CN101877157A - Key management system and method for bank terminal security equipment - Google Patents
Key management system and method for bank terminal security equipment Download PDFInfo
- Publication number
- CN101877157A CN101877157A CN2010101073675A CN201010107367A CN101877157A CN 101877157 A CN101877157 A CN 101877157A CN 2010101073675 A CN2010101073675 A CN 2010101073675A CN 201010107367 A CN201010107367 A CN 201010107367A CN 101877157 A CN101877157 A CN 101877157A
- Authority
- CN
- China
- Prior art keywords
- key
- terminal security
- kmc
- equipment
- security equipment
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Abstract
The invention relates to a key management system and a key management method for bank terminal security equipment. The system comprises a bank service terminal and a bank service background; the bank service terminal comprises the bank terminal security equipment and a key management agent component; and the bank service background comprises a KMC, a key database, an encoder and a service application system server, wherein the key management agent component is used for acquiring a working key from the KMC and writing the working key into the bank terminal security equipment; and the KMC provides registration service, key transmitting service and automatic key update service for the bank terminal security equipment. The key management system and the key management method for the bank terminal security equipment can effectively realize key management of the bank terminal security equipment, and separate the key management from a bank service application system at the same time so that each service application system does not need to implement complex key management logics any more and the implementing complexity of the service application system is reduced.
Description
Technical field
The present invention relates to a kind of bank terminal security equipment key management system and method.
Background technology
People are at bank's cabinet face, ATM, when POS transacts business, need the input bank card password, in order to guarantee the safety of clip pin and Transaction Information, terminal security equipment such as bank's cabinet face code keypad, ATM, POS adopt encryption technology that clip pin and Transaction Information are encrypted.The comparative maturity of encryption technology own is complicated and loaded down with trivial details to the management of encrypting employed key still.The management of terminal security Device keys comprises key generation, delivering key, key updating etc., the management method of bank is at present: issuing, upgrading by each business application system self design and realization of terminal security Device keys, need design and realize delivering key, the renewal process of its terminal security device password keyboard such as the front-end business application system; The ATM business application system need design and realize delivering key, the renewal process of its terminal security device A TM; The POS business application system need design and realize delivering key, the renewal process of its terminal security equipment POS machine.The result is require a high expenditure of energy design and realize the complex key management process of the developer of each business application system, cause extensive work to repeat and waste, and key management mixes in the application system service logic, increased the complexity that business application system realizes.
Summary of the invention
For solving existing the problems referred to above in the background technology, designed the present invention.The object of the present invention is to provide a kind of new bank terminal security equipment key management system and method, can effectively realize key management to bank terminal security equipment, simultaneously key management is separated from banking application system, make each business application system no longer need to consider and realize the complex key management logic, reduce the development amount of each business application system, improve the development efficiency of each business application system, reduce the complexity that business application system realizes.
For achieving the above object, the invention provides a kind of bank terminal security equipment key management system, described system includes banking terminal and banking backstage, and described banking terminal comprises: business application system client, cryptographic services interface, bank terminal security equipment and key management Agent components; Described banking backstage comprises: KMC, key database, first encryption equipment, second encryption equipment, cryptographic services interface and business application system server end; Wherein, bank terminal security equipment has key storage and crypto-operation function, and the master key power down of storage is not lost, and the working key power down of storage is lost or do not lost; The key management Agent components is responsible for obtaining working key and working key being write the bank terminal security equipment from KMC; Key database is mainly used in rear end storage bank terminal security equipment key; First and/or second encryption equipment is responsible for the backstage crypto-operation; KMC provides registration service, delivering key service and the automatic update service of key for bank terminal security equipment.
Preferably, the cryptographic services interface is used for upper-layer service the cryptographic services function is provided.
Preferably, master key is used for cryptographic work key, and working key is used for encrypting the sensitive data of bank transaction process, and master key and working key are produced at random by first and/or second encryption equipment, the master key of each terminal security equipment and working key are all inequality, and working key is encrypted by master key and issued.
Preferably, described bank terminal security equipment is bank's cabinet face code keypad or ATM.
Preferably, the key management Agent components is realized communicating by letter with the KMC server by TCP/IP Socket or HTTP+XML communication mode.
In addition, the invention provides a kind of bank terminal security equipment key management method, described method comprises that terminal security facility registration step, terminal security Device keys issue step and the automatic step of updating of terminal security Device keys automatically, wherein, described terminal security facility registration step is registered terminal security equipment in KMC, and master key write in the bank terminal security equipment, after this produce the good berth key in advance for bank terminal security equipment; Described terminal security Device keys issues step automatically and automatically working key is issued in the terminal security equipment by the key management Agent components; The automatic step of updating of described terminal security Device keys is upgraded automatically by KMC server and the key management Agent components working key to terminal security equipment.
Preferably, described terminal security facility registration step specifically comprises:
1.1) the key management Agent components reads the unique sequence number of bank terminal security equipment, initiates register requirement to the KMC server then, comprises the unique sequence number of equipment in the request;
1.2) KMC server reception request, initiate to produce the request of bank terminal security equipment master key to first encryption equipment then, encryption equipment produces the equipment master key at random, and master key is returned the server to KMC, and the KMC server returns to the key management Agent components to master key;
1.3) the KMC server writes master key in the bank terminal security equipment, if write success, then return success and indicate the KMC server, the KMC server is a sign with the unique sequence number of this bank terminal security equipment, and the master key of this bank terminal security equipment is write in the key database;
1.4) the KMC server initiate to produce the request of bank terminal security equipment working key to first encryption equipment, encryption equipment produces the equipment work key at random, the working key that produces is encrypted with master key, first encryption equipment returns the server to KMC to the working key that produces, and the KMC server writes working key in the key database.
Preferably, described terminal security Device keys issues step automatically and comprises:
2.1) the unique sequence number of key management Agent components reading terminals safety equipment, and initiate working key to the KMC server and issue request, comprise the unique sequence number of bank terminal security equipment in the request;
2.2) KMC server reception request, with the unique sequence number of bank terminal security equipment is that index reads working key from key database, the working key that reads is encrypted with master key, and the KMC server returns to the key management Agent components to the working key that reads;
2.3) the key management Agent components writes working key in the bank terminal security equipment, writes the working key that fashionable bank terminal security equipment is encrypted by master key with the deciphering of the master key in the equipment, and preserve working key.
Preferably, the automatic step of updating of described terminal security Device keys comprises:
3.1) the KMC server provides working key automatic update service, regularly the working key to the bank terminal security equipment in the key database upgrades, during renewal, the automatic update service of KMC server is called first and/or second encryption equipment, for each terminal security equipment produces new working key at random, and new working key is kept in the key database, this stylish working key does not cover old working key, new working key adopts a database newer field to deposit, and stamps the working key update mark on the key database respective record;
3.2) the key management Agent components initiates working key to the KMC server and issue request, the KMC server is that index obtains working key from database with the unique sequence number of terminal security equipment, if the working key update mark is arranged this moment, then the KMC server returns to the key management agency to new working key, and the old working key in the key database replaced with new working key, replace the update mark of back cancellation working key;
3.3) key management agency writes a new working key in the terminal security equipment.
Bank terminal security equipment key management system of the present invention and method are compared with existing method, have following advantage and good effect:
1. improve business application system development efficiency, saved a large amount of human resources.
Banking application system is numerous, but key management mechanism is almost identical, finish issuing automatically and upgrade by the key management Agent components to terminal security equipment work key, each business application system developer is no longer required a high expenditure of energy design and realize the complex key management process, improve development efficiency, saved a large amount of human resources.
2. system architecture, the exploitation division of labor are more reasonable.
Cipher key management procedures is separated from business application system, and the architecture that makes bank's total system is modularization more.Isolated key management module can have information security team or specialized company's design, the exploitation of specialty and safeguard.
3. a machine one is close safer.
Master key and working key are produced at random by encryption equipment, the master key of each terminal security equipment and working key (it is close to be called as a machine one) all inequality, working key is encrypted by master key and is issued, and has farthest guaranteed the data security of upper-layer service application system.
4. working key upgrades automatically, does not need artificial participation.
The automatic update service of KMC server can regularly be upgraded the working key of terminal security equipment automatically according to strategy, the key management agency obtains new working key from trend KMC server, and automatically new working key is written in the terminal security equipment, whole process does not need artificial participation.
5. working key generates in advance, has effectively reduced exchange hour server surge pressure.
The working key of terminal security equipment is generated in the nontransaction time by the service of KMC server registration, KMC server working key update service in advance, leaves in the key database.Like this every day exchange hour, when station terminal safety equipment up to ten thousand issue working key by the key management agency, the KMC server only needs directly to take out working key from key database, return to key management agency and get final product, the surge pressure that the generation that has effectively reduced ten hundreds of working keys causes KMC server and encryption equipment.
Description of drawings
Fig. 1 is according to bank terminal security equipment key management system synoptic diagram of the present invention;
Fig. 2 is according to bank terminal security equipment key management method synoptic diagram of the present invention.
Embodiment
For above-mentioned purpose of the present invention, feature and advantage can be become apparent more, the present invention is further detailed explanation below in conjunction with the drawings and specific embodiments.
Fig. 1 is according to bank terminal security equipment key management system synoptic diagram of the present invention.As shown in Figure 1, bank terminal security equipment key management system according to the present invention includes banking terminal 1 and banking backstage 2.Described banking terminal comprises: business application system client 3, cryptographic services interface 4, bank terminal security equipment 5 and key management Agent components 6.Described banking backstage comprises: KMC (KMC) 8, key database 11, first encryption equipment 10, second encryption equipment 12, cryptographic services interface 9 and business application system server end 7, wherein the key management Agent components is that the present invention is peculiar.The function of assembly and concern as follows in the described bank terminal security equipment key management system: bank terminal security equipment has key storage and crypto-operation function, master key (the being used for cryptographic work key) power down of storage is not lost, and the working key of storage (being used for enciphered data) may be lost in power down; The key management Agent components is responsible for obtaining working key and working key being write the bank terminal security equipment from KMC (KMC); Key database is mainly used to rear end storage terminal safety equipment key; First and second encryption equipment is responsible for the backstage crypto-operation; KMC (KMC) provides registration service, delivering key service and the automatic update service of key for bank terminal security equipment.
Finish key management work such as terminal security facility registration, delivering key and renewal by above-mentioned each assembly, on this basis, the cryptographic services interface module is used for upper-layer service the cryptographic services function is provided.
Below, will be described bank terminal security equipment key management method according to the present invention.
Fig. 2 is according to bank terminal security equipment key management method synoptic diagram of the present invention.As shown in Figure 2, bank terminal security equipment key management method according to the present invention is divided into the terminal security facility registration, the terminal security Device keys issues automatically and the terminal security Device keys upgrades 3 big steps automatically, is described below respectively:
1. terminal security facility registration
The work that this step is finished is that terminal security equipment is registered in KMC (KMC), and master key (being used for cryptographic work key) write bank terminal security equipment, after this also to produce good berth key (being used for enciphered data) in advance for bank terminal security equipment.Detailed step is as follows:
1.1) the key management Agent components reads the unique sequence number of bank terminal security equipment, initiates register requirement to KMC server (registration service) then, comprises the unique sequence number of equipment in the request;
1.2) KMC server reception request, initiate to produce the request of bank terminal security equipment master key to first encryption equipment then, encryption equipment produces the equipment master key at random, and master key is returned the server to KMC, and the KMC server returns to the key management Agent components to master key;
1.3) the KMC server writes master key in the bank terminal security equipment, if write success, then return success and indicate the KMC server, the KMC server is a sign with the unique sequence number of this bank terminal security equipment, and the master key of this bank terminal security equipment is write in the key database;
1.4) the KMC server initiate to produce the request of bank terminal security equipment working key to first encryption equipment, encryption equipment produces the equipment work key at random, the working key that produces is encrypted with master key, first encryption equipment returns the server to KMC to the working key that produces, and the KMC server writes working key in the key database.
2. the terminal security Device keys issues automatically
The work that this step is finished is automatically working key (being used for enciphered data) to be issued to bank terminal security equipment by the key management agency.Detailed step is as follows:
2.1) the unique sequence number of key management Agent components reading terminals safety equipment, and initiate working key to KMC server (delivering key service) and issue request, comprise the unique sequence number of bank terminal security equipment in the request;
2.2) KMC server reception request, with the unique sequence number of bank terminal security equipment is that index reads working key from key database, the working key that reads is encrypted with master key, and the KMC server returns to the key management Agent components to the working key that reads;
2.3) the key management Agent components writes working key in the bank terminal security equipment, writes the working key that fashionable bank terminal security equipment is encrypted by master key with the deciphering of the master key in the equipment, and preserve working key.
3. the terminal security Device keys upgrades automatically
The work that this step is finished is to upgrade automatically by KMC server and the key management Agent components working key to terminal security equipment.Detailed step is as follows:
3.1) the KMC server provides working key automatic update service, can be regularly the working key of the terminal security equipment in the key database be upgraded.During renewal, the automatic update service of KMC server is called first and/or second encryption equipment, for each terminal security equipment produces new working key at random, and new working key is kept in the key database, this stylish working key does not cover old working key, new working key adopts a database newer field to deposit, and stamps the working key update mark on the key database respective record;
3.2) the key management Agent components initiates working key to KMC server (delivering key service) and issue request, the KMC server is that index obtains working key from database with the unique sequence number of terminal security equipment, if the working key update mark is arranged this moment, then the KMC server returns to the key management agency to new working key, and the old working key in the key database replaced with new working key, replace the update mark of back cancellation working key;
3.3) key management agency writes a new working key in the terminal security equipment.
In sum, by 3 steps: terminal security facility registration, terminal security Device keys issue automatically with the terminal security Device keys and upgrade automatically, can finish whole cipher key management procedures to terminal security equipment, whole cipher key management procedures does not need the participation of upper-layer service application system, issuing and upgrading the upper-layer service application system of working key is transparent, and the upper-layer service application system only need be called the cryptographic services interface and use key to get final product.
In order to be illustrated more clearly in the present invention, below, will bank terminal security equipment key management method according to the present invention be described in more detail in conjunction with the running environment of bank terminal security equipment key management system according to the present invention.
Same, bank terminal security equipment key management method according to the present invention comprises that terminal security facility registration, terminal security Device keys issue and 3 steps of the automatic renewal of terminal security Device keys automatically.Wherein, terminal security equipment can be bank's cabinet face code keypad, ATM etc.
1. terminal security facility registration
The terminal security facility registration is finished by the common cooperation of terminal security equipment, key management Agent components, KMC server, key database and encryption equipment.Bank has generally all had KMC at present, if the function of existing KMC does not reach requirement of the present invention, need upgrade according to technical solutions according to the invention and embodiment.
To the registration of terminal security equipment, finish by the visit of the key management Agent components on terminal PC KMC server, during registration terminal security equipment is connected on the terminal PC.
KMC can be designed to the B/S pattern, adopts the exploitation of JSP+JAVA server mode, disposes KMC terminal security facility registration service routine.Under this pattern, the key management Agent components is the IE of Microsoft, by the registration service of the visit of the IE of Microsoft on terminal PC KMC server terminal safety equipment.
The mode that adopts JSP to call control realizes the operation to terminal security equipment, and control is installed on the terminal PC.Control adopts the VC of Microsoft environment exploitation, has realized the encapsulation to terminal security equipment physical layer interface.The function that control is realized comprises the unique sequence number of fetch equipment, write device master key.
The KMC server is set up TCP/IP Socket to first and/or second encryption equipment and is connected, and sends instruction to first and/or second encryption equipment, finishes the generation of terminal security equipment master key and working key, and instruction is provided by encryption equipment producer.
Key database adopts general relevant database, can adopt JDBC or Hibenate interface to its visit.
2. the terminal security Device keys issues automatically
The work that this step is finished is automatically working key (being used for enciphered data) to be issued to terminal security equipment by the key management agency.
The key management agency is an independently software, operates on the terminal devices such as bank's cabinet face PC, ATM, generally adopts C language development key management agent software.
The key management agency can be provided with timer, regularly initiates working key to the KMC server and issues request; Also can be when terminal device start, move automatically as the system service of terminal device operating system (such as Windows), initiate working key to the KMC server and issue request.
The key management agency can be by communication mode and the KMC server communication of TCP/IP Socket or HTTP+XML.
The key management agency is by calling the operation of physical layer interface realization to terminal security equipment, and physical layer interface is provided by terminal security equipment producer, and the function of physical layer interface comprises the unique sequence number of fetch equipment, writes working key.
3. the terminal security Device keys upgrades automatically
The work that this step is finished is by the automatic update service of KMC server working key and key management agency, and the working key of terminal security equipment is upgraded automatically.
The automatic update service specific implementation of working key is: can be embodied as an independent process, also can be implemented as a thread of KMC service processes, this process or thread reside on the KMC server, by reading the working key update strategy parameter in the configuration file, timing operation, and according to the renewal of the method described in technical scheme working key.
After the KMC server has carried out regularly upgrading to working key, need the key management agency new working key to be updated to terminal security equipment according to the method described in the technical scheme, the exploitation of concrete communication interface, key management agency's realization details, above elaborating, for simplicity, be not repeated here.
In sum, according to 3 aspects: terminal security facility registration, terminal security Device keys issue and upgrade automatically the explanation of embodiment automatically, can finish the specific implementation of bank terminal security equipment key management method of the present invention.
Bank terminal security equipment key management system of the present invention and method are compared with existing method, have following advantage and good effect:
1. improve business application system development efficiency, saved a large amount of human resources.
Banking application system is numerous, but key management mechanism is almost identical, finish issuing automatically and upgrade by key management agency to terminal security equipment work key, each business application system developer is no longer required a high expenditure of energy design and realize the complex key management process, improve development efficiency, saved a large amount of human resources.
2. system architecture, the exploitation division of labor are more reasonable.
Cipher key management procedures is separated from business application system, and the architecture that makes bank's total system is modularization more.Isolated key management module can have information security team or specialized company's design, the exploitation of specialty and safeguard.
3. a machine one is close safer.
Master key and working key are produced at random by encryption equipment, the master key of each terminal security equipment and working key (it is close to be called as a machine one) all inequality, working key is encrypted by master key and is issued, and has farthest guaranteed the data security of upper-layer service application system.
4. working key upgrades automatically, does not need artificial participation.
The automatic update service of KMC server can regularly be upgraded the working key of terminal security equipment automatically according to strategy, the key management agency obtains new working key from trend KMC server, and automatically new working key is written in the terminal security equipment, whole process does not need artificial participation.
5. working key generates in advance, has effectively reduced exchange hour server surge pressure.
The working key of terminal security equipment is generated in the nontransaction time by the service of KMC server registration, KMC server working key update service in advance, leaves in the key database.Like this every day exchange hour, when station terminal safety equipment up to ten thousand issue working key by the key management agency, the KMC server only needs directly to take out working key from key database, return to key management agency and get final product, the surge pressure that the generation that has effectively reduced ten hundreds of working keys causes KMC server and encryption equipment.
Although illustrated and described the preferred embodiments of the present invention, it is contemplated that those skilled in the art can design various modifications of the present invention in the spirit and scope of claims.
Claims (10)
1. bank terminal security equipment key management system, described system includes banking terminal and banking backstage, it is characterized in that:
Described banking terminal comprises: business application system client, cryptographic services interface, bank terminal security equipment and key management Agent components;
Described banking backstage comprises: KMC, key database, first encryption equipment, second encryption equipment, cryptographic services interface and business application system server end;
Wherein, bank terminal security equipment has key storage and crypto-operation function, and the master key power down of storage is not lost, and the working key power down of storage is lost or do not lost; The key management Agent components is responsible for obtaining working key and working key being write the bank terminal security equipment from KMC; Key database is mainly used in rear end storage bank terminal security equipment key; First and/or second encryption equipment is responsible for the backstage crypto-operation; KMC provides registration service, delivering key service and the automatic update service of key for bank terminal security equipment.
2. bank terminal security equipment key management system as claimed in claim 1 is characterized in that:
The cryptographic services interface is used for upper-layer service the cryptographic services function is provided.
3. bank terminal security equipment key management system as claimed in claim 1 is characterized in that:
Master key is used for cryptographic work key, and working key is used for encrypting the sensitive data of bank transaction process, and master key and working key are produced at random by first and/or second encryption equipment, the master key of each terminal security equipment and working key are all inequality, and working key is encrypted by master key and issued.
4. bank terminal security equipment key management system as claimed in claim 1 is characterized in that:
Described bank terminal security equipment is bank's cabinet face code keypad or ATM.
5. bank terminal security equipment key management system as claimed in claim 1 or 2 is characterized in that:
The key management Agent components is realized communicating by letter with the KMC server by TCP/IP Socket or HTTP+XML communication mode.
6. bank terminal security equipment key management method that is applied in each described bank terminal security equipment key management system of claim 1-5 is characterized in that:
Described method comprises that terminal security facility registration step, terminal security Device keys issue step and the automatic step of updating of terminal security Device keys automatically, wherein,
Described terminal security facility registration step is registered terminal security equipment in KMC, and master key is write in the bank terminal security equipment, after this produces the good berth key in advance for bank terminal security equipment;
Described terminal security Device keys issues step automatically and automatically working key is issued in the terminal security equipment by the key management Agent components;
The automatic step of updating of described terminal security Device keys is upgraded automatically by KMC server and the key management Agent components working key to terminal security equipment.
7. bank terminal security equipment key management method as claimed in claim 6 is characterized in that:
Described terminal security facility registration step specifically comprises,
1.1) the key management Agent components reads the unique sequence number of bank terminal security equipment, initiates register requirement to the KMC server then, comprises the unique sequence number of equipment in the request;
1.2) KMC server reception request, initiate to produce the request of bank terminal security equipment master key to first encryption equipment then, encryption equipment produces the equipment master key at random, and master key is returned the server to KMC, and the KMC server returns to the key management Agent components to master key;
1.3) the KMC server writes master key in the bank terminal security equipment, if write success, then return success and indicate the KMC server, the KMC server is a sign with the unique sequence number of this bank terminal security equipment, and the master key of this bank terminal security equipment is write in the key database;
1.4) the KMC server initiate to produce the request of bank terminal security equipment working key to first encryption equipment, encryption equipment produces the equipment work key at random, the working key that produces is encrypted with master key, first encryption equipment returns the server to KMC to the working key that produces, and the KMC server writes working key in the key database.
8. as claim 6 or 7 described bank terminal security equipment key management methods, it is characterized in that:
Described terminal security Device keys issues step automatically and comprises,
2.1) the unique sequence number of key management Agent components reading terminals safety equipment, and initiate working key to the KMC server and issue request, comprise the unique sequence number of bank terminal security equipment in the request;
2.2) KMC server reception request, with the unique sequence number of bank terminal security equipment is that index reads working key from key database, the working key that reads is encrypted with master key, and the KMC server returns to the key management Agent components to the working key that reads;
2.3) the key management Agent components writes working key in the bank terminal security equipment, writes the working key that fashionable bank terminal security equipment is encrypted by master key with the deciphering of the master key in the equipment, and preserve working key.
9. as claim 6 or 7 described bank terminal security equipment key management methods, it is characterized in that:
The automatic step of updating of described terminal security Device keys comprises,
3.1) the KMC server provides working key automatic update service, regularly the working key to the bank terminal security equipment in the key database upgrades, during renewal, the automatic update service of KMC server is called first and/or second encryption equipment, for each terminal security equipment produces new working key at random, and new working key is kept in the key database, this stylish working key does not cover old working key, new working key adopts a database newer field to deposit, and stamps the working key update mark on the key database respective record;
3.2) the key management Agent components initiates working key to the KMC server and issue request, the KMC server is that index obtains working key from database with the unique sequence number of terminal security equipment, if the working key update mark is arranged this moment, then the KMC server returns to the key management agency to new working key, and the old working key in the key database replaced with new working key, replace the update mark of back cancellation working key;
3.3) key management agency writes a new working key in the terminal security equipment.
10. bank terminal security equipment key management method as claimed in claim 8 is characterized in that:
The automatic step of updating of described terminal security Device keys comprises,
3.1) the KMC server provides working key automatic update service, regularly the working key to the terminal security equipment in the key database upgrades, during renewal, the automatic update service of KMC server is called first and/or second encryption equipment, for each terminal security equipment produces new working key at random, and new working key is kept in the key database, this stylish working key does not cover old working key, new working key adopts a database newer field to deposit, and stamps the working key update mark on the key database respective record;
3.2) the key management Agent components initiates working key to the KMC server and issue request, the KMC server is that index obtains working key from database with the unique sequence number of terminal security equipment, if the working key update mark is arranged this moment, then the KMC server returns to the key management agency to new working key, and the old working key in the key database replaced with new working key, replace the update mark of back cancellation working key;
3.3) key management agency writes a new working key in the bank terminal security equipment.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2010101073675A CN101877157A (en) | 2010-02-09 | 2010-02-09 | Key management system and method for bank terminal security equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2010101073675A CN101877157A (en) | 2010-02-09 | 2010-02-09 | Key management system and method for bank terminal security equipment |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN101877157A true CN101877157A (en) | 2010-11-03 |
Family
ID=43019702
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2010101073675A Pending CN101877157A (en) | 2010-02-09 | 2010-02-09 | Key management system and method for bank terminal security equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101877157A (en) |
Cited By (26)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102118247A (en) * | 2011-01-04 | 2011-07-06 | 中兴通讯股份有限公司 | System and method for password management |
| CN102426719A (en) * | 2011-08-19 | 2012-04-25 | 深圳市怡化电脑有限公司 | Key loading method and key loading system for password keyboard |
| CN102866998A (en) * | 2011-07-05 | 2013-01-09 | 中兴通讯股份有限公司 | Centralized password management method and centralized password management system in synchronous system |
| CN103546318A (en) * | 2013-10-18 | 2014-01-29 | 沈康欣 | Intelligent information security management system |
| CN103546427A (en) * | 2012-07-11 | 2014-01-29 | 中国银联股份有限公司 | Method and system for realizing high availability of encryption machine application |
| WO2014040537A1 (en) * | 2012-09-11 | 2014-03-20 | 中国银联股份有限公司 | Terminal data encryption method and device |
| CN103684753A (en) * | 2013-12-04 | 2014-03-26 | 成都卫士通信息产业股份有限公司 | Method for realizing mode of one key for one machine of terminal equipment |
| CN104363090A (en) * | 2014-11-19 | 2015-02-18 | 成都卫士通信息产业股份有限公司 | Secret key distribution device and method for enhancing safety of banking terminal equipment |
| CN105933112A (en) * | 2016-06-01 | 2016-09-07 | 深圳市证通电子股份有限公司 | Secret key update method and device of unattended terminal |
| CN103701583B (en) * | 2012-09-28 | 2016-12-21 | 中国银联股份有限公司 | Cipher processing apparatus and method |
| CN106850612A (en) * | 2017-01-23 | 2017-06-13 | 北京思特奇信息技术股份有限公司 | The cipher management method and system of a kind of facing cloud system |
| CN107360144A (en) * | 2017-06-27 | 2017-11-17 | 努比亚技术有限公司 | A kind of safety check information updating method and equipment |
| CN107493167A (en) * | 2016-06-13 | 2017-12-19 | 广州江南科友科技股份有限公司 | Terminal key dissemination system and its terminal key distribution method |
| CN109687956A (en) * | 2018-12-11 | 2019-04-26 | 北京数盾信息科技有限公司 | A kind of unification provides key management and key computational service system to client |
| CN109688116A (en) * | 2018-12-11 | 2019-04-26 | 北京数盾信息科技有限公司 | A kind of dense tubular system (DTS) for supporting dynamic expansion algorithm and operational capability |
| CN109729063A (en) * | 2018-05-14 | 2019-05-07 | 网联清算有限公司 | Information processing method and information processing system applied to encryption equipment |
| CN110120870A (en) * | 2019-04-30 | 2019-08-13 | 飞天诚信科技股份有限公司 | A kind of key updating method and device |
| CN110300396A (en) * | 2019-05-27 | 2019-10-01 | 苏宁智能终端有限公司 | The WIFI distribution method, apparatus and terminal of smart machine |
| CN110750767A (en) * | 2019-10-18 | 2020-02-04 | 神州数码融信软件有限公司 | Login initialization method of intelligent terminal device and intelligent terminal device |
| CN111159742A (en) * | 2019-12-26 | 2020-05-15 | Oppo广东移动通信有限公司 | Key management method, service agent, terminal device, system, and storage medium |
| CN111585758A (en) * | 2020-05-07 | 2020-08-25 | 成都农村商业银行股份有限公司 | Key management platform and key management method |
| CN111800267A (en) * | 2020-07-10 | 2020-10-20 | 信雅达系统工程股份有限公司 | Password service support system with unified management |
| CN112818332A (en) * | 2021-01-29 | 2021-05-18 | 西安得安信息技术有限公司 | Password management service platform for intelligent manufacturing |
| CN112929172A (en) * | 2021-02-08 | 2021-06-08 | 中国工商银行股份有限公司 | System, method and device for dynamically encrypting data based on key bank |
| US11418339B2 (en) * | 2011-09-13 | 2022-08-16 | Combined Conditional Access Development & Support, Llc (Ccad) | Preservation of encryption |
| CN111800267B (en) * | 2020-07-10 | 2024-04-30 | 信雅达科技股份有限公司 | Password service supporting system for unified management |
-
2010
- 2010-02-09 CN CN2010101073675A patent/CN101877157A/en active Pending
Cited By (35)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102118247A (en) * | 2011-01-04 | 2011-07-06 | 中兴通讯股份有限公司 | System and method for password management |
| CN102866998A (en) * | 2011-07-05 | 2013-01-09 | 中兴通讯股份有限公司 | Centralized password management method and centralized password management system in synchronous system |
| CN102426719A (en) * | 2011-08-19 | 2012-04-25 | 深圳市怡化电脑有限公司 | Key loading method and key loading system for password keyboard |
| CN102426719B (en) * | 2011-08-19 | 2013-11-06 | 深圳市怡化电脑有限公司 | Key loading method and key loading system for password keyboard |
| US11418339B2 (en) * | 2011-09-13 | 2022-08-16 | Combined Conditional Access Development & Support, Llc (Ccad) | Preservation of encryption |
| CN103546427B (en) * | 2012-07-11 | 2017-02-08 | 中国银联股份有限公司 | Method and system for realizing high availability of encryption machine application |
| CN103546427A (en) * | 2012-07-11 | 2014-01-29 | 中国银联股份有限公司 | Method and system for realizing high availability of encryption machine application |
| WO2014040537A1 (en) * | 2012-09-11 | 2014-03-20 | 中国银联股份有限公司 | Terminal data encryption method and device |
| CN103701583B (en) * | 2012-09-28 | 2016-12-21 | 中国银联股份有限公司 | Cipher processing apparatus and method |
| CN103546318A (en) * | 2013-10-18 | 2014-01-29 | 沈康欣 | Intelligent information security management system |
| CN103684753B (en) * | 2013-12-04 | 2016-08-17 | 成都卫士通信息产业股份有限公司 | A kind of realize the method that terminal unit one machine one is close |
| CN103684753A (en) * | 2013-12-04 | 2014-03-26 | 成都卫士通信息产业股份有限公司 | Method for realizing mode of one key for one machine of terminal equipment |
| CN104363090A (en) * | 2014-11-19 | 2015-02-18 | 成都卫士通信息产业股份有限公司 | Secret key distribution device and method for enhancing safety of banking terminal equipment |
| CN105933112A (en) * | 2016-06-01 | 2016-09-07 | 深圳市证通电子股份有限公司 | Secret key update method and device of unattended terminal |
| CN105933112B (en) * | 2016-06-01 | 2020-04-21 | 深圳市证通电子股份有限公司 | Key updating method and device for unattended terminal |
| CN107493167A (en) * | 2016-06-13 | 2017-12-19 | 广州江南科友科技股份有限公司 | Terminal key dissemination system and its terminal key distribution method |
| CN107493167B (en) * | 2016-06-13 | 2021-01-29 | 广州江南科友科技股份有限公司 | Terminal key distribution system and terminal key distribution method thereof |
| CN106850612A (en) * | 2017-01-23 | 2017-06-13 | 北京思特奇信息技术股份有限公司 | The cipher management method and system of a kind of facing cloud system |
| CN107360144A (en) * | 2017-06-27 | 2017-11-17 | 努比亚技术有限公司 | A kind of safety check information updating method and equipment |
| CN109729063A (en) * | 2018-05-14 | 2019-05-07 | 网联清算有限公司 | Information processing method and information processing system applied to encryption equipment |
| CN109729063B (en) * | 2018-05-14 | 2022-02-25 | 网联清算有限公司 | Information processing method and information processing system applied to encryption machine |
| CN109687956A (en) * | 2018-12-11 | 2019-04-26 | 北京数盾信息科技有限公司 | A kind of unification provides key management and key computational service system to client |
| CN109688116B (en) * | 2018-12-11 | 2022-09-02 | 北京数盾信息科技有限公司 | Close management system supporting dynamic expansion algorithm and operational capability |
| CN109688116A (en) * | 2018-12-11 | 2019-04-26 | 北京数盾信息科技有限公司 | A kind of dense tubular system (DTS) for supporting dynamic expansion algorithm and operational capability |
| CN110120870A (en) * | 2019-04-30 | 2019-08-13 | 飞天诚信科技股份有限公司 | A kind of key updating method and device |
| CN110120870B (en) * | 2019-04-30 | 2021-10-08 | 飞天诚信科技股份有限公司 | Key updating method and device |
| CN110300396A (en) * | 2019-05-27 | 2019-10-01 | 苏宁智能终端有限公司 | The WIFI distribution method, apparatus and terminal of smart machine |
| CN110750767A (en) * | 2019-10-18 | 2020-02-04 | 神州数码融信软件有限公司 | Login initialization method of intelligent terminal device and intelligent terminal device |
| CN111159742A (en) * | 2019-12-26 | 2020-05-15 | Oppo广东移动通信有限公司 | Key management method, service agent, terminal device, system, and storage medium |
| CN111585758A (en) * | 2020-05-07 | 2020-08-25 | 成都农村商业银行股份有限公司 | Key management platform and key management method |
| CN111800267A (en) * | 2020-07-10 | 2020-10-20 | 信雅达系统工程股份有限公司 | Password service support system with unified management |
| CN111800267B (en) * | 2020-07-10 | 2024-04-30 | 信雅达科技股份有限公司 | Password service supporting system for unified management |
| CN112818332A (en) * | 2021-01-29 | 2021-05-18 | 西安得安信息技术有限公司 | Password management service platform for intelligent manufacturing |
| CN112929172A (en) * | 2021-02-08 | 2021-06-08 | 中国工商银行股份有限公司 | System, method and device for dynamically encrypting data based on key bank |
| CN112929172B (en) * | 2021-02-08 | 2023-03-14 | 中国工商银行股份有限公司 | System, method and device for dynamically encrypting data based on key bank |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101877157A (en) | Key management system and method for bank terminal security equipment | |
| CN101593389B (en) | Key management method and key management system for POS terminal | |
| CN103580852B (en) | Safety element and the method and system of initializing secure element | |
| CN102215488B (en) | Smart phone digital certificate application method and system | |
| CN109547488B (en) | Credible data computing and exchanging system based on alliance block chain | |
| CN105391840A (en) | automatic purposed-application creation | |
| US20070186115A1 (en) | Dynamic Password Authentication System and Method thereof | |
| US20080022086A1 (en) | Methods and system for a key recovery plan | |
| CN114218592A (en) | Sensitive data encryption and decryption method and device, computer equipment and storage medium | |
| CN103247085A (en) | Front-mounted electronic toll collection (ETC) on board unit online publication system and method | |
| CN101635071B (en) | Method, system and device for installing/updating e-wallet | |
| KR101509043B1 (en) | Implementing method, system of universal card system and smart card | |
| CN101742478B (en) | Method and system for updating and distributing key of slave security domain of intelligent card and mobile terminal | |
| CN102831493A (en) | Mobile terminal real-time management system and method | |
| CN102523095A (en) | User digital certificate remote update method with intelligent card protection function | |
| CN111314363A (en) | Enterprise mobile equipment management method and system based on block chain | |
| CN111492355A (en) | Method and control system for controlling and/or monitoring a device | |
| CN103154965A (en) | Method, secure device, system and computer program product for securely managing user access to a file system | |
| CN101819695A (en) | Method for realizing synchronization of IC card/purse transaction and system accounting | |
| CN101673434A (en) | Secret key management method of IC card terminal | |
| CN103259689A (en) | Method for changing password of equipment and recovering password after failure | |
| CN105357015A (en) | Internet of things (IOT) security authentication method | |
| CN203386246U (en) | Electronic toll collection (ETC) vehicle-mounted electronic label on-line issuing system | |
| CN104112364A (en) | Vehicle management system and management method based on cloud computing platform | |
| EP2543160B1 (en) | Method and system for operations management in a telecommunications terminal with a state machine |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| ASS | Succession or assignment of patent right |
Owner name: DAI YUXING Free format text: FORMER OWNER: BEIJING JIANGNAN BRAIN TECHNOLOGY CO., LTD. Effective date: 20101217 |
|
| C41 | Transfer of patent application or patent right or utility model | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20101217 Address after: 100083 Beijing city Haidian District zhichunli No. 9 Building 4 Room 405 - Kun Applicant after: Dai Yuxing Address before: 100083 Beijing city Haidian District zhichunli No. 9 Building 4 Room 405 - Kun Applicant before: Beijing Jiangnan Brain Technology Co., Ltd. |
|
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C12 | Rejection of a patent application after its publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20101103 |