thereby determine whether participate in the user of video conference all shows up.
In above-mentioned any one technical scheme, preferably, also comprise: performance element (is not marked in Fig. 2Go out), for user's the biometric information that gathers described sending side terminal to judge whether to use instituteThe private key of stating sending side terminal is decrypted described the second enciphered data, in judged result when being,Use the private key of described sending side terminal to be decrypted described the second enciphered data.
In this technical scheme, the biometric information of the user by sending side terminal to transmit leg eventuallyThe user of end carries out authentication, and in the time of authentication success, the user that sending side terminal is described is legal useFamily, judges and uses the private key of sending side terminal to be decrypted the second enciphered data, thereby avoidedThe second enciphered data that sending side terminal receives is revealed.
Fig. 3 shows the structural representation of terminal according to an embodiment of the invention.
As shown in Figure 3, terminal 300 according to an embodiment of the invention, comprises above-mentioned technical sideCommunicator 200 in case described in any one, therefore, this terminal 300 has and technique schemeThe identical technique effect of communicator 200 described in middle any one, does not repeat them here.
Fig. 4 shows the schematic flow sheet of communication means according to another embodiment of the invention.
As shown in Figure 4, communication means according to another embodiment of the invention, for recipient eventuallyEnd, comprising:
Step 402, receives from the public key encryption that passes through described receiving side terminal of sending side terminalThe first enciphered data;
Step 404, judges whether to use according to the user's of described receiving side terminal biometric informationThe private key of described receiving side terminal is decrypted described the first enciphered data;
Step 406, when being, is used the private key of described receiving side terminal to described in judged resultOne enciphered data is decrypted, and described the first enciphered data after deciphering is encrypted and is sent to instituteState sending side terminal.
In this technical scheme, judge whether to make according to the user's of receiving side terminal biometric informationThe first enciphered data is decrypted with the private key of receiving side terminal the i.e. user's of receiving side terminal lifeThing identifying information is the PIN code (PersonalIdentification that uses the private key of receiving side terminalNumber, individual recognition code), for example, can be by the characteristic value (example in biometric informationAs, iris feature value) as the PIN code of the private key of receiving side terminal. If use receiving side terminalPrivate key is decrypted the first enciphered data, determines that the user of receiving side terminal is validated user, canSeparate from the first enciphered data of sending side terminal receiving with the private key that uses receiving side terminalClose, and the first enciphered data after deciphering is encrypted and is sent to sending side terminal, for transmissionSide's terminal (is encrypted the first enciphered data after deciphering according to the data of the encryption receivingData) determine that the user of receiving side terminal is the user who binds with receiving side terminal. If do not use and receiveThe private key of side's terminal is decrypted the first enciphered data, now can send other data to transmit legTerminal, the data that sending side terminal basis receives are not like this that the first enciphered data after deciphering is come reallyThe user who determines receiving side terminal is not the user who binds with receiving side terminal. By technique scheme,Can make sending side terminal determine in time whether the user of receiving side terminal is to bind with receiving side terminalUser, thereby can learn with the user of receiving side terminal binding whether participate in video conference, simultaneouslyHaving avoided disabled user to participate in video conference is let out with the data of avoiding transmitting in video conferenceReveal, thus the security that has effectively improved transfer of data.
In technique scheme, preferably, described to deciphering after described the first enciphered data carry outEncrypting and transmitting, to the step of described sending side terminal, specifically comprises: by described receiving side terminalPrivate key is encrypted and is sent to described sending side terminal to described the first enciphered data after deciphering, orPerson is encrypted and is sent to described the first enciphered data after deciphering by the PKI of sending side terminalDescribed sending side terminal.
In this technical scheme, at the private key that uses receiving side terminal, the first enciphered data is decryptedAfter, by the private key of receiving side terminal, the first enciphered data after deciphering is encrypted and is sent toThe side's of sending terminal is (right to the data that receive by the PKI of receiving side terminal for sending side terminalThe data that the first enciphered data after deciphering is encrypted) be decrypted, so that sending side terminal is determinedThe user of receiving side terminal is and the user of receiving side terminal binding that also just explanation is tied up with receiving side terminalFixed user shows up and has participated in video conference.
Or after the private key that uses receiving side terminal is decrypted the first enciphered data, by sendingThe PKI of side's terminal is encrypted and is sent to sending side terminal to the first enciphered data after deciphering, withPrivate key for sending side terminal by sending side terminal to the data that receive (to first after decipheringThe data that enciphered data is encrypted) be decrypted so that sending side terminal deciphering obtain above-mentioned inBe-encrypted data time determine receiving side terminal user for the user of receiving side terminal binding, alsoIllustrate with the user of receiving side terminal binding and show up and participated in video conference.
In the above-mentioned any one technical scheme, preferably, do not use described receiving side terminal judgingWhen private key is decrypted described the first enciphered data, described the first enciphered data is sent to described sending outThe side's of sending terminal.
In this technical scheme, do not use the private key of receiving side terminal to enter the first enciphered data in judgementWhen row deciphering, the user that receiving side terminal is also just described is not the user who binds with receiving side terminal, canSo that the first enciphered data is sent to sending side terminal, receiving the first encryption for sending side terminalThe user who determines receiving side terminal when data is not and the user of receiving side terminal binding, determines and connectThe user of debit's terminal binding does not participate in video conference. Certainly do not use receiving side terminal judgingWhen private key is decrypted the first enciphered data, can send other data to sending side terminal, withThe data of other that receive for sending side terminal basis determine that the user of receiving side terminal is not and receptionThe user of side's terminal binding.
In above-mentioned any one technical scheme, preferably, it is one of following that described biometric information comprisesOr its combination: iris recognition information, fingerprint recognition information, face recognition information and voice recognition letterBreath.
In this technical scheme, it is following one or a combination set of that biometric information includes but not limited to: rainbowFilm identifying information, fingerprint recognition information, face recognition information and sound identifying information, owing to obtaining lifeThe convenience of thing identifying information and agility, thus it is just non-to make to carry out authentication by biometric informationOften convenient, fast, and biometric information has uniqueness, can thereby improved the safety of authenticationLean on property, and then pointed out user experience.
Fig. 5 shows the structural representation of communicator according to another embodiment of the invention.
As shown in Figure 5, communicator 500 according to another embodiment of the invention, for receivingSide's terminal, comprising: receiving element 502, decryption unit 504 and transmitting element 506, wherein, instituteStating receiving element 502 adds for receiving from the PKI that passes through described receiving side terminal of sending side terminalThe first close enciphered data; Decryption unit 504, for according to the user's of described receiving side terminal lifeThing identifying information judges whether to use the private key of described receiving side terminal to carry out described the first enciphered dataDeciphering; Transmitting element 506, in judged result when being, use the private of described receiving side terminalKey is decrypted described the first enciphered data, and described the first enciphered data after deciphering is encryptedAnd be sent to described sending side terminal.
In this technical scheme, judge whether to make according to the user's of receiving side terminal biometric informationThe first enciphered data is decrypted with the private key of receiving side terminal the i.e. user's of receiving side terminal lifeThing identifying information is the PIN code (PersonalIdentification that uses the private key of receiving side terminalNumber, individual recognition code), for example, can be by the characteristic value (example in biometric informationAs, iris feature value) as the PIN code of the private key of receiving side terminal. If use receiving side terminalPrivate key is decrypted the first enciphered data, determines that the user of receiving side terminal is validated user, canSeparate from the first enciphered data of sending side terminal receiving with the private key that uses receiving side terminalClose, and the first enciphered data after deciphering is encrypted and is sent to sending side terminal, for transmissionSide's terminal (is encrypted the first enciphered data after deciphering according to the data of the encryption receivingData) determine that the user of receiving side terminal is the user who binds with receiving side terminal. If do not use and receiveThe private key of side's terminal is decrypted the first enciphered data, now can send other data to transmit legTerminal, the data that sending side terminal basis receives are not like this that the first enciphered data after deciphering is come reallyThe user who determines receiving side terminal is not the user who binds with receiving side terminal. By technique scheme,Can make sending side terminal determine in time whether the user of receiving side terminal is to bind with receiving side terminalUser, thereby can learn with the user of receiving side terminal binding whether participate in video conference, simultaneouslyHaving avoided disabled user to participate in video conference is let out with the data of avoiding transmitting in video conferenceReveal, thus the security that has effectively improved transfer of data.
In technique scheme, preferably, comprise at described transmitting element 506: ciphering unit5062, for the private key by described receiving side terminal, described the first enciphered data after deciphering is carried outEncrypting and transmitting is to described sending side terminal, or for the PKI by sending side terminal to deciphering afterDescribed the first enciphered data be encrypted and be sent to described sending side terminal.
In this technical scheme, at the private key that uses receiving side terminal, the first enciphered data is decryptedAfter, by the private key of receiving side terminal, the first enciphered data after deciphering is encrypted and is sent toThe side's of sending terminal is (right to the data that receive by the PKI of receiving side terminal for sending side terminalThe data that the first enciphered data after deciphering is encrypted) be decrypted, so that sending side terminal is determinedThe user of receiving side terminal is and the user of receiving side terminal binding that also just explanation is tied up with receiving side terminalFixed user shows up and has participated in video conference.
In above-mentioned any one technical scheme, preferably, described transmitting element 506 also for, sentencingWhen the fixed private key that does not use described receiving side terminal is decrypted described the first enciphered data, will described inThe first enciphered data is sent to described sending side terminal.
In this technical scheme, do not use the private key of receiving side terminal to enter the first enciphered data in judgementWhen row deciphering, the user that receiving side terminal is also just described is not the user who binds with receiving side terminal, canSo that the first enciphered data is sent to sending side terminal, receiving the first encryption for sending side terminalThe user who determines receiving side terminal when data is not and the user of receiving side terminal binding, determines and connectThe user of debit's terminal binding does not participate in video conference. Certainly do not use receiving side terminal judgingWhen private key is decrypted the first enciphered data, can send other data to sending side terminal, withThe data of other that receive for sending side terminal basis determine that the user of receiving side terminal is not and receptionThe user of side's terminal binding.
In above-mentioned any one technical scheme, preferably, it is one of following that described biometric information comprisesOr its combination: iris recognition information, fingerprint recognition information, face recognition information and voice recognition letterBreath.
In this technical scheme, it is following one or a combination set of that biometric information includes but not limited to: rainbowFilm identifying information, fingerprint recognition information, face recognition information and sound identifying information, owing to obtaining lifeThe convenience of thing identifying information and agility, thus it is just non-to make to carry out authentication by biometric informationOften convenient, fast, and biometric information has uniqueness, can thereby improved the safety of authenticationLean on property, and then pointed out user experience.
Fig. 6 shows the structural representation of terminal according to another embodiment of the invention.
As shown in Figure 6, terminal 600 according to another embodiment of the invention, comprising: above-mentioned skillCommunicator 500 in art scheme described in any one, therefore, this terminal 600 has and above-mentioned technologyThe identical technique effect of communicator 500 in scheme described in any one, does not repeat them here.
Fig. 7 shows the structural representation of communication system according to an embodiment of the invention.
As shown in Figure 7, communication system 700 according to an embodiment of the invention, comprising: as aboveState the terminal 300 described in any one in the third aspect, and as described in any one in above-mentioned the 6th aspectTerminal 600, therefore, this communication system 700 have with the above-mentioned third aspect in described in any oneTerminal 300 and the identical technique effect of terminal 600 as described in any one in above-mentioned the 6th aspect,Do not repeat them here.
More than be described with reference to the accompanying drawings technical scheme of the present invention, can have improved videoconference dataThe security of transmission, can determine whether the user who participates in video conference shows up simultaneously exactly.
The foregoing is only the preferred embodiments of the present invention, be not limited to the present invention, forThose skilled in the art, the present invention can have various modifications and variations. All in essence of the present inventionWithin god and principle, any amendment of doing, be equal to replacement, improvement etc., all should be included in the present inventionProtection domain within.

Claims (16)

1. a communication means, for sending side terminal, is characterized in that, comprising:
PKI by receiving side terminal is encrypted to obtain the first enciphered data to be-encrypted data;
Described the first enciphered data is sent to described receiving side terminal, for described receiving side terminal pairDescribed the first enciphered data is processed and is obtained the second enciphered data;
Receive described the second enciphered data from described receiving side terminal;
Described the second enciphered data is decrypted, and determines described receiving side terminal according to decrypted resultUser be whether and the user of described receiving side terminal binding.
2. communication means according to claim 1, is characterized in that, described to described secondEnciphered data is decrypted, and according to decrypted result determine the user of described receiving side terminal be whether withThe user's of described receiving side terminal binding step, specifically comprises:
PKI by described receiving side terminal is decrypted described the second enciphered data;
If successful decryption, the user who determines described receiving side terminal binds with described receiving side terminalUser, otherwise the user who determines described receiving side terminal is not the use of binding with described receiving side terminalFamily.
3. communication means according to claim 1, is characterized in that, described to described secondEnciphered data is decrypted, and according to decrypted result determine the user of described receiving side terminal be whether withThe user's of described receiving side terminal binding step, specifically comprises:
Use the private key of described sending side terminal to be decrypted described the second enciphered data;
If described the second enciphered data after deciphering is described data to be sent, determine that described recipient eventuallyThe user of end be the user who binds with described receiving side terminal, otherwise, determine described receiving side terminalUser is not the user who binds with described receiving side terminal.
4. communication means according to claim 3, is characterized in that, described in described useBefore the step that the private key of sending side terminal is decrypted described the second enciphered data, comprising:
Gather user's the biometric information of described sending side terminal to judge whether to use described transmissionThe private key of side's terminal is decrypted described the second enciphered data;
When being, use the private key of described sending side terminal to encrypt number to described second in judged resultAccording to being decrypted.
5. a communicator, for sending side terminal, is characterized in that, comprising:
Ciphering unit, is encrypted to obtain to be-encrypted data for the PKI by receiving side terminalThe first enciphered data;
Transmitting element, for described the first enciphered data is sent to described receiving side terminal, for instituteStating receiving side terminal processes and obtains the second enciphered data described the first enciphered data;
Receiving element, for receiving described the second enciphered data from described receiving side terminal;
Processing unit, for described the second enciphered data is decrypted, and determines according to decrypted resultWhether the user of described receiving side terminal is the user who binds with described receiving side terminal.
6. communicator according to claim 5, is characterized in that, described processing unit bagDraw together:
The first decryption unit, for the PKI by described receiving side terminal to described the second enciphered dataBe decrypted;
The first determining unit, if for successful decryption, the user who determines described receiving side terminal for instituteState the user of receiving side terminal binding, otherwise the user who determines described receiving side terminal not with describedThe user of receiving side terminal binding.
7. communicator according to claim 5, is characterized in that, described processing unit bagDraw together:
The second decryption unit, for being used the private key of described sending side terminal to described the second enciphered dataBe decrypted;
The second determining unit, if be described number to be sent for described the second enciphered data after decipheringAccording to, the user who determines described receiving side terminal is the user who binds with described receiving side terminal, otherwise,The user who determines described receiving side terminal is not the user who binds with described receiving side terminal.
8. a terminal, is characterized in that, comprising: as described in any one in claim 5 to 7Communicator.
9. a communication means, for receiving side terminal, is characterized in that, comprising:
Receive the first encryption number from the public key encryption that passes through described receiving side terminal of sending side terminalAccording to;
Judge whether to use described recipient according to the user's of described receiving side terminal biometric informationThe private key of terminal is decrypted described the first enciphered data;
When being, use the private key of described receiving side terminal to described the first enciphered data in judged resultBe decrypted, described the first enciphered data after deciphering is encrypted and is sent to described transmit leg eventuallyEnd.
10. communication means according to claim 9, is characterized in that, described to deciphering afterDescribed the first enciphered data is encrypted and is sent to the step of described sending side terminal, specifically comprises:
Private key by described receiving side terminal is encrypted also described the first enciphered data after decipheringBe sent to described sending side terminal, or
PKI by sending side terminal is encrypted and sends described the first enciphered data after decipheringTo described sending side terminal.
11. communication means according to claim 9, is characterized in that,
Do not use the private key of described receiving side terminal to be decrypted described the first enciphered data in judgementTime, described the first enciphered data is sent to described sending side terminal.
12. according to the communication means described in any one in claim 9 to 11, it is characterized in that,It is following one or a combination set of that described biometric information comprises: iris recognition information, fingerprint recognition letterBreath, face recognition information and sound identifying information.
13. 1 kinds of communicators, for receiving side terminal, is characterized in that, comprising:
Receiving element, adds for receiving from the PKI that passes through described receiving side terminal of sending side terminalThe first close enciphered data;
Decryption unit, for judging whether according to the user's of described receiving side terminal biometric informationUse the private key of described receiving side terminal to be decrypted described the first enciphered data;
Transmitting element, in judged result when being, use the private key of described receiving side terminal to instituteState the first enciphered data and be decrypted, described the first enciphered data after deciphering is encrypted and is sentTo described sending side terminal.
14. communicators according to claim 13, is characterized in that, single in described transmissionUnit comprises:
Ciphering unit, encrypts described first after deciphering for the private key by described receiving side terminalData are encrypted and are sent to described sending side terminal, or
For the PKI by sending side terminal, described the first enciphered data after deciphering is encrypted alsoBe sent to described sending side terminal.
15. 1 kinds of terminals, is characterized in that, comprising: the communication as described in claim 13 or 14Device.
16. 1 kinds of communication systems, is characterized in that, comprising:
Terminal as claimed in claim 8; And
Terminal as claimed in claim 15.
CN201510585513.8A 2015-09-15 2015-09-15 Communication method, communication apparatus, terminal and communication system Pending CN105610772A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201510585513.8A CN105610772A (en) 2015-09-15 2015-09-15 Communication method, communication apparatus, terminal and communication system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201510585513.8A CN105610772A (en) 2015-09-15 2015-09-15 Communication method, communication apparatus, terminal and communication system

Publications (1)

Publication Number Publication Date
CN105610772A true CN105610772A (en) 2016-05-25

Family

ID=55990312

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201510585513.8A Pending CN105610772A (en) 2015-09-15 2015-09-15 Communication method, communication apparatus, terminal and communication system

Country Status (1)

Country Link
CN (1) CN105610772A (en)

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101083843A (en) * 2007-07-17 2007-12-05 中兴通讯股份有限公司 Method and system for confirming terminal identity in mobile terminal communication
CN101790073A (en) * 2009-01-23 2010-07-28 北京永新视博数字电视技术有限公司 Method for establishing safety communication channel and communication device thereof
CN102202040A (en) * 2010-03-26 2011-09-28 联想(北京)有限公司 Client authentication method and device
CN102664898A (en) * 2012-04-28 2012-09-12 鹤山世达光电科技有限公司 Fingerprint identification-based encrypted transmission method, fingerprint identification-based encrypted transmission device and fingerprint identification-based encrypted transmission system
CN103236926A (en) * 2013-03-28 2013-08-07 金硕澳门离岸商业服务有限公司 Point-to-point-based data transmission system and data transmission method
US20140101444A1 (en) * 2012-10-09 2014-04-10 Samsung Sds Co., Ltd. Apparatus and method for transmitting data, and recording medium storing program for executing method of the same in computer

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101083843A (en) * 2007-07-17 2007-12-05 中兴通讯股份有限公司 Method and system for confirming terminal identity in mobile terminal communication
CN101790073A (en) * 2009-01-23 2010-07-28 北京永新视博数字电视技术有限公司 Method for establishing safety communication channel and communication device thereof
CN102202040A (en) * 2010-03-26 2011-09-28 联想(北京)有限公司 Client authentication method and device
CN102664898A (en) * 2012-04-28 2012-09-12 鹤山世达光电科技有限公司 Fingerprint identification-based encrypted transmission method, fingerprint identification-based encrypted transmission device and fingerprint identification-based encrypted transmission system
US20140101444A1 (en) * 2012-10-09 2014-04-10 Samsung Sds Co., Ltd. Apparatus and method for transmitting data, and recording medium storing program for executing method of the same in computer
CN103236926A (en) * 2013-03-28 2013-08-07 金硕澳门离岸商业服务有限公司 Point-to-point-based data transmission system and data transmission method

Similar Documents

Publication Publication Date Title
CN107017993B (en) Multi-party combined key generation and digital signature method and system
CN108199835B (en) Multi-party combined private key decryption method
CN106100847B (en) Method and device for verifying identity information of asymmetric encryption block chain
CN107947913B (en) Anonymous authentication method and system based on identity
CN105162599B (en) A kind of data transmission system and its transmission method
CN110661764A (en) Input acquisition method and device of secure multi-party computing protocol
CN104468126B (en) A kind of safe communication system and method
EP3476078B1 (en) Systems and methods for authenticating communications using a single message exchange and symmetric key
CN108599925A (en) A kind of modified AKA identity authorization systems and method based on quantum communication network
CN104901935A (en) Bilateral authentication and data interaction security protection method based on CPK (Combined Public Key Cryptosystem)
CN108306732A (en) A kind of random digit generation method, relevant device and system
CN109309566B (en) Authentication method, device, system, equipment and storage medium
CN108737323A (en) A kind of digital signature method, apparatus and system
CN110808999B (en) Service interaction method, device, equipment and storage medium
CN114491578A (en) Security data aggregation method for privacy calculation
CN104092551B (en) Safe secret key transmission method based on RSA algorithm
CN113645020A (en) Alliance chain privacy protection method based on safe multi-party computing
CN108075879A (en) The method, apparatus and system of a kind of data encryption and decryption
EP3398318A1 (en) Methods and systems for enabling legal-intercept mode for a targeted secure element
WO2016082401A1 (en) Conversation method and apparatus, user terminal and computer storage medium
EP3844738A2 (en) Communication protocol
CN111052673A (en) Anonymous broadcasting method, key exchange method, anonymous broadcasting system, key exchange system, communication device, and program
CN111262825B (en) Apparatus and method for processing user public key in communication system including plurality of nodes
CN113158250A (en) Privacy protection network car booking method and system for eliminating once matched driver
CN102437913A (en) System and method for authenticating network users

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20160525

RJ01 Rejection of invention patent application after publication