CN111523154B - Method and system for obtaining hardware unique identifier and corresponding computer equipment - Google Patents
Method and system for obtaining hardware unique identifier and corresponding computer equipment Download PDFInfo
- Publication number
- CN111523154B CN111523154B CN202010202260.2A CN202010202260A CN111523154B CN 111523154 B CN111523154 B CN 111523154B CN 202010202260 A CN202010202260 A CN 202010202260A CN 111523154 B CN111523154 B CN 111523154B
- Authority
- CN
- China
- Prior art keywords
- random number
- string
- application layer
- decrypted
- agreed algorithm
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/73—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information by creating or determining hardware identification, e.g. serial numbers
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/606—Protecting data by securing the transmission between two devices or processes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6209—Protecting access to data via a platform, e.g. using keys or access control rules to a single file or object, e.g. in a secure envelope, encrypted and accessed using a key, or with access control rules appended to the object itself
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F7/00—Methods or arrangements for processing data by operating upon the order or content of the data handled
- G06F7/58—Random or pseudo-random number generators
- G06F7/588—Random number generators, i.e. based on natural stochastic processes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/46—Multiprogramming arrangements
- G06F9/54—Interprogram communication
- G06F9/545—Interprogram communication where tasks reside in different layers, e.g. user- and kernel-space
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2107—File encryption
Abstract
The application discloses a method, a system and corresponding computer equipment for obtaining a hardware unique identifier, wherein the method comprises the following steps: the application layer generates and issues a first random number; the kernel module adds a secret key at the tail part of the first random number to obtain a first splicing string and sends an encryption string; the application layer decrypts, compares the first half section of the decrypted plaintext with the first random number, responds that the first half section of the decrypted plaintext is the same as the first random number, and takes the second half section of the plaintext as a secret key to be used by the kernel module in the next communication; the application layer generates a second random number and sends the encrypted random number; the kernel module reads the unique hardware identifier, splices the unique hardware identifier with the encrypted second random number to obtain a second spliced string, and encrypts and sends the second spliced string to the application layer; and the application layer decrypts, compares the decrypted random number part with the second random number, and determines that the decrypted hardware unique identifier is the real hardware unique identifier in response to the two random numbers being the same. The invention can obtain the unique hardware identifier in a credible way under the conditions that the kernel cannot be controlled and the network is not connected.
Description
Technical Field
The present application relates to the field of electrical digital data processing, and more particularly, to a method, system and corresponding computer device for obtaining a hardware unique identifier.
Background
The mobile terminal equipment has different development and cooperation modes in the development process. In some scenarios, the kernel and upper frameworks and applications belong to different development teams and business entities. During development, it is often necessary to confirm unique Identification (ID) of the device itself, such as serial number of CPU, serial number of emmc device, serial number of hard disk, etc., and these identification IDs are often used to authorize the operation of some software for the device.
The hardware device itself naturally contains unique IDs (CPU string number, hard disk string number, or a combination of these) that are distinctive, but how trustworthy these IDs can be obtained varies from scenario to scenario.
Because the privilege level of a CPU (central processing unit) in which system software such as an operating system kernel operates is higher, more and easier methods for the kernel to acquire the unique ID of the equipment exist, and the acquired ID is more credible. However, it is difficult for the application layer/user layer software to obtain such an ID because the application layer software is running at a lower CPU privilege level, all operations accessing the hardware are submitted to the kernel layer for execution, and the application layer has no convenient way to obtain the hardware ID. Of course, the kernel often exposes some common useful information, such as CPU chaining, which is the way the kernel is designed itself, regardless of the needs of the application layer. However, if the application layer wants to directly read such directly exposed information, the credibility is challenged, and as a result, the exposed information is read in the kernel and is displayed to the application layer software, but if the kernel is not credible, the information exposed to the upper layer software can be replaced at any time. After all, the development collaboration mode of the device determines that the application layer may not have control of the kernel.
The existing methods for authorizing the device to run by upper-layer software do not need to read the unique identification ID which cannot be tampered by the device, but instead rely on the software to dynamically generate the unique identification, so that the defect that the unique identification is replaced or tampered at any time can be caused due to the uncontrollable performance of a platform where the software is located. Therefore, necessary network connection is needed, under the condition of network connection, bidirectional identity verification can be carried out between the application software and the remote server, and signature encryption measures are adopted in network transmission, so that communication cannot be intercepted or tampered. And the server can monitor the number and identity of the software which is on line at the same time. The method can avoid reading the device hardware ID to uniquely identify a mobile device. The only disadvantage is that the mobile device must be kept online for part of the time by means of the network.
Disclosure of Invention
In order to overcome the defects in the prior art, the invention provides a method, a system and a corresponding computer device for obtaining the hardware unique identification, which can obtain the unique identification ID of the device hardware in a trusted way under the conditions of no kernel control right and no networking.
According to a first aspect of the present invention, there is provided a method for deriving a hardware unique identifier, the method comprising:
the application layer generates a first random number and issues the generated first random number to a kernel module running in a kernel;
the kernel module adds a secret key to be used in next communication at the tail part of the first random number to obtain a first splicing string, encrypts the first splicing string according to a first agreed algorithm to obtain a first encryption string, and sends the first encryption string to the application layer;
the application layer decrypts the first encryption string according to a first agreed algorithm, compares the first half section of the decrypted plaintext with a first random number generated previously, and takes the second half section of the plaintext as a secret key to be used in next communication in response to the fact that the first half section is the same as the first random number;
the application layer generates a second random number again, encrypts the second random number by using a second agreed algorithm by using the secret key to be used in the next communication and sends the encrypted second random number to the kernel module;
the kernel module reads the unique hardware identifier through an instruction, splices the read unique hardware identifier with an encrypted second random number to obtain a second spliced string, encrypts the second spliced string by using a secret key to be used in the next communication according to a second agreed algorithm and sends the encrypted second spliced string to the application layer;
and the application layer decrypts the encrypted second splicing string according to a second agreed algorithm, compares the decrypted random number part with a previously generated second random number, and determines that the decrypted hardware unique identifier is a real hardware unique identifier in response to that the decrypted random number part is the same as the second random number.
As an improvement of the method of the present invention, the method further comprises: determining that the kernel module is not trusted in response to the first half segment being different from the first random number or in response to the decrypted random number portion being different from the second random number.
As another improvement of the method of the present invention, the first agreed algorithm and the second agreed algorithm are the same or different algorithms, and/or the first agreed algorithm and the second agreed algorithm are kept secret from a third party.
According to a second aspect of the present invention, there is provided a system for deriving a hardware unique identifier, the system comprising:
the first random number generation issuing module is used for enabling the application layer to generate a first random number and issuing the generated first random number to a kernel module running in a kernel;
the first encryption sending module is used for enabling the kernel module to obtain a first splicing string by adding a secret key to be used in next communication at the tail part of the first random number, encrypting the first splicing string according to a first agreed algorithm to obtain a first encryption string and sending the first encryption string to the application layer;
a first decryption determining module, configured to enable the application layer to decrypt the first encrypted string according to a first agreed algorithm, compare a first half segment of a decrypted plaintext with a previously generated first random number, and take a second half segment of the plaintext as a key to be used in next communication in response to that the first half segment is the same as the first random number;
the second random number generating and sending module is used for enabling the application layer to generate a second random number again, encrypting the second random number by using a second agreed algorithm by using a secret key to be used in the next communication, and sending the encrypted second random number to the kernel module;
the second encryption sending module is used for enabling the kernel module to read the hardware unique identifier through the instruction, splicing the read hardware unique identifier with the encrypted second random number to obtain a second spliced string, encrypting the second spliced string by using the secret key to be used in the next communication according to a second agreed algorithm, and sending the encrypted second spliced string to the application layer;
and the second decryption determining module is used for enabling the application layer to decrypt the encrypted second spliced string according to a second agreed algorithm, comparing the decrypted random number part with a previously generated second random number, and determining that the decrypted hardware unique identifier is a real hardware unique identifier in response to the decrypted random number part being the same as the second random number.
According to a third aspect of the present invention, there is provided a computer readable storage medium having stored thereon a computer program which, when executed by a processor, carries out the steps of the method according to the first aspect of the present invention.
According to a fourth aspect of the present invention there is provided a computer device comprising a processor, a memory and a computer program stored on the memory and executable on the processor, wherein the steps of the method according to the first aspect of the present invention are implemented when the computer program is executed by the processor.
According to the invention, the kernel module which can be communicated with the application layer is arranged on the kernel layer, and one or more encryption algorithms are agreed between the application layer and the kernel module in advance, so that the real identity of the kernel module can be confirmed from the application layer under the condition-limited environment, such as the situation that the kernel code is uncontrollable and/or no network connection is available, and the intermediate result is prevented from being tampered, thereby realizing that the application layer obtains the real unique identifier of the hardware from the kernel module.
Other features and advantages of the present invention will become more apparent from the detailed description of the embodiments of the present invention when taken in conjunction with the accompanying drawings.
Drawings
FIG. 1 is a flow chart of one embodiment of a method according to the present invention;
FIG. 2 is a block diagram of one embodiment of a system according to the present invention.
For the sake of clarity, the figures are schematic and simplified drawings, which only show details which are necessary for understanding the invention and other details are omitted.
Detailed Description
Embodiments and examples of the present invention will be described in detail below with reference to the accompanying drawings.
The scope of applicability of the present invention will become apparent from the detailed description given hereinafter. It should be understood, however, that the detailed description and the specific examples, while indicating preferred embodiments of the invention, are given by way of illustration only.
Since the device information acquisition needs to be operated at a privilege level, the code for directly acquiring the device information needs to be operated in a kernel mode, but the whole kernel code belongs to partner development and belongs to an uncontrollable range, and then the use of a kernel module of my party is a necessary means. Although the kernel module may be limited by the kernel framework in theory to cause it to be inoperable, both parties can completely negotiate through business to ensure that the kernel module can operate normally (only operate normally). Although the kernel module of our party can be guaranteed to run in the kernel framework of the other party smoothly through business negotiation, the intermediate result cannot be prevented from being tampered. For this purpose, the true identity of the kernel module needs to be confirmed from the application layer, so that the true unique identification of the hardware is obtained from the kernel module.
After the kernel module runs, a channel for exchanging data is defined with an application layer program, and the channel can be a simple character device interface or netlink communication. Although these channels are in an insecure environment, intermediate results can be prevented from being tampered with by the method of the present invention.
Fig. 1 shows a flow chart of a preferred embodiment of the method for deriving a hardware unique identifier according to the present invention.
In step S102, the application layer generates a first random number and issues the generated first random number to a kernel module running in a kernel through a communication channel.
In step S104, the kernel module adds a key to be used in the next communication at the tail of the first random number to obtain a first concatenation string, where the key may be randomly generated inside the kernel module and may be randomly generated again in each communication process, and then encrypts the first concatenation string according to a first agreed algorithm to obtain a first encryption string, and sends the first encryption string to the application layer.
The first agreed algorithm may be the Diffie-Hellman key exchange algorithm proposed by Diffie and Hellman, which is:
(1) alice and Bob determine two large prime numbers n and g which are not kept secret;
(2) alice selects another large random number x and calculates a as follows: a ═ gx mod n;
(3) alice sends A to Bob;
(4) bob selects another large random number y and calculates B as follows: b ═ gy mod n;
(5) b is sent to Alice by Bob;
(6) the secret key K1 is calculated as follows: k1 ═ Bx mod n;
(7) the secret key K2 is calculated as follows: k2 ═ Ay mod n;
(8) k1 is K2 and therefore Alice and Bob can use it for encryption and decryption.
In step S106, the application layer decrypts the received first encrypted string according to the first agreed algorithm.
In step S108, the first half of the decrypted plaintext is compared with the previously generated first random number, and if the first half is the same as the first random number, the process proceeds to step S110. If the first half segment is different from the first random number, the process proceeds to step S150.
In step S110, the second half of the plaintext is used as the key to be used by the kernel module in the next communication.
In step S112, the application layer generates a second random number again, encrypts the second random number with a second agreed algorithm using the key to be used in the next communication, and sends the encrypted second random number to the kernel module. The algorithm of the second convention may be the same or different algorithm as the algorithm of the first convention. In a preferred embodiment, the algorithm of the second convention is different from the algorithm of the first convention, so that a plurality of reliable algorithms are used in a composite superposition mode, and the difficulty of solution is increased. Similarly, the first and second agreed algorithms can be kept secret from a third party, i.e. not disclosed, and the cracking difficulty can be increased, so that the security is improved.
In step S114, the kernel module reads the unique hardware identifier through the instruction, splices the read unique hardware identifier with the encrypted second random number to obtain a second spliced string, encrypts the second spliced string with the key to be used in the next communication according to a second agreed algorithm, and sends the encrypted second spliced string to the application layer.
At step S116, the application layer decrypts the encrypted second concatenation string according to the second agreed algorithm.
In step S118, the decrypted random number portion is compared with the previously generated second random number, and if the decrypted random number portion is the same as the second random number, the process proceeds to step S120. If the decrypted random number portion is different from the second random number, the process proceeds to step S150.
In step S120, the decrypted hardware unique identifier is used as the actual hardware unique identifier.
In step S150, it is determined that the kernel module is not trusted, processing ends and/or alert or feedback information is provided to the application layer.
Fig. 2 shows a block diagram of a preferred embodiment of a system for deriving a hardware unique identifier according to the present invention, the system comprising:
a first random number generation issuing module 202, configured to enable the application layer to generate a first random number and issue the generated first random number to a kernel module running in a kernel;
the first encryption sending module 204 is configured to enable the kernel module to obtain a first splicing string by adding a key to be used in next communication at the tail of the first random number, encrypt the first splicing string according to a first agreed algorithm to obtain a first encryption string, and send the first encryption string to the application layer;
a first decryption determining module 206, configured to enable the application layer to decrypt the first encrypted string according to a first agreed algorithm, compare a first half of a decrypted plaintext with a first random number generated previously, and take a second half of the plaintext as a key to be used in next communication in response to that the first half is the same as the first random number;
a second random number generation and transmission module 208, configured to enable the application layer to generate a second random number again, encrypt the second random number with a second agreed algorithm by using a key to be used in the next communication, and transmit the encrypted second random number to the kernel module;
the second encryption sending module 210 is configured to enable the kernel module to read the unique hardware identifier through the instruction, splice the read unique hardware identifier with the encrypted second random number to obtain a second spliced string, encrypt the second spliced string with the key to be used in the next communication according to a second agreed algorithm, and send the encrypted second spliced string to the application layer;
a second decryption determining module 212, configured to enable the application layer to decrypt the encrypted second concatenation string according to a second agreed algorithm, compare a decrypted random number portion with a previously generated second random number, and determine that the decrypted hardware unique identifier is a true hardware unique identifier in response to that the decrypted random number portion is the same as the second random number;
and an untrusted determining module 220, configured to determine that the kernel module is untrusted in response to the first half segment being different from the first random number or in response to the decrypted random number portion being different from the second random number.
In another embodiment, the invention provides a computer-readable storage medium having stored thereon a computer program which, when being executed by a processor, carries out the steps of the method shown and described in connection with fig. 1.
In another embodiment, the invention provides a computer device comprising a processor, a memory and a computer program stored on the memory and executable on the processor, wherein the steps of the method shown and described in connection with fig. 1 are implemented when the computer program is executed by the processor.
The various embodiments described herein, or certain features, structures, or characteristics thereof, may be combined as suitable in one or more embodiments of the invention. Additionally, in some cases, the order of steps depicted in the flowcharts and/or in the pipelined process may be modified, as appropriate, and need not be performed exactly in the order depicted. In addition, various aspects of the invention may be implemented using software, hardware, firmware, or a combination thereof, and/or other computer implemented modules or devices that perform the described functions. Software implementations of the present invention may include executable code stored in a computer readable medium and executed by one or more processors. The computer-readable medium may include a computer hard drive, ROM, RAM, flash memory, portable computer storage media such as CD-ROM, DVD-ROM, flash drives, and/or other devices with a Universal Serial Bus (USB) interface, and/or any other suitable tangible or non-transitory computer-readable medium or computer memory on which executable code may be stored and executed by a processor. The present invention may be used in conjunction with any suitable operating system.
As used herein, the singular forms "a", "an" and "the" include plural references (i.e., have the meaning "at least one"), unless the context clearly dictates otherwise. It will be further understood that the terms "has," "includes" and/or "including," when used in this specification, specify the presence of stated features, steps, operations, elements, and/or components, but do not preclude the presence or addition of one or more other features, steps, operations, elements, components, and/or groups thereof. The term "and/or" as used herein includes any and all combinations of one or more of the associated listed items.
The foregoing describes some preferred embodiments of the present invention, but it should be emphasized that the invention is not limited to these embodiments, but can be implemented in other ways within the scope of the inventive subject matter. Various modifications and alterations of this invention will become apparent to those skilled in the art without departing from the spirit and scope of this invention.
Claims (10)
1. A method for deriving a hardware unique identifier, the method comprising:
the application layer generates a first random number and issues the generated first random number to a kernel module running in a kernel;
the kernel module adds a secret key to be used in next communication at the tail of the first random number to obtain a first splicing string, encrypts the first splicing string by using a secret key generated by a first agreed algorithm to obtain a first encryption string, and sends the first encryption string to the application layer;
the application layer decrypts the first encryption string by using a key generated by a first agreed algorithm, compares the first half section of the decrypted plaintext with a previously generated first random number, and takes the second half section of the plaintext as a key to be used in next communication in response to the first half section being the same as the first random number;
the application layer generates a second random number again, encrypts the second random number by using a second agreed algorithm by using the secret key to be used in the next communication and sends the encrypted second random number to the kernel module;
the kernel module reads the unique hardware identifier through an instruction, splices the read unique hardware identifier with an encrypted second random number to obtain a second spliced string, encrypts the second spliced string by using a secret key to be used in the next communication according to a second agreed algorithm and sends the encrypted second spliced string to the application layer;
and the application layer decrypts the encrypted second splicing string according to a second agreed algorithm, compares the decrypted random number part with a previously generated second random number, and determines that the decrypted hardware unique identifier is a real hardware unique identifier in response to that the decrypted random number part is the same as the second random number.
2. The method of claim 1, further comprising:
determining that the kernel module is not trusted in response to the first half segment being different from the first random number or in response to the decrypted random number portion being different from the second random number.
3. The method of claim 1, wherein the first agreed algorithm and the second agreed algorithm are the same or different algorithms, and/or wherein the first agreed algorithm and the second agreed algorithm are kept secret from third parties.
4. The method of claim 1, wherein the first agreed algorithm is a Diffie-Hellman key exchange algorithm.
5. The method of claim 1, wherein the key to be used for the next communication is randomly generated within the kernel module.
6. A system for deriving a unique identifier for hardware, the system comprising:
the first random number generation issuing module is used for enabling the application layer to generate a first random number and issuing the generated first random number to a kernel module running in a kernel;
the first encryption sending module is used for enabling the kernel module to obtain a first splicing string by adding a secret key to be used in next communication at the tail part of the first random number, encrypting the first splicing string by using a secret key generated by a first agreed algorithm to obtain a first encryption string, and sending the first encryption string to the application layer;
a first decryption determining module, configured to enable the application layer to decrypt the first encrypted string with a key generated by a first agreed algorithm, compare a first half of a decrypted plaintext with a previously generated first random number, and take a second half of the plaintext as a key to be used in next communication in response to that the first half is the same as the first random number;
the second random number generating and sending module is used for enabling the application layer to generate a second random number again, encrypting the second random number by using a second agreed algorithm by using a secret key to be used in the next communication, and sending the encrypted second random number to the kernel module;
the second encryption sending module is used for enabling the kernel module to read the hardware unique identifier through the instruction, splicing the read hardware unique identifier with the encrypted second random number to obtain a second spliced string, encrypting the second spliced string by using the secret key to be used in the next communication according to a second agreed algorithm, and sending the encrypted second spliced string to the application layer;
and the second decryption determining module is used for enabling the application layer to decrypt the encrypted second spliced string according to a second agreed algorithm, comparing the decrypted random number part with a previously generated second random number, and determining that the decrypted hardware unique identifier is a real hardware unique identifier in response to the decrypted random number part being the same as the second random number.
7. The system of claim 6, further comprising:
and the untrusted determining module is used for determining that the kernel module is untrusted in response to the first half segment being different from the first random number or in response to the decrypted random number part being different from the second random number.
8. The system of claim 7, wherein the first agreed algorithm and the second agreed algorithm are the same or different algorithms, and/or wherein the first agreed algorithm and the second agreed algorithm are kept secret from third parties.
9. A computer-readable storage medium, on which a computer program is stored which, when being executed by a processor, carries out the steps of the method as claimed in claim 1.
10. A computer device comprising a processor, a memory and a computer program stored on the memory and executable on the processor, wherein the steps of the method according to claim 1 are implemented when the processor executes the computer program.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010202260.2A CN111523154B (en) | 2020-03-20 | 2020-03-20 | Method and system for obtaining hardware unique identifier and corresponding computer equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010202260.2A CN111523154B (en) | 2020-03-20 | 2020-03-20 | Method and system for obtaining hardware unique identifier and corresponding computer equipment |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111523154A CN111523154A (en) | 2020-08-11 |
| CN111523154B true CN111523154B (en) | 2021-03-02 |
Family
ID=71910508
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010202260.2A Active CN111523154B (en) | 2020-03-20 | 2020-03-20 | Method and system for obtaining hardware unique identifier and corresponding computer equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111523154B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115134331A (en) * | 2022-05-26 | 2022-09-30 | 四川福泰美科技有限公司 | System and method for generating unique identifier of industrial Internet of things |
Citations (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP0492692A2 (en) * | 1990-12-20 | 1992-07-01 | Delco Electronics Corporation | Remote accessing system |
| CN101159639A (en) * | 2007-11-08 | 2008-04-09 | 西安西电捷通无线网络通信有限公司 | One-way access authentication method |
| CN101572748A (en) * | 2009-06-15 | 2009-11-04 | 北京握奇数据系统有限公司 | Mobile phone card, mobile phone and method for starting mobile phone |
| CN101946456A (en) * | 2008-02-13 | 2011-01-12 | 松下电器产业株式会社 | Cipher processing method and cipher processing apparatus |
| CN102456111A (en) * | 2011-07-12 | 2012-05-16 | 中标软件有限公司 | Method and system for license control of Linux operating system |
| CN104639516A (en) * | 2013-11-13 | 2015-05-20 | 华为技术有限公司 | Method, equipment and system for authenticating identities |
| CN106372497A (en) * | 2016-08-31 | 2017-02-01 | 北京深思数盾科技股份有限公司 | Application programming interface (API) protection method and device |
| CN106708634A (en) * | 2016-12-09 | 2017-05-24 | 福建省天奕网络科技有限公司 | Communication method and system for VR application device and manufacturer device |
| CN107079195A (en) * | 2015-09-03 | 2017-08-18 | 松下电器(美国)知识产权公司 | Authentication method, Notification Method, source equipment and receiving device |
| CN108064436A (en) * | 2017-11-21 | 2018-05-22 | 深圳市汇顶科技股份有限公司 | Biometric information transmission method for building up, device, system and storage medium |
| CN109547450A (en) * | 2018-11-29 | 2019-03-29 | 北京元心科技有限公司 | Method, apparatus, electronic equipment and the computer media in operational safety execution domain |
| CN109753768A (en) * | 2017-11-06 | 2019-05-14 | 北京航天长峰科技工业集团有限公司 | A kind of WEB software enciphering method |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| TW535389B (en) * | 2001-07-03 | 2003-06-01 | Wistron Corp | Transaction system and method with automatic identification verification |
| CN108959982B (en) * | 2018-07-06 | 2021-08-24 | 江苏北弓智能科技有限公司 | Mobile terminal file encryption and decryption system and method based on hardware encryption TF card |
-
2020
- 2020-03-20 CN CN202010202260.2A patent/CN111523154B/en active Active
Patent Citations (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP0492692A2 (en) * | 1990-12-20 | 1992-07-01 | Delco Electronics Corporation | Remote accessing system |
| CN101159639A (en) * | 2007-11-08 | 2008-04-09 | 西安西电捷通无线网络通信有限公司 | One-way access authentication method |
| CN101946456A (en) * | 2008-02-13 | 2011-01-12 | 松下电器产业株式会社 | Cipher processing method and cipher processing apparatus |
| CN101572748A (en) * | 2009-06-15 | 2009-11-04 | 北京握奇数据系统有限公司 | Mobile phone card, mobile phone and method for starting mobile phone |
| CN102456111A (en) * | 2011-07-12 | 2012-05-16 | 中标软件有限公司 | Method and system for license control of Linux operating system |
| CN104639516A (en) * | 2013-11-13 | 2015-05-20 | 华为技术有限公司 | Method, equipment and system for authenticating identities |
| CN107079195A (en) * | 2015-09-03 | 2017-08-18 | 松下电器(美国)知识产权公司 | Authentication method, Notification Method, source equipment and receiving device |
| CN106372497A (en) * | 2016-08-31 | 2017-02-01 | 北京深思数盾科技股份有限公司 | Application programming interface (API) protection method and device |
| CN106708634A (en) * | 2016-12-09 | 2017-05-24 | 福建省天奕网络科技有限公司 | Communication method and system for VR application device and manufacturer device |
| CN109753768A (en) * | 2017-11-06 | 2019-05-14 | 北京航天长峰科技工业集团有限公司 | A kind of WEB software enciphering method |
| CN108064436A (en) * | 2017-11-21 | 2018-05-22 | 深圳市汇顶科技股份有限公司 | Biometric information transmission method for building up, device, system and storage medium |
| CN109547450A (en) * | 2018-11-29 | 2019-03-29 | 北京元心科技有限公司 | Method, apparatus, electronic equipment and the computer media in operational safety execution domain |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111523154A (en) | 2020-08-11 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10574446B2 (en) | Method and system for secure data storage and retrieval | |
| US10855452B2 (en) | Method and system for data security based on quantum communication and trusted computing | |
| JP7033120B2 (en) | Methods and systems for quantum key distribution based on trusted computing | |
| TWI701929B (en) | Cryptographic calculation, method for creating working key, cryptographic service platform and equipment | |
| CN112740733B (en) | Secure access method and device | |
| CN111737366B (en) | Private data processing method, device, equipment and storage medium of block chain | |
| CN111556025A (en) | Data transmission method, system and computer equipment based on encryption and decryption operations | |
| TWI706658B (en) | Cryptographic calculation, method for creating working key, cryptographic service platform and equipment | |
| JP6753403B2 (en) | Information processing equipment, authentication systems, authentication methods, and computer programs | |
| CN104641592A (en) | Method and system for a certificate-less authentication encryption (CLAE) | |
| JP6125523B2 (en) | Simplified management of group secrets by group members | |
| CN109800588B (en) | Dynamic bar code encryption method and device and dynamic bar code decryption method and device | |
| US9374221B1 (en) | Distributed protection of credential stores utilizing multiple keys derived from a master key | |
| CN107248980B (en) | Mobile application recommendation system and method with privacy protection function under cloud service | |
| CN112118245B (en) | Key management method, system and equipment | |
| US20210211275A1 (en) | Shared key system, information processing apparatus, equipment, shared key method and program | |
| CN111008400A (en) | Data processing method, device and system | |
| CN111523154B (en) | Method and system for obtaining hardware unique identifier and corresponding computer equipment | |
| CN113890724A (en) | Access authentication method and system for power Internet of things communication equipment | |
| CN115795446A (en) | Method for processing data in trusted computing platform and management device | |
| CN115801232A (en) | Private key protection method, device, equipment and storage medium | |
| CN112437436A (en) | Identity authentication method and device | |
| CN113595742B (en) | Data transmission method, system, computer device and storage medium | |
| CN116132134A (en) | Data transmission method and device, electronic equipment and storage medium | |
| Dinca et al. | A framework for user-centric key sharing in personal sensor networks |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20230511 Address after: Room 401, Floor 4, No. 2, Haidian East Third Street, Haidian District, Beijing 100080 Patentee after: Yuanxin Information Technology Group Co.,Ltd. Address before: 100080 401-06, 4th floor, 2 Haidian East 3rd Street, Haidian District, Beijing Patentee before: YUANXIN TECHNOLOGY |
|
| TR01 | Transfer of patent right |