CN103516524A - Security authentication method and system - Google Patents
Security authentication method and system Download PDFInfo
- Publication number
- CN103516524A CN103516524A CN201310495312.XA CN201310495312A CN103516524A CN 103516524 A CN103516524 A CN 103516524A CN 201310495312 A CN201310495312 A CN 201310495312A CN 103516524 A CN103516524 A CN 103516524A
- Authority
- CN
- China
- Prior art keywords
- usbkey
- authentication server
- information
- authorization information
- encryption key
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Storage Device Security (AREA)
Abstract
The invention provides a security authentication method and a security authentication system. The security authentication method comprises the following steps: according to a preset encryption key, encrypting customer information by USBKEY to generate authentication information; supplying the authentication information to an authenticating server by the USBKEY for the authenticating server to authenticate the security of the USBKEY. The technical scheme provided by the invention is applicable to security authentication; through the security authentication method and the security authentication system, the download of a digital certificate based on the security authentication is achieved.
Description
Technical field
The present invention relates to information security field, relate in particular to a kind of safe verification method and system.
Background technology
Along with the development of the Internet and ecommerce, USBKEY, as " electron key " of network user identity identification and data protection, is familiar with and uses by increasing user.
USBKEY equipment is a kind of built-in high-performance intelligent card chip, secure file system, the safe double factor authentication equipment of realizing; Security Middleware is provided simultaneously; can be used for storing digital certificate; support PKI application; can be applied in the various fields that need identity discriminating and data protection, such as Web bank, online game, E-Government, ecommerce ,CA center etc.Visible digital certificate is vital to USBKEY equipment.
Briefly introduce below in prior art, USBKEY equipment is from a kind of typical scenario of server downloading digital certificate.System component generally comprises: internet bank trade website, middleware (as CSP, PKCS#11) are prevented usurping or being replaced.If internet banking system has been used Security Middleware, in client, normal software and hardware frame structure as shown in Figure 1.
From Fig. 1, be not difficult to find out, when downloadable authentication, if unauthorized personnel replaces " Security Middleware " by malice, can reach and redirect certificate storage medium, and then attack the object of internet banking system.
To sum up, the fail safe of USBKEY digital certificate download mechanism is poor.
Summary of the invention
The invention provides a kind of safe verification method and system, solved the problem of USBKEY digital certificate download mechanism poor stability.
, comprising:
USBKEY, according to preset encryption key, is encrypted customer information, generates authorization information;
Described USBKEY offers authentication server by described authorization information, for described authentication server, the fail safe of this USBKEY is verified.
Preferably, the method also comprises:
Preset same encryption key in described USBKEY and described authentication server, the unique identification corresponding preservation one by one of encryption key described in described authentication server and described USBKEY.
Preferably, described USBKEY, according to preset encryption key, is encrypted customer information, before generating the step of authorization information, also comprises:
Described USBKEY, after receiving the certificate request bag of client transmission, generates described customer information;
Described USBKEY sends to described authentication server by described customer information via Security Middleware, request downloading digital certificate.
The present invention also provides a kind of safe verification method, comprising:
Authentication server obtains the authorization information of USBKEY;
Described authentication server, according to described authorization information, is verified the fail safe of described USBKEY;
When described USBKEY is dangerous, described authentication server refusal is described USBKEY downloading digital certificate.
Preferably, described authentication server also comprises before obtaining the step of authorization information of USBKEY:
Described authentication server receives the digital certificate download request of the customer information of the described USBKEY generation of carrying of Security Middleware transmission.
Preferably, the method also comprises:
Preset same encryption key in described USBKEY and described authentication server, the unique identification corresponding preservation one by one of encryption key described in described authentication server and described USBKEY.
Preferably, described authentication server, according to described authorization information, is verified and is comprised the fail safe of described USBKEY:
Described authentication server extracts according to the unique identification of described USBKEY the encryption key that this USBKEY is corresponding, and described customer information is encrypted, and obtains local verification information;
Described authentication server contrasts the consistency of described local verification information and described authorization information;
When definite described local verification information is consistent with described authorization information, described authentication server is judged described USBKEY safety;
In definite described local verification information and described authorization information, when inconsistent, described authentication server judges that described USBKEY is dangerous.
Preferably, the method also comprises:
When described USBKEY is safe, described authentication server is described USBKEY downloading digital certificate.
The present invention also provides a kind of security authentication systems, comprising: authentication server and USBKEY;
Described USBKEY, for according to preset encryption key, is encrypted customer information, generates authorization information, and described authorization information is offered to authentication server, for described authentication server, the fail safe of this USBKEY is verified;
Described authentication server, for obtaining the authorization information of described USBKEY, and according to described authorization information, verifies the fail safe of described USBKEY, and when described USBKEY is dangerous, refusal is described USBKEY downloading digital certificate.
Preferably, in described authentication server and described USBKEY, be equipped with identical encryption key,, the unique identification corresponding preservation one by one of encryption key described in described authentication server and described USBKEY,
Described USBKEY, also, for after receiving the certificate request bag of client transmission, generates described customer information, and described customer information is sent to described authentication server via Security Middleware, request downloading digital certificate;
Described authentication server, specifically for extracting according to the unique identification of described USBKEY the encryption key that this USBKEY is corresponding, described customer information is encrypted, obtain local verification information, contrast the consistency of described local verification information and described authorization information, when definite described local verification information is consistent with described authorization information, judge described USBKEY safety, in definite described local verification information and described authorization information, judge that described USBKEY is dangerous when inconsistent.
The invention provides a kind of safe verification method and system, USBKEY is according to preset encryption key, customer information is encrypted, generate authorization information, described USBKEY is sent to authentication server by described authorization information, for described authentication server, the fail safe of this USBKEY is verified, described authentication server receives the authorization information that USBKEY sends, according to described authorization information, fail safe to described USBKEY is verified, and when described USBKEY is dangerous, refuse as described USBKEY downloading digital certificate.The digital certificate of having realized based on security verification is downloaded, and has solved the problem of USBKEY digital certificate download mechanism poor stability.
Accompanying drawing explanation
Fig. 1 is the software and hardware frame structure schematic diagram in client;
Fig. 2 is the flow chart of a kind of safe verification method of providing of embodiments of the invention one;
Fig. 3 is the structural representation of a kind of security authentication systems of providing of embodiments of the invention two.
Embodiment
General digital certificate is downloaded in flow process, when downloadable authentication, if unauthorized personnel replaces " Security Middleware " by malice, can reach and redirect certificate storage medium, and then attack the object of internet banking system.In order to address the above problem, embodiments of the invention provide a kind of safe verification method and system, prevent digital certificate downloading/more the new stage is redirected storage medium (it is upper that digital certificate likely can not be downloaded to specific USBKEY, and download on other media).
In the technical scheme that embodiments of the invention provide, USBKEY built-in encryption key.This encryption key is also preserved portion at authentication server, and corresponding one by one with the unique identification (as equipment Serial Number) of USBKEY.
The effect of encryption key is customer information (as certificate PKI) the ciphertext output for encrypting USBKEY, and ciphering process completes in USBKEY inside.Encryption key does not go out USBKEY.
Downloading/and more during new authentication, internet banking system client can be initiated Generate Certificate request bag (as P10, CMC, P7, CSR etc.), public, the private key of Generate Certificate in USBKEY, and submit P10(or CMC, P7, CSR etc. to CA server) request; The authorization information ciphertext that the customer information (as certificate PKI) of use encryption keys USBKEY obtains represents with EPK, and submit authentication server to, authentication server finds corresponding USBKEY encryption key according to the unique identification of USBKEY (as equipment Serial Number), with this encryption key, customer information (as the certificate PKI in P10 request bag) being encrypted to the local verification information ciphertext obtaining represents with EPK1, compare EPK and EPK1, if unanimously, allow next flow process, be described USBKEY downloading digital certificate; If inconsistent, exit, guaranteed that the PKI in certificate request bag (as P10, CMC, P7, CSR etc.) produces in this USBKEY, prevent the outside public and private key application certificate producing.
Hereinafter in connection with accompanying drawing, embodiments of the invention are elaborated.It should be noted that, in the situation that not conflicting, the embodiment in the application and the feature in embodiment be combination in any mutually.
Below in conjunction with accompanying drawing, embodiments of the invention one are described.
The embodiment of the present invention provides a kind of safe verification method, prevent digital certificate downloading/more the new stage is redirected storage medium (digital certificate likely can not be downloaded on specific USBKEY, and download on other media), in client, increase " the anti-control of usurping ", at USBKEY built-in encryption key, by client and USBKEY combination.
The safe verification method that uses the embodiment of the present invention to provide, the digital certificate that completes high security is downloaded flow process as shown in Figure 2, comprising:
When USBKEY dispatches from the factory inside, the built-in encryption key that dispatches from the factory.Encryption key rule can be: key main body 16 byte check digit+7, byte+1 byte-identifier symbol+8 byte covers, specific as follows:
1, key main body 16 bytes: 16*8=128bit
2,1 byte check digit: use XOR, i.e. key main body the first byte and the second byte XOR, result and the 3rd byte XOR, until and the 16 byte XOR;
Check algorithm: first character and second character XOR in original cipher key, result and the 3rd character XOR, until and obtain final check code (1 byte) after last character XOR
3,7 byte-identifier symbols: be fixed as " COMMKEY ";
4, adopt PKCS#5 cover mode, at this, mend 88.
Give an example for one that is more than cipher mode, concrete enforcement can be not limited to this kind of rule.
In this step, before being sold to client, need to do customization to USBKEY, Ji Yong bank root key disperses client to specify the new encryption key (encryption key that must make new advances according to certain algorithm according to the root key of bank) of USBKEY, and new encryption key is poured in USBKEY and (refers to key and pour into principle).New encryption key is also preserved portion at authentication server.(each USBKEY acquiescence of the encryption key dispatching from the factory is the same, so will be revised as new encryption key while doing customization to bank)
Key pours into principle:
Use old key main body (16 byte) (using SM4 algorithm ECB mode) to encrypt whole new key (32 byte), during call function, input ciphertext; In KEY, use the old secret key decryption ciphertext having had, check check bit sum identifier, as correctly replaced old key main body by new key main body simultaneously.Ciphertext after encryption key (16 identifier+8, verification+7, main body+1 cover) is encrypted, is used the form of BASE64 to call tank cipher key interface.
In this step, USBKEY, after receiving the certificate request of client transmission, generates PKI and the private key of customer's certificate.And using the PKI of customer's certificate and as customer information.
Concrete, this certificate request bag is P10 request bag.The downloading page of internet banking system client is called Security Middleware (CSP) and is produced P10 request bag, produces public affairs, the private key of customer's certificate in USBKEY, usings PKI as customer information.
In this step, USBKEY submits P10 request to the authentication server of internet banking system service end, in this P10 request, carries customer information (as the PKI of customer's certificate).
Internet banking system client is by preventing usurping the PKI that control interface obtains the customer's certificate of USBKEY generation.
In this step, at USBKEY, download/more during new authentication, use encryption keys customer information (as the PKI of customer's certificate) to be verified information EPK.
In this step, USBKEY, after generating authorization information, can carry out security verification for described authentication server by this authorization information.
In this step, authentication server is initiatively initiated the security verification to USBKEY, obtains the authorization information EPK of this USBKEY.
In this step, authentication server finds corresponding encryption key according to the unique identification of USBKEY (as equipment Serial Number), with this encryption key, customer information (as the PKI of customer's certificate) is encrypted and is obtained local verification information EPK1.
The consistency of authentication server contrast EPK and EPK1, when definite described local verification information is consistent with described authorization information, described authentication server is judged described USBKEY safety, allows next flow process to continue downloadable authentication; In definite described local verification information and described authorization information, when inconsistent, described authentication server judges that described USBKEY is dangerous, exits certificate and downloads flow process.
Below in conjunction with accompanying drawing, embodiments of the invention two are described.
The embodiment of the present invention provides a kind of security authentication systems, and its structure as shown in Figure 3, comprising: authentication server 301 and USBKEY302;
Described USBKEY302, for according to preset encryption key, is encrypted customer information, generates authorization information, and described authorization information is offered to authentication server 301, for the fail safe of 301 couples of these USBKEY of described authentication server, verifies;
Described authentication server 301, for obtaining the authorization information of described USBKEY302, and according to described authorization information, verifies the fail safe of described USBKEY302, and when described USBKEY302 is dangerous, refusal is described USBKEY302 downloading digital certificate.
Preferential, in described authentication server 301 and described USBKEY302, be equipped with identical encryption key,, the unique identification corresponding preservation one by one of encryption key described in described authentication server 301 and described USBKEY302,
Described USBKEY302, also, for after receiving the certificate request bag of client transmission, generates described customer information, and described customer information is sent to described authentication server 301 via Security Middleware, request downloading digital certificate;
Described authentication server 301, specifically for extracting according to the unique identification of described USBKEY302 the encryption key that this USBKEY302 is corresponding, described customer information is encrypted, obtain local verification information, contrast the consistency of described local verification information and described authorization information, when definite described local verification information is consistent with described authorization information, judge described USBKEY302 safety, in definite described local verification information and described authorization information, judge that described USBKEY302 is dangerous when inconsistent.
Embodiments of the invention provide a kind of safe verification method and system, USBKEY is according to preset encryption key, customer information is encrypted, generate authorization information, described USBKEY is sent to authentication server by described authorization information, for described authentication server, the fail safe of this USBKEY is verified, described authentication server receives the authorization information that USBKEY sends, according to described authorization information, fail safe to described USBKEY is verified, and when described USBKEY is dangerous, refuse as described USBKEY downloading digital certificate.The digital certificate of having realized based on security verification is downloaded, and has solved the problem of USBKEY digital certificate download mechanism poor stability, guarantees that certificate downloads in safety means USBKEY.
The all or part of step that one of ordinary skill in the art will appreciate that above-described embodiment can realize by computer program flow process, described computer program can be stored in a computer-readable recording medium, described computer program (as system, unit, device etc.) on corresponding hardware platform is carried out, when carrying out, comprise step of embodiment of the method one or a combination set of.
Alternatively, all or part of step of above-described embodiment also can realize with integrated circuit, and these steps can be made into respectively integrated circuit modules one by one, or a plurality of modules in them or step are made into single integrated circuit module realize.Like this, the present invention is not restricted to any specific hardware and software combination.
Each device/functional module/functional unit in above-described embodiment can adopt general calculation element to realize, and they can concentrate on single calculation element, also can be distributed on the network that a plurality of calculation elements form.
The form of software function module of usining each device/functional module/functional unit in above-described embodiment realizes and during as production marketing independently or use, can be stored in a computer read/write memory medium.The above-mentioned computer read/write memory medium of mentioning can be read-only memory, disk or CD etc.
Anyly be familiar with those skilled in the art in the technical scope that the present invention discloses, can expect easily changing or replacing, within all should being encompassed in protection scope of the present invention.Therefore, protection scope of the present invention should be as the criterion with the protection range described in claim.
Claims (10)
1. a safe verification method, is characterized in that, comprising:
USBKEY, according to preset encryption key, is encrypted customer information, generates authorization information;
Described USBKEY offers authentication server by described authorization information, for described authentication server, the fail safe of this USBKEY is verified.
2. safe verification method according to claim 1, is characterized in that, the method also comprises:
Preset same encryption key in described USBKEY and described authentication server, the unique identification corresponding preservation one by one of encryption key described in described authentication server and described USBKEY.
3. safe verification method according to claim 2, is characterized in that, described USBKEY, according to preset encryption key, is encrypted customer information, before generating the step of authorization information, also comprises:
Described USBKEY, after receiving the certificate request bag of client transmission, generates described customer information;
Described USBKEY sends to described authentication server by described customer information via Security Middleware, request downloading digital certificate.
4. a safe verification method, is characterized in that, comprising:
Authentication server obtains the authorization information of USBKEY;
Described authentication server, according to described authorization information, is verified the fail safe of described USBKEY;
When described USBKEY is dangerous, described authentication server refusal is described USBKEY downloading digital certificate.
5. safe verification method according to claim 4, is characterized in that, described authentication server also comprises before obtaining the step of authorization information of USBKEY:
Described authentication server receives the digital certificate download request of the customer information of the described USBKEY generation of carrying of Security Middleware transmission.
6. safe verification method according to claim 5, is characterized in that, the method also comprises:
Preset same encryption key in described USBKEY and described authentication server, the unique identification corresponding preservation one by one of encryption key described in described authentication server and described USBKEY.
7. safe verification method according to claim 6, is characterized in that, described authentication server, according to described authorization information, is verified and comprised the fail safe of described USBKEY:
Described authentication server extracts according to the unique identification of described USBKEY the encryption key that this USBKEY is corresponding, and described customer information is encrypted, and obtains local verification information;
Described authentication server contrasts the consistency of described local verification information and described authorization information;
When definite described local verification information is consistent with described authorization information, described authentication server is judged described USBKEY safety;
In definite described local verification information and described authorization information, when inconsistent, described authentication server judges that described USBKEY is dangerous.
8. safe verification method according to claim 4, is characterized in that, the method also comprises:
When described USBKEY is safe, described authentication server is described USBKEY downloading digital certificate.
9. a security authentication systems, is characterized in that, comprising: authentication server and USBKEY;
Described USBKEY, for according to preset encryption key, is encrypted customer information, generates authorization information, and described authorization information is offered to authentication server, for described authentication server, the fail safe of this USBKEY is verified;
Described authentication server, for obtaining the authorization information of described USBKEY, and according to described authorization information, verifies the fail safe of described USBKEY, and when described USBKEY is dangerous, refusal is described USBKEY downloading digital certificate.
10. security authentication systems according to claim 9, is characterized in that, in described authentication server and described USBKEY, is equipped with identical encryption key,, the unique identification corresponding preservation one by one of encryption key described in described authentication server and described USBKEY,
Described USBKEY, also, for after receiving the certificate request bag of client transmission, generates described customer information, and described customer information is sent to described authentication server via Security Middleware, request downloading digital certificate;
Described authentication server, specifically for extracting according to the unique identification of described USBKEY the encryption key that this USBKEY is corresponding, described customer information is encrypted, obtain local verification information, contrast the consistency of described local verification information and described authorization information, when definite described local verification information is consistent with described authorization information, judge described USBKEY safety, in definite described local verification information and described authorization information, judge that described USBKEY is dangerous when inconsistent.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310495312.XA CN103516524A (en) | 2013-10-21 | 2013-10-21 | Security authentication method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310495312.XA CN103516524A (en) | 2013-10-21 | 2013-10-21 | Security authentication method and system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN103516524A true CN103516524A (en) | 2014-01-15 |
Family
ID=49898606
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201310495312.XA Pending CN103516524A (en) | 2013-10-21 | 2013-10-21 | Security authentication method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103516524A (en) |
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104283688A (en) * | 2014-10-11 | 2015-01-14 | 东软集团股份有限公司 | USB Key safety certification system and safety certification method |
| CN104980445A (en) * | 2015-07-02 | 2015-10-14 | 郑州悉知信息技术有限公司 | Communication verification method, apparatus, and system |
| CN105281908A (en) * | 2014-07-23 | 2016-01-27 | 阿里巴巴集团控股有限公司 | USB Key and USB Key digital certificate write-in method and device |
| CN105812136A (en) * | 2014-12-30 | 2016-07-27 | 北京握奇智能科技有限公司 | Update method, update system and security authentication device |
| CN106778933A (en) * | 2016-11-15 | 2017-05-31 | 浪潮(苏州)金融技术服务有限公司 | Device, the system and method for a kind of usbkey receptacles and granting usbkey |
| CN107705198A (en) * | 2017-03-24 | 2018-02-16 | 广东网金控股股份有限公司 | A kind of method and system for securely delivering U-shield |
| WO2018033017A1 (en) * | 2016-08-18 | 2018-02-22 | 福建联迪商用设备有限公司 | Terminal state conversion method and system for credit granting |
| CN108809982A (en) * | 2018-06-12 | 2018-11-13 | 飞天诚信科技股份有限公司 | It is a kind of that close authentication method and system is exempted from based on credible performing environment |
Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1801029A (en) * | 2004-12-31 | 2006-07-12 | 联想(北京)有限公司 | Method for generating digital certificate and applying the generated digital certificate |
| CN101005357A (en) * | 2006-12-28 | 2007-07-25 | 北京飞天诚信科技有限公司 | Method and system for updating certification key |
| CN101034423A (en) * | 2006-03-09 | 2007-09-12 | 福建省普集网络科技有限公司 | Method for unicity, accurate and quick locating logon web page on internet |
| CN101471770A (en) * | 2007-12-24 | 2009-07-01 | 毛华 | Method for determining inquiry answer type bidirectional identification and business, and encipher device applying the method |
| CN101594611A (en) * | 2009-06-29 | 2009-12-02 | 钱袋网(北京)信息技术有限公司 | The method of authentication and portable terminal, server and identity authorization system |
| CN101645889A (en) * | 2009-06-26 | 2010-02-10 | 北京飞天诚信科技有限公司 | Method for issuing digital certificate |
| CN101977193A (en) * | 2010-10-28 | 2011-02-16 | 北京飞天诚信科技有限公司 | Method and system for safely downloading certificate |
| CN102271042A (en) * | 2011-08-25 | 2011-12-07 | 北京神州绿盟信息安全科技股份有限公司 | Certificate authorization method, system, universal serial bus (USB) Key equipment and server |
| EP2585963A1 (en) * | 2010-06-28 | 2013-05-01 | Bundesdruckerei GmbH | Method for generating a certificate |
| CN103108327A (en) * | 2011-11-15 | 2013-05-15 | 中国移动通信集团公司 | Method, device and system of verification of safety association between terminal equipment and user card |
-
2013
- 2013-10-21 CN CN201310495312.XA patent/CN103516524A/en active Pending
Patent Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1801029A (en) * | 2004-12-31 | 2006-07-12 | 联想(北京)有限公司 | Method for generating digital certificate and applying the generated digital certificate |
| CN101034423A (en) * | 2006-03-09 | 2007-09-12 | 福建省普集网络科技有限公司 | Method for unicity, accurate and quick locating logon web page on internet |
| CN101005357A (en) * | 2006-12-28 | 2007-07-25 | 北京飞天诚信科技有限公司 | Method and system for updating certification key |
| CN101471770A (en) * | 2007-12-24 | 2009-07-01 | 毛华 | Method for determining inquiry answer type bidirectional identification and business, and encipher device applying the method |
| CN101645889A (en) * | 2009-06-26 | 2010-02-10 | 北京飞天诚信科技有限公司 | Method for issuing digital certificate |
| CN101594611A (en) * | 2009-06-29 | 2009-12-02 | 钱袋网(北京)信息技术有限公司 | The method of authentication and portable terminal, server and identity authorization system |
| EP2585963A1 (en) * | 2010-06-28 | 2013-05-01 | Bundesdruckerei GmbH | Method for generating a certificate |
| CN101977193A (en) * | 2010-10-28 | 2011-02-16 | 北京飞天诚信科技有限公司 | Method and system for safely downloading certificate |
| CN102271042A (en) * | 2011-08-25 | 2011-12-07 | 北京神州绿盟信息安全科技股份有限公司 | Certificate authorization method, system, universal serial bus (USB) Key equipment and server |
| CN103108327A (en) * | 2011-11-15 | 2013-05-15 | 中国移动通信集团公司 | Method, device and system of verification of safety association between terminal equipment and user card |
Cited By (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105281908A (en) * | 2014-07-23 | 2016-01-27 | 阿里巴巴集团控股有限公司 | USB Key and USB Key digital certificate write-in method and device |
| CN105281908B (en) * | 2014-07-23 | 2019-08-06 | 阿里巴巴集团控股有限公司 | USB Key, USB Key digital certificate wiring method and device |
| CN104283688A (en) * | 2014-10-11 | 2015-01-14 | 东软集团股份有限公司 | USB Key safety certification system and safety certification method |
| CN104283688B (en) * | 2014-10-11 | 2017-12-29 | 东软集团股份有限公司 | A kind of USBKey security certification systems and safety certifying method |
| CN105812136A (en) * | 2014-12-30 | 2016-07-27 | 北京握奇智能科技有限公司 | Update method, update system and security authentication device |
| CN104980445A (en) * | 2015-07-02 | 2015-10-14 | 郑州悉知信息技术有限公司 | Communication verification method, apparatus, and system |
| CN104980445B (en) * | 2015-07-02 | 2019-04-30 | 郑州悉知信息科技股份有限公司 | A kind of authentication method, apparatus and system |
| WO2018033017A1 (en) * | 2016-08-18 | 2018-02-22 | 福建联迪商用设备有限公司 | Terminal state conversion method and system for credit granting |
| CN106778933A (en) * | 2016-11-15 | 2017-05-31 | 浪潮(苏州)金融技术服务有限公司 | Device, the system and method for a kind of usbkey receptacles and granting usbkey |
| CN107705198A (en) * | 2017-03-24 | 2018-02-16 | 广东网金控股股份有限公司 | A kind of method and system for securely delivering U-shield |
| CN108809982A (en) * | 2018-06-12 | 2018-11-13 | 飞天诚信科技股份有限公司 | It is a kind of that close authentication method and system is exempted from based on credible performing environment |
| CN108809982B (en) * | 2018-06-12 | 2020-10-27 | 飞天诚信科技股份有限公司 | Secret-free authentication method and system based on trusted execution environment |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| AU2021203184B2 (en) | Transaction messaging | |
| US9838205B2 (en) | Network authentication method for secure electronic transactions | |
| TWI715537B (en) | Encryption machine key injection system, method and device based on cloud environment | |
| US8468361B2 (en) | System and method for securely provisioning and generating one-time-passwords in a remote device | |
| CN103516524A (en) | Security authentication method and system | |
| KR102177848B1 (en) | Method and system for verifying an access request | |
| CN110401615B (en) | Identity authentication method, device, equipment, system and readable storage medium | |
| CN110677418A (en) | Trusted voiceprint authentication method and device, electronic equipment and storage medium | |
| CN108768963B (en) | Communication method and system of trusted application and secure element | |
| EP2728908B1 (en) | Telecommunications chip card | |
| CN103546289A (en) | USB (universal serial bus) Key based secure data transmission method and system | |
| EP2908493B1 (en) | Secure communication systems | |
| CN107104795B (en) | Method, framework and system for injecting RSA key pair and certificate | |
| CN111131416A (en) | Business service providing method and device, storage medium and electronic device | |
| CN114244508B (en) | Data encryption method, device, equipment and storage medium | |
| CN108768941B (en) | Method and device for remotely unlocking safety equipment | |
| CN111241492A (en) | Product multi-tenant secure credit granting method, system and electronic equipment | |
| JP2016012902A (en) | Electronic data utilization system, portable terminal device, and method for electronic data utilization system | |
| KR101616795B1 (en) | Method for manage private key file of public key infrastructure and system thereof | |
| KR102053993B1 (en) | Method for Authenticating by using Certificate | |
| CN112311534A (en) | Method for generating asymmetric algorithm key pair | |
| KR20130100032A (en) | Method for distributting smartphone application by using code-signing scheme | |
| Kiljan et al. | What you enter is what you sign: Input integrity in an online banking environment | |
| CN116250209A (en) | Data management and encryption in a distributed computing system | |
| KR20170092992A (en) | User authentication apparatus and method thereof |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20140115 |
|
| RJ01 | Rejection of invention patent application after publication |