CN101729565B - Safety access method for sensor, sensor and safety access system - Google Patents
Safety access method for sensor, sensor and safety access system Download PDFInfo
- Publication number
- CN101729565B CN101729565B CN 200910239617 CN200910239617A CN101729565B CN 101729565 B CN101729565 B CN 101729565B CN 200910239617 CN200910239617 CN 200910239617 CN 200910239617 A CN200910239617 A CN 200910239617A CN 101729565 B CN101729565 B CN 101729565B
- Authority
- CN
- China
- Prior art keywords
- signature
- transducer
- configuration file
- file
- business software
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Abstract
The embodiment of the invention discloses a safety access method for a sensor. The method comprises the following steps: when monitoring that service software calls service of the sensor, intercepting the service calling of the service software; acquiring a signature configuration file of the service software, wherein the signature configuration file comprises a program file and a signature ciphertext; calling a code signing certificate in the sensor to authenticate and sign the signature configuration file; and when the signature configuration file is authenticated and signed successfully, calling the service of the sensor through the service software. Correspondingly, the embodiment of the invention also provides a sensor, an application equipment terminal of the sensor and a safety access system. The implementation of the safety access method can realize the safety access management of sensor equipment, and avoids potential safety hazard caused by calling the sensor by various malicious software or a Trojan program.
Description
Technical field
The present invention relates to the application electric technology field, relate in particular to a kind of safety access method, transducer and security access system of transducer.
Background technology
Along with the development of radio-frequency technique, sensor technology and the popularization of product, increasing transducer gets into all trades and professions, comprises card reader, USB_Key etc., and the safety management of sensor device meanwhile faces increasing challenge.With the card reader is example, and common card reader only comprises functional module usually, does not consider the problem of safety management.And when card reader was installed on the application apparatus terminal, on the one hand equipment can be opened to miscellaneous service and use, and also might be used by various Malwares or trojan horse program simultaneously, the great potential safety hazard of bringing therefore for the use of transducer.
Summary of the invention
In view of this; The embodiment of the invention provides a kind of safety access method, transducer of transducer and has reached security access system; Through when business software calls transducer, business software being carried out effective software authentication, realize security access management to sensor device.
The embodiment of the invention provides a kind of safety access method of transducer, comprising:
When listening to business software when transducer is carried out calling service, tackle the calling service of said business software;
Obtain the signature configuration file of said business software, said signature configuration file comprises program file and signature ciphertext;
The code signature certificate that calls in the transducer is recognized label to said signature configuration file;
Test when signing successfully when said, then through the calling service of said business software said transducer.
Correspondingly the embodiment of the invention also provides a kind of transducer, and said transducer comprises:
Business unit is used for through being carried out Business Processing by the calling service of business software;
Code signature certificate storage element is used to store said code signature certificate.
Correspondingly the embodiment of the invention also provides a kind of application of sensor device end, and said application of sensor device end comprises:
Monitor interception unit, be used for tackling the calling service of said business software when listening to business software when transducer is carried out calling service;
Signature configuration file acquiring unit is used to obtain the signature configuration file of said business software, and said signature configuration file comprises program file and signature ciphertext;
Test the unit that signs a bill, the code signature certificate that is used for calling transducer is tested label to said signature configuration file;
Call through the unit, be used for signing a bill unit when signing successfully, then pass through the calling service of said business software said transducer to testing of said signature configuration file when said testing.
Correspondingly the embodiment of the invention also provides a kind of security access system, comprises transducer and application apparatus terminal thereof, wherein:
The calling service that said transducer is used for being employed the application software of device end carries out Business Processing, stores the code signature certificate;
Said application apparatus terminal is used to monitor the calling service of said application software to said transducer; Tackle said calling service; Obtain the signature configuration file of said business software, said signature configuration file comprises program file and signature ciphertext, and the code signature certificate that calls in the transducer is tested label to said signature configuration file; Test when signing successfully when said, then through the calling service of said business software said transducer.
The embodiment of the invention is through carrying out effective software authentication to said business software when business software calls transducer; Realized security access management, avoided because called transducer and the potential safety hazard brought by various Malwares or trojan horse program to sensor device.
Description of drawings
Fig. 1 is that the structure of a kind of security access system in the embodiment of the invention is formed sketch map;
Fig. 2 is that the structure of a kind of application of sensor device end in the embodiment of the invention is formed sketch map;
Fig. 3 is the schematic flow sheet of a kind of safety access method of transducer in the embodiment of the invention.
Embodiment
To combine the accompanying drawing in the embodiment of the invention below, the technical scheme in the embodiment of the invention is carried out clear, intactly description, obviously, described embodiment only is the present invention's part embodiment, rather than whole embodiment.Based on the embodiment among the present invention, those of ordinary skills are not making the every other embodiment that is obtained under the creative work prerequisite, all belong to the scope of the present invention's protection.
Fig. 1 is that the structure of a kind of security access system in the embodiment of the invention is formed sketch map, and my security access system as shown in the figure comprises transducer 10 and application apparatus terminal 20, wherein:
Said application apparatus terminal 20 is used to monitor the calling service of said application software to said transducer 10; Tackle said calling service; Obtain the signature configuration file of said business software, said signature configuration file comprises program file and signature ciphertext, and the code signature certificate that calls in the transducer 10 is tested label to said signature configuration file; Test when signing successfully when said, then through the calling service of said business software said transducer 10.Particularly; Said application of sensor device end can be the application apparatus that is connected through wired or wireless mode with transducer; Comprise PC, personal digital assistant (Personal Digital Assistant; PDA), mobile phone, point of sales terminal (Point of sale, POS) etc.
Fig. 2 is that the structure of a kind of application of sensor device end in the embodiment of the invention is formed sketch map.This application apparatus terminal as shown in the figure comprises: monitor interception unit 201, signature configuration file acquiring unit 202, test the unit 203 and calling through unit 204, wherein of signing a bill:
Signature configuration file acquiring unit 202 is used to obtain the signature configuration file of said business software, and said signature configuration file comprises program file and signature ciphertext.Specifically can for; When monitoring interception unit 201 and monitoring and intercept said business software to the calling of said transducer; Trigger signature configuration file acquiring unit 202 obtains said business software from the registration table at application apparatus terminal software information; Said software information comprises dbase, software numbering and the signature configuration file of software, and said signature configuration file comprises program file and signature ciphertext.Said software information is that business software writes registration table when on the application apparatus terminal, installing.
Test the code signature certificate that the unit 203 that signs a bill is used for calling transducer said signature configuration file is tested label.Particularly, the said unit 203 that signs a bill that tests can comprise:
Deciphering module is used to use said code signature certificate that said signature ciphertext is deciphered;
The Hash module is used for that said program file is carried out Hash operation and obtains the program digest file;
Comparing module is used for the said program digest file that decrypted result and Hash module arithmetic with said deciphering module obtain and compares, if the comparison unanimity is then tested signs successfully.
Call through unit 204 and be used for testing the testing when signing successfully of the 203 pairs of said business softwares of unit of signing a bill, then pass through the calling service of said business software said transducer when said.
Fig. 3 is the schematic flow sheet of a kind of safety access method of transducer in the embodiment of the invention, and this flow process as shown in the figure comprises:
Step S301 when listening to business software when transducer is carried out calling service, tackles the calling service of said business software.
Step S302 obtains the signature configuration file of said business software, and said signature configuration file comprises program file and signature ciphertext.Specifically can for; When monitoring and intercepting said business software to the calling of said transducer; The application apparatus terminal obtains the software information of said business software from registration table; Said software information comprises dbase, software numbering and the signature configuration file of software, and said signature configuration file comprises program file and signature ciphertext.Said software information is that business software writes registration table when on the application apparatus terminal, installing.
Step S303, the code signature certificate that calls in the transducer is tested label to said signature configuration file.To be said transducer dispatching from the factory or writing during initialization said code signature certificate.This concrete step can comprise:
Use said code signature certificate that said signature ciphertext is deciphered;
Said program file is carried out Hash operation obtain the program digest file;
With the result who uses said code signature certificate that the signature ciphertext is deciphered to obtain with said program file is carried out the program digest file that Hash operation obtains and compares, if the comparison unanimity is then tested sign successfully.If test and sign successfully then execution in step S304, as if authentification failure execution in step S305 then.
Step S304 tests when signing successfully when said, then through the calling service of said business software to said transducer.
Step S305 tests when signing failure when said, then refuses the calling service of said business software to said transducer.
The embodiment of the invention is through carrying out effective software authentication to said business software when business software calls transducer; Realized security access management, avoided because called transducer and the potential safety hazard brought by various Malwares or trojan horse program to sensor device.
Description through the foregoing description; One of ordinary skill in the art will appreciate that all or part of flow process that realizes the foregoing description; Be to instruct relevant hardware to accomplish through computer program; Described program can be stored in the computer-readable medium, this program when carrying out, can comprise as the embodiment of above-mentioned each side method flow process.Wherein, described storage medium can be magnetic disc, CD, read-only storage memory body (Read-Only Memory, ROM) or at random store memory body (Random Access Memory, RAM) etc.
Above disclosedly be merely preferred embodiment of the present invention, can not limit the present invention's interest field certainly with this, the equivalent variations of therefore doing according to claim of the present invention still belongs to the scope that invention is contained.
Claims (4)
1. the safety access method of a transducer is characterized in that, the safety access method of said transducer comprises:
When listening to business software when transducer is carried out calling service, tackle the calling service of said business software;
Obtain the signature configuration file of said business software, said signature configuration file comprises program file and signature ciphertext;
The code signature certificate that calls in the transducer is tested label to said signature configuration file;
Test when signing successfully when said, then through the calling service of said business software said transducer;
The said code signature certificate that calls in the transducer is tested to sign to said signature configuration file and is comprised:
Use said code signature certificate that said signature ciphertext is deciphered;
Said program file is carried out Hash operation obtain the program digest file;
With the result who uses said code signature certificate that said signature ciphertext is deciphered to obtain with said program file is carried out the program digest file that Hash operation obtains and compares, if the comparison unanimity is then tested sign successfully.
2. the safety access method of transducer as claimed in claim 1 is characterized in that, the safety access method of transducer also comprises:
When said business software is installed on the application apparatus terminal, the software information of said business software is write in the registration table at application apparatus terminal, said software information comprises dbase, software numbering and the signature configuration file of said business software.
3. an application of sensor device end is characterized in that, said application of sensor device end comprises:
Monitor interception unit, be used for tackling the calling service of said business software when listening to business software when transducer is carried out calling service;
Signature configuration file acquiring unit is used to obtain the signature configuration file of said business software, and said signature configuration file comprises program file and signature ciphertext;
Test the unit that signs a bill, the code signature certificate that is used for calling transducer is tested label to said signature configuration file;
Call through the unit, be used for signing a bill unit when signing successfully, then pass through the calling service of said business software said transducer to testing of said signature configuration file when said testing;
The said unit that signs a bill that tests comprises:
Deciphering module is used to use said code signature certificate that said signature ciphertext is deciphered;
The Hash module is used for that said program file is carried out Hash operation and obtains the program digest file;
Comparing module is used for the said program digest file that decrypted result and Hash module arithmetic with said deciphering module obtain and compares, if the comparison unanimity is then tested signs successfully.
4. a security access system comprises transducer and application apparatus terminal thereof, it is characterized in that:
The calling service that said transducer is used for being employed the business software of device end carries out Business Processing, stores the code signature certificate;
Said application apparatus terminal is used to monitor the calling service of said business software to said transducer; Tackle said calling service; Obtain the signature configuration file of said business software, said signature configuration file comprises program file and signature ciphertext, and the code signature certificate that calls in the transducer is tested label to said signature configuration file; Test when signing successfully when said, then through the calling service of said business software said transducer; The said code signature certificate that calls in the transducer is tested to sign to said signature configuration file and is comprised: use said code signature certificate that said signature ciphertext is deciphered; Said program file is carried out Hash operation obtain the program digest file; With the result who uses said code signature certificate that said signature ciphertext is deciphered to obtain with said program file is carried out the program digest file that Hash operation obtains and compares, if the comparison unanimity is then tested sign successfully.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 200910239617 CN101729565B (en) | 2009-12-31 | 2009-12-31 | Safety access method for sensor, sensor and safety access system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 200910239617 CN101729565B (en) | 2009-12-31 | 2009-12-31 | Safety access method for sensor, sensor and safety access system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101729565A CN101729565A (en) | 2010-06-09 |
| CN101729565B true CN101729565B (en) | 2012-10-10 |
Family
ID=42449763
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN 200910239617 Expired - Fee Related CN101729565B (en) | 2009-12-31 | 2009-12-31 | Safety access method for sensor, sensor and safety access system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101729565B (en) |
Families Citing this family (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103167498B (en) * | 2011-12-19 | 2015-11-11 | 卓望数码技术(深圳)有限公司 | A kind of ability control method and system |
| US9317721B2 (en) | 2012-10-31 | 2016-04-19 | Google Inc. | Privacy aware camera and device status indicator system |
| CN105530253B (en) * | 2015-12-17 | 2018-12-28 | 河南大学 | Wireless sensor network access authentication method under Restful framework based on CA certificate |
| CN109729064B (en) * | 2018-05-14 | 2021-04-20 | 网联清算有限公司 | Encryption machine fault processing method and information processing system |
| CN109981287B (en) * | 2019-03-14 | 2020-03-17 | 亚数信息科技(上海)有限公司 | Code signing method and storage medium thereof |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1743992A (en) * | 2005-09-29 | 2006-03-08 | 浪潮电子信息产业股份有限公司 | Computer operating system safety protecting method |
| CN101183456A (en) * | 2007-12-18 | 2008-05-21 | 中国工商银行股份有限公司 | Encryption device, system and method for encryption, identification using the encryption device |
-
2009
- 2009-12-31 CN CN 200910239617 patent/CN101729565B/en not_active Expired - Fee Related
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1743992A (en) * | 2005-09-29 | 2006-03-08 | 浪潮电子信息产业股份有限公司 | Computer operating system safety protecting method |
| CN101183456A (en) * | 2007-12-18 | 2008-05-21 | 中国工商银行股份有限公司 | Encryption device, system and method for encryption, identification using the encryption device |
Also Published As
| Publication number | Publication date |
|---|---|
| CN101729565A (en) | 2010-06-09 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101729565B (en) | Safety access method for sensor, sensor and safety access system | |
| US20170098104A1 (en) | Information processing device and portable settlement terminal device | |
| MY139673A (en) | Data communication system, agent system server, computer program, and data communication method | |
| CN102831529B (en) | A kind of commodity information identification method based on radio frequency and system | |
| US10409976B2 (en) | System and method for PIN entry on mobile devices | |
| CN109033885B (en) | Data response method, terminal equipment and server | |
| US20150278557A1 (en) | Settlement terminal device | |
| US20080024268A1 (en) | Component authentication for computer systems | |
| CN101778102B (en) | Safety authentication method of sensor, sensor and authentication system thereof | |
| CN104392502A (en) | Two-dimensional code attendance checking system based on intelligent cell phone and application method of two-dimensional code attendance checking system based on intelligent cell phone | |
| WO2007018987A3 (en) | System and method for selective encryption of input data during a retail transaction | |
| CN106550031A (en) | The method and device of data backup | |
| US20150324781A1 (en) | Portable settlement terminal device | |
| CN105184126A (en) | Password setting method, authentication method and terminal | |
| CN105809000A (en) | Information processing method and electronic device | |
| KR20100031641A (en) | Authentication information managing unit, authentication information managing program and method thereof, authentication unit, and authentication program and method thereof | |
| CN105590209A (en) | Electronic transaction monitoring method and system | |
| CN104616051A (en) | NFC electronic seal and painting and calligraphy anti-counterfeiting application system using the electronic seal | |
| JP2015171105A (en) | Settlement terminal | |
| CN112073414B (en) | Industrial Internet equipment secure access method, device, equipment and storage medium | |
| CN106203556A (en) | A kind of method and device of reading electronic labels information | |
| CN202422149U (en) | Signature discrimination apparatus with personal identification function | |
| CN104010306A (en) | Mobile device user identity authentication system and method | |
| CN201917912U (en) | Monitoring and management system of USB (Universal Serial Bus) storage device | |
| CN105871840A (en) | Certificate management method and system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| C17 | Cessation of patent right | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20121010 Termination date: 20121231 |