CN104052713A - Novel network trust guarantee service method and device - Google Patents
Novel network trust guarantee service method and device Download PDFInfo
- Publication number
- CN104052713A CN104052713A CN201310076690.4A CN201310076690A CN104052713A CN 104052713 A CN104052713 A CN 104052713A CN 201310076690 A CN201310076690 A CN 201310076690A CN 104052713 A CN104052713 A CN 104052713A
- Authority
- CN
- China
- Prior art keywords
- digital certificate
- network trust
- application
- certificate
- network
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Landscapes
- Telephonic Communication Services (AREA)
Abstract
With the increase popularity of network trust guarantee service demands, a current network trust service system which is based mainly on CA digital certificates, is incapable of meeting demands of cyberspace infrastructures because of high-complexity and high-cost demands on users. The novel network trust guarantee service method and device are based on a digital certificate technology and combine organically with other technical means such as account password, handset text message random code, dynamic password, biological characteristics and robot characteristics and the like so that the novel network trust guarantee service method and device independent of a specific CA mechanism are provided through a cloud computation framework and cloud service method and thus a basic problem, which is faced when network trust guarantee is used as a cyberspace infrastructure, is solved from angles of technology, service and market so that the method and device have important significance on deep development of cyberspace.
Description
[technical field]
The invention provides a kind of novel network trust and ensure method of servicing and device, the method and device breakthrough existing network are trusted the limitation of the service of guarantee, with cloud computing framework and cloud service mode, serve for application system provides omnibearing network trust to ensure.
[background technology]
Current network trust guarantee service system is served comparatively architecture with CA digital certificate, other have all just solved indivedual links such as user's login trust problem modes such as account/password, SMS random code, dynamic password, biological characteristic, machine characteristic, is far from solving the network trust relevant issues, data privacy false proof including identity, data integrity and resisting denying etc.
But, in the face of current Cyberspace ensures that for network trust the demand of service is more prevalent, existing CA digital certificate service mode contradiction between application technology complexity, application cost economy, use habit convenience and its strong security, directly cause current CA digital certificate service range of application to be confined to a few high-end applications such as finance, government, telecommunications, most of internet, applications still adopts the technological means of weak security intensity such as traditional account password, dynamic password etc. to solve network trust problem.
The present invention, taking digital certificate technique as basis, organically combines other network trust safeguards techniques such as account password, SMS random code, dynamic password, biological characteristic, machine characteristic; Be independent of concrete CA mechanism; With cloud computing framework and cloud service mode, for providing secure and trusted, economic convenient, blanket comprehensive network trust, application system ensures service.
The present invention is that a kind of novel network trust ensures method of servicing and corresponding intrument thereof, it is characterized in that: the novel method and the device that organically combine by digital certificate technique and other network trust safeguards techniques, ensureing, under the prerequisite of digital certificate technique security intensity and security system, to reduce the technical threshold of digital certificate application; Support dock with one or more CA mechanism simultaneously, and can the switching between canbe used on line difference CA structures at any time under user mourns in silence situation; By cloud computing technology and cloud service method, solving Cyberspace needs, with, distribution according to need, the needs of charging according to quantity, to have reduced Financial cost and the construction period of digital certificate application to network trust supportability resource.Triplicity, from the angle in technology, service, market, fundamentally innovation solves the problem that network trust guarantee faces as Cyberspace public infrastructure.
[summary of the invention]
The present invention is that a kind of novel network trust ensures method of servicing and device, it is characterized in that: the novel method and the device that organically combine by digital certificate technique and other network trust safeguards techniques, ensureing, under the prerequisite of digital certificate technique security intensity and security system, to reduce the technical threshold of digital certificate application; Support dock with one or more CA mechanism, and can the switching between canbe used on line difference CA structures at any time under user mourns in silence situation simultaneously, avoid the dependence of certificate application main body to concrete CA mechanism, contribute to eliminate industry and administrative region barrier; By network trust cloud computing technology and cloud service method, solve Cyberspace to network trust Support Resource dynamic assignment, service need with, use as required, the needs of charging according to quantity, reduced Financial cost and the construction period of digital certificate application.Triplicity, fundamentally innovation has solved the problem that network trust guarantee faces as Cyberspace public infrastructure.
Concrete summary of the invention is as follows:
1. a novel digital certificate application process.It is characterized in that: digital certificate user entrusts apparatus of the present invention generating digital certificate key pair; Digital certificate user entrusts apparatus of the present invention proxy user to initiate application, maintenance, preservation and the use of digital certificate to docked CA mechanism; Apparatus of the present invention ensure the secure and trusted of process by certain security strategy, and the right safety of certificate key is preserved; Digital certificate user entrusts apparatus of the present invention to act on behalf of it provides digital certificate about application power services such as identity reality, data integrity, data privacy and resisting denyings, and single factor or the Multifactor Combination identification authentication mode of other modes such as account password by including but not limited to, note random code, dynamic password, biological characteristic, machine characteristic, to hosted certificate, key to and application power carry out strict access control.Realize thus and ensureing under the prerequisite of digital certificate technique security intensity and security system, organically combine by digital certificate technique and other network trust safeguards techniques, learn from other's strong points to offset one's weaknesses, when reducing the technical threshold of digital certificate application, take into account user's use habit and the upgrading difficulty of application system;
2. the embodiment of a novel digital certificate method of servicing.It is characterized in that: under the prerequisite of following relevant laws and regulations of the state, according to certain rule, apparatus of the present invention are docked with one or more CA mechanism simultaneously, user can independently select by apparatus of the present invention the cert services of different CA mechanism; Apparatus of the present invention user oriented provides and comprises the application of digital certificate, the whole number cert services function of upgrading, freeze, nullify, issue, inquiring about; Apparatus of the present invention are supported in user's switching between the different CA structures of canbe used on line at any time in situation of mourning in silence.Realize thus the independence of certificate application main body, avoid the dependence to concrete CA mechanism, contribute to eliminate the ubiquitous industry of network trust service field and administrative region barrier simultaneously;
3. a novel network trust ensures cloud service method.It is characterized in that: ensureing, under safe and reliable prerequisite, by cloud computing technology, to realize the shared interconnected and real-time dynamic assignment of the network trust capability resource in network; Network trust capability resource includes but not limited to the software and hardwares such as encryption equipment, USBkey, signature sign test server, certificate server/gateway, authorization server, CA system, PMI server; Realize thus to the scheduling of network trust supportability resource dynamic, need i.e. use, distribution according to need, the cloud service of charging according to quantity.
4. a new network is trusted guarantee service unit.It is characterized in that: trust and ensure Cloud Server and cloud client by ad-hoc networks, coordinate realize above-mentioned 1,2, one or more in 3 kind of method, ensure service for application system provides network trust.This contrive equipment is not limited by concrete formalness, can be stand alone software form, software package form, separate hardware form, embedded hardware assembly form or other forms.
[brief description of the drawings]
A kind of novel network trust of brief description of the drawings ensures the embodiment example of method of servicing and device.
Abbreviation annotation in accompanying drawing: NTCS represents the cloud service part of inventive method and device; AP represents the application system that invention is supported;
CC represents the cloud client of inventive method and device; DE represents the equipment that the present invention supports;
CA represents electronic identification system; T represents the user terminal that the present invention supports;
The procedure declaration of this section and lower joint, just for example principle of the present invention, does not represent unique execution mode of the present invention, as long as spirit according to the invention is all considered as within right expression scope of the presently claimed invention.
[embodiment]
1. the embodiment example of a novel digital certificate application process:
1) digital certificate user entrusts apparatus of the present invention generating digital certificate key pair;
2) digital certificate user entrusts apparatus of the present invention proxy user to initiate application, maintenance, preservation and the use of digital certificate to docked CA mechanism;
3) apparatus of the present invention ensure the secure and trusted of process by certain security strategy, and the right safety of certificate key is preserved;
4) digital certificate user entrusts apparatus of the present invention to act on behalf of it provides digital certificate about application power services such as identity reality, data integrity, data privacy and resisting denyings, and single factor or the Multifactor Combination identification authentication mode of other modes such as account password by including but not limited to, note random code, dynamic password, biological characteristic, machine characteristic, to hosted certificate, key to and application power carry out strict access control.
Realize thus and ensureing under the prerequisite of digital certificate technique security intensity and security system, organically combine by digital certificate technique and other network trust safeguards techniques, learn from other's strong points to offset one's weaknesses, when reducing the technical threshold of digital certificate application, take into account user's use habit and the upgrading difficulty of application system;
2. the embodiment example of a novel digital certificate method of servicing:
1) under the prerequisite of following relevant laws and regulations of the state, according to certain rule, apparatus of the present invention are docked with one or more CA mechanism simultaneously, and user can independently select by apparatus of the present invention the cert services of different CA mechanism;
2) apparatus of the present invention user oriented provides and comprises the application of digital certificate, the whole number cert services function of upgrading, freeze, nullify, issue, inquiring about;
3) apparatus of the present invention are supported in user's switching between the different CA structures of canbe used on line at any time in situation of mourning in silence.
Realize thus the independence of certificate application main body, avoid the dependence to concrete CA mechanism, contribute to eliminate the ubiquitous industry of network trust service field and administrative region barrier simultaneously;
3. the embodiment example of a novel network trust guarantee cloud service method:
1) ensureing, under safe and reliable prerequisite, by cloud computing technology, to realize the shared interconnected and real-time dynamic assignment of the network trust capability resource in network;
2) network trust capability resource includes but not limited to the software and hardwares such as encryption equipment, USBkey, signature sign test server, certificate server/gateway, authorization server, CA system, PMI server;
Realize thus to the scheduling of network trust supportability resource dynamic, need i.e. use, distribution according to need, the cloud service of charging according to quantity.
4. a new network is trusted the embodiment example that ensures service unit:
Trust and ensure Cloud Server and cloud client by ad-hoc networks, coordinate realize above-mentioned 1,2, one or more in 3 kind of method, ensure service for application system provides network trust.This contrive equipment is not limited by concrete formalness, can be stand alone software form, software package form, separate hardware form, embedded hardware assembly form or other forms.
Claims (4)
1. a novel digital certificate application process, it is characterized in that: digital certificate user entrusts third party's generating digital certificate key pair, and entrust application, maintenance, preservation and the use of its digital certificate, third party ensures the secure and trusted of process by certain security strategy, and the right safety of certificate key is preserved; User entrusts its certificate of third party's trustship about application powers such as identity reality, data integrity, data privacy and resisting denyings, and single factor or the Multifactor Combination identification authentication mode of other modes such as account password by including but not limited to, note random code, dynamic password, biological characteristic, machine characteristic, to hosted certificate, key to and application power carry out strict access control.Thus, ensureing under the prerequisite of digital certificate technique security intensity and security system, organically combine by digital certificate technique and other network trust safeguards techniques, learn from other's strong points to offset one's weaknesses, when reducing the technical threshold of digital certificate application, take into account user's use habit and the upgrading difficulty of application system.
2. a novel digital certificate method of servicing, it is characterized in that: under the prerequisite of following relevant laws and regulations of the state, according to certain rule, dock with one or more CA mechanism simultaneously, the user oriented different CA mechanism that provides support, the whole number cert services function of include but not limited to certificate request, upgrade, freeze, nullify, issue, inquiring about, and can the switching between the different CA structures of canbe used on line at any time under user mourns in silence situation.
3. a novel network trust ensures cloud service method, it is characterized in that: ensureing under safe and reliable prerequisite, pass through cloud computing technology, realize the shared interconnected and real-time dynamic assignment of the network trust capability resource in network, solving Cyberspace shares network trust supportability resources interaction, dynamic dispatching, need to use, distribution according to need, the needs of charging according to quantity, wherein network trust capability resource includes but not limited to encryption equipment, USBkey, signature sign test server, certificate server/gateway, authorization server, CA system, the software and hardwares such as PMI server.
4. new network is trusted and is ensured a service unit, it is characterized in that: by special equipment, realize one or more in right 1,2,3 said methods, ensure service for application system provides network trust; This contrive equipment is not limited by concrete formalness, can be stand alone software form, software package form, separate hardware form, embedded hardware assembly form or other forms.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310076690.4A CN104052713A (en) | 2013-03-11 | 2013-03-11 | Novel network trust guarantee service method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310076690.4A CN104052713A (en) | 2013-03-11 | 2013-03-11 | Novel network trust guarantee service method and device |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN104052713A true CN104052713A (en) | 2014-09-17 |
Family
ID=51505086
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201310076690.4A Pending CN104052713A (en) | 2013-03-11 | 2013-03-11 | Novel network trust guarantee service method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104052713A (en) |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105407007A (en) * | 2015-12-18 | 2016-03-16 | 内蒙古农业大学 | Method for credibly collaborating and optimizing complex network and service network based on multiple cloud computing characteristics |
| CN106302352A (en) * | 2015-06-05 | 2017-01-04 | 上海铠射信息科技有限公司 | A kind of method and apparatus of new digital certificate application |
| CN109981662A (en) * | 2019-03-31 | 2019-07-05 | 西安电子科技大学 | A kind of safe communication system and method |
| CN110463160A (en) * | 2017-04-03 | 2019-11-15 | 微软技术许可有限责任公司 | Elastic public key infrastructure for cloud computing |
| CN111953493A (en) * | 2019-05-16 | 2020-11-17 | 上海铠射信息科技有限公司 | Novel portable digital certificate application method and device |
| CN117574448A (en) * | 2024-01-16 | 2024-02-20 | 确信信息股份有限公司 | Event-based electronic signature method, system, medium and equipment |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102075808A (en) * | 2011-01-25 | 2011-05-25 | 四川长虹电器股份有限公司 | Method for realizing multi-conditional access (CA) coexistence in set top box |
| CN102630060A (en) * | 2012-03-21 | 2012-08-08 | 浪潮(山东)电子信息有限公司 | Multi-media business safety method |
| CN202455386U (en) * | 2011-12-13 | 2012-09-26 | 杭州晟元芯片技术有限公司 | Safety system for cloud storage |
| CN102710605A (en) * | 2012-05-08 | 2012-10-03 | 重庆大学 | Information security management and control method under cloud manufacturing environment |
-
2013
- 2013-03-11 CN CN201310076690.4A patent/CN104052713A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102075808A (en) * | 2011-01-25 | 2011-05-25 | 四川长虹电器股份有限公司 | Method for realizing multi-conditional access (CA) coexistence in set top box |
| CN202455386U (en) * | 2011-12-13 | 2012-09-26 | 杭州晟元芯片技术有限公司 | Safety system for cloud storage |
| CN102630060A (en) * | 2012-03-21 | 2012-08-08 | 浪潮(山东)电子信息有限公司 | Multi-media business safety method |
| CN102710605A (en) * | 2012-05-08 | 2012-10-03 | 重庆大学 | Information security management and control method under cloud manufacturing environment |
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106302352A (en) * | 2015-06-05 | 2017-01-04 | 上海铠射信息科技有限公司 | A kind of method and apparatus of new digital certificate application |
| CN105407007A (en) * | 2015-12-18 | 2016-03-16 | 内蒙古农业大学 | Method for credibly collaborating and optimizing complex network and service network based on multiple cloud computing characteristics |
| CN105407007B (en) * | 2015-12-18 | 2019-01-11 | 内蒙古农业大学 | The credible collaboration of complex network service network and optimization method based on cloud computing multiple features |
| CN110463160A (en) * | 2017-04-03 | 2019-11-15 | 微软技术许可有限责任公司 | Elastic public key infrastructure for cloud computing |
| CN109981662A (en) * | 2019-03-31 | 2019-07-05 | 西安电子科技大学 | A kind of safe communication system and method |
| CN111953493A (en) * | 2019-05-16 | 2020-11-17 | 上海铠射信息科技有限公司 | Novel portable digital certificate application method and device |
| CN117574448A (en) * | 2024-01-16 | 2024-02-20 | 确信信息股份有限公司 | Event-based electronic signature method, system, medium and equipment |
| CN117574448B (en) * | 2024-01-16 | 2024-04-09 | 确信信息股份有限公司 | Event-based electronic signature method, system, medium and equipment |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Hsu et al. | Reconfigurable security: Edge-computing-based framework for IoT | |
| WO2022206349A1 (en) | Information verification method, related apparatus, device, and storage medium | |
| CN108390851B (en) | Safe remote control system and method for industrial equipment | |
| US9185115B2 (en) | Secure access using location-based encrypted authorization | |
| KR102117584B1 (en) | Local device authentication | |
| EP3661120A1 (en) | Method and apparatus for security authentication | |
| EP2391083B1 (en) | Method for realizing authentication center and authentication system | |
| CN104052713A (en) | Novel network trust guarantee service method and device | |
| US9736130B1 (en) | Communications methods and apparatus related to web initiated sessions | |
| JP2015526776A (en) | Communication session transfer between devices | |
| CN103947176A (en) | Network-assisted peer-to-peer secure communication establishment | |
| WO2017042023A1 (en) | Method of managing credentials in a server and a client system | |
| CN107634973B (en) | Service interface safe calling method | |
| KR20220160549A (en) | Cluster access method, apparatus, electronic equipment and media | |
| CN103312691A (en) | Method and system for authenticating and accessing cloud platform | |
| Chang et al. | User authentication in cloud computing | |
| CN102685749A (en) | Wireless safety authentication method orienting to mobile terminal | |
| CN109362074A (en) | The method of h5 and server-side safety communication in a kind of mixed mode APP | |
| CN113949566B (en) | Resource access method, device, electronic equipment and medium | |
| CN109587100A (en) | A kind of cloud computing platform user authentication process method and system | |
| CN105577377A (en) | Identity-based authentication method and identity-based authentication system with secret key negotiation | |
| CN114760071B (en) | Zero-knowledge proof based cross-domain digital certificate management method, system and medium | |
| WO2019085311A1 (en) | Method, apparatus and device for secure interconnection between virtual private clouds of cloud platform, and storage medium | |
| CN109150915A (en) | A kind of method trusted each other between mist calculate node | |
| EP3664363B1 (en) | Device and method for processing public key of user in communication system that includes a plurality of nodes |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| DD01 | Delivery of document by public notice |
Addressee: Li Hua Document name: the First Notification of an Office Action |
|
| DD01 | Delivery of document by public notice | ||
| DD01 | Delivery of document by public notice |
Addressee: Li Hua Document name: Notification that Application Deemed to be Withdrawn |
|
| DD01 | Delivery of document by public notice | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20140917 |
|
| WD01 | Invention patent application deemed withdrawn after publication |