CN101437228A - Method, apparatus and system for implementing wireless business based on smart card - Google Patents
Method, apparatus and system for implementing wireless business based on smart card Download PDFInfo
- Publication number
- CN101437228A CN101437228A CNA2008102403410A CN200810240341A CN101437228A CN 101437228 A CN101437228 A CN 101437228A CN A2008102403410 A CNA2008102403410 A CN A2008102403410A CN 200810240341 A CN200810240341 A CN 200810240341A CN 101437228 A CN101437228 A CN 101437228A
- Authority
- CN
- China
- Prior art keywords
- smart card
- pki
- mobile network
- request information
- business request
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 87
- 230000004044 response Effects 0.000 claims description 18
- 238000004891 communication Methods 0.000 claims description 12
- 230000005540 biological transmission Effects 0.000 claims description 6
- 230000008569 process Effects 0.000 description 25
- 230000009977 dual effect Effects 0.000 description 3
- 238000005516 engineering process Methods 0.000 description 3
- 230000006872 improvement Effects 0.000 description 2
- 230000003993 interaction Effects 0.000 description 2
- 230000008901 benefit Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 239000012467 final product Substances 0.000 description 1
- 238000011835 investigation Methods 0.000 description 1
- GOLXNESZZPUPJE-UHFFFAOYSA-N spiromesifen Chemical compound CC1=CC(C)=CC(C)=C1C(C(O1)=O)=C(OC(=O)CC(C)(C)C)C11CCCC1 GOLXNESZZPUPJE-UHFFFAOYSA-N 0.000 description 1
- 238000012360 testing method Methods 0.000 description 1
Images
Abstract
The invention discloses a method, a device and a system for realizing a smart card-based wireless service, which is designed to solve the problem that in the prior art no equipment at government internal network side performs identity authentication of the smart card of a client and the information safety is poor. The method comprises the following steps: a receiving smart card sends service request message through mobile network, and the message carries the identity information of the smart card; the identity information of the service request message is verified; and when verified, the service request message is sent to the server. The method, the device and the system are applicable to various smart card-based wireless services, such as wireless e-government service.
Description
Technical field
The present invention relates to the communication technology, relate in particular to a kind of implementation method, device and system of the wireless traffic based on smart card, and the awarding method of digital certificates, device and system.
Background technology
In order to promote the development of E-Government, China Mobile, CHINAUNICOM have released the wireless electron government affairs business service based on smart card, traditional E-Government is combined with portable terminal, realize the inquiry and the management of the Working information that carries out on the government affairs Intranet by Internet (internet) and mobile network.Working information mainly is government's internal office work requirement, needs to consider external service simultaneously, and the service object comprises the public, enterprise and branch of government etc.The wireless electron government affairs are professional by the E-Government wireless solution, contents such as government policy, convenience-for-people behave, satisfaction investigation are sent to portable terminal, realized the wireless extension of E-Government on the fixed network basis with technology such as note, WAP (WirelessApplication Protocol, WAP (wireless application protocol)) websites.
The integrated services of wireless electron government affairs mobile network and government intranet, as shown in Figure 1, the wireless electron government system comprises: smart card 1 (being positioned at user terminal such as mobile phone), mobile network 2 and government intranet 3 (being mainly office automation OA system).Smart card 1 is by the information interaction of mobile network's 2 realizations with government intranet 3; in this process, when how to guarantee that mutual information inserts government intranet 3 by mobile network 2, can not distort; privacy information can be protected effectively, and the maximum that just becomes this class business is considered.
Based on above-mentioned needs, in the prior art in the process of carrying out wireless traffic, mobile network's side has mobile network management equipment smart card is carried out authentication, its method that adopts is: the user authentication information of terminal (this packets of information contains KI) is stored in its inner smart card in advance, terminal is transmitted to smart card with the random number that mobile network management equipment sends, smart card is carried out the generation of corresponding authentication algorithm and is derived the authentication check word with this random number and described KI, by terminal this authentication check word is sent to mobile network management equipment then.Simultaneously, mobile network management equipment uses described random number to carry out identical algorithms and generates a check word, the check word of this generation and received check word is compared, if identical, then authentication is passed through, the respective services that the terminal use can use Virtual network operator to provide normally; Otherwise, forbid that then the terminal use lands network.Above method has realized the authentication to the mobile network terminal use, can prevent that uncommitted smart card from using network.
But, in the government intranet side, do not have equipment that the smart card in the user terminal is carried out authentication in the prior art, can't guarantee unwarranted user, land the mobile network after, visit government affairs Intranet, visit government intranet as regular handset by the mobile network, obtain confidentiality information.
Summary of the invention
On the one hand, the invention provides a kind of implementation method, device and system of the wireless traffic based on smart card, the government intranet side does not have equipment that the smart card in the user terminal is carried out authentication in the prior art to solve, the problem of Information Security difference.
For achieving the above object, the present invention adopts following technical scheme:
A kind of implementation method of the wireless traffic based on smart card comprises:
Receive smart card by the business request information that the mobile network sends, carry the identity information of described smart card in this business request information;
Verify the identity information in the described business request information;
After checking is passed through, described business request information is sent to server.
A kind of safety certification platform comprises:
First receiving element: be used to receive smart card by the business request information that the mobile network sends, carry the identity information of described smart card in this business request information;
Authentication unit: the identity information that is used for verifying described business request information;
First transmitting element: be used for the checking pass through after, described business request information is sent to server.
A kind of communication system comprises smart card, safety certification platform and server, wherein,
Described smart card: be used for sending business request information to described safety certification platform by the mobile network;
Described safety certification platform: be used to receive smart card by the business request information that the mobile network sends, carry the identity information of described smart card in this business request information; Verify the identity information in the described business request information; After checking is passed through, described business request information is sent to server;
Described server: be used to receive and respond the business request information that described safety certification platform is transmitted.
Among the present invention, increase the safety certification platform, be used for the smart card in the user terminal is carried out authentication, thereby strengthened the interior Information Security of server.
On the other hand, the invention provides a kind of awarding method, device and system of digital certificates, when issuing digital certificates in the prior art, need arrive on the hardware platform of appointment and issue by card reader to solve, be subjected to the dual restriction in time and space, issue the process complicated problems.
A kind of awarding method of digital certificates comprises:
Receive smart card by certificate authority request message and PKI file that the mobile network sends, include PKI in this PKI file;
According to described certificate authority request message, obtain the PKI in the described PKI file and the identity information of smart card, and generate and carry the digital certificates of described PKI and smart card identity information;
With described digital certificates, send to described smart card by the mobile network.
A kind of safety certification platform comprises:
Receiving element: be used to receive smart card by certificate authority request message and PKI file that the mobile network sends, include PKI in this PKI file;
Obtain and generation unit: be used for according to described certificate authority request message, obtain the PKI in the described PKI file and the identity information of smart card, and generate and carry the digital certificates of described PKI and smart card identity information;
Transmitting element: be used for described digital certificates are sent to described smart card by the mobile network.
A kind of communication system comprises smart card and safety certification platform, wherein,
Described smart card: be used for sending certificate authority request message and PKI file to described safety certification platform, include PKI in this PKI file by the mobile network;
Described safety certification platform: be used to receive certificate authority request message and the PKI file that smart card sends by the mobile network; According to described certificate authority request message, obtain the PKI in the described PKI file and the identity information of smart card, and generate and carry the digital certificates of described PKI and smart card identity information; With described digital certificates, send to described smart card by the mobile network.
Among the present invention, digital certificates are issued by the mobile network by the safety certification platform, can not be subjected to the restriction in time and space, and it is simple to issue process.
Description of drawings
Fig. 1 is the structural representation of wireless electron government system in the prior art;
The schematic flow sheet that Fig. 2 provides for the embodiment of the invention one based on the implementation method of the wireless traffic of smart card;
Fig. 3 is the application scenarios schematic diagram of method shown in Figure 2;
The schematic flow sheet that Fig. 4 provides for the embodiment of the invention two based on the implementation method of the wireless traffic of smart card;
The structural representation of the safety certification platform that Fig. 5 provides for the embodiment of the invention three;
The structural representation of the communication system that Fig. 6 provides for the embodiment of the invention four;
The schematic flow sheet of the awarding method of the digital certificates that Fig. 7 provides for the embodiment of the invention five;
The schematic flow sheet of the awarding method of the digital certificates that Fig. 8 provides for the embodiment of the invention six;
The structural representation of the safety certification platform that Fig. 9 provides for the embodiment of the invention seven;
The structural representation of the communication system that Figure 10 provides for the embodiment of the invention eight.
Embodiment
The government intranet side does not have equipment that the smart card in the user terminal is carried out authentication in the prior art in order to solve, and the problem of Information Security difference the invention provides a kind of implementation method, device and system of the wireless traffic based on smart card.Simultaneously, when issuing digital certificates in the prior art, need arrive on the hardware platform of appointment and issue, be subjected to the dual restriction in time and space by card reader for solving, issue the process complicated problems, the invention provides a kind of awarding method, device and system of digital certificates.Describe the present invention below in conjunction with accompanying drawing.
On the one hand, the invention provides a kind of implementation method, device and system of the wireless traffic based on smart card.
Embodiment one
As shown in Figure 2, the invention provides a kind of implementation method of the wireless traffic based on smart card, comprising:
Step 201: receive smart card by the business request information that the mobile network sends, carry the identity information of described smart card in this business request information;
Step 202: verify the identity information in the described business request information;
Step 203: after checking is passed through, described business request information is sent to server.
In the inventive method, increased the process of smart card being carried out authentication at server side, the smart card that has only authentication to pass through just can be transmitted to server with the business request information of its transmission, thereby has strengthened the Information Security in the server.
Being applied to the wireless electron government system with this method below is example, introduces the implementation process of the inventive method in detail.
In order to use method of the present invention, need do following improvement to existing wireless electron government system: as shown in Figure 3,3 sides increase by a safety certification platform 4 in OA system of government, are used to carry out the method for above-mentioned authentication.Simultaneously, in the embodiment of the invention, the mode of carrying out authentication is to carry out in the mode of digital certificates, and for this reason, safety certification platform 4 needs to issue digital certificates in advance smart card 1, and informs the PKI of smart card 1 this safety certification platform 4.The PKI that includes smart card 1 in the described digital certificates, smart card 1 self are preserved corresponding private key.Wireless electron government system shown in Figure 3, the implementation procedure of its wireless traffic is as follows:
Smart card 1 side:
Smart card 1 is when sending business request information, the PKI of elder generation's authentication platform 4 safe in utilization, business request information is encrypted, use the private key of self that the business request information after encrypting is signed then, at last the business request information behind the described ciphering signature is sent to safety certification platform 4 by mobile network 2.
Smart card 1 can adopt PKI (Public Key Infrastructure, public key architecture) smart card, and this kind smart card is supported wireless PKI system, can support digital certificates.
Mobile network's 2 sides:
2 pairs of smart cards of mobile network 1 carry out authentication, and after checking was passed through, mobile network 2 just can be transmitted to business request information safety certification platform 4.This authentication process itself is a prior art, repeats no more herein.
Safety certification platform 4 sides:
After the business request information that receives smart card 1 transmission, use the PKI of smart card 1 that the signing messages in the business request information is verified earlier, after checking is passed through, the private key that re-uses safety certification platform 4 is decrypted business request information, at last, be transmitted to A system of government 3 with testing the business request information of signing after deciphering.
OA system of government 3 sides:
After OA system of government 3 receives business request information, respond this business request information.
In the implementation procedure of present embodiment wireless traffic, in OA system of government 3 sides, increased the process that smart card 1 is carried out authentication: 1 pair of business request information of smart card is signed, the identity information that just includes smart card 1 in this signature, the process of safety certification platform 4 these signatures of checking promptly is the process of checking smart card 1 identity information.The smart card 1 that has only authentication to pass through, the business request information that it sent just can be forwarded to OA system of government 3 by safety certification platform 4, carry out respective handling, thereby have increased the fail safe of OA system of government 3 internal informations.In addition, in this process, the encryption of 1 pair of business request information of smart card and the decrypting process of safety certification platform have further strengthened the fail safe of information, make that the whole service process is more safe and reliable.
Because the mode of digital certificates has been adopted in authentication among this embodiment: 1 pair of business request information of smart card is encrypted and is signed, the safety certification platform is tested business request information and is signed and deciphering, make whole wireless traffic process have confidentiality, integrality, authentication and non-repudiation four characteristics, thereby solved the safety problem of the wireless traffic that people worried.
Among the present invention, the process of authentication is except the mode that adopts above-mentioned digital certificates, can also adopt alternate manner of the prior art to realize, smart card be carried out the mode of authentication etc. as employing and mobile network's side, repeat no more other implementation herein.
Method of the present invention is applicable to the various wireless traffics based on smart card as above-mentioned wireless electron government affairs business etc.
Embodiment two
As shown in Figure 4, the present invention also provides a kind of implementation method of the wireless traffic based on smart card, comprising:
Step 401: receive smart card by the business request information that the mobile network sends, carry the identity information of described smart card in this business request information;
Step 402: verify the identity information in the described business request information;
Step 403: after checking is passed through, described business request information is sent to server;
Step 404: receive the response message of described server to described business request information;
Step 405:, send to described smart card by the mobile network with described response message.
Wherein, step 401-403 is identical with step 201-203 among the embodiment one.
In wireless traffic, server often need return certain result to smart card, and therefore, in the process of embodiment of the invention wireless traffic, the safety certification platform also needs to receive the response message of OA system of government to described business request information; Then, with described response message, send to described smart card by the mobile network.
Corresponding with the implementation method of above-mentioned wireless traffic based on smart card, the invention provides a kind of safety certification platform and communication system.
Embodiment three
As shown in Figure 5, safety certification platform provided by the invention comprises:
First receiving element 501: be used to receive smart card by the business request information that the mobile network sends, carry the identity information of described smart card in this business request information;
Authentication unit 502: the identity information that is used for verifying described business request information;
First transmitting element 503: be used for the checking pass through after, described business request information is sent to server.
Further, described safety certification platform also comprises:
Second receiving element 504: be used to receive the response message of described server to described business request information;
Second transmitting element 505: be used for described response message is sent to described smart card by the mobile network.
Safety certification platform of the present invention can be arranged on server side separately, also can integratedly be arranged on server inside, does not all influence the enforcement of technical solution of the present invention.
Embodiment four
As shown in Figure 6, communication system provided by the invention comprises smart card 601, safety certification platform 602 and server 603, wherein,
Described smart card 601: be used for sending business request information to described safety certification platform 602 by the mobile network;
Described safety certification platform 602: be used to receive smart card 601 by the business request information that the mobile network sends, carry the identity information of described smart card in this business request information; Verify the identity information in the described business request information; After checking is passed through, described business request information is sent to server 603;
Described server 603: be used to receive and respond the business request information that described safety certification platform 602 is transmitted.
Preferably, described server 603: be further used for the response message to described business request information is sent to described safety certification platform 602;
Described safety certification platform 602: be further used for receiving the response message that described server 603 sends to described business request information; With described response message, send to described smart card 601 by the mobile network;
Described smart card 601: be further used for receiving the response message that described safety certification platform 602 is transmitted to business request information by the mobile network.
As from the foregoing, in implementation method, device and the system of the wireless traffic based on smart card provided by the invention, at server side the smart card in the user terminal has been carried out authentication, the smart card that has only authentication to pass through, just the business request information of its transmission can be transmitted to server, thereby strengthen the Information Security in the server.
On the other hand, the invention provides a kind of awarding method, device and system of digital certificates.
Embodiment five
As shown in Figure 7, the awarding method of digital certificates provided by the invention comprises:
Step 701: receive smart card by certificate authority request message and PKI file that the mobile network sends, include PKI in this PKI file;
Step 702: according to described certificate authority request message, obtain the PKI in the described PKI file and the identity information of smart card, and generate and carry the digital certificates of described PKI and smart card identity information;
Step 703:, send to described smart card by the mobile network with described digital certificates.
In the inventive method, digital certificates are issued by the mobile network, and when issuing digital certificates in the prior art, need arrive on the hardware platform of appointment and issue by card reader, are subjected to the dual restriction in time and space, issue the process complexity.Compare with the prior art, method of the present invention has and is not subjected to time and spatial limitation, the simple advantage of the process of issuing.
Because the effect of digital certificates is to be used to carry out authentication, and digital certificates are issued by the mobile network among the present invention, therefore, method of the present invention is specially adapted to the wireless traffic based on smart card.
The wireless electron government system that is applied to after the improvement shown in Figure 3 with the inventive method is an example below, introduces the implementation process of the inventive method in detail.
Wireless electron government system after improving as shown in Figure 3 adopts the mode of digital certificates to carry out authentication in order to realize 4 pairs of smart cards of safety certification platform 1, and safety certification platform 4 needs to adopt the inventive method to issue digital certificates to smart card 1.These digital certificates to issue process as follows:
Smart card 1 side:
When the user enters wireless electron government affairs service menu on the smart card 1 first, trigger smart card 1 and generate a key, and described PKI and private key are stored in respectively in PKI file and the private key file (comprising a PKI and a private key).Simultaneously, smart card 1 sends certificate authority request message and PKI file by mobile network 2 to safety certification platform 4, includes described PKI in this PKI file.
Mobile network's 2 sides:
Mobile network 2 is transmitted to safety certification platform 4 with described certificate authority request message and PKI file.
Safety certification platform 4 sides:
Behind the certificate authority request message and PKI file that receive smart card 1 transmission, according to described certificate authority request message, obtain the PKI in the described PKI file and the identity information of smart card 1, and generate and carry the digital certificates of described PKI and smart card identity information; Then, the digital certificates with generating send to described smart card 1 by mobile network 2.
Smart card 1 side:
Smart card 1 is preserved the digital certificates that safety certification platform 4 is issued.
Only the issuing to issue when the user enters wireless electron government affairs service menu on the smart card first of above-mentioned digital certificates gets final product, and just do not need to repeat to issue in the use afterwards again.
In the present embodiment, digital certificates are issued by mobile network 2 by safety certification platform 4, can not be subjected to the restriction in time and space, and it is simple to issue process, has improved certificate authority efficient.
After above-mentioned digital certificates were issued, smart card 1 also needed to obtain the PKI of safety certification platform 4, because that the PKI of safety certification platform 4 is generally is disclosed, so its PKI can obtain as long as send a request message to safety certification platform 4.Subsequently, in the service interaction process between smart card 1 and the OA system of government 3, safety certification platform 4 just can adopt the digital certificates mode that smart card 1 is carried out authentication, thereby can improve the fail safe of OA system of government 3 internal informations greatly, and the fail safe of whole wireless traffic.
Embodiment six
As shown in Figure 8, the awarding method of digital certificates provided by the invention comprises:
Step 801: receive smart card by certificate authority request message and PKI file that the mobile network sends, include PKI in this PKI file;
Step 802: determine that the PKI file that described smart card sends is the file that adopts after presetting method is encrypted, adopt the corresponding preset method, decipher described PKI file;
Step 803: according to described certificate authority request message, obtain the PKI in the described PKI file and the identity information of smart card, and generate and carry the digital certificates of described PKI and smart card identity information;
Step 804:, send to described smart card by the mobile network with described digital certificates.
On the basis of embodiment five, smart card 1 in order to strengthen the fail safe of information, has carried out encryption to the PKI file in the present embodiment when safety certification platform 4 sends certificate authority request message and PKI file.Digital certificates to issue process as follows:
Smart card 1 side:
When smart card 1 hair fastener, on smart card 1 and safety certification platform 4, an identical cryptographic algorithm and an encryption key is set in advance.After smart card 1 generates the PKI file, adopt described cryptographic algorithm and encryption key to encrypt to this PKI file, and then the PKI file after certificate authority request message and the described encryption is sent to safety certification platform 4 by mobile network 2.
Mobile network's 2 sides:
Mobile network 2 is transmitted to safety certification platform 4 with described certificate authority request message and PKI file.
Safety certification platform 4 sides:
Behind the certificate authority request message and PKI file that receive smart card 1 transmission, according to described certificate authority request message, use preset encryption algorithm and encryption key earlier, decipher described PKI file, then, obtain the PKI in the described PKI file and the identity information of smart card 1, and generate and carry the digital certificates of described PKI and smart card identity information; At last, the digital certificates with generating send to described smart card 1 by mobile network 2.
Smart card 1 side:
Smart card 1 is preserved the digital certificates that safety certification platform 4 is issued.
Among the present invention, when smart card 1 sends the PKI file to safety certification platform 4, adopted the presetting method encryption, safety certification platform 4 then adopts the corresponding preset method, deciphers described PKI file.In the above-described embodiments, presetting method is to be example on smart card 1 and safety certification platform 4 an identical cryptographic algorithm and an encryption key to be set in advance, presetting method is not limited to this kind implementation, can also adopt alternate manner of the prior art, repeats no more herein.
Owing to adopted presetting method encrypted public key file, therefore, further strengthened the fail safe that information is transmitted, guaranteed the reliability that digital certificates are issued.
Corresponding with the awarding method of above-mentioned digital certificates, the invention provides a kind of safety certification platform and communication system.
Embodiment seven
As shown in Figure 9, safety certification platform provided by the invention comprises:
Receiving element 901: be used to receive smart card by certificate authority request message and PKI file that the mobile network sends, include PKI in this PKI file;
Obtain and generation unit 903: be used for according to described certificate authority request message, obtain the PKI in the described PKI file and the identity information of smart card, and generate and carry the digital certificates of described PKI and smart card identity information;
Transmitting element 904: be used for described digital certificates are sent to described smart card by the mobile network.
Preferably, described safety certification platform also comprises:
Decrypting device 902: be used for determining that the PKI file that described smart card sends is the file that adopts after presetting method is encrypted, adopt the corresponding preset method, decipher described PKI file.
Embodiment eight
As shown in figure 10, communication system provided by the invention comprises smart card 101 and safety certification platform 102, wherein,
Described smart card 101: be used for sending certificate authority request message and PKI file to described safety certification platform 102, include PKI in this PKI file by the mobile network;
Described safety certification platform 102: be used to receive certificate authority request message and the PKI file that smart card sends by the mobile network; According to described certificate authority request message, obtain the PKI in the described PKI file and the identity information of smart card, and generate and carry the digital certificates of described PKI and smart card identity information; With described digital certificates, send to described smart card 101 by the mobile network.
As from the foregoing, in the awarding method of digital certificates provided by the invention, device and the system, digital certificates are issued by the mobile network, can not be subjected to the restriction in time and space, it is simple to issue process, the privacy of guarantee information effectively can not distorting property and identity non repudiation, can improve certificate authority and efficiency of managing again.
The above; only be the specific embodiment of the present invention, but protection scope of the present invention is not limited thereto, anyly is familiar with those skilled in the art in the technical scope that the present invention discloses; can expect easily changing or replacing, all should be encompassed within protection scope of the present invention.Therefore, protection scope of the present invention should be as the criterion with the protection range of described claim.
Claims (11)
1, a kind of implementation method of the wireless traffic based on smart card is characterized in that, comprising:
Receive smart card by the business request information that the mobile network sends, carry the identity information of described smart card in this business request information;
Verify the identity information in the described business request information;
After checking is passed through, described business request information is sent to server.
2, method according to claim 1 is characterized in that, also comprises:
Receive the response message of described server to described business request information;
With described response message, send to described smart card by the mobile network.
3, a kind of safety certification platform is characterized in that, comprising:
First receiving element: be used to receive smart card by the business request information that the mobile network sends, carry the identity information of described smart card in this business request information;
Authentication unit: the identity information that is used for verifying described business request information;
First transmitting element: be used for the checking pass through after, described business request information is sent to server.
4, safety certification platform according to claim 3 is characterized in that, also comprises:
Second receiving element: be used to receive the response message of described server to described business request information;
Second transmitting element: be used for described response message is sent to described smart card by the mobile network.
5, a kind of communication system is characterized in that, comprises smart card, safety certification platform and server, wherein,
Described smart card: be used for sending business request information to described safety certification platform by the mobile network;
Described safety certification platform: be used to receive smart card by the business request information that the mobile network sends, carry the identity information of described smart card in this business request information; Verify the identity information in the described business request information; After checking is passed through, described business request information is sent to server;
Described server: be used to receive and respond the business request information that described safety certification platform is transmitted.
6, communication system according to claim 5 is characterized in that,
Described server: be further used for the response message to described business request information is sent to described safety certification platform;
Described safety certification platform: be further used for receiving the response message that described server sends to described business request information; With described response message, send to described smart card by the mobile network;
Described smart card: be further used for receiving the response message that described safety certification platform is transmitted to business request information by the mobile network.
7, a kind of awarding method of digital certificates is characterized in that, comprising:
Receive smart card by certificate authority request message and PKI file that the mobile network sends, include PKI in this PKI file;
According to described certificate authority request message, obtain the PKI in the described PKI file and the identity information of smart card, and generate and carry the digital certificates of described PKI and smart card identity information;
With described digital certificates, send to described smart card by the mobile network.
8, method according to claim 7 is characterized in that,
When the PKI file of described smart card transmission was the file that adopts after presetting method is encrypted, described method further comprised:
Adopt the corresponding preset method, decipher described PKI file.
9, a kind of safety certification platform is characterized in that, comprising:
Receiving element: be used to receive smart card by certificate authority request message and PKI file that the mobile network sends, include PKI in this PKI file;
Obtain and generation unit: be used for according to described certificate authority request message, obtain the PKI in the described PKI file and the identity information of smart card, and generate and carry the digital certificates of described PKI and smart card identity information;
Transmitting element: be used for described digital certificates are sent to described smart card by the mobile network.
10, safety certification platform according to claim 9 is characterized in that, also comprises:
Decrypting device: be used for determining that the PKI file that described smart card sends is the file that adopts after presetting method is encrypted, adopt the corresponding preset method, decipher described PKI file.
11, a kind of communication system is characterized in that, comprises smart card and safety certification platform, wherein,
Described smart card: be used for sending certificate authority request message and PKI file to described safety certification platform, include PKI in this PKI file by the mobile network;
Described safety certification platform: be used to receive certificate authority request message and the PKI file that smart card sends by the mobile network; According to described certificate authority request message, obtain the PKI in the described PKI file and the identity information of smart card, and generate and carry the digital certificates of described PKI and smart card identity information; With described digital certificates, send to described smart card by the mobile network.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2008102403410A CN101437228B (en) | 2008-12-17 | 2008-12-17 | Method, apparatus and system for implementing wireless business based on smart card |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2008102403410A CN101437228B (en) | 2008-12-17 | 2008-12-17 | Method, apparatus and system for implementing wireless business based on smart card |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101437228A true CN101437228A (en) | 2009-05-20 |
| CN101437228B CN101437228B (en) | 2011-05-11 |
Family
ID=40711402
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2008102403410A Expired - Fee Related CN101437228B (en) | 2008-12-17 | 2008-12-17 | Method, apparatus and system for implementing wireless business based on smart card |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101437228B (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105337735A (en) * | 2014-05-26 | 2016-02-17 | 阿里巴巴集团控股有限公司 | Digital certificate processing and verifying method and apparatus |
| CN107040920A (en) * | 2017-06-21 | 2017-08-11 | 壹家易(上海)网络科技有限公司 | Data transmission system and data transmission method |
| CN107294987A (en) * | 2017-06-30 | 2017-10-24 | 江西博瑞彤芸科技有限公司 | Information processing method |
| CN110535807A (en) * | 2018-05-24 | 2019-12-03 | 腾讯科技(深圳)有限公司 | A kind of service authentication method, device and medium |
Family Cites Families (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1265609C (en) * | 2002-02-08 | 2006-07-19 | 泰康亚洲(北京)科技有限公司 | Confirmation method for safe mobile e-business platform digital certificate |
| JP4349789B2 (en) * | 2002-11-06 | 2009-10-21 | 富士通株式会社 | Safety judgment device and safety judgment method |
| CN100346249C (en) * | 2004-12-31 | 2007-10-31 | 联想(北京)有限公司 | Method for generating digital certificate and applying the generated digital certificate |
-
2008
- 2008-12-17 CN CN2008102403410A patent/CN101437228B/en not_active Expired - Fee Related
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105337735A (en) * | 2014-05-26 | 2016-02-17 | 阿里巴巴集团控股有限公司 | Digital certificate processing and verifying method and apparatus |
| CN105337735B (en) * | 2014-05-26 | 2019-06-07 | 阿里巴巴集团控股有限公司 | The method and apparatus of digital certificate processing and verification |
| US10362020B2 (en) | 2014-05-26 | 2019-07-23 | Alibaba Group Holding Limited | Processing and verifying digital certificate |
| CN107040920A (en) * | 2017-06-21 | 2017-08-11 | 壹家易(上海)网络科技有限公司 | Data transmission system and data transmission method |
| CN107294987A (en) * | 2017-06-30 | 2017-10-24 | 江西博瑞彤芸科技有限公司 | Information processing method |
| CN110535807A (en) * | 2018-05-24 | 2019-12-03 | 腾讯科技(深圳)有限公司 | A kind of service authentication method, device and medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN101437228B (en) | 2011-05-11 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US8467532B2 (en) | System and method for secure transaction of data between a wireless communication device and a server | |
| CN103297437B (en) | A kind of method of mobile intelligent terminal secure access service device | |
| EP2416524B1 (en) | System and method for secure transaction of data between wireless communication device and server | |
| CN101510877B (en) | Single-point logging-on method and system, communication apparatus | |
| Saxena et al. | EasySMS: A protocol for end-to-end secure transmission of SMS | |
| CN101720071B (en) | Short message two-stage encryption transmission and secure storage method based on safety SIM card | |
| CN106973056B (en) | Object-oriented security chip and encryption method thereof | |
| CN104618120A (en) | Digital signature method for escrowing private key of mobile terminal | |
| CN101815091A (en) | Cipher providing equipment, cipher authentication system and cipher authentication method | |
| CN101247407A (en) | Network authentication service system and method | |
| CN103812651B (en) | Method of password authentication, apparatus and system | |
| CN104660605A (en) | Multi-factor identity authentication method and system | |
| US20130311783A1 (en) | Mobile radio device-operated authentication system using asymmetric encryption | |
| CN101621794A (en) | Method for realizing safe authentication of wireless application service system | |
| CN107483429B (en) | A kind of data ciphering method and device | |
| CN105681470A (en) | Communication method, server and terminal based on hypertext transfer protocol | |
| CN103118363A (en) | Method, system, terminal device and platform device of secret information transmission | |
| CN107094156A (en) | A kind of safety communicating method and system based on P2P patterns | |
| Aura et al. | Reducing reauthentication delay in wireless networks | |
| Rongyu et al. | A PK-SIM card based end-to-end security framework for SMS | |
| CN112911588A (en) | Lightweight narrowband Internet of things secure transmission method and system | |
| CN101437228B (en) | Method, apparatus and system for implementing wireless business based on smart card | |
| CN107104888B (en) | Safe instant messaging method | |
| CN115174277B (en) | Data communication and file exchange method based on block chain | |
| CN201717885U (en) | Code providing equipment and code identification system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CP01 | Change in the name or title of a patent holder |
Address after: 100015 Beijing city Chaoyang District Dongzhimen West eight Street No. 2 room Wanhong Yan Dong Business Garden Patentee after: BEIJING WATCHDATA Co.,Ltd. Address before: 100015 Beijing city Chaoyang District Dongzhimen West eight Street No. 2 room Wanhong Yan Dong Business Garden Patentee before: BEIJING WATCH DATA SYSTEM Co.,Ltd. |
|
| CP01 | Change in the name or title of a patent holder | ||
| DD01 | Delivery of document by public notice | ||
| DD01 | Delivery of document by public notice |
Addressee: Patent of Beijing grip Data Co.,Ltd. The person in charge Document name: payment instructions |
|
| DD01 | Delivery of document by public notice | ||
| DD01 | Delivery of document by public notice |
Addressee: Patent of Beijing grip Data Co.,Ltd. The person in charge Document name: Patent termination notice |
|
| CF01 | Termination of patent right due to non-payment of annual fee | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20110511 Termination date: 20211217 |