CN102065148A - Memory system access authorizing method based on communication network - Google Patents
Memory system access authorizing method based on communication network Download PDFInfo
- Publication number
- CN102065148A CN102065148A CN2011100047165A CN201110004716A CN102065148A CN 102065148 A CN102065148 A CN 102065148A CN 2011100047165 A CN2011100047165 A CN 2011100047165A CN 201110004716 A CN201110004716 A CN 201110004716A CN 102065148 A CN102065148 A CN 102065148A
- Authority
- CN
- China
- Prior art keywords
- authorization
- sign indicating
- indicating number
- code
- authorized
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Abstract
The invention relates to a memory system access authorizing method based on a communication network, which comprises the following steps of: utilizing communication equipment, an authorized computer and an authorizing server as the replacement or supplement of the traditional authorizing technology; authenticating equipment for transmitting an authorizing request code and receiving an authorizing code by an authorizing system and isolating the equipment from authorized computer equipment; transferring the authorizing request code and the authorizing code by a ciphertext and a communication technology which is independent of the authorized computer system; and carrying out multi-identity authentication in the access authorizing process, wherein the authorizing request code and the authorizing code are only effective in limited time. Compared with the traditional password authorizing mechanism, an authorized computer does not need to be accessed into any communication network, the authorizing code is generated during authorization and has limited life cycle, and the risk brought by authorizing code leakage can be prevented; and compared with the traditional file key authorizing mechanism, the invention can prevent loss and damage of authorizing equipment or inconvenience without portability, is safe enough and has the characteristics of convenience and flexibility.
Description
Technical field
The present invention relates to information security field, particularly a kind of authorization method, specifically a kind of storage system access authorization methods based on communication network.
Background technology
The information system of modern enterprise is resisted the outside threat except needs utilize fire compartment wall and anti-virus product, and data encryption has also become the main tool of protection enterprise information assets.Utilize the data encryption solution can protect the safety of the memory system data of equipment such as notebook computer, work station and server.Under through the situation of authorizing, storage system can be in the encipherment protection state, even be connected to network or miscellaneous equipment also can't this memory system data of access.Adopt the computer equipment of memory system data encryption technology, all data on its storage system will be protected, and the risk that confidential data is revealed reduces greatly.
Each storage system security product all needs a key to encrypt data in the storage system, and the access authorization methods that common memory system data encryption technology adopts has two kinds usually: based on the authorization method of file with based on the authorization method of password.
Based on the authorization method of file when storage system is encrypted, with the seed of certain file as the key file of encrypting storage system, if do not have this file or store the media (as USB memory device or smart card) of this file, can't remove file system and encrypt; Based on the authorization method of password, behind the correct licencing key of input, can remove the encryption of file system.In existing two kinds of authorization methods, be independent of the authorisation device smart card or the USB memory device of key file (as store) of authorization terminal system, lose under the situation of damaging or not carrying in authorisation device, authorization failure will be caused, the carrying out of normal business event may be influenced or the clerical workforce's telecommuting of going out; Adopt the authorization method of password, though in use can not be subjected to the restriction of decrypt authorized equipment, password need regularly replace and standardized administration, also may reveal because of password and cause enterprise information assets safety to be on the hazard.
Hence one can see that, and existing authorization method is to the management of file key/secret and to use be weak link in the information safety protecting method always.Therefore, data encryption technology also needs for the user provides safety and authorization easily in the protection enterprise information assets, reduces because the password that the user surfs the web, society's communication causes is revealed the risk of being brought with this.
Summary of the invention
At the problems referred to above, the applicant has carried out improving research, a kind of storage system access authorization methods based on communication network is provided, utilize communication equipment, be authorized to computer, authorization server password, authorisation device or as the replenishing of existing authorisation device as an alternative, when guaranteeing the licensing scheme fail safe with the maximum convenience of using.
Technical scheme of the present invention is as follows: revise according to claim
A kind of storage system access authorization methods based on communication network, the internet that will be authorized between computer and the authorization server isolates, and between is provided with third party device, described third party device is as sending the authorization requests sign indicating number and receive the intermediate equipment of authorization code, its communication network by being independent of the internet be authorized to the information interaction that computer and authorization server carry out licensing process and receive licensing process.
Its further technical scheme is: comprise the request licensing process and receive licensing process, concrete steps are as follows:
The request licensing process is carried out following steps successively:
1) is being authorized to operation authorization requests sign indicating number generator on the ustomer premises access equipment;
2) authorization requests sign indicating number generator is according to the legitimacy of the identification password authentification user identity of user's input; If identification password authentification result shows this user and does not meet the user identity that request is authorized that then licensing process stops;
3) authorization requests sign indicating number generator generates the authorization requests sign indicating number;
4) the authorization requests sign indicating number inputs to communication equipment by short range transmission technology or user;
5) be authorized to the user side communication equipment authorization requests sign indicating number is sent to authorization server by communication network;
6) authorization server end equipment receives the authorization requests sign indicating number that communication equipment sends;
7) device authentication of authorization server end sends the legitimacy of the communication equipment of authorization requests sign indicating number; If the checking testing result shows that this communication equipment is illegal, then licensing process stops;
8) legitimacy of authorization server checking authorization requests sign indicating number; If the checking testing result shows that this authorization requests sign indicating number is illegal, then licensing process stops;
9) the authorization requests sign indicating number is by after verifying, authorization server generates authorization code according to the authorization requests sign indicating number;
10) authorization server end equipment with authorization code be sent to send respective request be authorized to the user side communication equipment;
Receive licensing process and carry out following steps successively:
11) be authorized to the user side communication equipment and receive the authorization code that authorization server sends;
12) authorization code inputs to by short range transmission technology or user and is authorized to user side;
13) be authorized to the legitimacy that user side is verified authorization code;
14) if authorization code is proved to be successful, the user obtains and the access permission that is authorized to the storage system that ustomer premises access equipment is connected;
15) show that as if the checking testing result this authorization code is illegal, then authorization failure.
Its further technical scheme is: also comprise the steps: 10 ' after the described step 10) authorization server record this visit request.
Its further technical scheme is: described step 3 and step 9 generate in the process of authorization requests sign indicating number and authorization code, and the hardware device features, subscriber identity information and the current time that are authorized to terminal all will be as the input variables of generating algorithm.
Its further technical scheme is: authorization requests sign indicating number and authorization code that described step 3 and step 9 generate are one to one, all have for one effective period, and be only effective in time effective period; Also do not receive authorization code after the authorization requests sign indicating number generates in time effective period, then this authorization requests sign indicating number will be because of overtime automatic calcellation; Be not input in time effective period after authorization code generates and be authorized to terminal, then this authorization code also will be because of overtime automatic calcellation.
Its further technical scheme is: in the process of described step 8 and step 13 checking authorization requests sign indicating number and authorization code, adopt the multifactor authentication process, for user's user identity, to the hardware characteristics that is authorized to equipment, sending the authorization requests sign indicating number and receive the hardware characteristics of the communication equipment of authorization code all will be by checking.
Its further technical scheme is: in the process of described step 8 and step 13 checking authorization requests sign indicating number and authorization code, and need be to authorization requests sign indicating number and authorization code overtime checking the whether.
Its further technical scheme is: described transmission authorization requests sign indicating number and the communication equipment that receives authorization code are independent of the described terminal that is authorized to, and the communication network that is used to send and receive authorization requests sign indicating number and authorization code also is independent of and is authorized to terminal.
Its further technical scheme is: described transmission authorization requests sign indicating number and the communication equipment that receives authorization code are the equipment of registering in the authorization server system; Authorization server is verified the consistency of device registration information in described communication equipment and the authorization server system in the described step 7, if the authorization requests of receiving comes from the equipment of not registering in the authorization server system, then licensing process stops.
Its further technical scheme is: described authorization requests sign indicating number and authorization code transmit in the encrypted ciphertext mode in transport process, the ciphering process of authorization requests sign indicating number and the decrypting process of authorization code are finished by being authorized to ustomer premises access equipment, and the decrypting process of authorization requests sign indicating number and the ciphering process of authorization code are finished by authorization server end equipment.
Useful technique effect of the present invention is:
Authorization method of the present invention utilizes communication equipment, is authorized to computer and authorization server substituting or replenishing as existing authorization technique.
The equipment that sends authorization requests sign indicating number and reception authorization code is isolated through the authoring system authentication and with the computer equipment that is authorized to, and authorization requests sign indicating number and authorization code are by ciphertext and independently communication technology transmission; The access authorization process need passes through multifactor authentication; Authorization requests sign indicating number and authorization code are only effective in the limited time.Compare with existing password authorization mechanism, be authorized to computer and need not to insert the Internet, authorization code generates when authorizing and has limited life cycle, can avoid password to reveal the risk of being brought; Compare with existing file key authorization mechanism, can avoid authorisation device to lose the inconvenience that damages or do not carry again.Therefore the present invention had both possessed safe enough, had convenience, flexible characteristic again.
Description of drawings
Fig. 1 is a composition module diagram of the present invention.
Fig. 2 is the schematic flow sheet of request licensing process of the present invention.
Fig. 3 is the schematic flow sheet of reception licensing process of the present invention.
Label declaration: among Fig. 1, that 10. waits storage system to be visited is authorized to terminal and wherein power request code generator, authorization code proving program of operation; 101. the licencing key of having deciphered; 102. unencrypted request authorization code; 103. short range transmission technology (as bluetooth), or user's input; 11. communication equipment; 111. the authorization code of having encrypted; 112. the authorization requests sign indicating number of having encrypted; 113. mobile radio communication or other telecommunication technology; 12. the authorization requests sign indicating number receives and the authorization code transmitting apparatus; 13. authorization server and authorization code generator; 131. unencrypted authorization code by the authorization server generation; 132. decipher the authorization requests sign indicating number that obtains by authorization server.
Embodiment
Below in conjunction with accompanying drawing the specific embodiment of the present invention is described further.
As shown in Figure 1, access authorization of the present invention system forms by following components is collaborative, and the function of each several part is as follows:
1, etc. storage system to be visited is authorized to terminal (as PC or notebook computer) and operation authorization requests sign indicating number generator and authorization code proving program 10 wherein.
When request is authorized, generate authorization requests sign indicating number 102 according to the hardware characteristics sign indicating number of operation terminal and time system data parameters such as (also can comprise user cipher), and by short range transmission technology 103(or the input equipments such as keyboard by communication equipment) with authorization requests sign indicating number input communication equipment 11; When accept authorizing, checking user input or by short range transmission technology 103(such as Bluetooth transmission technology) authorization code 101 that receives from communication equipment 11.
2, be used for sending authorization requests sign indicating number and receive the communication equipment of registering at authoring system 11 of authorization code.
When request is authorized, communication equipment 11(is generally mobile phone, also can be the normal telephone of in authoring system, registering) by short range transmission technology 103(or the input equipments such as keyboard by communication equipment) receive and be authorized to the unencrypted authorization requests sign indicating number 102 that terminal 10 generates, generate the authorization requests sign indicating number 112(that has encrypted if adopt the normal telephone of in authoring system, registering by the encryption software that operates on this communication equipment again as communication equipment, then authorization requests code encryption process can be finished by being authorized to terminal), by mobile radio communication or other telecommunication technology 113(such as GSM/CDMA cordless communication network) be sent to authorization server end authorization requests sign indicating number receiving equipment 12; When accepting to authorize, this communication equipment receives the licencing key of having encrypted 111 by mobile radio communication or telecommunication technology 113, and by run on the decryption software deciphering (if adopt the normal telephone of registering as communication equipment, then the authorization code decrypting process can be finished by being authorized to terminal) on this communication equipment in authoring system.
3, the authorization requests sign indicating number receives and authorization code transmitting apparatus 12.
Receive the authorization requests sign indicating number of having encrypted 112 and be sent to authorization server 13 by mobile radio communication or telecommunication technology 113; After authorization code generates, the authorization code of having encrypted 111 is sent to the communication equipment 11 that receives authorization code by mobile radio communication or telecommunication technology 113.
4, authorization server and operate in the authorization code generator 13 based on the authorization requests sign indicating number of authorization server end.
When being authorized to the terminal request mandate, authorization requests sign indicating number 112 deciphering that authorization server will have been encrypted, then according to the authorization requests sign indicating number 132 after the deciphering, on the basis of its legitimacy of checking, generate unencrypted authorization code 131 and encrypt according to authorization requests sign indicating number and relevant parameter and pass to authorization code dispensing device 12.
The present invention forms following request licensing process and receives licensing process according to above-mentioned access authorization system:
Fig. 2 has provided the flow chart of request licensing process, and process is as follows:
1) user is being equipped with the operation authorization requests sign indicating number generator (step 201) on the terminal that is authorized to of storage system (or external storage system, as USB flash disk).
2) authorization requests sign indicating number generator is according to the legitimacy of the identification password authentification user identity of user's input.If the checking result shows that this user does not meet the user identity that request is authorized, then licensing process stops (step 202).
3) authorization requests sign indicating number generator generates the authorization requests sign indicating number according to parameters such as the hardware characteristics sequence number of terminal, current time, dates.Each authorization requests sign indicating number that generates have certain life cycle, after the authorization requests sign indicating number generates, also do not receive authorization code in the certain hour, then this authorization requests sign indicating number will be because of overtime automatic calcellation (step 203).
4) the authorization requests sign indicating number inputs to mobile communication equipment (step 204) by short range transmission technology (as bluetooth) or user.
5) operate in software on the mobile communication equipment with the authorization requests code encryption, and be sent to authorization server (step 205) by communication network.
6) authorization server receives the authorization requests sign indicating number (step 206) that mobile communication equipment sends.
7) the authorization server checking sends the legitimacy of the mobile communication equipment of authorization requests sign indicating number.If the authorization requests of receiving comes from the equipment of not registering in authoring system, then licensing process stops (step 207).
8) the decryption device decrypt authorized request code (step 208) of authorization server end.
9) authorization server is according to the parameter detecting authorization requests sign indicating number legitimacies such as user identity of current time, request mandate.Owing to certain life cycle that has of authorization requests sign indicating number, if the authorization requests sign indicating number is overtime, then authorization server will stop licensing process; If authorization requests sign indicating number testing result shows authorization requests sign indicating number illegal (as the request that the do not meet user identity of authorizing, do not meet the feature that is authorized to visit hardware or authorization requests for forging etc.), licensing process also will stop (step 209).
10) the authorization requests sign indicating number is by after verifying, authorization server generates authorization code (step 210) according to the authorization requests sign indicating number.
11) the encryption device encrypted authorization code of authorization server end, and be sent to the mobile communication equipment (step 211 among the figure) that sends respective request.
12) authorization server record this visit request (step 212).This step is optional.
Fig. 3 has provided the flow chart that receives licensing process, and process is as follows:
1) mobile communication equipment receives the authorization code (step 301) of the encryption of authorization server transmission.
2) mobile communication equipment moves the decryption software decrypt authorized sign indicating number (step 302) on it.
3) authorization code inputs to by short range transmission technology (as the Bluetooth wireless transmission technology) or user and is authorized to equipment (step 303).
4) be authorized to terminal and detect authorization code legitimacy (step 304) according to the information that comprises in current time and the authorization code.
5) if authorization code is proved to be successful, the user obtains and the access permission (step 305) that is authorized to the storage system that terminal is connected.
6) authorization code has certain life cycle, and is overtime as if the authorization code that receives, then authorization failure; If authorization requests sign indicating number checking result shows that authorization code is illegal, then authorize also will fail (step 306).
Described Fig. 2, Fig. 3 are at the authorization flow that adopts mobile communication equipment as communication equipment, if adopt the normal telephone of registering in authoring system as communication equipment, then authorization requests code encryption process and authorization code decrypting process are then finished by being authorized to terminal.
Above-described only is preferred implementation of the present invention, the invention is not restricted to above embodiment.Be appreciated that other improvement and variation that those skilled in the art directly derive or associate under the prerequisite that does not break away from spirit of the present invention and design, all should think to be included within protection scope of the present invention.
Claims (10)
1. storage system access authorization methods based on communication network, it is characterized in that: the internet that will be authorized between computer and the authorization server isolates, and between is provided with third party device, described third party device is as sending the authorization requests sign indicating number and receive the intermediate equipment of authorization code, its communication network by being independent of the internet be authorized to the information interaction that computer and authorization server carry out licensing process and receive licensing process.
2. according to the described storage system access authorization methods of claim 1, it is characterized in that comprising the request licensing process and receive licensing process that concrete steps are as follows based on communication network:
The request licensing process is carried out following steps successively:
1) is being authorized to operation authorization requests sign indicating number generator on the ustomer premises access equipment;
2) authorization requests sign indicating number generator is according to the legitimacy of the identification password authentification user identity of user's input; If identification password authentification result shows this user and does not meet the user identity that request is authorized that then licensing process stops;
3) authorization requests sign indicating number generator generates the authorization requests sign indicating number;
4) the authorization requests sign indicating number inputs to communication equipment by short range transmission technology or user;
5) be authorized to the user side communication equipment authorization requests sign indicating number is sent to authorization server by communication network;
6) authorization server end equipment receives the authorization requests sign indicating number that communication equipment sends;
7) device authentication of authorization server end sends the legitimacy of the communication equipment of authorization requests sign indicating number; If the checking testing result shows that this communication equipment is illegal, then licensing process stops;
8) legitimacy of authorization server checking authorization requests sign indicating number; If the checking testing result shows that this authorization requests sign indicating number is illegal, then licensing process stops;
9) the authorization requests sign indicating number is by after verifying, authorization server generates authorization code according to the authorization requests sign indicating number;
10) authorization server end equipment with authorization code be sent to send respective request be authorized to the user side communication equipment;
Receive licensing process and carry out following steps successively:
11) be authorized to the user side communication equipment and receive the authorization code that authorization server sends;
12) authorization code inputs to by short range transmission technology or user and is authorized to user side;
13) be authorized to the legitimacy that user side is verified authorization code;
14) if authorization code is proved to be successful, the user obtains and the access permission that is authorized to the storage system that ustomer premises access equipment is connected;
15) show that as if the checking testing result this authorization code is illegal, then authorization failure.
3. according to the described storage system access authorization methods of claim 2, it is characterized in that also comprising the steps: 10 ' after the described step 10 based on communication network) authorization server record this visit request.
4. according to claim 2 or 3 described storage system access authorization methods based on communication network, it is characterized in that described step 3 and step 9 generate in the process of authorization requests sign indicating number and authorization code, the hardware device features, subscriber identity information and the current time that are authorized to terminal all will be as the input variables of generating algorithm.
5. according to claim 2 or 3 described storage system access authorization methods based on communication network, it is characterized in that authorization requests sign indicating number and authorization code that described step 3 and step 9 generate are one to one, all have for one effective period, only effective in time effective period; Also do not receive authorization code after the authorization requests sign indicating number generates in time effective period, then this authorization requests sign indicating number will be because of overtime automatic calcellation; Be not input in time effective period after authorization code generates and be authorized to terminal, then this authorization code also will be because of overtime automatic calcellation.
6. according to claim 2 or 3 described storage system access authorization methods based on communication network, it is characterized in that in the process of described step 8 and step 13 checking authorization requests sign indicating number and authorization code, adopt the multifactor authentication process, for user's user identity, to the hardware characteristics that is authorized to equipment, sending the authorization requests sign indicating number and receive the hardware characteristics of the communication equipment of authorization code all will be by checking.
7. according to claim 2 or 3 described storage system access authorization methods based on communication network, it is characterized in that in the process of described step 8 and step 13 checking authorization requests sign indicating number and authorization code, need be to authorization requests sign indicating number and authorization code overtime checking the whether.
8. according to claim 2 or 3 described storage system access authorization methods based on communication network, the communication equipment that it is characterized in that described transmission authorization requests sign indicating number and receive authorization code is independent of the described terminal that is authorized to, and the communication network that is used to send and receive authorization requests sign indicating number and authorization code also is independent of and is authorized to terminal.
9. according to claim 2 or 3 described storage system access authorization methods based on communication network, the communication equipment that it is characterized in that described transmission authorization requests sign indicating number and receive authorization code is the equipment of registering in the authorization server system; Authorization server is verified the consistency of device registration information in described communication equipment and the authorization server system in the described step 7, if the authorization requests of receiving comes from the equipment of not registering in the authorization server system, then licensing process stops.
10. according to claim 2 or 3 described storage system access authorization methods based on communication network, it is characterized in that described authorization requests sign indicating number and authorization code transmit in the encrypted ciphertext mode in transport process, the ciphering process of authorization requests sign indicating number and the decrypting process of authorization code are finished by being authorized to ustomer premises access equipment, and the decrypting process of authorization requests sign indicating number and the ciphering process of authorization code are finished by authorization server end equipment.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN2011100047165A CN102065148A (en) | 2011-01-12 | 2011-01-12 | Memory system access authorizing method based on communication network |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN2011100047165A CN102065148A (en) | 2011-01-12 | 2011-01-12 | Memory system access authorizing method based on communication network |
Publications (1)
Publication Number | Publication Date |
---|---|
CN102065148A true CN102065148A (en) | 2011-05-18 |
Family
ID=44000247
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN2011100047165A Pending CN102065148A (en) | 2011-01-12 | 2011-01-12 | Memory system access authorizing method based on communication network |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN102065148A (en) |
Cited By (43)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103268434A (en) * | 2013-06-07 | 2013-08-28 | 四川九洲电器集团有限责任公司 | Embedded type system and remote injection running method thereof |
CN103930896A (en) * | 2011-09-29 | 2014-07-16 | 苹果公司 | Indirect authentication |
CN104852802A (en) * | 2014-02-17 | 2015-08-19 | 腾讯科技(深圳)有限公司 | Identity verification method, equipment, and system |
CN105117657A (en) * | 2015-07-22 | 2015-12-02 | 南京邮电大学 | Smart service based open authorization access design method and system |
CN105391693A (en) * | 2015-10-20 | 2016-03-09 | 浪潮软件集团有限公司 | Intelligent terminal authorization method and device |
CN105915506A (en) * | 2015-02-20 | 2016-08-31 | 西门子公司 | Method And Apparatus For Providing A Safe Operation Of A Subsystem Within A Safety Critical System |
CN106330933A (en) * | 2016-08-30 | 2017-01-11 | 深圳市双赢伟业科技股份有限公司 | Intelligent medicine fetching method and system |
CN106411848A (en) * | 2016-08-30 | 2017-02-15 | 深圳市双赢伟业科技股份有限公司 | Intelligent medicine getting method and system |
CN106559384A (en) * | 2015-09-25 | 2017-04-05 | 阿里巴巴集团控股有限公司 | A kind of utilization public number realizes the method and device for logging in |
CN106685912A (en) * | 2016-08-09 | 2017-05-17 | 厦门天锐科技股份有限公司 | Secure access method of application system |
CN108324284A (en) * | 2017-01-20 | 2018-07-27 | 华广生技股份有限公司 | Physiological parameter monitoring system |
CN108600218A (en) * | 2018-04-23 | 2018-09-28 | 捷德(中国)信息科技有限公司 | A kind of remote authorization system and remote-authorization method |
US10142835B2 (en) | 2011-09-29 | 2018-11-27 | Apple Inc. | Authentication with secondary approver |
CN110169035A (en) * | 2017-01-17 | 2019-08-23 | 维萨国际服务协会 | Bound secret with protocol characteristic |
US10395128B2 (en) | 2017-09-09 | 2019-08-27 | Apple Inc. | Implementation of biometric authentication |
US10521579B2 (en) | 2017-09-09 | 2019-12-31 | Apple Inc. | Implementation of biometric authentication |
US10902424B2 (en) | 2014-05-29 | 2021-01-26 | Apple Inc. | User interface for payments |
CN112487404A (en) * | 2020-12-15 | 2021-03-12 | 中国科学院微小卫星创新研究院 | Computer security audit system and method |
US10956550B2 (en) | 2007-09-24 | 2021-03-23 | Apple Inc. | Embedded authentication systems in an electronic device |
US10992795B2 (en) | 2017-05-16 | 2021-04-27 | Apple Inc. | Methods and interfaces for home media control |
US10996917B2 (en) | 2019-05-31 | 2021-05-04 | Apple Inc. | User interfaces for audio media control |
US11037150B2 (en) | 2016-06-12 | 2021-06-15 | Apple Inc. | User interfaces for transactions |
US11074572B2 (en) | 2016-09-06 | 2021-07-27 | Apple Inc. | User interfaces for stored-value accounts |
US11100349B2 (en) | 2018-09-28 | 2021-08-24 | Apple Inc. | Audio assisted enrollment |
US11126704B2 (en) | 2014-08-15 | 2021-09-21 | Apple Inc. | Authenticated device used to unlock another device |
US11170085B2 (en) | 2018-06-03 | 2021-11-09 | Apple Inc. | Implementation of biometric authentication |
US11206309B2 (en) | 2016-05-19 | 2021-12-21 | Apple Inc. | User interface for remote authorization |
US11283916B2 (en) | 2017-05-16 | 2022-03-22 | Apple Inc. | Methods and interfaces for configuring a device in accordance with an audio tone signal |
US11287942B2 (en) | 2013-09-09 | 2022-03-29 | Apple Inc. | Device, method, and graphical user interface for manipulating user interfaces |
CN114553409A (en) * | 2022-02-24 | 2022-05-27 | 广东电网有限责任公司 | Password authentication method, system, device, storage medium, and program product |
US11392291B2 (en) | 2020-09-25 | 2022-07-19 | Apple Inc. | Methods and interfaces for media control with dynamic feedback |
US11431836B2 (en) | 2017-05-02 | 2022-08-30 | Apple Inc. | Methods and interfaces for initiating media playback |
US11481769B2 (en) | 2016-06-11 | 2022-10-25 | Apple Inc. | User interface for transactions |
US11539831B2 (en) | 2013-03-15 | 2022-12-27 | Apple Inc. | Providing remote interactions with host device using a wireless device |
US11574041B2 (en) | 2016-10-25 | 2023-02-07 | Apple Inc. | User interface for managing access to credentials for use in an operation |
US11619991B2 (en) | 2018-09-28 | 2023-04-04 | Apple Inc. | Device control using gaze information |
US11620103B2 (en) | 2019-05-31 | 2023-04-04 | Apple Inc. | User interfaces for audio media control |
US11676373B2 (en) | 2008-01-03 | 2023-06-13 | Apple Inc. | Personal computing device control using face detection and recognition |
US11683408B2 (en) | 2017-05-16 | 2023-06-20 | Apple Inc. | Methods and interfaces for home media control |
US11784956B2 (en) | 2021-09-20 | 2023-10-10 | Apple Inc. | Requests to add assets to an asset account |
US11816194B2 (en) | 2020-06-21 | 2023-11-14 | Apple Inc. | User interfaces for managing secure operations |
US11847378B2 (en) | 2021-06-06 | 2023-12-19 | Apple Inc. | User interfaces for audio routing |
US11907013B2 (en) | 2014-05-30 | 2024-02-20 | Apple Inc. | Continuity of applications across devices |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20040107342A1 (en) * | 2002-07-22 | 2004-06-03 | Duc Pham | Secure network file access control system |
CN1741104A (en) * | 2005-09-09 | 2006-03-01 | 中国工商银行 | Long-distance authorizing system and method |
CN1964272A (en) * | 2005-11-09 | 2007-05-16 | 陈宏宪 | A method and device to safely exchange computer data |
CN101827101A (en) * | 2010-04-20 | 2010-09-08 | 中国人民解放军理工大学指挥自动化学院 | Information asset protection method based on credible isolated operating environment |
-
2011
- 2011-01-12 CN CN2011100047165A patent/CN102065148A/en active Pending
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20040107342A1 (en) * | 2002-07-22 | 2004-06-03 | Duc Pham | Secure network file access control system |
CN1741104A (en) * | 2005-09-09 | 2006-03-01 | 中国工商银行 | Long-distance authorizing system and method |
CN1964272A (en) * | 2005-11-09 | 2007-05-16 | 陈宏宪 | A method and device to safely exchange computer data |
CN101827101A (en) * | 2010-04-20 | 2010-09-08 | 中国人民解放军理工大学指挥自动化学院 | Information asset protection method based on credible isolated operating environment |
Cited By (76)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US11468155B2 (en) | 2007-09-24 | 2022-10-11 | Apple Inc. | Embedded authentication systems in an electronic device |
US10956550B2 (en) | 2007-09-24 | 2021-03-23 | Apple Inc. | Embedded authentication systems in an electronic device |
US11676373B2 (en) | 2008-01-03 | 2023-06-13 | Apple Inc. | Personal computing device control using face detection and recognition |
CN107818258A (en) * | 2011-09-29 | 2018-03-20 | 苹果公司 | Indirect certification |
CN103930896A (en) * | 2011-09-29 | 2014-07-16 | 苹果公司 | Indirect authentication |
US11200309B2 (en) | 2011-09-29 | 2021-12-14 | Apple Inc. | Authentication with secondary approver |
US11755712B2 (en) | 2011-09-29 | 2023-09-12 | Apple Inc. | Authentication with secondary approver |
US10516997B2 (en) | 2011-09-29 | 2019-12-24 | Apple Inc. | Authentication with secondary approver |
US10419933B2 (en) | 2011-09-29 | 2019-09-17 | Apple Inc. | Authentication with secondary approver |
US10142835B2 (en) | 2011-09-29 | 2018-11-27 | Apple Inc. | Authentication with secondary approver |
US11539831B2 (en) | 2013-03-15 | 2022-12-27 | Apple Inc. | Providing remote interactions with host device using a wireless device |
CN103268434A (en) * | 2013-06-07 | 2013-08-28 | 四川九洲电器集团有限责任公司 | Embedded type system and remote injection running method thereof |
US11768575B2 (en) | 2013-09-09 | 2023-09-26 | Apple Inc. | Device, method, and graphical user interface for manipulating user interfaces based on unlock inputs |
US11494046B2 (en) | 2013-09-09 | 2022-11-08 | Apple Inc. | Device, method, and graphical user interface for manipulating user interfaces based on unlock inputs |
US11287942B2 (en) | 2013-09-09 | 2022-03-29 | Apple Inc. | Device, method, and graphical user interface for manipulating user interfaces |
CN104852802A (en) * | 2014-02-17 | 2015-08-19 | 腾讯科技(深圳)有限公司 | Identity verification method, equipment, and system |
CN104852802B (en) * | 2014-02-17 | 2017-08-25 | 腾讯科技(深圳)有限公司 | Auth method, equipment and system |
US11836725B2 (en) | 2014-05-29 | 2023-12-05 | Apple Inc. | User interface for payments |
US10977651B2 (en) | 2014-05-29 | 2021-04-13 | Apple Inc. | User interface for payments |
US10902424B2 (en) | 2014-05-29 | 2021-01-26 | Apple Inc. | User interface for payments |
US11907013B2 (en) | 2014-05-30 | 2024-02-20 | Apple Inc. | Continuity of applications across devices |
US11126704B2 (en) | 2014-08-15 | 2021-09-21 | Apple Inc. | Authenticated device used to unlock another device |
CN105915506A (en) * | 2015-02-20 | 2016-08-31 | 西门子公司 | Method And Apparatus For Providing A Safe Operation Of A Subsystem Within A Safety Critical System |
CN105117657B (en) * | 2015-07-22 | 2018-04-20 | 南京邮电大学 | A kind of design method and system of the open mandate access based on intelligence s ervice |
CN105117657A (en) * | 2015-07-22 | 2015-12-02 | 南京邮电大学 | Smart service based open authorization access design method and system |
CN106559384A (en) * | 2015-09-25 | 2017-04-05 | 阿里巴巴集团控股有限公司 | A kind of utilization public number realizes the method and device for logging in |
CN105391693A (en) * | 2015-10-20 | 2016-03-09 | 浪潮软件集团有限公司 | Intelligent terminal authorization method and device |
US11206309B2 (en) | 2016-05-19 | 2021-12-21 | Apple Inc. | User interface for remote authorization |
US11481769B2 (en) | 2016-06-11 | 2022-10-25 | Apple Inc. | User interface for transactions |
US11900372B2 (en) | 2016-06-12 | 2024-02-13 | Apple Inc. | User interfaces for transactions |
US11037150B2 (en) | 2016-06-12 | 2021-06-15 | Apple Inc. | User interfaces for transactions |
CN106685912B (en) * | 2016-08-09 | 2020-06-12 | 厦门天锐科技股份有限公司 | Safety access method of application system |
CN106685912A (en) * | 2016-08-09 | 2017-05-17 | 厦门天锐科技股份有限公司 | Secure access method of application system |
CN106330933B (en) * | 2016-08-30 | 2019-09-13 | 深圳市双赢伟业科技股份有限公司 | Intelligence takes medicine method and system |
CN106411848A (en) * | 2016-08-30 | 2017-02-15 | 深圳市双赢伟业科技股份有限公司 | Intelligent medicine getting method and system |
CN106330933A (en) * | 2016-08-30 | 2017-01-11 | 深圳市双赢伟业科技股份有限公司 | Intelligent medicine fetching method and system |
US11074572B2 (en) | 2016-09-06 | 2021-07-27 | Apple Inc. | User interfaces for stored-value accounts |
US11574041B2 (en) | 2016-10-25 | 2023-02-07 | Apple Inc. | User interface for managing access to credentials for use in an operation |
US11394721B2 (en) | 2017-01-17 | 2022-07-19 | Visa International Service Association | Binding cryptogram with protocol characteristics |
CN110169035A (en) * | 2017-01-17 | 2019-08-23 | 维萨国际服务协会 | Bound secret with protocol characteristic |
CN108324284A (en) * | 2017-01-20 | 2018-07-27 | 华广生技股份有限公司 | Physiological parameter monitoring system |
US11431836B2 (en) | 2017-05-02 | 2022-08-30 | Apple Inc. | Methods and interfaces for initiating media playback |
US11201961B2 (en) | 2017-05-16 | 2021-12-14 | Apple Inc. | Methods and interfaces for adjusting the volume of media |
US11683408B2 (en) | 2017-05-16 | 2023-06-20 | Apple Inc. | Methods and interfaces for home media control |
US11750734B2 (en) | 2017-05-16 | 2023-09-05 | Apple Inc. | Methods for initiating output of at least a component of a signal representative of media currently being played back by another device |
US11283916B2 (en) | 2017-05-16 | 2022-03-22 | Apple Inc. | Methods and interfaces for configuring a device in accordance with an audio tone signal |
US10992795B2 (en) | 2017-05-16 | 2021-04-27 | Apple Inc. | Methods and interfaces for home media control |
US11095766B2 (en) | 2017-05-16 | 2021-08-17 | Apple Inc. | Methods and interfaces for adjusting an audible signal based on a spatial position of a voice command source |
US11412081B2 (en) | 2017-05-16 | 2022-08-09 | Apple Inc. | Methods and interfaces for configuring an electronic device to initiate playback of media |
US11765163B2 (en) | 2017-09-09 | 2023-09-19 | Apple Inc. | Implementation of biometric authentication |
US10521579B2 (en) | 2017-09-09 | 2019-12-31 | Apple Inc. | Implementation of biometric authentication |
US11386189B2 (en) | 2017-09-09 | 2022-07-12 | Apple Inc. | Implementation of biometric authentication |
US10395128B2 (en) | 2017-09-09 | 2019-08-27 | Apple Inc. | Implementation of biometric authentication |
US10783227B2 (en) | 2017-09-09 | 2020-09-22 | Apple Inc. | Implementation of biometric authentication |
US10410076B2 (en) | 2017-09-09 | 2019-09-10 | Apple Inc. | Implementation of biometric authentication |
US11393258B2 (en) | 2017-09-09 | 2022-07-19 | Apple Inc. | Implementation of biometric authentication |
US10872256B2 (en) | 2017-09-09 | 2020-12-22 | Apple Inc. | Implementation of biometric authentication |
CN108600218A (en) * | 2018-04-23 | 2018-09-28 | 捷德(中国)信息科技有限公司 | A kind of remote authorization system and remote-authorization method |
US11928200B2 (en) | 2018-06-03 | 2024-03-12 | Apple Inc. | Implementation of biometric authentication |
US11170085B2 (en) | 2018-06-03 | 2021-11-09 | Apple Inc. | Implementation of biometric authentication |
US11100349B2 (en) | 2018-09-28 | 2021-08-24 | Apple Inc. | Audio assisted enrollment |
US11619991B2 (en) | 2018-09-28 | 2023-04-04 | Apple Inc. | Device control using gaze information |
US11809784B2 (en) | 2018-09-28 | 2023-11-07 | Apple Inc. | Audio assisted enrollment |
US11853646B2 (en) | 2019-05-31 | 2023-12-26 | Apple Inc. | User interfaces for audio media control |
US10996917B2 (en) | 2019-05-31 | 2021-05-04 | Apple Inc. | User interfaces for audio media control |
US11755273B2 (en) | 2019-05-31 | 2023-09-12 | Apple Inc. | User interfaces for audio media control |
US11010121B2 (en) | 2019-05-31 | 2021-05-18 | Apple Inc. | User interfaces for audio media control |
US11620103B2 (en) | 2019-05-31 | 2023-04-04 | Apple Inc. | User interfaces for audio media control |
US11816194B2 (en) | 2020-06-21 | 2023-11-14 | Apple Inc. | User interfaces for managing secure operations |
US11782598B2 (en) | 2020-09-25 | 2023-10-10 | Apple Inc. | Methods and interfaces for media control with dynamic feedback |
US11392291B2 (en) | 2020-09-25 | 2022-07-19 | Apple Inc. | Methods and interfaces for media control with dynamic feedback |
CN112487404A (en) * | 2020-12-15 | 2021-03-12 | 中国科学院微小卫星创新研究院 | Computer security audit system and method |
US11847378B2 (en) | 2021-06-06 | 2023-12-19 | Apple Inc. | User interfaces for audio routing |
US11784956B2 (en) | 2021-09-20 | 2023-10-10 | Apple Inc. | Requests to add assets to an asset account |
CN114553409A (en) * | 2022-02-24 | 2022-05-27 | 广东电网有限责任公司 | Password authentication method, system, device, storage medium, and program product |
CN114553409B (en) * | 2022-02-24 | 2023-08-08 | 广东电网有限责任公司 | Password authentication method, system, device, storage medium, and program product |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN102065148A (en) | Memory system access authorizing method based on communication network | |
CN1913427B (en) | System and method for encrypted smart card PIN entry | |
CN1708942B (en) | Secure implementation and utilization of device-specific security data | |
US8909932B2 (en) | Method and apparatus for security over multiple interfaces | |
US20060280297A1 (en) | Cipher communication system using device authentication keys | |
CN109035519B (en) | Biological feature recognition device and method | |
CN102647279B (en) | Encryption method, encrypted card, terminal equipment and interlocking of phone and card device | |
US9215070B2 (en) | Method for the cryptographic protection of an application | |
US20170230365A1 (en) | Method and system for securing electronic data exchange between an industrial programmable device and a portable programmable device | |
CN101621794A (en) | Method for realizing safe authentication of wireless application service system | |
CN101140605A (en) | Data safety reading method and safety storage apparatus thereof | |
Cheng et al. | A secure and practical key management mechanism for NFC read-write mode | |
CN112507296B (en) | User login verification method and system based on blockchain | |
CN106027473A (en) | Identity card reading terminal and cloud authentication platform data transmission method and system | |
CN104333452A (en) | Multi-account encryption method for file data | |
CN100410829C (en) | Granting an access to a computer-based object | |
CN103944721A (en) | Method and device for protecting terminal data security on basis of web | |
CN101197822B (en) | System for preventing information leakage and method based on the same | |
CN102056156B (en) | Computer Data Security is downloaded to the method and system of mobile terminal | |
CN103164661A (en) | Device and method used for managing data in terminal | |
CN1913547B (en) | Card distributing user terminer, paying center, and method and system for protecting repaid card data | |
CN104901967A (en) | Registration method for trusted device | |
CN100561913C (en) | A kind of method of access code equipment | |
CN101777097A (en) | Monitorable mobile storage device | |
CN101159542B (en) | Method and system for saving and/or obtaining authentication parameter on terminal network appliance |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20110518 |
|
WD01 | Invention patent application deemed withdrawn after publication |