CN102291370A - Security information interaction system and method - Google Patents
Security information interaction system and method Download PDFInfo
- Publication number
- CN102291370A CN102291370A CN2010102053132A CN201010205313A CN102291370A CN 102291370 A CN102291370 A CN 102291370A CN 2010102053132 A CN2010102053132 A CN 2010102053132A CN 201010205313 A CN201010205313 A CN 201010205313A CN 102291370 A CN102291370 A CN 102291370A
- Authority
- CN
- China
- Prior art keywords
- information
- safety information
- safety
- transmitting apparatus
- receiver
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Abstract
The invention provides a security information interaction system and a method, wherein the system comprises an information sending device and an information receiving device, wherein the information sending device and the information receiving device are respectively connected with an open network through a communication interface; and when the interaction of security information is needed to be carried out, a part of the security information is transmitted to the information receiving device by the information sending device through the open network. Through the security information interaction system and the method disclosed by the invention, the protection on the security information is strengthened, and the risk and the hidden danger of an information system are further avoided.
Description
Technical field
The present invention relates to information interaction system and method, more specifically, relate to safety information interactive system and method based on open network.
Background technology
At present, along with becoming increasingly abundant of the class of business of the increasingly extensive and various different field of network communications technology application, become more and more important based on the mutual and checking of the various information datas (particularly safety information) of open network.
Existing safety information interactive system based on open network adopts following two kinds of patterns usually: (a) in first kind of pattern, carry out the mutual side of safety information (for example user terminal) and encrypt and store complete safe information, subsequently, when needed, described safety information is transferred to mutual the opposing party of safety information (for example server) for further operation (for example checking) by open network (for example cordless communication network or the Internet); (b) in second kind of pattern, when needed, carrying out the mutual side of safety information (for example user terminal) utilizes input in real time (for example swipe the card or manual input etc.) to obtain complete safe information, subsequently, described safety information is transferred to mutual the opposing party of safety information (for example server) for further operation (for example checking) by open network (for example cordless communication network or the Internet).As from the foregoing, the something in common of above-mentioned two kinds of patterns is: safety information recipient (for example server) is storage security information not all, in the reciprocal process of safety information, adopt modes such as transmission security key, MAC key to guarantee safety information safety of transmission in open network, subsequently, described safety information recipient deciphers described encrypted safety information, so that carry out follow-up operation (for example checking etc.).
Yet, though above-mentioned prior art scheme has been introduced more complete key code system, but because each information interaction all needs by open network transmission complete safe information, therefore still there is potential safety hazard, if the safety information of i.e. described encryption is intercepted and captured, then there is the possibility that is cracked, thereby makes whole safety information interactive system have potential risks.
Therefore, along with the growing of business field and expansion (particularly electronic transaction field), there is following demand: provide a kind of more safely based on the safety information interactive system and the method for open network.
Summary of the invention
In order to solve the existing defective of above-mentioned prior art scheme, the present invention proposes a kind of safety information interactive system and method based on open network.
The objective of the invention is to be achieved through the following technical solutions:
A kind of safety information interactive system, described system comprise that information transmitting apparatus all is connected with open network by communication interface with information receiver, described information transmitting apparatus and described information receiver,
Wherein, when needs carried out safety information mutual, described information transmitting apparatus was transferred to the part of described safety information in the described information receiver by described open network.
In the disclosed in the above scheme, preferably, described information receiver further comprises:
Pretreatment module, described pretreatment module are used for obtaining complete safe information before carrying out safety information mutual, and according to predetermined decentralized algorithm described safety information are divided into first and second portion;
Information storage module, described information storage module are used to store the described first of described safety information; And
Message processing module, described message processing module is used for behind the described second portion that receives the described safety information that comes from described information transmitting apparatus the second portion of the described safety information of deciphering, and the described first of the second portion of the described safety information after will decipher and the described safety information stored in described information storage module is assembled into complete safe information.
In the disclosed in the above scheme, alternatively, the described second portion of described safety information is encrypted and stored to described information transmitting apparatus.
In the disclosed in the above scheme, preferably, after the operation of finishing described complete safe information, described message processing module is deleted described complete safe information immediately.
In the disclosed in the above scheme, alternatively, when needs carried out described safety information mutual, described information transmitting apparatus took out the described second portion of described safety information and by described open network the described second portion of described safety information is sent to described information receiver.
In the disclosed in the above scheme, alternatively, when needs carry out described safety information mutual, described information transmitting apparatus obtains the described second portion of described safety information by real-time input, and by described open network the described second portion of described safety information is sent to described information receiver.
In the disclosed in the above scheme, preferably, described information transmitting apparatus is the device of embedded smart card.
In the disclosed in the above scheme, preferably, described open network is the Internet.
Purpose of the present invention also is achieved through the following technical solutions:
A kind of safety information exchange method, described method comprises the steps:
(A1) before safety information reciprocal process, information receiver is divided into first and second portion according to decentralized algorithm with described safety information;
(A2) described information receiver is stored the described first of described safety information;
(A3) when carrying out safety information reciprocal process, information transmitting apparatus sends to described information receiver by open network with the described second portion of described safety information;
(A4) described information receiver is deciphered the described second portion of described safety information, and the described second portion of described safety information and the described first of described safety information are assembled into complete safe information.
In the disclosed in the above scheme, alternatively, described step (A1) further comprises: (B1) the described second portion with described safety information is stored in the described information transmitting apparatus.
In the disclosed in the above scheme, alternatively, described step (A1) further comprises: (C1) the described second portion of described safety information is directly deleted.
In the disclosed in the above scheme, alternatively, described step (A3) further comprises: (C2) described information transmitting apparatus obtains the described second portion of described safety information by real-time input, and by described open network the described second portion of described safety information is sent to described information receiver.
In the disclosed in the above scheme, preferably, described step (A4) further comprises: after (D1) operation of described complete safe information being finished, delete the described second portion of described safety information immediately.
Safety information interactive system disclosed in this invention and method have following advantage: on the basis that other security strategies of prior art scheme remain unchanged; decentralized algorithm and separate storage mechanism have been introduced; thereby strengthened protection, further avoided the risk and the hidden danger of information system safety information.
Description of drawings
In conjunction with the accompanying drawings, technical characterictic of the present invention and advantage will be understood better by those skilled in the art, wherein:
Fig. 1 is according to an embodiment of the invention based on the structure chart of the safety information interactive system of open network;
Fig. 2 is the schematic diagram of safety information preprocessing process according to an embodiment of the invention;
Fig. 3 is the schematic diagram of safety information preprocessing process according to another embodiment of the present invention;
Fig. 4 is according to an embodiment of the invention based on the flow chart of the safety information exchange method of open network.
Embodiment
Fig. 1 is according to an embodiment of the invention based on the structure chart of the safety information interactive system of open network.As shown in Figure 1, safety information interactive system disclosed in this invention comprises that information transmitting apparatus 1 (for example device of embedded smart card) all is connected with open network (for example cordless communication network or the Internet) by communication interface with information receiver 2 (for example server), described information transmitting apparatus 1 and information receiver 2, and carry out safety information (for example authentication information) when mutual at needs, described information transmitting apparatus 1 is transferred to the part of described safety information in the described information receiver 2 by described open network.
Wherein, described information receiver 2 further comprises pretreatment module 3, information storage module 4 and message processing module 5.Described pretreatment module 3 is used for obtaining complete safe information before carrying out information interaction, and described safety information is divided into two parts according to predetermined decentralized algorithm, be first and second portion, wherein, the first of described safety information is encrypted and be stored in the described information storage module 4, and the second portion of described safety information is provided by described open network by described information transmitting apparatus 1.Described information storage module 4 is used to store the first of described safety information.Described message processing module 5 is used for the second portion of the described safety information of deciphering behind the second portion that receives the described safety information that comes from described information transmitting apparatus 1, and the second portion of the described safety information after will deciphering is assembled into complete safe information with the first of the described safety information of storage in described information storage module 4, subsequently it is carried out subsequent operation (for example checking).Advantageously, finish operation to described complete safe information after, described message processing module 5 is deleted described complete safe information immediately.
Fig. 2 is the schematic diagram of safety information preprocessing process according to an embodiment of the invention.As shown in Figure 2, in according to one embodiment of present invention, described pretreatment module 3 is used for obtaining complete safe information before carrying out information interaction, and according to predetermined decentralized algorithm described safety information is divided into two parts, i.e. first and second portion.Wherein, the second portion of described safety information is encrypted and be stored in the information transmitting apparatus 1.Carry out safety information when mutual at needs, described information transmitting apparatus 1 takes out the second portion of described safety information and sends to described information receiver 2 by described open network.
Fig. 3 is the schematic diagram of safety information preprocessing process according to another embodiment of the present invention.According to another embodiment of the invention, described pretreatment module 3 is used for obtaining complete safe information before carrying out information interaction, and described safety information is divided into two parts, i.e. first and second portion according to predetermined decentralized algorithm.Wherein, the second portion of described safety information is directly deleted.Carry out safety information when mutual at needs, described information transmitting apparatus 1 obtains the second portion of described safety information by input in real time (for example swipe the card or manual input etc.), and by described open network the second portion of described safety information is sent to described information receiver 2.
Fig. 4 is for according to an embodiment of the invention based on the flow chart of the safety information exchange method of open network.As shown in Figure 4, safety information exchange method disclosed in this invention comprised the steps: (A1) before information interactive process, and information receiver is divided into two parts, i.e. first and second portion according to decentralized algorithm with safety information; (A2) described information receiver is stored the first of described safety information; (A3) when carrying out information interactive process, information transmitting apparatus sends to described information receiver by open network (for example cordless communication network or the Internet) with the second portion of described safety information; (A4) described information receiver is deciphered the second portion of described safety information, and the second portion of described safety information and the first of described safety information are assembled into complete safe information, is used for subsequent operation (for example checking).
Alternatively, in one embodiment of the invention, described step (A1) further comprises: (B1) second portion with described safety information is stored in the described information transmitting apparatus.
Alternatively, in another embodiment of the present invention, described step (A1) further comprises: (C1) second portion of described safety information is directly deleted.In this embodiment, described step (A3) further comprises: (C2) described information transmitting apparatus obtains the second portion of described safety information by input in real time (for example swipe the card or manual input etc.), and by described open network the second portion of described safety information is sent to described information receiver.
Advantageously, described step (A4) further comprises: after (D1) described subsequent operation is finished, delete the second portion of described safety information immediately.
Although the present invention is described by above-mentioned preferred implementation, its way of realization is not limited to above-mentioned execution mode.Should be realized that: under the situation that does not break away from purport of the present invention and scope, those skilled in the art can make different variations and modification to the present invention.
Claims (13)
1. safety information interactive system, described system comprises that information transmitting apparatus all is connected with open network by communication interface with information receiver, described information transmitting apparatus and described information receiver,
Wherein, when needs carried out safety information mutual, described information transmitting apparatus was transferred to the part of described safety information in the described information receiver by described open network.
2. safety information interactive system according to claim 1 is characterized in that, described information receiver further comprises:
Pretreatment module, described pretreatment module are used for obtaining complete safe information before carrying out safety information mutual, and according to predetermined decentralized algorithm described safety information are divided into first and second portion;
Information storage module, described information storage module are used to store the described first of described safety information; And
Message processing module, described message processing module is used for behind the described second portion that receives the described safety information that comes from described information transmitting apparatus the second portion of the described safety information of deciphering, and the described first of the second portion of the described safety information after will decipher and the described safety information stored in described information storage module is assembled into complete safe information.
3. safety information interactive system according to claim 2 is characterized in that, the described second portion of described safety information is encrypted and stored to described information transmitting apparatus.
4. safety information interactive system according to claim 2 is characterized in that, after the operation of finishing described complete safe information, described message processing module is deleted described complete safe information immediately.
5. safety information interactive system according to claim 3, it is characterized in that, when needs carried out described safety information mutual, described information transmitting apparatus took out the described second portion of described safety information and by described open network the described second portion of described safety information is sent to described information receiver.
6. safety information interactive system according to claim 2, it is characterized in that, when needs carry out described safety information mutual, described information transmitting apparatus obtains the described second portion of described safety information by real-time input, and by described open network the described second portion of described safety information is sent to described information receiver.
7. safety information interactive system according to claim 1 and 2 is characterized in that, described information transmitting apparatus is the device of embedded smart card.
8. safety information interactive system according to claim 1 and 2 is characterized in that described open network is the Internet.
9. safety information exchange method, described method comprises the steps:
(A1) before safety information reciprocal process, information receiver is divided into first and second portion according to decentralized algorithm with described safety information;
(A2) described information receiver is stored the described first of described safety information;
(A3) when carrying out safety information reciprocal process, information transmitting apparatus sends to described information receiver by open network with the described second portion of described safety information;
(A4) described information receiver is deciphered the described second portion of described safety information, and the described second portion of described safety information and the described first of described safety information are assembled into complete safe information.
10. safety information exchange method according to claim 9 is characterized in that, described step (A1) further comprises: (B1) the described second portion with described safety information is stored in the described information transmitting apparatus.
11. safety information exchange method according to claim 9 is characterized in that, described step (A1) further comprises: (C1) the described second portion of described safety information is directly deleted.
12. safety information exchange method according to claim 11, it is characterized in that, described step (A3) further comprises: (C2) described information transmitting apparatus obtains the described second portion of described safety information by real-time input, and by described open network the described second portion of described safety information is sent to described information receiver.
13. safety information exchange method according to claim 9 is characterized in that, described step (A4) further comprises: after (D1) operation of described complete safe information being finished, delete the described second portion of described safety information immediately.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2010102053132A CN102291370A (en) | 2010-06-21 | 2010-06-21 | Security information interaction system and method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2010102053132A CN102291370A (en) | 2010-06-21 | 2010-06-21 | Security information interaction system and method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN102291370A true CN102291370A (en) | 2011-12-21 |
Family
ID=45337483
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2010102053132A Pending CN102291370A (en) | 2010-06-21 | 2010-06-21 | Security information interaction system and method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102291370A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103179565A (en) * | 2011-12-23 | 2013-06-26 | 中国银联股份有限公司 | Safety information interaction system, terminal, server and method based on thin terminal mode |
Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101027623A (en) * | 2004-07-01 | 2007-08-29 | 存储技术股份公司 | Method, system and securing means for data archiving with automatic encryption and decryption by fragmentation of keys |
-
2010
- 2010-06-21 CN CN2010102053132A patent/CN102291370A/en active Pending
Patent Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101027623A (en) * | 2004-07-01 | 2007-08-29 | 存储技术股份公司 | Method, system and securing means for data archiving with automatic encryption and decryption by fragmentation of keys |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103179565A (en) * | 2011-12-23 | 2013-06-26 | 中国银联股份有限公司 | Safety information interaction system, terminal, server and method based on thin terminal mode |
| WO2013091553A1 (en) * | 2011-12-23 | 2013-06-27 | 中国银联股份有限公司 | Thin terminal mode-based security information exchange system, terminal, server, and method |
| CN103179565B (en) * | 2011-12-23 | 2016-01-13 | 中国银联股份有限公司 | Based on security information interaction system and the method for thin terminal pattern |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN106789015B (en) | Intelligent power distribution network communication safety system | |
| CN103001773B (en) | Fingerprint authentication system and fingerprint authentication method based on near field communication (NFC) | |
| CN102916869B (en) | Instant messaging method and system | |
| CN106603496B (en) | A kind of guard method, smart card, server and the communication system of data transmission | |
| CN105069864A (en) | Door lock control secure communication scheme based on NFC (near field communication) function of smart phone | |
| CN103856640A (en) | Method and system for processing user resource information | |
| CN103795545A (en) | Safety communication method and system | |
| CN103036681B (en) | A kind of password safety keyboard device and system | |
| CN101656748A (en) | Second-generation ID card online inquiry system and method based on secure network | |
| CN104270244A (en) | NFC encryption method and system | |
| CN103780620A (en) | Network security method and network security system | |
| CN106789024A (en) | A kind of remote de-locking method, device and system | |
| CN104038336A (en) | Data encryption method based on 3DES | |
| CN103200562A (en) | Communication terminal locking method and communication terminal | |
| CN103324971B (en) | A kind of smart card system and dynamic key thereof upgrade authentication method | |
| CN103596175A (en) | Mobile intelligent terminal certification system and method based on near field communication technology | |
| CN208369623U (en) | A kind of encryption equipment and encryption transmission system | |
| CN106454778A (en) | Short message processing method, short message center and communication system | |
| CN103260157A (en) | User management system based on satellite communication services and application method thereof | |
| CN202978979U (en) | Password security keypad device and password security pad system | |
| CN102045670A (en) | Method, server and smart card for transmitting short message | |
| CN102291370A (en) | Security information interaction system and method | |
| CN111212017A (en) | Intelligent terminal-oriented safe transmission method and system | |
| CN111065091B (en) | Wireless data acquisition system and data transmission method based on lora | |
| CN202872816U (en) | Instant messaging system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20111221 |