CN101742508A - System and method for transmitting files between WAPI terminal and application server - Google Patents
System and method for transmitting files between WAPI terminal and application server Download PDFInfo
- Publication number
- CN101742508A CN101742508A CN200910247064A CN200910247064A CN101742508A CN 101742508 A CN101742508 A CN 101742508A CN 200910247064 A CN200910247064 A CN 200910247064A CN 200910247064 A CN200910247064 A CN 200910247064A CN 101742508 A CN101742508 A CN 101742508A
- Authority
- CN
- China
- Prior art keywords
- terminal
- application server
- wapi
- digital signature
- key
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/10—Integrity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
- H04L63/123—Applying verification of the received information received data contents, e.g. message integrity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/03—Protecting confidentiality, e.g. by encryption
- H04W12/033—Protecting confidentiality, e.g. by encryption of the user plane, e.g. user's traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Storage Device Security (AREA)
- Mobile Radio Communication Systems (AREA)
- Computer And Data Communications (AREA)
- Information Transfer Between Computers (AREA)
Abstract
The invention provides a system and a method for transmitting files between a WAPI terminal and an application server. When file contents are transmitted between the WAPI terminal and the application server by adopting HTTP messages, a sending terminal encrypts the transmitted file contents by using a WPI algorithm and carries out digitally-signed transmission on the transmitted contents; a receiving terminal receives the HTTP messages containing the file contents, resolves the file contents and verifies digital signatures, and the transmitted file contents are not changed if the digital signatures pass the verification. By adopting the technical schemes, the invention fully utilizes a public key certification authority and a client-side WAPI certificate provided by WAPI base installations and effectively ensures the transmission security of the file contents.
Description
Technical field
The present invention relates to the WAPI technical field, be specifically related to the system and method for a kind of WAPI terminal and application server transfer files.
Background technology
In order to solve the security breaches of WEP (WiredEquivalent Privacy) the security mechanism existence that defines among the WLAN (wireless local area network) international standard ISO/IEC 8802-11, China has issued WLAN (wireless local area network) national standard and number one modification list thereof, adopt wireless local area network (WLAN) verification and confidentiality foundation structure WAPI (WLANAuthentication and Privacy Infrastructure) to substitute WEP, solve the safety problem of WLAN (wireless local area network).WAPI is made up of wireless local area network authentication infrastructure (WAI WLAN AuthenticationInfrastructure) and wireless local area network security foundation structure (WPI WLAN Privacy Infrastructure).WAI has adopted the public key encryption technology, and the mutual identity that is used between terminal and the access point is differentiated; WPI adopts the symmetric cryptographic algorithm that is used for WLAN of State Secret Code Regulatory Commission Office's approval to realize data protection, to the MSDU of media access control sublayer add, decryption processing.The foundation structure of introducing in the standard has comprised several functional entitys, and access point (AP access point) is meant that any one possesses the website function, and the entity of visit Distributed Services is provided for the website of association by wireless medium; Identification requester entity (ASUE authentication supplicant entity) is the entity that operation is differentiated in request before access service; Discriminator entity (AE authenticator entity) provided the entity of differentiating operation before access service for identification requester.This entity main flow is in access point or terminal; The basic function of asu (authentication service unit) (ASU authentication service unit) is to realize the management of user certificate and the discriminating of user identity etc., is based on important part in the WAI authentication infrastructure of public-key cipher technology; Differentiate that service entities (ASE authentication service entity) provides the entity of identity discriminating service for discriminator and identification requester.This entity resides in the asu (authentication service unit), and the node in the asu (authentication service unit) map network is the WAPI authentication server.User certificate is a public key certificate, and it is a link important in the WAI system construction.Public key certificate is the network user's a digital identity voucher, can determine the network user's identity uniquely by the private cipher key checking.
The network storage is a kind of common Internet service, and the uploading of Miscellaneous Documents content, download and search function are provided.Along with deployment and the enforcement of WAPI, increasing portable terminal supports WLAN (wireless local area network) to insert, and also will support increasing Internet service function simultaneously.The network storage has sizable use value for portable terminal.It is the multimedia messages platform of core that present portable terminal develops into gradually with personal communication's interchange, terminal strong multimedia information collection function certainly will need a reliable memory platform, the content of considering many equipment rooms is shared, the network storage very potential mobile Internet business beyond doubt.The network storage based on Web is applied under the internet environment, has the login mechanism of oneself usually, provides the user name password to distinguish identity as the need user.Portable terminal has been finished the identity discrimination process when access network; if can make full use of the ability of differentiating that inserts; simplified terminal use's operation on the one hand; on the other hand; the Public Key Infrastructure PKI that the reusable WAPI of application provider is relied on (Public Key Infrastructure); comprise the resources such as certificate on certificate authority system and the client, integrality, the Confidentiality protection function of memory contents can also be provided to the client.
Summary of the invention
The technical problem to be solved in the present invention provides the system and method for a kind of WAPI terminal and application server transfer files, has guaranteed the fail safe of transfer files content effectively.
In order to address the above problem, the invention provides the method for a kind of WAPI terminal and application server transfer files, comprising:
When adopting HTTP transmission of messages file content between WAPI terminal and the application server, transmitting terminal uses the WPI algorithm that the file content of transmission is encrypted, and the content of transmission transmitted after doing digital signature, receiving terminal parses described file content and verifies described digital signature after receiving the HTTP message of include file content, if the file content of digital signature authentication by then transmission is not modified.
Further, before the transfer files content, the header field value representation that described terminal will be asked when application server sends HTTP GET request is that a preset value represents that this terminal is the WAPI terminal, and described application server receives that described HTTP GET request back is if described header field value is that preset value judges that then described terminal is the WAPI terminal.
Further, application server receives that the HTTP GET request back that described terminal is sent increases a digital signature when described terminal is returned 200OK message, the mode of described digital signature is, use the WAI hashing algorithm to calculate the page that returns, and the private key of use application server WAPI certificate, utilize the elliptic curve of WAI, hash result of calculation is done computations generate signature;
Described terminal parses described digital signature after receiving 200OK message, obtain the PKI of the application server WAPI certificate that is pre-stored on the terminal and decipher this digital signature, and utilize the hash function of WAI that web page contents is carried out hash calculating, whether the comparison of hashed result calculated is consistent with the digital signature of deciphering afterwards, if the consistent then discriminating by application server, otherwise differentiate and do not pass through.
Further, when described terminal when application server is uploaded content, generate 128 random numbers earlier as the interim conversation key, SMS4 algorithm among the use WPI is done to encrypt to the upload file content and is obtained ciphertext, the PKI that then uses application server WAPI certificate carries out public key algorithm to the interim conversation key and encrypts key after obtaining encrypting, also the file content of uploading is done digital signature; Random number after ciphertext after the encryption, digital signature and the encryption and user WAPI certificates identified or WAPI certificate encapsulate together, and the content that encapsulates is sent to application server by HTTP POST;
After described application server is received described HTTP POST, isolate user's WAPI certificates identified or WAPI certificate, if the isolated WAPI of being certificates identified is then obtained the WAPI certificate, the private key of the WAPI certificate of use application server carries out the public key algorithm deciphering to the key after encrypting and obtains the interim conversation key, carry out the symmetric key algorithm deciphering and obtain text uploading ciphertext in the content, and the text that decrypts is carried out hash calculate hashed value, described application server also uses the PKI of terminal WAPI certificate that signature is carried out the public key algorithm deciphering and obtains another hashed value, whether above-mentioned 2 hashed values that relatively obtain afterwards are consistent, if unanimity is then passed through the checking of terminal, and the file content that receives is not modified.
Further, when described terminal when application server obtains content, when application server sends HTTP GET message, carry and will obtain the content corresponding uniform resource locator;
Described application server is received the document content of knowing terminal request after the HTTP GET message according to described URL(uniform resource locator), generate 128 random numbers afterwards as the interim conversation key, and use this interim conversation key that the document content of client-requested is SMS4 and encrypt, and document content done digital signature, the PKI that also uses terminal WAPI certificate carries out public key algorithm to the interim conversation key and encrypts key after obtaining encrypting, and all the elements return to terminal with the set form encapsulation or with the list form as 200OK message body;
After described terminal is received described 200OK message, the private key that utilizes terminal WAPI certificate carries out the public key algorithm deciphering to encrypted secret key and draws the interim conversation key, use this interim conversation key that ciphertext is carried out the symmetric key algorithm deciphering afterwards and obtain the document text, and the text that decrypts is carried out hash calculate hashed value, the PKI that also uses application server WAPI certificate carries out the public key algorithm deciphering to signature and obtains another hashed value, whether above-mentioned 2 hashed values that relatively obtain are consistent, if unanimity is then verified pass through, and the file content that receives is not modified.
Further, described terminal is carried out digital signature to described URL(uniform resource locator) when application server sends HTTP GET message, afterwards described digital signature and user certificate sign are sent to application server as the URL(uniform resource locator) parameter by HTTP GET message, described application server is isolated the user certificate sign after receiving HTTP GET message, and obtain user certificate, use the public-key cryptography in the certificate to decipher this digital signature afterwards, and utilize the hash function of WAI that web page contents is carried out hash calculating, whether the comparison of hashed result calculated is consistent with the digital signature of deciphering afterwards, if consistent then by the discriminating to terminal.
Further, described terminal is done digital signature to the file content of uploading and is meant, described file content is done hash calculate, and the value after using the private key of terminal WAPI certificate that hash is calculated is afterwards carried out public key algorithm and encrypted.
Further, described application server is done signature calculation to document content and is meant, described document content is done hash calculate, and the value after using the private key of application server WAPI certificate that hash is calculated is afterwards carried out public key algorithm and encrypted.
The present invention also provides the system of a kind of WAPI terminal and application server transfer files, comprises transmitting terminal and receiving terminal;
Described transmitting terminal is used to use the WPI algorithm that the file content of transmission is encrypted, and is sent to described receiving terminal by HTTP message after the content of transmission done digital signature;
Described receiving terminal parses described file content and verifies described digital signature after being used to receive described HTTP message, if the file content of digital signature authentication by then transmission is not modified.
Further, described transmitting terminal is WAPI terminal or application server, and receiving terminal is application server or WAPI terminal;
Described terminal comprises module, sending module is set;
The module that is provided with of described terminal is used for before the transfer files content, and the header field value representation that will ask when application server sends the HTTPGET request is that a preset value represents that this terminal is the WAPI terminal;
Described application server is used to receive that described HTTP GET request back is if described header field value is that preset value judges that then described terminal is the WAPI terminal.
Further, described application server comprises encrypting module and sending module;
The encrypting module of described application server is used to use the WAI hashing algorithm to calculate the page that returns, and uses the private key of application server WAPI certificate, utilizes the elliptic curve of WAI, hash result of calculation is done computations generate digital signature;
The sending module of described application server is used for carrying above-mentioned digital signature when terminal is returned 200OK message;
The deciphering module of described terminal parses described digital signature after receiving 200OK message, obtain the PKI of the application server WAPI certificate that is pre-stored on the terminal and decipher this digital signature, and utilize the hash function of WAI that web page contents is carried out hash calculating, whether the comparison of hashed result calculated is consistent with the digital signature of deciphering afterwards, if the consistent then discriminating by application server, otherwise differentiate and do not pass through.
Further, when described terminal described terminal when application server is uploaded content is a transmitting terminal, described application server is a receiving terminal;
Described terminal comprises encrypting module and sending module;
The encrypting module of described terminal, be used to generate 128 random numbers as the interim conversation key, and use SMS4 algorithm among the WPI that the file content of uploading is done to encrypt to obtain ciphertext, the PKI that uses application server WAPI certificate carries out public key algorithm to the interim conversation key and encrypts key after obtaining encrypting, also is used for the file content of uploading is done digital signature;
The sending module of described terminal is used for the random number after the ciphertext after encrypting, digital signature, the encryption and user WAPI certificates identified or WAPI certificate are encapsulated together, and the content of encapsulation is sent to application server by HTTP POST;
Described application server comprises receiver module and deciphering module;
The receiver module of described application server, be used to receive described HTTP POST after, isolate user's WAPI certificates identified or WAPI certificate, if the isolated WAPI of being certificates identified then obtains the WAPI certificate;
The deciphering module of described application server, be used to use the private key of the WAPI certificate of application server that the key after encrypting is carried out the public key algorithm deciphering and obtain the interim conversation key, and use this interim conversation key to carry out the symmetric key algorithm deciphering and obtain text to uploading ciphertext in the content, and the text that decrypts is carried out hash calculate hashed value, also be used to use the PKI of terminal WAPI certificate that signature is carried out the public key algorithm deciphering and obtain another hashed value, and whether above-mentioned 2 hashed values that relatively obtain are consistent, if unanimity is then passed through the checking of terminal, and the file content that receives is not modified.
Further, when described terminal described application server when application server obtains content is a transmitting terminal, described terminal is a receiving terminal;
Described terminal comprises sending module, receiver module and deciphering module;
The sending module of described terminal is used for carrying when application server sends HTTP GET message and will obtains the content corresponding uniform resource locator;
Described application server comprises receiver module, encrypting module and sending module;
The receiver module of described application server is used to receive the document content of knowing terminal request after the HTTP GET message according to described URL(uniform resource locator);
The encrypting module of described application server, be used to generate 128 random numbers as the interim conversation key, and use this interim conversation key that the document content of terminal request is SMS4 and encrypt the formation ciphertext, and document content done digital signature, the PKI that also is used to use terminal WAPI certificate carries out public key algorithm to the interim conversation key and encrypts key after obtaining encrypting;
The sending module of described application server is used for described ciphertext, signature and the interim conversation key after encrypting is sent to terminal as 200OK message body;
The receiver module of described terminal, the described 200OK message that is used for receiving is sent to deciphering module;
The deciphering module of described terminal, be used to use the private key of terminal WAPI certificate that encrypted secret key is carried out the public key algorithm deciphering and draw the interim conversation key, and this interim conversation key carries out symmetric key algorithm deciphering to ciphertext and obtains the document text, and the text that decrypts is carried out hash calculate hashed value, also be used to use the PKI of application server WAPI certificate that signature is carried out the public key algorithm deciphering and obtain another hashed value, and whether above-mentioned 2 hashed values that relatively obtain are consistent, if unanimity is then verified pass through, and the file content that receives is not modified.
Further, the encrypting module of described terminal also is used for when application server sends HTTP GET message described URL(uniform resource locator) being carried out digital signature;
The sending module of described terminal also is used for when application server sends HTTP GET message described digital signature and user certificate sign being sent to application server as the URL(uniform resource locator) parameter;
The deciphering module of described application server also is used for isolating the user certificate sign of HTTP GET message, and obtain user certificate, and the public-key cryptography in the use certificate is deciphered this digital signature, and utilize the hash function of WAI that URL(uniform resource locator) is carried out hash calculating, whether the comparison of hashed result calculated is consistent with the digital signature of deciphering afterwards, if consistent then by the discriminating to terminal.
Further, the encrypting module of described terminal is done digital signature to the file content of uploading and is meant, described file content is done hash calculate, and the value after using the private key of terminal WAPI certificate that hash is calculated is afterwards carried out public key algorithm and encrypted.
Further, the encrypting module of described application server is done signature calculation to document content and is meant, described document content is done hash calculate, and the value after using the private key of application server WAPI certificate that hash is calculated is afterwards carried out public key algorithm and encrypted.
Adopt technical scheme of the present invention, made full use of public key certificate issuing organization and client WAPI certificate that WAPI infrastructure provides.The WAPI terminal use relies on WAPI to differentiate that service realizes process of user login in the process that the logging in network storage is used, and login process need not the user and inputs the user name password.Client is when preserving content, by interim conversation key and the symmetric encipherment algorithm of consulting in the certificate discrimination process to obtain, encrypt memory contents, guarantee the content confidentiality, client is by the private cipher key of hash function and publicly-owned certificate, memory contents is done digital signature calculate, and by server side certifying signature and decryption content, guarantee that content is authentic and valid not to be modified.Client is when obtaining content, and by interim conversation key and the symmetric encipherment algorithm of consulting in the certificate discrimination process, content is obtained in deciphering.The method of introducing authentification of user among the present invention also can be applicable to other network applications based on web access.
Description of drawings
Fig. 1 network architecture;
Fig. 2 is a system configuration schematic diagram of the present invention;
Fig. 3 is the flow chart of terminal of the present invention when application server is uploaded content;
The flow chart that Fig. 4 is a terminal of the present invention when application server obtains content;
Fig. 5 is the processing procedure figure of terminal of the present invention when uploading content;
Fig. 6 is the processing procedure figure of application server of the present invention when issuing content;
Fig. 7 is the processing procedure figure after terminal of the present invention and application server receive file content;
Fig. 8 is the processing procedure figure that terminal application server of the present invention is differentiated.
Embodiment
The invention provides the system of a kind of WAPI terminal and application server transfer files, as shown in Figure 2, this system comprises transmitting terminal and receiving terminal;
Transmitting terminal is WAPI terminal or application server, and receiving terminal is application server or WAPI terminal;
Transmitting terminal is used to use the WPI algorithm that the file content of transmission is encrypted, and is sent to described receiving terminal by HTTP message after the content of transmission done digital signature;
Receiving terminal parses file content and certifying digital signature after being used to receive HTTP message, if the file content of digital signature authentication by then transmission is not modified.
Terminal comprises module, encrypting module, deciphering module, sending module and receiver module is set;
Application server comprises encrypting module, deciphering module, sending module and receiver module;
The module that is provided with of terminal is used for before the transfer files content, the header field value representation that to ask when application server sends HTTP GET request is that a preset value represents that this terminal is the WAPI terminal, and application server receives that HTTP GET request back is if this header field value is that preset value judges that then terminal is the WAPI terminal.
The encrypting module of application server is used to use the WAI hashing algorithm to calculate the page that returns, and uses the private key of application server WAPI certificate, utilizes the elliptic curve of WAI, hash result of calculation is done computations generate digital signature;
The sending module of application server is used for carrying above-mentioned digital signature when terminal is returned 200OK message;
The deciphering module of terminal parses digital signature after being used to receive 200OK message, the PKI that obtains in the application server WAPI certificate that is pre-stored on the terminal is deciphered this digital signature, and utilize the hash function of WAI that web page contents is carried out hash calculating, whether the comparison of hashed result calculated is consistent with the digital signature of deciphering afterwards, if the consistent then discriminating by application server, otherwise differentiate and do not pass through.
(1) when terminal terminal when application server is uploaded content be transmitting terminal, application server is a receiving terminal;
The encrypting module of terminal, be used to generate 128 random numbers as the interim conversation key, and use SMS4 algorithm among the WPI that the file content of uploading is done to encrypt to obtain ciphertext, the PKI that uses application server WAPI certificate carries out public key algorithm to the interim conversation key and encrypts key after obtaining encrypting, also is used for the file content of uploading is done digital signature;
The sending module of terminal is used for the random number after the ciphertext after encrypting, digital signature, the encryption and user WAPI certificates identified or WAPI certificate are encapsulated together, and the content of encapsulation is sent to application server by HTTPPOST;
The receiver module of application server, be used to receive HTTP POST after, isolate user's WAPI certificates identified or WAPI certificate, if the isolated WAPI of being certificates identified then obtains the WAPI certificate;
The deciphering module of application server, be used to use the private key of the WAPI certificate of application server that the key after encrypting is carried out the public key algorithm deciphering and obtain the interim conversation key, and use this interim conversation key to carry out the symmetric key algorithm deciphering and obtain text to uploading ciphertext in the content, and the text that decrypts is carried out hash calculate hashed value, also be used to use the PKI of terminal WAPI certificate that signature is carried out the public key algorithm deciphering and obtain another hashed value, and whether above-mentioned 2 hashed values that relatively obtain are consistent, if unanimity is then passed through the checking of terminal, and the file content that receives is not modified.
The encrypting module of terminal is done digital signature to the file content of uploading and is meant, file content is done hash calculate, and the value after using the private key of terminal WAPI certificate that hash is calculated is afterwards carried out public key algorithm and encrypted.
(2) when terminal application server when application server obtains content be transmitting terminal, terminal is a receiving terminal;
The sending module of terminal is used for carrying when application server sends HTTP GET message and will obtains the content corresponding uniform resource locator;
The receiver module of application server is used to receive the document content of knowing terminal request after the HTTP GET message according to URL(uniform resource locator);
The encrypting module of application server, be used to generate 128 random numbers as the interim conversation key, and use this interim conversation key that the document content of terminal request is SMS4 and encrypt the formation ciphertext, and document content done digital signature, the PKI that also is used to use terminal WAPI certificate carries out public key algorithm to the interim conversation key and encrypts key after obtaining encrypting;
The sending module of application server is used for ciphertext, signature and the interim conversation key after encrypting is sent to terminal as 200OK message body;
The receiver module of terminal, the 200OK message that is used for receiving is sent to deciphering module;
The deciphering module of terminal, be used to use the private key of terminal WAPI certificate that encrypted secret key is carried out the public key algorithm deciphering and draw the interim conversation key, and this interim conversation key carries out symmetric key algorithm deciphering to ciphertext and obtains the document text, and the text that decrypts is carried out hash calculate hashed value, also be used to use the PKI of application server WAPI certificate that signature is carried out the public key algorithm deciphering and obtain another hashed value, and whether above-mentioned 2 hashed values that relatively obtain are consistent, if unanimity is then verified pass through, and the file content that receives is not modified.
The encrypting module of terminal also is used for when application server sends HTTP GET message URL(uniform resource locator) being carried out digital signature;
The sending module of terminal also is used for when application server sends HTTP GET message digital signature and user certificate sign being sent to application server as the URL(uniform resource locator) parameter;
The deciphering module of application server also is used for isolating the user certificate sign of HTTP GET message, and obtain user certificate, and the public-key cryptography in the use certificate is deciphered this digital signature, and utilize the hash function of WAI that URL(uniform resource locator) is carried out hash calculating, whether the comparison of hashed result calculated is consistent with the digital signature of deciphering afterwards, if consistent then by the discriminating to terminal.
The encrypting module of application server is done signature calculation to document content and is meant, document content is done hash calculate, and the value after using the private key of application server WAPI certificate that hash is calculated is afterwards carried out public key algorithm and encrypted.
The present invention also provides the method for a kind of WAPI terminal and application server transfer files, when adopting HTTP transmission of messages file content between WAPI terminal and the application server, transmitting terminal uses the WPI algorithm that the file content of transmission is encrypted, and the content of transmission transmitted after doing digital signature, receiving terminal parses file content and certifying digital signature after receiving the HTTP message of include file content, if the file content of digital signature authentication by then transmission is not modified.
Embodiment one
Present embodiment is the method for terminal to application server upload file content, as shown in Figure 3, may further comprise the steps:
Step 301: the terminal browser sends HTTP GET request to application server, get access to the page that the network storage is used, terminal is set to preset value by certain the header field value in asking and represents that it is the WAPI terminal, as can being that User-Agent (user agent) is set to WAPI-Mobile-ClientV1.0;
The value of this header field can be that terminal is specified when setting up request, also can revise by the WAP/HTTP application gateway adjacent with the wireless local network segment.
Step 302: application server is received the HTTP GET request that terminal sends, and judges according to the value in certain header field wherein whether this request comes from the WAPI terminal; Judge when being WAPI-Mobile-Client V1.0 that this terminal is the WAPI terminal as value according to User-Agent;
Step 303: application server returns 200OK message to terminal, increases a hiding list in this message, and content comprises a digital signature that adopts the WAI public key algorithm to encrypt at least, and endorsement method is as follows:
(a) page that uses the WAI hashing algorithm to calculate to return, be the hypertext format character string.
(b) use the private key of application server WAPI certificate, utilize the elliptic curve of WAI, hash result of calculation is done computations, generate signature.
The signature that generates deposits in the hiding list in the page response and is handed down to the terminal browser.
Step 304: as shown in Figure 8, terminal is after receiving 200OK message, from hide list, parse digital signature, the PKI that obtains in the application server WAPI certificate that is pre-stored on the terminal is deciphered this digital signature, and utilize the hash function of WAI that web page contents is carried out hash calculating, whether the comparison of hashed result calculated is consistent with the digital signature of deciphering afterwards, if unanimity is then differentiated passes through, otherwise differentiates and do not pass through.
Terminal obtains the same prior art of method of application server WAPI certificate among the present invention.
Step 305:WAPI terminal browser presents the page after obtaining the application server web data and finishing the server identity discriminating.Terminal is submitted the file content that need upload to by browser.The submission process adopts HTTP POST method.
The WAPI terminal at first generates 128 random numbers as the interim conversation key, SMS4 algorithm (being the symmetric key algorithm among Fig. 5) is done to encrypt to the upload file content and is obtained ciphertext among the use WPI, the PKI that then uses application server WAPI certificate carries out public key algorithm to the interim conversation key and encrypts key after obtaining encrypting, then use the private key of terminal WAPI certificate to finish the digital signature of uploaded content, the process of digital signature is promptly earlier done hash to file content and is calculated, the value after using the encrypted private key hash of terminal WAPI certificate to calculate then; Random number after text after the encryption, digital signature and the encryption and user WAPI certificates identified or certificate encapsulate by a certain set form, for example:
<upload-content>
<body-sign>@e23233dsew.....</body-sign>
<encrypted-rand>we233dse..</encrypted-rand>
<encrypted-body>3EWRW@#4..</encrypted-body>
<cert-id>232341</cert-id>
</upload-content>
Terminal browser or the mode by list have been formed the content of POST and have been sent to application server.
Step 306: after application server is received this HTTP POST message, at first according to list or a certain set form, isolate user's WAPI certificates identified or WAPI certificate, if certificates identified, mutual by with public certification authority then, obtain user's public key certificate (acquisition process is a normal process, and the present invention no longer describes in detail).
Application server obtain generate by terminal and by the random number encryption value behind the application server public key encryption, the private key of the WAPI certificate of use application server carries out the public key algorithm deciphering to the key after encrypting and obtains 128 interim conversation keys, use these 128 interim conversation keys to carry out the symmetric key algorithm deciphering and obtain text afterwards to uploading ciphertext in the content, and the text that decrypts is carried out hash calculate hashed value, application server also uses the PKI of terminal WAPI certificate that signature is carried out the public key algorithm deciphering and obtains another hashed value, whether above-mentioned 2 hashed values that relatively obtain afterwards are consistent, if then verifying, unanimity passes through, illustrate that the file content of uploading is not modified, if inconsistent then checking is not passed through.
Embodiment two
To be terminal obtain the method for content from application server to present embodiment, as shown in Figure 4, may further comprise the steps:
Step 401: the terminal browser sends HTTP GET request to application server, get access to the page that the network storage is used, terminal is set to a preset value by certain header field value of asking and represents that it is the WAPI terminal, as can being that User-Agent (user agent) is set to WAPI-Mobile-ClientV1.0;
The value of this header field can be that terminal is specified when setting up request, also can revise by the WAP/HTTP application gateway adjacent with the wireless local network segment.
Step 402: application server is received the HTTP GET request that terminal sends, and judges according to certain header field value wherein whether this request comes from the WAPI terminal; Judge when being WAPI-Mobile-Client V1.0 that this terminal is the WAPI terminal as value according to User-Agent;
Step 403: application server returns 200OK message to terminal, increases a hiding list in this message, and content comprises a digital signature that adopts the WAI public key algorithm to encrypt at least, and endorsement method is as follows:
(a) page that uses the WAI hashing algorithm to calculate to return, be the hypertext format character string.
(b) use the private key of application server WAPI certificate, utilize the elliptic curve of WAI, hash result of calculation is done computations, generate signature.
The signature that generates deposits in the hiding list in the page response and is handed down to the terminal browser.
Step 404: as shown in Figure 8, terminal is after receiving 200OK message, from hide list, parse digital signature, the PKI that obtains the application server WAPI certificate that is pre-stored on the terminal carries out the public key algorithm deciphering to signature, and utilize the hash function of WAI that web page contents is carried out hash calculating, whether the comparison of hashed result calculated is consistent with the digital signature of deciphering afterwards, if unanimity is then differentiated passes through, otherwise differentiates and do not pass through.
Terminal obtains the same prior art of method of application server WAPI certificate among the present invention.
Step 405:WAPI terminal browser presents the page after obtaining the application server web data and finishing the server identity discriminating.
Step 406: terminal is specified the URL (Uniform ResourceLocator, URL(uniform resource locator)) that will obtain the content correspondence by the interface, and uses the GET method to obtain content.
When the terminal use selects to obtain file by the browser operation interface, will finish by the GET method, client plug-in is called the WAI function URL(uniform resource locator) (URL, Uniform ResourceLocator) is done signature calculation, and endorsement method is as follows:
(a) use the WAI hashing algorithm to calculate URL;
(b) use the private key of terminal WAPI certificate correspondence, utilize the elliptic curve of WAI, hash result of calculation is done computations, generate signature.
URL signature and user certificate sign are submitted to server by the mode of URL parameter, for example:
http://upload-doc-server.com/document/20091117203? Url-sign=deFQWER3d&certid=2343....
Digital signature to URL(uniform resource locator) does not comprise the URL argument section.
Step 407: application server is received HTTP GET message, isolate the user certificate sign in the URL parameter, obtain user certificate, use the public-key cryptography in the terminal WAPI certificate to decipher this digital signature afterwards, and utilize the hash function of WAI that web page contents is carried out hash calculating, whether the comparison of hashed result calculated is consistent with the digital signature of deciphering afterwards, if consistent then by discriminating to terminal, otherwise differentiate and do not pass through.
As shown in Figure 6, after application server is finished discriminating to terminal, generate 128 random numbers as the interim conversation key, and use this interim conversation key that the document content of client-requested is SMS4 and encrypt (be shown in Fig. 6 document is carried out symmetric key encryption), and the document text done digital signature, the process of digital signature is promptly earlier made hash to the document text and is calculated, and the value after using the private key of application server WAPI certificate that hash is calculated is afterwards carried out public key algorithm and encrypted; The PKI that application server also uses terminal WAPI certificate carries out public key algorithm to the interim conversation key and encrypts key after obtaining encrypting; At last, all the elements return to terminal with the set form encapsulation or with the list form as 200OK message body.
Step 408: as shown in Figure 7, after terminal is received 200OK message, the private key that utilizes terminal WAPI certificate carries out the public key algorithm deciphering to encrypted secret key and draws the interim conversation key, use this interim conversation key that ciphertext is carried out the symmetric key algorithm deciphering afterwards and obtain the document text, and the text that decrypts is carried out hash calculate hashed value, the PKI that also uses application server WAPI certificate carries out the public key algorithm deciphering to signature and obtains another hashed value, whether above-mentioned 2 hashed values that relatively obtain are consistent, if then verifying, unanimity passes through, and the file content that receives is not modified, if inconsistent then checking is not passed through.
Terminal and application server use identical public key algorithm to encrypt and decipher among the present invention.
The present invention is on the basis of not changing http protocol; by the list in HTTP message body or the hypertext; finish discrimination process based on the WAPI certificate; encryption and integrity protection with the transmission data; for application server, do not influence the normal flow that its WEB access request is handled, mentioned function can be finished by the what's new module; what's new only relates to the WAPI associated public key and symmetric cryptography calculates, and does not change the content of HTTP and HTML (Hypertext Markup Language).
Claims (16)
1. the method for WAPI terminal and application server transfer files comprises:
When adopting HTTP transmission of messages file content between WAPI terminal and the application server, transmitting terminal uses the WPI algorithm that the file content of transmission is encrypted, and the content of transmission transmitted after doing digital signature, receiving terminal parses described file content and verifies described digital signature after receiving the HTTP message of include file content, if the file content of digital signature authentication by then transmission is not modified.
2. the method for claim 1 is characterized in that:
Before the transfer files content, the header field value representation that described terminal will be asked when application server sends HTTP GET request is that a preset value represents that this terminal is the WAPI terminal, and described application server receives that described HTTP GET request back is if described header field value is that preset value judges that then described terminal is the WAPI terminal.
3. method as claimed in claim 2 is characterized in that:
Application server receives that the HTTP GET request back that described terminal is sent increases a digital signature when described terminal is returned 200OK message, the mode of described digital signature is, use the WAI hashing algorithm to calculate the page that returns, and the private key of use application server WAPI certificate, utilize the elliptic curve of WAI, hash result of calculation is done computations generate signature;
Described terminal parses described digital signature after receiving 200OK message, obtain the PKI of the application server WAPI certificate that is pre-stored on the terminal and decipher this digital signature, and utilize the hash function of WAI that web page contents is carried out hash calculating, whether the comparison of hashed result calculated is consistent with the digital signature of deciphering afterwards, if the consistent then discriminating by application server, otherwise differentiate and do not pass through.
4. the method for claim 1 is characterized in that:
When described terminal when application server is uploaded content, generate 128 random numbers earlier as the interim conversation key, SMS4 algorithm among the use WPI is done to encrypt to the upload file content and is obtained ciphertext, the PKI that then uses application server WAPI certificate carries out public key algorithm to the interim conversation key and encrypts key after obtaining encrypting, also the file content of uploading is done digital signature; Random number after ciphertext after the encryption, digital signature and the encryption and user WAPI certificates identified or WAPI certificate encapsulate together, and the content that encapsulates is sent to application server by HTTP POST;
After described application server is received described HTTP POST, isolate user's WAPI certificates identified or WAPI certificate, if the isolated WAPI of being certificates identified is then obtained the WAPI certificate, the private key of the WAPI certificate of use application server carries out the public key algorithm deciphering to the key after encrypting and obtains the interim conversation key, carry out the symmetric key algorithm deciphering and obtain text uploading ciphertext in the content, and the text that decrypts is carried out hash calculate hashed value, described application server also uses the PKI of terminal WAPI certificate that signature is carried out the public key algorithm deciphering and obtains another hashed value, whether above-mentioned 2 hashed values that relatively obtain afterwards are consistent, if unanimity is then passed through the checking of terminal, and the file content that receives is not modified.
5. the method for claim 1 is characterized in that:
When described terminal when application server obtains content, when application server sends HTTP GET message, carry and will obtain the content corresponding uniform resource locator;
Described application server is received the document content of knowing terminal request after the HTTP GET message according to described URL(uniform resource locator), generate 128 random numbers afterwards as the interim conversation key, and use this interim conversation key that the document content of client-requested is SMS4 and encrypt, and document content done digital signature, the PKI that also uses terminal WAPI certificate carries out public key algorithm to the interim conversation key and encrypts key after obtaining encrypting, and all the elements return to terminal with the set form encapsulation or with the list form as 200OK message body;
After described terminal is received described 200OK message, the private key that utilizes terminal WAPI certificate carries out the public key algorithm deciphering to encrypted secret key and draws the interim conversation key, use this interim conversation key that ciphertext is carried out the symmetric key algorithm deciphering afterwards and obtain the document text, and the text that decrypts is carried out hash calculate hashed value, the PKI that also uses application server WAPI certificate carries out the public key algorithm deciphering to signature and obtains another hashed value, whether above-mentioned 2 hashed values that relatively obtain are consistent, if unanimity is then verified pass through, and the file content that receives is not modified.
6. method as claimed in claim 5 is characterized in that:
Described terminal is carried out digital signature to described URL(uniform resource locator) when application server sends HTTP GET message, afterwards described digital signature and user certificate sign are sent to application server as the URL(uniform resource locator) parameter by HTTP GET message, described application server is isolated the user certificate sign after receiving HTTP GET message, and obtain user certificate, use the public-key cryptography in the certificate to decipher this digital signature afterwards, and utilize the hash function of WAI that web page contents is carried out hash calculating, whether the comparison of hashed result calculated is consistent with the digital signature of deciphering afterwards, if consistent then by the discriminating to terminal.
7. method as claimed in claim 5 is characterized in that:
Described terminal is done digital signature to the file content of uploading and is meant, described file content is done hash calculate, and the value after using the private key of terminal WAPI certificate that hash is calculated is afterwards carried out public key algorithm and encrypted.
8. method as claimed in claim 5 is characterized in that:
Described application server is done signature calculation to document content and is meant, described document content is done hash calculate, and the value after using the private key of application server WAPI certificate that hash is calculated is afterwards carried out public key algorithm and encrypted.
9. the system of WAPI terminal and application server transfer files comprises transmitting terminal and receiving terminal; It is characterized in that:
Described transmitting terminal is used to use the WPI algorithm that the file content of transmission is encrypted, and is sent to described receiving terminal by HTTP message after the content of transmission done digital signature;
Described receiving terminal parses described file content and verifies described digital signature after being used to receive described HTTP message, if the file content of digital signature authentication by then transmission is not modified.
10. system as claimed in claim 9 is characterized in that:
Described transmitting terminal is WAPI terminal or application server, and receiving terminal is application server or WAPI terminal;
Described terminal comprises module, sending module is set;
The module that is provided with of described terminal is used for before the transfer files content, and the header field value representation that will ask when application server sends the HTTPGET request is that a preset value represents that this terminal is the WAPI terminal;
Described application server is used to receive that described HTTP GET request back is if described header field value is that preset value judges that then described terminal is the WAPI terminal.
11. system as claimed in claim 10 is characterized in that:
Described application server comprises encrypting module and sending module;
The encrypting module of described application server is used to use the WAI hashing algorithm to calculate the page that returns, and uses the private key of application server WAPI certificate, utilizes the elliptic curve of WAI, hash result of calculation is done computations generate digital signature;
The sending module of described application server is used for carrying above-mentioned digital signature when terminal is returned 200OK message;
The deciphering module of described terminal parses described digital signature after receiving 200OK message, obtain the PKI of the application server WAPI certificate that is pre-stored on the terminal and decipher this digital signature, and utilize the hash function of WAI that web page contents is carried out hash calculating, whether the comparison of hashed result calculated is consistent with the digital signature of deciphering afterwards, if the consistent then discriminating by application server, otherwise differentiate and do not pass through.
12. system as claimed in claim 9 is characterized in that:
When described terminal described terminal when application server is uploaded content is a transmitting terminal, described application server is a receiving terminal;
Described terminal comprises encrypting module and sending module;
The encrypting module of described terminal, be used to generate 128 random numbers as the interim conversation key, and use SMS4 algorithm among the WPI that the file content of uploading is done to encrypt to obtain ciphertext, the PKI that uses application server WAPI certificate carries out public key algorithm to the interim conversation key and encrypts key after obtaining encrypting, also is used for the file content of uploading is done digital signature;
The sending module of described terminal is used for the random number after the ciphertext after encrypting, digital signature, the encryption and user WAPI certificates identified or WAPI certificate are encapsulated together, and the content of encapsulation is sent to application server by HTTP POST;
Described application server comprises receiver module and deciphering module;
The receiver module of described application server, be used to receive described HTTP POST after, isolate user's WAPI certificates identified or WAPI certificate, if the isolated WAPI of being certificates identified then obtains the WAPI certificate;
The deciphering module of described application server, be used to use the private key of the WAPI certificate of application server that the key after encrypting is carried out the public key algorithm deciphering and obtain the interim conversation key, and use this interim conversation key to carry out the symmetric key algorithm deciphering and obtain text to uploading ciphertext in the content, and the text that decrypts is carried out hash calculate hashed value, also be used to use the PKI of terminal WAPI certificate that signature is carried out the public key algorithm deciphering and obtain another hashed value, and whether above-mentioned 2 hashed values that relatively obtain are consistent, if unanimity is then passed through the checking of terminal, and the file content that receives is not modified.
13. system as claimed in claim 9 is characterized in that:
When described terminal described application server when application server obtains content is a transmitting terminal, described terminal is a receiving terminal;
Described terminal comprises sending module, receiver module and deciphering module;
The sending module of described terminal is used for carrying when application server sends HTTP GET message and will obtains the content corresponding uniform resource locator;
Described application server comprises receiver module, encrypting module and sending module;
The receiver module of described application server is used to receive the document content of knowing terminal request after the HTTP GET message according to described URL(uniform resource locator);
The encrypting module of described application server, be used to generate 128 random numbers as the interim conversation key, and use this interim conversation key that the document content of terminal request is SMS4 and encrypt the formation ciphertext, and document content done digital signature, the PKI that also is used to use terminal WAPI certificate carries out public key algorithm to the interim conversation key and encrypts key after obtaining encrypting;
The sending module of described application server is used for described ciphertext, signature and the interim conversation key after encrypting is sent to terminal as 200OK message body;
The receiver module of described terminal, the described 200OK message that is used for receiving is sent to deciphering module;
The deciphering module of described terminal, be used to use the private key of terminal WAPI certificate that encrypted secret key is carried out the public key algorithm deciphering and draw the interim conversation key, and this interim conversation key carries out symmetric key algorithm deciphering to ciphertext and obtains the document text, and the text that decrypts is carried out hash calculate hashed value, also be used to use the PKI of application server WAPI certificate that signature is carried out the public key algorithm deciphering and obtain another hashed value, and whether above-mentioned 2 hashed values that relatively obtain are consistent, if unanimity is then verified pass through, and the file content that receives is not modified.
14. system as claimed in claim 13 is characterized in that:
The encrypting module of described terminal also is used for when application server sends HTTP GET message described URL(uniform resource locator) being carried out digital signature;
The sending module of described terminal also is used for when application server sends HTTP GET message described digital signature and user certificate sign being sent to application server as the URL(uniform resource locator) parameter;
The deciphering module of described application server also is used for isolating the user certificate sign of HTTP GET message, and obtain user certificate, and the public-key cryptography in the use certificate is deciphered this digital signature, and utilize the hash function of WAI that URL(uniform resource locator) is carried out hash calculating, whether the comparison of hashed result calculated is consistent with the digital signature of deciphering afterwards, if consistent then by the discriminating to terminal.
15. system as claimed in claim 11 is characterized in that:
The encrypting module of described terminal is done digital signature to the file content of uploading and is meant, described file content is done hash calculate, and the value after using the private key of terminal WAPI certificate that hash is calculated is afterwards carried out public key algorithm and encrypted.
16. system as claimed in claim 12 is characterized in that:
The encrypting module of described application server is done signature calculation to document content and is meant, described document content is done hash calculate, and the value after using the private key of application server WAPI certificate that hash is calculated is afterwards carried out public key algorithm and encrypted.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200910247064A CN101742508A (en) | 2009-12-21 | 2009-12-21 | System and method for transmitting files between WAPI terminal and application server |
| PCT/CN2010/075406 WO2011076008A1 (en) | 2009-12-21 | 2010-07-22 | System and method for transmitting files between wapi teminal and application sever |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200910247064A CN101742508A (en) | 2009-12-21 | 2009-12-21 | System and method for transmitting files between WAPI terminal and application server |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN101742508A true CN101742508A (en) | 2010-06-16 |
Family
ID=42465224
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN200910247064A Pending CN101742508A (en) | 2009-12-21 | 2009-12-21 | System and method for transmitting files between WAPI terminal and application server |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN101742508A (en) |
| WO (1) | WO2011076008A1 (en) |
Cited By (22)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2011076008A1 (en) * | 2009-12-21 | 2011-06-30 | 中兴通讯股份有限公司 | System and method for transmitting files between wapi teminal and application sever |
| CN102868765A (en) * | 2012-10-09 | 2013-01-09 | 乐视网信息技术(北京)股份有限公司 | Method and system for uploading files |
| CN103220295A (en) * | 2013-04-26 | 2013-07-24 | 福建伊时代信息科技股份有限公司 | Document encryption and decryption method, device and system |
| CN103220159A (en) * | 2012-01-19 | 2013-07-24 | 北京千橡网景科技发展有限公司 | Method used for transferring information and device used for transferring information |
| CN103368901A (en) * | 2012-03-27 | 2013-10-23 | 复旦大学 | Cloud computing system based on large-scale discrete data |
| CN105227514A (en) * | 2014-05-27 | 2016-01-06 | 北大方正集团有限公司 | Based on document transmission processing method and the browser of browser |
| CN105825145A (en) * | 2016-03-16 | 2016-08-03 | 孙凤鸣 | Electronic evidence taking method, evidence taking server, evidence taking intelligent terminal and evidence taking system |
| CN105933124A (en) * | 2016-06-30 | 2016-09-07 | 武汉理工大学 | Digital signature and message hash value recovery method |
| CN106326394A (en) * | 2016-08-18 | 2017-01-11 | 乐视控股(北京)有限公司 | Method and device for obtaining file name |
| CN106790075A (en) * | 2016-12-21 | 2017-05-31 | 上海云熵网络科技有限公司 | For the Verification System and authentication method of UDP transmission |
| CN107920069A (en) * | 2017-11-15 | 2018-04-17 | 中国联合网络通信集团有限公司 | Application security processing method and processing device in ciphering terminal |
| CN108400979A (en) * | 2018-02-06 | 2018-08-14 | 武汉斗鱼网络科技有限公司 | Communication means and electronic equipment applied to client and server |
| CN108549701A (en) * | 2018-04-17 | 2018-09-18 | 上海海事大学 | Cloud environment encrypts outsourcing data semantic extended search method and system |
| CN109088889A (en) * | 2018-10-16 | 2018-12-25 | 深信服科技股份有限公司 | A kind of SSL encipher-decipher method, system and computer readable storage medium |
| CN109150516A (en) * | 2018-08-31 | 2019-01-04 | 密信技术(深圳)有限公司 | The signature and/or encryption method of browser file, device, browser and medium |
| CN109194631A (en) * | 2018-08-17 | 2019-01-11 | 郑州云海信息技术有限公司 | A kind of proof of identity method and relevant apparatus |
| CN109561124A (en) * | 2017-09-27 | 2019-04-02 | 深圳市创易联合科技有限公司 | A kind of method, system and the terminal device of file transmission |
| CN109672530A (en) * | 2019-01-08 | 2019-04-23 | 如般量子科技有限公司 | Anti- quantum calculation digital signature method and anti-quantum calculation digital signature system based on unsymmetrical key pond |
| CN109831311A (en) * | 2019-03-21 | 2019-05-31 | 深圳市网心科技有限公司 | A kind of server validation method, system, user terminal and readable storage medium storing program for executing |
| CN109889344A (en) * | 2019-01-31 | 2019-06-14 | 深圳中兴飞贷金融科技有限公司 | The transmission method and computer readable storage medium of terminal, data |
| CN110008727A (en) * | 2019-04-10 | 2019-07-12 | 鼎信信息科技有限责任公司 | Processing method, device, computer equipment and the storage medium of encrypted sensitive parameter |
| CN114499871A (en) * | 2021-12-23 | 2022-05-13 | 成都卫士通信息产业股份有限公司 | Signature encryption method, device and system and computer readable storage medium |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102542405A (en) * | 2011-12-14 | 2012-07-04 | 金峰顺泰知识产权有限公司 | Digital archive storage and identification method and system |
| CN114760129A (en) * | 2022-04-11 | 2022-07-15 | 平安国际智慧城市科技股份有限公司 | Data access method, device, equipment and storage medium |
Family Cites Families (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN100428753C (en) * | 2002-11-29 | 2008-10-22 | 英华达(上海)电子有限公司 | Method and system for implementing program updating by use of hypertext transmission protocol service |
| CN100369434C (en) * | 2006-07-31 | 2008-02-13 | 西安西电捷通无线网络通信有限公司 | Method for implementing virtual LAN based on WAPI system in WLAN |
| CN101466079A (en) * | 2009-01-12 | 2009-06-24 | 中兴通讯股份有限公司 | Method, system and WAPI terminal for transmitting e-mail |
| CN101742508A (en) * | 2009-12-21 | 2010-06-16 | 中兴通讯股份有限公司 | System and method for transmitting files between WAPI terminal and application server |
-
2009
- 2009-12-21 CN CN200910247064A patent/CN101742508A/en active Pending
-
2010
- 2010-07-22 WO PCT/CN2010/075406 patent/WO2011076008A1/en active Application Filing
Cited By (27)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2011076008A1 (en) * | 2009-12-21 | 2011-06-30 | 中兴通讯股份有限公司 | System and method for transmitting files between wapi teminal and application sever |
| CN103220159A (en) * | 2012-01-19 | 2013-07-24 | 北京千橡网景科技发展有限公司 | Method used for transferring information and device used for transferring information |
| CN103368901A (en) * | 2012-03-27 | 2013-10-23 | 复旦大学 | Cloud computing system based on large-scale discrete data |
| CN102868765A (en) * | 2012-10-09 | 2013-01-09 | 乐视网信息技术(北京)股份有限公司 | Method and system for uploading files |
| CN102868765B (en) * | 2012-10-09 | 2015-06-03 | 乐视网信息技术(北京)股份有限公司 | Method and system for uploading files |
| CN103220295A (en) * | 2013-04-26 | 2013-07-24 | 福建伊时代信息科技股份有限公司 | Document encryption and decryption method, device and system |
| CN105227514A (en) * | 2014-05-27 | 2016-01-06 | 北大方正集团有限公司 | Based on document transmission processing method and the browser of browser |
| CN105825145B (en) * | 2016-03-16 | 2018-08-31 | 孙凤鸣 | Electronic evidence-collecting method, evidence obtaining server, evidence obtaining intelligent terminal and evidence-obtaining system |
| CN105825145A (en) * | 2016-03-16 | 2016-08-03 | 孙凤鸣 | Electronic evidence taking method, evidence taking server, evidence taking intelligent terminal and evidence taking system |
| CN105933124A (en) * | 2016-06-30 | 2016-09-07 | 武汉理工大学 | Digital signature and message hash value recovery method |
| CN106326394A (en) * | 2016-08-18 | 2017-01-11 | 乐视控股(北京)有限公司 | Method and device for obtaining file name |
| CN106790075A (en) * | 2016-12-21 | 2017-05-31 | 上海云熵网络科技有限公司 | For the Verification System and authentication method of UDP transmission |
| CN109561124A (en) * | 2017-09-27 | 2019-04-02 | 深圳市创易联合科技有限公司 | A kind of method, system and the terminal device of file transmission |
| CN107920069A (en) * | 2017-11-15 | 2018-04-17 | 中国联合网络通信集团有限公司 | Application security processing method and processing device in ciphering terminal |
| CN108400979B (en) * | 2018-02-06 | 2021-07-30 | 武汉斗鱼网络科技有限公司 | Communication method applied to client and server and electronic equipment |
| CN108400979A (en) * | 2018-02-06 | 2018-08-14 | 武汉斗鱼网络科技有限公司 | Communication means and electronic equipment applied to client and server |
| CN108549701A (en) * | 2018-04-17 | 2018-09-18 | 上海海事大学 | Cloud environment encrypts outsourcing data semantic extended search method and system |
| CN109194631A (en) * | 2018-08-17 | 2019-01-11 | 郑州云海信息技术有限公司 | A kind of proof of identity method and relevant apparatus |
| CN109150516A (en) * | 2018-08-31 | 2019-01-04 | 密信技术(深圳)有限公司 | The signature and/or encryption method of browser file, device, browser and medium |
| CN109088889A (en) * | 2018-10-16 | 2018-12-25 | 深信服科技股份有限公司 | A kind of SSL encipher-decipher method, system and computer readable storage medium |
| CN109672530A (en) * | 2019-01-08 | 2019-04-23 | 如般量子科技有限公司 | Anti- quantum calculation digital signature method and anti-quantum calculation digital signature system based on unsymmetrical key pond |
| CN109889344A (en) * | 2019-01-31 | 2019-06-14 | 深圳中兴飞贷金融科技有限公司 | The transmission method and computer readable storage medium of terminal, data |
| CN109831311A (en) * | 2019-03-21 | 2019-05-31 | 深圳市网心科技有限公司 | A kind of server validation method, system, user terminal and readable storage medium storing program for executing |
| CN109831311B (en) * | 2019-03-21 | 2022-04-01 | 深圳市网心科技有限公司 | Server verification method, system, user terminal and readable storage medium |
| CN110008727A (en) * | 2019-04-10 | 2019-07-12 | 鼎信信息科技有限责任公司 | Processing method, device, computer equipment and the storage medium of encrypted sensitive parameter |
| CN114499871A (en) * | 2021-12-23 | 2022-05-13 | 成都卫士通信息产业股份有限公司 | Signature encryption method, device and system and computer readable storage medium |
| CN114499871B (en) * | 2021-12-23 | 2024-01-09 | 成都卫士通信息产业股份有限公司 | Signature encryption method, device and system and computer readable storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| WO2011076008A1 (en) | 2011-06-30 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101742508A (en) | System and method for transmitting files between WAPI terminal and application server | |
| CN100574184C (en) | Be used between computer system, setting up the method and apparatus of the safe context that is used for pass-along message | |
| US8327143B2 (en) | Techniques to provide access point authentication for wireless network | |
| KR101508360B1 (en) | Apparatus and method for transmitting data, and recording medium storing program for executing method of the same in computer | |
| CN101466079A (en) | Method, system and WAPI terminal for transmitting e-mail | |
| WO2001001644A1 (en) | Apparatus for securing user's information in a mobile communication system connected to the internet and method thereof | |
| KR101706117B1 (en) | Apparatus and method for other portable terminal authentication in portable terminal | |
| CN101512537A (en) | Method and system for secure processing of authentication key material in an Ad Hoc Wireless Network | |
| CN103415008A (en) | Encryption communication method and encryption communication system | |
| CN1977559B (en) | Method and system for protecting information exchanged during communication between users | |
| CN102100031A (en) | Apparatus and method for providing a security service in a user interface | |
| CN105828332A (en) | Method of improving wireless local area authentication mechanism | |
| CN102036236A (en) | Method and device for authenticating mobile terminal | |
| Nyamtiga et al. | Enhanced security model for mobile banking systems in Tanzania | |
| US7913096B2 (en) | Method and system for the cipher key controlled exploitation of data resources, related network and computer program products | |
| CN105025019A (en) | Data safety sharing method | |
| CN105656920A (en) | Method and system for encryption and decryption of mailing data based on expressage | |
| CN113079022B (en) | Secure transmission method and system based on SM2 key negotiation mechanism | |
| CN109218334B (en) | Data processing method, device, access control equipment, authentication server and system | |
| CN101483863B (en) | Instant message transmitting method, system and WAPI terminal | |
| CN102404329A (en) | Method for validating and encrypting interaction between user terminal and virtual community platform | |
| CN101483867B (en) | User identity verification method, related device and system in WAP service | |
| WO2015104567A1 (en) | Secure communication between a server and a client web browser | |
| CN101521571A (en) | Method for authenticating safety unit and server side of mobile hardware | |
| KR20150005789A (en) | Method for Authenticating by using Certificate |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20100616 |