CN101777978B - Method and system based on wireless terminal for applying digital certificate and wireless terminal - Google Patents
Method and system based on wireless terminal for applying digital certificate and wireless terminal Download PDFInfo
- Publication number
- CN101777978B CN101777978B CN2008101819128A CN200810181912A CN101777978B CN 101777978 B CN101777978 B CN 101777978B CN 2008101819128 A CN2008101819128 A CN 2008101819128A CN 200810181912 A CN200810181912 A CN 200810181912A CN 101777978 B CN101777978 B CN 101777978B
- Authority
- CN
- China
- Prior art keywords
- wireless terminal
- key
- digital certificate
- certificate
- identification module
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Landscapes
- Mobile Radio Communication Systems (AREA)
Abstract
The embodiment of the invention provides a method and a system based on a wireless terminal for applying a digital certificate and a wireless terminal. The method comprises the following steps: generating a key pair, a private key of the key pair is stored in a user identity module of the wireless terminal; sending a public key of the key pair, a user identity module number, application certificate information of user information to a certificate server; receiving a digital certificate issued by the certificate server; and storing the digital certificate into a nonvolatile storage of the wireless terminal. The technical scheme of the embodiment of the invention adopts the method separately storing the private key and the digital certificate to store the private key into an SIM card and store the digital certificate into a FLASH. Since the digital certificate can prove the hard core of a user ID to be the private key, the mode of storage can improve the safety of the private key.
Description
Technical field
The present invention is about field of communication security, particularly a kind of applying digital certificate method, system and wireless terminal based on wireless terminal.
Background technology
Computer security relates to very many fields, but the most basic safety problem is exactly the control mode of access rights.Aspect authentication; The mode of main flow can be divided into three kinds at present: the one, simply combine to discern identity with username and password; This mode is more original, be characterized in simple and realize easily, but its fail safe is lower; The system that this kind mode makes up is broken through by the hacker in network easily, in relating to the high slightly system of safe level, does not adopt basically.The 2nd, utilize biological identification technology to discern user identity, this kind mode realizes that cost is higher, the hardware performance computing capability of system etc. is all required than higher, and the risk of identification error is arranged.The 3rd, be the basis of authentication with the digital certificate; Auxiliary again with PKIX (Public Key Infrastructure; Be called for short PKI) and (the Certification Authority of certification authority; Abbreviation CA) system that carries out identification, this mode needs a third party CA trusty.Adopt digital certificate to carry out authentication following mode arranged:
All be stored in digital certificate and private key in the USB key (USB Key); Special purpose interface is adopted in visit to private key; Private key adopts USB Key PIN (personal identification number is called for short the Pin sign indicating number) to protect, and private key for user can not go out USB Key.But the mode of USB Key is only applicable to fixed network, when fixed network is non-existent, can be inconvenient to use owing to network problem.
Summary of the invention
In order to address the deficiencies of the prior art; The purpose of the embodiment of the invention provides a kind of applying digital certificate method, system and wireless terminal based on wireless terminal; Make digital certificate also can apply for easily through wireless network; So that follow-up safety certification, and can effectively improve the level of security of authentication.
For realizing above goal of the invention, one embodiment of the invention provides a kind of authentication method based on wireless terminal, and said method comprises: it is right to produce key, and the private key of said key pair is stored in the subscriber identification module of said wireless terminal; The application certificate information that will comprise PKI, subscriber identification module number and the user profile of said key pair sends to certificate server; Receive the digital certificate that certificate server issues, with said digital certificate store in the nonvolatile memory of said wireless terminal.
For realizing above goal of the invention, further embodiment of this invention provides a kind of wireless terminal, and said wireless terminal comprises: the key generation unit, and it is right to be used to produce key; Subscriber identification module links to each other with said key generation unit, is used to store the right private key of said key; The digital certificate acquiring unit; Link to each other with said subscriber identification module with said key generation unit; The application certificate information that is used for comprising PKI, subscriber identification module number and the user profile of said key pair sends to certificate server, and receives the digital certificate that certificate server issues; Non-volatile memory cells links to each other with said digital certificate acquiring unit, is used to store said digital certificate.
For realizing above goal of the invention; Further embodiment of this invention provides a kind of applying digital certificate system based on wireless terminal; Said system comprises: wireless terminal and certificate server; Said wireless terminal, it is right to be used to produce key, and the private key of said key pair is stored in the subscriber identification module of said wireless terminal; The application certificate information that will comprise PKI, subscriber identification module number and the user profile of said key pair sends to certificate server; And receive the digital certificate that certificate server issues, with said digital certificate store in the nonvolatile memory of said wireless terminal; Said certificate server is used to receive the said application certificate information that said wireless terminal sends, and generates the digital certificate of said wireless terminal according to said application certificate information, and said digital certificate is handed down to said wireless terminal.
The technical scheme of the embodiment of the invention adopts the method with private key and digital certificate separate storage, private key is stored in the subscriber identification module of wireless terminal and with digital certificate store in FLASH.Because it is can prove that the core of user identity is a private key in the digital certificate, this storage mode can improve the fail safe of private key, better than all leaving digital certificate and private key among the Flash fail safe.Simultaneously, digital certificate is deposited in the subscriber identification module of FLASH rather than wireless terminal, saved the memory space of subscriber identification module, improve the time efficiency of space efficiency with the visit digital certificate of subscriber identification module.
Description of drawings
Fig. 1 is the system schematic of the embodiment of the invention;
Fig. 2 is a kind of system group network sketch map of the embodiment of the invention;
Fig. 3 is the sketch map of a kind of wireless terminal of the embodiment of the invention;
Fig. 4 is the sketch map of the another kind of wireless terminal of the embodiment of the invention;
Fig. 5 is the storage node composition of embodiment of the invention wireless terminal;
Fig. 6 is the file structure sketch map of embodiment of the invention SIM;
Fig. 7 is the flow chart of the embodiment of the invention based on the authentication method of wireless terminal;
Fig. 8 is the flow chart of embodiment of the invention wireless terminal applying digital certificate;
Fig. 9 carries out the flow chart of digital signature for embodiment of the invention wireless terminal;
Figure 10 carries out the flow chart of signature verification for embodiment of the invention wireless terminal.
Embodiment
Be elaborated below in conjunction with the accompanying drawing specific embodiments of the invention.
As shown in Figure 1, this system comprises: wireless terminal 10 and certificate server 20.Said wireless terminal 10, it is right to be used to produce key, and the private key of said key pair is stored in the subscriber identification module of said wireless terminal; The application certificate information that will comprise PKI, subscriber identification module number and the user profile of said key pair sends to certificate server; And receive the digital certificate that certificate server issues, with said digital certificate store in the nonvolatile memory of said wireless terminal.Said certificate server 20 is used to receive the said application certificate information that said wireless terminal sends, and generates the digital certificate of said wireless terminal according to said application certificate information, and said digital certificate is handed down to said wireless terminal.
The wireless terminal 10 of this system during digital certificate, adopts the method with private key and digital certificate separate storage in application, with private key be stored in SIM and with digital certificate store in nonvolatile memory (like FLASH).Because can prove that the core of user identity is a private key in the digital certificate, this storage mode can improve the fail safe of private key.
As shown in Figure 2, present embodiment adopts the networking model of client and server, and client is a wireless terminal, and server is the digital certificate authentication server, and user end to server sends the digital certificate request to obtain digital certificate.
In this actual system schematic, (USB-Modem), the hardware carrier of private key is SIM or UIM card, adopts the Pin sign indicating number to the private key control that conducts interviews for the USB Modem of band SIM in the wireless access terminal.Digital certificate is handed down to USB-Modem through wireless OTA (Over The Air eats dishes without rice or wine) and is saved among the Flash of USB-Modem.Certificate server adopts general PC field scheme.This certificate server can be subdivided into again: registration body's (Registration Authority is called for short RA), the subscriber authentication flow process when mainly accomplishing applying digital certificate; Certification authority's (Certification Authority is called for short CA) is if the RA checking is passed through then generated digital certificate by CA; Distribution platform is used to issue this digital certificate; Light Directory Access Protocol server (Lightweight Directory Access Protocal is called for short LDAP) is stored the digital certificate of the wireless terminal of being registered, and the inquiry service of digital certificate is provided.
In addition, corresponding to concrete operation flow, this system also comprises application server (like the transfer service device of bank) and database.In order to accomplish concrete operation flow, this wireless terminal also is connected with computer, accomplishes concrete operation flow by computer, and it is that the transfer of data of computer provides safety guarantee that wireless terminal then adopts digital certificate.
Fig. 3 is the sketch map of a kind of wireless terminal of the embodiment of the invention.As shown in the figure, wireless terminal 10 comprises: key generation unit 101, and it is right to be used to produce key; Subscriber identification module 102 links to each other with said key generation unit, is used to store the right private key of said key; Digital certificate acquiring unit 103; Link to each other with said subscriber identification module with said key generation unit; The application certificate information that is used for comprising PKI, subscriber identification module number and the user profile of said key pair sends to certificate server, and receives the digital certificate that certificate server issues; Non-volatile memory cells 104 links to each other with said digital certificate acquiring unit, is used to store said digital certificate.
Further, this wireless terminal 10 also can comprise: digital signature unit 105 is used for adopting the private key of the said subscriber identification module of cryptographic acess, and adopts said private key that the data of said wireless terminal transmission are carried out digital signature; Digital signature authentication unit 106 is used to receive the signed data that data receiver is sent, and obtains the digital certificate of said data receiver from said certificate server, according to the digital certificate of said data receiver said signed data is verified.
Wireless terminal shown in Figure 3 is stored in SIM with private key, and digital certificate store in non-volatile memory cells, has been improved the fail safe of private key.And this wireless terminal can also adopt the private key in the SIM to carry out digital signature and the data that receive are carried out the checking of digital signature.The fail safe of private key improves the safe transmission that also can guarantee follow-up signed data.The terminal can be participated in the e-commerce initiative of safety through wireless network, such as online transaction, signs the online business contract, Web bank's payment, online secorities trading etc.
Fig. 4 is the sketch map of the another kind of wireless terminal of the embodiment of the invention.Said digital certificate acquiring unit 103 also comprises: transmitting element 1031 is used for the application certificate information of the PKI that comprises said key pair, subscriber identification module number and user profile is sent to certificate server; Receiving element 1032 is used to receive the digital certificate that issues.Further, said wireless terminal 10 also comprises: ciphering unit 107 is used for that said application certificate information is carried out Hash and encrypts and to obtain summary info, and with said private key said summary info encrypted and to be obtained ciphertext; Said transmitting element 1031 also is used for said ciphertext and said PKI are sent to said certificate server.
Wireless terminal shown in Figure 4 is when the application digital certificate; To apply for that certificate information carries out that Hash is encrypted and encrypted private key after obtain ciphertext; And will apply for that certificate information, PKI and this ciphertext send to certificate server; This method make certificate server can through PKI decipher this ciphertext come to the application certificate information verify, be a kind of verification mode of reliable wireless terminal identity.
Fig. 5 is the storage node composition of embodiment of the invention wireless terminal.The wireless terminal internal storage mainly is made up of Flash, wherein marks a subregion specially and is used for storing digital certificate, about the about 2k of CA digital certificate size of a standard.The digital certificate of present embodiment is a file that comprises public-key cryptography owner information and public-key cryptography through certificate authorization center digital signature, and simple numerical certificate comprises the digital signature at everyone title of a public-key cryptography, certificate and certificate granting center.The effective time that also comprises key in the digital certificate of present embodiment, the title of licence issuing authority (certificate granting center), information such as the sequence number of this certificate, the form of certificate is followed X.509 international standard of ITUT.Private key is stored in the SIM inside of wireless terminal, and general SIM inner space is generally 8k at present, 32k, and 64k, 128k etc., the size of private key is generally 128Byte or 256Byte, and the storage private key is enough fully.
Fig. 6 is the file structure figure of embodiment of the invention SIM.The data of SIM storage comprise: note, phone directory, protocol data, operator's data, STK routine data and code data etc., these data all are according to the protocol specification definition of standard.The embodiment of the invention is stored private key as key file.According to the SIM standard agreement; Can utilize the smart card standard interface to master file (Master File is called for short MF), special file (Dedicated File at the inner memory interface of realizing of SIM/UIM card; Be called for short DF) make rational planning for basic document (Elementary File, abbreviation EF) etc.The DF file can comprise the file corresponding to dissimilar communication networks such as DF_TELECOM, DF_GSM, DF_CDMA again.
Utilize the SIM interface command, can conveniently realize to the EF key file the location, increase newly, read, operation such as renewal.End product software can be supported these interfaces; When will carrying out digital signature or encryption and decryption, computer sends data to terminal equipment; Terminal equipment reading SIM card private key machines the back and returns computer to the result after processing; The private key content does not go out wireless terminal, so its fail safe is identical with USB Key.
Fig. 7 is the flow chart of the embodiment of the invention based on the authentication method of wireless terminal.It is as shown in the figure,
It is right that step S701, the wireless terminal of the embodiment of the invention at first utilize AES to produce key, is saved in private key in the SIM;
Step S702 will comprise that the application certificate information of PKI, subscriber identification module number and the user profile of said key pair sends to certificate server;
Step S703, wireless terminal eats dishes without rice or wine to receive digital certificate through OTA, and is stored in FLASH, and private key is stored in SIM like this, and digital certificate is to be stored in a certain predetermined partition of FLASH;
Step S704 when wireless terminal need carry out digital signature to the data of sending, through private key in the cryptographic acess SIM, adopts said private key that the data that will send are carried out digital signature earlier.As, can adopt SIM self to provide the PIN code protection mechanism to conduct interviews, when the cryptographic challenge number of times surpasses limited number of times (as 3 times), SIM is automatically locked.Prevent that this wireless terminal from being utilized dictionary attack to break through by the people and illegally utilize identity information;
Step S705 when wireless terminal receives the signed data that data transmission method for uplink send, obtains the digital certificate that data are sent from the certificate server end;
Step S706 verifies the signed data of receiving according to this digital certificate.
Fig. 8 is the flow chart of embodiment of the invention wireless terminal applying digital certificate, and the concrete AES that this flow process adopted only is used to explain this programme, rather than the user limits the protection range of claim.As shown in the figure:
Step S801, the wireless terminal application digital certificate activation of opening an account;
Step S802; It is right to utilize RSA cryptographic algorithms to produce key; Be stored in private key Ks in the SIM; Simultaneously " the International Mobile Equipment Identity sign indicating number of PKI Kg, SIM (International Mobile Equipment Identity is called for short IMEI)/emergency service number (Emergency Service Number is called for short ESN), userspersonal information " formed applying digital certificate information;
Step S803, wireless terminal carry out computing to the applying digital certificate information that forms with Secure Hash Algorithm (SecureHash Algorithem is called for short SHA1) and obtain summary info D1, D1 are encrypted the ciphertext D2 that obtains D1 with private key Ks;
Step S804 sends to RA with applying digital certificate information, D2 and Kg through OTA;
Step S805, RA adopt PKI Kg deciphering D2 to obtain D11, and RA adopts SHA1 to carry out computing to applying digital certificate information and obtains D12;
Step S806 judges whether D12 equals D11;
If step S807 is unequal then send authentication failed information through OTA to wireless terminal, the failure of expression applying digital certificate;
Step S808 will verify that the result submits to CA if D12 is identical with D11, generate digital certificate by CA;
Step S809, the digital certificate that CA will comprise PKI sends to wireless terminal through OTA, issues certificate information simultaneously to LDAP;
Step S810, this digital certificate of FLASH storage of wireless terminal;
Step S811, the applying digital certificate flow process finishes.
Fig. 9 carries out the flow process of digital signature for embodiment of the invention wireless terminal.As shown in the figure:
Step S901, wireless terminal connects PC;
PC can get online without being tethered to a cable through connecting wireless terminal; Simultaneously; This wireless terminal can be participated in the e-commerce initiative of safety through wireless network owing to applied for digital certificate, such as online transaction, signing online business contract, Web bank's payment and online secorities trading etc.It is exactly that Pin code check through SIM utilizes in the SIM private key to sign that PC or notebook utilize wireless terminal to carry out digital signature, and wireless network is to the SIM proof of identity simultaneously.
Step S902, the private key in the wireless terminal visit SIM because SIM has the PIN code protection mechanism, needs input PINN sign indicating number to obtain private key information;
Step S903 judges whether the checking of PINN sign indicating number is successful;
Step S904 if the checking of pin sign indicating number is unsuccessful in the number of times of setting, then pins SIM, to prevent the malice visit;
Step S905, if visit successfully, then wireless terminal obtains the access rights of private key in the SIM;
Step S906, PC call the encrypted signature interface of wireless terminal, and the PC text is carried out sending after Hash operation and the private key signature, accomplish in wireless terminal inside owing to encrypt all, and PC can't directly have access to private key;
Step S907, signature is accomplished.
Figure 10 carries out a kind of detailed process of signature verification for embodiment of the invention wireless terminal.One side of wireless terminal sends the document of digital signature, and the opposing party receives the document through wireless terminal, carries out the checking of digital signature.The idiographic flow of signature verification is:
Step S1001, wireless terminal connects PC, and the data that receive from PC are carried out signature verification;
Step S1002, wireless terminal is through the network recipient side's of sending information and signed data;
Step S1003, the digital certificate of wireless terminal access registrar whois lookup transmit leg.Adopt the PKI of digital certificate that signed data is verified;
Step S1004 judges whether checking is successful;
If step S1005 is authentication failed then point out signature failure;
Step S1006 if verify successfully then prompting is signed successfully, can confirm identity.Owing to adopt digital certificate signed data is verified be conventionally known to one of skill in the art, be not described in detail here.
The wireless terminal of the embodiment of the invention such as data card etc. carry out ecommerce through the system of wireless spider lines CA digital certificate, have improved level of security.And the digital certificate of wireless terminal separates storage with private key, and private key (being generally 128Byte/256Byte) is stored in SIM, and has the PIN of SIM to protect, and digital certificate store is in FLASH.Private key is stored in the fail safe that SIM can improve network, digital certificate is deposited in FLASH, saved the SIM memory space, can improve the time efficiency of space efficiency with the visit digital certificate of SIM.
The wireless terminal of this programme can be wireless data card, Wireless USB-Modem, wireless communication terminal etc.; Wireless terminal can be used as the safe key that lands of PC; Can adopt USB interface, (the Personal Computer Memory Card International Association of PC RAM card international association with the connected mode of PC; Being called for short PCMCIA) interface or Express interface (the new standard interface of pcmcia card) they also can be the hardware interfaces of IEEE 1394 simultaneously.The network formats of wireless access can be the EDGE of wireless access, WCDMA, TD-SCDMA, HSDPA, WiMAX etc.
Two authentication systems of wireless terminal access authentication authentication and CA authentication are adopted in the authentication of embodiment of the invention wireless terminal, have improved the rank of safety certification.Simultaneously because can access of radio network, system uses more convenient.And the wireless terminal of the embodiment of the invention can also provide the digital certificate signature interface function and the digital signature interface of standard, makes the digital certificate business under cable network and wireless network environment, can normally use.
Above-described embodiment; The object of the invention, technical scheme and beneficial effect have been carried out further explain, and institute it should be understood that the above is merely embodiment of the present invention; And be not used in qualification protection scope of the present invention; All within spirit of the present invention and principle, any modification of being made, be equal to replacement, improvement etc., all should be included within protection scope of the present invention.
Claims (10)
1. applying digital certificate method based on wireless terminal is characterized in that said method comprises:
It is right that wireless terminal produces key, and the private key of said key pair is stored in the subscriber identification module of said wireless terminal;
Said wireless terminal will comprise that the application certificate information of PKI, subscriber identification module number and the user profile of said key pair sends to certificate server;
Said wireless terminal receives the digital certificate that certificate server issues, with said digital certificate store in the nonvolatile memory of said wireless terminal.
2. method according to claim 1 is characterized in that, said method also comprises:
Said wireless terminal carries out the Hash encryption to said application certificate information and obtains summary info;
Said wireless terminal is encrypted said summary info with said private key and is obtained ciphertext;
Said wireless terminal sends to said certificate server with said ciphertext and said PKI.
3. method according to claim 1 is characterized in that, wireless terminal is stored in the private key of said key pair in the subscriber identification module of said wireless terminal, comprising:
Said wireless terminal increases key file in the basic document of said subscriber identification module;
Said wireless terminal is stored in said private key in the said key file.
4. method according to claim 2 is characterized in that said certificate server comprises registration body and certification authority,
Said ciphertext, is obtained summary info and compares with by said registration body said application certificate information being encrypted through Hash after the deciphering of said PKI by said registration body;
If it is identical to obtain summary info after the encryption of ciphertext and Hash after the deciphering, then notify said certification authority by said registration body, by said certification authority said digital certificate is sent to said wireless terminal.
5. a wireless terminal is characterized in that, said wireless terminal comprises:
The key generation unit, it is right to be used to produce key;
Subscriber identification module links to each other with said key generation unit, is used to store the right private key of said key;
The digital certificate acquiring unit; Link to each other with said subscriber identification module with said key generation unit; The application certificate information that is used for comprising PKI, subscriber identification module number and the user profile of said key pair sends to certificate server, and receives the digital certificate that certificate server issues;
Non-volatile memory cells links to each other with said digital certificate acquiring unit, is used to store said digital certificate.
6. wireless terminal according to claim 5 is characterized in that, said digital certificate acquiring unit comprises:
Transmitting element is used for the application certificate information of the PKI that comprises said key pair, subscriber identification module number and user profile is sent to certificate server;
Receiving element is used to receive the digital certificate that issues.
7. wireless terminal according to claim 6 is characterized in that, said wireless terminal also comprises:
Ciphering unit is used for that said application certificate information is carried out Hash and encrypts and to obtain summary info, and with said private key said summary info is encrypted and to be obtained ciphertext;
Said transmitting element also is used for said ciphertext and said PKI are sent to said certificate server.
8. wireless terminal according to claim 5 is characterized in that, comprises key file in the basic document of said subscriber identification module, and said key file is used to store said private key.
9. applying digital certificate system based on wireless terminal is characterized in that said system comprises: wireless terminal and certificate server,
Said wireless terminal comprises: the key generation unit, and it is right to be used to produce key; Subscriber identification module links to each other with said key generation unit, is used to store the right private key of said key; The digital certificate acquiring unit; Link to each other with said subscriber identification module with said key generation unit; The application certificate information that is used for comprising PKI, subscriber identification module number and the user profile of said key pair sends to certificate server, and receives the digital certificate that certificate server issues; Non-volatile memory cells links to each other with said digital certificate acquiring unit, is used to store said digital certificate;
Said certificate server is used to receive the said application certificate information that said wireless terminal sends, and generates the digital certificate of said wireless terminal according to said application certificate information, and said digital certificate is handed down to said wireless terminal.
10. applying digital certificate according to claim 9 system is characterized in that comprise key file in the basic document of said subscriber identification module, said key file is used to store said private key.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2008101819128A CN101777978B (en) | 2008-11-24 | 2008-11-24 | Method and system based on wireless terminal for applying digital certificate and wireless terminal |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2008101819128A CN101777978B (en) | 2008-11-24 | 2008-11-24 | Method and system based on wireless terminal for applying digital certificate and wireless terminal |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101777978A CN101777978A (en) | 2010-07-14 |
| CN101777978B true CN101777978B (en) | 2012-05-30 |
Family
ID=42514320
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2008101819128A Active CN101777978B (en) | 2008-11-24 | 2008-11-24 | Method and system based on wireless terminal for applying digital certificate and wireless terminal |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101777978B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103401686A (en) * | 2013-07-31 | 2013-11-20 | 陕西海基业高科技实业有限公司 | User Internet identity authentication system and application method thereof |
Families Citing this family (22)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102571340A (en) * | 2010-12-23 | 2012-07-11 | 普天信息技术研究院有限公司 | Certificate authentication device as well as access method and certificate update method thereof |
| CN102215488B (en) * | 2011-05-27 | 2013-11-06 | 中国联合网络通信集团有限公司 | Smart phone digital certificate application method and system |
| CN103037366B (en) * | 2011-09-30 | 2016-10-26 | 卓望数码技术(深圳)有限公司 | Mobile phone users authentication method based on asymmetric cryptographic technique and mobile terminal |
| CN103139136B (en) * | 2011-11-22 | 2016-06-08 | 阿里巴巴集团控股有限公司 | The management process of a kind of password and equipment |
| CN103166755B (en) * | 2011-12-14 | 2015-11-11 | 卓望数码技术(深圳)有限公司 | A kind of method and system issuing mobile subscriber identifier digital certificate |
| CN102624531B (en) * | 2012-04-25 | 2014-12-03 | 西安西电捷通无线网络通信股份有限公司 | Automatic application method, device and system for digital certificate |
| CN102799540B (en) * | 2012-06-21 | 2017-07-14 | 南京中兴软件有限责任公司 | Utilize method, system and terminal of the user's identification card key to storage card encryption and decryption |
| CN102752308A (en) * | 2012-07-10 | 2012-10-24 | 河北省电子认证有限公司 | Network-based digital certificate comprehensive service providing system and implementation method thereof |
| CN103945374A (en) * | 2013-01-18 | 2014-07-23 | 深圳市华营数字商业有限公司 | Method of mobile terminal equipment and user authentication based on PKI technology |
| CN105099679B (en) * | 2014-05-05 | 2019-02-12 | 中国电子信息产业发展研究院 | A kind of method and device using digital certificate authentication user identity |
| CN104143142A (en) * | 2014-07-17 | 2014-11-12 | 马洁韵 | Payment system with mobile payment unit and security payment method |
| CN106161027A (en) * | 2015-04-15 | 2016-11-23 | 李京海 | A kind of mobile phone quasi-digital certificate subsystem and system and method thereof |
| EP3104320B1 (en) * | 2015-06-12 | 2018-08-15 | EM Microelectronic-Marin SA | Method for programming bank data in an integrated circuit of a watch |
| CN106211032A (en) * | 2016-06-28 | 2016-12-07 | 公安部第三研究所 | The pairing of bluetooth SIM and the method for digital signature process is realized based on STK |
| CN107786344B (en) | 2017-10-30 | 2020-05-19 | 阿里巴巴集团控股有限公司 | Method and device for realizing application and use of digital certificate |
| CN109981278B (en) * | 2017-12-28 | 2022-09-13 | 中国移动通信集团辽宁有限公司 | Digital certificate application method, system, user identification card, device and medium |
| CN108768664B (en) * | 2018-06-06 | 2020-11-03 | 腾讯科技(深圳)有限公司 | Key management method, device, system, storage medium and computer equipment |
| CN110457967A (en) * | 2019-07-30 | 2019-11-15 | 广州童联信息科技有限公司 | A kind of read-write card system, method and medium for Chinese education card safety verification |
| CN110599647A (en) * | 2019-09-05 | 2019-12-20 | 广东纬德信息科技有限公司 | Intelligent lock authentication method and system |
| CN111556376B (en) * | 2020-03-23 | 2022-06-14 | 视联动力信息技术股份有限公司 | Digital certificate signing and issuing method and device and computer readable storage medium |
| CN114900310A (en) * | 2021-03-29 | 2022-08-12 | 北京格瑞空间科技有限公司 | Method for corresponding ID of terminal equipment to block chain account |
| CN115514484A (en) * | 2022-11-22 | 2022-12-23 | 国开启科量子技术(北京)有限公司 | Digital certificate request online sending method and digital certificate online issuing method |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101136743A (en) * | 2006-08-31 | 2008-03-05 | 普天信息技术研究院 | Digital certificate updating method and system |
| CN101183932A (en) * | 2007-12-03 | 2008-05-21 | 宇龙计算机通信科技(深圳)有限公司 | Security identification system of wireless application service and login and entry method thereof |
-
2008
- 2008-11-24 CN CN2008101819128A patent/CN101777978B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101136743A (en) * | 2006-08-31 | 2008-03-05 | 普天信息技术研究院 | Digital certificate updating method and system |
| CN101183932A (en) * | 2007-12-03 | 2008-05-21 | 宇龙计算机通信科技(深圳)有限公司 | Security identification system of wireless application service and login and entry method thereof |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103401686A (en) * | 2013-07-31 | 2013-11-20 | 陕西海基业高科技实业有限公司 | User Internet identity authentication system and application method thereof |
| CN103401686B (en) * | 2013-07-31 | 2016-08-10 | 陕西海基业高科技实业有限公司 | A kind of user's OTP WEB Authentication System and application process thereof |
Also Published As
| Publication number | Publication date |
|---|---|
| CN101777978A (en) | 2010-07-14 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101777978B (en) | Method and system based on wireless terminal for applying digital certificate and wireless terminal | |
| EP2622786B1 (en) | Mobile handset identification and communication authentication | |
| CN101978675B (en) | System and method for securely issuing subscription credentials to communication devices | |
| US8327143B2 (en) | Techniques to provide access point authentication for wireless network | |
| US9445269B2 (en) | Terminal identity verification and service authentication method, system and terminal | |
| CN108924147B (en) | Communication terminal digital certificate issuing method, server and communication terminal | |
| CN101720071B (en) | Short message two-stage encryption transmission and secure storage method based on safety SIM card | |
| US20110113241A1 (en) | Ic card, ic card system, and method thereof | |
| CN1929371B (en) | Method for negotiating key share between user and peripheral apparatus | |
| CN101300808A (en) | Method and arrangement for secure autentication | |
| CN105450406A (en) | Data processing method and device | |
| US20080130879A1 (en) | Method and system for a secure PKI (Public Key Infrastructure) key registration process on mobile environment | |
| CN102461231A (en) | Method for registering a mobile radio in a mobile radio network | |
| CN101841525A (en) | Secure access method, system and client | |
| CN104660567B (en) | D2D terminal access authentications method, D2D terminals and server | |
| KR20140098872A (en) | security system and method using trusted service manager and biometric for web service of mobile nfc device | |
| CN110381075B (en) | Block chain-based equipment identity authentication method and device | |
| CN110278084B (en) | eID establishing method, related device and system | |
| CN103546289A (en) | USB (universal serial bus) Key based secure data transmission method and system | |
| EP3128696B1 (en) | Entity authentication method and device | |
| CN106789024A (en) | A kind of remote de-locking method, device and system | |
| AU2020220129B2 (en) | Method of enrolling a device into a pki domain for certificate management using factory key provisioning | |
| CN105743883A (en) | Network application identity attribute acquisition method and network application identity attribute acquisition device | |
| WO2022006736A1 (en) | Methods and apparatuses for device provisioning | |
| Kannadhasan et al. | A novel approach privacy security protocol based SUPM method in near field communication technology |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CP03 | Change of name, title or address | ||
| CP03 | Change of name, title or address |
Address after: 518129 Building 2, B District, Bantian HUAWEI base, Longgang District, Shenzhen, Guangdong. Patentee after: Huawei Terminal (Shenzhen) Co., Ltd. Address before: 518129 Bantian HUAWEI headquarters office building, Longgang District, Guangdong, Shenzhen Patentee before: Huawei Device Co., Ltd. |