CN102111271A - Network security authentication method and device as well as authentication method of hand-held electronic device - Google Patents

Network security authentication method and device as well as authentication method of hand-held electronic device Download PDF

Info

Publication number
CN102111271A
CN102111271A CN2010101111287A CN201010111128A CN102111271A CN 102111271 A CN102111271 A CN 102111271A CN 2010101111287 A CN2010101111287 A CN 2010101111287A CN 201010111128 A CN201010111128 A CN 201010111128A CN 102111271 A CN102111271 A CN 102111271A
Authority
CN
China
Prior art keywords
terminal
hardware
webserver
network security
certificate server
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN2010101111287A
Other languages
Chinese (zh)
Other versions
CN102111271B (en
Inventor
林茂聪
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huayi financial information technology (Shanghai) Co., Ltd.
Original Assignee
林茂聪
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 林茂聪 filed Critical 林茂聪
Priority to CN201010111128.7A priority Critical patent/CN102111271B/en
Publication of CN102111271A publication Critical patent/CN102111271A/en
Application granted granted Critical
Publication of CN102111271B publication Critical patent/CN102111271B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Landscapes

  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

The invention discloses a network security authentication method and device as well as an authentication method of a hand-held electronic device. The network security authentication method comprises the following steps: a used terminal loads terminal program from a program carrier to scan identification codes of most hardware components of the used terminal and record the identification codes into a hardware scan list, and sends the list to an authentication server to be stored so as to serve as basis for authenticating user identity. A terminal program also can use a key composed of hardware identification codes to perform digital signature on online transaction data; and the authentication server provides a second authentication channel to ensure the security of network identity authentication and online transaction. The network security authentication device comprises a database module and an authentication module, wherein the database module stores the hardware scan list which is used as user identity authentication and generated by that the used terminal performs the terminal program, and the hardware scan list comprises the identification codes of most hardware components of the used terminal. According to the invention, software is utilized to solve the problems of hardware devices for authenticating the user identity and related cost; with respect to different websites, a user does not need to use different hardware devices to authenticate the identity; and the authentication server serving as the second authentication channel different from network operators can effectively prevent hacking.

Description

Network security certification method and device thereof, and portable electric device authentication method
Technical field
The present invention relates to a kind of method for network authorization and device thereof, and the portable electric device authentication method, particularly relate to a kind of network security certification method and device thereof with the authentication of software solution user status, and the portable electric device authentication method.
Background technology
Tradition checking user status, for example when entity bank makes transfers business, need two road authenticating steps, the one, the identity document of taking out me is to identify, the 2nd, singly filled in relevant item and enclosed my signature/seal transferring accounts, allow the undertaker that is correlated with confirm the business of just making transfers after errorless.
Similarly, when the user handles wire transfer when professional in virtual network bank, two road authentication procedures are also arranged, the first, need unique identification code (ID) of input and password to login the website of the Internet bank, at this, the source of identification code can be to read the chip fiscard of being authorized by bank by the computer card reading machine, or imports the code name that is authenticated by bank voluntarily by the user; The second, the Electronic Transfer on the website singly fill in finish after, input account transfer password is to finish account transfer again.
Yet,, therefore dynamic password (OneTime Password has been arranged owing to identification code, account transfer password all may be stolen; Abbreviation OTP) solution mainly is to utilize for example token (Token) or chip card hardware generation disposal password, and the webserver that is sent to bank by network is with checking user status; In addition, for anti-blocking identification code and password, verify data such as account transfer password etc. is robbed and is got, and other solution also comprises: use the carry-on dish etc. that comprises the token or the card reader of independent screen and button or have authentication public key (PKI-certificate).
But along with the variation of network trading, the network member increases, the increase day by day of the network crime, and being showing improvement or progress day by day of crime technology, and existing network verification has following defective:
One, for the network dealer, all need pay the cost of buying the status demo plant to each user, the customer service support of individualized, logistics and dependent failure problem is also considerable.
Two, for the user, need have the different hardware status demo plant required to different web sites, quite not convenient.
Three, because of the network crime is showing improvement or progress day by day, the hacker except that identification code and password/account transfer password are stolen in interception, the transaction data of also can distorting, the dealer is forced to such an extent that often change hardware unit, its expense is considerable.
This shows, in the method for above-mentioned existing network verification, structure and the use, obviously still have inconvenience and defective, and demand urgently further being improved.In order to solve the problem of above-mentioned existence, relevant manufacturer there's no one who doesn't or isn't seeks solution painstakingly, but do not see always that for a long time suitable design finished by development, and the general networking verification method can not address the above problem, this obviously is the problem that the anxious desire of relevant dealer solves.Therefore how to found a kind of new network security certification method and device thereof, and the portable electric device authentication method, real one of the current important research and development problem that belongs to, also becoming the current industry utmost point needs improved target.
Summary of the invention
The objective of the invention is to, overcome the problem that existing hardware status demo plant causes required cost, and provide a kind of new network security certification method, technical problem to be solved provides a kind of network security certification method, and the technological means that is adopted is to finish the authentication of user's status with software.
Another object of the present invention is to, overcome the problem of user to the required different hardware status demo plant of different web sites, a kind of network security certification device of new structure is provided, and technical problem to be solved is that the hardware scanning inventory of identification code recording of record most nextport hardware component NextPorts of using terminal is with as the status authentication of user for different web sites.
A further object of the present invention is, overcome the problem that identification code and the password/account transfer password and the transaction data of distorting are stolen in hacker's interception, a kind of digital signature processing method is provided, technical problem to be solved is with the golden key that the hardware scanning inventory that uses terminal is made electronic data to be done digital signature, and certificate server transmission/reception data are via the second communication conduit transmission, avoid the hacker to tackle stealing distorting.
Another purpose of the present invention is, in order to overcome the problem of user's operational hardware status demo plant inconvenience, and provide a kind of digital signature processing unit, the technological means that is adopted is to produce the hardware scanning inventory that uses terminal automatically with as the authentication of user's status with terminal program, and the golden key that the hardware scanning inventory can be made is made digital signature.
Of the present invention again again a purpose be, in order to overcome the problem that user's need use different computer hardwares authentication status to different web sites or electronic data made digital stamped signature, the invention provides and allow general user's individual portable electronic product (as: mobile phone or personal digital assistant) load onto authenticating method and the equipment that can be used as network authentication after the program, replace general token, chip card or dish etc. with oneself by this.
The object of the invention to solve the technical problems realizes by the following technical solutions.A kind of network security certification method according to the present invention's proposition, cooperate at least one use terminal, a webserver and a certificate server, use terminal online by one first communication conduit and the webserver, and use terminal online by one second communication conduit and certificate server, wherein said method comprises following step: (a) use terminal to carry out a terminal program and note down into a hardware scanning inventory with the identification code of the individual nextport hardware component NextPorts of majority that will use terminal; (b) use terminal to transmit the foundation that the hardware scanning inventory gives the certificate server retention and authenticates as user's status; And (c) webserver uses the electronic data that terminal transmits and when needing to confirm user's status in obtaining, make certificate server obtain using hardware scanning inventory that terminal rescans be kept at use terminal in the certificate server the comparison of hardware scanning inventory to confirm user's identity.
The object of the invention to solve the technical problems also can be applied to the following technical measures to achieve further.
Aforesaid network security certification method, wherein said use terminal does not store the hardware scanning inventory and directly sends the hardware scanning inventory to certificate server.
Aforesaid network security certification method, the hardware scanning inventory that wherein said terminal program transmits for communication network utilize different time of the meeting keys to carry out encryption at every turn.
The object of the invention to solve the technical problems also realizes by the following technical solutions.A kind of network security certification device according to the present invention's proposition, cooperate at least one use terminal and to have the program carrier of carrying out the terminal program that scans the most individual nextport hardware component NextPorts that use terminal for the use terminal, wherein said network security certification device comprises: a database module, store a hardware scanning inventory as the authentication of user's status that uses terminal execution terminal program and produce, and the hardware scanning inventory have most nextport hardware component NextPort identification codes of using terminal; And an authentication module, whether comparison one input data meet most nextport hardware component NextPort identification codes of using terminal, just confirm user's identity if meet.
The object of the invention to solve the technical problems also can be applied to the following technical measures to achieve further.
Aforesaid network security certification device, wherein said terminal program utilizes different time of the meeting keys to carry out encryption for the hardware scanning inventory that transmits at every turn.
Aforesaid network security certification device, wherein said authentication module judge also whether the terminal program version that uses terminal upgrades with decision.
Aforesaid network security certification device, wherein said hardware scanning inventory comprise the identification code of a CPU, a basic input-output system unit, a storage device, a network interface, a motherboard and/or the identification code of an external device.
Aforesaid network security certification device wherein also comprises: a control module produces an authentication code; And a transport module, described authentication code transmission is given the use terminal and deposited external device in the foundation as the identification external device.
The object of the invention to solve the technical problems also realizes in addition by the following technical solutions.A kind of network security certification method according to the present invention's proposition, cooperate at least one use terminal, a webserver and a certificate server, use terminal online by one first communication conduit and the webserver, and use terminal online by one second communication conduit and certificate server, wherein said method comprises the steps: that (a) certificate server sends a golden key of being made by a hardware scanning inventory of the identification code recording of most nextport hardware component NextPorts of use terminal and gives the webserver and send golden key and give the webserver; (b) use terminal utilization gold key that electronic data processing is become a digital signature; (c) webserver utilization gold key becomes another digital signature with electronic data processing; And (d) whether the digital signature of certificate server or webserver determining step (b) conforms to the digital signature of step (c), just confirms that as if conforming to electronic data is not altered.
The object of the invention to solve the technical problems also can be applied to the following technical measures to achieve further.
Aforesaid network security certification method, wherein said terminal program utilizes different time of the meeting keys to carry out encryption for the hardware scanning inventory that transmits at every turn.
Aforesaid network security certification method, the electronic data of wherein said use terminal are transaction data, and through after certificate server/webserver affirmation status, the webserver is just concluded the business according to transaction data.
The object of the invention to solve the technical problems realizes in addition more by the following technical solutions.A kind of network security certification device according to the present invention's proposition, record is discerned the computer-readable terminal program of the method for status in order to carry out a digital signature, and wherein computer-readable terminal program is carried out and comprised the steps: (a) hardware scanning inventory by the identification code recording of the most nextport hardware component NextPorts that use terminal; And (b) obtain the golden key that an electronic data makes with the hardware scanning inventory and be processed into a digital signature.
The object of the invention to solve the technical problems also can be applied to the following technical measures to achieve further.
Aforesaid network security certification device, wherein said terminal program utilizes different time of the meeting keys to carry out encryption for the hardware scanning inventory that transmits at every turn.
The object of the invention to solve the technical problems realizes in addition more by the following technical solutions.A kind of network security certification method according to the present invention's proposition, cooperate at least one use terminal, a webserver and a certificate server to use, wherein said method comprises following step: (a) webserver receives the download webpage that is stored and import a terminal program after the log-on data of using terminal to transmit; (b) use terminal to download the page download terminal program certainly, and after producing a hardware scanning inventory, send certificate server in the identification code that back scanning hardware assembly is installed; And (c) certificate server will receive that data are write down and the informing network server, make the webserver confirm that the user is registered and finish.
The object of the invention to solve the technical problems realizes in addition more by the following technical solutions.A kind of network security certification method according to the present invention's proposition, cooperate at least one use terminal, a webserver and a certificate server to use, the database module of certificate server establishes different users's hardware scanning inventory, and wherein said method comprises following step: (a) webserver receives that logining of using that terminal transmits stored after the data and the notification authentication server carries out status and verifies; (b) the certificate server notice uses terminal to enable a terminal program; (c) use the terminal program of terminal to be driven the scanning of carrying out the scanning hardware assembly to produce a hardware scanning inventory after, send the hardware scanning inventory to certificate server; And (d) certificate server just confirms that as if meeting status and informing network server are to finish the program of logining with the hardware scanning inventory comparison with database module of the hardware scanning inventory received.
The object of the invention to solve the technical problems realizes in addition more by the following technical solutions.A kind of portable electric device authentication method according to the present invention's proposition, wherein said method comprises the steps: that (a) portable electric device carries out a terminal program and become a predetermined hardware scanning list with the identification code that scans most nextport hardware component NextPorts, and makes a predetermined key and be recorded in portable electric device with the predetermined hardware scanning list; And (b) portable electric device will be scheduled to after the secret key encryption transmission and give a webserver and be recorded in the webserver to verify the usefulness of user's status future after for its deciphering.
The object of the invention to solve the technical problems also can be applied to the following technical measures to achieve further.
Aforesaid portable electric device authentication method, wherein step (b) comprises that also the predetermined key of substep (b-1) portable electric device utilization produces disposal password and gives the usefulness of the webserver for its following checking user status with transmission, or substep (b-2) portable electric device is made a digital signature with predetermined key to an electronic data and given the webserver with transmission and identify for it whether electronic data is altered.
The object of the invention to solve the technical problems also can further realize by the following technical solutions.
A kind of portable electric device authentication method, wherein said method comprises the steps: that (a) portable electric device carries out a terminal program and become a predetermined hardware scanning list with the identification code that scans most nextport hardware component NextPorts, and makes a predetermined key and be recorded in portable electric device with the predetermined hardware scanning list; (b) portable electric device is when starting terminal program once more, and the identification code that scans most nextport hardware component NextPorts of portable electric device again becomes a new hardware scanning inventory, and makes a new key with new hardware scanning inventory; And (c) with the predetermined key of new key comparison to judge that predetermined key is altered or terminal program and predetermined key are moved to another device.
The present invention compared with prior art has tangible advantage and beneficial effect.
The first, network security certification method of the present invention solves the technical scheme that its technical problem adopts and is: cooperate at least one use terminal, a webserver and a certificate server, use terminal online, and use terminal online by one second communication conduit and certificate server by one first communication conduit and the webserver; Network security certification method of the present invention comprises following step: (a) use terminal to carry out a terminal program and note down into a hardware scanning inventory with the identification code of most individual nextport hardware component NextPorts that will use terminal; (b) use terminal to transmit the foundation that the hardware scanning inventory gives the certificate server retention and authenticates as user's status; And (c) webserver uses the electronic data that terminal transmits and when needing to confirm user's status in obtaining, make certificate server from the hardware scanning inventory that uses terminal to rescan be kept at use terminal in the certificate server the comparison of hardware scanning inventory to confirm user's identity; By this, reach the purpose of finishing the authentication of user's status with software.
The second, network security certification device of the present invention cooperates at least one use terminal and to have the program carrier of carrying out the program that scans the most individual nextport hardware component NextPorts that use terminal for the use terminal, and the network security certification device comprises a database module and an authentication module; Database module stores a hardware scanning inventory as the authentication of user's status that uses TX and produce, and the hardware scanning inventory has most nextport hardware component NextPort identification codes of using terminal; Whether authentication module comparison one input data meet most nextport hardware component NextPort identification codes of using terminal, just confirm user's identity if meet.
Three, digital signature processing method of the present invention cooperates at least one use terminal, a webserver and a certificate server, use terminal online, and use terminal online by one second communication conduit and certificate server by one first communication conduit and the webserver.Digital signature processing method of the present invention comprises the steps: that (a) certificate server sends a golden key of being made by a hardware scanning inventory of the identification code recording of the most nextport hardware component NextPorts that use terminal and gives using terminal and sending golden key and give the webserver; (b) use terminal utilization gold key that electronic data processing is become a digital signature; (c) webserver utilization gold key becomes another digital signature with electronic data processing; And (d) whether the digital signature of certificate server or webserver determining step (b) conforms to the digital signature of step (c), just confirms that as if conforming to electronic data is not altered.
Four, network security certification device recording of the present invention is discerned the computer-readable terminal program of the method for status in order to carry out a digital signature, and wherein computer-readable terminal program is carried out and comprised the steps: (a) hardware scanning inventory by the identification code recording of the most nextport hardware component NextPorts that use terminal; And (b) obtain the golden key that an electronic data makes with the hardware scanning inventory and be processed into a digital signature.
Five, one of portable electric device authentication method of the present invention comprises the steps: that (a) portable electric device carries out a terminal program and become a predetermined hardware scanning list with the identification code that scans most nextport hardware component NextPorts, and makes a predetermined key and be recorded in portable electric device with the predetermined hardware scanning list; And (b) portable electric device will be scheduled to after the secret key encryption transmission and give a webserver for its deciphering back and give the usefulness of record as following checking user status.
Two of portable electric device authentication method of the present invention comprises the steps: that (a) portable electric device carries out a terminal program and become a predetermined hardware scanning list with the identification code that scans most nextport hardware component NextPorts, and makes a predetermined key and be recorded in portable electric device with the predetermined hardware scanning list; (b) portable electric device is when starting terminal program once more, and the identification code that scans most nextport hardware component NextPorts of portable electric device again becomes a new hardware scanning inventory, and makes a new key with new hardware scanning inventory; And (c) with the predetermined key of new key comparison to judge that predetermined key is altered or terminal program and predetermined key are moved to another device.
Network security certification method of the present invention and device thereof, and the beneficial effect of portable electric device authentication method is: solve the authentication of user's status with software, therefore the network dealer can save hair fastener hardware and relevant cost, and the user need not the different status demo plants required to different web sites; Moreover, utilize the certificate server that is independent of network dealer (being exactly the webserver) that the hardware scanning inventory that uses terminal is checked, exempt the network dealer is obtained the status data by intrusion risk; Simultaneously also provide a kind of mode of movement that dual pipeline is arranged, effectively prevent to palm off status and distort.
Above-mentioned explanation only is the general introduction of technical solution of the present invention, for can clearer understanding technological means of the present invention, and can be implemented according to the content of specification, and for above-mentioned and other purposes, feature and advantage of the present invention can be become apparent, below especially exemplified by preferred embodiment, and conjunction with figs., be described in detail as follows.
Description of drawings
Fig. 1 is a system block diagrams, and the preferred embodiment of network security certification device of the present invention is described;
Fig. 2 is a flow chart, and the register flow path of network security certification method of the present invention is described;
Fig. 3 is a flow chart, and the flow process of logining of network security certification method of the present invention is described;
Fig. 4 is a schematic diagram, and the principle of work and power and the process step of the digital signature processing method of network security certification of the present invention is described;
Fig. 5 is a system block diagrams, and second preferred embodiment of network security certification device of the present invention is described, its hardware scanning inventory as authentication usefulness comes from portable electric device;
Fig. 6 is a flow chart, and the register flow path of network security certification method of the present invention is described;
Fig. 7 is a system block diagrams, and second preferred embodiment of network security certification device of the present invention is described, portable electric device is connected with terminal to carry out logining/transaction program of network security certification method of the present invention;
Fig. 8 is a flow chart, and the program of logining of network security certification method of the present invention is described;
Fig. 9 is a flow chart, and the transaction program of network security certification method of the present invention is described.
Embodiment
Reach technological means and the effect that predetermined goal of the invention is taked for further setting forth the present invention, below in conjunction with accompanying drawing and preferred embodiment, network security certification method and device thereof to foundation the present invention proposition, and its embodiment of portable electric device authentication method, method, step, structure, feature and effect thereof, describe in detail as after.
Consult Fig. 1, in the preferred embodiment of the present invention, the network security certification device is a certificate server 1, and is to cooperate at least one use terminal 2 and at least one webserver (Internet ContentsProvider; Be called for short ICP) 3 enforcements network security certification method of the present invention, for convenience of description, the webserver 3 is that the webserver 3b with the webserver 3a of a game on line and an Internet bank is the example explanation, and using terminal 2 online through communication networks 6 (as: internet) and the webserver 3 is one first communication conduit, and use terminal 2, the certificate server 1 and the webserver 3 (just are to use terminal 2 through communication network 6 and online, certificate server 1 is again via special use online 301,302 get back to the webserver 3 again) be called one second communication conduit, just second communication conduit comprises communication network 6 and/or special-purpose online 301,302, separate to improve safe class with first communication conduit by this, because of first communication conduit is only used in general networking authentication (comprising status authentication and digital signature), the hacker also knows how to go to attack, the present invention adds second communication conduit, and then the hacker is difficult to attack simultaneously second communication conduit.
Be noted that status authentication notion of the present invention is when being not limited to game on line/Internet bank that this paper carries, other similar network service that needs status login/authentication as entry network site, also can be used.
Webserver 3a provides different users 51,52,53 and utilizes different terminal 2a, 2b, the 2c of using to login to use the network service of " game on line " through communication network 6; Webserver 3b then provides user 51,52,53 and utilizes use terminal 2a, 2b, 2c to see through communication network 6 and login so that the network service of its " Internet bank " that is provided to be provided respectively.
Using terminal 2a, 2b, 2c can be that (but being not limited to) for example mobile computer, intelligent mobile phone or personal digital assistant etc. can be kept supplying the electronic equipment of net; And before using for the first time the aforementioned network service, use terminal 2a, 2b, 2c need carry out the status login.
Now network security certification method of the present invention is described below.
Use terminal 2a to comprise a motherboard 20, a CPU 21, a storage device 22, a network interface 23, a basic input-output system unit (to call the BIOS unit in the following text) 24, one reading device 25, an external device 251, an input unit 261 and a display unit 262; In this preferred embodiment, motherboard 20 has unique identifier A, and CPU 21 has unique identifier B, as 000006FD/00020800/0000E39D/BFEBFBFF; BIOS unit 24 has unique identifier C, and external device 251 is USB storage devices, has unique identifier D, as: 4042958638F0FAA72E; For example the identification code of network interface 23 is that 00-1F-D0-2E-5E-E0-00-00 also can adopt, and is not restriction with aforementioned nextport hardware component NextPort.
Because each nextport hardware component NextPort (motherboard 20, CPU 21, BIOS unit 24 and external device 251) identification code of aforementioned use terminal 2a is all unique, its compound mode and the nextport hardware component NextPort identification code combination of using terminal 2b, with the nextport hardware component NextPort identification code combination of using terminal 2c, all inequality, the expression hacker can not use other hardware equipped to authenticate, and therefore can be used as the status authentication.
When utilizing, user 51 use terminal 2a after the registration web page of webserver 3b is finished the input personal data, the registration web page of webserver 3b will be guided and be used terminal 2a to be online to the download path of the terminal program 411 of program carrier 4, obtain terminal program 221 by this and it is stored in storage device 22; Be noted that, program carrier 4 is one to be located at outside website as Fig. 1, but also can be integrated in the some that webserver 3b becomes the website, also can be integrated in certificate server 1 one of its service item that provides is provided, or the CD of record data or other program carrier are utilized by user 51 and use the direct download terminal program 411 of terminal 2a, are not limited to the network download mode.
In this preferred embodiment, terminal program 411 has following function:
A. scanning uses a plurality of nextport hardware component NextPorts of terminal 2 to become identification code recording to become the hardware scanning inventory;
B. the hardware scanning inventory is delivered to certificate server 1 and stored or do the status authentication;
C. the key pair electronic data that utilizes the hardware scanning inventory to produce is made digital signature and is transferred to certificate server 1;
D. all data are all passed through and be transferred to the certificate server 1 or the webserver 3 by communication network 6 again after time of the meeting key (Session Key) is encrypted;
E. store nextport hardware component NextPort inventory and time of the meeting key.
When using terminal 2a to carry out terminal program 221, terminal program 221 can require user's 51 input name or code names, and behind the predetermined hardware assembly of automatic scan use terminal 2a, the identification code of predetermined hardware assembly is noted down into a hardware scanning inventory 10a, and use terminal 2a not store but directly send hardware scanning inventory 10a to certificate server 1 and store.
Be noted that, terminal program 221 is available for users to 51 and decides the object of whether selecting for use external device 251 such as memory card or the carry-on dish of USB for example to list the scanning identification code in its sole discretion, among other embodiment, the online external device of entity 251 is arranged, or the external device 251 of wireless online, as: electric label (RFID) or close range wireless communication (Near Field Communication; Be called for short NFC) device, also belong to the category that the present invention uses.
Thereby the hardware scanning inventory 10a that certificate server 1 is obtained has recorded user 51 name or code name, the identification code A of motherboard 20, the identification code B of CPU 21 and the identification code C of BIOS unit 24; If selected external device 251 for use, then hardware scanning inventory 10a also comprises the identification code D of external device 251.
Certificate server 1 has a database module 10, a control module 11, an authentication module 12 and a transport module 13, and database module 10 wherein is to note down the hardware scanning result who respectively uses terminal 2 registrations to be logined; In this preferred embodiment, the Data Source of hardware scanning is to be received from communication network 6 by transport module 13, control module 11 is stored in database module 10 with hardware scanning inventory 10a-10c again, and hardware scanning inventory 10a-10c record uses most nextport hardware component NextPort identification codes of terminal 2a-2c.
When using the external device 251 no specific identification code of terminal 2a, control module 11 can produce an authentication code, and by transport module 13 the authentication code transmission is given use terminal 2a and deposited external device 251 in the foundation as identification external device 251.
Certificate server 1 can have following function:
A. the terminal program that provides the user to download;
B. store the time of the meeting key (Session Keys) that hardware scanning inventory and user download version (version) and preset;
C. each different time of the meeting keys, protection transmission data of producing;
D. utilize hardware scanning inventory authentication user;
E. the golden key that utilizes the hardware scanning inventory to make offers and uses terminal to do digital signature and the webserver is done digital signature to electronic data;
Whether two groups of different digital stamped signatures that f. relatively use the terminal and the webserver that electronic data is done are altered with definite electronic data.
Authentication module 12 judges also whether the terminal program version that uses terminal 5 upgrades with decision; In addition, authentication module 12 is the notices according to the webserver 3, judge user's status according to the hardware scanning inventory that transport module 13 transmits, with user 51 is example, for example: after receiving the hardware scanning listings data that user 51 use terminal 2a rescans at every turn, whether comparison meets the predetermined hardware scanning list 10a that uses terminal 2a to store in advance, just confirms as user 51 if meet; Then, transport module 13 reinforms the webserver 3 with the authentication of user 51 status (name/code name) after errorless.
In like manner, certificate server 1 from communication network 6 receive and store use terminal 2b, 2c the hardware scanning inventory with foundation, for example as the authentication of different users's 52,53 status: user 52 can download and carry out terminal program 411 and use the hardware scanning result of terminal 2b to login in database module 10 to certificate server 1 registration it to become hardware scanning inventory 10b; User 53 can download and carry out terminal program 411 and use the hardware scanning result of terminal 2c to login in database module 10 to certificate server 1 registration it to become hardware scanning inventory 10c, by that analogy.
Preferably, be blocked or steal, use the hardware scanning inventory that transmits for communication network 6 between terminal 2 and the certificate server 1 all must utilize its inside to preset time of the meeting key (Session Key) and carry out encryption for fear of data.
Consult Fig. 2, the register flow path of network security certification method of the present invention is: the webpage input user's code name/code data (step S201) that uses terminal 2 to provide at the webserver 3, the webserver 3 receives user's code name/code data, check checking code name/password (step S300) with script code name/code data, if the incorrect error messages (step S205) of then replying; After if affirmation is out of question, and the download webpage (step S301) of importing terminal program; Certificate server 1 provides the download path of terminal program to give and uses terminal 2 (step S101); After using terminal 2 to install, the identification code of input user's code name and scanning hardware assembly is to produce hardware scanning inventory (step S202), then to send certificate server 1 to behind the time of the meeting secret key encryption hardware scanning inventory (step S203).
Then, certificate server 1 will be received data decryption and be write down (step S102) in database module 10, and informing network server 3, the webserver 3 confirms that the user is registered and finishes (step S302), sends registration and finishes notice (step S303) and give use terminal 2; Use terminal 2 to receive registration and finish notice (step S204).
Consult Fig. 3, the flow process of logining of network security certification method of the present invention is: the webpage input user's code name/code data (step S211) that uses terminal 2 to provide at the webserver 3, after the webserver 3 receives user's code name/code data, check checking code name/password (step S310) with script code name/code data, if the incorrect error messages (step S215) of then replying; After if affirmation is out of question, notification authentication server 1 carries out status checking (step S311); Certificate server 1 notice uses terminal 2 to enable terminal program scanning (step S103), use the terminal program of terminal 2 to be driven the scanning of execution scanning hardware assembly to set up 0 hardware scanning inventory (step S212), then to send certificate server 1 to behind the time of the meeting secret key encryption hardware scanning inventory (step S213).
Then, is certificate server 1 deciphering also judged user's identity (step S104)? judgment mode is: the hardware scanning inventory comparison that will receive data and database module 10, with comparison result (being/deny) informing network server 3, if meet with regard to informing network server 3, the webserver 3 is confirmed user's status correct (step S312), then import site for service (step S313), use terminal 2 to enter site for service (step S214); If do not meet, then reply error messages (step S215).
The principle and the process step of the digital signature processing method of network security certification of the present invention are described below.
Cooperate Fig. 1, network security certification device of the present invention is a program carrier 4, it records a computer-readable terminal program 411, computer-readable terminal program 411 is in order to carry out digital signature identification status method, mainly be to use the identification code recording of most nextport hardware component NextPorts of terminal 1 to become a hardware scanning inventory to be stored to the database module 10 of certificate server 1, and obtain the gold medal key 511 that an electronic data 41 (as Fig. 4) makes with the hardware scanning inventory and be processed into a digital signature 44, and, the hardware scanning inventory that terminal program 411 transmits for communication network 6 utilizes different time of the meeting keys 521 to carry out encryption at every turn, is described in detail as follows.
Consult Fig. 4, after the program of logining of Fig. 3 is finished, use terminal 2 to produce an electronic data 41, utilize communication network 6 to be transferred to the webserver 3, then, use the terminal program 411 of terminal 2 with hash (HASH) function 42 electronic data 41 to be taken out message summary 43, utilize the golden key 511 that is transmitted by certificate server 1 to be made into a digital signature 44 then, ciphering unit 45 is encrypted to an enciphered data with a time of the meeting key 521 again and passes to certificate server 1.
The golden key generation unit 50 of certificate server 1 is made golden key 511 with the hardware scanning inventory and is divided to give and use the terminal 2 and the webserver 3, and passes to the webserver 3 after utilizing decrypting device 45 ' to be decrypted into digital signature 44 with time of the meeting key 521.
After the webserver 3 is received the golden key 511 and digital signature 44 that certificate server 1 transmits, the electronic data 41 ' that uses terminal 2 will be received, with hash function 42 ' electronic data 41 ' is taken out message summary 43 ', utilize golden key 511 that message summary 43 ' is made into a digital signature 44 ' then, whether the two conforms to so just can to utilize digital signature that digital signature 44 ' that comparing module 46 judges that use terminals 2 transmit and certificate server 1 transmit 44; If correct, then carry out data fit handling procedure 47, for example: carry out trading processing according to the electronic data 41 ' that transmits; If incorrect, the electronic data 41 ' that for example transmits is altered and is caused the message summary 43 of message summary 43 ' and script not conform to, and then carries out data alteration handling procedure 48, for example: reply the refusal trading message.
Just, suppose that the electronic data 41 ' that uses terminal 2 to pass to the webserver 3 is a transaction data, and after not altered through certificate server 1/ webserver 3 judgment data, the webserver 3 just can be concluded the business according to transaction data, if data are altered, then refuse this transaction.
II. second embodiment:
Consult Fig. 5, the authentication method of this preferred embodiment is to be incorporated in the management server 8 as the certificate server 1 of Fig. 1, the function of the webserver 3, and difference is that its hardware scanning inventory as authentication usefulness comes from handheld electronic device 6.
The portable electric device 6 of present embodiment is a mobile phone, comprises a microprocessor 60, a screen 61, a communication module 62, a coffret 66, an internal memory 63, an input module 64 and a read module 65; Internal memory 63 records the predetermined key 633 that terminal program 631, hardware scanning inventory 632 and hardware scanning inventory 632 are made.
Terminal program 631 obtain and the principle of work and power is similar to first embodiment, difference is to start terminal program 631 at every turn needs the input correct PIN code just can carry out terminal program 631, is exactly PIN code defencive function (PIN protected); Read module 65 is memory card fetch interfaces, and corresponding external device 651 is memory cards; As for 632 in hardware scanning inventory is several nextport hardware component NextPort code collections that comprise microprocessor 60, screen 61, communication module 62, coffret 66, internal memory 63, input module 64 and/or external device 651.
Consult Fig. 6, and cooperation Fig. 5, the register flow path of network security certification method of the present invention is: portable electric device 6 by communication network 300 and management server 8 online after, the user imports user's code name/code data (step S601) with portable electric device 6 in the website that management server 8 provides, management server 8 receives user's code name/code data, check checking code name/password (step S321) with script code name/code data, if the incorrect error messages (step S322) of then replying; After if affirmation is out of question, just import the download webpage (step S323) of terminal program.
Portable electric device 6 inputs are in order to start the PIN code (step S602) of terminal program 631, and after confirming OK, with regard to the identification code of executive program scanning hardware assembly to produce a predetermined hardware scanning list 632 (step S603), make a predetermined key 633 (step S604) with predetermined hardware scanning list 632, portable electric device 6 also stores predetermined key 633 in internal memory 63 (step S605), again to send management server 8 to behind the predetermined key 633 (step S606) of time of the meeting secret key encryption.
Then, management server 8 will be received data decryption (step S324), and the predetermined key 633 (step S325) that obtains after the record deciphering, then, send and will confirm to finish registration message (step S326) and finish registration with notice portable electric device 6.
Consult Fig. 7, in this preferred embodiment, portable electric device 6 is to be connected with terminal 7 with coffret 66, coffret 66 is that wired formula or wireless type all can, the input module 64 of portable electric device 6 is key plate or Trackpad, use for user input with produce as: electronic data such as literal, numeral see through terminal 7 again and give management server 8 with the online transmission electronic data of communication network 300; If portable electric device 6 no coffrets 66, the user also can watch electronic data such as literal that screen 61 shows, numeral, then with the electronic data of the keyboard input correspondence of terminal computer 7 to pass to management server 8.
Consult Fig. 8, and cooperation Fig. 7, the program of logining of network security certification method of the present invention is: portable electric device 6 inputs are in order to start the PIN code (step 610) of terminal program 631, do you and judge PIN code whether correct (step 611)? if the correct terminal program 631 that starts is with regard to execution in step 612 to 615, if the incorrect error messages (step 614) that just produces; Portable electric device 6 is after starting terminal program 631 once more, because portable electric device 6 has stored predetermined key 633, in order to confirm that key is not altered or terminal program 631 and predetermined key 633 are moved to another device, therefore, the identification code that terminal program 631 will scan most nextport hardware component NextPorts of portable electric device 6 once more becomes a new hardware scanning inventory, and makes a new key (step 612) with new hardware scanning inventory; Then, with the predetermined key 633 of new key comparison conform to (step 613)? if do not meet, just can judge that key has been altered or terminal program 631 and predetermined key 633 are moved to another device, therefore produce error messages (step 614), if conform to, just can judge that new key is produced by originally device and do not altered or terminal program 631 and predetermined key 633 are moved to another device, just utilize predetermined key generation one-time password (otp) 40a (step 615).
Aspect terminal 7, the user imports user's code name (ID) (step S231), the disposal password 40a input (step S232) that shows according to portable electric device 6 again, input mode can be imported disposal password 40a with the wire/wireless transmission or with the keyboard of terminal 7; Then, disposal password 40a is transferred to management server 8, if portable electric device 6 no coffrets 66, the disposal password 40a that the user also can watch screen 61 to show imports corresponding disposal password 40a to pass to management server 8 with the keyboard of terminal computer 7 then; If management server 8 judges that disposal password 40a just notifies terminal 7 to enter site for service (step S233) when being correct.
Aspect management server 8, utilize the predetermined key 633 of precedence record to produce disposal password 40b (step S330), do you judge user's code name/disposal password whether correctly (step S331) again? if it is incorrect, produce error messages (step S332), if correct, import site for service (step S333).
Consult Fig. 9, and cooperation Fig. 7, just can carry out transaction program through aforementioned after logining program, the site for service of management server 8 shows electronic transaction input picture, in this electronic transaction with online account transfer is the example explanation: the user is with portable electric device 6 input account transfer numbers of the account (step S621), and input transfer amount (step S622), form an electronic data 41a (step S623) who contains account transfer number of the account and transfer amount then and send terminal 7 to, in addition, make one first digital signature 441 (step S624) with electronic data 41a and predetermined key 633 and also send terminal 7 to.
Terminal 7 receives that portable electric devices 6 transmit or with the electronic data 41a of keyboard input own, send electronic data 41a to management server 8 (step S241) via communication network 300, then, receive first digital signature 441, send first digital signature 441 to management server 8 (step S242) via communication network 300.
After management server 8 receives an electronic data 41b (step S341) via communication network 300, make one second digital signature 442 (step S342) with electronic data 41b and predetermined key 633, then, with first digital signature 441 and the comparison of second digital signature 442 whether identical (step S343)? if the two is inequality, for example: electronic data 41a is altered into the electronic data 41b of different content midway by the hacker, then second digital signature of making according to the electronic data 41b of different content 442 will be different from first digital signature 441, be illustrated in and altered data in the network transmission process, produce error messages (step S344), if the two is identical for electronic data 41a and electronic data 41b, expression is the correct data of not altering, just finish account transfer action (step S345), and send and finish account transfer message (step S346) and finish this transaction with notice terminal 7 according to the account transfer number of the account of electronic data 41a and transfer amount.
By above explanation as can be known, network security certification method of the present invention and device thereof, and portable electric device authentication method did not only see in the past, had more following effect:
One, network security certification method of the present invention and device use the nextport hardware component NextPort of terminal 2 to produce the hardware scanning inventory with terminal program 221 scannings, just solve the problem of user's status authentication, overcome the problem that existing hardware status demo plant causes required cost in the mode of software.
Two, the hardware scanning inventory of the identification code recording of most nextport hardware component NextPorts of certificate server 1 record use terminal of the present invention overcomes the problem of user to the required different hardware status demo plant of different web sites with as the status authentication of user for different web sites.
Three, the golden key made with the hardware scanning inventory that uses terminal 2 of the digital signature processing method of network security certification of the present invention and device becomes digital signature with electronic data processing, and certificate server 1 transmission/reception data are via the second communication conduit transmission, the problem of avoiding the hacker to tackle stealing identification code and the password/account transfer password and the transaction data of distorting.
Four, the present invention produces the hardware scanning inventory of use terminal 2 to authenticate as user's status automatically with terminal program 411, and the golden key that the hardware scanning inventory can be made is made digital signature, overcomes the problem of user's operational hardware status demo plant inconvenience.
Five, the authentication method of portable electric device 6 of the present invention, the user need not different web sites is used different computer hardware authentication status or electronic data is made digital stamped signature, can save like this that to issue one of each user special and through personalized token, chip card or person authentication device such as dish with oneself, therefore can reach the object of the invention really.
The above, it only is preferred embodiment of the present invention, be not that the present invention is done any pro forma restriction, though the present invention discloses as above with preferred embodiment, yet be not in order to limit the present invention, any those skilled in the art, in not breaking away from the technical solution of the present invention scope, when the technology contents that can utilize above-mentioned announcement is made a little change or is modified to the equivalent embodiment of equivalent variations, in every case be not break away from the technical solution of the present invention content, according to technical spirit of the present invention to any simple modification that above embodiment did, equivalent variations and modification all still belong in the scope of technical solution of the present invention.

Claims (18)

1. network security certification method, cooperate at least one use terminal, a webserver and a certificate server, use terminal online by one first communication conduit and the webserver, and use terminal online by one second communication conduit and certificate server, it is characterized in that: described method comprises following step:
(a) use terminal to carry out a terminal program and note down into a hardware scanning inventory with the identification code of most individual nextport hardware component NextPorts that will use terminal;
(b) use terminal to transmit the foundation that the hardware scanning inventory gives the certificate server retention and authenticates as user's status; And
(c) webserver uses the electronic data that terminal transmits and when needing to confirm user's status in obtaining, make certificate server obtain using hardware scanning inventory that terminal rescans be kept at use terminal in the certificate server the comparison of hardware scanning inventory to confirm user's identity.
2. network security certification method as claimed in claim 1 is characterized in that: described use terminal does not store the hardware scanning inventory and directly sends the hardware scanning inventory to certificate server.
3. network security certification method as claimed in claim 2 is characterized in that: the hardware scanning inventory that described terminal program transmits for communication network utilizes different time of the meeting keys to carry out encryption at every turn.
4. a network security certification device cooperates at least one use terminal and to have the program carrier of carrying out the terminal program that scans the most individual nextport hardware component NextPorts that use terminal for the use terminal, and it is characterized in that: described network security certification device comprises:
One database module store a hardware scanning inventory as the authentication of user's status that uses terminal execution terminal program and produce, and the hardware scanning inventory has most nextport hardware component NextPort identification codes of using terminal; And
One authentication module, whether comparison one input data meet most nextport hardware component NextPort identification codes of using terminal, just confirm user's identity if meet.
5. network security certification device as claimed in claim 4 is characterized in that: described terminal program utilizes different time of the meeting keys to carry out encryption for the hardware scanning inventory that transmits at every turn.
6. network security certification device as claimed in claim 5 is characterized in that: described authentication module judges also whether the terminal program version that uses terminal upgrades with decision.
7. network security certification device as claimed in claim 4 is characterized in that: described hardware scanning inventory comprises the identification code of a CPU, a basic input-output system unit, a storage device, a network interface, a motherboard and/or the identification code of an external device.
8. network security certification device as claimed in claim 7 is characterized in that: described network security certification device also comprises:
One control module produces an authentication code; And
One transport module gives described authentication code transmission the use terminal and deposits external device in the foundation as the identification external device.
9. network security certification method, cooperate at least one use terminal, a webserver and a certificate server, use terminal online by one first communication conduit and the webserver, and use terminal online by one second communication conduit and certificate server, it is characterized in that: described method comprises the steps:
(a) certificate server sends a golden key of being made by a hardware scanning inventory of the identification code recording of the most nextport hardware component NextPorts that use terminal and gives the webserver and send golden key and give the webserver;
(b) use terminal utilization gold key that electronic data processing is become a digital signature;
(c) webserver utilization gold key becomes another digital signature with electronic data processing; And
(d) whether the digital signature of certificate server or webserver determining step (b) conforms to the digital signature of step (c), just confirms that electronic data is not altered if conform to.
10. network security certification method as claimed in claim 9 is characterized in that: described terminal program utilizes different time of the meeting keys to carry out encryption for the hardware scanning inventory that transmits at every turn.
11. network security certification method as claimed in claim 10 is characterized in that: the electronic data of described use terminal is a transaction data, and through after certificate server/webserver affirmation status, the webserver is just concluded the business according to transaction data.
12. a network security certification device, record is discerned the computer-readable terminal program of the method for status in order to carry out a digital signature, it is characterized in that computer-readable terminal program execution comprises the steps:
(a) by a hardware scanning inventory of the identification code recording of the most nextport hardware component NextPorts that use terminal; And
(b) obtain the golden key that an electronic data makes with the hardware scanning inventory and be processed into a digital signature.
13. network security certification device as claimed in claim 12 is characterized in that: described terminal program utilizes different time of the meeting keys to carry out encryption for the hardware scanning inventory that transmits at every turn.
14. a network security certification method cooperates at least one use terminal, a webserver and a certificate server to use, it is characterized in that: described method comprises following step:
(a) webserver receives the download webpage that is stored and import a terminal program after the log-on data of using terminal to transmit;
(b) use terminal to download the page download terminal program certainly, and after producing a hardware scanning inventory, send certificate server in the identification code that back scanning hardware assembly is installed; And
(c) certificate server will receive that data are write down and the informing network server, make the webserver confirm that the user is registered and finish.
15. network security certification method, cooperate at least one use terminal, a webserver and a certificate server to use, the database module of certificate server establishes different users's hardware scanning inventory, it is characterized in that: described method comprises following step:
(a) webserver receives that logining of using that terminal transmits stored after the data and the notification authentication server carries out status and verifies;
(b) the certificate server notice uses terminal to enable a terminal program;
(c) use the terminal program of terminal to be driven the scanning of carrying out the scanning hardware assembly to produce a hardware scanning inventory after, send the hardware scanning inventory to certificate server; And
(d) certificate server just confirms that status and informing network server are to finish the program of logining with the hardware scanning inventory comparison of the hardware scanning inventory received and database module if meet.
16. a portable electric device authentication method is characterized in that: described method comprises the steps:
(a) portable electric device is carried out a terminal program and is become a predetermined hardware scanning list with the identification code that scans most nextport hardware component NextPorts, and makes a predetermined key and be recorded in portable electric device with the predetermined hardware scanning list; And
(b) portable electric device will be scheduled to after the secret key encryption transmission and give a webserver and be recorded in the webserver to verify the usefulness of user's status future after for its deciphering.
17. portable electric device authentication method as claimed in claim 16, it is characterized in that: step (b) comprises that also the predetermined key of substep (b-1) portable electric device utilization produces disposal password and gives the usefulness of the webserver for its following checking user status with transmission, or substep (b-2) portable electric device is made a digital signature with predetermined key to an electronic data and given the webserver with transmission and identify for it whether electronic data is altered.
18. a portable electric device authentication method is characterized in that: described method comprises the steps:
(a) portable electric device is carried out a terminal program and is become a predetermined hardware scanning list with the identification code that scans most nextport hardware component NextPorts, and makes a predetermined key and be recorded in portable electric device with the predetermined hardware scanning list;
(b) portable electric device is when starting terminal program once more, and the identification code that scans most nextport hardware component NextPorts of portable electric device again becomes a new hardware scanning inventory, and makes a new key with new hardware scanning inventory; And
(c) with the predetermined key of new key comparison to judge that predetermined key is altered or terminal program and predetermined key are moved to another device.
CN201010111128.7A 2009-12-25 2010-02-10 Network security certification method and device thereof Expired - Fee Related CN102111271B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201010111128.7A CN102111271B (en) 2009-12-25 2010-02-10 Network security certification method and device thereof

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
CN200910259773.0 2009-12-25
CN2009102597730 2009-12-25
CN200910259773 2009-12-25
CN201010111128.7A CN102111271B (en) 2009-12-25 2010-02-10 Network security certification method and device thereof

Publications (2)

Publication Number Publication Date
CN102111271A true CN102111271A (en) 2011-06-29
CN102111271B CN102111271B (en) 2015-07-29

Family

ID=44175307

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201010111128.7A Expired - Fee Related CN102111271B (en) 2009-12-25 2010-02-10 Network security certification method and device thereof

Country Status (1)

Country Link
CN (1) CN102111271B (en)

Cited By (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103475623A (en) * 2012-06-06 2013-12-25 朱俊宇 Dynamic barcode certification system and its certification method
CN103685311A (en) * 2013-12-27 2014-03-26 网易(杭州)网络有限公司 Log-in validation method and device
CN103856438A (en) * 2012-11-28 2014-06-11 卡巴斯克 Automatic translation and network identity verification method provided with security protection
CN104094308A (en) * 2012-02-02 2014-10-08 西门子公司 Authentication system for mobile devices for exchanging medical data
CN108509800A (en) * 2017-02-28 2018-09-07 盖特资讯系统股份有限公司 Data guard method and system
CN110532290A (en) * 2019-07-25 2019-12-03 深圳壹账通智能科技有限公司 Information Authentication device, method and storage medium based on block chain
CN110739048A (en) * 2018-07-19 2020-01-31 中山医学大学附设医院 Medical image recording and uploading system
CN111345003A (en) * 2017-09-19 2020-06-26 阿比奥梅德股份有限公司 System and method for time-based one-time password management for medical devices
US10867056B2 (en) 2017-02-06 2020-12-15 iDGate Corporation Method and system for data protection
TWI746920B (en) * 2019-01-04 2021-11-21 臺灣網路認證股份有限公司 System for using certificate to verify identity from different domain through portal and method thereof

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0935221A2 (en) * 1998-02-05 1999-08-11 Mitsubishi Denki Kabushiki Kaisha Remote authentication system
CN1595880A (en) * 2003-09-11 2005-03-16 华为技术有限公司 Method of information integrity protection in multicast/broadcast
CN1771717A (en) * 2003-04-28 2006-05-10 汤姆森特许公司 Technique for secure wireless lan access
CN101149775A (en) * 2006-09-20 2008-03-26 展讯通信(上海)有限公司 Encryption and decryption method for realizing hardware and software binding
CN101316167A (en) * 2008-07-04 2008-12-03 宇龙计算机通信科技(深圳)有限公司 Registration and login method of safety authentication, system and mobile terminal
CN101562532A (en) * 2008-04-18 2009-10-21 北京瑞佳晨科技有限公司 System for automatically acquiring computer hardware information based on network environment and method thereof

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0935221A2 (en) * 1998-02-05 1999-08-11 Mitsubishi Denki Kabushiki Kaisha Remote authentication system
CN1771717A (en) * 2003-04-28 2006-05-10 汤姆森特许公司 Technique for secure wireless lan access
CN1595880A (en) * 2003-09-11 2005-03-16 华为技术有限公司 Method of information integrity protection in multicast/broadcast
CN101149775A (en) * 2006-09-20 2008-03-26 展讯通信(上海)有限公司 Encryption and decryption method for realizing hardware and software binding
CN101562532A (en) * 2008-04-18 2009-10-21 北京瑞佳晨科技有限公司 System for automatically acquiring computer hardware information based on network environment and method thereof
CN101316167A (en) * 2008-07-04 2008-12-03 宇龙计算机通信科技(深圳)有限公司 Registration and login method of safety authentication, system and mobile terminal

Cited By (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9747653B2 (en) 2012-02-02 2017-08-29 Siemens Aktiengesellschaft Authentication system for mobile devices for exchanging medical data
CN104094308A (en) * 2012-02-02 2014-10-08 西门子公司 Authentication system for mobile devices for exchanging medical data
CN103475623B (en) * 2012-06-06 2018-03-20 旸碁资讯股份有限公司 Dynamic bar codes Verification System and its authentication method
CN103475623A (en) * 2012-06-06 2013-12-25 朱俊宇 Dynamic barcode certification system and its certification method
CN103856438B (en) * 2012-11-28 2018-03-06 卡巴斯克 Have security protection from turn location and network identity validation method
CN103856438A (en) * 2012-11-28 2014-06-11 卡巴斯克 Automatic translation and network identity verification method provided with security protection
CN103685311B (en) * 2013-12-27 2017-06-13 网易(杭州)网络有限公司 A kind of login validation method and equipment
CN103685311A (en) * 2013-12-27 2014-03-26 网易(杭州)网络有限公司 Log-in validation method and device
US10867056B2 (en) 2017-02-06 2020-12-15 iDGate Corporation Method and system for data protection
CN108509800A (en) * 2017-02-28 2018-09-07 盖特资讯系统股份有限公司 Data guard method and system
CN111345003A (en) * 2017-09-19 2020-06-26 阿比奥梅德股份有限公司 System and method for time-based one-time password management for medical devices
CN111345003B (en) * 2017-09-19 2023-04-25 阿比奥梅德股份有限公司 System and method for time-based one-time password management of medical devices
CN110739048A (en) * 2018-07-19 2020-01-31 中山医学大学附设医院 Medical image recording and uploading system
TWI746920B (en) * 2019-01-04 2021-11-21 臺灣網路認證股份有限公司 System for using certificate to verify identity from different domain through portal and method thereof
CN110532290A (en) * 2019-07-25 2019-12-03 深圳壹账通智能科技有限公司 Information Authentication device, method and storage medium based on block chain

Also Published As

Publication number Publication date
CN102111271B (en) 2015-07-29

Similar Documents

Publication Publication Date Title
US9741033B2 (en) System and method for point of sale payment data credentials management using out-of-band authentication
US10205711B2 (en) Multi-user strong authentication token
CN102111271A (en) Network security authentication method and device as well as authentication method of hand-held electronic device
US9741265B2 (en) System, design and process for secure documents credentials management using out-of-band authentication
EP2355443B1 (en) Network authentication method and device for implementing the same
JP6586446B2 (en) Method for confirming identification information of user of communication terminal and related system
TW201741922A (en) Biological feature based safety certification method and device
CN101051908B (en) Dynamic cipher certifying system and method
CN101300808B (en) Method and arrangement for secure autentication
JP5601729B2 (en) How to log into a mobile radio network
CN109992949B (en) Equipment authentication method, over-the-air card writing method and equipment authentication device
CN100533459C (en) Data safety reading method and safety storage apparatus thereof
JP2019519827A (en) Two-channel authentication agent system and method capable of detecting false alteration of application
CN101589400A (en) Right management method, its system, server device used in the system, and information device terminal
WO2009101549A2 (en) Method and mobile device for registering and authenticating a user at a service provider
EP2690840B1 (en) Internet based security information interaction apparatus and method
CN202854880U (en) SMS payment system based on fingerprint identification mobile phone
UA113415C2 (en) METHOD, SERVER AND PERSONAL AUTHENTICATION SYSTEM
CN102694781A (en) Internet-based system and method for security information interaction
CN101944216A (en) Two-factor online transaction safety authentication method and system
CN108768941B (en) Method and device for remotely unlocking safety equipment
Mahansaria et al. Secure authentication for ATM transactions using NFC technology
KR20160100192A (en) System for digital authentication using pairing between universal RF tag and smart phone
CN102752265A (en) Security information interaction system and method based on Internet
CN105743883A (en) Network application identity attribute acquisition method and network application identity attribute acquisition device

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
ASS Succession or assignment of patent right

Owner name: KEYPASCO

Free format text: FORMER OWNER: LIN MAOCONG

Effective date: 20141215

C41 Transfer of patent application or patent right or utility model
TA01 Transfer of patent application right

Effective date of registration: 20141215

Address after: Sweden SE-41118 Gothenburg Ma Jiaxin plus 24

Applicant after: KEYPASCO AB

Address before: Lake Road, Neihu district Taiwan Taipei city two Chinese 103 Lane 103 No. 1 9 floor

Applicant before: Lin Maocong

C14 Grant of patent or utility model
GR01 Patent grant
C41 Transfer of patent application or patent right or utility model
TR01 Transfer of patent right

Effective date of registration: 20151125

Address after: China (Shanghai) free trade zone fanchun Road No. 400 Building 1 layer 3

Patentee after: Huayi financial information technology (Shanghai) Co., Ltd.

Address before: Sweden SE-41118 Gothenburg Ma Jiaxin plus 24

Patentee before: KEYPASCO AB

CF01 Termination of patent right due to non-payment of annual fee
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20150729

Termination date: 20210210