A kind of information safety devices of supporting many authentications
Technical field
The utility model relates to information security field, particularly a kind of information safety devices of supporting many authentications.
Background technology
In recent years, fast development along with Internet technology and ecommerce, increasing commercial activity is transferred on the network and is carried out, for example online government office, online digital bank, shopping online or the like, meanwhile, more and more informational needs that relate to individual privacy and business secret pass through network delivery.Yet deliberate threats such as virus, hacker, network trading and the counterfeit swindle of webpage have caused moral damage and loss economically to the user.
Information safety devices is a kind of small hardware equipment that has processor and memory, and it is connected with computer by the data communication interface of computer.It has key generation, safe storage key, presets functions such as cryptographic algorithm.The information safety devices computing relevant with key be fully in the device interior operation, and information safety devices has anti-characteristic of attacking, and fail safe is high.Information safety devices generally links to each other with computer by USB interface.
Information safety devices adopts the legitimacy of PIN (person identification) sign indicating number or biological characteristic (as fingerprint or iris etc.) identifying user identity, when carrying out authentication, information safety devices is linked to each other with computer, the user imports PIN code or biological characteristic on computers, the correctness of information safety devices meeting this PIN code of automatic verification or biological characteristic, have only when the PIN code of user input or biological characteristic are correct, just allow the user to use information safety devices.Information safety devices has the anti-characteristic of attacking of physics, and fail safe is high.
Utilize information safety devices can realize multiple information security operation, mainly comprise: data interaction (in information safety devices, the data that write are encrypted or the data that read are decrypted); Authentication information processing, storage/authentication password information, storage/certifying signature, storage/authentication certificate, rights management; And preset code and carry out data operation or the like; Wherein presetting code comprises and presets user software part segment (user software part segment can not be read out information safety devices; and carry out data operation at the information safety devices internal operation), and preset software protection application interface function (software protection application interface function is the interface level function between information safety devices and software developer use) or the like.
Present information safety devices, usually can only preserve a user's information in each information safety devices, if the user has two or more identity just can only be saved in respectively in two or more information safety devices, the user gos out at ordinary times and carries inconvenient and also easier the losing of two or more information safety devices.
The utility model content
In order to solve the restriction of an information safety devices support sole user identity in the prior art, the utility model proposes a kind of information safety devices of supporting many authentications.Be that information safety devices comprises a plurality of smart cards, can store user's a plurality of certificates or signing messages, so that be used for carrying out the authentication of a plurality of identity of user.
The technical solution of the utility model is: a kind of information safety devices of supporting many authentications, comprise control module, smart card module and communication module, it is characterized in that described control module links to each other with two or more smart card modules respectively, the subscriber identity information of described two or more smart card module storages, under the control of control module, selectively send to described communication module, carry out alternately with main frame.
The content of described two or more smart card module storage different user identity informations.
Described smart card module adopts different types of smart card module to store subscriber identity information.
Described identity information comprises digital certificate, key and user's private data.
Described control module comprises the time-delay module that powers on, and is used to guarantee that smart card module powers on lags behind control module, thereby guarantees the smart card module operate as normal.
Described control module is the HUB chip.
Described HUB chip is a USB HUB chip.
Described smart card module is the information security chip.
Described information security chip is an intelligent card chip.
Described communication module is a usb interface module.
Effect of the present utility model is: compared with prior art, information safety devices of the present utility model has a plurality of private area, can store a plurality of different user names and PIN code, therefore information safety devices of the present utility model can be supported the authentication of many identity, and stored the information and the certificate of a plurality of identity, and corresponding memory space also increases, and the user does not need to carry a plurality of information safety devices at ordinary times, convenient in the use, easy-to-use, cost performance is higher.
Description of drawings
Fig. 1 is a kind of structured flowchart of supporting the information safety devices of many authentications that embodiment 1 of the present utility model provides;
Fig. 2 is a kind of usb circuit figure that supports the information safety devices of many authentications that embodiment 1 of the present utility model provides;
Fig. 3 is a kind of USB HUB controller circuitry figure that supports the information safety devices of many authentications that embodiment 1 of the present utility model provides;
The circuit diagram of the smart card module 1 of Fig. 4 is that embodiment 1 of the present utility model provides a kind of information safety devices of supporting many authentications;
The circuit diagram of the smart card module 2 of Fig. 5 is that embodiment 1 of the present utility model provides a kind of information safety devices of supporting many authentications.
Embodiment
The utility model is described in further detail below in conjunction with the drawings and specific embodiments, but not as to qualification of the present utility model.
In Fig. 1, a kind of information safety devices 101 of many authentications of supporting that the utility model provides comprises smart card module 103, smart card module 104, control module 102 and the usb interface module 105 of supporting different identity information respectively:
The control module 102 that links to each other with usb interface module 105, link to each other with smart card module 104 with smart card module 103 respectively, the subscriber identity information that smart card module 103 and smart card module 104 are stored respectively selectively sends to usb interface module under the control of control module, carry out alternately with main frame.
Smart card module 103 can be different with the subscriber identity information of smart card module 104 storages.
Smart card module 103 and smart card module 104 all can be used for realizing with control module between communicate by letter, also can carry out the computing of subscriber identity information enciphering/deciphering and visiting user is authenticated and its access rights are managed and control, also can store subscriber identity information and user program.
Identity information comprises digital certificate, key and user's private data.
User program is used for realizing writing and calling of User Defined algorithm.
Control module 102 comprises the time-delay module 106 that powers on, and is used to guarantee that smart card module powers on lags behind control module, thereby guarantees the smart card module operate as normal.
Control module 102 can be the HUB chip.
The HUB chip is a USB HUB chip.
HUB is called hub, and hub (HUB) is the important tool that network is managed concentratedly, and as the trunk of tree, it is the Rendezvous Point of each branch.The HUB chip not only can transfer USB interface to two USB interface, can also transfer plural USB interface to, can transfer four USB interface to such as the HUB chip, so the HUB chip just can connect four smart card modules, store more subscriber identity information and carry out authentication.
Smart card module 103 and smart card module 104 are the information security chip.
The information security chip is an intelligent card chip.
Main frame in the present embodiment can be desktop computer, notebook computer, server or special machine, information safety devices can be connected with other external equipment, external equipment can but to be not limited to be outer if other special equipment of card reader, communication apparatus, digital camera, main frame, phone can be landline telephone or mobile phone.
Present embodiment is equivalent to an information safety devices inside and has comprised two information safety devices, can store two subscriber identity informations and carry out authentication.
In order more clearly to describe a kind of information safety devices of supporting many identity that the utility model provides, provide the preferred version of a present embodiment below: this programme provides a kind of information safety devices of supporting many identity, this equipment is made up of shell and inner circuit board two parts, and the principle of circuit board is as shown below: circuit is made up of four parts: USB interface, USB HUB controller, smart card module 1, smart card module 2.
Usb segment (as shown in Figure 2) uses USB2.0 agreement specified standard A type interface; the circuit of usb segment strictly observes the USB2.0LowSpeed agreement; resistance R 2 is the pressure-sensitive resistance that recovers certainly; can effectively protect this equipment when overtension, voltage just often this equipment can recover operate as normal.Usb segment has been realized the USB access function of this equipment.USB HUB (as shown in Figure 3) controller is the core of this equipment, it is the key that realizes many authentications, adopt the AU9254A21 chip, AU9254A21 is a usb hub of supporting USB2.0LowSpeed, realize expanding the function of USB port number, AU9254A21 can support four road downlink ports at most, has used wherein two-way downlink port in this example.When this equipment operate as normal, D1, D2 are luminous, are used for indicating equipment and insert USB mouth and USB HUB operate as normal.Smart card module is made up of chip and peripheral circuit, smart card module 1 (as shown in Figure 4), it adopts the FT11 chip, capacitor C 41, triode Q3, resistance R 23 constitute the power supply delay circuit, assurance smart card module 1 powers on and lags behind USB HUB controller, thereby guarantees the FT11 chip operate as normal of smart card module 1.Smart card module 2 (as shown in Figure 5) adopts the FT32Z60C chip, and the function that it is realized is identical with smart card module 1.Capacitor C 42, triode Q4, resistance R 24 have constituted the power supply delay circuit, guarantee the FT32Z60C chip operate as normal of smart card module 2, LP3985 is used to produce 3.3V voltage, use for chip, the different chip that two smart card modules are used can be stored two diverse certificates of user in order to embody information safety devices.
When this information safety devices is inserted USB interface, smart card module 1 in the equipment and smart card module 2 insert simultaneously, computer can be found smart card module 1 and 2 two ID authentication devices of smart card module, behind the correct mounting equipment driving program, but two smart card modules are operate as normal all, is independent of each other.
Such as, the present A of bank does not support the certificate of the B of bank, therefore the information safety devices of the A of bank granting can only be stored a certificate and can only use at the A of bank, if use the certificate of the A of bank of smart card module 1 storage in the information safety devices of the present utility model, the certificate of the B of bank of smart card module 2 storages, the user just can just can carry out authentication with an information safety devices with the certificate of two banks like this, the user does not need to buy two information safety devices of supporting A of bank and the B of bank respectively, using and carrying conveniently, cost performance is higher.
Above-described embodiment is a more preferably embodiment of the utility model, and common variation that those skilled in the art carries out in the technical solutions of the utility model scope and replacement all should be included in the protection range of the present utility model.