CN101236581A - Information safety apparatus and its processing method - Google Patents
Information safety apparatus and its processing method Download PDFInfo
- Publication number
- CN101236581A CN101236581A CNA2007100065082A CN200710006508A CN101236581A CN 101236581 A CN101236581 A CN 101236581A CN A2007100065082 A CNA2007100065082 A CN A2007100065082A CN 200710006508 A CN200710006508 A CN 200710006508A CN 101236581 A CN101236581 A CN 101236581A
- Authority
- CN
- China
- Prior art keywords
- service request
- security service
- information safety
- order
- described security
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Abstract
The invention relates to the information security field and provides information security equipment which comprises an information security device for receiving a security service request from the outside; an input device connected with the information security device and used for receiving a confirming command aiming at the security service request, wherein, the information security device responds to the confirming command to carry out the security service request and returns a final result to the outside. The invention also provides a processing method for the information security equipment, which comprises the following steps: the security service request is received from the outside; the confirming command aiming at the security service request is received; the confirming command is responded and the security service request is carried out; the final result is returned to the outside. Therefore, legal users can understand the state of the information security equipment in time, control the steps carried out by the information security equipment and improve the security.
Description
Technical field
The present invention relates to information security field, relate in particular to a kind of information safety devices and disposal route thereof.
Background technology
Current information high speed development, information safety devices have been widely used in fields such as communication, finance, consumption.Information safety devices be generally used for to data carry out encrypt/decrypt, to the realization of security functions such as user identity authenticates.
At present, the user all regards it as black box (Black Box) to the use of information safety devices, and the user need not to know its inner structure and internal operation state, only need operate by calling of number order.Usually, these information safety devices can't be directly and the user carry out alternately, and need by means of with utility appliance being connected of personal computer etc. for example, demonstration by utility appliance and input function realize mutual with the user, thereby realize security function.
Yet, there are the following problems for above-mentioned existing mode: although information safety devices internal security flow process is safe, but because present information safety devices itself does not have the input and output device, all need be connected with it by means of utility appliance (such as PC etc.) and realize security function, the user all passes through utility appliance to the input and the information safety devices of information safety devices to user's return results.Therefore, the user with the connection procedure of information safety devices in, might steal or distort by victim by the information (as: user password) of utility appliance input and output, thereby the assailant can carry out illegal operation to this information safety devices.In this case, validated user is known nothing to control of information safety devices victim and utilization, thereby can not in time judge and handle, and may cause very great loss.
For example, when using Web bank to conclude the business, Web bank's server end need be verified user's identity, and this just needs the user to send the identity of user's signature to server end proof user.Web bank's client-side program request is signed with the USBKey on the USB interface of inserting subscriber computer.Before signature, USBKey asks to use the password of USBKey to the user.The user knocks keyboard input password, and USBKey is judging the password computing of signing after legal, returns to the server end user's of Web bank legitimate signature, otherwise the refusal signature.But if subscriber computer is held as a hostage, the password that the user knocks the keyboard input is stolen.If the user forgets USBKey is extracted from subscriber computer, the hijacker just can ask USBKey to sign.Hijacker's all information of just obtaining concluding the business like this, can fake user on the net bank conclude the business.Validated user is not known USBKey and is utilized.
Summary of the invention
Therefore, one object of the present invention is, a kind of information safety devices and disposal route thereof are provided, and makes validated user can control the performed operation of this information safety devices.
Another object of the present invention is, a kind of information safety devices and disposal route thereof are provided, and makes validated user can in time understand the state of this information safety devices.
According to a first aspect of the invention, provide a kind of information safety devices, comprising: information safety device is used to receive the security service request from the outside; And input media, be connected with information safety device, be used for receiving at the security service request order of accepting one's fate really, wherein, information safety device is carried out the security service request in response to confirming to order, and returns net result to the outside.
Preferably, if input media does not receive in scheduled time slot at the security service request order of accepting one's fate really, then information safety device refusal security service request.
Preferably, input media also is used to receive the refusal order at the security service request, and information safety device is refused the security service request in response to the refusal order.
Preferably, this information safety devices also comprises suggestion device, is used to point out the security service request.
Preferably, after information safety device is carried out the security service request, by suggestion device prompting net result.
Preferably, suggestion device comprises one or more the combination in hummer, loudspeaker, Vib., pilot lamp, display screen and the touch-screen.
Preferably, input media comprises one or more the combination in button, keypad, keyboard and the touch-screen.
Preferably, this information safety devices comprises a kind of in USBKey, safe mobile memory medium, signature/authenticating device, encrypt/decrypt machine, the mobile phone that security service is provided, PDA and the personal computer.
According to a second aspect of the invention, provide a kind of disposal route that is used for information safety devices, may further comprise the steps: receive security service request from the outside; Reception is at the security service request order of accepting one's fate really; In response to confirming order, carry out the security service request; And return net result to the outside.
Preferably, this method is further comprising the steps of: if do not receive in scheduled time slot at the security service request order of accepting one's fate really, then refuse the security service request.
Preferably, this method is further comprising the steps of: receive the refusal order at the security service request; And in response to the refusal order, refusal security service request.
Preferably, this method also comprises the step of prompting security service request.
Preferably, this method is further comprising the steps of: after carrying out the security service request, and the prompting net result.
By above-mentioned information safety devices of the present invention and disposal route thereof, can strengthen user's physical operations to information safety devices in the course of work of information safety devices, realize the controllability of user to information safety devices, and can strengthen the transparency of information safety devices to the user, realize the knowability of user, thereby make information safety equipment security improve information safety devices inside state of living in.
Read following detailed description to presently preferred embodiment in conjunction with the drawings, aforementioned and other features of the present invention and advantage will become more obvious.These the detailed description and the accompanying drawings just are used to illustrate the present invention, rather than are used to limit the scope of the invention, and scope of the present invention is limited by appended claim and equivalents thereof.
Description of drawings
Fig. 1 shows the device block diagram of information safety devices according to an embodiment of the invention;
Fig. 2 shows the device block diagram of information safety devices according to another embodiment of the present invention;
Fig. 3 shows the device block diagram of information safety devices according to still another embodiment of the invention; And
Fig. 4 shows the operational flowchart that is used for the disposal route of information safety devices according to of the present invention.
Embodiment
Describe embodiments of the invention in detail below with reference to accompanying drawing.
Fig. 1 shows the device block diagram of information safety devices 100 according to an embodiment of the invention.This information safety devices 100 is used to realize security function that data are carried out encrypt/decrypt, user identity is authenticated etc., for example comprise a kind of in USBKey, safe mobile memory medium, signature/authenticating device and the encrypt/decrypt machine, but be not limited to these equipment.
As shown in Figure 1, this information safety devices 100 comprises information safety device 101 and input media 102.Information safety devices 100 comprises USBKey, safe mobile memory medium, signature/authenticating device and encrypt/decrypt machine.Information safety devices 100 can also comprise other equipment such as mobile phone that information security service is provided, PDA, personal computer.Information safety device 101 is calculating implement devices of security function in the information safety devices 100.Information safety device 101 can be that a module that realizes that safety is calculated also can be to preserve the memory storage of key.This information safety device 100 can communicate with the computing machine of outside, Automatic Teller Machine, mobile phone, PDA etc., shown in Fig. 1 hollow core double-head arrow.This input media 102 is the devices that are used to receive from user's order, for example comprises one or more the combination in button, keypad and the keyboard, but is not limited thereto.This information safety device 101 is connected with input media 102, and operates in response to input media 102 received orders.
Below the operating process according to this information safety devices 100 of the present invention is described.
Suppose that the user has been connected to information safety devices 100 outside equipment such as for example computing machine, Automatic Teller Machine, mobile phone or PDA.User's signature is for example asked in the security service request that information safety device 101 receives from this external unit.Input media 102 receives at the security service request order of accepting one's fate really from the user.After information safety device 101 receives the security service request, do not carry out this security service request immediately.Have only after input media 102 receives the order of accepting one's fate really at this security service request, information safety device 101 is just carried out this security service request, for example carries out the computing of signing.After information safety device 101 has been carried out this security service request, return net result to this external unit, for example send user's signature to external unit.Preferably, if in scheduled time slot, for example in 5 seconds, input media 102 does not receive at this security service request order of accepting one's fate really, then information safety device 101 these security service requests of refusal.Preferably, input media 102 can also receive refusal order at this security service request from the user, and information safety device 101 is refused this security service request in response to the order of this refusal.
For example, comprise at input media 102 under the situation of a button that if the user presses the button, then information safety device 101 is carried out the security service request, if the user does not press the button in scheduled time slot, then information safety device 101 refusal security service requests.
In addition, for example comprise two buttons at input media 102, one is " affirmation " button, one is under the situation of " refusal " button, if the user presses " affirmation " button, then information safety device 101 is carried out the security service request, if the user presses " refusal " button, and then information safety device 101 refusal security service requests.
Next, figure 2 illustrates the device block diagram of information safety devices 200 according to another embodiment of the present invention.As shown in Figure 2, this information safety devices 200 comprises information safety device 201, input media 202 and suggestion device 203.Here need to prove that except also comprising suggestion device 203, other configurations of this information safety devices 200 are similar with the configuration of information safety devices 100.Therefore suggestion device 203 is only described here.
This suggestion device 203 is connected with information safety device 201, is used to point out the operation information of safety feature 201 for information about, so that the user can in time understand the running status of information safety devices 200 and control the operation of this information safety devices 200.This suggestion device 203 for example comprises one or more the combination in hummer, loudspeaker, Vib., pilot lamp and the display screen, but is not limited thereto.Here it is pointed out that this suggestion device 203 is not to realize the necessary device of information safety devices of the present invention, but preferred.
Operating process to this information safety devices 200 is described below.Except the operation that also comprises suggestion device 203, the operating process of the operating process of this information safety devices 200 and information safety devices 100 is similar.
Suppose that the user has been connected to information safety devices 200 outside equipment such as for example computing machine, Automatic Teller Machine, mobile phone or PDA.Information safety device 201 receive for example ask user's signature from the security service request of external unit after, suggestion device 203 promptings receive this security service request, for example, by sending beep sound, flicker red light and/or display text " request user's signature " or " request user key " etc.If input media 202 receives at this security service request order of accepting one's fate really from the user then, for example, the user presses the button etc., and then information safety device 201 is carried out this security service request in response to this affirmation order, for example carries out the signature computing.Information safety device 201 returns net result to external unit then, for example sends user's signature to external unit.And by suggestion device 203 prompting net results, for example, by sending ticking, flicker green light and/or display text " signature is finished " etc.Preferably, if in scheduled time slot, for example in 5 seconds, input media 202 does not receive at this security service request order of accepting one's fate really, and for example, the user does not press the button etc., then information safety device 201 these security service requests of refusal.Alternatively, input media 202 can also be from the refusal order of user's reception at this security service request, and for example the user presses " refusal " button etc., and information safety device 201 is refused this security service request in response to this refusal order.
Below in conjunction with Fig. 3 description information safety devices 300 according to still another embodiment of the invention.The input media 202 and suggestion device 203 among input-output unit 302 replacement Fig. 2 in using Fig. 3, other configurations of this information safety devices 300 are similar with the configuration of information safety devices 200 shown in Figure 2.Therefore input-output unit 302 is only described here.
This input-output unit 302 is connected with information safety device 301, and this input-output unit 302 rolls into one the function of input media 202 and suggestion device 203, just, has input function and prompt facility.This input-output unit 302 for example comprises handwriting screen, touch-screen etc., but is not limited thereto.
Below the operating process of information safety devices 300 is described.The operating process of this information safety devices 300 is similar to the operating process of information safety devices 200.
Suppose that the user has been connected to information safety devices 300 outside equipment such as for example computing machine, Automatic Teller Machine, mobile phone or PDA.Information safety device 301 receives the security service request from external unit, for example asks user's signature, input-output unit 302 these security service requests of prompting then, for example, display text " request user's signature " etc.Input-output unit 302 receives at this security service request order of accepting one's fate really afterwards, and for example, the user presses " affirmations " button etc., and then information safety device 301 is carried out this security service request in response to this affirmations order, for example execution computing of signing.Return net result by information safety device 301 to external unit then, for example send user's signature to external unit.And by input-output unit 303 prompting net results, for example, display text " signature is finished " etc.Preferably, if input-output unit 302 does not receive at this security service request order of accepting one's fate really in scheduled time slot, then information safety device 301 these security service requests of refusal.Alternatively, input-output unit 302 can also receive the refusal order at this security service request, and information safety device 301 is refused this security service request in response to this refusal request.
Described in background technology under the stolen situation of password, number of the account, password and USBKey that the hijacker has obtained the user also connect on computers, and the identity that the hijacker promptly can user bank is on the net concluded the business.After adopting information safety devices of the present invention, also connect on computers even the hijacker has obtained user's number of the account, password and USBKey, the hijacker still can not conclude the business with bank.This is because the button that USBKey before the signature service is provided, needs the user to press on the USBKey is confirmed this information security service.The hijacker can the Remote subscriber computer, but can't press the button on the USBKey.On the contrary, if user oneself is concluding the business, after he asked security service on the USBKey, the button that he only need press on the USBKey got final product.So just improved the security of whole process of exchange.
Next, describe according to the disposal route that is used for information safety devices of the present invention in conjunction with Fig. 4.Fig. 4 shows the operational flowchart that is used for the disposal route of information safety devices according to of the present invention.
Flow process starts from step S401.At this step S401, receive security service request from the outside.
At step S402, prompting receives this security service request.
At step S403, judge whether to receive at this security service request order of accepting one's fate really.If receive, then in step S405, carry out this security service request at this security service request order of accepting one's fate really.
Then at step S406, the prompting net result is so that to the mode of operation of user prompt information safety devices.
At step S407, return net result to the outside.
If judge at step S403 not receive, then in step S404, refuse this security service request at this security service request order of accepting one's fate really.This flow process finishes then.
So far, described the present invention, but it will be understood by those skilled in the art that the present invention is not limited to these preferred embodiments, but can under the situation that does not break away from purport of the present invention, carry out various modifications and change based on preferred embodiment.
Claims (13)
1. information safety devices comprises:
Information safety device is used to receive the security service request from the outside; With
Input media is connected with described information safety device, is used for receiving at the described security service request order of accepting one's fate really,
Wherein, described information safety device is carried out described security service request in response to described affirmation order, and returns net result to described outside.
2. equipment according to claim 1, if wherein described input media does not receive in scheduled time slot at the described security service request order of accepting one's fate really, then described information safety device is refused described security service request.
3. equipment according to claim 1, wherein said input media also are used to receive the refusal order at described security service request, and described information safety device is refused described security service request in response to described refusal order.
4. equipment according to claim 1 wherein also comprises suggestion device, is used for prompting and receives described security service request.
5. equipment according to claim 4 is wherein after described information safety device is carried out described security service request, by described suggestion device prompting net result.
6. equipment according to claim 4, wherein said suggestion device comprise one or more the combination in hummer, loudspeaker, Vib., pilot lamp, display screen and the touch-screen.
7. equipment according to claim 1, wherein said input media comprise one or more the combination in button, keypad, keyboard and the touch-screen.
8. equipment according to claim 1, wherein said information safety devices comprise a kind of in USBKey, safe mobile memory medium, signature/authenticating device, encrypt/decrypt machine, the mobile phone that security service is provided, PDA and the personal computer.
9. disposal route that is used for information safety devices may further comprise the steps:
Reception is from the security service request of outside;
Reception is at the described security service request order of accepting one's fate really;
In response to described affirmation order, carry out described security service request; And
Return net result to described outside.
10. method according to claim 9, wherein further comprising the steps of:
If in scheduled time slot, do not receive at the described security service request order of accepting one's fate really, then refuse described security service request.
11. method according to claim 9 is wherein further comprising the steps of:
Reception is at the refusal order of described security service request; And
In response to described refusal order, refuse described security service request.
12. method according to claim 9 comprises also that wherein prompting receives the step of described security service request.
13. equipment according to claim 12 is wherein further comprising the steps of:
After carrying out described security service request, the prompting net result.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNA2007100065082A CN101236581A (en) | 2007-02-01 | 2007-02-01 | Information safety apparatus and its processing method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNA2007100065082A CN101236581A (en) | 2007-02-01 | 2007-02-01 | Information safety apparatus and its processing method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN101236581A true CN101236581A (en) | 2008-08-06 |
Family
ID=39920196
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNA2007100065082A Pending CN101236581A (en) | 2007-02-01 | 2007-02-01 | Information safety apparatus and its processing method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101236581A (en) |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103973696A (en) * | 2014-05-16 | 2014-08-06 | 天地融科技股份有限公司 | Data processing method of voice communication |
| CN103974242A (en) * | 2014-05-16 | 2014-08-06 | 天地融科技股份有限公司 | Data processing method of voice communication |
| CN103974243A (en) * | 2014-05-16 | 2014-08-06 | 天地融科技股份有限公司 | Data processing system of voice communication |
| CN103986579A (en) * | 2014-05-16 | 2014-08-13 | 天地融科技股份有限公司 | Data processing system for voice communication |
| CN103987036A (en) * | 2014-05-16 | 2014-08-13 | 天地融科技股份有限公司 | Data processing system for voice communication |
| CN103997732A (en) * | 2014-05-16 | 2014-08-20 | 天地融科技股份有限公司 | Data processing system in voice communication |
| CN105162969A (en) * | 2015-08-10 | 2015-12-16 | 京东方科技集团股份有限公司 | Display device, mobile equipment and display method |
-
2007
- 2007-02-01 CN CNA2007100065082A patent/CN101236581A/en active Pending
Cited By (14)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103973696B (en) * | 2014-05-16 | 2017-09-19 | 天地融科技股份有限公司 | A kind of data processing method of voice call |
| CN103987036B (en) * | 2014-05-16 | 2017-07-25 | 天地融科技股份有限公司 | A kind of data handling system of voice call |
| CN103974243A (en) * | 2014-05-16 | 2014-08-06 | 天地融科技股份有限公司 | Data processing system of voice communication |
| CN103986579A (en) * | 2014-05-16 | 2014-08-13 | 天地融科技股份有限公司 | Data processing system for voice communication |
| CN103987036A (en) * | 2014-05-16 | 2014-08-13 | 天地融科技股份有限公司 | Data processing system for voice communication |
| CN103997732A (en) * | 2014-05-16 | 2014-08-20 | 天地融科技股份有限公司 | Data processing system in voice communication |
| CN103974242A (en) * | 2014-05-16 | 2014-08-06 | 天地融科技股份有限公司 | Data processing method of voice communication |
| CN103974243B (en) * | 2014-05-16 | 2017-11-10 | 天地融科技股份有限公司 | A kind of data handling system of voice call |
| CN103997732B (en) * | 2014-05-16 | 2017-09-19 | 天地融科技股份有限公司 | A kind of data handling system of voice call |
| CN103973696A (en) * | 2014-05-16 | 2014-08-06 | 天地融科技股份有限公司 | Data processing method of voice communication |
| CN103986579B (en) * | 2014-05-16 | 2017-07-21 | 天地融科技股份有限公司 | A kind of data handling system of voice call |
| CN103974242B (en) * | 2014-05-16 | 2017-11-10 | 天地融科技股份有限公司 | A kind of data processing method of voice call |
| CN105162969A (en) * | 2015-08-10 | 2015-12-16 | 京东方科技集团股份有限公司 | Display device, mobile equipment and display method |
| US10657235B2 (en) | 2015-08-10 | 2020-05-19 | Boe Technology Group Co., Ltd. | Display device, mobile device and display method |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| DE202015009906U1 (en) | Devices for operating a portable electronic device for performing mobile payment transactions | |
| US20150088760A1 (en) | Automatic injection of security confirmation | |
| CN101236581A (en) | Information safety apparatus and its processing method | |
| CN104350723B (en) | The method and device that account is logged in | |
| CN101834946A (en) | Method for performing safe mobile phone payment and mobile phone for performing safe payment | |
| CN103927806A (en) | Unlocking system and method for performing password verification based on wireless communication module pairing | |
| CN103336924A (en) | Starting lock for mobile terminal application program | |
| CN104901805B (en) | A kind of identification authentication methods, devices and systems | |
| CN107113613B (en) | Server, mobile terminal, network real-name authentication system and method | |
| CN102638447A (en) | Method and device for system login based on autonomously generated password of user | |
| CN106022172A (en) | Password input method and system protecting password keyboard button input operation | |
| CN104820944A (en) | Method and system for bank self-service terminal authentication, and device | |
| CN110826043A (en) | Digital identity application system and method, identity authentication system and method | |
| WO2018000370A1 (en) | Mobile terminal authentication method and mobile terminal | |
| CN101916459B (en) | Safe electronic ticket method | |
| CN105701414A (en) | Method and device for multiplexing electronic equipment based on multiple accounts and electronic equipment | |
| CN102411814A (en) | Identity authentication method, handheld ATM (automated teller machine) terminal and system | |
| CN102368288A (en) | Method for verifying password and mobile terminal applying same | |
| CN105516889A (en) | Bluetooth connection method and terminal | |
| CN107133500A (en) | The encryption method and mobile terminal of a kind of application program | |
| CN107230060A (en) | The method and apparatus that a kind of account is reported the loss | |
| KR101139407B1 (en) | Security authentication method and system | |
| JP2014075096A (en) | Input method, input device and input program | |
| CN112995227B (en) | One-stop information service platform based on three-party credit management | |
| CN104361511A (en) | Intelligent terminal system for electronic invoice and using method thereof |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Open date: 20080806 |