CN102176711A - System and method for information security protection of advertisement kiosk - Google Patents
System and method for information security protection of advertisement kiosk Download PDFInfo
- Publication number
- CN102176711A CN102176711A CN2011100004672A CN201110000467A CN102176711A CN 102176711 A CN102176711 A CN 102176711A CN 2011100004672 A CN2011100004672 A CN 2011100004672A CN 201110000467 A CN201110000467 A CN 201110000467A CN 102176711 A CN102176711 A CN 102176711A
- Authority
- CN
- China
- Prior art keywords
- sequence number
- kiosk
- client host
- client
- combination
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Abstract
The invention relates to a system and a method for the information security protection of an advertisement kiosk, wherein the system comprises: a client single-chip microcomputer arranged in the advertisement kiosk and having a given serial number stored therein; a client host connected with the client single-chip microcomputer and combining the MAC (Media Access Control) address of the client host with the serial number and then encrypting and sending the combination; and an advertisement kiosk server connected with the client host through communication, receiving and decrypting the combination to acquire a combined serial number, and sending a playing instruction when the combined serial number is matched with a stored combined serial number table. According to the invention, the serial number is recorded in the client single-chip microcomputer in the advertisement kiosk, combined with the MAC address of the client host and then sent to the advertisement kiosk server to be matched with the recorded combined serial number table, so that the method is simple, has strong timeliness and can be advantageously popularized and applied in the aspect of hardware security.
Description
Technical field
The present invention relates to information security technology, more particularly, relate to a kind of kiosk protecting information safety system and method.
Background technology
Kiosk is a kind of outdoor information platform, and information issues such as product, service can be provided for people.Kiosk can adopt the work of client-server pattern, and therefore in actual applications, the information of kiosk is demanded protection urgently.How accomplishing only legal kiosk client to be carried out correct information announcement, is the problem that needs solution at present.
Summary of the invention
The technical problem to be solved in the present invention is, the defective at prior art can't be tested to the legitimacy of kiosk client provides a kind of kiosk protecting information safety system and method.
The technical solution adopted for the present invention to solve the technical problems is: construct a kind of kiosk protecting information safety system, comprising: be located at the client single-chip microcomputer that stores given sequence number in the kiosk; Be connected with described client single-chip microcomputer and will the client host MAC Address and sequence number combination back encrypt the client host that sends; And communicate to connect, receive and decipher the kiosk server that obtains the combination sequence number and with the combination sequence number table coupling of storage the time, send play instruction with described client host.
In kiosk protecting information safety of the present invention system, described client single-chip microcomputer comprises: the information storage module that stores given sequence number.
In kiosk protecting information safety of the present invention system, described client host comprises: be connected with described client single-chip microcomputer and with MAC Address and the described set of serial numbers synthetic combination sequence number and the information encrypted encrypting module of described client host; Combination sequence number after being connected with described information encryption module, also will encrypting sends to the information transfer module of kiosk server.
In kiosk protecting information safety of the present invention system, described kiosk server comprises: communicate to connect with described information transfer module, the combination sequence number after encrypting is decrypted the decrypts information module of obtaining the combination sequence number; Link to each other with described decrypts information module, the combination sequence number table of described combination sequence number and storage is compared, when coupling, send the matching module of play instruction to described client host.
In kiosk protecting information safety of the present invention system, described client host and kiosk server adopt AES that the combination sequence number is carried out encryption and decryption.
The present invention also provides a kind of kiosk protecting information safety method, comprising:
The given sequence number of storage in S1, the client single-chip microcomputer in being located at kiosk;
S2, client host is connected with described client single-chip microcomputer, and will the client host MAC Address and sequence number combination back encrypt and send;
S3, kiosk server and described client host communicate to connect, receive and decipher and obtain the combination sequence number and send play instruction to described client host when the combination sequence number table with storage mates.
In kiosk protecting information safety method of the present invention, among the described step S1 in the EPPROM of client single-chip microcomputer burned given sequence number.
In kiosk protecting information safety method of the present invention, described step S2 comprises:
S21, client host is connected with described client single-chip microcomputer, and with the MAC Address and the synthetic combination of the described set of serial numbers sequence number of described client host, and adopt given secret key to encrypt;
S22, the combination sequence number after will encrypting send to the kiosk server.
In kiosk protecting information safety method of the present invention, described step S3 comprises:
S31, in the kiosk server, store the composite sequence table of each client host MAC Address and sequence number;
S32, kiosk server receive and utilize given secret key that the combination sequence number after encrypting is decrypted the decrypts information mould that obtains the combination sequence number;
S33, the combination sequence number table of described combination sequence number and storage is compared, when coupling, send play instruction to described client host.
In kiosk protecting information safety method of the present invention, client host and kiosk server adopt AES that the combination sequence number is carried out encryption and decryption among described step S2 and the S3.
Implement kiosk protecting information safety system and method for the present invention, have following beneficial effect: the present invention is by records series number in kiosk client single-chip microcomputer, and with the combination of the MAC Address of client host after send to the kiosk server, mate with the combination sequence number table of record, this method was both simple, sex-limited when having by force again, aspect hardware security, can access excellent popularization and application.
Description of drawings
The invention will be further described below in conjunction with drawings and Examples, in the accompanying drawing:
Fig. 1 is the block diagram according to kiosk protecting information safety system in the first embodiment of the invention;
Fig. 2 is the block diagram according to kiosk protecting information safety system in the second embodiment of the invention;
Fig. 3 is the flow chart according to kiosk protecting information safety method in the first embodiment of the invention.
Embodiment
In order to make purpose of the present invention, technical scheme and advantage clearer,, the present invention is further elaborated below in conjunction with drawings and Examples.
See also Fig. 1, be block diagram according to kiosk protecting information safety system in the first embodiment of the invention.As shown in Figure 1, the kiosk protecting information safety system 100 that provides of first embodiment of the invention comprises client single-chip microcomputer 102, client host 104 and kiosk server 106 at least.
Wherein, client single-chip microcomputer 102 is located in the kiosk, and store in advance given sequence number (Serial number, SN).Client host 104 is connected with client single-chip microcomputer 102, and the sequence number combination back of storage in the MAC Address of client host 104 and the client single-chip microcomputer 102 encrypted sends.Kiosk server 106 communicates to connect with client host 104, receives and deciphers and obtain the combination sequence number, and send play instruction when the combination sequence number table with storage mates.
The concrete principle that said system is discerned legal kiosk is described below.Before dispatching from the factory, i.e. burned given sequence number in the storage EEPROM of client single-chip microcomputer 8051, along with being connected of client single-chip microcomputer 102 and client host 104, the MAC Address of sequence number and client host 104 is combined into a string new combination sequence number, i.e. MAC+SN.Client sends to kiosk server 106 with the new combination sequence number of this generation after encrypting, preferably adopt AES (Advanced EncryptionStandard, Advanced Encryption Standard) to encrypt.According to the combination sequence number table of having deposited, promptly the MAC+SN table mates it in the kiosk server 106, if the object of coupling is arranged, then this client is a legitimate client as can be known, will send video instructions etc. to it; Otherwise, will classify illegitimate client as, it is not sent instruction.
The present invention mainly adopts 8051, and it is a kind of of single-chip microcomputer, has widely to use.It comprises the RAM of 128 bytes and 256 bytes, 32 I/O mouth lines, and 3 16 bit timings/counters, 6 inputs, the 4 priority terminal structure of absconding, 1 serial i/O mouth is seen to be used for multi-computer communication, I/O expansion or full duplex UART and sheet internal oscillator and clock circuit.
Has EEPROM in 8051 single-chip microcomputers that the present invention adopts.(Electrically Erasable Programmable Read-Only Memory EEPROM) is the storage chip that data are not lost after a kind of power down to EEPROM (Electrically Erasable Programmable Read Only Memo).EEPROM can on computers or wipe existing information, reprogramming on the special equipment.Be commonly used in the interface card, be used for depositing the hardware setting data.Also be commonly used in above " hardware lock " that prevents the software illegal copies.
The Advanced Encryption Standard that the present invention adopts (Advanced Encryption Standard, cryptographic algorithm AES) is mainly utilized symmetrical block cipher system, and the enciphered data block size is 256bit to the maximum, and cipher key size is in theory without limits.AES encrypts repetition and the conversion that a lot of wheels are arranged.Roughly step is as follows: 1, cipher key spreading (KeyExpansion), 2, initial wheel (Initial Round), 3, repeat wheel (Rounds), each is taken turns and comprises: SubBytes, ShiftRows, MixColumns, AddRoundKey, 4, final wheel (Final Round), final wheel does not have MixColumns.
See also Fig. 2, be block diagram according to kiosk protecting information safety system in the second embodiment of the invention.As shown in Figure 2, the kiosk protecting information safety system 200 that provides of second embodiment of the invention specifically discloses each functional module that places client single-chip microcomputer, client host and kiosk server.Mainly comprise: information storage module 202,
Wherein first module is an information storage module 202, is located in the client single-chip microcomputer sequence number (SN) that responsible storage is dispatched from the factory and distributed.Second module is information encryption module 204, is responsible for SN is connected with the client host MAC Address, and preferably adopts AES that it is encrypted, and draws the new combination sequence number (Csn) after the encryption; The 3rd module is information transfer module 206, and the new combination sequence number (Csn) that this module is responsible for obtaining sends to server end; The 4th module is decrypts information module 208, and this module is positioned at the kiosk server, and promptly server end and developer's authentication server are responsible for new combination sequence number (Csn) is decrypted, and draw MAC+SN; The 5th module is matching module 210, matching module 2010 also is positioned at server end and developer's authentication server, this module has been deposited a tabulation, comprising MAC Address and sequence number (SN), the MAC+SN that server end and developer's authentication server are received mates at this, if the match is successful, illustrates that then this client is a legitimate client, server will send play instruction etc. to it, otherwise server end will not carry out any operation to it.
See also Fig. 3, be flow chart according to kiosk protecting information safety method in the first embodiment of the invention.As shown in Figure 3, the kiosk protecting information safety method that provides of first embodiment of the invention starts from step S302:
Subsequently, in next step S304, before single-chip microcomputer 8051 dispatches from the factory, to generate one section sequence at random at the kiosk server, be called sequence number (SN), the client single-chip microcomputer is recorded in this sequence number among 8051 the EEPROM, and is that each client is distributed an AES encrypted secret key in the kiosk server.
Subsequently, in next step S306, when 8051 were connected with client host, sequence number (SN) was connected with host MAC address, forms one section new combination sequence number, i.e. MAC+SN.
Subsequently, in next step S308, the key that the client host utilization distributes is encrypted MAC+SN, draws to encrypt back sequence (Csn).
Subsequently, in next step S310, client host will obtain encrypting back sequence (Csn) and send to the kiosk server, promptly on server end and the developer's authentication server.
Subsequently, in next step S312, developer's authentication server and server end are decrypted by key, obtain the MAC+SN of client.
Subsequently, in next step S314, on developer's service for checking credentials end and server end computer, mate.
In step S316, if the MAC+SN that decrypts can mate with the MAC+SN table of server end and authentication server storage, then be legitimate client, server will send play instruction to it;
In step S318, if the MAC+SN that decrypts can not mate with the MAC+SN table of server end and authentication server storage, then be illegitimate client, server will not send any instruction to it.
This method ends at step S320.
The present invention has the following advantages and effect:
1) authentication of the sequence by SN+MAC can client of unique affirmation, has very strong uniqueness, effectively avoids the jactitator.
2) utilize AES to encrypt, can be good at protecting the information security in the information exchanging process, have stronger fail safe.
3) key in the AES cryptographic algorithm in information transfer process distributes before single-chip microcomputer dispatches from the factory, saves the encryption key distribution process, makes encrypting and decrypting comparatively simple.
The present invention is described according to specific embodiment, but it will be understood by those skilled in the art that when not breaking away from the scope of the invention, can carry out various variations and be equal to replacement.In addition, for adapting to the specific occasion or the material of the technology of the present invention, can carry out many modifications and not break away from its protection range the present invention.Therefore, the present invention is not limited to specific embodiment disclosed herein, and comprises that all drop into the embodiment of claim protection range.
Claims (10)
1. a kiosk protecting information safety system is characterized in that, comprising:
Be located at the client single-chip microcomputer that stores given sequence number in the kiosk;
Be connected with described client single-chip microcomputer and will the client host MAC Address and sequence number combination back encrypt the client host that sends;
Communicate to connect, receive and decipher the kiosk server that obtains the combination sequence number and when the combination sequence number table with storage mates, send play instruction with described client host.
2. kiosk protecting information safety according to claim 1 system is characterized in that described client single-chip microcomputer comprises: the information storage module that stores given sequence number.
3. kiosk protecting information safety according to claim 1 system is characterized in that described client host comprises:
Be connected with described client single-chip microcomputer and with MAC Address and the described set of serial numbers synthetic combination sequence number and the information encrypted encrypting module of described client host;
Combination sequence number after being connected with described information encryption module, also will encrypting sends to the information transfer module of kiosk server.
4. kiosk protecting information safety according to claim 3 system is characterized in that described kiosk server comprises:
Communicate to connect with described information transfer module, the combination sequence number after encrypting is decrypted the decrypts information module of obtaining the combination sequence number;
Link to each other with described decrypts information module, the combination sequence number table of described combination sequence number and storage is compared, when coupling, send the matching module of play instruction to described client host.
5. according to any described kiosk protecting information safety system among the claim 1-4, it is characterized in that described client host and kiosk server adopt AES that the combination sequence number is carried out encryption and decryption.
6. a kiosk protecting information safety method is characterized in that, comprising:
The given sequence number of storage in S1, the client single-chip microcomputer in being located at kiosk;
S2, client host is connected with described client single-chip microcomputer, and will the client host MAC Address and sequence number combination back encrypt and send;
S3, kiosk server and described client host communicate to connect, receive and decipher and obtain the combination sequence number and send play instruction to described client host when the combination sequence number table with storage mates.
7. kiosk protecting information safety method according to claim 6 is characterized in that, among the described step S1 in the EPPROM of client single-chip microcomputer burned given sequence number.
8. kiosk protecting information safety method according to claim 6 is characterized in that described step S2 comprises:
S21, client host is connected with described client single-chip microcomputer, and with the MAC Address and the synthetic combination of the described set of serial numbers sequence number of described client host, and adopt given secret key to encrypt;
S22, the combination sequence number after will encrypting send to the kiosk server.
9. kiosk protecting information safety method according to claim 8 is characterized in that described step S3 comprises:
S31, in the kiosk server, store the composite sequence table of each client host MAC Address and sequence number;
S32, kiosk server receive and utilize given secret key that the combination sequence number after encrypting is decrypted the decrypts information mould that obtains the combination sequence number;
S33, the combination sequence number table of described combination sequence number and storage is compared, when coupling, send play instruction to described client host.
10. according to any described kiosk protecting information safety method among the claim 6-9, it is characterized in that client host and kiosk server adopt AES that the combination sequence number is carried out encryption and decryption among described step S2 and the S3.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2011100004672A CN102176711A (en) | 2011-01-04 | 2011-01-04 | System and method for information security protection of advertisement kiosk |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2011100004672A CN102176711A (en) | 2011-01-04 | 2011-01-04 | System and method for information security protection of advertisement kiosk |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN102176711A true CN102176711A (en) | 2011-09-07 |
Family
ID=44519812
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2011100004672A Pending CN102176711A (en) | 2011-01-04 | 2011-01-04 | System and method for information security protection of advertisement kiosk |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102176711A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103093128A (en) * | 2013-01-06 | 2013-05-08 | 福建三元达通讯股份有限公司 | Embedded terminal software anti-copy and anti-plagiarism method |
| CN104954362A (en) * | 2015-04-27 | 2015-09-30 | 深圳市美贝壳科技有限公司 | Serial number encryption-decryption method and device |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20080077483A1 (en) * | 2006-09-23 | 2008-03-27 | Br Trust | Network system and method for accessing content and featuring advertising based on user criteria |
| CN101227522A (en) * | 2007-01-15 | 2008-07-23 | 上海理工大学 | Interactive advertisement system |
| CN101477660A (en) * | 2008-12-12 | 2009-07-08 | 康佳集团股份有限公司 | Network television payment authentication system, transaction payment center and network television terminal thereof |
| CN101882409A (en) * | 2009-05-06 | 2010-11-10 | 中兴通讯股份有限公司 | Electronic advertising system and advisement playing method thereof |
-
2011
- 2011-01-04 CN CN2011100004672A patent/CN102176711A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20080077483A1 (en) * | 2006-09-23 | 2008-03-27 | Br Trust | Network system and method for accessing content and featuring advertising based on user criteria |
| CN101227522A (en) * | 2007-01-15 | 2008-07-23 | 上海理工大学 | Interactive advertisement system |
| CN101477660A (en) * | 2008-12-12 | 2009-07-08 | 康佳集团股份有限公司 | Network television payment authentication system, transaction payment center and network television terminal thereof |
| CN101882409A (en) * | 2009-05-06 | 2010-11-10 | 中兴通讯股份有限公司 | Electronic advertising system and advisement playing method thereof |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103093128A (en) * | 2013-01-06 | 2013-05-08 | 福建三元达通讯股份有限公司 | Embedded terminal software anti-copy and anti-plagiarism method |
| CN103093128B (en) * | 2013-01-06 | 2015-07-08 | 福建三元达通讯股份有限公司 | Embedded terminal software anti-copy and anti-plagiarism method |
| CN104954362A (en) * | 2015-04-27 | 2015-09-30 | 深圳市美贝壳科技有限公司 | Serial number encryption-decryption method and device |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102138300B (en) | Message authentication code pre-computation with applications to secure memory | |
| CN100468438C (en) | Encryption and decryption method for realizing hardware and software binding | |
| CN101588236B (en) | Protecting device, system and method for transmitting contents safely | |
| CN101908113B (en) | Authentication method and authentication system | |
| CN101969438A (en) | Method for realizing equipment authentication, data integrity and secrecy transmission for Internet of Things | |
| CN110753344B (en) | NB-IoT-based smart meter secure access system | |
| CN102802036A (en) | System and method for identifying digital television | |
| CN101877702A (en) | Method and system for activating and authenticating an internet protocol television client | |
| CN111555872A (en) | Communication data processing method, device, computer system and storage medium | |
| CN101738516A (en) | Electronic electric energy meter and data secure transmission method thereof | |
| CN102833075A (en) | Identity authentication and digital signature method based on three-layered overlapping type key management technology | |
| CN101783800A (en) | Embedded system safety communication method, device and system | |
| CN101923654B (en) | Ultrahigh frequency reader-writer suitable for remote security control by different users | |
| CN102801730A (en) | Information protection method and device for communication and portable devices | |
| CN107465665A (en) | A kind of file encryption-decryption method based on fingerprint identification technology | |
| CN101539977B (en) | Method for protecting computer software | |
| CN102594549B (en) | Multistage data encryption and decryption methods | |
| CN102833260A (en) | Password authentication method for internet of things by adopting security one-key management technology | |
| CN101938353B (en) | Method for remotely resetting personal identification number (PIN) of key device | |
| CN101697511B (en) | Method and system for receiving mobile streaming media conditions | |
| CN102111681A (en) | Key system for digital television broadcast condition receiving system | |
| CN104125239A (en) | Network authentication method and system based on data link encryption transmission | |
| CN103117850B (en) | A kind of method for building up of the cryptographic system based on random sequence database | |
| CN112507296A (en) | User login verification method and system based on block chain | |
| CN102647393B (en) | Digital signage content piracy prevention method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C12 | Rejection of a patent application after its publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20110907 |