CN112671534A - Service key management method, service terminal and system based on biological characteristics - Google Patents
Service key management method, service terminal and system based on biological characteristics Download PDFInfo
- Publication number
- CN112671534A CN112671534A CN202011511456.6A CN202011511456A CN112671534A CN 112671534 A CN112671534 A CN 112671534A CN 202011511456 A CN202011511456 A CN 202011511456A CN 112671534 A CN112671534 A CN 112671534A
- Authority
- CN
- China
- Prior art keywords
- information
- service key
- key
- license
- client
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Landscapes
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
- Storage Device Security (AREA)
Abstract
The application discloses a business key management method based on biological characteristics, a server and a system, wherein the method is applied to the server and comprises the following steps: acquiring first request information sent by a first client, wherein the first request information is used for requesting a server to process data to be processed by using a stored service key, and the first request information comprises first biological characteristics of a user requesting the service key; obtaining permission information corresponding to the service key based on the first request information; analyzing the license information and the first biological characteristics respectively to determine whether the license information meets a first preset condition and whether the first biological characteristics meets a second preset condition; and calling the service key corresponding to the first request message under the condition that the permission message is determined to accord with the first preset condition and the first biological characteristic accords with the second preset condition. The method can prevent the service key from being leaked or illegally used, and can also carry out biological characteristic authentication on the requesting user to ensure the legal identity of the requesting user.
Description
Technical Field
The present application relates to the field of information security, and in particular, to a method, a server and a system for managing a service key based on biometric features.
Background
In the field of information security, a user needs to use a service key to process a target task, for example, to use the service key to perform digital signature or data decryption on data to be processed. However, in a specific usage scenario, once the service key is sent to a specific handler, the usage of the service key cannot be effectively controlled. This requires the service key owner to effectively manage the service key, including authenticating the identity of the user of the service key and giving permission to the corresponding service key if the identity meets the requirements. At present, however, there is no effective way to determine the identity of the user, and the use of the service key cannot be effectively managed, thereby causing a potential safety hazard in the use process of the service key.
Disclosure of Invention
An object of the embodiments of the present application is to provide a method, a server, and a system for managing a service key based on a biometric feature, where the method can prevent the service key from being leaked or illegally used, and when the service key is called, the server can ensure a legal identity of a requesting user by determining a first biometric feature of the requesting user sent by a first client, so as to effectively prevent the service key from being leaked or illegally used.
In order to solve the technical problem, the embodiment of the application adopts the following technical scheme: a business key management method based on biological characteristics is applied to a server and comprises the following steps:
acquiring first request information sent by a first client, wherein the first request information is used for requesting a server to process data to be processed by using a stored service key, and the first request information comprises a first biological characteristic of a request user of the service key;
obtaining license information corresponding to the service key based on the first request information, wherein the license information comprises at least one license term for using the service key;
analyzing the permission information and the first biological characteristics respectively, and determining whether the permission information meets a first preset condition and whether the first biological characteristics meets a second preset condition;
and under the condition that the permission information is determined to meet the first preset condition and the first biological characteristic meets the second preset condition, calling the service key corresponding to the first request information to process the data to be processed.
Optionally, the analyzing the permission information and the first biological characteristics respectively to determine whether the permission information meets a first preset condition and whether the first biological characteristics meets a second preset condition includes:
comparing the first biological characteristic with a stored second biological characteristic, wherein the second biological characteristic is associated with the license information in advance;
and under the condition that the first biological characteristic is determined to be the same as the stored second biological characteristic, determining identity information corresponding to the first biological characteristic so as to determine that the first biological characteristic meets the second preset condition.
Optionally, the first and second biometric characteristics each include at least one of the following unique characteristics: facial features, fingerprint features, and iris features;
correspondingly, the comparing the first biometric characteristic with the stored second biometric characteristic includes:
comparing the single feature of the first biometric feature with a corresponding single feature of the second biometric feature.
Optionally, the analyzing the permission information and the first biological characteristics respectively to determine whether the permission information meets a first preset condition and whether the first biological characteristics meets a second preset condition includes:
acquiring a license signature of the license information;
in a case where the license signature is valid, determining whether the license information is valid based on the license signature, wherein the first preset condition includes a condition that the license information is valid.
Optionally, the analyzing the permission information and the first biological characteristics respectively to determine whether the permission information meets a first preset condition and whether the first biological characteristics meets a second preset condition includes:
acquiring first use information using the service key in the license terms, and acquiring second use information using the service key in the first request information;
determining whether the first-use information is consistent with the second-use information, wherein the first preset condition includes a condition that the first-use information is consistent with the second-use information.
Optionally, the method further comprises: and receiving the license information which is sent by a second client and subjected to license signature and a second biological characteristic which is associated with the license information, wherein the second biological characteristic is a biological characteristic of a target object authorized to use the service key, and the biological characteristic of the target object comprises the first biological characteristic of the requesting user.
Optionally, the method further includes an operation of obtaining the service key, where the operation includes:
acquiring second request information sent by the second client, wherein the second request information comprises user information and/or client key information in the second client, and the client key information comprises a public key of a personal key and/or an identifier of the personal key in the second client;
generating the corresponding service key based on the second request information;
and binding the user information and/or the client key information with the generated service key.
Optionally, the method further includes an operation of obtaining the service key, where the operation includes:
receiving the service key directly imported by external equipment or imported by the second client;
acquiring the user information and/or the client key information sent by the second client, wherein the client key information comprises a public key of a personal key and/or an identifier of the personal key in the second client;
and binding the user information and/or the client key information with the acquired service key.
Optionally, the method further comprises: receiving the to-be-processed data sent by the first client, wherein the to-be-processed data is associated with the first biological characteristic.
Optionally, the first request information further includes at least one of: and the user information, the personal key information and the service key identification in the first client.
The embodiment of the present application further provides a service key management method based on biological characteristics, applied to a first client, including:
sending first request information to a server, so that the server acquires license information corresponding to a service key based on the first request information, wherein the first request information is used for requesting the server to process data to be processed by using the stored service key, the first request information includes a first biological characteristic of a requesting user of the service key, and the license information includes at least one license term for using the service key;
and receiving a processing result sent by the server and used for processing the data to be processed through the service key, wherein the processing result is a result obtained by analyzing the license information and the first biological characteristics by the server respectively, and calling the service key corresponding to the first request information to process the data to be processed under the condition that the license information meets a first preset condition and the first biological characteristics meet a second preset condition.
An embodiment of the present application further provides a server, including:
a first acquisition module configured to: acquiring first request information sent by a first client, wherein the first request information is used for requesting a server to process data to be processed by using a stored service key, and the first request information comprises a first biological characteristic of a request user of the service key;
a second acquisition module configured to: obtaining license information corresponding to the service key based on the first request information, wherein the license information comprises at least one license term for using the service key;
a processing module configured to: analyzing the permission information and the first biological characteristics respectively, and determining whether the permission information meets a first preset condition and whether the first biological characteristics meets a second preset condition;
and under the condition that the permission information is determined to meet the first preset condition and the first biological characteristic meets the second preset condition, calling the service key corresponding to the first request information to process the data to be processed.
An embodiment of the present application further provides a management system, including the server described above, further including at least one first client described above, and the second client described above.
An embodiment of the present application further provides a computer-readable storage medium, where instructions are stored in the computer-readable storage medium, and when the instructions are executed on a computer, the following steps are implemented:
acquiring first request information sent by a first client, wherein the first request information is used for requesting a server to process data to be processed by using a stored service key, and the first request information comprises a first biological characteristic of a request user of the service key;
obtaining license information corresponding to the service key based on the first request information, wherein the license information comprises at least one license term for using the service key;
analyzing the permission information and the first biological characteristics respectively, and determining whether the permission information meets a first preset condition and whether the first biological characteristics meets a second preset condition;
and under the condition that the permission information is determined to meet the first preset condition and the first biological characteristic meets the second preset condition, calling the service key corresponding to the first request information to process the data to be processed.
The beneficial effects of the embodiment of the application are that: the business key management method based on the biological characteristics enables the server side to host the business key and prevents the business key from being leaked or illegally used. When the service key is called, the server side can judge the first biological characteristic of the requesting user sent by the first client side, guarantee the legal identity of the requesting user, determine that the requesting user has the right to use the service key, and further guarantee the safety of the service key while flexibly using the service key.
Drawings
Fig. 1 is a flowchart of a method for managing a service key based on a biometric feature according to an embodiment of the present application;
FIG. 2 is a flowchart of one embodiment of step S2 of FIG. 1 according to an embodiment of the present application;
FIG. 3 is a flowchart illustrating another embodiment of step S2 in FIG. 1 according to an embodiment of the present application;
FIG. 4 is a flowchart of another embodiment of step S2 in FIG. 1 according to an embodiment of the present application;
fig. 5 is a block diagram of a server according to an embodiment of the present application.
Detailed Description
Various aspects and features of the present application are described herein with reference to the drawings.
It will be understood that various modifications may be made to the embodiments of the present application. Accordingly, the foregoing description should not be construed as limiting, but merely as exemplifications of embodiments. Those skilled in the art will envision other modifications within the scope and spirit of the application.
The accompanying drawings, which are incorporated in and constitute a part of the specification, illustrate embodiments of the application and, together with a general description of the application given above and the detailed description of the embodiments given below, serve to explain the principles of the application.
These and other characteristics of the present application will become apparent from the following description of preferred forms of embodiment, given as non-limiting examples, with reference to the attached drawings.
It is also to be understood that although the present application has been described with reference to some specific examples, those skilled in the art are able to ascertain many other equivalents to the practice of the present application.
The above and other aspects, features and advantages of the present application will become more apparent in view of the following detailed description when taken in conjunction with the accompanying drawings.
Specific embodiments of the present application are described hereinafter with reference to the accompanying drawings; however, it is to be understood that the disclosed embodiments are merely exemplary of the application, which can be embodied in various forms. Well-known and/or repeated functions and constructions are not described in detail to avoid obscuring the application of unnecessary or unnecessary detail. Therefore, specific structural and functional details disclosed herein are not to be interpreted as limiting, but merely as a basis for the claims and as a representative basis for teaching one skilled in the art to variously employ the present application in virtually any appropriately detailed structure.
The specification may use the phrases "in one embodiment," "in another embodiment," "in yet another embodiment," or "in other embodiments," which may each refer to one or more of the same or different embodiments in accordance with the application.
The method for managing the business key based on the biological characteristics can be applied to a server, the server can be a server or other electronic equipment with functions similar to the server, and the method can use the server to host the business key. The server side can be connected with at least one client side and conducts data interaction.
In this embodiment, the service key is not handed to the client but is kept by the server, so as to ensure the security of the service key. The first client sends the first request information to the server, and requests the server to process the to-be-processed data by using the stored service key, wherein the first client may be a client corresponding to a requesting user. Of course, the service key may be generated by the server, or may be sent to the server in advance by a client having an authority or other clients (e.g., a client where an owner of the service key is located), so that the service key is stored on the server for use when used.
The first request message includes a first biometric characteristic of the service key requesting the user, and the first biometric characteristic may be one or more of a facial characteristic, a fingerprint characteristic, and an iris characteristic requested to the user. The first biometric can be used to prove the identity of the requesting user. Of course, the first request message also includes the user information, the personal key information and/or the service key identifier of the requesting user.
The server can obtain the license information corresponding to the service key based on the first request information. And the server side can analyze the license information and the first biological characteristics respectively to determine whether the license information meets a first preset condition and whether the first biological characteristics meets a second preset condition. The server can start the obtaining action when the license information is used, and the license information can be provided to the server by the client or can be obtained from the memory by the server instantly.
And the server side calls the service key corresponding to the first request information to process the data to be processed under the condition that the permission information is determined to accord with the first preset condition and the first biological characteristic is determined to accord with the second preset condition. For example, if the server determines that the license information is valid, the license information is not logically contradicted with the first request information, and the request content of the first request information is consistent with the usage of the service key, the license information is considered to meet the first preset condition. And if the server determines that the first biological characteristic is legal or that the first biological characteristic conforms to the preset biological characteristic of the owner of the service key, the server can determine that the first biological characteristic conforms to the second preset condition. And the service terminal calls the service key to process the data to be processed.
In the method, the service end can host the service key, so that the service key is prevented from being leaked or illegally used. When the service key is called, the server side can judge the first biological characteristic of the requesting user sent by the first client side, guarantee the legal identity of the requesting user, determine that the requesting user has the right to use the service key, and further guarantee the safety of the service key while flexibly using the service key.
In order to better understand the technical solutions, the technical solutions of the present invention are described in detail below with reference to the drawings and specific embodiments, and it should be understood that the specific features in the embodiments and examples of the present invention are detailed descriptions of the technical solutions of the present invention, and are not limitations of the technical solutions of the present invention, and the technical features in the embodiments and examples of the present invention may be combined with each other without conflict.
Fig. 1 is a flowchart of a method for managing a service key based on a biometric feature according to an embodiment of the present application; the business key management method based on the biological characteristics in the embodiment of the application can be applied to a server side, and as shown in fig. 1, the method includes the following steps:
s1, acquiring first request information sent by a first client, where the first request information is used to request a server to process pending data using a stored service key, and the first request information includes a first biological characteristic of a requesting user of the service key.
The service end can be connected with one or more client ends, and a user of the service key or an owner of the service key corresponds to the corresponding client end. Of course, the owner of the service key may also be the user of the service key, and is not limited herein. In this embodiment, the first client may be a client corresponding to a service key requesting user. The first client sends first request information to the server to request the server to process the data to be processed by using the stored service key. The first request message includes a first biometric characteristic of the requesting user of the service key, which may be one or more of a facial characteristic, a fingerprint characteristic, and an iris characteristic requested to the user. The first request information may further include at least one of: user information, personal key information and service key identification in the first client. Wherein, the user information can be the related information of the requesting user of the service key; the personal key information may be a personal key that the requesting user has, such as a public key of the personal key and/or an ID of the personal key; the service key identifier may be information provided by the user about the service key requested to be used, such as an ID of the service key requested to be used.
S2, obtaining the license information corresponding to the service key based on the first request information, wherein the license information includes at least one license term for using the service key.
The server receives the first request message, and can acquire the license information corresponding to the service key according to at least one feature message contained in the first request message. For example, the corresponding license information is obtained according to the first biological characteristic of the requesting user, the user information, the personal key information and the service key identifier, and the license information may be pre-stored by the server or may be obtained by the server from the client. The license information includes at least one license term for using the service key. The license terms may be specific content licensed by the owner of the business key. Of course, if the same service key corresponds to different first clients, the license terms may not be the same. This makes the service key have different use modes for different users, and the use mode is flexible. And the license terms characterize the specific manner of use of the service key. Such as license effective time, license expiration time, license use times, usage information, etc., thereby ensuring that the service key cannot be used illegally while ensuring that the user uses the service key.
S3, analyzing the license information and the first biological characteristics respectively, and determining whether the license information meets a first preset condition and whether the first biological characteristics meets a second preset condition.
The first biometric characteristic of the requesting user may be one or more of facial characteristics, fingerprint characteristics, and iris characteristics. In this embodiment, one or more of facial features, fingerprint features, and iris features of the requesting user may be analyzed. To determine whether the information meets a second predetermined condition, such as meeting the biometric characteristic required by the service key owner. And the server side needs to analyze the license information to determine whether the license information meets the first preset condition. For example, the server needs to determine whether the license information is valid, whether the license information is logically contradicted with the first request information, whether the request content of the first request information is consistent with the usage of the service key, and the like, and when all the above sub-conditions are satisfied, it may be determined that the license information satisfies the first preset condition.
S4, if it is determined that the permission information meets the first preset condition and the first biological characteristic meets the second preset condition, invoking the service key corresponding to the first request information to process the to-be-processed data.
In this embodiment, the first biological characteristic meets the second preset condition, and it can be determined that the identity of the requesting user meets the requirement of the owner of the service key, so as to further ensure the security of the service key. In this embodiment, it is also necessary to determine that the license information meets the first preset condition, and the server may call the service key to process the data to be processed to generate a corresponding processing result, so as to further improve the security of using the service key. After the processing result is generated, the server side can also send the processing result to the first client side, so that the use requirement of a user of the service key is met. In addition, specific contents of the first preset condition and the second preset condition may be set according to actual use requirements, for example, the first preset condition may be set according to specific contents of the service key and a security degree of the service key by the service end. The second predetermined condition may be adjusted according to a change in the appearance of the requesting user, such as a change in the fatness of the facial features of the requesting user.
In an embodiment of the application, the analyzing the license information and the first biometric characteristic respectively to determine whether the license information meets a first preset condition and whether the first biometric characteristic meets a second preset condition, as shown in fig. 2, includes:
s21, comparing the first biometric characteristic with a stored second biometric characteristic, wherein the second biometric characteristic is associated with the license information in advance.
Specifically, the second biometric may be a biometric of a target object provided by an owner of the service key and allowing use of the service key, and the target object may be the requesting user and/or an object related to the requesting user, such as a superior of the requesting user. The second biometric feature may be associated with the license information in advance, for example, the owner may bind the second biometric feature with the license information and send the binding-related information to the server for storage. After the first client sends the first request message to the server, the server may compare the first biometric characteristic in the first request message with the stored second biometric characteristic, and the specific comparison process may be a comparison of each single characteristic.
And S22, determining identity information corresponding to the first biological characteristic under the condition that the first biological characteristic is determined to be the same as the stored second biological characteristic, so as to determine that the first biological characteristic meets the second preset condition.
Specifically, in one aspect, in the case that the first biometric is identical to the stored second biometric, identity information corresponding to the first biometric is determined. That is, only when all the single features in the first biometric feature are the same as the corresponding features in the second biometric feature, the identity information corresponding to the first biometric feature can be determined, and it is further determined that the first biometric feature meets the second preset condition. On the other hand, in the case that the similarity between the first biometric characteristic and the stored second biometric characteristic is greater than the preset value, if most of the plurality of single characteristics are the same as the corresponding characteristics in the second biometric characteristic, but only individual single characteristics are different, the different single characteristics may be reviewed, or the first client may be required to further provide the certification information to further determine the identity information corresponding to the first biometric characteristic. In another aspect, when the similarity between the first biometric characteristic and the stored second biometric characteristic is greater than a preset value, the identity information corresponding to the first biometric characteristic may be determined to determine that the first biometric characteristic meets the second preset condition, and if the security requirement is not high, the determination mode may be selected to improve the processing efficiency. The above judgment processes can make corresponding selection according to the actual use condition.
In one embodiment of the present application, the first and second biometric characteristics each include at least one of the following unique characteristics: facial features, fingerprint features, and iris features;
correspondingly, the comparing the first biometric characteristic with the stored second biometric characteristic includes:
comparing the single feature of the first biometric feature with a corresponding single feature of the second biometric feature.
Specifically, when the server compares the first facial feature in the first biological feature with the second facial feature in the second biological feature, the first fingerprint feature in the first biological feature is compared with the second fingerprint feature in the second biological feature, and the first iris feature in the first biological feature is compared with the second iris feature in the second biological feature. If all of the unique features are the same, the first biometric may be considered the same as the second biometric. Of course, if there is only a single feature in the first biometric feature, then only the single feature needs to be compared with the corresponding single feature in the second biometric feature.
In an embodiment of the application, the analyzing the license information and the first biometric characteristic respectively to determine whether the license information meets a first preset condition and whether the first biometric characteristic meets a second preset condition, as shown in fig. 3, includes:
s23, obtaining a license signature of the license information;
s24, determining whether the license information is valid based on the license signature in case that the license signature is valid, wherein the first preset condition includes a condition that the license information is valid.
Specifically, the license signature may be a signature possessed by the owner of the service key, thereby ensuring that the owner of the service key agrees to license the service key and also ensuring the validity and validity of the license information. Having a public key that verifies whether the license signature is valid may verify whether the signature is valid based on the owner of the service key. And the owner's public key may be provided by the second client to which the owner corresponds. If the license signature is valid, it may be verified whether the license information is valid based on the license signature. The first preset condition includes a condition that the license information is valid, that is, the license information may be valid on the premise that the license information meets the first preset condition. Of course, the first preset condition may also include other conditions.
In an embodiment of the application, the analyzing the license information and the first biometric characteristic respectively to determine whether the license information meets a first preset condition and whether the first biometric characteristic meets a second preset condition, as shown in fig. 4, includes:
s25, acquiring first use information of the service key in the license terms and acquiring second use information of the service key in the first request information;
s26, determining whether the first use information is consistent with the second use information, wherein the first preset condition includes a condition that the first use information is consistent with the second use information.
Specifically, in this embodiment, on one hand, under the condition that it is determined that the permission information meets the first preset condition, the service key is called to process the data to be processed; on the other hand, under the condition that the permission information and/or the service key are determined to meet the first preset condition, the service key is called to process the data to be processed. In the first aspect, the license term has first use information for using the service key, and the first request information also has second use information for using the service key, such as encryption, signature, and the like. The first usage information may be a sub-condition of the first preset condition if the first usage information is consistent with the second usage information. That is, if the first-use information and the second-use information are required to be consistent when the service key is started to be called, if the license service key in the license terms is signed for use and the purpose of the service key requested in the first request information is also signed for use, the first-use information and the second-use information can be considered to be consistent. For another aspect, the service key itself has third purpose information, such as encryption, decryption, signature verification, mac calculation, etc. When the first use information, the second use information, and the third use information are all identical, it may be considered that the sub-condition of the first preset condition is satisfied. For example, a first client corresponding to a user initiates a "signature" request, and a server checks whether the permitted usage of a service key includes a "signature" function, if so, the service key is considered to be "signed", otherwise, if the service key does not have the "signature" function, and the first request information requests to be signed by using the service key, the service key is considered to be unable to satisfy a first preset condition.
In one embodiment of the present application, the method further comprises: and receiving the license information which is sent by a second client and subjected to license signature and a second biological characteristic which is associated with the license information, wherein the second biological characteristic is a biological characteristic of a target object authorized to use the service key, and the biological characteristic of the target object comprises the first biological characteristic of the requesting user.
Specifically, the license signature is a personal key signature of the second client corresponding to the owner of the service key. And the license information includes the authorized person information and/or the authorized person personal key information. Therefore, when the server side obtains the license information, the information of the person to be authorized and/or the personal key information of the person to be authorized in the license information can be analyzed, and whether the license information is matched with the first request information sent by the first client side or not can be further judged, if the user information of the requesting user contained in the first request information is consistent with the information of the person to be authorized in the license information, and/or the personal key information contained in the first request information is consistent with the personal key information of the person to be authorized in the license information, the corresponding license information can be obtained.
In one aspect, in this embodiment, the second biometric is associated with the license information, such that the second biometric of the requesting user may be associated with the license information sent by the owner of the service key. The specific association operation may be to associate the second biometric characteristic with information having a unique identifier in the license information, for example, to associate the ID of the second biometric characteristic with the information of the authorized person and/or the ID of the personal key of the authorized person in the license information, so as to achieve the association between the second biometric characteristic and the license information. The second biometric is a biometric of a target object authorized to use the service key, and the target object may be a requesting user of the service key, and may also include related objects of the requesting user, such as an upper level of the requesting user and/or an object specified by the requesting user. The target object biometric comprises a first biometric of the requesting user and a biometric of a related object of the requesting user. Thereby facilitating flexible authorization to use the service key.
On the other hand, the second biometric feature may also be included in the license information as part of the content of the license information, so that the second biometric feature is considered to be integrally associated with other content (e.g., license terms) in the license information, so that the served end can conveniently compare the second biometric feature with the first biometric feature of the requesting user, and then determine whether to give the service key licensed for use in the license terms based on the comparison result.
In an embodiment of the present application, the method further includes an operation of obtaining the service key, where the operation includes:
acquiring second request information sent by the second client, wherein the second request information comprises user information and/or client key information in the second client, and the client key information comprises a public key of a personal key and/or an identifier of the personal key in the second client;
generating the corresponding service key based on the second request information;
and binding the user information and/or the client key information with the generated service key.
Specifically, the second client may be a client corresponding to an owner of the service key, and the second client may generate all the service keys thereof through the server. For example, the owner of the service end may be the owner of the service key, so that the service end may log in the service end by using the second client, and generate the service key owned by the service end. The generating operation includes: and the second client sends second request information to the server, wherein the second request information comprises the information related to the authorization intention of the owner of the service key and also comprises user information and/or client key information of the second client corresponding to the owner. The client key information includes a public key of the personal key of the second client and/or an identification of the personal key, such as a personal key ID, and a corresponding service key may be generated according to the user information related to the owner, the public key of the personal key and/or the identification of the personal key, and according to the authorization intention of the owner. In this embodiment, the user information and/or the client key information may be bound with the generated service key, for example, the service key, the user information, and the client key information are packaged into a data packet, and the data packet is calculated to have a key check code, which may be a digital signature, an HMAC, a CMAC, or the like. Binding the user information and/or client key information with the generated service key may associate the service key with information of its owner.
In an embodiment, since the owner of the service key may also be a user of the service key, in a case that the owner needs to use the service key, the second client needs to send the first request message to the server to request the server to invoke the service key to process the preprocessed data, in which case the second client corresponding to the owner of the service key is equal to the first client.
In an embodiment of the present application, the method further includes an operation of obtaining the service key, where the operation includes:
receiving the service key directly imported by external equipment or imported by the second client;
acquiring the user information and/or the client key information sent by the second client, wherein the client key information comprises a public key of a personal key and/or an identifier of the personal key in the second client;
and binding the user information and/or the client key information with the acquired service key.
Specifically, the method for the server to obtain the service key is not limited to self-generation, and can also be obtained by other methods. In this embodiment, the service key may be imported by an external device (such as a mobile phone shield or a device of another service organization), and the importing mode may be that the external device is directly connected to the server, so as to perform an importing operation, so that the server obtains and stores the service key. Or the external device sends the service key to the second client, namely the client corresponding to the owner of the service key, and the second client sends the service key to the server so that the server acquires and stores the service key. In addition, the second client sends user information and/or client key information associated with the owner to the server, wherein the client key information comprises a public key of a personal key in the second client and/or an identification of the personal key, such as a personal key ID. It should be noted that, when sending the service key, the user information and/or the client key information, the second client may send them separately, or may send the service key, the user information and/or the client key information to the server at the same time, and the sending method is not limited herein. After receiving the user information and/or the client key information, the server may bind the user information and/or the client key information with the obtained service key, and may associate the service key with the information of its owner.
In one embodiment of the present application, the method further comprises: receiving the to-be-processed data sent by the first client, wherein the to-be-processed data is associated with the first biological characteristic.
Specifically, the to-be-processed data may be that the first client sends the first request information to the server and sends the to-be-processed data to the server at the same time, and the to-be-processed data may be that the first client signs the to-be-processed data by using a personal key related to a user, so that it is ensured that the to-be-processed data is not modified in the process of being transmitted to the server, and the security of the to-be-processed data is increased. In this implementation, the pending data may be associated with the first biometric characteristic, such that the pending data is associated with the identity information of the requesting user.
In one embodiment of the present application, the first request information further includes at least one of: and the user information, the personal key information and the service key identification in the first client.
The user information in the first client can be the related information of the requesting user of the service key; the personal key information in the first client may be a personal key that the requesting user has, such as a public key of the personal key and/or an ID of the personal key; the service key identifier in the first client may be related information provided by the user with the service key requested by the user, such as an ID of the service key requested to be used.
In one embodiment of the present application, the method further comprises:
encrypting the processing result based on a public key of the individual key;
and sending the encrypted processing result to the first client so that the first client decrypts the processing result through a private key of the personal key.
In one embodiment of the present application, the license terms include at least one of: license validation time, license expiration time, number of license uses, and usage information.
The application also provides a business key management method based on biological characteristics, which is applied to a first client and comprises the following steps:
sending first request information to a server, so that the server acquires license information corresponding to a service key based on the first request information, wherein the first request information is used for requesting the server to process data to be processed by using the stored service key, the first request information includes a first biological characteristic of a requesting user of the service key, and the license information includes at least one license term for using the service key;
and receiving a processing result sent by the server and used for processing the data to be processed through the service key, wherein the processing result is a result obtained by analyzing the license information and the first biological characteristics by the server respectively, and calling the service key corresponding to the first request information to process the data to be processed under the condition that the license information meets a first preset condition and the first biological characteristics meet a second preset condition.
Specifically, the server may be connected to one or more clients, and a user of the service key or an owner of the service key corresponds to each client. Of course, the owner of the service key may also be the user of the service key, and is not limited herein. In this embodiment, the first client may be a client corresponding to a service key requesting user. The first client sends first request information to the server to request the server to process the data to be processed by using the stored service key. The first request message includes a first biometric characteristic of the requesting user of the service key, which may be one or more of a facial characteristic, a fingerprint characteristic, and an iris characteristic requested to the user. The first request information may further include at least one of: user information, personal key information and service key identification in the first client. Wherein, the user information can be the related information of the requesting user of the service key; the personal key information may be a personal key that the requesting user has, such as a public key of the personal key and/or an ID of the personal key; the service key identifier may be information provided by the user about the service key requested to be used, such as an ID of the service key requested to be used.
The server receives the first request message, and can acquire the license information corresponding to the service key according to at least one feature message contained in the first request message. For example, the corresponding license information is obtained according to the first biological characteristic of the requesting user, the user information, the personal key information and the service key identifier, and the license information may be pre-stored by the server or may be obtained by the server from the client. The license information includes at least one license term for using the service key. The license terms may be specific content licensed by the owner of the business key. Of course, if the same service key corresponds to different first clients, the license terms may not be the same. This makes the service key have different use modes for different users, and the use mode is flexible. And the license terms characterize the specific manner of use of the service key. Such as license effective time, license expiration time, license use times, usage information, etc., thereby ensuring that the service key cannot be used illegally while ensuring that the user uses the service key.
The first biometric characteristic of the requesting user may be one or more of facial characteristics, fingerprint characteristics, and iris characteristics. In this embodiment, one or more of facial features, fingerprint features, and iris features of the requesting user may be analyzed. To determine whether the information meets a second predetermined condition, such as meeting the biometric characteristic required by the service key owner. And the server side needs to analyze the license information to determine whether the license information meets the first preset condition. For example, the server needs to determine whether the license information is valid, whether the license information is logically contradicted with the first request information, whether the request content of the first request information is consistent with the usage of the service key, and the like, and when all the above sub-conditions are satisfied, it may be determined that the license information satisfies the first preset condition.
In this embodiment, the first biological characteristic meets the second preset condition, and it can be determined that the identity of the requesting user meets the requirement of the owner of the service key, so as to further ensure the security of the service key. In this embodiment, it is also necessary to determine that the license information meets the first preset condition, and the server may call the service key to process the data to be processed to generate a corresponding processing result, so as to further improve the security of using the service key. After the processing result is generated, the server side can also send the processing result to the first client side, so that the use requirement of a user of the service key is met. In addition, specific contents of the first preset condition and the second preset condition may be set according to actual use requirements, for example, the first preset condition may be set according to specific contents of the service key and a security degree of the service key by the service end. The second predetermined condition may be adjusted according to a change in the appearance of the requesting user, such as a change in the fatness of the facial features of the requesting user.
An embodiment of the present application further provides a server, where the server may be a server or other electronic devices having functions similar to the server, as shown in fig. 5, and the server includes:
a first acquisition module configured to: the method comprises the steps of obtaining first request information sent by a first client, wherein the first request information is used for requesting a server to process data to be processed by using a stored service key, and the first request information comprises first biological characteristics of a request user of the service key.
The service end can be connected with one or more client ends, and a user of the service key or an owner of the service key corresponds to the corresponding client end. Of course, the owner of the service key may also be the user of the service key, and is not limited herein. In this embodiment, the first client may be a client corresponding to a service key requesting user. The first client sends first request information to the server to request the server to process the data to be processed by using the stored service key. The first acquiring module acquires the first request message, wherein the first request message comprises a first biological characteristic of a user requesting the service key, and the first biological characteristic can be one or more of facial characteristics, fingerprint characteristics and iris characteristics requested to the user. The first request information may further include at least one of: user information, personal key information and service key identification in the first client. Wherein, the user information can be the related information of the requesting user of the service key; the personal key information may be a personal key that the requesting user has, such as a public key of the personal key and/or an ID of the personal key; the service key identifier may be information provided by the user about the service key requested to be used, such as an ID of the service key requested to be used.
A second acquisition module configured to: and obtaining license information corresponding to the service key based on the first request information, wherein the license information comprises at least one license term for using the service key.
The server receives the first request message, and the second obtaining module can obtain the license information corresponding to the service key according to at least one feature message contained in the first request message. For example, the second obtaining module obtains corresponding license information according to the first biological characteristic, the user information, the personal key information and the service key identifier of the requesting user, where the license information may be pre-stored by the server or obtained by the server from the client. The license information includes at least one license term for using the service key. The license terms may be specific content licensed by the owner of the business key. Of course, if the same service key corresponds to different first clients, the license terms may not be the same. This makes the service key have different use modes for different users, and the use mode is flexible. And the license terms characterize the specific manner of use of the service key. Such as license effective time, license expiration time, license use times, usage information, etc., thereby ensuring that the service key cannot be used illegally while ensuring that the user uses the service key.
A processing module configured to: analyzing the permission information and the first biological characteristics respectively, and determining whether the permission information meets a first preset condition and whether the first biological characteristics meets a second preset condition; and under the condition that the permission information is determined to meet the first preset condition and the first biological characteristic meets the second preset condition, calling the service key corresponding to the first request information to process the data to be processed.
Specifically, the first biological feature of the requesting user may be one or more of facial features, fingerprint features, iris features, and the like. In this embodiment, the processing module may analyze one or more of facial features, fingerprint features, and iris features of the requesting user. To determine whether the information meets a second predetermined condition, such as meeting the biometric characteristic required by the service key owner. And the processing module needs to analyze the license information to determine whether the license information meets the first preset condition. For example, the processing module needs to determine whether the license information is valid, whether the license information is logically contradicted with the first request information, whether the requested content of the first request information is consistent with the usage of the service key, and the like, and when all the above sub-conditions are satisfied, it may be determined that the license information satisfies the first preset condition.
In this embodiment, the first biological characteristic meets the second preset condition, and the processing module may determine that the identity of the requesting user meets the requirement of the owner of the service key, so as to further ensure the security of the service key. The implementation processing module is further configured to call the service key to process the data to be processed only if it is determined that the license information meets the first preset condition, and generate a corresponding processing result, thereby further improving the security of the service key. After the processing result is generated, the server side can also send the processing result to the first client side, so that the use requirement of a user of the service key is met. In addition, specific contents of the first preset condition and the second preset condition may be set according to actual use requirements, for example, the first preset condition may be set according to specific contents of the service key and a security degree of the service key by the service end. The second predetermined condition may be adjusted according to a change in the appearance of the requesting user, such as a change in the fatness of the facial features of the requesting user.
In one embodiment of the present application, the processing module is further configured to:
comparing the first biological characteristic with a stored second biological characteristic, wherein the second biological characteristic is associated with the license information in advance;
and under the condition that the first biological characteristic is determined to be the same as the stored second biological characteristic, determining identity information corresponding to the first biological characteristic so as to determine that the first biological characteristic meets the second preset condition.
In one embodiment of the present application, the first and second biometric characteristics each include at least one of the following unique characteristics: facial features, fingerprint features, and iris features;
accordingly, the processing module is further configured to:
comparing the single feature of the first biometric feature with a corresponding single feature of the second biometric feature.
In one embodiment of the present application, the processing module is further configured to:
acquiring a license signature of the license information;
in a case where the license signature is valid, determining whether the license information is valid based on the license signature, wherein the first preset condition includes a condition that the license information is valid.
In one embodiment of the present application, the processing module is further configured to:
acquiring first use information using the service key in the license terms, and acquiring second use information using the service key in the first request information;
determining whether the first-use information is consistent with the second-use information, wherein the first preset condition includes a condition that the first-use information is consistent with the second-use information.
In one embodiment of the present application, the first obtaining module is further configured to: and receiving the license information which is sent by a second client and subjected to license signature and a second biological characteristic which is associated with the license information, wherein the second biological characteristic is a biological characteristic of a target object authorized to use the service key, and the biological characteristic of the target object comprises the first biological characteristic of the requesting user.
In an embodiment of the present application, the server further includes a generation module, where the generation module is configured to obtain the operation of the service key, where the operation includes:
acquiring second request information sent by the second client, wherein the second request information comprises user information and/or client key information in the second client, and the client key information comprises a public key of a personal key and/or an identifier of the personal key in the second client;
generating the corresponding service key based on the second request information;
and binding the user information and/or the client key information with the generated service key.
In an embodiment of the present application, the server further includes a generation module, where the generation module is configured to obtain the operation of the service key, where the operation includes:
receiving the service key directly imported by external equipment or imported by the second client;
acquiring the user information and/or the client key information sent by the second client, wherein the client key information comprises a public key of a personal key and/or an identifier of the personal key in the second client;
and binding the user information and/or the client key information with the acquired service key.
In one embodiment of the present application, the first obtaining module is further configured to: receiving the to-be-processed data sent by the first client, wherein the to-be-processed data is associated with the first biological characteristic.
In one embodiment of the present application, the first request information further includes at least one of: and the user information, the personal key information and the service key identification in the first client.
An embodiment of the present application further provides a management system, including the server described above, further including at least one first client described above, and the second client described above. The first client may be a client corresponding to a requesting user of the service key, and the second client may be a client corresponding to an owner of the service key.
An embodiment of the present application further provides a computer-readable storage medium, where instructions are stored in the computer-readable storage medium, and when the instructions are run on a computer, the following steps are implemented:
the method comprises the steps of obtaining first request information sent by a first client, wherein the first request information is used for requesting a server to process data to be processed by using a stored service key, and the first request information comprises first biological characteristics of a request user of the service key.
The service end can be connected with one or more client ends, and a user of the service key or an owner of the service key corresponds to the corresponding client end. Of course, the owner of the service key may also be the user of the service key, and is not limited herein. In this embodiment, the first client may be a client corresponding to a service key requesting user. The first client sends first request information to the server to request the server to process the data to be processed by using the stored service key. The first request message includes a first biometric characteristic of the requesting user of the service key, which may be one or more of a facial characteristic, a fingerprint characteristic, and an iris characteristic requested to the user. The first request information may further include at least one of: user information, personal key information and service key identification in the first client. Wherein, the user information can be the related information of the requesting user of the service key; the personal key information may be a personal key that the requesting user has, such as a public key of the personal key and/or an ID of the personal key; the service key identifier may be information provided by the user about the service key requested to be used, such as an ID of the service key requested to be used.
And obtaining license information corresponding to the service key based on the first request information, wherein the license information comprises at least one license term for using the service key.
The server receives the first request message, and can acquire the license information corresponding to the service key according to at least one feature message contained in the first request message. For example, the corresponding license information is obtained according to the first biological characteristic of the requesting user, the user information, the personal key information and the service key identifier, and the license information may be pre-stored by the server or may be obtained by the server from the client. The license information includes at least one license term for using the service key. The license terms may be specific content licensed by the owner of the business key. Of course, if the same service key corresponds to different first clients, the license terms may not be the same. This makes the service key have different use modes for different users, and the use mode is flexible. And the license terms characterize the specific manner of use of the service key. Such as license effective time, license expiration time, license use times, usage information, etc., thereby ensuring that the service key cannot be used illegally while ensuring that the user uses the service key.
And analyzing the license information and the first biological characteristics respectively to determine whether the license information meets a first preset condition and whether the first biological characteristics meets a second preset condition.
The first biometric characteristic of the requesting user may be one or more of facial characteristics, fingerprint characteristics, and iris characteristics. In this embodiment, one or more of facial features, fingerprint features, and iris features of the requesting user may be analyzed. To determine whether the information meets a second predetermined condition, such as meeting the biometric characteristic required by the service key owner. And the server side needs to analyze the license information to determine whether the license information meets the first preset condition. For example, the server needs to determine whether the license information is valid, whether the license information is logically contradicted with the first request information, whether the request content of the first request information is consistent with the usage of the service key, and the like, and when all the above sub-conditions are satisfied, it may be determined that the license information satisfies the first preset condition.
And under the condition that the permission information is determined to meet the first preset condition and the first biological characteristic meets the second preset condition, calling the service key corresponding to the first request information to process the data to be processed.
In this embodiment, the first biological characteristic meets the second preset condition, and it can be determined that the identity of the requesting user meets the requirement of the owner of the service key, so as to further ensure the security of the service key. In this embodiment, it is also necessary to determine that the license information meets the first preset condition, and the server may call the service key to process the data to be processed to generate a corresponding processing result, so as to further improve the security of using the service key. After the processing result is generated, the server side can also send the processing result to the first client side, so that the use requirement of a user of the service key is met. In addition, specific contents of the first preset condition and the second preset condition may be set according to actual use requirements, for example, the first preset condition may be set according to specific contents of the service key and a security degree of the service key by the service end. The second predetermined condition may be adjusted according to a change in the appearance of the requesting user, such as a change in the fatness of the facial features of the requesting user.
The above embodiments are only exemplary embodiments of the present application, and are not intended to limit the present application, and the protection scope of the present application is defined by the claims. Various modifications and equivalents may be made by those skilled in the art within the spirit and scope of the present application and such modifications and equivalents should also be considered to be within the scope of the present application.
Claims (14)
1. A business key management method based on biological characteristics is applied to a server side and comprises the following steps:
acquiring first request information sent by a first client, wherein the first request information is used for requesting a server to process data to be processed by using a stored service key, and the first request information comprises a first biological characteristic of a request user of the service key;
obtaining license information corresponding to the service key based on the first request information, wherein the license information comprises at least one license term for using the service key;
analyzing the permission information and the first biological characteristics respectively, and determining whether the permission information meets a first preset condition and whether the first biological characteristics meets a second preset condition;
and under the condition that the permission information is determined to meet the first preset condition and the first biological characteristic meets the second preset condition, calling the service key corresponding to the first request information to process the data to be processed.
2. The method of claim 1, wherein the analyzing the license information and the first biometric characteristic respectively to determine whether the license information meets a first predetermined condition and whether the first biometric characteristic meets a second predetermined condition comprises:
comparing the first biological characteristic with a stored second biological characteristic, wherein the second biological characteristic is associated with the license information in advance;
and under the condition that the first biological characteristic is determined to be the same as the stored second biological characteristic, determining identity information corresponding to the first biological characteristic so as to determine that the first biological characteristic meets the second preset condition.
3. The method of claim 2, wherein the first and second biometric characteristics each comprise at least one of the following unique characteristics: facial features, fingerprint features, and iris features;
correspondingly, the comparing the first biometric characteristic with the stored second biometric characteristic includes:
comparing the single feature of the first biometric feature with a corresponding single feature of the second biometric feature.
4. The method of claim 1, wherein the analyzing the license information and the first biometric characteristic respectively to determine whether the license information meets a first predetermined condition and whether the first biometric characteristic meets a second predetermined condition comprises:
acquiring a license signature of the license information;
in a case where the license signature is valid, determining whether the license information is valid based on the license signature, wherein the first preset condition includes a condition that the license information is valid.
5. The method of claim 1, wherein the analyzing the license information and the first biometric characteristic respectively to determine whether the license information meets a first predetermined condition and whether the first biometric characteristic meets a second predetermined condition comprises:
acquiring first use information using the service key in the license terms, and acquiring second use information using the service key in the first request information;
determining whether the first-use information is consistent with the second-use information, wherein the first preset condition includes a condition that the first-use information is consistent with the second-use information.
6. The method of claim 1, further comprising: and receiving the license information which is sent by a second client and subjected to license signature and a second biological characteristic which is associated with the license information, wherein the second biological characteristic is a biological characteristic of a target object authorized to use the service key, and the biological characteristic of the target object comprises the first biological characteristic of the requesting user.
7. The method of claim 1, further comprising the operation of obtaining the service key, comprising:
acquiring second request information sent by the second client, wherein the second request information comprises user information and/or client key information in the second client, and the client key information comprises a public key of a personal key and/or an identifier of the personal key in the second client;
generating the corresponding service key based on the second request information;
and binding the user information and/or the client key information with the generated service key.
8. The method of claim 1, further comprising the operation of obtaining the service key, comprising:
receiving the service key directly imported by external equipment or imported by the second client;
acquiring the user information and/or the client key information sent by the second client, wherein the client key information comprises a public key of a personal key and/or an identifier of the personal key in the second client;
and binding the user information and/or the client key information with the acquired service key.
9. The method of claim 1, further comprising: receiving the to-be-processed data sent by the first client, wherein the to-be-processed data is associated with the first biological characteristic.
10. The method of claim 1, wherein the first request information further comprises at least one of: and the user information, the personal key information and the service key identification in the first client.
11. A business key management method based on biological characteristics is applied to a first client and comprises the following steps:
sending first request information to a server, so that the server acquires license information corresponding to a service key based on the first request information, wherein the first request information is used for requesting the server to process data to be processed by using the stored service key, the first request information includes a first biological characteristic of a requesting user of the service key, and the license information includes at least one license term for using the service key;
and receiving a processing result sent by the server and used for processing the data to be processed through the service key, wherein the processing result is a result obtained by analyzing the license information and the first biological characteristics by the server respectively, and calling the service key corresponding to the first request information to process the data to be processed under the condition that the license information meets a first preset condition and the first biological characteristics meet a second preset condition.
12. A server, comprising:
a first acquisition module configured to: acquiring first request information sent by a first client, wherein the first request information is used for requesting a server to process data to be processed by using a stored service key, and the first request information comprises a first biological characteristic of a request user of the service key;
a second acquisition module configured to: obtaining license information corresponding to the service key based on the first request information, wherein the license information comprises at least one license term for using the service key;
a processing module configured to: analyzing the permission information and the first biological characteristics respectively, and determining whether the permission information meets a first preset condition and whether the first biological characteristics meets a second preset condition;
and under the condition that the permission information is determined to meet the first preset condition and the first biological characteristic meets the second preset condition, calling the service key corresponding to the first request information to process the data to be processed.
13. A management system, comprising a server according to any one of claims 1 to 10, and further comprising at least one first client according to any one of claims 1 to 10, and a second client according to any one of claims 6 to 8.
14. A computer-readable storage medium having stored therein instructions that, when executed on a computer, perform the steps of:
acquiring first request information sent by a first client, wherein the first request information is used for requesting a server to process data to be processed by using a stored service key, and the first request information comprises a first biological characteristic of a request user of the service key;
obtaining license information corresponding to the service key based on the first request information, wherein the license information comprises at least one license term for using the service key;
analyzing the permission information and the first biological characteristics respectively, and determining whether the permission information meets a first preset condition and whether the first biological characteristics meets a second preset condition;
and under the condition that the permission information is determined to meet the first preset condition and the first biological characteristic meets the second preset condition, calling the service key corresponding to the first request information to process the data to be processed.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011511456.6A CN112671534B (en) | 2020-12-18 | 2020-12-18 | Service key management method, service terminal and system based on biological characteristics |
| PCT/CN2021/136418 WO2022121940A1 (en) | 2020-12-09 | 2021-12-08 | Information processing method for service key, and serving end and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011511456.6A CN112671534B (en) | 2020-12-18 | 2020-12-18 | Service key management method, service terminal and system based on biological characteristics |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN112671534A true CN112671534A (en) | 2021-04-16 |
| CN112671534B CN112671534B (en) | 2022-02-01 |
Family
ID=75406217
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011511456.6A Active CN112671534B (en) | 2020-12-09 | 2020-12-18 | Service key management method, service terminal and system based on biological characteristics |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112671534B (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113704744A (en) * | 2021-07-21 | 2021-11-26 | 阿里巴巴(中国)有限公司 | Data processing method and device |
| WO2022121940A1 (en) * | 2020-12-09 | 2022-06-16 | 北京深思数盾科技股份有限公司 | Information processing method for service key, and serving end and system |
Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101583131A (en) * | 2009-06-10 | 2009-11-18 | 中兴通讯股份有限公司 | Service key transmission method and system |
| US20100306635A1 (en) * | 2009-05-28 | 2010-12-02 | Emulex Design & Manufacturing Corporation | Method for Verifying Correct Encryption Key Utilization |
| CN102387500A (en) * | 2011-10-25 | 2012-03-21 | 中兴通讯股份有限公司 | Service key management method and system |
| CN107070879A (en) * | 2017-02-15 | 2017-08-18 | 北京深思数盾科技股份有限公司 | Data guard method and system |
| CN107122977A (en) * | 2017-04-26 | 2017-09-01 | 陈志阳 | A kind of payment system based on bio-identification |
| CN108199838A (en) * | 2018-01-31 | 2018-06-22 | 北京深思数盾科技股份有限公司 | A kind of data guard method and device |
| CN109639419A (en) * | 2018-12-29 | 2019-04-16 | 北京深思数盾科技股份有限公司 | Cryptographic key protection method, cipher key storage device and terminal device |
| CN111327637A (en) * | 2020-03-10 | 2020-06-23 | 时时同云科技(成都)有限责任公司 | Service key management method and system |
| CN111797430A (en) * | 2020-06-30 | 2020-10-20 | 平安国际智慧城市科技股份有限公司 | Data verification method, device, server and storage medium |
-
2020
- 2020-12-18 CN CN202011511456.6A patent/CN112671534B/en active Active
Patent Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20100306635A1 (en) * | 2009-05-28 | 2010-12-02 | Emulex Design & Manufacturing Corporation | Method for Verifying Correct Encryption Key Utilization |
| CN101583131A (en) * | 2009-06-10 | 2009-11-18 | 中兴通讯股份有限公司 | Service key transmission method and system |
| CN102387500A (en) * | 2011-10-25 | 2012-03-21 | 中兴通讯股份有限公司 | Service key management method and system |
| CN107070879A (en) * | 2017-02-15 | 2017-08-18 | 北京深思数盾科技股份有限公司 | Data guard method and system |
| CN107122977A (en) * | 2017-04-26 | 2017-09-01 | 陈志阳 | A kind of payment system based on bio-identification |
| CN108199838A (en) * | 2018-01-31 | 2018-06-22 | 北京深思数盾科技股份有限公司 | A kind of data guard method and device |
| CN109639419A (en) * | 2018-12-29 | 2019-04-16 | 北京深思数盾科技股份有限公司 | Cryptographic key protection method, cipher key storage device and terminal device |
| CN111327637A (en) * | 2020-03-10 | 2020-06-23 | 时时同云科技(成都)有限责任公司 | Service key management method and system |
| CN111797430A (en) * | 2020-06-30 | 2020-10-20 | 平安国际智慧城市科技股份有限公司 | Data verification method, device, server and storage medium |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2022121940A1 (en) * | 2020-12-09 | 2022-06-16 | 北京深思数盾科技股份有限公司 | Information processing method for service key, and serving end and system |
| CN113704744A (en) * | 2021-07-21 | 2021-11-26 | 阿里巴巴(中国)有限公司 | Data processing method and device |
Also Published As
| Publication number | Publication date |
|---|---|
| CN112671534B (en) | 2022-02-01 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN106330850B (en) | Security verification method based on biological characteristics, client and server | |
| US8615663B2 (en) | System and method for secure remote biometric authentication | |
| US20070245152A1 (en) | Biometric authentication system for enhancing network security | |
| CN112565281B (en) | Information processing method, server and system of service key | |
| CN107733636B (en) | Authentication method and authentication system | |
| CN109756446B (en) | Access method and system for vehicle-mounted equipment | |
| CN113221128B (en) | Account and password storage method and registration management system | |
| US20060282680A1 (en) | Method and apparatus for accessing digital data using biometric information | |
| US20040098591A1 (en) | Secure hardware device authentication method | |
| JPWO2007094165A1 (en) | Identification system and program, and identification method | |
| US20160182491A1 (en) | Methods, systems and apparatus to manage an authentication sequence | |
| CN109981665B (en) | Resource providing method and device, and resource access method, device and system | |
| CN112671534B (en) | Service key management method, service terminal and system based on biological characteristics | |
| US20010048359A1 (en) | Restriction method for utilization of computer file with use of biometrical information, method of logging in computer system and recording medium | |
| CN111954211A (en) | Novel authentication key negotiation system of mobile terminal | |
| US20170201528A1 (en) | Method for providing trusted service based on secure area and apparatus using the same | |
| CN115842680A (en) | Network identity authentication management method and system | |
| CN112733200B (en) | Information processing method, encryption machine and information processing system of service key | |
| CN117424709B (en) | Login method and device of terminal device and readable storage medium | |
| CN110598469A (en) | Information processing method and device and computer storage medium | |
| CN108667800B (en) | Access authority authentication method and device | |
| US9977907B2 (en) | Encryption processing method and device for application, and terminal | |
| CN110516427B (en) | Terminal user identity authentication method and device, storage medium and computer equipment | |
| CN108965335B (en) | Method for preventing malicious access to login interface, electronic device and computer medium | |
| CN110971609A (en) | Anti-cloning method of DRM client certificate, storage medium and electronic equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| CP01 | Change in the name or title of a patent holder | ||
| CP01 | Change in the name or title of a patent holder |
Address after: 100193 5th floor 510, No. 5 Building, East Yard, No. 10 Wangdong Road, Northwest Haidian District, Beijing Patentee after: Beijing Shendun Technology Co.,Ltd. Address before: 100193 5th floor 510, No. 5 Building, East Yard, No. 10 Wangdong Road, Northwest Haidian District, Beijing Patentee before: BEIJING SENSESHIELD TECHNOLOGY Co.,Ltd. |