WO2016145820A1 - Near field communication data transmission method, device, computer storage medium - Google Patents

Near field communication data transmission method, device, computer storage medium Download PDF

Info

Publication number
WO2016145820A1
WO2016145820A1 PCT/CN2015/090616 CN2015090616W WO2016145820A1 WO 2016145820 A1 WO2016145820 A1 WO 2016145820A1 CN 2015090616 W CN2015090616 W CN 2015090616W WO 2016145820 A1 WO2016145820 A1 WO 2016145820A1
Authority
WO
WIPO (PCT)
Prior art keywords
identity
security
verification
data
near field
Prior art date
Application number
PCT/CN2015/090616
Other languages
French (fr)
Chinese (zh)
Inventor
沙爽
Original Assignee
中兴通讯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中兴通讯股份有限公司 filed Critical 中兴通讯股份有限公司
Publication of WO2016145820A1 publication Critical patent/WO2016145820A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication

Definitions

  • the present invention relates to the field of communications, and in particular, to a near field communication data transmission method and apparatus, and a computer storage medium.
  • NFC Near Field Communication
  • short-range wireless communication is a short-range high-frequency wireless communication technology that allows non-contact point-to-point data transmission (within ten centimeters) between electronic devices. data.
  • NFC can be used as a short-range technology in which files and other content can be passed when several devices are very close together. This feature is useful for places that need to collaborate, such as when you need to share files or when multiple players play games.
  • an embodiment of the present invention provides a near field communication data transmission method and apparatus, and a computer storage medium, which solves the problem of poor security of data transmission by near field communication in the prior art.
  • the to-be-transmitted data is transmitted to the counterpart device.
  • the performing the security verification comprises: performing security verification on the counterpart device.
  • the performing security verification on the counterpart device includes:
  • the performing identity security verification on the counterpart device includes:
  • the performing data authority verification on the counterpart device includes: acquiring data authority corresponding to the counterpart device; determining whether data corresponding to the data authority of the counterpart device includes the to-be-sent Data; if included, data permission validation passes.
  • the acquiring the data authority corresponding to the counterpart device comprises: finding the data authority corresponding to the counterpart device according to the identity security identifier or the identity identifier of the counterpart device.
  • the performing data authority verification on the counterpart device includes: acquiring all devices having the right to send data, determining whether the device is included, and if so, verifying data rights by.
  • the acquiring, by the device having the right to send data includes: acquiring an identity security identifier or an identity identifier corresponding to all devices that have the data to be sent;
  • the counterpart device includes: determining whether the identity security identifier or the identity identifier corresponding to the counterpart device is included.
  • the performing the security verification further comprises: accepting the peer device to perform security verification on itself.
  • the receiving the peer device to perform security verification on itself includes:
  • the other device is accepted to perform identity security verification on itself, and the data authority verification is performed on itself after the verification is passed.
  • the near field communication data transmission apparatus comprises an opening module, a security module and a transmission module:
  • the opening module is configured to enable near field communication and establish a near field communication wireless channel
  • the security module is configured to perform security verification before transmitting the data to be sent to the other device;
  • the transmission module is configured to transmit the to-be-transmitted data to the counterpart device after the verification is passed.
  • the security module is further configured to perform security verification on the counterpart device.
  • the security module includes an identity security submodule or data a security submodule: the identity security submodule is configured to perform identity security verification on the counterpart device; the data security submodule is configured to perform identity security verification on the counterpart device, and perform verification on the counterpart device Data permission verification.
  • the security module is further configured to accept the peer device to perform security verification on itself.
  • the security module is further configured to accept the identity device to perform identity security verification on itself, or accept the identity device to perform identity security verification on itself, and perform data permission on itself after the verification is passed. verification.
  • the computer storage medium provided by the embodiment of the present invention stores a computer program for executing the near field communication data transmission method.
  • the near field communication data transmission method and device and the computer storage medium provided by the embodiments of the present invention enable the near field communication to establish a near field communication wireless channel; perform security verification before transmitting the data to be sent to the other device; after the verification is passed, The data to be transmitted is transmitted to the other device.
  • the data is sent to the other terminal without being close to the other terminal, and the security verification is performed. Only after the security verification is passed, the data is sent to the other terminal, and the NFC device in the current technical application is solved. There is no problem of trusted authentication between data transmission. It provides a reliable guarantee for users to use the terminal safely, and provides a meaningful supplement to the standard protocol specification.
  • FIG. 1 is a schematic flowchart of a near field communication data transmission method according to Embodiment 1 of the present invention
  • FIG. 2 is a schematic flowchart of a near field communication data transmission method according to Embodiment 2 of the present invention.
  • FIG. 3 is a schematic flowchart of a near field communication data transmission method according to Embodiment 3 of the present invention.
  • FIG. 4 is a schematic structural diagram 1 of a near field communication data transmission apparatus according to Embodiment 4 of the present invention.
  • FIG. 5 is a schematic structural diagram 2 of a near field communication data transmission apparatus according to Embodiment 4 of the present invention.
  • FIG. 6 is a schematic structural diagram 3 of a near field communication data transmission apparatus according to Embodiment 4 of the present invention.
  • FIG. 7 is a schematic structural diagram of a centralized management software system according to Embodiment 4 of the present invention.
  • P2P Peer-to-Peer
  • the Logical Link Control Protocol usually carries SNEP data
  • the Simple NFC Exchange Protocol usually carries NDEF data
  • the NDEF carries RTD data
  • RTD data is the actual application data
  • the Logical Link Control Protocol (NFCForum-TS-LLCP1.1.pdf) provides the means for transmitting upper layer information units between two NFC devices, including link activation, management, deactivation, and protocol multiplexing.
  • Connection-oriented transport Provides a serialized, error-free data transmission service
  • connectionless transmission the protocol overhead is small, using the request and response mechanism.
  • NFCForum-TS-SNEP_1.0.pdf is an application layer protocol (using request and response mode). It is applicable to P2P mode to send or receive NDEF application data between two NFC devices.
  • the client sends a request to the server, the message includes: protocol version, request method, length, and information data; the server performs the specified operation. Then respond to the packet: protocol version, status code, length, information data.
  • NFC Data Exchange Format (NFCForum-TS-NDEF_1.0.pdf)
  • NDEF is a lightweight, compact binary format with various data types defined by URL, vCard and NFC.
  • the information exchanged by NDEF consists of a series of records, each of which contains a payload, which can be a URL, MIME, or a custom data type. Each payload is described by a type, length, and an optional identifier.
  • the maximum data size of an NDEF is 4GB.
  • the near field communication data transmission method of this embodiment includes the following steps:
  • Step S101 Turn on near field communication, and establish a near field communication wireless channel
  • Step S102 Perform security verification before transmitting the to-be-transmitted data to the other device.
  • the transmitted data herein may include an address book, a file, a gallery, a music library, and the like stored in the terminal.
  • the counterpart device and the device itself may be any device or device device having an NFC function (ie, having an NFC chip communication system), and of course, other systems such as communication, display, audio, and the like.
  • the specific device may be a smart terminal, such as a mobile phone, a tablet computer, or the like. It is mainly to provide data security in its own device, to prevent some important data from being transmitted to unfamiliar devices, and to perform security verification on the other device to improve data security.
  • Step S103 After the verification is passed, the data to be sent is transmitted to the counterpart device.
  • the data to be transmitted is transmitted to the other device, which improves security. If the verification fails, you can stop the data transmission to be sent, you can Our devices do not exchange untrusted data with any device, allowing our data protection and secure communications to go a step further.
  • performing security verification may be performing security verification on the counterpart device, and performing security verification on the counterpart device specifically includes performing identity security verification on the counterpart device.
  • the specific identity security verification for the other device may be the identity security identifier sent by the receiving device, and determine whether the identity security identifier is the same as its own identity security identifier. If the identity is the same, the identity security verification is passed. It should be understood that for the device and all other counterpart devices, the identity security identifier is pre-stored so that the device can identify the identity security identifier of the peer device, and multiple identity security identifiers are stored in the device.
  • Zhang San is the sender of the local device, and in the case of Zhang San’s mobile phone, the family identity security identifier A, the colleague identity security identifier B and the classmate identity security identifier C are pre-stored, and Zhang Yi Zhang Er is the family of Zhang San, Li Si and Wang Wu are colleagues of Zhang San, Zhao Liu and Zhao Qi are Zhang San’s classmates. Then there are identity security signs A, B and C in Zhang San’s mobile phone, identity security ID A in Zhang Yi and Zhang Er’s mobile phones, and identity security ID B in Li Si and Wang Wu’s mobile phones. In the mobile phones of Zhao Liu and Zhao Qi, the identity security identifier C is stored.
  • Zhang San and Li Si conduct data transmission, then before the data transmission by Zhang San and Li Si, Li Si will identify his identity security B. For Zhang San mobile phone, Zhang San mobile phone judges that it has the same identity security identifier B, and if so, it is considered to be trustworthy. If there is no identity security identity, or the identity security identity is different from its own, it is considered to be untrusted, and the verification fails.
  • the specific identity security verification of the counterpart device may be to receive the identity identifier of the counterpart device, determine whether the identity identifier is in the preset security list, and if so, the identity security verification is passed. It should be understood that for the device and all other counterpart devices, there will be corresponding identification, such as the number of the device and the identification information of the number, so that the device can identify the opposite device, and what is preset in the device A list of identities corresponding to devices that can be trusted. Of course, the list here means that devices that can be trusted are stored, not just in the form of lists, other forms. Can also be included.
  • Zhang San mobile phone Taking the device as a mobile phone as an example, in the case of the mobile phone of Zhang San (sender), the safety list pre-stored in Zhang San mobile phone contains Zhang San’s family Zhang Yi and Zhang Er, Zhang San’s colleagues Li Si and Wang Wu Zhang San’s classmates Zhao Liu and Zhao Qi. If Zhang San and Li Si carry out data transmission, then before the data transmission of Zhang San and Li Si, Li Si will give his identity (mobile number) to Zhang San mobile phone, and Zhang San mobile phone judges that he has a safe list. Li Si’s mobile phone is considered trustworthy and verified.
  • the specific identity security verification of the counterpart device may also be to receive the identity security identifier and the identity identifier of the counterpart device, determine whether the identity security identifier is the same as its own identity security identifier, and determine whether the identity identifier is in the preset security list, if The identity security ID is the same and within the preset security list, the identity security verification is passed.
  • the identity security identifier is pre-stored so that the device can identify the identity security identifier of the peer device, and multiple identity security identifiers are stored in the device.
  • identity such as the number of the device and the identification information of the number, so that the device can identify the peer device, and in the device, which ones are pre-set can be trusted.
  • identity such as the number of the device and the identification information of the number
  • Li Si will give his identity security mark B to Zhang San mobile phone, Zhang San mobile phone judges that it has the same identity security identity B, if it is, it is considered that the trusted identity security identity B is the same as its own identity security identity B, and will also determine the identity of Li Si ( Whether the mobile number is in its own safe list, if it is, the verification is passed. Because the identity security logo only means that there is this identity security logo, it does not specifically care who it is, and it may be stolen by the stranger. If the identity verification is further strengthened, the security is improved.
  • performing security verification on the other device further includes: performing identity security verification on the other device first, and then performing data authority verification on the other device after the verification is passed. That is, the identity security verification is performed first, and after the identity security verification is passed, the data authentication of the other device is performed, and the data transmission is performed after the data authority verification is passed.
  • the data permission here refers to the data that the other device can share, for example, the family can share their own life photos, the second working files are generally not shared, the colleagues can share the working documents, but generally do not share their own life photos.
  • the specific data authority verification for the other device may be to obtain the data authority corresponding to the counterpart device; determine whether the data corresponding to the data authority of the counterpart device includes the data to be sent; if yes, the data authority verification is passed.
  • obtaining the data authority corresponding to the counterpart device includes: finding the data authority corresponding to the counterpart device according to the identity security identifier or the identity identifier of the counterpart device.
  • the data security rights are correspondingly set in advance corresponding to the data security identifiers, and the corresponding data identifiers are also correspondingly set for each identity identifier.
  • the specific data authority verification for the other device may also be to obtain all devices having the right to send data, and determine whether the device is included. If yes, the data authority is verified. Specifically, obtaining all the devices having the right to send data includes: acquiring an identity security identifier or an identity identifier corresponding to all devices that have data to be sent; determining whether the device includes the counterpart device includes: determining whether the identity security identifier or identity corresponding to the counterpart device is included Logo. Combining the above examples of Zhang San The child explains that when Zhang San and Li Si carry out data transmission, after Zhang San’s identity verification of Li Si is passed, for example, the data to be transmitted is a life photo, then the identity security identifier A corresponding to the life photo is found, or the corresponding identity is obtained.
  • setting the identity security identifier in the device and the corresponding data authority may be implemented in the form of an app on the terminal device (ie, the device), so that a designated terminal is used as a management role, and all the controlled devices can be managed.
  • Letter NFC terminal equipment including equipment information, identity security identity, and transmittable data type.
  • the NFC terminal device that needs to write the controlled data to the NFC terminal device and the management terminal can write the data such as the identity security identifier by means of the NFC tag reading and writing. It can also be implemented on a PC device. Users can use the home computer and office computer to install centralized management software as a management role to manage all trusted NFC terminal devices that need to be controlled.
  • the device information, the identity security identifier, and the transmittable data authority are connected to the controlled terminal through the USB cable to write data such as the identity security identifier.
  • hardware chip storage or software storage may be selected, wherein the hardware chip, for a system with a higher security level requirement, may save the rights data related to the trusted NFC device, including the identity security identifier and the data authority.
  • the hardware chip such as eSE, encrypted T card, access and read and write through the common chip interface, and even provide protection for encrypted storage
  • software storage for the general security level system, can save the authority data related to the trusted NFC device In the file system of the device, it can be saved in plain text or encrypted.
  • the security verification may be performed by the receiving device to perform security verification on itself, and specifically accepting the security verification by the counterpart device itself, including accepting the identity verification of the identity by the counterpart device.
  • the specific acceptance of the identity verification by the counterpart device may be to send its own identity security identifier to the counterpart device, and let the counterpart device determine whether the identity security identifier is the same as the identity security identifier of the counterpart device itself, and if the identity is the same, the identity security verification is passed.
  • the identity security identifier is pre-stored for the counterpart device itself and all other counterpart devices, so that the counterpart device can identify the identity security identifier of the local device, and multiple identity security identifiers are stored in the counterpart device.
  • Zhang San is the other party’s device, that is, the recipient, pre-stored the family identity security identity A, the colleague identity security identity B, and the classmate identity security identity C, and Zhang Yihe Zhang Er is the family of Zhang San, Li Si and Wang Wu are Zhang's colleagues, Zhao Liu and Zhao Qi are Zhang San's classmates. Then there are identity security signs A, B and C in Zhang San’s mobile phone, identity security ID A in Zhang Yi and Zhang Er’s mobile phones, and identity security ID B in Li Si and Wang Wu’s mobile phones. In the mobile phones of Zhao Liu and Zhao Qi, the identity security identifier C is stored.
  • Zhang San and Li Si conduct data transmission, then before the data transmission by Zhang San and Li Si, Li Si will identify his identity security B.
  • Zhang San mobile phone accept Zhang San mobile phone to judge that he has the same identity security identity B, if any, it is considered trust. If there is no identity security identity, or the identity security identity is different from its own, it is considered to be untrusted, and the verification fails. After the verification is passed, Zhang San Mobile will feedback to tell Li Si to pass the security verification, or if the failure message of Zhang San is not received within the preset time, Li Si believes that the security verification has passed.
  • the specific acceptance of the remote device for authenticating the identity of the identity may be to send the identity of the device, and let the other device determine whether the identity is in the preset security list of the other device, and if so, the identity security verification is passed.
  • the local device and all other devices will have corresponding identity, such as the number of the device and the identification information of the number, so that the other device can Identifying the local device, in the other device, it will store a list of identities corresponding to the devices that can be trusted.
  • the list here means that the device can be trusted, not only in the form of a list, but also in other forms. Can be included. Taking the device as an example of the mobile phone, Zhang San is the other party's device, that is, the receiving party.
  • Zhang San's mobile phone for example, Zhang San's family Zhang Yi and Zhang Er, Zhang San's colleagues, are included in the safety list pre-stored by Zhang San mobile phone. Li Si and Wang Wu, Zhang San's classmates Zhao Liu and Zhao Qi. If Zhang San and Li Si carry out data transmission, then before the data transmission of Zhang San and Li Si, Li Si will give his identity (mobile number) to Zhang San mobile phone, and Zhang San mobile phone judges that he has a safe list. Li Si’s mobile phone is considered to be trustworthy, verified, and then told Li Si, so that Li Si can transfer data to Zhang San.
  • the specific identity security verification of the counterpart device may also be to send the identity security identifier and the identity identifier to the other device, and the counterpart device determines whether the identity security identifier is the same as its own identity security identifier, and whether the identity identifier is preset. In the security list, if the identity security ID is the same and is in the preset security list, the identity security verification is passed.
  • the identity security identifier is pre-stored in the other device, so that the other device can identify the identity security identifier of the local device, that is, multiple identity security identifiers are stored in the other device. . And for the device and all other devices, there will be corresponding identification, such as the number of the device and the identification information of the number, so that the other device can identify the local device, and the pre-set devices that are trusted can be stored in the other device. A list of corresponding identities.
  • the identity security sign B of his own is given to the Li Si mobile phone.
  • the Li Si mobile phone judges that it has the same identity security identifier B. If it is, it is considered that the trusted identity security identity B is the same as its own identity security identity B.
  • the security verification of the local device by the receiving device includes: first accepting the identity verification of the local device by the other device, and after receiving the verification, accepting the data verification of the local device by the other device. That is, the peer device is first accepted for identity security verification. After the identity security verification is passed, the other device is accepted to perform data authority verification on the local device, and data transmission is performed after the data authority verification is passed.
  • the data permission here refers to which data the local device can share, that is, which data can be received by the counterpart device, and which data cannot be received. It is worth noting that the security verification method performed by the other device is the same as the security verification method performed by the local device on the other device, and the main verification is that the execution subject is different from each other, and the repeated description will not be repeated here.
  • the NFC P2P data transmission device terminal uses the identity security identifier to identify the trusted device to determine whether the data can be transmitted.
  • the example is illustrated, as shown in Figure 2, including the following steps:
  • Step S201 The transmitting end selects to send a communication business card and activates P2P transmission through the P2P data sharing operation interface system;
  • Step S202 The transmitting end is close to the receiving end, and the transmitting field is sent by the NFC antenna transmitting system, and the wireless channel is established with the receiving end;
  • the receiving end receives the NFC radio frequency field of the transmitting end.
  • Step S203 The sending end acquires the identity security identifier sent by the receiving end, that is, the receiving end reads the permission identifier from the P2P authority identifier storage system through the P2P data transmission system, and writes the NDEF data structure to the sending end;
  • the receiving end also records related information of the transmitting end.
  • Step S204 The transmitting end determines, according to the identity security identifier of the receiving end, whether the receiving end is trusted by the NFC device. If it is not a trusted device, the process terminates; if it is a trusted device, proceeds to step S205;
  • Step S205 The P2P data transmission system at the transmitting end reads the data rights that can be transmitted and received from the receiving end from the P2P rights identification storage system, and if the transmission of the address book business card is not allowed, the process is terminated; if the transmission of the business card is allowed, the process proceeds to S206;
  • Step S206 The P2P data transmission system at the transmitting end sends the selected address book business card to the NDEF data structure and sends it to the receiving end, and the process is completed.
  • the receiving end receives the business card and stores it.
  • the transmitting end in this example is the device, and the receiving end is the counterpart device.
  • the data format between devices is as follows:
  • the identity security identifier is exchanged between the P2P devices by the extended NDEF data type and whether data transmission is allowed.
  • NDEF information and standard format description: text (T) can carry information strings, can also be included in other NDEF information as its description text.
  • URI(U) which can be used to store website addresses, emails, phone numbers, and stored in an optimized binary form.
  • Smart poster (Sp) for entering URLs, text messages or phone numbers into NFC tags and how to pass them between devices. Universal control of the RTD. Sign the RTD.
  • the near field communication data transmission method of this embodiment includes the following steps:
  • Step S301 The P2P centralized management software system allocates a trusted P2P data transmission identity security standard Knowledge and restrictions can send data rights;
  • Step S302 The trusted P2P data transmission identity security identifier is stored in the P2P identity security identifier storage system; the storage system herein may be local to the device or in the related storage device;
  • Step S303 two terminal devices having an NFC chip, one of which (the transmitting end) opens a P2P data sharing operation interface system, and selects data to be transmitted, that is, data to be transmitted;
  • Step S304 The transmitting end of the P2P is close to the receiving end NFC terminal device, triggering the NFC antenna transmitting system to perform wireless communication docking;
  • Step S305 The P2P data transmission system performs data transmission, reads the permission identifier from the P2P authority identification storage system, and determines whether the communication parties belong to the same trusted group, that is, whether they have the same identity security identifier, if they do not belong to the same trusted
  • the group blocks the P2P data transmission of this time; if it belongs to the same trusted group, the sender further reads the corresponding transmission data authority from the P2P identity security identifier storage system, and determines the current P2P data sharing operation interface system. Whether the selected data is allowed to be sent, if not allowed, the P2P data transmission fails.
  • the wireless communication method in this embodiment is an NFC short-range wireless communication method.
  • This embodiment provides a method for establishing a trusted P2P data transmission device group in NFC short-range communication. Therefore, steps S301 and S302 are performed before the NFC device uses the P2P data connection, to indicate which scenarios belong to the NFC device. Before using P2P data connections, here are a few possible scenarios: (1) transferring photos between family members; (2) transferring videos between friends; and (3) transferring files between colleagues. It should be noted that steps S301 and S302 in this embodiment are performed before the NFC device uses the P2P data connection.
  • the P2P centralized management software system needs to first store the trusted P2P data transmission authority identifier in the P2P authority identification storage system, so that when the P2P data transmission system is used, , get the identity and manage device permissions. It should be understood that we can manage all controlled devices through the centralized management system before data transmission. Write an identity security ID for them. Then, before using NFC point-to-point transmission, the two terminals first perform certain information verification through data communication, such as a trusted identity security identifier, determining whether the device currently transmitting data is trusted, and then determining whether to transmit. The operation, which is supplemented by existing agreements.
  • a family trusted device group can share data of all data rights; a friend trusted device group can share data of data rights such as business cards, pictures, videos, audios, etc.; a trusted device group of colleagues can share business cards Data for document data permissions.
  • the device does not exchange untrusted data with any terminal, allowing data protection and secure communication to go further.
  • the present embodiment provides a near field communication data transmission device 400, as shown in FIG. 4, including an opening module 401, a security module 402, and a transmission module 403: the opening module 401 is configured to enable near field communication and establish a near field communication wireless channel; The security module 402 is configured to perform security verification before transmitting the to-be-transmitted data to the counterpart device; the transmission module 403 is configured to transmit the to-be-transmitted data to the counterpart device after the verification is passed.
  • the security module 402 is further configured to perform security verification on the counterpart device.
  • the embodiment further provides a near field communication data transmission device 400.
  • the security module 402 includes an identity security submodule 4021: the identity security submodule 4021 is configured to perform identity security verification on the counterpart device.
  • the embodiment further provides a near field communication data transmission device 400.
  • the security module 402 includes a data security submodule 4022: the data security submodule 4022 is configured to perform data authority verification on the counterpart device.
  • the security module 402 is further configured to accept the peer device to perform security verification on itself.
  • the security module 402 is further configured to accept the identity verification of the identity of the remote device; or accept the identity security verification of the remote device by itself; According to the authority verification.
  • a centralized management software system 700 is provided for description. As shown in FIG. 7, the P2P centralized management software module 701 and P2P permissions are included. The storage module 702 and the P2P data transmission module 703 are identified.
  • the P2P centralized management software module 701 is configured to distribute trusted device group identity security identifiers in different NFC terminal devices, such as a home trusted group, a classmate trusted group, and a colleague trusted group, and each group Different identity security identifiers are available, and only NFC terminal devices that match the rights identifier can transmit data to each other.
  • the system can also manage data rights that can be sent between the same trusted group device to prevent private data from being sent to unpredictable devices.
  • the P2P authority identifier storage module 702 is configured to save the identity security identifier and the transmittable data weight allocated by the 501 centralized management system, and the storage system can be placed in the eSE chip, the SE chip, and the terminal virtual eSE to provide storage for the 502 and 503 systems. Taking the interface, the storage system can provide an encryption mechanism to ensure that the saved data is safe and reliable.
  • the P2P data transmission module 703 is configured to transmit data between different NFC terminal devices. Before transmitting the actual data, the identity security identifier assigned by the centralized management module 701 needs to be read from the rights identifier storage module 702 to different terminals to determine whether the subsequent data transmission process can be performed.
  • each unit module in the near field communication data transmission device may be a central processing unit (CPU) in a near field communication data transmission device, or a digital signal processor (DSP), or Field-Programmable Gate Array (FPGA) implementation.
  • CPU central processing unit
  • DSP digital signal processor
  • FPGA Field-Programmable Gate Array
  • the apparatus for tracking the service signaling may also be stored in a computer readable storage medium if it is implemented in the form of a software function module and sold or used as a separate product. Based on such understanding, the technical solution of the embodiments of the present invention may be embodied in the form of a software product in essence or in the form of a software product. Stored in a storage medium, including instructions for causing a computer device (which may be a personal computer, server, or network device, etc.) to perform all or part of the methods described in various embodiments of the present invention.
  • a computer device which may be a personal computer, server, or network device, etc.
  • the foregoing storage medium includes various media that can store program codes, such as a USB flash drive, a mobile hard disk, a read only memory (ROM), a magnetic disk, or an optical disk.
  • program codes such as a USB flash drive, a mobile hard disk, a read only memory (ROM), a magnetic disk, or an optical disk.
  • an embodiment of the present invention further provides a computer storage medium, wherein a computer program for executing a near field communication data transmission method of an embodiment of the present invention is stored.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

Disclosed in an embodiment of the present invention are a secure access method, device, terminal and storage medium. The method comprises: inputting via a preset password input interface a required access password of an object to be accessed, determining whether the access password has passed an identity verification of the object to be accessed, and if the access password has passed the identity verification of the object to be accessed, then jumping to the object to be accessed and granting authorization to access the same, while if the access password has not passed the identity verification of the object to be accessed, refusing access to the object to be accessed.

Description

一种近场通信数据传输方法和装置、计算机存储介质Near field communication data transmission method and device, computer storage medium 技术领域Technical field
本发明涉及通信领域,特别涉及一种近场通信数据传输方法和装置、计算机存储介质。The present invention relates to the field of communications, and in particular, to a near field communication data transmission method and apparatus, and a computer storage medium.
背景技术Background technique
近场通信(Near Field Communication,简称NFC),又称近距离无线通信,是一种短距离的高频无线通信技术,允许电子设备之间进行非接触式点对点数据传输(在十厘米内)交换数据。Near Field Communication (NFC), also known as short-range wireless communication, is a short-range high-frequency wireless communication technology that allows non-contact point-to-point data transmission (within ten centimeters) between electronic devices. data.
NFC可以作为一种短程技术,当几部设备离得非常近的时候,文件和其它内容就可以在这些设备中传递。这项功能对于需要协作的场所非常有用,如需要分享文件或多个玩家进行游戏的时候。NFC can be used as a short-range technology in which files and other content can be passed when several devices are very close together. This feature is useful for places that need to collaborate, such as when you need to share files or when multiple players play games.
现有NFC点到点的数据传输,在4CM以内的距离直接将两个NFC终端靠近就可以直接进行数据传输。在终端之间没有可信权限管理的过程,这样就面临一定的信任危机。Existing NFC point-to-point data transmission, direct access to the two NFC terminals within a distance of 4CM can directly carry out data transmission. There is no process of trusted authority management between terminals, so there is a certain crisis of trust.
发明内容Summary of the invention
为解决上述技术问题,本发明实施例提供了一种近场通信数据传输方法和装置、计算机存储介质,解决现有中通过近场通信进行数据传输安全性差的问题。In order to solve the above technical problem, an embodiment of the present invention provides a near field communication data transmission method and apparatus, and a computer storage medium, which solves the problem of poor security of data transmission by near field communication in the prior art.
本发明实施例提供的近场通信数据传输方法,包括:The near field communication data transmission method provided by the embodiment of the present invention includes:
开启近场通信,建立近场通信无线通道;Turn on near field communication and establish a near field communication wireless channel;
在将待发数据传输给对方装置之前,进行安全验证;Perform security verification before transmitting the data to be sent to the other device;
验证通过后,将所述待发数据传输给所述对方装置。 After the verification is passed, the to-be-transmitted data is transmitted to the counterpart device.
在本发明的一种实施例中,所述进行安全验证包括:对所述对方装置进行安全验证。In an embodiment of the invention, the performing the security verification comprises: performing security verification on the counterpart device.
在本发明的一种实施例中,所述对所述对方装置进行安全验证包括:In an embodiment of the present invention, the performing security verification on the counterpart device includes:
对所述对方装置进行身份安全验证;Performing identity security verification on the counterpart device;
or
对所述对方装置进行身份安全验证,验证通过后对所述对方装置进行数据权限验证。Performing identity security verification on the counterpart device, and performing data authority verification on the counterpart device after the verification is passed.
在本发明的一种实施例中,所述对所述对方装置进行身份安全验证包括:In an embodiment of the present invention, the performing identity security verification on the counterpart device includes:
接收所述对方装置发送的身份安全标识,判断所述身份安全标识是否与自身的身份安全标识相同,如果相同,身份安全验证通过;Receiving an identity security identifier sent by the remote device, determining whether the identity security identifier is the same as its own identity security identifier, and if the same, the identity security verification is passed;
or
接收所述对方装置的身份标识,判断所述身份标识是否在预设安全列表内,如果在,身份安全验证通过;Receiving an identity of the counterpart device, determining whether the identity identifier is in a preset security list, and if yes, identity security verification is passed;
or
接收所述对方装置的身份安全标识和身份标识,判断所述身份安全标识是否与自身的身份安全标识相同,以及判断所述身份标识是否在预设安全列表内,如果身份安全标识相同且在预设安全列表内,身份安全验证通过。Receiving an identity security identifier and an identity identifier of the remote device, determining whether the identity security identifier is the same as its own identity security identifier, and determining whether the identity identifier is in a preset security list, if the identity security identifier is the same and is in advance Within the security list, the identity security verification is passed.
在本发明的一种实施例中,所述对所述对方装置进行数据权限验证包括:获取所述对方装置对应的数据权限;判断所述对方装置的数据权限对应的数据是否包含所述待发数据;如果包含,则数据权限验证通过。In an embodiment of the present invention, the performing data authority verification on the counterpart device includes: acquiring data authority corresponding to the counterpart device; determining whether data corresponding to the data authority of the counterpart device includes the to-be-sent Data; if included, data permission validation passes.
在本发明的一种实施例中,所述获取所述对方装置对应的数据权限包括:根据所述对方装置的身份安全标识或身份标识找到所述对方装置对应的数据权限。 In an embodiment of the present invention, the acquiring the data authority corresponding to the counterpart device comprises: finding the data authority corresponding to the counterpart device according to the identity security identifier or the identity identifier of the counterpart device.
在本发明的一种实施例中,所述对所述对方装置进行数据权限验证包括:获取具有所述待发数据权限的所有装置,判断是否包含所述对方装置,如果包含,则数据权限验证通过。In an embodiment of the present invention, the performing data authority verification on the counterpart device includes: acquiring all devices having the right to send data, determining whether the device is included, and if so, verifying data rights by.
在本发明的一种实施例中,所述获取具有所述待发数据权限的所有装置包括:获取具有所述待发数据的所有装置对应的身份安全标识或身份标识;所述判断是否包含所述对方装置包括:判断是否包含所述对方装置对应的身份安全标识或身份标识。In an embodiment of the present invention, the acquiring, by the device having the right to send data, the method includes: acquiring an identity security identifier or an identity identifier corresponding to all devices that have the data to be sent; The counterpart device includes: determining whether the identity security identifier or the identity identifier corresponding to the counterpart device is included.
在本发明的一种实施例中,所述进行安全验证还包括:接受对端设备对自身进行安全验证。In an embodiment of the present invention, the performing the security verification further comprises: accepting the peer device to perform security verification on itself.
在本发明的一种实施例中,所述接受对端设备对自身进行安全验证包括:In an embodiment of the present invention, the receiving the peer device to perform security verification on itself includes:
接受所述对方装置对自身进行身份安全验证;Accepting the identity device to perform identity security verification on itself;
or
接受所述对方装置对自身进行身份安全验证,验证通过后对自身进行数据权限验证。The other device is accepted to perform identity security verification on itself, and the data authority verification is performed on itself after the verification is passed.
本发明实施例提供的近场通信数据传输装置,包括开启模块、安全模块和传输模块:The near field communication data transmission apparatus provided by the embodiment of the invention comprises an opening module, a security module and a transmission module:
所述开启模块配置为开启近场通信,建立近场通信无线通道;The opening module is configured to enable near field communication and establish a near field communication wireless channel;
所述安全模块配置为在将待发数据传输给对方装置之前,进行安全验证;The security module is configured to perform security verification before transmitting the data to be sent to the other device;
所述传输模块配置为验证通过后,将所述待发数据传输给所述对方装置。The transmission module is configured to transmit the to-be-transmitted data to the counterpart device after the verification is passed.
在本发明的一种实施例中,所述安全模块还配置为对所述对方装置进行安全验证。In an embodiment of the invention, the security module is further configured to perform security verification on the counterpart device.
在本发明的一种实施例中,所述安全模块包括身份安全子模块或数据 安全子模块:所述身份安全子模块配置为对所述对方装置进行身份安全验证;所述数据安全子模块配置为在对所述对方装置进行身份安全验证,验证通过后对所述对方装置进行数据权限验证。In an embodiment of the invention, the security module includes an identity security submodule or data a security submodule: the identity security submodule is configured to perform identity security verification on the counterpart device; the data security submodule is configured to perform identity security verification on the counterpart device, and perform verification on the counterpart device Data permission verification.
在本发明的一种实施例中,所述安全模块还配置为接受对端设备对自身进行安全验证。In an embodiment of the invention, the security module is further configured to accept the peer device to perform security verification on itself.
在本发明的一种实施例中,所述安全模块还配置为接受所述对方装置对自身进行身份安全验证;或接受所述对方装置对自身进行身份安全验证,验证通过后对自身进行数据权限验证。In an embodiment of the present invention, the security module is further configured to accept the identity device to perform identity security verification on itself, or accept the identity device to perform identity security verification on itself, and perform data permission on itself after the verification is passed. verification.
本发明实施例提供的计算机存储介质存储有计算机程序,该计算机程序用于执行上述近场通信数据传输方法。The computer storage medium provided by the embodiment of the present invention stores a computer program for executing the near field communication data transmission method.
本发明的有益效果是:The beneficial effects of the invention are:
本发明实施例提供的近场通信数据传输方法和装置、计算机存储介质,开启近场通信,建立近场通信无线通道;在将待发数据传输给对方装置之前,进行安全验证;验证通过后,将待发数据传输给对方装置。与现有技术相比,不是在靠近对方终端就将数据发送给对方终端,会进行安全验证,只有在安全验证通过后,才会将数据发送给对方终端,解决了当前技术应用中NFC设备之间随意传输数据,无可信认证的问题。为用户安全使用终端提供了可靠的保障,对标准协议规范提供了有意义的补充。The near field communication data transmission method and device and the computer storage medium provided by the embodiments of the present invention enable the near field communication to establish a near field communication wireless channel; perform security verification before transmitting the data to be sent to the other device; after the verification is passed, The data to be transmitted is transmitted to the other device. Compared with the prior art, the data is sent to the other terminal without being close to the other terminal, and the security verification is performed. Only after the security verification is passed, the data is sent to the other terminal, and the NFC device in the current technical application is solved. There is no problem of trusted authentication between data transmission. It provides a reliable guarantee for users to use the terminal safely, and provides a meaningful supplement to the standard protocol specification.
附图说明DRAWINGS
图1为本发明实施例一提供的近场通信数据传输方法流程示意图;1 is a schematic flowchart of a near field communication data transmission method according to Embodiment 1 of the present invention;
图2为本发明实施例二提供的近场通信数据传输方法流程示意图;2 is a schematic flowchart of a near field communication data transmission method according to Embodiment 2 of the present invention;
图3为本发明实施例三提供的近场通信数据传输方法流程示意图;3 is a schematic flowchart of a near field communication data transmission method according to Embodiment 3 of the present invention;
图4为本发明实施例四提供的近场通信数据传输装置结构示意图一;4 is a schematic structural diagram 1 of a near field communication data transmission apparatus according to Embodiment 4 of the present invention;
图5为本发明实施例四提供的近场通信数据传输装置结构示意图二;5 is a schematic structural diagram 2 of a near field communication data transmission apparatus according to Embodiment 4 of the present invention;
图6为本发明实施例四提供的近场通信数据传输装置结构示意图三; 6 is a schematic structural diagram 3 of a near field communication data transmission apparatus according to Embodiment 4 of the present invention;
图7为本发明实施例四提供的集权管理软件系统结构示意图。FIG. 7 is a schematic structural diagram of a centralized management software system according to Embodiment 4 of the present invention.
具体实施方式detailed description
为使本发明实施例的目的、技术方案和优点更加清楚,下面将结合本发明实施例中的附图,对本发明实施例中的技术方案进行清楚、完整地描述,显然,所描述的实施例是本发明一部分实施例,而不是全部的实施例。基于本发明中的实施例,本领域普通技术人员在没有作出创造性劳动前提下所获得的所有其他实施例,都属于本发明保护的范围。The technical solutions in the embodiments of the present invention will be clearly and completely described in conjunction with the drawings in the embodiments of the present invention. It is a partial embodiment of the invention, and not all of the embodiments. All other embodiments obtained by those skilled in the art based on the embodiments of the present invention without creative efforts are within the scope of the present invention.
为了更好的理解本发明实施例,对相关的技术进行进一步说明。In order to better understand the embodiments of the present invention, the related art is further described.
在NFC数据交换对等网络(Peer to Peer,简称P2P)应用中,设备间的数据格式如下:In a Peer-to-Peer (P2P) application, the data format between devices is as follows:
{LLCP{SNEP{NDEF{RTD}}}}{LLCP{SNEP{NDEF{RTD}}}}
也就是说,逻辑链路控制协议(Logical Link Control Protocol,简称LLCP)通常携带着SNEP数据;简单NFC数据交换协议(Simple NDEF Exchange Protocol,简称SNEP)通常携带着NDEF数据;NDEF携带了RTD数据;RTD数据就是实际的应用数据;That is, the Logical Link Control Protocol (LLCP) usually carries SNEP data; the Simple NFC Exchange Protocol (SNEP) usually carries NDEF data; the NDEF carries RTD data; RTD data is the actual application data;
(1)LLCP协议(1) LLCP protocol
Logical Link Control Protocol(NFCForum-TS-LLCP1.1.pdf)提供两个NFC设备间上层信息单元传输的方式,包括:链接激活、管理、去激活以及协议复用。面向连接的传输:提供了一种序列化的、无误的数据传输服务无连接的传输:协议开销小,采用请求、响应机制。The Logical Link Control Protocol (NFCForum-TS-LLCP1.1.pdf) provides the means for transmitting upper layer information units between two NFC devices, including link activation, management, deactivation, and protocol multiplexing. Connection-oriented transport: Provides a serialized, error-free data transmission service connectionless transmission: the protocol overhead is small, using the request and response mechanism.
(2)SNEP协议(2) SNEP agreement
Simple NDEF Exchange Protocol(NFCForum-TS-SNEP_1.0.pdf)是一个应用层协议(采用请求、响应模式),适用于P2P模式下,在两个NFC设备间发送或接收NDEF应用数据。客户端发送一个请求给服务端,报文包含:协议版本、请求方法、长度、信息数据;服务端则执行指定的操作, 然后回应数据包:协议版本、状态代码、长度、信息数据。Simple NDEF Exchange Protocol (NFCForum-TS-SNEP_1.0.pdf) is an application layer protocol (using request and response mode). It is applicable to P2P mode to send or receive NDEF application data between two NFC devices. The client sends a request to the server, the message includes: protocol version, request method, length, and information data; the server performs the specified operation. Then respond to the packet: protocol version, status code, length, information data.
(3)NDEF(3) NDEF
NFC Data Exchange Format(NFCForum-TS-NDEF_1.0.pdf)NDEF是轻量级的紧凑二进制格式,可带有URL、vCard和NFC定义的各种数据类型。NDEF交换的信息由一系列记录(Record)组成,每条记录包含一个有效载荷,记录内容可以是URL、MIME,或者自定义得数据类型。每个有效载荷是由一个类型、长度和一个可选的标识符进行描述。一条NDEF最大携带的数据大小为4GB。NFC Data Exchange Format (NFCForum-TS-NDEF_1.0.pdf) NDEF is a lightweight, compact binary format with various data types defined by URL, vCard and NFC. The information exchanged by NDEF consists of a series of records, each of which contains a payload, which can be a URL, MIME, or a custom data type. Each payload is described by a type, length, and an optional identifier. The maximum data size of an NDEF is 4GB.
实施例一Embodiment 1
本实施例的近场通信数据传输方法,如图1所示,包括以下步骤:The near field communication data transmission method of this embodiment, as shown in FIG. 1, includes the following steps:
步骤S101:开启近场通信,建立近场通信无线通道;Step S101: Turn on near field communication, and establish a near field communication wireless channel;
在该步骤中,应该理解为需要激活近场通信NFC,让两个进行数据交互的装置的NCF都出与开启状态,建立好无线通道。In this step, it should be understood that it is necessary to activate the near field communication NFC, so that the NCFs of the two devices performing data interaction are both turned on and on, and the wireless channel is established.
步骤S102:在将待发数据传输给对方装置之前,进行安全验证;Step S102: Perform security verification before transmitting the to-be-transmitted data to the other device.
在该步骤中,这里的带发数据可以包括存储在终端中的通讯录、文件、图库和音乐库等。应该理解为,这里的待发数据为想要进行传输的各种共享的数据。这里的对方装置和自身装置,可以是任何具有NFC功能(即具备NFC芯片通信系统)的装置或设备器件,当然,还可以具有其他系统,例如通讯、显示、音频等系统。具体的装置可以是智能终端,例如可以为手机,平板电脑等。主要是为了提供自身装置中的数据安全,防止一些重要数据传输到陌生装置中,对对方装置进行安全验证就能提高数据的安全性。In this step, the transmitted data herein may include an address book, a file, a gallery, a music library, and the like stored in the terminal. It should be understood that the data to be sent here is the various shared data that is intended to be transmitted. The counterpart device and the device itself may be any device or device device having an NFC function (ie, having an NFC chip communication system), and of course, other systems such as communication, display, audio, and the like. The specific device may be a smart terminal, such as a mobile phone, a tablet computer, or the like. It is mainly to provide data security in its own device, to prevent some important data from being transmitted to unfamiliar devices, and to perform security verification on the other device to improve data security.
步骤S103:验证通过后,将待发数据传输给对方装置。Step S103: After the verification is passed, the data to be sent is transmitted to the counterpart device.
在该步骤中,在通过了安全验证后,才将待发数据传输给对方装置,这样能够提高安全性。如果验证没通过,就可以停在待发数据传输,可以 我们的装置不会与任意装置进行不可信的数据交换,让我们的数据保护和安全通信更进一步。In this step, after the security verification is passed, the data to be transmitted is transmitted to the other device, which improves security. If the verification fails, you can stop the data transmission to be sent, you can Our devices do not exchange untrusted data with any device, allowing our data protection and secure communications to go a step further.
在上述步骤S102中,进行安全验证可以是对对方装置进行安全验证,具体对对方装置进行安全验证包括对对方装置进行身份安全验证。In the above step S102, performing security verification may be performing security verification on the counterpart device, and performing security verification on the counterpart device specifically includes performing identity security verification on the counterpart device.
具体的对对方装置进行身份安全验证可以是接收对方装置发送的身份安全标识,判断身份安全标识是否与自身的身份安全标识相同,如果相同,身份安全验证通过。应该理解为,对于本装置和其他所有对方装置都会在预先存入身份安全标识,让本装置可以识别对端装置的身份安全标识,在本装置中会存入多个身份安全标识。以装置为手机举例说明,张三为本端装置即发送方,在张三的手机为例中,预先存储有家人身份安全标识A、同事身份安全标识B和同学身份安全标识C,并且张一和张二为张三的家人,李四和王五为张三的同事,赵六和赵七为张三的同学。那么在张三的手机里面就存有身份安全标识A、B和C,在张一和张二的手机里面存储有身份安全标识A,在李四和王五的手机中存储有身份安全标识B,在赵六和赵七的手机中存储有身份安全标识C,假如张三要和李四进行数据传输,那么在张三和李四进行数据传输之前,李四会将自己的身份安全标识B给张三手机,张三手机判断自身是有相同的身份安全标识B,如果有,则认为是信任的。如果没有身份安全标识,或者身份安全标识与自己的不相同,就认为是不信任的,验证不通过。The specific identity security verification for the other device may be the identity security identifier sent by the receiving device, and determine whether the identity security identifier is the same as its own identity security identifier. If the identity is the same, the identity security verification is passed. It should be understood that for the device and all other counterpart devices, the identity security identifier is pre-stored so that the device can identify the identity security identifier of the peer device, and multiple identity security identifiers are stored in the device. Taking the device as an example of the mobile phone, Zhang San is the sender of the local device, and in the case of Zhang San’s mobile phone, the family identity security identifier A, the colleague identity security identifier B and the classmate identity security identifier C are pre-stored, and Zhang Yi Zhang Er is the family of Zhang San, Li Si and Wang Wu are colleagues of Zhang San, Zhao Liu and Zhao Qi are Zhang San’s classmates. Then there are identity security signs A, B and C in Zhang San’s mobile phone, identity security ID A in Zhang Yi and Zhang Er’s mobile phones, and identity security ID B in Li Si and Wang Wu’s mobile phones. In the mobile phones of Zhao Liu and Zhao Qi, the identity security identifier C is stored. If Zhang San and Li Si conduct data transmission, then before the data transmission by Zhang San and Li Si, Li Si will identify his identity security B. For Zhang San mobile phone, Zhang San mobile phone judges that it has the same identity security identifier B, and if so, it is considered to be trustworthy. If there is no identity security identity, or the identity security identity is different from its own, it is considered to be untrusted, and the verification fails.
具体的对对方装置进行身份安全验证可以是接收对方装置的身份标识,判断身份标识是否在预设安全列表内,如果在,身份安全验证通过。应该理解为,对于本装置和其他所有对方装置都会有相应的身份标识,比如装置的编号以及号码的标识信息,让本装置可以识别对端装置,在本装置中会存入预先设置的哪些是可以信任的装置对应的身份标识列表,当然这里的列表是指存储有能够信任的装置,不仅仅是以列表形式,其他形式 也可以包含在内。以装置为手机举例说明,在张三(发送方)的手机为例中,在张三手机预先存储的安全列表中包含张三的家人张一和张二,张三的同事李四和王五,张三的同学赵六和赵七。假如张三要和李四进行数据传输,那么在张三和李四进行数据传输之前,李四会将自己的身份标识(手机号码)给张三手机,张三手机判断发现自己安全列表中有李四的手机,则认为是信任的,验证通过。The specific identity security verification of the counterpart device may be to receive the identity identifier of the counterpart device, determine whether the identity identifier is in the preset security list, and if so, the identity security verification is passed. It should be understood that for the device and all other counterpart devices, there will be corresponding identification, such as the number of the device and the identification information of the number, so that the device can identify the opposite device, and what is preset in the device A list of identities corresponding to devices that can be trusted. Of course, the list here means that devices that can be trusted are stored, not just in the form of lists, other forms. Can also be included. Taking the device as a mobile phone as an example, in the case of the mobile phone of Zhang San (sender), the safety list pre-stored in Zhang San mobile phone contains Zhang San’s family Zhang Yi and Zhang Er, Zhang San’s colleagues Li Si and Wang Wu Zhang San’s classmates Zhao Liu and Zhao Qi. If Zhang San and Li Si carry out data transmission, then before the data transmission of Zhang San and Li Si, Li Si will give his identity (mobile number) to Zhang San mobile phone, and Zhang San mobile phone judges that he has a safe list. Li Si’s mobile phone is considered trustworthy and verified.
为了进一步,提高安全性,可以进行多层验证,只有同时满足时,才能进行数据传输。即具体的对对方装置进行身份安全验证还可以是接收对方装置的身份安全标识和身份标识,判断身份安全标识是否与自身的身份安全标识相同,以及判断身份标识是否在预设安全列表内,如果身份安全标识相同且在预设安全列表内,身份安全验证通过。应该理解为,对于本装置和其他所有对方装置都会在预先存入身份安全标识,让本装置可以识别对端装置的身份安全标识,在本装置中会存入多个身份安全标识。以及对于本装置和其他所有对方装置都会有相应的身份标识,比如装置的编号以及号码的标识信息,让本装置可以识别对端装置,在本装置中会存入预先设置的哪些是可以信任的装置对应的身份标识列表。以装置为手机举例说明,结合上面张三的例子进行说明,假如张三要和李四进行数据传输,那么在张三和李四进行数据传输之前,李四会将自己的身份安全标识B给张三手机,张三手机判断自身是有相同的身份安全标识B,如果有,则认为是信任的身份安全标识B与自己存在的身份安全标识B相同后,还会判断李四的身份标识(手机号码)是否在自己的安全列表中,如果在,则验证通过。因为身份安全标识只会在于是有有这个身份安全标识,不会具体在乎是谁,有可能被陌生人盗取了该身份安全标识,如果进一步加强了身份识别验证,就提高了安全性。In order to further improve security, multi-layer verification can be performed, and data transmission can be performed only when it is satisfied at the same time. That is, the specific identity security verification of the counterpart device may also be to receive the identity security identifier and the identity identifier of the counterpart device, determine whether the identity security identifier is the same as its own identity security identifier, and determine whether the identity identifier is in the preset security list, if The identity security ID is the same and within the preset security list, the identity security verification is passed. It should be understood that for the device and all other counterpart devices, the identity security identifier is pre-stored so that the device can identify the identity security identifier of the peer device, and multiple identity security identifiers are stored in the device. And for the device and all other counterpart devices, there will be corresponding identity, such as the number of the device and the identification information of the number, so that the device can identify the peer device, and in the device, which ones are pre-set can be trusted. A list of identities corresponding to the device. Taking the device as an example of the mobile phone, combined with the example of Zhang San above, if Zhang Sanwei and Li Si carry out data transmission, then before the data transmission by Zhang San and Li Si, Li Si will give his identity security mark B to Zhang San mobile phone, Zhang San mobile phone judges that it has the same identity security identity B, if it is, it is considered that the trusted identity security identity B is the same as its own identity security identity B, and will also determine the identity of Li Si ( Whether the mobile number is in its own safe list, if it is, the verification is passed. Because the identity security logo only means that there is this identity security logo, it does not specifically care who it is, and it may be stolen by the stranger. If the identity verification is further strengthened, the security is improved.
值得注意是,上述的对对方装置进行身份安全验证只是为了便于理解 进行的举例,其他可以实现对对方装置进行身份安全验证的方式也应包含在内。It is worth noting that the above-mentioned identity security verification of the other device is only for the purpose of understanding. For example, other ways to implement identity security verification of the other device should also be included.
进一步,为了提高数据的安全,对对方装置进行安全验证还包括:先对对方装置进行身份安全验证,验证通过后,再对对方装置进行数据权限验证。即会先进行身份安全验证,在身份安全验证通过后,再进行对方装置进行数据权限验证,数据权限验证通过后才进行数据传输。这里的数据权限是指该对方装置能够有共享哪些数据,例如,家人可以共享自己的生活照片,二工作文件一般不会共享,同事可以共享工作文件,却一般不共享自己的生活照片。Further, in order to improve the security of the data, performing security verification on the other device further includes: performing identity security verification on the other device first, and then performing data authority verification on the other device after the verification is passed. That is, the identity security verification is performed first, and after the identity security verification is passed, the data authentication of the other device is performed, and the data transmission is performed after the data authority verification is passed. The data permission here refers to the data that the other device can share, for example, the family can share their own life photos, the second working files are generally not shared, the colleagues can share the working documents, but generally do not share their own life photos.
具体的对对方装置进行数据权限验证可以是获取对方装置对应的数据权限;判断对方装置的数据权限对应的数据是否包含待发数据;如果包含,则数据权限验证通过。具体的,获取对方装置对应的数据权限包括:根据对方装置的身份安全标识或身份标识找到对方装置对应的数据权限。结合上述张三的例子进行说明,当张三和李四进行数据传输时,张三对李四的身份安全验证通过后,可以根据李四的身份安全标识B找到身份安全标识B或李四的手机号码对应哪些数据权限,例如可以是工作文件,音乐和视频,再看待传输的数据是不是在其中,如果在,就可以传输,例如是工作文件,那么就可以进行传输,如果不在,例如是生活照片,就不可以进行传输。优选的,会预先对各身份安全标识对应设置好其对应有哪些数据权限,对各身份标识也会对应设置好其对应有哪些数据权限。The specific data authority verification for the other device may be to obtain the data authority corresponding to the counterpart device; determine whether the data corresponding to the data authority of the counterpart device includes the data to be sent; if yes, the data authority verification is passed. Specifically, obtaining the data authority corresponding to the counterpart device includes: finding the data authority corresponding to the counterpart device according to the identity security identifier or the identity identifier of the counterpart device. In combination with the above example of Zhang San, when Zhang San and Li Si conduct data transmission, after Zhang San’s identity verification of Li Si is passed, he can find identity security identity B or Li Si according to Li Si’s identity security identity B. Which data rights are corresponding to the mobile phone number, such as working files, music and video, and whether the data to be transmitted is in it. If it is, it can be transmitted, for example, a working file, then it can be transmitted. If not, for example, Life photos cannot be transferred. Preferably, the data security rights are correspondingly set in advance corresponding to the data security identifiers, and the corresponding data identifiers are also correspondingly set for each identity identifier.
具体的对对方装置进行数据权限验证还可以是获取具有待发数据权限的所有装置,判断是否包含对方装置,如果包含,则数据权限验证通过。具体的,获取具有待发数据权限的所有装置包括:获取具有待发数据的所有装置对应的身份安全标识或身份标识;判断是否包含对方装置包括:判断是否包含对方装置对应的身份安全标识或身份标识。结合上述张三的例 子进行说明,当张三和李四进行数据传输时,张三对李四的身份安全验证通过后,例如待传输数据为生活照片,那么找到生活照片对应的身份安全标识A,或对应的身份标识张一的手机号码和张二的手机号码,由于此时是李四,那么就不包含,所述不能进传输。如果此时待传输数据为工作文件,那么对应的身份安全标识B,或对应的身份标识李四的手机号码和王五的手机号码,包含了李四,就可以进行传输。The specific data authority verification for the other device may also be to obtain all devices having the right to send data, and determine whether the device is included. If yes, the data authority is verified. Specifically, obtaining all the devices having the right to send data includes: acquiring an identity security identifier or an identity identifier corresponding to all devices that have data to be sent; determining whether the device includes the counterpart device includes: determining whether the identity security identifier or identity corresponding to the counterpart device is included Logo. Combining the above examples of Zhang San The child explains that when Zhang San and Li Si carry out data transmission, after Zhang San’s identity verification of Li Si is passed, for example, the data to be transmitted is a life photo, then the identity security identifier A corresponding to the life photo is found, or the corresponding identity is obtained. The mobile phone number identifying Zhang Yi and the mobile phone number of Zhang Er, since it is Li Si at this time, then it is not included, and the above cannot be transmitted. If the data to be transmitted is a working file at this time, the corresponding identity security identifier B, or the corresponding mobile phone number of the identity identifier Li Si and the mobile phone number of Wang Wu, including the Li Si, can be transmitted.
值得注意是,上述的对对方装置进行数据权限验证只是为了便于理解进行的举例,其他可以实现对对方装置进行身份安全验证的方式也应包含在内。It is worth noting that the above-mentioned data authority verification for the other device is only for the sake of easy understanding. Other ways of performing identity security verification on the other device should also be included.
具体的在装置中设置身份安全标识以及相应的数据权限可以在终端设备(即装置)上以app的形式来实现,这样就由一个指定终端来作为管理的角色,可以管理所有需受控的可信NFC终端设备,包括设备信息、身份安全标识、可发送数据类型。而该管理终端对其他设备分发上述信息的通道,可以通过NFC标签读写的方式,将需要写入受控数据的NFC终端设备与该管理终端靠近,即可写入身份安全标识等数据。也可以在PC设备上实现,用户可以利用家庭电脑、办公电脑安装集权管理软件,作为管理的角色,可以管理所有需受控的可信NFC终端设备。将设备信息、身份安全标识、可发送数据权限通过USB线连接受控终端,来写入身份安全标识等数据。Specifically, setting the identity security identifier in the device and the corresponding data authority may be implemented in the form of an app on the terminal device (ie, the device), so that a designated terminal is used as a management role, and all the controlled devices can be managed. Letter NFC terminal equipment, including equipment information, identity security identity, and transmittable data type. The NFC terminal device that needs to write the controlled data to the NFC terminal device and the management terminal can write the data such as the identity security identifier by means of the NFC tag reading and writing. It can also be implemented on a PC device. Users can use the home computer and office computer to install centralized management software as a management role to manage all trusted NFC terminal devices that need to be controlled. The device information, the identity security identifier, and the transmittable data authority are connected to the controlled terminal through the USB cable to write data such as the identity security identifier.
进一步,为了提高这些安全性,可以选择硬件芯片存储或者软件存储,其中,硬件芯片,对于安全级别要求比较高的系统,可以将可信NFC设备相关的权限数据包括身份安全标识和数据权限保存在硬件芯片中,如eSE、加密T卡,通过通用的芯片接口进行访问读写,甚至可以提供加密存储的保护;软件存储,对于普通安全级别的系统,可以将可信NFC设备相关的权限数据保存在设备的文件系统中,可以明文保存或者加密保存。 Further, in order to improve the security, hardware chip storage or software storage may be selected, wherein the hardware chip, for a system with a higher security level requirement, may save the rights data related to the trusted NFC device, including the identity security identifier and the data authority. In the hardware chip, such as eSE, encrypted T card, access and read and write through the common chip interface, and even provide protection for encrypted storage; software storage, for the general security level system, can save the authority data related to the trusted NFC device In the file system of the device, it can be saved in plain text or encrypted.
在上述步骤S102中,进行安全验证可以是接受对方装置对自身进行安全验证,具体接受对方装置对自身进行安全验证包括接受对方装置对自身进行身份安全验证。In the above step S102, the security verification may be performed by the receiving device to perform security verification on itself, and specifically accepting the security verification by the counterpart device itself, including accepting the identity verification of the identity by the counterpart device.
具体的接受对方装置对自身进行身份安全验证可以是将自身的身份安全标识发送给对方装置,让对方装置判断身份安全标识是否与对方装置自身的身份安全标识相同,如果相同,身份安全验证通过。应该理解为,对于对方装置自身和其他所有对方装置都会在预先存入身份安全标识,让对方装置可以识别本端自身装置的身份安全标识,在对方装置中会存入多个身份安全标识。以装置为手机举例说明,在张三的手机为例中,张三为对方装置即接收方,预先存储有家人身份安全标识A、同事身份安全标识B和同学身份安全标识C,并且张一和张二为张三的家人,李四和王五为张三的同事,赵六和赵七为张三的同学。那么在张三的手机里面就存有身份安全标识A、B和C,在张一和张二的手机里面存储有身份安全标识A,在李四和王五的手机中存储有身份安全标识B,在赵六和赵七的手机中存储有身份安全标识C,假如张三要和李四进行数据传输,那么在张三和李四进行数据传输之前,李四会将自己的身份安全标识B给张三手机,接受张三手机判断自身是有相同的身份安全标识B,如果有,则认为是信任的。如果没有身份安全标识,或者身份安全标识与自己的不相同,就认为是不信任的,验证不通过。验证通过后,张三手机会反馈告诉李四安全验证通过,或者在预设时间内如果没有收到张三反馈失败信息则李四认为安全验证通过。The specific acceptance of the identity verification by the counterpart device may be to send its own identity security identifier to the counterpart device, and let the counterpart device determine whether the identity security identifier is the same as the identity security identifier of the counterpart device itself, and if the identity is the same, the identity security verification is passed. It should be understood that the identity security identifier is pre-stored for the counterpart device itself and all other counterpart devices, so that the counterpart device can identify the identity security identifier of the local device, and multiple identity security identifiers are stored in the counterpart device. Taking the device as a mobile phone as an example, in the case of Zhang San’s mobile phone, Zhang San is the other party’s device, that is, the recipient, pre-stored the family identity security identity A, the colleague identity security identity B, and the classmate identity security identity C, and Zhang Yihe Zhang Er is the family of Zhang San, Li Si and Wang Wu are Zhang's colleagues, Zhao Liu and Zhao Qi are Zhang San's classmates. Then there are identity security signs A, B and C in Zhang San’s mobile phone, identity security ID A in Zhang Yi and Zhang Er’s mobile phones, and identity security ID B in Li Si and Wang Wu’s mobile phones. In the mobile phones of Zhao Liu and Zhao Qi, the identity security identifier C is stored. If Zhang San and Li Si conduct data transmission, then before the data transmission by Zhang San and Li Si, Li Si will identify his identity security B. To Zhang San mobile phone, accept Zhang San mobile phone to judge that he has the same identity security identity B, if any, it is considered trust. If there is no identity security identity, or the identity security identity is different from its own, it is considered to be untrusted, and the verification fails. After the verification is passed, Zhang San Mobile will feedback to tell Li Si to pass the security verification, or if the failure message of Zhang San is not received within the preset time, Li Si believes that the security verification has passed.
具体的接受对方装置进行对自身身份安全验证可以是发送自身装置的身份标识,让对方装置判断身份标识是否在对方装置预设安全列表内,如果在,身份安全验证通过。应该理解为,本端装置和其他所有装置都会有相应的身份标识,比如装置的编号以及号码的标识信息,让对方装置可以 识别本端装置,在对方装置中会存入预先设置的哪些是可以信任的装置对应的身份标识列表,当然这里的列表是指存储有能够信任的装置,不仅仅是以列表形式,其他形式也可以包含在内。以装置为手机举例说明,张三为对方装置即接收方,在张三的手机为例中,在张三手机预先存储的安全列表中包含张三的家人张一和张二,张三的同事李四和王五,张三的同学赵六和赵七。假如张三要和李四进行数据传输,那么在张三和李四进行数据传输之前,李四会将自己的身份标识(手机号码)给张三手机,张三手机判断发现自己安全列表中有李四的手机,则认为是信任的,验证通过,然后告诉李四,这样李四就可以对张三进行数据传输了。The specific acceptance of the remote device for authenticating the identity of the identity may be to send the identity of the device, and let the other device determine whether the identity is in the preset security list of the other device, and if so, the identity security verification is passed. It should be understood that the local device and all other devices will have corresponding identity, such as the number of the device and the identification information of the number, so that the other device can Identifying the local device, in the other device, it will store a list of identities corresponding to the devices that can be trusted. Of course, the list here means that the device can be trusted, not only in the form of a list, but also in other forms. Can be included. Taking the device as an example of the mobile phone, Zhang San is the other party's device, that is, the receiving party. In Zhang San's mobile phone, for example, Zhang San's family Zhang Yi and Zhang Er, Zhang San's colleagues, are included in the safety list pre-stored by Zhang San mobile phone. Li Si and Wang Wu, Zhang San's classmates Zhao Liu and Zhao Qi. If Zhang San and Li Si carry out data transmission, then before the data transmission of Zhang San and Li Si, Li Si will give his identity (mobile number) to Zhang San mobile phone, and Zhang San mobile phone judges that he has a safe list. Li Si’s mobile phone is considered to be trustworthy, verified, and then told Li Si, so that Li Si can transfer data to Zhang San.
为了进一步,提高安全性,可以进行多层验证,只有同时满足时,才能进行数据传输。即具体的对对方装置进行身份安全验证还可以是将自身的身份安全标识和身份标识发给对方装置,对方装置判断身份安全标识是否与自身的身份安全标识相同,以及判断身份标识是否在预设安全列表内,如果身份安全标识相同且在预设安全列表内,身份安全验证通过。应该理解为,对于本装置和其他所装置都会在预先存入身份安全标识在对方装置中,让对方装置可以识别本端装置的身份安全标识,即在对方装置中会存入多个身份安全标识。以及对于本装置和其他所有装置都会有相应的身份标识,比如装置的编号以及号码的标识信息,让对方装置可以识别本端装置,在对方装置中会存入预先设置的哪些是可以信任的装置对应的身份标识列表。以装置为手机举例说明,结合上面张三的例子进行说明,假如张三要和李四进行数据传输,并且张三为接收方,那么在张三和李四进行数据传输之前,张三会将自己的身份安全标识B给李四手机,李四手机判断自身是有相同的身份安全标识B,如果有,则认为是信任的身份安全标识B与自己存在的身份安全标识B相同后,还会判断李四的身份标识(手机号码)是否在自己的安全列表中,如果在,则验证通过。因为身份安全标识 只会在于是有有这个身份安全标识,不会具体在乎是谁,有可能被陌生人盗取了该身份安全标识,如果进一步加强了身份识别验证,就提高了安全性。In order to further improve security, multi-layer verification can be performed, and data transmission can be performed only when it is satisfied at the same time. That is, the specific identity security verification of the counterpart device may also be to send the identity security identifier and the identity identifier to the other device, and the counterpart device determines whether the identity security identifier is the same as its own identity security identifier, and whether the identity identifier is preset. In the security list, if the identity security ID is the same and is in the preset security list, the identity security verification is passed. It should be understood that for the device and other devices, the identity security identifier is pre-stored in the other device, so that the other device can identify the identity security identifier of the local device, that is, multiple identity security identifiers are stored in the other device. . And for the device and all other devices, there will be corresponding identification, such as the number of the device and the identification information of the number, so that the other device can identify the local device, and the pre-set devices that are trusted can be stored in the other device. A list of corresponding identities. Taking the device as an example of the mobile phone, combined with the example of Zhang San above, if Zhang San and Li Si carry out data transmission, and Zhang San is the receiver, then before the data transmission by Zhang San and Li Si, Zhang Sanhui The identity security sign B of his own is given to the Li Si mobile phone. The Li Si mobile phone judges that it has the same identity security identifier B. If it is, it is considered that the trusted identity security identity B is the same as its own identity security identity B. Determine whether Li Si's identity (mobile number) is in his or her own safe list. If yes, the verification is passed. Because identity security identity It only means that there is this identity security logo, and it doesn't care who it is. It may be stolen by strangers. If the identity verification is further strengthened, the security will be improved.
值得注意是,上述的接受对方装置进行本端装置的身份安全验证只是为了便于理解进行的举例,其他可以实现接受对方装置进行对本端装置身份安全验证的方式也应包含在内。It should be noted that the foregoing method for accepting the identity verification of the local device by the counterpart device is only for the sake of easy understanding. Other ways of accepting the identity verification of the identity of the local device by the counterpart device should also be included.
进一步,为了提高数据的安全,接受对方装置对本端装置进行安全验证还包括:先接受对方装置对本端装置进行身份安全验证,验证通过后,再接受对方装置对本端装置进行数据权限验证。即会先接受对方端装置进行身份安全验证,在身份安全验证通过后,再接受对方装置对本端装置进行数据权限验证,数据权限验证通过后才进行数据传输。这里的数据权限是指该本端装置能够有共享哪些数据,即对方装置对哪些数据可以进行接收,哪些数据不能进行接收。值得注意对,这里具体接受对方装置进行的安全验证方式与本端对对方装置进行安全验证的方式相同,主要是彼此验证执行主体不同,在此,就不进行重复说明。Further, in order to improve the security of the data, the security verification of the local device by the receiving device includes: first accepting the identity verification of the local device by the other device, and after receiving the verification, accepting the data verification of the local device by the other device. That is, the peer device is first accepted for identity security verification. After the identity security verification is passed, the other device is accepted to perform data authority verification on the local device, and data transmission is performed after the data authority verification is passed. The data permission here refers to which data the local device can share, that is, which data can be received by the counterpart device, and which data cannot be received. It is worth noting that the security verification method performed by the other device is the same as the security verification method performed by the local device on the other device, and the main verification is that the execution subject is different from each other, and the repeated description will not be repeated here.
实施例二Embodiment 2
本实施例的近场通信数据传输方法,本实施例主要以NFC P2P数据传输设备终端之间如何通过身份安全标识来识别可信设备进而判断是否可进行数据传输的,以手机发送通讯录名片为例进行说明,如图2所示,包括以下步骤:In the near field communication data transmission method of the embodiment, the NFC P2P data transmission device terminal uses the identity security identifier to identify the trusted device to determine whether the data can be transmitted. The example is illustrated, as shown in Figure 2, including the following steps:
步骤S201:发送端通过P2P数据分享操作界面系统,选择发送通讯名片,激活P2P传输;Step S201: The transmitting end selects to send a communication business card and activates P2P transmission through the P2P data sharing operation interface system;
步骤S202:发送端与接收端接近,利用NFC天线发射系统发出射频场,与接收端建立无线通道;Step S202: The transmitting end is close to the receiving end, and the transmitting field is sent by the NFC antenna transmitting system, and the wireless channel is established with the receiving end;
在该步骤中,接收端会收到发送端的NFC射频场。 In this step, the receiving end receives the NFC radio frequency field of the transmitting end.
步骤S203:发送端获取接收端发送的身份安全标识,即接收端通过P2P数据传输系统,从P2P权限标识存储系统读取权限标识,写入NDEF数据结构传送给发送端;Step S203: The sending end acquires the identity security identifier sent by the receiving end, that is, the receiving end reads the permission identifier from the P2P authority identifier storage system through the P2P data transmission system, and writes the NDEF data structure to the sending end;
在该步骤中,接收端也会记录发送端的相关信息。In this step, the receiving end also records related information of the transmitting end.
步骤S204:发送端根据接收端的身份安全标识,判断接收端是否可信NFC设备?如果不是可信设备,则流程终止;如果是可信设备,则进入步骤S205;Step S204: The transmitting end determines, according to the identity security identifier of the receiving end, whether the receiving end is trusted by the NFC device. If it is not a trusted device, the process terminates; if it is a trusted device, proceeds to step S205;
步骤S205:发送端的P2P数据传输系统,从P2P权限标识存储系统读取与接收端可传输的数据权项,如果不允许传输通讯录名片,则流程终止;如果允许传输通讯录名片,则进入步骤S206;Step S205: The P2P data transmission system at the transmitting end reads the data rights that can be transmitted and received from the receiving end from the P2P rights identification storage system, and if the transmission of the address book business card is not allowed, the process is terminated; if the transmission of the business card is allowed, the process proceeds to S206;
步骤S206:发送端的P2P数据传输系统,将所选择的通讯录名片写入NDEF数据结构发送给接收端,流程完成。Step S206: The P2P data transmission system at the transmitting end sends the selected address book business card to the NDEF data structure and sends it to the receiving end, and the process is completed.
在该步骤中,接收端收到名片,会进行存储。In this step, the receiving end receives the business card and stores it.
值得注意的是,本实例中的发送端为本装置,接收端为对方装置。本实例中的NFC数据交换P2P应用中,设备间的数据格式如下:It should be noted that the transmitting end in this example is the device, and the receiving end is the counterpart device. In the NFC data exchange P2P application in this example, the data format between devices is as follows:
{LLCP{SNEP{NDEF{RTD}}}}{LLCP{SNEP{NDEF{RTD}}}}
本实例中将身份安全标识通过扩展NDEF数据类型在P2P的设备之间交互和判断是否允许进行数据传输。NDEF信息及标准格式说明:文本(T),可携带信息字符串,也可以被可包含在其他NDEF信息中作为其描述文本。URI(U),可用于存储网站地址、邮件、电话号码,存储成经过优化的二进制形式。智能海报(Sp),用于将URL,短信或电话号码输入NFC标签,及如何在设备间传递这些信息。通用控制RTD。签名RTD。In this example, the identity security identifier is exchanged between the P2P devices by the extended NDEF data type and whether data transmission is allowed. NDEF information and standard format description: text (T), can carry information strings, can also be included in other NDEF information as its description text. URI(U), which can be used to store website addresses, emails, phone numbers, and stored in an optimized binary form. Smart poster (Sp) for entering URLs, text messages or phone numbers into NFC tags and how to pass them between devices. Universal control of the RTD. Sign the RTD.
实施例三Embodiment 3
本实施例的近场通信数据传输方法,如图3所示,包括以下步骤:The near field communication data transmission method of this embodiment, as shown in FIG. 3, includes the following steps:
步骤S301:P2P集权管理软件系统分配可信P2P数据传输身份安全标 识和限制可发送数据权项;Step S301: The P2P centralized management software system allocates a trusted P2P data transmission identity security standard Knowledge and restrictions can send data rights;
步骤S302:将可信P2P数据传输身份安全标识保存在P2P身份安全标识存储系统中;这里的存储系统可以是在装置本地,也可是在相关的存储装置中;Step S302: The trusted P2P data transmission identity security identifier is stored in the P2P identity security identifier storage system; the storage system herein may be local to the device or in the related storage device;
步骤S303:两部具备NFC芯片的终端设备,其中一部(发送端)打开P2P数据分享操作界面系统,选择需要传输的数据即待传输数据;Step S303: two terminal devices having an NFC chip, one of which (the transmitting end) opens a P2P data sharing operation interface system, and selects data to be transmitted, that is, data to be transmitted;
步骤S304:P2P的发送端与接收端NFC终端设备靠近,触发NFC天线发射系统,进行无线通信对接;Step S304: The transmitting end of the P2P is close to the receiving end NFC terminal device, triggering the NFC antenna transmitting system to perform wireless communication docking;
步骤S305:P2P数据传输系统进行数据传输,从P2P权限标识存储系统中读取权限标识,判断通信双方是否属于同一个可信群组即是否有相同的身份安全标识,如果不属于同一个可信群组,则阻断这一次的P2P数据传输;如果属于同一个可信群组,则发送方进一步从P2P身份安全标识存储系统中读取对应的传输数据权限,判断当前P2P数据分享操作界面系统所选择的数据是否被允许发送,如果不被允许,则P2P数据传输失败。Step S305: The P2P data transmission system performs data transmission, reads the permission identifier from the P2P authority identification storage system, and determines whether the communication parties belong to the same trusted group, that is, whether they have the same identity security identifier, if they do not belong to the same trusted The group blocks the P2P data transmission of this time; if it belongs to the same trusted group, the sender further reads the corresponding transmission data authority from the P2P identity security identifier storage system, and determines the current P2P data sharing operation interface system. Whether the selected data is allowed to be sent, if not allowed, the P2P data transmission fails.
值得注意是,本实施例中的无线通信方式是NFC近距离无线通信方式。It should be noted that the wireless communication method in this embodiment is an NFC short-range wireless communication method.
本实施例提供的是在NFC近距离通信中,建立可信P2P数据传输设备群组的方法,因此步骤S301、S302都是在NFC设备使用P2P数据连接之前进行的,为说明哪些场景属于NFC设备使用P2P数据连接之前,以下例举几种可能存在情况:(1)家人之间传输照片;(2)朋友之间传输视频;(3)同事之间传输文件。需要说明的是,本实施例中的步骤S301、S302是在NFC设备使用P2P数据连接之前进行的。因此在两部NFC终端通过近距离通信方式进行P2P数据传输时,需要先通过P2P集权管理软件系统将可信P2P数据传输权限标识保存在P2P权限标识存储系统中,从而在使用P2P数据传输系统时,获取标识并进行设备权限管理。应该理解为,在进行数据传输之前,可以通过集权管理系统,我们可以管理所有受控设备, 为它们写入身份安全标识。然后,在使用NFC点到点传输之前,两个终端通过数据通信先进行一定的信息校验,如可信的身份安全标识,认定当前互传数据的设备是否可信,然后再判断是否进行传输的操作,这是在现有协议基础上的补充。通过这个补充,我们可以组建不同的可信设备群组,以及每个群组可以分享的数据权项的数据。比如:家庭可信设备群组,可以分享所有的数据权限的数据;朋友可信设备群组,可以分享名片、图片、视频、音频等数据权限的数据;同事可信设备群组,可以分享名片、文档数据权限的数据。设备不会与任意终端进行不可信的数据交换,让数据保护和安全通信更进一步。This embodiment provides a method for establishing a trusted P2P data transmission device group in NFC short-range communication. Therefore, steps S301 and S302 are performed before the NFC device uses the P2P data connection, to indicate which scenarios belong to the NFC device. Before using P2P data connections, here are a few possible scenarios: (1) transferring photos between family members; (2) transferring videos between friends; and (3) transferring files between colleagues. It should be noted that steps S301 and S302 in this embodiment are performed before the NFC device uses the P2P data connection. Therefore, when the two NFC terminals perform P2P data transmission through the short-range communication mode, the P2P centralized management software system needs to first store the trusted P2P data transmission authority identifier in the P2P authority identification storage system, so that when the P2P data transmission system is used, , get the identity and manage device permissions. It should be understood that we can manage all controlled devices through the centralized management system before data transmission. Write an identity security ID for them. Then, before using NFC point-to-point transmission, the two terminals first perform certain information verification through data communication, such as a trusted identity security identifier, determining whether the device currently transmitting data is trusted, and then determining whether to transmit. The operation, which is supplemented by existing agreements. With this addition, we can set up different groups of trusted devices, as well as data for data rights that each group can share. For example, a family trusted device group can share data of all data rights; a friend trusted device group can share data of data rights such as business cards, pictures, videos, audios, etc.; a trusted device group of colleagues can share business cards Data for document data permissions. The device does not exchange untrusted data with any terminal, allowing data protection and secure communication to go further.
实施例四Embodiment 4
本实施例提供一种近场通信数据传输装置400,如图4所示,包括开启模块401、安全模块402和传输模块403:开启模块401配置为开启近场通信,建立近场通信无线通道;安全模块402配置为在将待发数据传输给对方装置之前,进行安全验证;传输模块403配置为验证通过后,将待发数据传输给对方装置。The present embodiment provides a near field communication data transmission device 400, as shown in FIG. 4, including an opening module 401, a security module 402, and a transmission module 403: the opening module 401 is configured to enable near field communication and establish a near field communication wireless channel; The security module 402 is configured to perform security verification before transmitting the to-be-transmitted data to the counterpart device; the transmission module 403 is configured to transmit the to-be-transmitted data to the counterpart device after the verification is passed.
具体的,安全模块402还配置为对对方装置进行安全验证。Specifically, the security module 402 is further configured to perform security verification on the counterpart device.
本实施例还提供一种近场通信数据传输装置400,如图5所示,安全模块402包括身份安全子模块4021:身份安全子模块4021配置为对对方装置进行身份安全验证。The embodiment further provides a near field communication data transmission device 400. As shown in FIG. 5, the security module 402 includes an identity security submodule 4021: the identity security submodule 4021 is configured to perform identity security verification on the counterpart device.
本实施例还提供一种近场通信数据传输装置400,如图6所示,安全模块402包括数据安全子模块4022:数据安全子模块4022配置为对对方装置进行数据权限验证。The embodiment further provides a near field communication data transmission device 400. As shown in FIG. 6, the security module 402 includes a data security submodule 4022: the data security submodule 4022 is configured to perform data authority verification on the counterpart device.
具体的,安全模块402还配置为接受对端设备对自身进行安全验证。Specifically, the security module 402 is further configured to accept the peer device to perform security verification on itself.
具体的,安全模块402还配置为接受对方装置对自身进行身份安全验证;或接受对方装置对自身进行身份安全验证,验证通过后对自身进行数 据权限验证。Specifically, the security module 402 is further configured to accept the identity verification of the identity of the remote device; or accept the identity security verification of the remote device by itself; According to the authority verification.
为了更好的进行说明,还对如何将身份安全标识写入各装置中,进行说明,提供一种集权管理软件系统700进行说明,如图7所示,包括P2P集权管理软件模块701、P2P权限标识存储模块702、P2P数据传输模块703。For better description, how to write the identity security identifier into each device is described. A centralized management software system 700 is provided for description. As shown in FIG. 7, the P2P centralized management software module 701 and P2P permissions are included. The storage module 702 and the P2P data transmission module 703 are identified.
P2P集权管理软件模块701,配置为在不同的NFC终端设备中,分发可信设备群组身份安全标识,如家庭可信群组、同学可信群组、同事可信群组,每个群组具备不同的身份安全标识,只有匹配权限标识的NFC终端设备之间可以互传数据。该系统亦可以管理同一可信群组设备之间,可以发送的数据权项,防止将隐私的数据发给无法预期的设备上。The P2P centralized management software module 701 is configured to distribute trusted device group identity security identifiers in different NFC terminal devices, such as a home trusted group, a classmate trusted group, and a colleague trusted group, and each group Different identity security identifiers are available, and only NFC terminal devices that match the rights identifier can transmit data to each other. The system can also manage data rights that can be sent between the same trusted group device to prevent private data from being sent to unpredictable devices.
P2P权限标识存储模块702,配置为保存501集权管理系统分配的身份安全标识和可传输数据权项,该存储系统可以放置在eSE芯片、SE芯片、终端虚拟eSE中,为502和503系统提供存取接口,该存储系统可提供加密机制,保证保存的数据安全可靠。The P2P authority identifier storage module 702 is configured to save the identity security identifier and the transmittable data weight allocated by the 501 centralized management system, and the storage system can be placed in the eSE chip, the SE chip, and the terminal virtual eSE to provide storage for the 502 and 503 systems. Taking the interface, the storage system can provide an encryption mechanism to ensure that the saved data is safe and reliable.
P2P数据传输模块703,配置为在不同的NFC终端设备之间,传输数据。在传输实际数据之前,需要从权限标识存储模块702中读取集权管理模块701分配的身份安全标识给不同终端,以决定是否能够进行后面的数据传输过程。The P2P data transmission module 703 is configured to transmit data between different NFC terminal devices. Before transmitting the actual data, the identity security identifier assigned by the centralized management module 701 needs to be read from the rights identifier storage module 702 to different terminals to determine whether the subsequent data transmission process can be performed.
实际应用中,所述近场通信数据传输装置中各个单元模块可由近场通信数据传输装置中的中央处理器(CPU,Central Processing Unit)、或数字信号处理器(DSP,Digital Signal Processor)、或可编程门阵列(FPGA,Field-Programmable Gate Array)实现。In practical applications, each unit module in the near field communication data transmission device may be a central processing unit (CPU) in a near field communication data transmission device, or a digital signal processor (DSP), or Field-Programmable Gate Array (FPGA) implementation.
本发明实施例上述业务信令跟踪的装置如果以软件功能模块的形式实现并作为独立的产品销售或使用时,也可以存储在一个计算机可读取存储介质中。基于这样的理解,本发明实施例的技术方案本质上或者说对现有技术做出贡献的部分可以以软件产品的形式体现出来,该计算机软件产品 存储在一个存储介质中,包括若干指令用以使得一台计算机设备(可以是个人计算机、服务器、或者网络设备等)执行本发明各个实施例所述方法的全部或部分。而前述的存储介质包括:U盘、移动硬盘、只读存储器(ROM,Read Only Memory)、磁碟或者光盘等各种可以存储程序代码的介质。这样,本发明实施例不限制于任何特定的硬件和软件结合。The apparatus for tracking the service signaling according to the embodiment of the present invention may also be stored in a computer readable storage medium if it is implemented in the form of a software function module and sold or used as a separate product. Based on such understanding, the technical solution of the embodiments of the present invention may be embodied in the form of a software product in essence or in the form of a software product. Stored in a storage medium, including instructions for causing a computer device (which may be a personal computer, server, or network device, etc.) to perform all or part of the methods described in various embodiments of the present invention. The foregoing storage medium includes various media that can store program codes, such as a USB flash drive, a mobile hard disk, a read only memory (ROM), a magnetic disk, or an optical disk. Thus, embodiments of the invention are not limited to any specific combination of hardware and software.
相应地,本发明实施例还提供一种计算机存储介质,其中存储有计算机程序,该计算机程序用于执行本发明实施例的近场通信数据传输方法。Correspondingly, an embodiment of the present invention further provides a computer storage medium, wherein a computer program for executing a near field communication data transmission method of an embodiment of the present invention is stored.
本领域普通技术人员可以理解上述方法中的全部或部分步骤可通过程序来指令相关硬件完成,上述程序可以存储于计算机可读存储介质中,如只读存储器、磁盘或光盘等。可选地,上述实施例的全部或部分步骤也可以使用一个或多个集成电路来实现。相应地,上述实施例中的各模块/单元可以采用硬件的形式实现,也可以采用软件功能模块的形式实现。本发明不限制于任何特定形式的硬件和软件的结合。One of ordinary skill in the art will appreciate that all or a portion of the above steps may be accomplished by a program that instructs the associated hardware, such as a read-only memory, a magnetic disk, or an optical disk. Alternatively, all or part of the steps of the above embodiments may also be implemented using one or more integrated circuits. Correspondingly, each module/unit in the foregoing embodiment may be implemented in the form of hardware or in the form of a software function module. The invention is not limited to any specific form of combination of hardware and software.
以上实施例仅用以说明本发明的技术方案而非限制,仅仅参照较佳实施例对本发明进行了详细说明。本领域的普通技术人员应当理解,可以对本发明的技术方案进行修改或者等同替换,而不脱离本发明技术方案的精神和范围,均应涵盖在本发明的权利要求范围当中。 The above embodiments are only intended to illustrate the technical solutions of the present invention and are not to be construed as limiting the invention. It should be understood by those skilled in the art that the present invention may be modified or equivalently substituted without departing from the spirit and scope of the invention.

Claims (16)

  1. 一种近场通信数据传输方法,包括:A near field communication data transmission method includes:
    开启近场通信,建立近场通信无线通道;Turn on near field communication and establish a near field communication wireless channel;
    在将待发数据传输给对方装置之前,进行安全验证;Perform security verification before transmitting the data to be sent to the other device;
    验证通过后,将所述待发数据传输给所述对方装置。After the verification is passed, the to-be-transmitted data is transmitted to the counterpart device.
  2. 如权利要求1所述的近场通信数据传输方法,其中,所述进行安全验证包括:对所述对方装置进行安全验证。The near field communication data transmission method according to claim 1, wherein said performing security verification comprises performing security verification on said counterpart device.
  3. 如权利要求2所述的近场通信数据传输方法,其中,所述对所述对方装置进行安全验证包括:The near field communication data transmission method according to claim 2, wherein said performing security verification on said counterpart device comprises:
    对所述对方装置进行身份安全验证;Performing identity security verification on the counterpart device;
    or
    对所述对方装置进行身份安全验证,验证通过后对所述对方装置进行数据权限验证。Performing identity security verification on the counterpart device, and performing data authority verification on the counterpart device after the verification is passed.
  4. 如权利要求3所述的近场通信数据传输方法,其中,所述对所述对方装置进行身份安全验证包括:The near field communication data transmission method according to claim 3, wherein said performing identity security verification on said counterpart device comprises:
    接收所述对方装置发送的身份安全标识,判断所述身份安全标识是否与自身的身份安全标识相同,如果相同,身份安全验证通过;Receiving an identity security identifier sent by the remote device, determining whether the identity security identifier is the same as its own identity security identifier, and if the same, the identity security verification is passed;
    or
    接收所述对方装置的身份标识,判断所述身份标识是否在预设安全列表内,如果在,身份安全验证通过;Receiving an identity of the counterpart device, determining whether the identity identifier is in a preset security list, and if yes, identity security verification is passed;
    or
    接收所述对方装置的身份安全标识和身份标识,判断所述身份安全标识是否与自身的身份安全标识相同,以及判断所述身份标识是否在预设安全列表内,如果身份安全标识相同且在预设安全列表内,身份安全验证通过。 Receiving an identity security identifier and an identity identifier of the remote device, determining whether the identity security identifier is the same as its own identity security identifier, and determining whether the identity identifier is in a preset security list, if the identity security identifier is the same and is in advance Within the security list, the identity security verification is passed.
  5. 如权利要求3所述的近场通信数据传输方法,其中,所述对所述对方装置进行数据权限验证包括:获取所述对方装置对应的数据权限;判断所述对方装置的数据权限对应的数据是否包含所述待发数据;如果包含,则数据权限验证通过。The near field communication data transmission method according to claim 3, wherein the performing data authority verification on the counterpart device comprises: acquiring data authority corresponding to the counterpart device; and determining data corresponding to data authority of the counterpart device Whether the data to be sent is included; if it is included, the data permission is verified.
  6. 如权利要求5所述的近场通信数据传输方法,其中,所述获取所述对方装置对应的数据权限包括:根据所述对方装置的身份安全标识或身份标识找到所述对方装置对应的数据权限。The near field communication data transmission method according to claim 5, wherein the obtaining the data authority corresponding to the counterpart device comprises: finding the data authority corresponding to the counterpart device according to the identity security identifier or the identity identifier of the counterpart device .
  7. 如权利要求3所述的近场通信数据传输方法,其中,所述对所述对方装置进行数据权限验证包括:获取具有所述待发数据权限的所有装置,判断是否包含所述对方装置,如果包含,则数据权限验证通过。The near field communication data transmission method according to claim 3, wherein said performing data authority verification on said counterpart device comprises: acquiring all devices having said to-be-issued data authority, determining whether said counterpart device is included, if Including, the data permission verification is passed.
  8. 如权利要求7所述的近场通信数据传输方法,其中,所述获取具有所述待发数据权限的所有装置包括:获取具有所述待发数据的所有装置对应的身份安全标识或身份标识;所述判断是否包含所述对方装置包括:判断是否包含所述对方装置对应的身份安全标识或身份标识。The near field communication data transmission method according to claim 7, wherein the obtaining all the devices having the right to send data comprises: acquiring an identity security identifier or an identity identifier corresponding to all devices having the data to be sent; Whether the determining whether the device includes the counterpart device includes: determining whether the identity security identifier or the identity identifier corresponding to the counterpart device is included.
  9. 如权利要求1所述的近场通信数据传输方法,其中,所述进行安全验证还包括:接受对端设备对自身进行安全验证。The near field communication data transmission method according to claim 1, wherein the performing the security verification further comprises: accepting the peer device to perform security verification on itself.
  10. 如权利要求9所述的近场通信数据传输方法,其中,所述接受对端设备对自身进行安全验证包括:The near field communication data transmission method according to claim 9, wherein the accepting the peer device to perform security verification on itself comprises:
    接受所述对方装置对自身进行身份安全验证;Accepting the identity device to perform identity security verification on itself;
    or
    接受所述对方装置对自身进行身份安全验证,验证通过后对自身进行数据权限验证。The other device is accepted to perform identity security verification on itself, and the data authority verification is performed on itself after the verification is passed.
  11. 一种近场通信数据传输装置,包括开启模块、安全模块和传输模块:A near field communication data transmission device includes an opening module, a security module and a transmission module:
    所述开启模块配置为开启近场通信,建立近场通信无线通道; The opening module is configured to enable near field communication and establish a near field communication wireless channel;
    所述安全模块配置为在将待发数据传输给对方装置之前,进行安全验证;The security module is configured to perform security verification before transmitting the data to be sent to the other device;
    所述传输模块配置为验证通过后,将所述待发数据传输给所述对方装置。The transmission module is configured to transmit the to-be-transmitted data to the counterpart device after the verification is passed.
  12. 如权利要求11所述的近场通信数据传输装置,其中,所述安全模块还配置为对所述对方装置进行安全验证。The near field communication data transmission device of claim 11, wherein the security module is further configured to perform security verification on the counterpart device.
  13. 如权利要求12所述的近场通信数据传输装置,其中,所述安全模块包括身份安全子模块或数据安全子模块:所述身份安全子模块配置为对所述对方装置进行身份安全验证;所述数据安全子模块配置为在对所述对方装置进行身份安全验证,验证通过后对所述对方装置进行数据权限验证。The near field communication data transmission device of claim 12, wherein the security module comprises an identity security submodule or a data security submodule: the identity security submodule is configured to perform identity security verification on the counterpart device; The data security submodule is configured to perform identity security verification on the counterpart device, and perform data authority verification on the counterpart device after the verification is passed.
  14. 如权利要求11所述的近场通信数据传输装置,其中,所述安全模块还配置为接受对端设备对自身进行安全验证。The near field communication data transmission device of claim 11, wherein the security module is further configured to accept the peer device to perform security verification on itself.
  15. 如权利要求14所述的近场通信数据传输装置,其中,所述安全模块还配置为接受所述对方装置对自身进行身份安全验证;或接受所述对方装置对自身进行身份安全验证,验证通过后对自身进行数据权限验证。The near field communication data transmission device according to claim 14, wherein the security module is further configured to accept the identity device to perform identity security verification on itself; or accept the identity device to perform identity security verification on itself, and verify the adoption. After that, data authority verification is performed on itself.
  16. 一种计算机存储介质,所述计算机存储介质中存储有计算机可执行指令,该计算机可执行指令配置为执行权利要求1-10任一项所述的近场通信数据传输方法。 A computer storage medium having stored therein computer executable instructions configured to perform the near field communication data transmission method of any of claims 1-10.
PCT/CN2015/090616 2015-08-19 2015-09-24 Near field communication data transmission method, device, computer storage medium WO2016145820A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201510511195.0A CN106470386A (en) 2015-08-19 2015-08-19 A kind of near-field communication data transmission method and device
CN201510511195.0 2015-08-19

Publications (1)

Publication Number Publication Date
WO2016145820A1 true WO2016145820A1 (en) 2016-09-22

Family

ID=56918323

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2015/090616 WO2016145820A1 (en) 2015-08-19 2015-09-24 Near field communication data transmission method, device, computer storage medium

Country Status (2)

Country Link
CN (1) CN106470386A (en)
WO (1) WO2016145820A1 (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107608713A (en) * 2017-08-22 2018-01-19 维沃移动通信有限公司 A kind of application program transfer method and mobile terminal
CN115103194A (en) * 2022-06-16 2022-09-23 慧之安信息技术股份有限公司 Video decoding method based on multiple decoding modes
WO2023093242A1 (en) * 2021-11-29 2023-06-01 京东方科技集团股份有限公司 Data transmission method, central control end, mobile terminal and data transmission system

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110913080B (en) * 2019-11-14 2022-02-11 北京明略软件系统有限公司 Data transmission method and device
CN111539855A (en) * 2020-04-24 2020-08-14 上海好学网络科技有限公司 Examination data synchronization device
CN114963548A (en) * 2021-05-27 2022-08-30 青岛经济技术开发区海尔热水器有限公司 Water heater control method and device based on near field communication and electronic equipment
CN114040351B (en) * 2021-10-21 2023-04-18 郑州大学第一附属医院 Wearable children breathe monitored control system based on near field communication
CN116187362A (en) * 2021-11-29 2023-05-30 中兴通讯股份有限公司 NFC card data reading and writing method and device, electronic equipment and storage medium

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101202977A (en) * 2006-12-14 2008-06-18 英华达(上海)电子有限公司 Method and terminal for implementation of information sharing in mobile communication
US20130065521A1 (en) * 2011-09-08 2013-03-14 Pantech Co., Ltd. Near field communication (nfc) terminal and method for data synchronization
CN103414831A (en) * 2013-08-30 2013-11-27 苏州跨界软件科技有限公司 Method and system for obtaining photos from digital camera to mobile terminal through NFC
CN104244171A (en) * 2014-09-28 2014-12-24 上海斐讯数据通信技术有限公司 Data transmission system and method on basis of NFC (near field communication) connection
CN104618330A (en) * 2014-12-26 2015-05-13 小米科技有限责任公司 Business processing method and device and terminal
CN104754501A (en) * 2015-04-21 2015-07-01 北京云迹科技有限公司 Method and device for transmitting data

Family Cites Families (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101114901B (en) * 2006-07-26 2010-08-25 联想(北京)有限公司 Safety authentication system, apparatus and method for non-contact type wireless data transmission
CN101197904A (en) * 2007-12-21 2008-06-11 中国移动通信集团北京有限公司 Image conveying method, system and device
CN101674109A (en) * 2009-10-19 2010-03-17 宇龙计算机通信科技(深圳)有限公司 NFC monitoring device, NFC communication terminal and monitoring system
CN102932788A (en) * 2012-10-26 2013-02-13 南宁佰睿技术开发有限公司 Mobile phone-based identity identification and near-field payment method
CN103905504A (en) * 2012-12-27 2014-07-02 海尔集团公司 Information pushing method and system
CN104243156A (en) * 2013-06-20 2014-12-24 中兴通讯股份有限公司 Point-to-point communication method and near-field communication terminals based on near-field communication
CN103533543A (en) * 2013-10-08 2014-01-22 深圳Tcl新技术有限公司 Terminal pairing method and device on basis of near field communication
CN104113839A (en) * 2014-07-14 2014-10-22 蓝盾信息安全技术有限公司 Mobile data safety protection system and method based on SDN
CN104363589A (en) * 2014-12-09 2015-02-18 北京大唐智能卡技术有限公司 Identity authentication method, device and terminal

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101202977A (en) * 2006-12-14 2008-06-18 英华达(上海)电子有限公司 Method and terminal for implementation of information sharing in mobile communication
US20130065521A1 (en) * 2011-09-08 2013-03-14 Pantech Co., Ltd. Near field communication (nfc) terminal and method for data synchronization
CN103414831A (en) * 2013-08-30 2013-11-27 苏州跨界软件科技有限公司 Method and system for obtaining photos from digital camera to mobile terminal through NFC
CN104244171A (en) * 2014-09-28 2014-12-24 上海斐讯数据通信技术有限公司 Data transmission system and method on basis of NFC (near field communication) connection
CN104618330A (en) * 2014-12-26 2015-05-13 小米科技有限责任公司 Business processing method and device and terminal
CN104754501A (en) * 2015-04-21 2015-07-01 北京云迹科技有限公司 Method and device for transmitting data

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107608713A (en) * 2017-08-22 2018-01-19 维沃移动通信有限公司 A kind of application program transfer method and mobile terminal
WO2023093242A1 (en) * 2021-11-29 2023-06-01 京东方科技集团股份有限公司 Data transmission method, central control end, mobile terminal and data transmission system
CN115103194A (en) * 2022-06-16 2022-09-23 慧之安信息技术股份有限公司 Video decoding method based on multiple decoding modes

Also Published As

Publication number Publication date
CN106470386A (en) 2017-03-01

Similar Documents

Publication Publication Date Title
WO2016145820A1 (en) Near field communication data transmission method, device, computer storage medium
Lundkvist et al. Uport: A platform for self-sovereign identity
US10499205B2 (en) SMS proxying
KR101999676B1 (en) Seamless device configuration in a communication network
US9450921B2 (en) Systems and methods for controlling email access
KR101508360B1 (en) Apparatus and method for transmitting data, and recording medium storing program for executing method of the same in computer
US9325713B2 (en) Systems and methods for controlling email access
CN106850392B (en) Message processing method and device and message receiving method and device
US11399076B2 (en) Profile information sharing
CN104509062A (en) Information sharing using token received via near proximity communication
CN104982021A (en) Authenticating a wireless dockee to a wireless docking service
WO2018213142A1 (en) Secure password sharing for wireless networks
US20140090034A1 (en) Smart plug or cradle
US20120131076A1 (en) File sharing method and file sharing system utilizing the same
KR102000244B1 (en) Blockchain system based on Zero Knowledge Proofs with Format-Preserving Encryption and control method thereof
WO2016095815A1 (en) Business card information transmission method, apparatus, terminal device, and storage medium
US11252145B2 (en) Cross-device access to one-time passwords
KR102559827B1 (en) System for authenticating image based on blockchain and hash encryption technique and method thereof
KR102154736B1 (en) Method and apparatus for access control system using relationship information
EP3282639B1 (en) Method for operating server and client, server, and client apparatus
CN116547959A (en) Electronic device for sharing data by using blockchain network and operation method thereof
KR101525489B1 (en) File sharing system with each other using smart phone app and file sharing method
JP2014006764A (en) Data management system
WO2021136511A1 (en) Communication method and apparatus
KR20150072680A (en) Apparatus and Method for managing Safety Number

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 15885192

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 15885192

Country of ref document: EP

Kind code of ref document: A1