CN101437228B - Method, apparatus and system for implementing wireless business based on smart card - Google Patents

Method, apparatus and system for implementing wireless business based on smart card Download PDF

Info

Publication number
CN101437228B
CN101437228B CN2008102403410A CN200810240341A CN101437228B CN 101437228 B CN101437228 B CN 101437228B CN 2008102403410 A CN2008102403410 A CN 2008102403410A CN 200810240341 A CN200810240341 A CN 200810240341A CN 101437228 B CN101437228 B CN 101437228B
Authority
CN
China
Prior art keywords
smart card
pki
mobile network
request information
business request
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN2008102403410A
Other languages
Chinese (zh)
Other versions
CN101437228A (en
Inventor
贾安州
朱红岩
李桂芬
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Watchdata Co ltd
Original Assignee
Beijing WatchData System Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing WatchData System Co Ltd filed Critical Beijing WatchData System Co Ltd
Priority to CN2008102403410A priority Critical patent/CN101437228B/en
Publication of CN101437228A publication Critical patent/CN101437228A/en
Application granted granted Critical
Publication of CN101437228B publication Critical patent/CN101437228B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Abstract

The invention discloses a method, a device and a system for realizing a smart card-based wireless service, which is designed to solve the problem that in the prior art no equipment at government internal network side performs identity authentication of the smart card of a client and the information safety is poor. The method comprises the following steps: a receiving smart card sends service request message through mobile network, and the message carries the identity information of the smart card; the identity information of the service request message is verified; and when verified, the service request message is sent to the server. The method, the device and the system are applicable to various smart card-based wireless services, such as wireless e-government service.

Description

Implementation method, device and system based on the wireless traffic of smart card
Technical field
The present invention relates to the communication technology, relate in particular to a kind of implementation method, device and system of the wireless traffic based on smart card, and the awarding method of digital certificates, device and system.
Background technology
In order to promote the development of E-Government, China Mobile, CHINAUNICOM have released the wireless electron government affairs business service based on smart card, traditional E-Government is combined with portable terminal, realize the inquiry and the management of the Working information that carries out on the government affairs Intranet by Internet (internet) and mobile network.Working information mainly is government's internal office work requirement, needs to consider external service simultaneously, and the service object comprises the public, enterprise and branch of government etc.The wireless electron government affairs are professional by the E-Government wireless solution, contents such as government policy, convenience-for-people behave, satisfaction investigation are sent to portable terminal, realized the wireless extension of E-Government on the fixed network basis with technology such as note, WAP (WirelessApplication Protocol, WAP (wireless application protocol)) websites.
The integrated services of wireless electron government affairs mobile network and government intranet, as shown in Figure 1, the wireless electron government system comprises: smart card 1 (being positioned at user terminal such as mobile phone), mobile network 2 and government intranet 3 (being mainly office automation OA system).Smart card 1 is by the information interaction of mobile network's 2 realizations with government intranet 3; in this process, when how to guarantee that mutual information inserts government intranet 3 by mobile network 2, can not distort; privacy information can be protected effectively, and the maximum that just becomes this class business is considered.
Based on above-mentioned needs, in the prior art in the process of carrying out wireless traffic, mobile network's side has mobile network management equipment smart card is carried out authentication, its method that adopts is: the user authentication information of terminal (this packets of information contains KI) is stored in its inner smart card in advance, terminal is transmitted to smart card with the random number that mobile network management equipment sends, smart card is carried out the generation of corresponding authentication algorithm and is derived the authentication check word with this random number and described KI, by terminal this authentication check word is sent to mobile network management equipment then.Simultaneously, mobile network management equipment uses described random number to carry out identical algorithms and generates a check word, the check word of this generation and received check word is compared, if identical, then authentication is passed through, the respective services that the terminal use can use Virtual network operator to provide normally; Otherwise, forbid that then the terminal use lands network.Above method has realized the authentication to the mobile network terminal use, can prevent that uncommitted smart card from using network.
But, in the government intranet side, do not have equipment that the smart card in the user terminal is carried out authentication in the prior art, can't guarantee unwarranted user, land the mobile network after, visit government affairs Intranet, visit government intranet as regular handset by the mobile network, obtain confidentiality information.
Summary of the invention
The invention provides a kind of implementation method, device and system of the wireless traffic based on smart card, the government intranet side does not have equipment that the smart card in the user terminal is carried out authentication in the prior art to solve, the problem of Information Security difference.
For achieving the above object, the present invention adopts following technical scheme:
A kind of implementation method of the wireless traffic based on smart card comprises:
Receive smart card by the business request information that the mobile network sends, carry the identity information of described smart card in this business request information;
Verify the identity information in the described business request information;
After checking is passed through, described business request information is sent to server.
Preferably, before the business request information that the mode that receives smart card employing digital certificates sends by the mobile network, also comprise:
Receive smart card by certificate authority request message and PKI file that the mobile network sends, include PKI in this PKI file;
According to described certificate authority request message, obtain the PKI in the described PKI file and the identity information of smart card, and generate and carry the digital certificates of described PKI and smart card identity information;
Described digital certificates are sent to described smart card by the mobile network.
A kind of safety certification platform comprises:
First receiving element: be used to receive smart card by the business request information that the mobile network sends, carry the identity information of described smart card in this business request information;
Authentication unit: the identity information that is used for verifying described business request information;
First transmitting element: be used for the checking pass through after, described business request information is sent to server.
Preferably, safety certification platform of the present invention also comprises:
Receiving element: be used to receive smart card by certificate authority request message and PKI file that the mobile network sends, include PKI in this PKI file;
Obtain and generation unit: be used for according to described certificate authority request message, obtain the PKI in the described PKI file and the identity information of smart card, and generate and carry the digital certificates of described PKI and smart card identity information;
Transmitting element: be used for described digital certificates are sent to described smart card by the mobile network, adopt the business request information of the mode of digital certificates by mobile network's transmission so that described first receiving element receives smart card.
A kind of communication system comprises smart card, safety certification platform and server, wherein,
Described smart card: be used for sending business request information to described safety certification platform by the mobile network;
Described safety certification platform: be used to receive smart card by the business request information that the mobile network sends, carry the identity information of described smart card in this business request information; Verify the identity information in the described business request information; After checking is passed through, described business request information is sent to server;
Described server: be used to receive and respond the business request information that described safety certification platform is transmitted.
Preferably, described smart card: also be used for sending certificate authority request message and PKI file to described safety certification platform, include PKI in this PKI file by the mobile network;
Described safety certification platform: also be used to receive certificate authority request message and the PKI file that smart card sends by the mobile network; According to described certificate authority request message, obtain the PKI in the described PKI file and the identity information of smart card, and generate and carry the digital certificates of described PKI and smart card identity information; With described digital certificates, send to described smart card by the mobile network.
Among the present invention, increase the safety certification platform, be used for the smart card in the user terminal is carried out authentication, thereby strengthened the interior Information Security of server.
Description of drawings
Fig. 1 is the structural representation of wireless electron government system in the prior art;
The schematic flow sheet that Fig. 2 provides for the embodiment of the invention one based on the implementation method of the wireless traffic of smart card;
Fig. 3 is the application scenarios schematic diagram of method shown in Figure 2;
The schematic flow sheet that Fig. 4 provides for the embodiment of the invention two based on the implementation method of the wireless traffic of smart card;
The structural representation of the safety certification platform that Fig. 5 provides for the embodiment of the invention three;
The structural representation of the communication system that Fig. 6 provides for the embodiment of the invention four;
The schematic flow sheet of the awarding method of the digital certificates that Fig. 7 provides for the embodiment of the invention five;
The schematic flow sheet of the awarding method of the digital certificates that Fig. 8 provides for the embodiment of the invention six;
The structural representation of the safety certification platform that Fig. 9 provides for the embodiment of the invention seven;
The structural representation of the communication system that Figure 10 provides for the embodiment of the invention eight.
Embodiment
The government intranet side does not have equipment that the smart card in the user terminal is carried out authentication in the prior art in order to solve, and the problem of Information Security difference the invention provides a kind of implementation method, device and system of the wireless traffic based on smart card.Simultaneously, when issuing digital certificates in the prior art, need arrive on the hardware platform of appointment and issue, be subjected to the dual restriction in time and space by card reader for solving, issue the process complicated problems, the invention provides a kind of awarding method, device and system of digital certificates.Describe the present invention below in conjunction with accompanying drawing.
On the one hand, the invention provides a kind of implementation method, device and system of the wireless traffic based on smart card.
Embodiment one
As shown in Figure 2, the invention provides a kind of implementation method of the wireless traffic based on smart card, comprising:
Step 201: receive smart card by the business request information that the mobile network sends, carry the identity information of described smart card in this business request information;
Step 202: verify the identity information in the described business request information;
Step 203: after checking is passed through, described business request information is sent to server.
In the inventive method, increased the process of smart card being carried out authentication at server side, the smart card that has only authentication to pass through just can be transmitted to server with the business request information of its transmission, thereby has strengthened the Information Security in the server.
Being applied to the wireless electron government system with this method below is example, introduces the implementation process of the inventive method in detail.
In order to use method of the present invention, need do following improvement to existing wireless electron government system: as shown in Figure 3,3 sides increase by a safety certification platform 4 in OA system of government, are used to carry out the method for above-mentioned authentication.Simultaneously, in the embodiment of the invention, the mode of carrying out authentication is to carry out in the mode of digital certificates, and for this reason, safety certification platform 4 needs to issue digital certificates in advance smart card 1, and informs the PKI of smart card 1 this safety certification platform 4.The PKI that includes smart card 1 in the described digital certificates, smart card 1 self are preserved corresponding private key.Wireless electron government system shown in Figure 3, the implementation procedure of its wireless traffic is as follows:
Smart card 1 side:
Smart card 1 is when sending business request information, the PKI of elder generation's authentication platform 4 safe in utilization, business request information is encrypted, use the private key of self that the business request information after encrypting is signed then, at last the business request information behind the described ciphering signature is sent to safety certification platform 4 by mobile network 2.
Smart card 1 can adopt PKI (Public Key Infrastructure, public key architecture) smart card, and this kind smart card is supported wireless PKI system, can support digital certificates.
Mobile network's 2 sides:
2 pairs of smart cards of mobile network 1 carry out authentication, and after checking was passed through, mobile network 2 just can be transmitted to business request information safety certification platform 4.This authentication process itself is a prior art, repeats no more herein.
Safety certification platform 4 sides:
After the business request information that receives smart card 1 transmission, use the PKI of smart card 1 that the signing messages in the business request information is verified earlier, after checking is passed through, the private key that re-uses safety certification platform 4 is decrypted business request information, at last, be transmitted to OA system of government 3 with testing the business request information of signing after deciphering.
OA system of government 3 sides:
After OA system of government 3 receives business request information, respond this business request information.
In the implementation procedure of present embodiment wireless traffic, in OA system of government 3 sides, increased the process that smart card 1 is carried out authentication: 1 pair of business request information of smart card is signed, the identity information that just includes smart card 1 in this signature, the process of safety certification platform 4 these signatures of checking promptly is the process of checking smart card 1 identity information.The smart card 1 that has only authentication to pass through, the business request information that it sent just can be forwarded to OA system of government 3 by safety certification platform 4, carry out respective handling, thereby have increased the fail safe of OA system of government 3 internal informations.In addition, in this process, the encryption of 1 pair of business request information of smart card and the decrypting process of safety certification platform have further strengthened the fail safe of information, make that the whole service process is more safe and reliable.
Because the mode of digital certificates has been adopted in authentication among this embodiment: 1 pair of business request information of smart card is encrypted and is signed, the safety certification platform is tested business request information and is signed and deciphering, make whole wireless traffic process have confidentiality, integrality, authentication and non-repudiation four characteristics, thereby solved the safety problem of the wireless traffic that people worried.
Among the present invention, the process of authentication is except the mode that adopts above-mentioned digital certificates, can also adopt alternate manner of the prior art to realize, smart card be carried out the mode of authentication etc. as employing and mobile network's side, repeat no more other implementation herein.
Method of the present invention is applicable to the various wireless traffics based on smart card as above-mentioned wireless electron government affairs business etc.
Embodiment two
As shown in Figure 4, the present invention also provides a kind of implementation method of the wireless traffic based on smart card, comprising:
Step 401: receive smart card by the business request information that the mobile network sends, carry the identity information of described smart card in this business request information;
Step 402: verify the identity information in the described business request information;
Step 403: after checking is passed through, described business request information is sent to server;
Step 404: receive the response message of described server to described business request information;
Step 405:, send to described smart card by the mobile network with described response message.
Wherein, step 401-403 is identical with step 201-203 among the embodiment one.
In wireless traffic, server often need return certain result to smart card, and therefore, in the process of embodiment of the invention wireless traffic, the safety certification platform also needs to receive the response message of OA system of government to described business request information; Then, with described response message, send to described smart card by the mobile network.
Corresponding with the implementation method of above-mentioned wireless traffic based on smart card, the invention provides a kind of safety certification platform and communication system.
Embodiment three
As shown in Figure 5, safety certification platform provided by the invention comprises:
First receiving element 501: be used to receive smart card by the business request information that the mobile network sends, carry the identity information of described smart card in this business request information;
Authentication unit 502: the identity information that is used for verifying described business request information;
First transmitting element 503: be used for the checking pass through after, described business request information is sent to server.
Further, described safety certification platform also comprises:
Second receiving element 504: be used to receive the response message of described server to described business request information;
Second transmitting element 505: be used for described response message is sent to described smart card by the mobile network.
Safety certification platform of the present invention can be arranged on server side separately, also can integratedly be arranged on server inside, does not all influence the enforcement of technical solution of the present invention.
Embodiment four
As shown in Figure 6, communication system provided by the invention comprises smart card 601, safety certification platform 602 and server 603, wherein,
Described smart card 601: be used for sending business request information to described safety certification platform 602 by the mobile network;
Described safety certification platform 602: be used to receive smart card 601 by the business request information that the mobile network sends, carry the identity information of described smart card in this business request information; Verify the identity information in the described business request information; After checking is passed through, described business request information is sent to server 603;
Described server 603: be used to receive and respond the business request information that described safety certification platform 602 is transmitted.
Preferably, described server 603: be further used for the response message to described business request information is sent to described safety certification platform 602;
Described safety certification platform 602: be further used for receiving the response message that described server 603 sends to described business request information; With described response message, send to described smart card 601 by the mobile network;
Described smart card 601: be further used for receiving the response message that described safety certification platform 602 is transmitted to business request information by the mobile network.
As from the foregoing, in implementation method, device and the system of the wireless traffic based on smart card provided by the invention, at server side the smart card in the user terminal has been carried out authentication, the smart card that has only authentication to pass through, just the business request information of its transmission can be transmitted to server, thereby strengthen the Information Security in the server.
On the other hand, the invention provides a kind of awarding method, device and system of digital certificates.
Embodiment five
As shown in Figure 7, the awarding method of digital certificates provided by the invention comprises:
Step 701: receive smart card by certificate authority request message and PKI file that the mobile network sends, include PKI in this PKI file;
Step 702: according to described certificate authority request message, obtain the PKI in the described PKI file and the identity information of smart card, and generate and carry the digital certificates of described PKI and smart card identity information;
Step 703:, send to described smart card by the mobile network with described digital certificates.
In the inventive method, digital certificates are issued by the mobile network, and when issuing digital certificates in the prior art, need arrive on the hardware platform of appointment and issue by card reader, are subjected to the dual restriction in time and space, issue the process complexity.Compare with the prior art, method of the present invention has and is not subjected to time and spatial limitation, the simple advantage of the process of issuing.
Because the effect of digital certificates is to be used to carry out authentication, and digital certificates are issued by the mobile network among the present invention, therefore, method of the present invention is specially adapted to the wireless traffic based on smart card.
The wireless electron government system that is applied to after the improvement shown in Figure 3 with the inventive method is an example below, introduces the implementation process of the inventive method in detail.
Wireless electron government system after improving as shown in Figure 3 adopts the mode of digital certificates to carry out authentication in order to realize 4 pairs of smart cards of safety certification platform 1, and safety certification platform 4 needs to adopt the inventive method to issue digital certificates to smart card 1.These digital certificates to issue process as follows:
Smart card 1 side:
When the user enters wireless electron government affairs service menu on the smart card 1 first, trigger smart card 1 and generate a key, and described PKI and private key are stored in respectively in PKI file and the private key file (comprising a PKI and a private key).Simultaneously, smart card 1 sends certificate authority request message and PKI file by mobile network 2 to safety certification platform 4, includes described PKI in this PKI file.
Mobile network's 2 sides:
Mobile network 2 is transmitted to safety certification platform 4 with described certificate authority request message and PKI file.
Safety certification platform 4 sides:
Behind the certificate authority request message and PKI file that receive smart card 1 transmission, according to described certificate authority request message, obtain the PKI in the described PKI file and the identity information of smart card 1, and generate and carry the digital certificates of described PKI and smart card identity information; Then, the digital certificates with generating send to described smart card 1 by mobile network 2.
Smart card 1 side:
Smart card 1 is preserved the digital certificates that safety certification platform 4 is issued.
Only the issuing to issue when the user enters wireless electron government affairs service menu on the smart card first of above-mentioned digital certificates gets final product, and just do not need to repeat to issue in the use afterwards again.
In the present embodiment, digital certificates are issued by mobile network 2 by safety certification platform 4, can not be subjected to the restriction in time and space, and it is simple to issue process, has improved certificate authority efficient.
After above-mentioned digital certificates were issued, smart card 1 also needed to obtain the PKI of safety certification platform 4, because that the PKI of safety certification platform 4 is generally is disclosed, so its PKI can obtain as long as send a request message to safety certification platform 4.Subsequently, in the service interaction process between smart card 1 and the OA system of government 3, safety certification platform 4 just can adopt the digital certificates mode that smart card 1 is carried out authentication, thereby can improve the fail safe of OA system of government 3 internal informations greatly, and the fail safe of whole wireless traffic.
Embodiment six
As shown in Figure 8, the awarding method of digital certificates provided by the invention comprises:
Step 801: receive smart card by certificate authority request message and PKI file that the mobile network sends, include PKI in this PKI file;
Step 802: determine that the PKI file that described smart card sends is the file that adopts after presetting method is encrypted, adopt the corresponding preset method, decipher described PKI file;
Step 803: according to described certificate authority request message, obtain the PKI in the described PKI file and the identity information of smart card, and generate and carry the digital certificates of described PKI and smart card identity information;
Step 804:, send to described smart card by the mobile network with described digital certificates.
On the basis of embodiment five, smart card 1 in order to strengthen the fail safe of information, has carried out encryption to the PKI file in the present embodiment when safety certification platform 4 sends certificate authority request message and PKI file.Digital certificates to issue process as follows:
Smart card 1 side:
When smart card 1 hair fastener, on smart card 1 and safety certification platform 4, an identical cryptographic algorithm and an encryption key is set in advance.After smart card 1 generates the PKI file, adopt described cryptographic algorithm and encryption key to encrypt to this PKI file, and then the PKI file after certificate authority request message and the described encryption is sent to safety certification platform 4 by mobile network 2.
Mobile network's 2 sides:
Mobile network 2 is transmitted to safety certification platform 4 with described certificate authority request message and PKI file.
Safety certification platform 4 sides:
Behind the certificate authority request message and PKI file that receive smart card 1 transmission, according to described certificate authority request message, use preset encryption algorithm and encryption key earlier, decipher described PKI file, then, obtain the PKI in the described PKI file and the identity information of smart card 1, and generate and carry the digital certificates of described PKI and smart card identity information; At last, the digital certificates with generating send to described smart card 1 by mobile network 2.
Smart card 1 side:
Smart card 1 is preserved the digital certificates that safety certification platform 4 is issued.
Among the present invention, when smart card 1 sends the PKI file to safety certification platform 4, adopted the presetting method encryption, safety certification platform 4 then adopts the corresponding preset method, deciphers described PKI file.In the above-described embodiments, presetting method is to be example on smart card 1 and safety certification platform 4 an identical cryptographic algorithm and an encryption key to be set in advance, presetting method is not limited to this kind implementation, can also adopt alternate manner of the prior art, repeats no more herein.
Owing to adopted presetting method encrypted public key file, therefore, further strengthened the fail safe that information is transmitted, guaranteed the reliability that digital certificates are issued.
Corresponding with the awarding method of above-mentioned digital certificates, the invention provides a kind of safety certification platform and communication system.
Embodiment seven
As shown in Figure 9, safety certification platform provided by the invention comprises:
Receiving element 901: be used to receive smart card by certificate authority request message and PKI file that the mobile network sends, include PKI in this PKI file;
Obtain and generation unit 903: be used for according to described certificate authority request message, obtain the PKI in the described PKI file and the identity information of smart card, and generate and carry the digital certificates of described PKI and smart card identity information;
Transmitting element 904: be used for described digital certificates are sent to described smart card by the mobile network.
Preferably, described safety certification platform also comprises:
Decrypting device 902: be used for determining that the PKI file that described smart card sends is the file that adopts after presetting method is encrypted, adopt the corresponding preset method, decipher described PKI file.
Embodiment eight
As shown in figure 10, communication system provided by the invention comprises smart card 101 and safety certification platform 102, wherein,
Described smart card 101: be used for sending certificate authority request message and PKI file to described safety certification platform 102, include PKI in this PKI file by the mobile network;
Described safety certification platform 102: be used to receive certificate authority request message and the PKI file that smart card sends by the mobile network; According to described certificate authority request message, obtain the PKI in the described PKI file and the identity information of smart card, and generate and carry the digital certificates of described PKI and smart card identity information; With described digital certificates, send to described smart card 101 by the mobile network.
As from the foregoing, in the awarding method of digital certificates provided by the invention, device and the system, digital certificates are issued by the mobile network, can not be subjected to the restriction in time and space, it is simple to issue process, the privacy of guarantee information effectively can not distorting property and identity non repudiation, can improve certificate authority and efficiency of managing again.
The above; only be the specific embodiment of the present invention, but protection scope of the present invention is not limited thereto, anyly is familiar with those skilled in the art in the technical scope that the present invention discloses; can expect easily changing or replacing, all should be encompassed within protection scope of the present invention.Therefore, protection scope of the present invention should be as the criterion with the protection range of described claim.

Claims (11)

1. implementation method based on the wireless traffic of smart card, comprise that mobile network's side carries out authentication to the smart card that is positioned at user terminal, it is characterized in that, comprise that also server side carries out authentication to described smart card, wherein, described server side carries out authentication to described smart card and specifically comprises:
Receive smart card by the business request information that the mobile network sends, carry the identity information of described smart card in this business request information;
Verify the identity information in the described business request information;
After checking is passed through, described business request information is sent to server.
2. method according to claim 1 is characterized in that, before the business request information that the mode that receives smart card employing digital certificates sends by the mobile network, also comprises:
Receive smart card by certificate authority request message and PKI file that the mobile network sends, include PKI in this PKI file;
According to described certificate authority request message, obtain the PKI in the described PKI file and the identity information of smart card, and generate and carry the digital certificates of described PKI and smart card identity information;
Described digital certificates are sent to described smart card by the mobile network.
3. method according to claim 2 is characterized in that,
When the PKI file of described smart card transmission was the file that adopts after presetting method is encrypted, described method further comprised:
Adopt the corresponding preset method, decipher described PKI file.
4. according to each described method of claim 1-3, it is characterized in that, after checking is passed through, described business request information sent to after the server, also comprise:
Receive the response message of described server to described business request information;
With described response message, send to described smart card by the mobile network.
5. a safety certification platform is characterized in that, comprising:
First receiving element: be used to receive smart card and adopt the business request information of the mode of digital certificates, carry the identity information of described smart card in this business request information by mobile network's transmission;
Authentication unit: the identity information that is used for verifying described business request information;
First transmitting element: be used for the checking pass through after, described business request information is sent to server.
6. safety certification platform according to claim 5 is characterized in that, also comprises:
Receiving element: be used to receive smart card by certificate authority request message and PKI file that the mobile network sends, include PKI in this PKI file;
Obtain and generation unit: be used for according to described certificate authority request message, obtain the PKI in the described PKI file and the identity information of smart card, and generate and carry the digital certificates of described PKI and smart card identity information;
Transmitting element: be used for described digital certificates are sent to described smart card by the mobile network, adopt the business request information of the mode of digital certificates by mobile network's transmission so that described first receiving element receives smart card.
7. safety certification platform according to claim 6 is characterized in that, also comprises:
Decrypting device: be used for determining that described receiving element receives PKI file that smart card sends when adopting the file after presetting method is encrypted, adopt the corresponding preset method, decipher described PKI file.
8. according to each described safety certification platform of claim 5-7, it is characterized in that, also comprise:
Second receiving element: be used for after described first transmitting element sends to server with described business request information, receiving the response message of described server to described business request information;
Second transmitting element: be used for described response message is sent to described smart card by the mobile network.
9. a communication system is characterized in that, comprises smart card, safety certification platform and server, wherein,
Described smart card: be used for sending business request information to described safety certification platform by the mobile network;
Described safety certification platform: be used to receive smart card by the business request information that the mobile network sends, carry the identity information of described smart card in this business request information; Verify the identity information in the described business request information; After checking is passed through, described business request information is sent to server;
Described server: be used to receive and respond the business request information that described safety certification platform is transmitted.
10. communication system according to claim 9 is characterized in that,
Described smart card: also be used for sending certificate authority request message and PKI file to described safety certification platform, include PKI in this PKI file by the mobile network;
Described safety certification platform: also be used to receive certificate authority request message and the PKI file that smart card sends by the mobile network; According to described certificate authority request message, obtain the PKI in the described PKI file and the identity information of smart card, and generate and carry the digital certificates of described PKI and smart card identity information; With described digital certificates, send to described smart card by the mobile network.
11. according to claim 9 or 10 described communication systems, it is characterized in that,
Described server: be further used for the response message to described business request information is sent to described safety certification platform;
Described safety certification platform: be further used for receiving the response message that described server sends to described business request information; With described response message, send to described smart card by the mobile network;
Described smart card: be further used for receiving the response message that described safety certification platform is transmitted to business request information by the mobile network.
CN2008102403410A 2008-12-17 2008-12-17 Method, apparatus and system for implementing wireless business based on smart card Active CN101437228B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN2008102403410A CN101437228B (en) 2008-12-17 2008-12-17 Method, apparatus and system for implementing wireless business based on smart card

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN2008102403410A CN101437228B (en) 2008-12-17 2008-12-17 Method, apparatus and system for implementing wireless business based on smart card

Publications (2)

Publication Number Publication Date
CN101437228A CN101437228A (en) 2009-05-20
CN101437228B true CN101437228B (en) 2011-05-11

Family

ID=40711402

Family Applications (1)

Application Number Title Priority Date Filing Date
CN2008102403410A Active CN101437228B (en) 2008-12-17 2008-12-17 Method, apparatus and system for implementing wireless business based on smart card

Country Status (1)

Country Link
CN (1) CN101437228B (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105337735B (en) 2014-05-26 2019-06-07 阿里巴巴集团控股有限公司 The method and apparatus of digital certificate processing and verification
CN107040920A (en) * 2017-06-21 2017-08-11 壹家易(上海)网络科技有限公司 Data transmission system and data transmission method
CN107294987A (en) * 2017-06-30 2017-10-24 江西博瑞彤芸科技有限公司 Information processing method
CN110535807B (en) * 2018-05-24 2021-05-11 腾讯科技(深圳)有限公司 Service authentication method, device and medium

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1437375A (en) * 2002-02-08 2003-08-20 泰康亚洲(北京)科技有限公司 Confirmation method for safe mobile e-business platform digital certificate
CN1499365A (en) * 2002-11-06 2004-05-26 富士通株式会社 Method of security recognition, its system and appts., first authentication appts. and computer program products
CN1801029A (en) * 2004-12-31 2006-07-12 联想(北京)有限公司 Method for generating digital certificate and applying the generated digital certificate

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1437375A (en) * 2002-02-08 2003-08-20 泰康亚洲(北京)科技有限公司 Confirmation method for safe mobile e-business platform digital certificate
CN1499365A (en) * 2002-11-06 2004-05-26 富士通株式会社 Method of security recognition, its system and appts., first authentication appts. and computer program products
CN1801029A (en) * 2004-12-31 2006-07-12 联想(北京)有限公司 Method for generating digital certificate and applying the generated digital certificate

Also Published As

Publication number Publication date
CN101437228A (en) 2009-05-20

Similar Documents

Publication Publication Date Title
US8467532B2 (en) System and method for secure transaction of data between a wireless communication device and a server
CN102647461B (en) Communication means based on HTTP, server, terminal
CN103297437B (en) A kind of method of mobile intelligent terminal secure access service device
CN101510877B (en) Single-point logging-on method and system, communication apparatus
EP2416524B1 (en) System and method for secure transaction of data between wireless communication device and server
Saxena et al. EasySMS: A protocol for end-to-end secure transmission of SMS
CN101720071B (en) Short message two-stage encryption transmission and secure storage method based on safety SIM card
CN104618120A (en) Digital signature method for escrowing private key of mobile terminal
Rongyu et al. A PK-SIM card based end-to-end security framework for SMS
CN106973056B (en) Object-oriented security chip and encryption method thereof
CN101247407A (en) Network authentication service system and method
CN101815091A (en) Cipher providing equipment, cipher authentication system and cipher authentication method
CN103812651B (en) Method of password authentication, apparatus and system
CN104660605A (en) Multi-factor identity authentication method and system
CN107483429B (en) A kind of data ciphering method and device
CN104901935A (en) Bilateral authentication and data interaction security protection method based on CPK (Combined Public Key Cryptosystem)
CN105681470A (en) Communication method, server and terminal based on hypertext transfer protocol
US20130311783A1 (en) Mobile radio device-operated authentication system using asymmetric encryption
CN101621794A (en) Method for realizing safe authentication of wireless application service system
Aura et al. Reducing reauthentication delay in wireless networks
CN103118363A (en) Method, system, terminal device and platform device of secret information transmission
CN107094156A (en) A kind of safety communicating method and system based on P2P patterns
CN101437228B (en) Method, apparatus and system for implementing wireless business based on smart card
CN107104888B (en) Safe instant messaging method
CN103780380A (en) Asymmetric mail security encryption realization method

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
CP01 Change in the name or title of a patent holder
CP01 Change in the name or title of a patent holder

Address after: 100015 Beijing city Chaoyang District Dongzhimen West eight Street No. 2 room Wanhong Yan Dong Business Garden

Patentee after: BEIJING WATCHDATA Co.,Ltd.

Address before: 100015 Beijing city Chaoyang District Dongzhimen West eight Street No. 2 room Wanhong Yan Dong Business Garden

Patentee before: BEIJING WATCH DATA SYSTEM Co.,Ltd.

DD01 Delivery of document by public notice
DD01 Delivery of document by public notice

Addressee: Patent of Beijing grip Data Co.,Ltd. The person in charge

Document name: payment instructions

DD01 Delivery of document by public notice
DD01 Delivery of document by public notice

Addressee: Patent of Beijing grip Data Co.,Ltd. The person in charge

Document name: Patent termination notice