CN102547688A - Virtual-dedicated-channel-based establishment method for high-credibility mobile security communication channel - Google Patents
Virtual-dedicated-channel-based establishment method for high-credibility mobile security communication channel Download PDFInfo
- Publication number
- CN102547688A CN102547688A CN2012100316607A CN201210031660A CN102547688A CN 102547688 A CN102547688 A CN 102547688A CN 2012100316607 A CN2012100316607 A CN 2012100316607A CN 201210031660 A CN201210031660 A CN 201210031660A CN 102547688 A CN102547688 A CN 102547688A
- Authority
- CN
- China
- Prior art keywords
- user
- safe lane
- mobile phone
- server
- packet
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Landscapes
- Mobile Radio Communication Systems (AREA)
Abstract
The invention discloses a virtual-dedicated-channel-based establishment method for a high-credibility mobile security communication channel. The method comprises the following steps that: a requesting party user logs in a mobile security channel system, and submits user information comprising a personal identification number (PIN) code and a user password of a mobile subscriber identity module (SIM) card used by the user to an identity authentication server; a user login module of a mobile terminal generates an identity authentication digital certificate by using the user information; the digital certificate is encrypted by calling an asymmetric encryption key set in a trusted root chip in the mobile terminal; after receiving the identity authentication digital certificate submitted by the user, the identity authentication server calls a corresponding user asymmetric encryption public key stored in a user management server to verify the digital signature of the identity authentication digital certificate; and the identity authentication server decrypts user identity information encrypted by a private key in the trusted root of the identity authentication server in the identity authentication digital certificate by using the public key, and verifies the decrypted identity information one by one. The channel has integrity, authentication and security.
Description
Technical field:
The invention belongs to mobile communication safe practice field, relating to based on existing cell phone network is mobile communication hypothesis virtual private channel.
Background technology:
The mobile phone safe lane of high safety grade involved in the present invention; Under authenticating user identification situation always; Create the mobile phone safe lane, guarantee that the user uses privacy, authentication property and the integrality of channel interaction data, even there is despiteful monitoring behavior in the network; Can not steal the data of user interactions; Even revealed the interim encryption key of safe lane in undoubtedly the user, perhaps the invador goes out under the situation of the interim encryption key of part through certain means analysis, can guarantee that still the mutual data of safe lane can not stolen fully.
Prior art has had related:
1, symmetrical enciphering and deciphering algorithm: mainly be the encryption that is used for safe lane real time data bag.Because symmetrical enciphering and deciphering algorithm encryption is still deciphered and all used same key, its main characteristics is that encryption/decryption speed is fast, safe.The most influential single key password of this respect is the DES algorithm of NBS's promulgation in 1977; Its key length is 56; Expressly divide into groups, the plaintext group after dividing into groups and 56 s' key step-by-step is substituted or the method for exchange forms the encryption method of ciphertext group by 64.The DES algorithm has high fail safe, through this algorithm, sets dynamic interim conversation key in conjunction with the security strategy of safe lane and generates, and can guarantee the safety of interaction data in the mobile phone safe lane fully;
2, asymmetric enciphering and deciphering algorithm: the key of its encryption and decryption is a pair of; Be divided into PKI and private key, PKI can full disclosure, after the other side uses public-key data are encrypted; Having only secret to have just now possibly decipher ciphertext; The representative algorithm of this respect has: W.Diffie in 1976 and M.E.Heilinan propose folding DH algorithm, Rivest, the rsa cryptosystem system of Shamir and Ad1eman people's proposition.Existing to be widely used in data encryption and data signature aspect;
3, data signature and checking: digital signature is through an one-way function packet content that will transmit to be handled to obtain, and through the authentication to digital signature, confirms the source and the integrality thereof of packet.The most commonly used at present is: DSS and RSA Algorithm are widely used in the software and class libraries of many products.Wherein, be not both with DSS, RSA both can be used for enciphered data, also can be used for authentication.With the Hash signatures, in public key cryptosyst, only be stored in the user's computer owing to generate the key of signature, coefficient of safety is big.
The trusted root technology is meant the storage prefecture of the verify data piece of encrypting being put into trusted root; Thus after portable hard drive is powering on; Trusted root utilizes the assessment of verify data piece to storing the confidence level of validated user secret agreement; Thereby guarantee that validated user information is not modified,, can realize high trusted identity authentication the family based on this information.
Summary of the invention:
The objective of the invention is to: based on existing cell phone network; Be embodied as mobile communication and set up the virtual private channel; This passage possesses the data transmission capabilities that satisfies integrality, authentication property, secret, realizes that mobile phone text, voice and the video data of high safety grade is mutual, can resist current all kinds of mobile communication security threat; Safeguard China's national security and economic construction, ensure citizen's privacy power.
Concrete grammar scheme of the present invention is following: a kind of method for building up of the high credible mobile phone secured communication channel based on the virtual private channel; After the server of authenticating user identification is receiving the digital identification authentication of user's submission; User's asymmetric encryption PKI with the storage in the invoke user management server at first; The digital signature of authentication is verified, guarantees the integrality of authentication digital certificate, re-uses PKI the digital boiling of authentication is deciphered by the subscriber identity information of encrypted private key in the trusted root; Register a user to Relay Server, it is mutual to accomplish mobile phone text, voice and video data to set up safe lane.The concrete steps of this method comprise:
Step 1, requesting party user sign in to mobile phone safe lane system, submit PIN code, the user password of the SIM cards of mobile phones that the user uses to authentication server, can comprise the IMEI coding user profile relevant with other of mobile phone;
The asymmetric cryptographic key of solidifying in the trusted root chip in step 3, the calling mobile phone terminal is encrypted digital certificate, and with encrypted digital certificate after digital signature, send to the authenticating user identification server;
Step 6, through after the checking, confirm the user and use the identity of mobile phone that register a user in relaying or other server, the user accomplishes the process of login system;
Step 7, user mobile phone terminal are sent the security association request to the server of security association; The security association server is checked user's logging status in relaying or other server after; Send the encipherment scheme that this security association uses to user mobile phone terminal; The security strategy point of mobile phone terminal generates the interim conversation key related data after accepting the security association encipherment scheme, carry out alternately with the security association server; Reach an agreement with regard to this session and the mutual temporary key of safe lane management server, simultaneously user identity and this temporary key session registration are got into the safe lane management server;
The temporary key that step 8, requesting party user use above-mentioned steps to obtain, the relevant information of safe lane is set up in request; Requesting party user sends to the safe lane management server with recipient's user profile; The safe lane management server is after the request of receiving; Decoding request side user request; And whether the recipient of query safe channel logins native system in Relay Server, if not login is logined native system through way of short messages prompting recipient; As the security strategy point of recipient's mobile phone terminal of logining is after accepting the security association encipherment scheme, is recipient's user identity (identical with the requesting party with this temporary key?) session registration entering safe lane management server;
Step 9, after the safe lane recipient of user request signs in to native system; The security association server is as intermediary; Determine the encipherment scheme of this safe lane; All requesting parties and recipient are as the channel participant, and the security strategy point of both sides' mobile phone beginning exchange encryption keys generates data, the interim conversation key that each self-generating is consistent;
Step 10, accomplish after safe lane each side consults to generate with the interim conversation key; The security association server switches to Relay Server with each both sides' mobile phone terminal; Relay Server begins dynamically to generate the data routing table of this safe lane; Both sides' mobile phone terminal channel is switched to the safe lane of this generation, carry out mutual;
Step 11, process above-mentioned steps; Safe lane is created in success; Get into the secure communication interaction mode: two parties is carried out interactive information; Like input text or when sending voice/video information, mutual unexpected all outputs of safe lane possible on the mobile phone terminal will monitored and stop to the communication abnormality monitoring module of both sides' mobile phone terminal, till the two parties information interaction is accomplished;
After the real time data or text data of step 12, the input of requesting party's mobile phone terminal, in safe lane, carry out the transmission or/and the tissue of packet;
Step 13, receiving after the user transmits the packet that comes; Relay Server is verified the integrality of packet based on the digital signature PKI of user's trusted root of storing in requesting party's authenticating user identification server; After checking is passed through, packet is sent to other recipients by safe lane according to routing table;
Step 14, after receiving the packet that Relay Server transmits; Other recipient uses the interim conversation key of this secondary channel that packet content is deciphered after login and key generation; According to the packet attribute description, the data in the packet are resolved, present to the recipient.
The server of authenticating user identification also can be the module of an authenticating user identification of certain server.Relay Server can also be certain server, and the server of security association can be the module of the security association of certain server.Security association, safe lane management server can also be meant corresponding module.
Described trusted root is mounted in a read-only chip that is solidified with asymmetric cryptographic key and security related information of user mobile phone terminal; Trusted root is participated in the establishment and the use of safe lane as user and the important hardware device of user mobile phone terminal authentication.
Authentication server is the service of the each side that participates in safe lane being carried out authentication; The authentication server of mobile phone safe lane not only comprises the authentication to the user; Also comprise the tripartite binding authentication of user mobile phone, trusted root, guarantee that cellphone subscriber and user's the identity of identity and its statement is consistent.
High believable user mobile phone authentication is the most important condition that the mobile phone safe lane is created, and only under each side's identity of guaranteeing mobile communication situation consistent with the identity of its statement, mobile communication just has fail safe to say.
Described proof procedure and authentication information; The present invention uses PIN code, mobile phone IMEI sign indicating number and the user password that can not change to realize authentification of user; Mobile phone terminal identification and the binding authentication of the two; Again by signature of the encryption key in the trusted root and encryption, further guaranteed the credibility of user and handset identities authentication simultaneously, thereby established the basis of credible reasoning for the safe lane that improves confidence level.
Described safe lane management server mainly is responsible for receiving the safe lane establishment request that the user sends; Existing safe lane operating position in maintenance and the surveillance; In addition, the also responsible simultaneously safe lane of safe lane management server is arbitrated the safe lane that possibly occur in reciprocal process unusually.
Described security association server is responsible in safe lane establishment and the use; Carrying out intermediary with each side's mobile phone of participating in safe lane consults; The cipher mode that decision once safety channel adopts; Act on behalf of the data that mutual each side produces the interim conversation key,, according to the initialization of safe lane the timed sending key is set and changes order for the safe lane that adopts the dynamic encryption key.
Described safe lane Relay Server mainly is responsible for the route effect of safe lane data, sends to intended receiver with participating in once safety channel creation and mutual each side's data.
The packet structure of described safe lane packet tissue comprises packet signature, other correlation attribute information of packet and packet pay(useful) load three parts; Wherein the content tissue of packet signature and other correlation attribute information of packet is played and is taken out; All will use the interim conversation key that obtains when creating to encrypt, and use the private key that solidifies in the trusted root to carry out data signature to ciphered data again by mobile phone terminal:
1) packet signature: be that the mobile phone terminal that sends data uses the digital signature keys internal data realization signature total to packet in the trusted root, get integrality and take precautions against multi-sending attack to ensure packet;
2) other correlation attribute information of packet: mainly be some relevant informations that the data content attribute in the packet is described, so that recipient's mobile phone terminal is resolved data;
3) packet pay(useful) load: be the effective information content that the mobile phone terminal initiator transmits;
Said Relay Server, except that above-mentioned channel reciprocal process, the safe lane management server can periodically be checked user's in the Relay Server login situation, and three kinds of situation are once handled:
1) there is the user to withdraw from the current safety channel: to exceed a period of time when producing data interaction or initiatively withdrawing from safe lane with Relay Server as the user; The safe lane management server will be checked other participant situation of this safe lane this moment; If also have two or more participants in the channel; The safe lane management server will notify the participant of each side to end the channel data legend; Again the access security associated server is upgraded the interim conversation key, creates a new safe lane again;
2) new user adds the current safety channel: similar with first kind of situation; The safe lane management server will notify the participant of each side to end the channel data transmission; And, upgrade the interim conversation key with old and new users's access security associated server again all, create a new safe lane again;
3) dynamically update the interim conversation key: the security strategy requirement when initiating safe lane according to the user; The safe lane management server is regularly ended the channel data transmission; And with all active users access security associated server again; Upgrade the interim conversation key, create a new safe lane again, the data security when guaranteeing that safe lane is communicated by letter for a long time.
The present invention adopts the handset identities authentication of high trusted root, the mobile phone safe lane of high safety grade, the safety guarantee of mobile phone storage secret information and the safeguard protection of mobile phone use information; Guarantee that the user uses secret, authentication property and the integrality of channel interaction data; Thereby ensure that the user uses each class text, voice, the video data safety of mobile phone interaction, can not stolen by the invador of malice.
Beneficial effect of the present invention is following:
1. high credible mobile phone secure communication channel based on the virtual private channel; The Virtual Private Network of high safety grade main stream approach as the communication security guarantee in present computer network communication has obtained using widely; The present invention has realized high believable safe lane between the mobile device; Threat of physical security in the existing mobile communication and software security threat are had high-intensity safety assurance ability, can guarantee that the user uses privacy, authentication property and the integrality of channel interaction data;
2. the trusted root that uses of the present invention with high confidence level; Trusted root is the basis that the mobile phone safe lane is built; The trusted root that the present invention realizes through hardware means, the authentication information of having solidified user and mobile phone has realized the high trusted identity authentication of cellphone subscriber's identity and mobile phone terminal;
3. mobile phone security information of the present invention can realize the real-time encrypted protection of many tired mobile phone interaction information; Can only encrypt different to existing text category information with the cellphone information encryption software; What the present invention realized is the real-time encrypted protection of text, voice, video three category informations; Form with ciphertext is delivered in cell phone network, is the channel of mobile phone interaction hypothesis virtual private, realizes many tired strong safeguard protections of information;
4. use the behavioural information of mobile phone can analyze the cellphone subscriber's of some row individual privacy through the user; The mobile phone method for security protection of main flow all can't be realized hiding user's this respect information at present; The present invention can realize hiding of most of user's telecommunications vestige, has protected cellphone subscriber's individual privacy;
5. mobile phone safe lane of the present invention is except adopting trusted root; When the user uses the mobile phone safe lane; The also abnormal behaviour of supervisory user mobile communication simultaneously, with prevent malicious code pass through till the memory headroom of means access security channel, steal and transmit safe lane just in information encrypted; The monitoring of a behavior of mobile communication has further strengthened the safety assurance ability of mobile phone safe lane as the security hardening of mobile phone safe lane at mobile phone terminal;
6. the present invention is realized by system in most of process of mobile phone interaction each side hypothesis safe lane automatically; Do not need user's participation; Comprise user and the handset identities authentication of safe lane when creating, one-time pad and dynamic key generate, the hiding etc. of user's telecommunications vestige, all to user transparentization; Not only safe class is high, also has the characteristics of ease for use.
Description of drawings:
Fig. 1 is the visioning procedure of mobile phone safe lane of the present invention;
The system deployment figure of Fig. 2 mobile phone safe lane.
Embodiment:
Step 1, accomplish login system the user, after some row steps such as authentication, user mobile phone terminal joins server to safety and sends the security association request;
The security strategy point of step 3 mobile phone terminal is after accepting security association information; Generate the interim conversation key related data; Carry out alternately with the security association server; Reach an agreement with regard to this and the mutual temporary key of safe lane management server, simultaneously user identity and this temporary key are registered into the safe lane management server;
The temporary key that step 4, user use above-mentioned steps to obtain, the relevant information of safe lane is set up in request, and like the recipient, some information specific security strategies etc. send to the safe lane management server after encrypting;
Step 6, after the safe lane recipient of user request signs in to native system; The security association server is determined as intermediary; Determine the encipherment scheme of this safe lane; All channel participants' security strategy point beginning exchange encryption keys generates data, the interim conversation key that each self-generating is consistent;
Step 7, security association server are after accomplishing negotiation of safe lane each side and the generation of interim conversation key; Each participant mobile phone terminal is switched to Relay Server; Relay Server begins dynamically to generate the data routing table of this safe lane; Each participant mobile phone terminal is switched to the channel that different Relay Servers makes up, carry out mutual.
Claims (10)
1. high credible mobile phone secured communication channel method for building up based on the virtual private channel is characterized in that step is:
Step 1, requesting party user sign in to mobile phone safe lane system, submit the PIN code of the SIM cards of mobile phones of user's use, the user profile of user password to authentication server;
Step 2, above user profile is formed the authentication digital certificate through mobile phone terminal use login module;
The asymmetric cryptographic key of solidifying in the trusted root chip in step 3, the calling mobile phone terminal is encrypted digital certificate, and with encrypted digital certificate after digital signature, send to the authenticating user identification server;
Step 4, authenticating user identification server are behind the authentication digital certificate that receives user's submission; The relative users asymmetric encryption PKI of the storage in the invoke user management server; The digital signature of authentication digital certificate is verified, guarantees the integrality of authentication digital certificate;
Step 5, authenticating user identification server are deciphered by the subscriber identity information of encrypted private key in the authentication server trusted root the digital certificate of authentication with PKI, and the identity information after the deciphering is verified one by one;
Step 6, through after the checking, confirm the user and use the identity of mobile phone that register a user in relaying or other server, the user accomplishes the process of login system;
Step 7, user mobile phone terminal are sent the security association request to the server of security association; The security association server is checked user's logging status in relaying or other server after; Send the encipherment scheme that this security association uses to user mobile phone terminal; The security strategy point of mobile phone terminal generates the interim conversation key related data after accepting the security association encipherment scheme, carry out alternately with the security association server; Reach an agreement with regard to this session and the mutual temporary key of safe lane management server, simultaneously user identity and this temporary key session registration are got into the safe lane management server;
The temporary key that step 8, requesting party user use above-mentioned steps to obtain, the relevant information of safe lane is set up in request; Requesting party user sends to the safe lane management server with recipient's user profile; The safe lane management server is after the request of receiving; Decoding request side user request; And whether the recipient of query safe channel logins native system in Relay Server, if not login is logined native system through way of short messages prompting recipient; As the security strategy point of recipient's mobile phone terminal of logining is after accepting the security association encipherment scheme, is recipient's user identity (identical with the requesting party with this temporary key?) session registration entering safe lane management server;
Step 9, after the safe lane recipient of user request signs in to native system; The security association server is as intermediary; Determine the encipherment scheme of this safe lane; All requesting parties and recipient are as the channel participant, and the security strategy point of both sides' mobile phone beginning exchange encryption keys generates data, the interim conversation key that each self-generating is consistent;
Step 10, accomplish after safe lane each side consults to generate with the interim conversation key; The security association server switches to Relay Server with each both sides' mobile phone terminal; Relay Server begins dynamically to generate the data routing table of this safe lane; Both sides' mobile phone terminal channel is switched to the safe lane of this generation, carry out mutual;
Step 11, process above-mentioned steps; Safe lane is created in success; Get into the secure communication interaction mode: two parties is carried out interactive information; Like input text or when sending voice/video information, mutual unexpected all outputs of safe lane possible on the mobile phone terminal will monitored and stop to the communication abnormality monitoring module of both sides' mobile phone terminal, till the two parties information interaction is accomplished.
2. based on the method for building up of the described high credible mobile phone secured communication channel based on the virtual private channel of claim 1; After it is characterized in that the real time data or text data of requesting party's mobile phone terminal input, in safe lane, carry out the transmission or/and the tissue of packet;
Receiving after the user transmits the packet that comes; Relay Server is verified the integrality of packet based on the digital signature PKI of user's trusted root of storing in requesting party's authenticating user identification server; After checking is passed through, packet is sent to other recipients by safe lane according to routing table;
Behind the packet that receives the Relay Server forwarding; Other recipient uses the interim conversation key of this secondary channel that packet content is deciphered after login and key generation; According to the packet attribute description, the data in the packet are resolved, present to the recipient.
3. the method for building up of the high credible mobile phone secured communication channel based on the virtual private channel according to claim 1 and 2 is characterized in that described trusted root is mounted in a read-only chip that is solidified with asymmetric cryptographic key and security related information of user mobile phone terminal.
4. the method for building up of the high credible mobile phone secured communication channel based on the virtual private channel according to claim 1; It is characterized in that described authentication server is that the each side that participates in safe lane is carried out the authentication service; To the tripartite binding authentication of two parties mobile phone, trusted root, guarantee that cellphone subscriber and user's the identity of identity and its statement is consistent.
5. the method for building up of the high credible mobile phone secured communication channel based on the virtual private channel according to claim 1; It is characterized in that described proof procedure and authentication information; Other uses mobile phone IMEI sign indicating number to authentification of user, simultaneously again by signature of the encryption key in the trusted root and encrypting and authenticating.
6. the method for building up of the high credible mobile phone secured communication channel based on the virtual private channel according to claim 1; It is characterized in that the safe lane management server receives the safe lane establishment request that the user sends; Existing safe lane operating position in maintenance and the surveillance is arbitrated the safe lane that possibly occur in reciprocal process unusually.
7. the method for building up of the high credible mobile phone secured communication channel based on the virtual private channel according to claim 1; It is characterized in that the security association server is in safe lane establishment and use; Carrying out intermediary with each side's mobile phone of participating in safe lane consults; The cipher mode that decision once safety channel adopts; Act on behalf of the data that mutual each side produces the interim conversation key,, according to the initialization of safe lane the timed sending key is set and changes order for the safe lane that adopts the dynamic encryption key.
8. the method for building up of the high credible mobile phone secured communication channel based on the virtual private channel according to claim 1; It is characterized in that of the route effect of described safe lane Relay Server, send to intended receiver participating in once safety channel creation and mutual each side's data to the safe lane data.
9. the method for building up of the high credible mobile phone secured communication channel based on the virtual private channel according to claim 1 and 2; It is characterized in that described packet structure comprises packet signature, other correlation attribute information of packet and packet pay(useful) load three parts; Wherein the content tissue of packet signature and other correlation attribute information of packet is played and is taken out; All will use the interim conversation key that obtains when creating to encrypt, and use the private key that solidifies in the trusted root to carry out data signature to ciphered data again by mobile phone terminal:
1) packet signature: be that the mobile phone terminal that sends data uses the digital signature keys internal data realization signature total to packet in the trusted root, get integrality and take precautions against multi-sending attack to ensure packet;
2) other correlation attribute information of packet: some relevant informations that the data content attribute in the packet is described, so that recipient's mobile phone terminal is resolved data;
3) packet pay(useful) load: be the effective information content that the mobile phone terminal initiator transmits.
10. the method for building up of the high credible mobile phone secured communication channel based on the virtual private channel according to claim 1 and 2; It is characterized in that said safe lane management server can periodically check user's in the Relay Server login situation, and three kinds of situation once handled:
1) there is the user to withdraw from the current safety channel: to exceed a period of time when producing data interaction or initiatively withdrawing from safe lane with Relay Server as the user; The safe lane management server will be checked other participant situation of this safe lane this moment; If also have two or more participants in the channel; The safe lane management server will notify the participant of each side to end the channel data legend; Again the access security associated server is upgraded the interim conversation key, creates a new safe lane again;
2) new user adds the current safety channel: similar with first kind of situation; The safe lane management server will notify the participant of each side to end the channel data transmission; And, upgrade the interim conversation key with old and new users's access security associated server again all, create a new safe lane again;
3) dynamically update the interim conversation key: the security strategy requirement when initiating safe lane according to the user; The safe lane management server is regularly ended the channel data transmission; And with all active users access security associated server again; Upgrade the interim conversation key, create a new safe lane again, the data security when guaranteeing that safe lane is communicated by letter for a long time.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210031660.7A CN102547688B (en) | 2012-02-13 | 2012-02-13 | Virtual-dedicated-channel-based establishment method for high-credibility mobile security communication channel |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210031660.7A CN102547688B (en) | 2012-02-13 | 2012-02-13 | Virtual-dedicated-channel-based establishment method for high-credibility mobile security communication channel |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102547688A true CN102547688A (en) | 2012-07-04 |
| CN102547688B CN102547688B (en) | 2014-04-09 |
Family
ID=46353395
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201210031660.7A Active CN102547688B (en) | 2012-02-13 | 2012-02-13 | Virtual-dedicated-channel-based establishment method for high-credibility mobile security communication channel |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102547688B (en) |
Cited By (15)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103634105A (en) * | 2012-08-21 | 2014-03-12 | 镇江雅迅软件有限责任公司 | Authentication system based on mobile intelligent mobile phone terminal |
| CN103634265A (en) * | 2012-08-20 | 2014-03-12 | 腾讯科技(深圳)有限公司 | Method, device and system for security authentication |
| WO2016165662A1 (en) * | 2015-04-15 | 2016-10-20 | 李京海 | Mobile phone quasi-digital certificate subsystem, and system and method thereof |
| CN107104964A (en) * | 2017-04-25 | 2017-08-29 | 商洛学院 | A kind of network security terminal and application method |
| CN107451647A (en) * | 2016-06-01 | 2017-12-08 | 北京军地联合网络技术中心 | A kind of post special SIM card of built-in security mechanisms |
| US10019604B2 (en) | 2014-10-31 | 2018-07-10 | Xiaomi Inc. | Method and apparatus of verifying terminal and medium |
| CN109194905A (en) * | 2018-11-05 | 2019-01-11 | 苏州科达科技股份有限公司 | Video conference connects encryption, method for building up, terminal, server and system |
| CN109560932A (en) * | 2017-09-25 | 2019-04-02 | 北京云海商通科技有限公司 | The recognition methods of identity data, apparatus and system |
| CN110572418A (en) * | 2019-10-25 | 2019-12-13 | 国机智骏科技有限公司 | Vehicle identity authentication method and device, computer equipment and storage medium |
| CN110598422A (en) * | 2019-08-01 | 2019-12-20 | 浙江葫芦娃网络集团有限公司 | Trusted identity authentication system and method based on mobile digital certificate |
| CN111527762A (en) * | 2018-01-04 | 2020-08-11 | 昕诺飞控股有限公司 | System and method for end-to-end secure communication in a device-to-device communication network |
| CN112262546A (en) * | 2019-01-04 | 2021-01-22 | 百度时代网络技术(北京)有限公司 | Method and system for key distribution and exchange for data processing accelerators |
| US11212676B2 (en) * | 2016-11-23 | 2021-12-28 | Telefonaktiebolaget Lm Ericsson (Publ) | User identity privacy protection in public wireless local access network, WLAN, access |
| CN114567881A (en) * | 2022-04-24 | 2022-05-31 | 江苏益捷思信息科技有限公司 | SIM card information security protection method and system |
| CN115955309A (en) * | 2023-03-13 | 2023-04-11 | 浙江华创视讯科技有限公司 | Encryption reasoning method and system, equipment and storage medium thereof |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101083843A (en) * | 2007-07-17 | 2007-12-05 | 中兴通讯股份有限公司 | Method and system for confirming terminal identity in mobile terminal communication |
| US20080104690A1 (en) * | 2006-10-31 | 2008-05-01 | Misako Hirai | System and method of communication control management |
| US20080311906A1 (en) * | 2007-03-21 | 2008-12-18 | Samsung Electronics Co., Ltd. | Mobile communication network and method and apparatus for authenticating mobile node in the mobile communication network |
| CN101765105A (en) * | 2009-12-17 | 2010-06-30 | 北京握奇数据系统有限公司 | Method for realizing communication encryption as well as system and mobile terminal therefor |
-
2012
- 2012-02-13 CN CN201210031660.7A patent/CN102547688B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20080104690A1 (en) * | 2006-10-31 | 2008-05-01 | Misako Hirai | System and method of communication control management |
| US20080311906A1 (en) * | 2007-03-21 | 2008-12-18 | Samsung Electronics Co., Ltd. | Mobile communication network and method and apparatus for authenticating mobile node in the mobile communication network |
| CN101083843A (en) * | 2007-07-17 | 2007-12-05 | 中兴通讯股份有限公司 | Method and system for confirming terminal identity in mobile terminal communication |
| CN101765105A (en) * | 2009-12-17 | 2010-06-30 | 北京握奇数据系统有限公司 | Method for realizing communication encryption as well as system and mobile terminal therefor |
Cited By (21)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103634265A (en) * | 2012-08-20 | 2014-03-12 | 腾讯科技(深圳)有限公司 | Method, device and system for security authentication |
| CN103634265B (en) * | 2012-08-20 | 2019-01-11 | 腾讯科技(深圳)有限公司 | Method, equipment and the system of safety certification |
| CN103634105A (en) * | 2012-08-21 | 2014-03-12 | 镇江雅迅软件有限责任公司 | Authentication system based on mobile intelligent mobile phone terminal |
| US10019604B2 (en) | 2014-10-31 | 2018-07-10 | Xiaomi Inc. | Method and apparatus of verifying terminal and medium |
| WO2016165662A1 (en) * | 2015-04-15 | 2016-10-20 | 李京海 | Mobile phone quasi-digital certificate subsystem, and system and method thereof |
| CN106161027A (en) * | 2015-04-15 | 2016-11-23 | 李京海 | A kind of mobile phone quasi-digital certificate subsystem and system and method thereof |
| CN107451647B (en) * | 2016-06-01 | 2023-08-29 | 北京军地联合网络技术中心 | Built-in safety mechanism's special SIM card of barracks |
| CN107451647A (en) * | 2016-06-01 | 2017-12-08 | 北京军地联合网络技术中心 | A kind of post special SIM card of built-in security mechanisms |
| US11212676B2 (en) * | 2016-11-23 | 2021-12-28 | Telefonaktiebolaget Lm Ericsson (Publ) | User identity privacy protection in public wireless local access network, WLAN, access |
| CN107104964A (en) * | 2017-04-25 | 2017-08-29 | 商洛学院 | A kind of network security terminal and application method |
| CN109560932A (en) * | 2017-09-25 | 2019-04-02 | 北京云海商通科技有限公司 | The recognition methods of identity data, apparatus and system |
| CN111527762A (en) * | 2018-01-04 | 2020-08-11 | 昕诺飞控股有限公司 | System and method for end-to-end secure communication in a device-to-device communication network |
| CN109194905A (en) * | 2018-11-05 | 2019-01-11 | 苏州科达科技股份有限公司 | Video conference connects encryption, method for building up, terminal, server and system |
| CN112262546A (en) * | 2019-01-04 | 2021-01-22 | 百度时代网络技术(北京)有限公司 | Method and system for key distribution and exchange for data processing accelerators |
| CN112262546B (en) * | 2019-01-04 | 2024-04-23 | 百度时代网络技术(北京)有限公司 | Method and system for key distribution and exchange for data processing accelerator |
| CN110598422A (en) * | 2019-08-01 | 2019-12-20 | 浙江葫芦娃网络集团有限公司 | Trusted identity authentication system and method based on mobile digital certificate |
| CN110572418A (en) * | 2019-10-25 | 2019-12-13 | 国机智骏科技有限公司 | Vehicle identity authentication method and device, computer equipment and storage medium |
| CN110572418B (en) * | 2019-10-25 | 2022-08-19 | 国机智骏汽车有限公司 | Vehicle identity authentication method and device, computer equipment and storage medium |
| CN114567881A (en) * | 2022-04-24 | 2022-05-31 | 江苏益捷思信息科技有限公司 | SIM card information security protection method and system |
| CN115955309A (en) * | 2023-03-13 | 2023-04-11 | 浙江华创视讯科技有限公司 | Encryption reasoning method and system, equipment and storage medium thereof |
| CN115955309B (en) * | 2023-03-13 | 2023-06-02 | 浙江华创视讯科技有限公司 | Encryption reasoning method, system, equipment and storage medium thereof |
Also Published As
| Publication number | Publication date |
|---|---|
| CN102547688B (en) | 2014-04-09 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102547688B (en) | Virtual-dedicated-channel-based establishment method for high-credibility mobile security communication channel | |
| CN111371730B (en) | Lightweight authentication method supporting anonymous access of heterogeneous terminal in edge computing scene | |
| Zhang et al. | Efficient and flexible password authenticated key agreement for voice over internet protocol session initiation protocol using smart card | |
| CN104486077B (en) | A kind of end-to-end cryptographic key negotiation method of VoIP real time datas safe transmission | |
| CN110535868A (en) | Data transmission method and system based on Hybrid Encryption algorithm | |
| CN102572817B (en) | Method and intelligent memory card for realizing mobile communication confidentiality | |
| Yoon | Efficiency and security problems of anonymous key agreement protocol based on chaotic maps | |
| CN102045210B (en) | End-to-end session key consultation method and system for supporting lawful interception | |
| CN104901935A (en) | Bilateral authentication and data interaction security protection method based on CPK (Combined Public Key Cryptosystem) | |
| CN102315937A (en) | The affaris safety trade system of data and method between radio communication device and the server | |
| CN101969638A (en) | Method for protecting international mobile subscriber identity (IMSI) in mobile communication | |
| CN107483429B (en) | A kind of data ciphering method and device | |
| CN107094156A (en) | A kind of safety communicating method and system based on P2P patterns | |
| CN101790160A (en) | Method and device for safely consulting session key | |
| CN103179514A (en) | Cell phone safe group-sending method and device for sensitive message | |
| CN111416712B (en) | Quantum secret communication identity authentication system and method based on multiple mobile devices | |
| Niu et al. | A novel user authentication scheme with anonymity for wireless communications | |
| CN111049738B (en) | E-mail data security protection method based on hybrid encryption | |
| Hwang et al. | On the security of an enhanced UMTS authentication and key agreement protocol | |
| CN106549858A (en) | A kind of instant messaging encryption method based on id password | |
| CN107104888B (en) | Safe instant messaging method | |
| Juang et al. | Efficient 3GPP authentication and key agreement with robust user privacy protection | |
| GB2543359A (en) | Methods and apparatus for secure communication | |
| CN106209384B (en) | Use the client terminal of security mechanism and the communication authentication method of charging unit | |
| Xu et al. | A cross-domain group authentication scheme for LTE-A based vehicular network |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CP03 | Change of name, title or address |
Address after: 3, building 168, 5, 210012 software Avenue, Yuhuatai District, Jiangsu, Nanjing Patentee after: Jiangsu's software Polytron Technologies Inc Address before: 210000, A building, A building, No. 4, Yuhua Software Park, 310 South Ningxia Avenue, Yuhuatai District, Jiangsu, Nanjing Patentee before: Jiangsu Bozhi Software Technology Co., Ltd. |
|
| PE01 | Entry into force of the registration of the contract for pledge of patent right |
Denomination of invention: Virtual-dedicated-channel-based establishment method for high-credibility mobile security communication channel Effective date of registration: 20190320 Granted publication date: 20140409 Pledgee: Hongwu Branch of Nanjing Bank Co., Ltd. Pledgor: Jiangsu's software Polytron Technologies Inc Registration number: 2019320000144 |
|
| PE01 | Entry into force of the registration of the contract for pledge of patent right | ||
| CP01 | Change in the name or title of a patent holder |
Address after: 3, building 168, 5, 210012 software Avenue, Yuhuatai District, Jiangsu, Nanjing Patentee after: Bozhi Safety Technology Co.,Ltd. Address before: 3, building 168, 5, 210012 software Avenue, Yuhuatai District, Jiangsu, Nanjing Patentee before: JIANGSU ELEX SOFTWARE TECHNOLOGY Co.,Ltd. |
|
| CP01 | Change in the name or title of a patent holder |